parent
67bf88b629
commit
0b6c743f01
|
@ -0,0 +1,286 @@
|
|||
-- Copyright (C) 2015 Daniel Otte <bg@nerilex.org>
|
||||
--
|
||||
-- This program is free software: you can redistribute it and/or modify
|
||||
-- it under the terms of the GNU General Public License as published by
|
||||
-- the Free Software Foundation, either version 3 of the License, or
|
||||
-- (at your option) any later version.
|
||||
--
|
||||
-- This program is distributed in the hope that it will be useful,
|
||||
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-- GNU General Public License for more details.
|
||||
--
|
||||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
package body AES is
|
||||
|
||||
Sbox : constant array (u8 range 0 .. 255) of u8 := (
|
||||
16#63#, 16#7c#, 16#77#, 16#7b#, 16#f2#, 16#6b#, 16#6f#, 16#c5#, 16#30#, 16#01#, 16#67#, 16#2b#, 16#fe#, 16#d7#, 16#ab#, 16#76#,
|
||||
16#ca#, 16#82#, 16#c9#, 16#7d#, 16#fa#, 16#59#, 16#47#, 16#f0#, 16#ad#, 16#d4#, 16#a2#, 16#af#, 16#9c#, 16#a4#, 16#72#, 16#c0#,
|
||||
16#b7#, 16#fd#, 16#93#, 16#26#, 16#36#, 16#3f#, 16#f7#, 16#cc#, 16#34#, 16#a5#, 16#e5#, 16#f1#, 16#71#, 16#d8#, 16#31#, 16#15#,
|
||||
16#04#, 16#c7#, 16#23#, 16#c3#, 16#18#, 16#96#, 16#05#, 16#9a#, 16#07#, 16#12#, 16#80#, 16#e2#, 16#eb#, 16#27#, 16#b2#, 16#75#,
|
||||
16#09#, 16#83#, 16#2c#, 16#1a#, 16#1b#, 16#6e#, 16#5a#, 16#a0#, 16#52#, 16#3b#, 16#d6#, 16#b3#, 16#29#, 16#e3#, 16#2f#, 16#84#,
|
||||
16#53#, 16#d1#, 16#00#, 16#ed#, 16#20#, 16#fc#, 16#b1#, 16#5b#, 16#6a#, 16#cb#, 16#be#, 16#39#, 16#4a#, 16#4c#, 16#58#, 16#cf#,
|
||||
16#d0#, 16#ef#, 16#aa#, 16#fb#, 16#43#, 16#4d#, 16#33#, 16#85#, 16#45#, 16#f9#, 16#02#, 16#7f#, 16#50#, 16#3c#, 16#9f#, 16#a8#,
|
||||
16#51#, 16#a3#, 16#40#, 16#8f#, 16#92#, 16#9d#, 16#38#, 16#f5#, 16#bc#, 16#b6#, 16#da#, 16#21#, 16#10#, 16#ff#, 16#f3#, 16#d2#,
|
||||
16#cd#, 16#0c#, 16#13#, 16#ec#, 16#5f#, 16#97#, 16#44#, 16#17#, 16#c4#, 16#a7#, 16#7e#, 16#3d#, 16#64#, 16#5d#, 16#19#, 16#73#,
|
||||
16#60#, 16#81#, 16#4f#, 16#dc#, 16#22#, 16#2a#, 16#90#, 16#88#, 16#46#, 16#ee#, 16#b8#, 16#14#, 16#de#, 16#5e#, 16#0b#, 16#db#,
|
||||
16#e0#, 16#32#, 16#3a#, 16#0a#, 16#49#, 16#06#, 16#24#, 16#5c#, 16#c2#, 16#d3#, 16#ac#, 16#62#, 16#91#, 16#95#, 16#e4#, 16#79#,
|
||||
16#e7#, 16#c8#, 16#37#, 16#6d#, 16#8d#, 16#d5#, 16#4e#, 16#a9#, 16#6c#, 16#56#, 16#f4#, 16#ea#, 16#65#, 16#7a#, 16#ae#, 16#08#,
|
||||
16#ba#, 16#78#, 16#25#, 16#2e#, 16#1c#, 16#a6#, 16#b4#, 16#c6#, 16#e8#, 16#dd#, 16#74#, 16#1f#, 16#4b#, 16#bd#, 16#8b#, 16#8a#,
|
||||
16#70#, 16#3e#, 16#b5#, 16#66#, 16#48#, 16#03#, 16#f6#, 16#0e#, 16#61#, 16#35#, 16#57#, 16#b9#, 16#86#, 16#c1#, 16#1d#, 16#9e#,
|
||||
16#e1#, 16#f8#, 16#98#, 16#11#, 16#69#, 16#d9#, 16#8e#, 16#94#, 16#9b#, 16#1e#, 16#87#, 16#e9#, 16#ce#, 16#55#, 16#28#, 16#df#,
|
||||
16#8c#, 16#a1#, 16#89#, 16#0d#, 16#bf#, 16#e6#, 16#42#, 16#68#, 16#41#, 16#99#, 16#2d#, 16#0f#, 16#b0#, 16#54#, 16#bb#, 16#16#
|
||||
);
|
||||
|
||||
InvSbox : constant array (u8 range 0 .. 255) of u8 := (
|
||||
16#52#, 16#09#, 16#6a#, 16#d5#, 16#30#, 16#36#, 16#a5#, 16#38#, 16#bf#, 16#40#, 16#a3#, 16#9e#, 16#81#, 16#f3#, 16#d7#, 16#fb#,
|
||||
16#7c#, 16#e3#, 16#39#, 16#82#, 16#9b#, 16#2f#, 16#ff#, 16#87#, 16#34#, 16#8e#, 16#43#, 16#44#, 16#c4#, 16#de#, 16#e9#, 16#cb#,
|
||||
16#54#, 16#7b#, 16#94#, 16#32#, 16#a6#, 16#c2#, 16#23#, 16#3d#, 16#ee#, 16#4c#, 16#95#, 16#0b#, 16#42#, 16#fa#, 16#c3#, 16#4e#,
|
||||
16#08#, 16#2e#, 16#a1#, 16#66#, 16#28#, 16#d9#, 16#24#, 16#b2#, 16#76#, 16#5b#, 16#a2#, 16#49#, 16#6d#, 16#8b#, 16#d1#, 16#25#,
|
||||
16#72#, 16#f8#, 16#f6#, 16#64#, 16#86#, 16#68#, 16#98#, 16#16#, 16#d4#, 16#a4#, 16#5c#, 16#cc#, 16#5d#, 16#65#, 16#b6#, 16#92#,
|
||||
16#6c#, 16#70#, 16#48#, 16#50#, 16#fd#, 16#ed#, 16#b9#, 16#da#, 16#5e#, 16#15#, 16#46#, 16#57#, 16#a7#, 16#8d#, 16#9d#, 16#84#,
|
||||
16#90#, 16#d8#, 16#ab#, 16#00#, 16#8c#, 16#bc#, 16#d3#, 16#0a#, 16#f7#, 16#e4#, 16#58#, 16#05#, 16#b8#, 16#b3#, 16#45#, 16#06#,
|
||||
16#d0#, 16#2c#, 16#1e#, 16#8f#, 16#ca#, 16#3f#, 16#0f#, 16#02#, 16#c1#, 16#af#, 16#bd#, 16#03#, 16#01#, 16#13#, 16#8a#, 16#6b#,
|
||||
16#3a#, 16#91#, 16#11#, 16#41#, 16#4f#, 16#67#, 16#dc#, 16#ea#, 16#97#, 16#f2#, 16#cf#, 16#ce#, 16#f0#, 16#b4#, 16#e6#, 16#73#,
|
||||
16#96#, 16#ac#, 16#74#, 16#22#, 16#e7#, 16#ad#, 16#35#, 16#85#, 16#e2#, 16#f9#, 16#37#, 16#e8#, 16#1c#, 16#75#, 16#df#, 16#6e#,
|
||||
16#47#, 16#f1#, 16#1a#, 16#71#, 16#1d#, 16#29#, 16#c5#, 16#89#, 16#6f#, 16#b7#, 16#62#, 16#0e#, 16#aa#, 16#18#, 16#be#, 16#1b#,
|
||||
16#fc#, 16#56#, 16#3e#, 16#4b#, 16#c6#, 16#d2#, 16#79#, 16#20#, 16#9a#, 16#db#, 16#c0#, 16#fe#, 16#78#, 16#cd#, 16#5a#, 16#f4#,
|
||||
16#1f#, 16#dd#, 16#a8#, 16#33#, 16#88#, 16#07#, 16#c7#, 16#31#, 16#b1#, 16#12#, 16#10#, 16#59#, 16#27#, 16#80#, 16#ec#, 16#5f#,
|
||||
16#60#, 16#51#, 16#7f#, 16#a9#, 16#19#, 16#b5#, 16#4a#, 16#0d#, 16#2d#, 16#e5#, 16#7a#, 16#9f#, 16#93#, 16#c9#, 16#9c#, 16#ef#,
|
||||
16#a0#, 16#e0#, 16#3b#, 16#4d#, 16#ae#, 16#2a#, 16#f5#, 16#b0#, 16#c8#, 16#eb#, 16#bb#, 16#3c#, 16#83#, 16#53#, 16#99#, 16#61#,
|
||||
16#17#, 16#2b#, 16#04#, 16#7e#, 16#ba#, 16#77#, 16#d6#, 16#26#, 16#e1#, 16#69#, 16#14#, 16#63#, 16#55#, 16#21#, 16#0c#, 16#7d#
|
||||
);
|
||||
|
||||
rcon : constant u8_Array(1 .. 10) := (
|
||||
16#01#, 16#02#, 16#04#, 16#08#, 16#10#, 16#20#, 16#40#, 16#80#, 16#1b#, 16#36#
|
||||
);
|
||||
|
||||
function gf256mul(a, b : u8) return u8 is
|
||||
r : u8 := 0;
|
||||
t1 : u8 := a;
|
||||
t2 : u8 := b;
|
||||
f : boolean;
|
||||
begin
|
||||
for i in 1 .. 8 loop
|
||||
if (t1 and 1) = 1 then
|
||||
r := r xor t2;
|
||||
end if;
|
||||
t1 := Shift_Right(t1, 1);
|
||||
f := (t2 and 16#80#) = 16#80#;
|
||||
t2 := Shift_Left(t2, 1);
|
||||
if f then
|
||||
t2 := t2 xor polynom;
|
||||
end if;
|
||||
end loop;
|
||||
return r;
|
||||
end gf256mul;
|
||||
|
||||
function RotWord(A : u8_Array) return u8_Array is
|
||||
begin
|
||||
return Rotate_be(A, 8);
|
||||
end RotWord;
|
||||
|
||||
procedure SubArray(A : in out u8_Array) is
|
||||
begin
|
||||
for i in A'Range loop
|
||||
A(i) := Sbox(A(i));
|
||||
end loop;
|
||||
end SubArray;
|
||||
|
||||
procedure InvSubArray(A : in out u8_Array) is
|
||||
begin
|
||||
for i in A'Range loop
|
||||
A(i) := InvSbox(A(i));
|
||||
end loop;
|
||||
end InvSubArray;
|
||||
|
||||
procedure Initialize_Generic(Key : in T_In; Context : out T_Out) is
|
||||
w : u8_Array(1 .. Context.Roundkeys'Length * RoundKey_T'Length);
|
||||
temp : u8_Array(1 .. 4);
|
||||
Nk : constant Integer := Key'Length / 4;
|
||||
k : Integer range rcon'First .. rcon'Last + 1 := 1;
|
||||
j : Integer range w'First .. w'Last + 1 := 1;
|
||||
begin
|
||||
w(1 .. Key'Length) := u8_Array(Key);
|
||||
for i in 1 + Key'Length / 4 .. Context.RoundKeys'Length * RoundKey_T'Length / 4 loop
|
||||
temp := w((i - 1) * 4 - 3 .. (i - 1) * 4);
|
||||
if (i - 1) mod Nk = 0 then
|
||||
temp := RotWord(temp);
|
||||
SubArray(temp);
|
||||
temp(1) := temp(1) xor rcon(k);
|
||||
k := k + 1;
|
||||
else if Nk > 6 and then (i - 1) mod Nk = 4 then
|
||||
SubArray(temp);
|
||||
end if;
|
||||
end if;
|
||||
temp := temp xor w((i - Nk) * 4 - 3 .. (i - Nk) * 4);
|
||||
w(i * 4 - 3 .. i * 4) := temp;
|
||||
end loop;
|
||||
for i in Context.RoundKeys'Range loop
|
||||
Context.RoundKeys(i) := RoundKey_T(w(j .. j + RoundKey_T'Length - 1));
|
||||
j := j + RoundKey_T'Length;
|
||||
end loop;
|
||||
end Initialize_Generic;
|
||||
|
||||
procedure Initialize_priv is new Initialize_Generic(T_In => Key_128, T_Out => Context_128);
|
||||
procedure Initialize_priv is new Initialize_Generic(T_In => Key_192, T_Out => Context_192);
|
||||
procedure Initialize_priv is new Initialize_Generic(T_In => Key_256, T_Out => Context_256);
|
||||
|
||||
procedure Initialize(Key : in Key_128; Context : out Context_128) is
|
||||
begin
|
||||
Initialize_priv(Key, Context);
|
||||
end Initialize;
|
||||
|
||||
procedure Initialize(Key : in Key_192; Context : out Context_192) is
|
||||
begin
|
||||
Initialize_priv(Key, Context);
|
||||
end Initialize;
|
||||
|
||||
procedure Initialize(Key : in Key_256; Context : out Context_256) is
|
||||
begin
|
||||
Initialize_priv(Key, Context);
|
||||
end Initialize;
|
||||
|
||||
procedure ShiftColumns(Block : in out Block_128_Bit) is
|
||||
temp : u8;
|
||||
begin
|
||||
temp := Block( 2);
|
||||
Block( 2) := Block( 6);
|
||||
Block( 6) := Block(10);
|
||||
Block(10) := Block(14);
|
||||
Block(14) := temp;
|
||||
Swap(Block(3), Block(11));
|
||||
Swap(Block(7), Block(15));
|
||||
temp := Block(16);
|
||||
Block(16) := Block(12);
|
||||
Block(12) := Block( 8);
|
||||
Block( 8) := Block( 4);
|
||||
Block( 4) := temp;
|
||||
end ShiftColumns;
|
||||
|
||||
procedure InvShiftColumns(Block : in out Block_128_Bit) is
|
||||
temp : u8;
|
||||
begin
|
||||
temp := Block(14);
|
||||
Block(14) := Block(10);
|
||||
Block(10) := Block( 6);
|
||||
Block( 6) := Block( 2);
|
||||
Block( 2) := temp;
|
||||
Swap(Block(3), Block(11));
|
||||
Swap(Block(7), Block(15));
|
||||
temp := Block( 4);
|
||||
Block( 4) := Block( 8);
|
||||
Block( 8) := Block(12);
|
||||
Block(12) := Block(16);
|
||||
Block(16) := temp;
|
||||
end InvShiftColumns;
|
||||
|
||||
procedure MixRows(Block : in out Block_128_Bit) is
|
||||
temp : u8_Array(1 .. 4);
|
||||
begin
|
||||
for i in 0 .. 3 loop
|
||||
temp := Block(i * 4 + 1 .. i * 4 + 4);
|
||||
-- Put(" (" & Integer'Image(i) & ") t: "); print_hex(temp); New_Line;
|
||||
Block(i * 4 + 1) := gf256mul(2, temp(1)) xor gf256mul(3, temp(2)) xor temp(3) xor temp(4);
|
||||
Block(i * 4 + 2) := gf256mul(2, temp(2)) xor gf256mul(3, temp(3)) xor temp(4) xor temp(1);
|
||||
Block(i * 4 + 3) := gf256mul(2, temp(3)) xor gf256mul(3, temp(4)) xor temp(1) xor temp(2);
|
||||
Block(i * 4 + 4) := gf256mul(2, temp(4)) xor gf256mul(3, temp(1)) xor temp(2) xor temp(3);
|
||||
-- Put(" (" & Integer'Image(i) & ") r: "); print_hex(Block(i * 4 + 1 .. i * 4 + 4)); New_Line;
|
||||
end loop;
|
||||
end MixRows;
|
||||
|
||||
procedure InvMixRows(Block : in out Block_128_Bit) is
|
||||
temp : u8_Array(1 .. 4);
|
||||
begin
|
||||
for i in 0 .. 3 loop
|
||||
temp := Block(i * 4 + 1 .. i * 4 + 4);
|
||||
-- Put(" (" & Integer'Image(i) & ") t: "); print_hex(temp); New_Line;
|
||||
Block(i * 4 + 1) := gf256mul(14, temp(1)) xor gf256mul(11, temp(2)) xor gf256mul(13, temp(3)) xor gf256mul( 9, temp(4));
|
||||
Block(i * 4 + 2) := gf256mul( 9, temp(1)) xor gf256mul(14, temp(2)) xor gf256mul(11, temp(3)) xor gf256mul(13, temp(4));
|
||||
Block(i * 4 + 3) := gf256mul(13, temp(1)) xor gf256mul( 9, temp(2)) xor gf256mul(14, temp(3)) xor gf256mul(11, temp(4));
|
||||
Block(i * 4 + 4) := gf256mul(11, temp(1)) xor gf256mul(13, temp(2)) xor gf256mul( 9, temp(3)) xor gf256mul(14, temp(4));
|
||||
-- Put(" (" & Integer'Image(i) & ") r: "); print_hex(Block(i * 4 + 1 .. i * 4 + 4)); New_Line;
|
||||
end loop;
|
||||
end InvMixRows;
|
||||
|
||||
|
||||
procedure Encrypt_Generic(Context : in Context_T; Block : in out Block_128_Bit) is
|
||||
begin
|
||||
-- Put("( 1) pre-add: "); print_hex(Block); New_Line;
|
||||
Block := u8_Array(Block) xor u8_Array(Context.RoundKeys(Context.RoundKeys'First));
|
||||
for i in Context.RoundKeys'First + 1 .. Context.RoundKeys'Last - 1 loop
|
||||
-- Put("(" & Integer'Image(i) & ") pre-sub: "); print_hex(Block); New_Line;
|
||||
SubArray(u8_Array(Block));
|
||||
-- Put("(" & Integer'Image(i) & ") pre-shift: "); print_hex(Block); New_Line;
|
||||
ShiftColumns(Block);
|
||||
-- Put("(" & Integer'Image(i) & ") pre-mix: "); print_hex(Block); New_Line;
|
||||
MixRows(Block);
|
||||
-- Put("(" & Integer'Image(i) & ") pre-add: "); print_hex(Block); New_Line;
|
||||
Block := u8_Array(Block) xor u8_Array(Context.RoundKeys(i));
|
||||
end loop;
|
||||
SubArray(u8_Array(Block));
|
||||
ShiftColumns(Block);
|
||||
Block := u8_Array(Block) xor u8_Array(Context.RoundKeys(Context.RoundKeys'Last));
|
||||
end Encrypt_Generic;
|
||||
|
||||
procedure Encrypt(Context : in Context_128; Block: in out Block_128_Bit) is
|
||||
begin
|
||||
Encrypt_Generic(Context_T(Context), Block);
|
||||
end Encrypt;
|
||||
|
||||
procedure Encrypt(Context : in Context_192; Block: in out Block_128_Bit) is
|
||||
begin
|
||||
Encrypt_Generic(Context_T(Context), Block);
|
||||
end Encrypt;
|
||||
|
||||
procedure Encrypt(Context : in Context_256; Block: in out Block_128_Bit) is
|
||||
begin
|
||||
Encrypt_Generic(Context_T(Context), Block);
|
||||
end Encrypt;
|
||||
|
||||
|
||||
procedure Decrypt_Generic(Context : in Context_T; Block : in out Block_128_Bit) is
|
||||
begin
|
||||
-- Put("( 1) pre-add: "); print_hex(Block); New_Line;
|
||||
Block := u8_Array(Block) xor u8_Array(Context.RoundKeys(Context.RoundKeys'Last));
|
||||
for i in reverse Context.RoundKeys'First + 1 .. Context.RoundKeys'Last - 1 loop
|
||||
-- Put("(" & Integer'Image(i) & ") pre-shift: "); print_hex(Block); New_Line;
|
||||
InvShiftColumns(Block);
|
||||
-- Put("(" & Integer'Image(i) & ") pre-sub: "); print_hex(Block); New_Line;
|
||||
InvSubArray(u8_Array(Block));
|
||||
-- Put("(" & Integer'Image(i) & ") pre-add: "); print_hex(Block); New_Line;
|
||||
Block := u8_Array(Block) xor u8_Array(Context.RoundKeys(i));
|
||||
-- Put("(" & Integer'Image(i) & ") pre-mix: "); print_hex(Block); New_Line;
|
||||
InvMixRows(Block);
|
||||
end loop;
|
||||
InvSubArray(u8_Array(Block));
|
||||
InvShiftColumns(Block);
|
||||
Block := u8_Array(Block) xor u8_Array(Context.RoundKeys(Context.RoundKeys'First));
|
||||
end Decrypt_Generic;
|
||||
|
||||
procedure Decrypt(Context : in Context_128; Block: in out Block_128_Bit) is
|
||||
begin
|
||||
Decrypt_Generic(Context_T(Context), Block);
|
||||
end Decrypt;
|
||||
|
||||
procedure Decrypt(Context : in Context_192; Block: in out Block_128_Bit) is
|
||||
begin
|
||||
Decrypt_Generic(Context_T(Context), Block);
|
||||
end Decrypt;
|
||||
|
||||
procedure Decrypt(Context : in Context_256; Block: in out Block_128_Bit) is
|
||||
begin
|
||||
Decrypt_Generic(Context_T(Context), Block);
|
||||
end Decrypt;
|
||||
-- function Encrypt(Ctx : Context_128; Source : Plaintext) return Ciphertext;
|
||||
-- function Decrypt(Ctx : Context_128; Source : Ciphertext) return Plaintext;
|
||||
--
|
||||
-- function Encrypt(Ctx : Context_192; Source : Plaintext) return Ciphertext;
|
||||
-- function Decrypt(Ctx : Context_192; Source : Ciphertext) return Plaintext;
|
||||
--
|
||||
-- function Encrypt(Ctx : Context_256; Source : Plaintext) return Ciphertext;
|
||||
-- function Decrypt(Ctx : Context_256; Source : Ciphertext) return Plaintext;
|
||||
|
||||
end AES;
|
|
@ -24,44 +24,50 @@ package AES is
|
|||
type Key_192 is new Block_192_Bit;
|
||||
type Key_256 is new Block_256_Bit;
|
||||
|
||||
-- type Context_128 is private;
|
||||
-- type Context_192 is private;
|
||||
-- type Context_256 is private;
|
||||
type Context_128 is private;
|
||||
type Context_192 is private;
|
||||
type Context_256 is private;
|
||||
|
||||
type Plaintext is new Block_128_Bit;
|
||||
type Ciphertext is new Block_128_Bit;
|
||||
|
||||
|
||||
|
||||
procedure Initialize(Key : in Key_128; Context : out Context_128);
|
||||
procedure Encrypt(Context : in Context_128; Block: in out Block_128_Bit);
|
||||
procedure Decrypt(Context : in Context_128; Block: in out Block_128_Bit);
|
||||
|
||||
|
||||
procedure Initialize(Key : in Key_192; Context : out Context_192);
|
||||
procedure Encrypt(Context : in Context_192; Block: in out Block_128_Bit);
|
||||
procedure Decrypt(Context : in Context_192; Block: in out Block_128_Bit);
|
||||
|
||||
procedure Initialize(Key : in Key_256; Context : out Context_256);
|
||||
procedure Encrypt(Context : in Context_256; Block: in out Block_128_Bit);
|
||||
procedure Decrypt(Context : in Context_256; Block: in out Block_128_Bit);
|
||||
|
||||
private
|
||||
|
||||
type RoundKey_T is new Block_128_Bit;
|
||||
type RoundKeys_T is Array (Integer range <>) of RoundKey_T;
|
||||
|
||||
type Context_128 is record
|
||||
RoundKeys : RoundKeys_T(1 .. 11);
|
||||
subtype Num_RoundKeys_T is Integer range 11 .. 15;
|
||||
|
||||
type Context_T(Num_RoundKeys : Num_RoundKeys_T := 15) is record
|
||||
RoundKeys : RoundKeys_T(1 .. Num_RoundKeys);
|
||||
end record;
|
||||
|
||||
type Context_192 is record
|
||||
RoundKeys : RoundKeys_T(1 .. 13);
|
||||
end record;
|
||||
|
||||
type Context_256 is record
|
||||
RoundKeys : RoundKeys_T(1 .. 15);
|
||||
end record;
|
||||
|
||||
function Initialize(Key : Key_128) return Context_128;
|
||||
-- function Encrypt(Ctx : Context_128; Source : Plaintext) return Ciphertext;
|
||||
-- function Decrypt(Ctx : Context_128; Source : Ciphertext) return Plaintext;
|
||||
--
|
||||
function Initialize(Key : Key_192) return Context_192;
|
||||
-- function Encrypt(Ctx : Context_192; Source : Plaintext) return Ciphertext;
|
||||
-- function Decrypt(Ctx : Context_192; Source : Ciphertext) return Plaintext;
|
||||
--
|
||||
function Initialize(Key : Key_256) return Context_256;
|
||||
-- function Encrypt(Ctx : Context_256; Source : Plaintext) return Ciphertext;
|
||||
-- function Decrypt(Ctx : Context_256; Source : Ciphertext) return Plaintext;
|
||||
|
||||
private
|
||||
type Context_128 is new Context_T(11);
|
||||
type Context_192 is new Context_T(13);
|
||||
type Context_256 is new Context_T(15);
|
||||
|
||||
Nb : constant Integer := 4;
|
||||
polynom : constant u8 := 16#1B#;
|
||||
function gf256mul(a, b : u8) return u8;
|
||||
|
||||
generic
|
||||
type T_In(<>) is new u8_Array;
|
||||
type T_Out(<>) is new Context_T;
|
||||
procedure Initialize_Generic(Key : T_In; Context : out T_Out);
|
||||
|
||||
end AES;
|
|
@ -0,0 +1,257 @@
|
|||
-- Copyright (C) 2015 Daniel Otte <bg@nerilex.org>
|
||||
--
|
||||
-- This program is free software: you can redistribute it and/or modify
|
||||
-- it under the terms of the GNU General Public License as published by
|
||||
-- the Free Software Foundation, either version 3 of the License, or
|
||||
-- (at your option) any later version.
|
||||
--
|
||||
-- This program is distributed in the hope that it will be useful,
|
||||
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-- GNU General Public License for more details.
|
||||
--
|
||||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
package body ARIA is
|
||||
|
||||
SBox : constant array (Integer range 1 .. 4, u8 range 0 .. 255) of u8 := ( (
|
||||
16#63#, 16#7c#, 16#77#, 16#7b#, 16#f2#, 16#6b#, 16#6f#, 16#c5#, 16#30#, 16#01#, 16#67#, 16#2b#, 16#fe#, 16#d7#, 16#ab#, 16#76#,
|
||||
16#ca#, 16#82#, 16#c9#, 16#7d#, 16#fa#, 16#59#, 16#47#, 16#f0#, 16#ad#, 16#d4#, 16#a2#, 16#af#, 16#9c#, 16#a4#, 16#72#, 16#c0#,
|
||||
16#b7#, 16#fd#, 16#93#, 16#26#, 16#36#, 16#3f#, 16#f7#, 16#cc#, 16#34#, 16#a5#, 16#e5#, 16#f1#, 16#71#, 16#d8#, 16#31#, 16#15#,
|
||||
16#04#, 16#c7#, 16#23#, 16#c3#, 16#18#, 16#96#, 16#05#, 16#9a#, 16#07#, 16#12#, 16#80#, 16#e2#, 16#eb#, 16#27#, 16#b2#, 16#75#,
|
||||
16#09#, 16#83#, 16#2c#, 16#1a#, 16#1b#, 16#6e#, 16#5a#, 16#a0#, 16#52#, 16#3b#, 16#d6#, 16#b3#, 16#29#, 16#e3#, 16#2f#, 16#84#,
|
||||
16#53#, 16#d1#, 16#00#, 16#ed#, 16#20#, 16#fc#, 16#b1#, 16#5b#, 16#6a#, 16#cb#, 16#be#, 16#39#, 16#4a#, 16#4c#, 16#58#, 16#cf#,
|
||||
16#d0#, 16#ef#, 16#aa#, 16#fb#, 16#43#, 16#4d#, 16#33#, 16#85#, 16#45#, 16#f9#, 16#02#, 16#7f#, 16#50#, 16#3c#, 16#9f#, 16#a8#,
|
||||
16#51#, 16#a3#, 16#40#, 16#8f#, 16#92#, 16#9d#, 16#38#, 16#f5#, 16#bc#, 16#b6#, 16#da#, 16#21#, 16#10#, 16#ff#, 16#f3#, 16#d2#,
|
||||
16#cd#, 16#0c#, 16#13#, 16#ec#, 16#5f#, 16#97#, 16#44#, 16#17#, 16#c4#, 16#a7#, 16#7e#, 16#3d#, 16#64#, 16#5d#, 16#19#, 16#73#,
|
||||
16#60#, 16#81#, 16#4f#, 16#dc#, 16#22#, 16#2a#, 16#90#, 16#88#, 16#46#, 16#ee#, 16#b8#, 16#14#, 16#de#, 16#5e#, 16#0b#, 16#db#,
|
||||
16#e0#, 16#32#, 16#3a#, 16#0a#, 16#49#, 16#06#, 16#24#, 16#5c#, 16#c2#, 16#d3#, 16#ac#, 16#62#, 16#91#, 16#95#, 16#e4#, 16#79#,
|
||||
16#e7#, 16#c8#, 16#37#, 16#6d#, 16#8d#, 16#d5#, 16#4e#, 16#a9#, 16#6c#, 16#56#, 16#f4#, 16#ea#, 16#65#, 16#7a#, 16#ae#, 16#08#,
|
||||
16#ba#, 16#78#, 16#25#, 16#2e#, 16#1c#, 16#a6#, 16#b4#, 16#c6#, 16#e8#, 16#dd#, 16#74#, 16#1f#, 16#4b#, 16#bd#, 16#8b#, 16#8a#,
|
||||
16#70#, 16#3e#, 16#b5#, 16#66#, 16#48#, 16#03#, 16#f6#, 16#0e#, 16#61#, 16#35#, 16#57#, 16#b9#, 16#86#, 16#c1#, 16#1d#, 16#9e#,
|
||||
16#e1#, 16#f8#, 16#98#, 16#11#, 16#69#, 16#d9#, 16#8e#, 16#94#, 16#9b#, 16#1e#, 16#87#, 16#e9#, 16#ce#, 16#55#, 16#28#, 16#df#,
|
||||
16#8c#, 16#a1#, 16#89#, 16#0d#, 16#bf#, 16#e6#, 16#42#, 16#68#, 16#41#, 16#99#, 16#2d#, 16#0f#, 16#b0#, 16#54#, 16#bb#, 16#16#
|
||||
),
|
||||
(
|
||||
16#e2#, 16#4e#, 16#54#, 16#fc#, 16#94#, 16#c2#, 16#4a#, 16#cc#, 16#62#, 16#0d#, 16#6a#, 16#46#, 16#3c#, 16#4d#, 16#8b#, 16#d1#,
|
||||
16#5e#, 16#fa#, 16#64#, 16#cb#, 16#b4#, 16#97#, 16#be#, 16#2b#, 16#bc#, 16#77#, 16#2e#, 16#03#, 16#d3#, 16#19#, 16#59#, 16#c1#,
|
||||
16#1d#, 16#06#, 16#41#, 16#6b#, 16#55#, 16#f0#, 16#99#, 16#69#, 16#ea#, 16#9c#, 16#18#, 16#ae#, 16#63#, 16#df#, 16#e7#, 16#bb#,
|
||||
16#00#, 16#73#, 16#66#, 16#fb#, 16#96#, 16#4c#, 16#85#, 16#e4#, 16#3a#, 16#09#, 16#45#, 16#aa#, 16#0f#, 16#ee#, 16#10#, 16#eb#,
|
||||
16#2d#, 16#7f#, 16#f4#, 16#29#, 16#ac#, 16#cf#, 16#ad#, 16#91#, 16#8d#, 16#78#, 16#c8#, 16#95#, 16#f9#, 16#2f#, 16#ce#, 16#cd#,
|
||||
16#08#, 16#7a#, 16#88#, 16#38#, 16#5c#, 16#83#, 16#2a#, 16#28#, 16#47#, 16#db#, 16#b8#, 16#c7#, 16#93#, 16#a4#, 16#12#, 16#53#,
|
||||
16#ff#, 16#87#, 16#0e#, 16#31#, 16#36#, 16#21#, 16#58#, 16#48#, 16#01#, 16#8e#, 16#37#, 16#74#, 16#32#, 16#ca#, 16#e9#, 16#b1#,
|
||||
16#b7#, 16#ab#, 16#0c#, 16#d7#, 16#c4#, 16#56#, 16#42#, 16#26#, 16#07#, 16#98#, 16#60#, 16#d9#, 16#b6#, 16#b9#, 16#11#, 16#40#,
|
||||
16#ec#, 16#20#, 16#8c#, 16#bd#, 16#a0#, 16#c9#, 16#84#, 16#04#, 16#49#, 16#23#, 16#f1#, 16#4f#, 16#50#, 16#1f#, 16#13#, 16#dc#,
|
||||
16#d8#, 16#c0#, 16#9e#, 16#57#, 16#e3#, 16#c3#, 16#7b#, 16#65#, 16#3b#, 16#02#, 16#8f#, 16#3e#, 16#e8#, 16#25#, 16#92#, 16#e5#,
|
||||
16#15#, 16#dd#, 16#fd#, 16#17#, 16#a9#, 16#bf#, 16#d4#, 16#9a#, 16#7e#, 16#c5#, 16#39#, 16#67#, 16#fe#, 16#76#, 16#9d#, 16#43#,
|
||||
16#a7#, 16#e1#, 16#d0#, 16#f5#, 16#68#, 16#f2#, 16#1b#, 16#34#, 16#70#, 16#05#, 16#a3#, 16#8a#, 16#d5#, 16#79#, 16#86#, 16#a8#,
|
||||
16#30#, 16#c6#, 16#51#, 16#4b#, 16#1e#, 16#a6#, 16#27#, 16#f6#, 16#35#, 16#d2#, 16#6e#, 16#24#, 16#16#, 16#82#, 16#5f#, 16#da#,
|
||||
16#e6#, 16#75#, 16#a2#, 16#ef#, 16#2c#, 16#b2#, 16#1c#, 16#9f#, 16#5d#, 16#6f#, 16#80#, 16#0a#, 16#72#, 16#44#, 16#9b#, 16#6c#,
|
||||
16#90#, 16#0b#, 16#5b#, 16#33#, 16#7d#, 16#5a#, 16#52#, 16#f3#, 16#61#, 16#a1#, 16#f7#, 16#b0#, 16#d6#, 16#3f#, 16#7c#, 16#6d#,
|
||||
16#ed#, 16#14#, 16#e0#, 16#a5#, 16#3d#, 16#22#, 16#b3#, 16#f8#, 16#89#, 16#de#, 16#71#, 16#1a#, 16#af#, 16#ba#, 16#b5#, 16#81#
|
||||
),
|
||||
(
|
||||
16#52#, 16#09#, 16#6a#, 16#d5#, 16#30#, 16#36#, 16#a5#, 16#38#, 16#bf#, 16#40#, 16#a3#, 16#9e#, 16#81#, 16#f3#, 16#d7#, 16#fb#,
|
||||
16#7c#, 16#e3#, 16#39#, 16#82#, 16#9b#, 16#2f#, 16#ff#, 16#87#, 16#34#, 16#8e#, 16#43#, 16#44#, 16#c4#, 16#de#, 16#e9#, 16#cb#,
|
||||
16#54#, 16#7b#, 16#94#, 16#32#, 16#a6#, 16#c2#, 16#23#, 16#3d#, 16#ee#, 16#4c#, 16#95#, 16#0b#, 16#42#, 16#fa#, 16#c3#, 16#4e#,
|
||||
16#08#, 16#2e#, 16#a1#, 16#66#, 16#28#, 16#d9#, 16#24#, 16#b2#, 16#76#, 16#5b#, 16#a2#, 16#49#, 16#6d#, 16#8b#, 16#d1#, 16#25#,
|
||||
16#72#, 16#f8#, 16#f6#, 16#64#, 16#86#, 16#68#, 16#98#, 16#16#, 16#d4#, 16#a4#, 16#5c#, 16#cc#, 16#5d#, 16#65#, 16#b6#, 16#92#,
|
||||
16#6c#, 16#70#, 16#48#, 16#50#, 16#fd#, 16#ed#, 16#b9#, 16#da#, 16#5e#, 16#15#, 16#46#, 16#57#, 16#a7#, 16#8d#, 16#9d#, 16#84#,
|
||||
16#90#, 16#d8#, 16#ab#, 16#00#, 16#8c#, 16#bc#, 16#d3#, 16#0a#, 16#f7#, 16#e4#, 16#58#, 16#05#, 16#b8#, 16#b3#, 16#45#, 16#06#,
|
||||
16#d0#, 16#2c#, 16#1e#, 16#8f#, 16#ca#, 16#3f#, 16#0f#, 16#02#, 16#c1#, 16#af#, 16#bd#, 16#03#, 16#01#, 16#13#, 16#8a#, 16#6b#,
|
||||
16#3a#, 16#91#, 16#11#, 16#41#, 16#4f#, 16#67#, 16#dc#, 16#ea#, 16#97#, 16#f2#, 16#cf#, 16#ce#, 16#f0#, 16#b4#, 16#e6#, 16#73#,
|
||||
16#96#, 16#ac#, 16#74#, 16#22#, 16#e7#, 16#ad#, 16#35#, 16#85#, 16#e2#, 16#f9#, 16#37#, 16#e8#, 16#1c#, 16#75#, 16#df#, 16#6e#,
|
||||
16#47#, 16#f1#, 16#1a#, 16#71#, 16#1d#, 16#29#, 16#c5#, 16#89#, 16#6f#, 16#b7#, 16#62#, 16#0e#, 16#aa#, 16#18#, 16#be#, 16#1b#,
|
||||
16#fc#, 16#56#, 16#3e#, 16#4b#, 16#c6#, 16#d2#, 16#79#, 16#20#, 16#9a#, 16#db#, 16#c0#, 16#fe#, 16#78#, 16#cd#, 16#5a#, 16#f4#,
|
||||
16#1f#, 16#dd#, 16#a8#, 16#33#, 16#88#, 16#07#, 16#c7#, 16#31#, 16#b1#, 16#12#, 16#10#, 16#59#, 16#27#, 16#80#, 16#ec#, 16#5f#,
|
||||
16#60#, 16#51#, 16#7f#, 16#a9#, 16#19#, 16#b5#, 16#4a#, 16#0d#, 16#2d#, 16#e5#, 16#7a#, 16#9f#, 16#93#, 16#c9#, 16#9c#, 16#ef#,
|
||||
16#a0#, 16#e0#, 16#3b#, 16#4d#, 16#ae#, 16#2a#, 16#f5#, 16#b0#, 16#c8#, 16#eb#, 16#bb#, 16#3c#, 16#83#, 16#53#, 16#99#, 16#61#,
|
||||
16#17#, 16#2b#, 16#04#, 16#7e#, 16#ba#, 16#77#, 16#d6#, 16#26#, 16#e1#, 16#69#, 16#14#, 16#63#, 16#55#, 16#21#, 16#0c#, 16#7d#
|
||||
),
|
||||
(
|
||||
16#30#, 16#68#, 16#99#, 16#1b#, 16#87#, 16#b9#, 16#21#, 16#78#, 16#50#, 16#39#, 16#db#, 16#e1#, 16#72#, 16#09#, 16#62#, 16#3c#,
|
||||
16#3e#, 16#7e#, 16#5e#, 16#8e#, 16#f1#, 16#a0#, 16#cc#, 16#a3#, 16#2a#, 16#1d#, 16#fb#, 16#b6#, 16#d6#, 16#20#, 16#c4#, 16#8d#,
|
||||
16#81#, 16#65#, 16#f5#, 16#89#, 16#cb#, 16#9d#, 16#77#, 16#c6#, 16#57#, 16#43#, 16#56#, 16#17#, 16#d4#, 16#40#, 16#1a#, 16#4d#,
|
||||
16#c0#, 16#63#, 16#6c#, 16#e3#, 16#b7#, 16#c8#, 16#64#, 16#6a#, 16#53#, 16#aa#, 16#38#, 16#98#, 16#0c#, 16#f4#, 16#9b#, 16#ed#,
|
||||
16#7f#, 16#22#, 16#76#, 16#af#, 16#dd#, 16#3a#, 16#0b#, 16#58#, 16#67#, 16#88#, 16#06#, 16#c3#, 16#35#, 16#0d#, 16#01#, 16#8b#,
|
||||
16#8c#, 16#c2#, 16#e6#, 16#5f#, 16#02#, 16#24#, 16#75#, 16#93#, 16#66#, 16#1e#, 16#e5#, 16#e2#, 16#54#, 16#d8#, 16#10#, 16#ce#,
|
||||
16#7a#, 16#e8#, 16#08#, 16#2c#, 16#12#, 16#97#, 16#32#, 16#ab#, 16#b4#, 16#27#, 16#0a#, 16#23#, 16#df#, 16#ef#, 16#ca#, 16#d9#,
|
||||
16#b8#, 16#fa#, 16#dc#, 16#31#, 16#6b#, 16#d1#, 16#ad#, 16#19#, 16#49#, 16#bd#, 16#51#, 16#96#, 16#ee#, 16#e4#, 16#a8#, 16#41#,
|
||||
16#da#, 16#ff#, 16#cd#, 16#55#, 16#86#, 16#36#, 16#be#, 16#61#, 16#52#, 16#f8#, 16#bb#, 16#0e#, 16#82#, 16#48#, 16#69#, 16#9a#,
|
||||
16#e0#, 16#47#, 16#9e#, 16#5c#, 16#04#, 16#4b#, 16#34#, 16#15#, 16#79#, 16#26#, 16#a7#, 16#de#, 16#29#, 16#ae#, 16#92#, 16#d7#,
|
||||
16#84#, 16#e9#, 16#d2#, 16#ba#, 16#5d#, 16#f3#, 16#c5#, 16#b0#, 16#bf#, 16#a4#, 16#3b#, 16#71#, 16#44#, 16#46#, 16#2b#, 16#fc#,
|
||||
16#eb#, 16#6f#, 16#d5#, 16#f6#, 16#14#, 16#fe#, 16#7c#, 16#70#, 16#5a#, 16#7d#, 16#fd#, 16#2f#, 16#18#, 16#83#, 16#16#, 16#a5#,
|
||||
16#91#, 16#1f#, 16#05#, 16#95#, 16#74#, 16#a9#, 16#c1#, 16#5b#, 16#4a#, 16#85#, 16#6d#, 16#13#, 16#07#, 16#4f#, 16#4e#, 16#45#,
|
||||
16#b2#, 16#0f#, 16#c9#, 16#1c#, 16#a6#, 16#bc#, 16#ec#, 16#73#, 16#90#, 16#7b#, 16#cf#, 16#59#, 16#8f#, 16#a1#, 16#f9#, 16#2d#,
|
||||
16#f2#, 16#b1#, 16#00#, 16#94#, 16#37#, 16#9f#, 16#d0#, 16#2e#, 16#9c#, 16#6e#, 16#28#, 16#3f#, 16#80#, 16#f0#, 16#3d#, 16#d3#,
|
||||
16#25#, 16#8a#, 16#b5#, 16#e7#, 16#42#, 16#b3#, 16#c7#, 16#ea#, 16#f7#, 16#4c#, 16#11#, 16#33#, 16#03#, 16#a2#, 16#ac#, 16#60#
|
||||
) );
|
||||
|
||||
type Block_Index_T is mod 16;
|
||||
|
||||
A_Table : constant array (1 .. 16, 1 .. 7) of Block_Index_T := (
|
||||
( 3 , 4 , 6 , 8 , 9 , 13 , 14),
|
||||
( 2 , 5 , 7 , 8 , 9 , 12 , 15),
|
||||
( 1 , 4 , 6 , 10 , 11 , 12 , 15),
|
||||
( 0 , 5 , 7 , 10 , 11 , 13 , 14),
|
||||
( 0 , 2 , 5 , 8 , 11 , 14 , 15),
|
||||
( 1 , 3 , 4 , 9 , 10 , 14 , 15),
|
||||
( 0 , 2 , 7 , 9 , 10 , 12 , 13),
|
||||
( 1 , 3 , 6 , 8 , 11 , 12 , 13),
|
||||
( 0 , 1 , 4 , 7 , 10 , 13 , 15),
|
||||
( 0 , 1 , 5 , 6 , 11 , 12 , 14),
|
||||
( 2 , 3 , 5 , 6 , 8 , 13 , 15),
|
||||
( 2 , 3 , 4 , 7 , 9 , 12 , 14),
|
||||
( 1 , 2 , 6 , 7 , 9 , 11 , 12),
|
||||
( 0 , 3 , 6 , 7 , 8 , 10 , 13),
|
||||
( 0 , 3 , 4 , 5 , 9 , 11 , 14),
|
||||
( 1 , 2 , 4 , 5 , 8 , 10 , 15)
|
||||
);
|
||||
|
||||
C : constant array (1 .. 3) of Block_128_Bit :=
|
||||
( ( 16#51#, 16#7c#, 16#c1#, 16#b7#, 16#27#, 16#22#, 16#0a#, 16#94#, 16#fe#, 16#13#, 16#ab#, 16#e8#, 16#fa#, 16#9a#, 16#6e#, 16#e0# ),
|
||||
( 16#6d#, 16#b1#, 16#4a#, 16#cc#, 16#9e#, 16#21#, 16#c8#, 16#20#, 16#ff#, 16#28#, 16#b1#, 16#d5#, 16#ef#, 16#5d#, 16#e2#, 16#b0# ),
|
||||
( 16#db#, 16#92#, 16#37#, 16#1d#, 16#21#, 16#26#, 16#e9#, 16#70#, 16#03#, 16#24#, 16#97#, 16#75#, 16#04#, 16#e8#, 16#c9#, 16#0e# )
|
||||
);
|
||||
|
||||
Rotation_Constants : constant array(1 .. 5) of Integer range -31 .. 61 :=
|
||||
( -19, -31, 61, 31, 19 );
|
||||
|
||||
procedure Substitute_Odd(Block : in out Block_128_Bit) is
|
||||
begin
|
||||
for i in 0 .. 15 loop
|
||||
Block(i + 1) := SBox((i mod 4) + 1, Block(i + 1));
|
||||
end loop;
|
||||
end Substitute_Odd;
|
||||
|
||||
procedure Substitute_Even(Block : in out Block_128_Bit) is
|
||||
begin
|
||||
for i in 0 .. 15 loop
|
||||
Block(i + 1) := SBox(((i + 2) mod 4) + 1, Block(i + 1));
|
||||
end loop;
|
||||
end Substitute_Even;
|
||||
|
||||
procedure A(Block : in out Block_128_Bit) is
|
||||
temp : constant Block_128_Bit := Block;
|
||||
begin
|
||||
for i in A_Table'Range(1) loop
|
||||
Block(i) := 0;
|
||||
for j in A_Table'Range(2) loop
|
||||
Block(i) := Block(i) xor temp(Integer(A_Table(i, j)) + 1);
|
||||
end loop;
|
||||
end loop;
|
||||
end A;
|
||||
|
||||
procedure F_Odd(Block : in out Block_128_Bit; Round_Key : in Block_128_Bit) is
|
||||
begin
|
||||
Block := Block xor Round_Key;
|
||||
Substitute_Odd(Block);
|
||||
A(Block);
|
||||
end F_Odd;
|
||||
|
||||
procedure F_Even(Block : in out Block_128_Bit; Round_Key : in Block_128_Bit) is
|
||||
begin
|
||||
Block := Block xor Round_Key;
|
||||
Substitute_Even(Block);
|
||||
A(Block);
|
||||
end F_Even;
|
||||
|
||||
procedure Initialize(Key : in u8_Array; Context : out Context_T) is
|
||||
C_Select : Array (1 .. 3) of Natural range 1 .. 3;
|
||||
begin
|
||||
case Key'Length is
|
||||
when 16 =>
|
||||
C_Select := (1, 2, 3);
|
||||
Context.Rounds := 12;
|
||||
when 24 =>
|
||||
C_Select := (2, 3, 1);
|
||||
Context.Rounds := 14;
|
||||
when 32 =>
|
||||
C_Select := (3, 1, 2);
|
||||
Context.Rounds := 16;
|
||||
when others => raise Constraint_Error;
|
||||
end case;
|
||||
Context.W(1) := PreKey_T(Key(1 .. 16));
|
||||
Context.W(2) := Context.W(1);
|
||||
F_Odd(Block_128_Bit(Context.W(2)), C(C_Select(1)));
|
||||
-- if Key'Length > 16 then
|
||||
-- Context.W(2)(1 .. Key'Last - 16) := PreKey_T(u8_Array(Context.W(2)(1 .. Key'Last - 16)) xor u8_Array(Key(17 .. Key'Last)));
|
||||
-- end if;
|
||||
for i in 17 .. Key'Last loop
|
||||
Context.W(2)(i - 16) := Context.W(2)(i - 16) xor Key(i);
|
||||
end loop;
|
||||
Context.W(3) := Context.W(2);
|
||||
F_Even(Block_128_Bit(Context.W(3)), C(C_Select(2)));
|
||||
Context.W(3) := PreKey_T(u8_Array(Context.W(3)) xor u8_Array(Context.W(1)));
|
||||
Context.W(4) := Context.W(3);
|
||||
F_Odd(Block_128_Bit(Context.W(4)), C(C_Select(3)));
|
||||
Context.W(4) := PreKey_T(u8_Array(Context.W(4)) xor u8_Array(Context.W(2)));
|
||||
end Initialize;
|
||||
|
||||
procedure Initialize(Key : in Key_128; Context : out Context_T) is
|
||||
begin
|
||||
Initialize(u8_Array(Key), Context);
|
||||
end Initialize;
|
||||
|
||||
procedure Initialize(Key : in Key_192; Context : out Context_T) is
|
||||
begin
|
||||
Initialize(u8_Array(Key), Context);
|
||||
end Initialize;
|
||||
|
||||
procedure Initialize(Key : in Key_256; Context : out Context_T) is
|
||||
begin
|
||||
Initialize(u8_Array(Key), Context);
|
||||
end Initialize;
|
||||
|
||||
procedure Encrypt(Context : in Context_T; Block: in out Block_128_Bit) is
|
||||
temp_key : Block_128_Bit;
|
||||
n : Integer;
|
||||
begin
|
||||
for i in 0 .. Integer(Context.Rounds) - 2 loop
|
||||
temp_key := u8_Array(Context.W((i mod 4) + 1)) xor Rotate_be(u8_Array(Context.W(((i + 1) mod 4) + 1)), Rotation_Constants((i / 4) + 1));
|
||||
-- Put("temp_key(" & Integer'Image(i) & ": "); print_hex(temp_key); New_Line;
|
||||
if i mod 2 = 0 then
|
||||
F_Odd(Block, temp_key);
|
||||
else
|
||||
F_Even(Block, temp_Key);
|
||||
end if;
|
||||
end loop;
|
||||
n := Integer(Context.Rounds) - 1;
|
||||
temp_key := u8_Array(Context.W((n mod 4) + 1)) xor Rotate_be(u8_Array(Context.W(((n + 1) mod 4) + 1)), Rotation_Constants((n / 4) + 1));
|
||||
Block := Block xor temp_key;
|
||||
Substitute_Even(Block);
|
||||
n := n + 1;
|
||||
temp_key := u8_Array(Context.W((n mod 4) + 1)) xor Rotate_be(u8_Array(Context.W(((n + 1) mod 4) + 1)), Rotation_Constants((n / 4) + 1));
|
||||
Block := Block xor temp_key;
|
||||
end Encrypt;
|
||||
|
||||
procedure Decrypt(Context : in Context_T; Block: in out Block_128_Bit) is
|
||||
temp_key : Block_128_Bit;
|
||||
n : Integer;
|
||||
begin
|
||||
n := Integer(Context.Rounds);
|
||||
temp_key := u8_Array(Context.W((n mod 4) + 1)) xor Rotate_be(u8_Array(Context.W(((n + 1) mod 4) + 1)), Rotation_Constants((n / 4) + 1));
|
||||
F_Odd(Block, temp_key);
|
||||
for i in reverse 2 .. Integer(Context.Rounds) - 1 loop
|
||||
temp_key := u8_Array(Context.W((i mod 4) + 1)) xor Rotate_be(u8_Array(Context.W(((i + 1) mod 4) + 1)), Rotation_Constants((i / 4) + 1));
|
||||
A(temp_key);
|
||||
-- Put("temp_key(" & Integer'Image(i) & ": "); print_hex(temp_key); New_Line;
|
||||
if i mod 2 = 0 then
|
||||
F_Odd(Block, temp_key);
|
||||
else
|
||||
F_Even(Block, temp_Key);
|
||||
end if;
|
||||
end loop;
|
||||
n := 1;
|
||||
temp_key := u8_Array(Context.W((n mod 4) + 1)) xor Rotate_be(u8_Array(Context.W(((n + 1) mod 4) + 1)), Rotation_Constants((n / 4) + 1));
|
||||
A(temp_key);
|
||||
Block := Block xor temp_key;
|
||||
Substitute_Even(Block);
|
||||
n := n - 1;
|
||||
temp_key := u8_Array(Context.W((n mod 4) + 1)) xor Rotate_be(u8_Array(Context.W(((n + 1) mod 4) + 1)), Rotation_Constants((n / 4) + 1));
|
||||
Block := Block xor temp_key;
|
||||
end Decrypt;
|
||||
|
||||
|
||||
end ARIA;
|
|
@ -0,0 +1,52 @@
|
|||
-- Copyright (C) 2015 Daniel Otte <bg@nerilex.org>
|
||||
--
|
||||
-- This program is free software: you can redistribute it and/or modify
|
||||
-- it under the terms of the GNU General Public License as published by
|
||||
-- the Free Software Foundation, either version 3 of the License, or
|
||||
-- (at your option) any later version.
|
||||
--
|
||||
-- This program is distributed in the hope that it will be useful,
|
||||
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-- GNU General Public License for more details.
|
||||
--
|
||||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
with Crypto_Core_Types; use Crypto_Core_Types;
|
||||
with Crypto_Types; use Crypto_Types;
|
||||
|
||||
use Crypto_Types.Crypto_Types_u8;
|
||||
|
||||
package ARIA is
|
||||
|
||||
type Key_128 is new Block_128_Bit;
|
||||
type Key_192 is new Block_192_Bit;
|
||||
type Key_256 is new Block_256_Bit;
|
||||
|
||||
type Context_T is private;
|
||||
|
||||
type Plaintext is new Block_128_Bit;
|
||||
type Ciphertext is new Block_128_Bit;
|
||||
|
||||
|
||||
|
||||
procedure Initialize(Key : in Key_128; Context : out Context_T);
|
||||
procedure Initialize(Key : in Key_192; Context : out Context_T);
|
||||
procedure Initialize(Key : in Key_256; Context : out Context_T);
|
||||
procedure Encrypt(Context : in Context_T; Block: in out Block_128_Bit);
|
||||
procedure Decrypt(Context : in Context_T; Block: in out Block_128_Bit);
|
||||
|
||||
|
||||
private
|
||||
|
||||
type PreKey_T is new Block_128_Bit;
|
||||
type PreKeys_T is Array (1 .. 4) of PreKey_T;
|
||||
type Num_Rounds is range 1 .. 16;
|
||||
|
||||
type Context_T is record
|
||||
W : PreKeys_T;
|
||||
Rounds : Num_Rounds;
|
||||
end record;
|
||||
|
||||
end ARIA;
|
|
@ -0,0 +1,56 @@
|
|||
-- Copyright (C) 2015 Daniel Otte <bg@nerilex.org>
|
||||
--
|
||||
-- This program is free software: you can redistribute it and/or modify
|
||||
-- it under the terms of the GNU General Public License as published by
|
||||
-- the Free Software Foundation, either version 3 of the License, or
|
||||
-- (at your option) any later version.
|
||||
--
|
||||
-- This program is distributed in the hope that it will be useful,
|
||||
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-- GNU General Public License for more details.
|
||||
--
|
||||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
package body SHA2_256 is
|
||||
|
||||
IV : constant u32_Array(1 .. 8) :=
|
||||
(
|
||||
16#6A09E667#, 16#BB67AE85#, 16#3C6EF372#, 16#A54FF53A#,
|
||||
16#510E527F#, 16#9B05688C#, 16#1F83D9AB#, 16#5BE0CD19#
|
||||
);
|
||||
|
||||
procedure Initialize(Context : out Context_T) is
|
||||
begin
|
||||
Context.H := IV;
|
||||
Context.Counter := 0;
|
||||
end;
|
||||
|
||||
procedure Next_Block(Context : in out Context_T; Block : in Block_512_Bit) is
|
||||
begin
|
||||
Sha2_Small.Next_Block(Sha2_Small.Context_T(Context), Block);
|
||||
end;
|
||||
|
||||
procedure Last_Block(Context : in out Context_T; Block : in u8_Array; Bits : in Integer := -1) is
|
||||
begin
|
||||
Sha2_Small.Last_Block(Sha2_Small.Context_T(Context), Block, Bits);
|
||||
end;
|
||||
|
||||
procedure Get_Digest(Context : in out Context_T; Digest : out Block_256_Bit) is
|
||||
begin
|
||||
Store_BE(Digest, Context.H);
|
||||
end;
|
||||
|
||||
|
||||
procedure Hash(Data : in u8_Array; Digest : out Block_256_Bit) is
|
||||
Context : Context_T;
|
||||
begin
|
||||
Initialize(Context);
|
||||
Last_Block(Context, Data);
|
||||
Get_Digest(Context, Digest);
|
||||
end;
|
||||
|
||||
|
||||
|
||||
end SHA2_256;
|
|
@ -0,0 +1,38 @@
|
|||
-- Copyright (C) 2015 Daniel Otte <bg@nerilex.org>
|
||||
--
|
||||
-- This program is free software: you can redistribute it and/or modify
|
||||
-- it under the terms of the GNU General Public License as published by
|
||||
-- the Free Software Foundation, either version 3 of the License, or
|
||||
-- (at your option) any later version.
|
||||
--
|
||||
-- This program is distributed in the hope that it will be useful,
|
||||
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-- GNU General Public License for more details.
|
||||
--
|
||||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
with Crypto_Core_Types; use Crypto_Core_Types;
|
||||
with Crypto_Types; use Crypto_Types;
|
||||
with Sha2_Small;
|
||||
|
||||
use Crypto_Types.Crypto_Types_u8;
|
||||
use Crypto_Types.Crypto_Types_u32;
|
||||
|
||||
package SHA2_256 is
|
||||
|
||||
type Context_T is private;
|
||||
|
||||
procedure Initialize(Context : out Context_T);
|
||||
procedure Next_Block(Context : in out Context_T; Block : in Block_512_Bit);
|
||||
procedure Last_Block(Context : in out Context_T; Block : in u8_Array; Bits : in Integer := -1);
|
||||
procedure Get_Digest(Context : in out Context_T; Digest : out Block_256_Bit);
|
||||
|
||||
procedure Hash(Data : in u8_array; Digest : out Block_256_Bit);
|
||||
|
||||
private
|
||||
|
||||
type Context_T is new Sha2_Small.Context_T;
|
||||
|
||||
end SHA2_256;
|
|
@ -0,0 +1,113 @@
|
|||
-- Copyright (C) 2015 Daniel Otte <bg@nerilex.org>
|
||||
--
|
||||
-- This program is free software: you can redistribute it and/or modify
|
||||
-- it under the terms of the GNU General Public License as published by
|
||||
-- the Free Software Foundation, either version 3 of the License, or
|
||||
-- (at your option) any later version.
|
||||
--
|
||||
-- This program is distributed in the hope that it will be useful,
|
||||
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-- GNU General Public License for more details.
|
||||
--
|
||||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
package body SHA2_Small is
|
||||
|
||||
K : constant u32_Array(1 .. 64) :=
|
||||
(
|
||||
16#428a2f98#, 16#71374491#, 16#b5c0fbcf#, 16#e9b5dba5#, 16#3956c25b#, 16#59f111f1#, 16#923f82a4#, 16#ab1c5ed5#,
|
||||
16#d807aa98#, 16#12835b01#, 16#243185be#, 16#550c7dc3#, 16#72be5d74#, 16#80deb1fe#, 16#9bdc06a7#, 16#c19bf174#,
|
||||
16#e49b69c1#, 16#efbe4786#, 16#0fc19dc6#, 16#240ca1cc#, 16#2de92c6f#, 16#4a7484aa#, 16#5cb0a9dc#, 16#76f988da#,
|
||||
16#983e5152#, 16#a831c66d#, 16#b00327c8#, 16#bf597fc7#, 16#c6e00bf3#, 16#d5a79147#, 16#06ca6351#, 16#14292967#,
|
||||
16#27b70a85#, 16#2e1b2138#, 16#4d2c6dfc#, 16#53380d13#, 16#650a7354#, 16#766a0abb#, 16#81c2c92e#, 16#92722c85#,
|
||||
16#a2bfe8a1#, 16#a81a664b#, 16#c24b8b70#, 16#c76c51a3#, 16#d192e819#, 16#d6990624#, 16#f40e3585#, 16#106aa070#,
|
||||
16#19a4c116#, 16#1e376c08#, 16#2748774c#, 16#34b0bcb5#, 16#391c0cb3#, 16#4ed8aa4a#, 16#5b9cca4f#, 16#682e6ff3#,
|
||||
16#748f82ee#, 16#78a5636f#, 16#84c87814#, 16#8cc70208#, 16#90befffa#, 16#a4506ceb#, 16#bef9a3f7#, 16#c67178f2#
|
||||
);
|
||||
|
||||
function Ch(x, y, z : u32) return u32 is
|
||||
begin
|
||||
return (x and y) xor ((not x) and z);
|
||||
end Ch;
|
||||
|
||||
function Maj(x, y, z : u32) return u32 is
|
||||
begin
|
||||
return (x and y) xor (x and z) xor (y and z);
|
||||
end Maj;
|
||||
|
||||
function Sigma_A0(x : u32) return u32 is
|
||||
begin
|
||||
return Rotate_Right(x, 2) xor Rotate_Right(x, 13) xor Rotate_Right(x, 22);
|
||||
end Sigma_A0;
|
||||
|
||||
function Sigma_A1(x : u32) return u32 is
|
||||
begin
|
||||
return Rotate_Right(x, 6) xor Rotate_Right(x, 11) xor Rotate_Right(x, 25);
|
||||
end Sigma_A1;
|
||||
|
||||
function Sigma_B0(x : u32) return u32 is
|
||||
begin
|
||||
return Rotate_Right(x, 7) xor Rotate_Right(x, 18) xor Shift_Right(x, 3);
|
||||
end Sigma_B0;
|
||||
|
||||
function Sigma_B1(x : u32) return u32 is
|
||||
begin
|
||||
return Rotate_Right(x, 17) xor Rotate_Right(x, 19) xor Shift_Right(x, 10);
|
||||
end Sigma_B1;
|
||||
|
||||
procedure Next_Block(Context : in out Context_T; Block : in Block_512_Bit) is
|
||||
W : u32_Array(1 .. 16) := Load_BE(Block);
|
||||
T1, T2, Wx : u32;
|
||||
A : u32_Array(1 .. 8) := Context.H;
|
||||
begin
|
||||
for i in 1 .. 64 loop
|
||||
if i > 16 then
|
||||
Wx := Sigma_B1(W(15)) + W(10) + Sigma_B0(W(2)) + W(1);
|
||||
W(1 .. 15) := W(2 .. 16);
|
||||
W(16) := Wx;
|
||||
else
|
||||
Wx := W(i);
|
||||
end if;
|
||||
T1 := A(8) + Sigma_A1(A(5)) + Ch(A(5), A(6), A(7)) + K(i) + Wx;
|
||||
T2 := Sigma_A0(A(1)) + Maj(A(1), A(2), A(3));
|
||||
A(2 .. 8) := A(1 .. 7);
|
||||
A(5) := A(5) + T1;
|
||||
A(1) := T1 + T2;
|
||||
end loop;
|
||||
Context.H := Context.H + A;
|
||||
Context.Counter := Context.Counter + 1;
|
||||
end Next_Block;
|
||||
|
||||
procedure Last_Block(Context : in out Context_T; Block : in u8_Array; Bits : in Integer := -1) is
|
||||
c : u64 := u64(Context.Counter * 512);
|
||||
s : Integer := Bits;
|
||||
b : Block_512_Bit := (others => 0);
|
||||
i : Integer := Block'First;
|
||||
r : Natural;
|
||||
begin
|
||||
if s < 0 or else s > Block'Length * 8 then
|
||||
s := Block'Length * 8;
|
||||
end if;
|
||||
c := u64(Integer(c) + s);
|
||||
while s >= 512 loop
|
||||
Next_Block(Context, Block(i .. i + 63));
|
||||
i := i + 64;
|
||||
s := s - 512;
|
||||
end loop;
|
||||
r := (s + 7) / 8;
|
||||
b(1 .. r) := Block(i .. i + r - 1);
|
||||
b(1 + s / 8) := b(1 + s / 8) or Shift_Right(u8(16#80#), s mod 8);
|
||||
r := r + 1;
|
||||
if r > 64 - 8 then
|
||||
Next_Block(Context, b);
|
||||
b := (others => 0);
|
||||
end if;
|
||||
Store_BE(b(57 .. 64), c);
|
||||
Next_Block(Context, b);
|
||||
end Last_Block;
|
||||
|
||||
|
||||
end SHA2_Small;
|
||||
|
|
@ -0,0 +1,36 @@
|
|||
-- Copyright (C) 2015 Daniel Otte <bg@nerilex.org>
|
||||
--
|
||||
-- This program is free software: you can redistribute it and/or modify
|
||||
-- it under the terms of the GNU General Public License as published by
|
||||
-- the Free Software Foundation, either version 3 of the License, or
|
||||
-- (at your option) any later version.
|
||||
--
|
||||
-- This program is distributed in the hope that it will be useful,
|
||||
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-- GNU General Public License for more details.
|
||||
--
|
||||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
with Crypto_Core_Types; use Crypto_Core_Types;
|
||||
with Crypto_Types; use Crypto_Types;
|
||||
|
||||
use Crypto_Types.Crypto_Types_u8;
|
||||
use Crypto_Types.Crypto_Types_u32;
|
||||
use Crypto_Types.Crypto_Types_u64;
|
||||
|
||||
package SHA2_Small is
|
||||
|
||||
type Context_T is record
|
||||
H: u32_Array(1 .. 8);
|
||||
counter: Natural;
|
||||
end record;
|
||||
|
||||
procedure Next_Block(Context : in out Context_T; Block : in Block_512_Bit);
|
||||
procedure Last_Block(Context : in out Context_T; Block : in u8_Array; Bits : in Integer := -1);
|
||||
|
||||
private
|
||||
|
||||
|
||||
end SHA2_Small;
|
|
@ -15,7 +15,7 @@
|
|||
|
||||
package body Spritz is
|
||||
|
||||
procedure InitializeContext (ctx : out Context) is
|
||||
procedure Initialize (ctx : out Context) is
|
||||
begin
|
||||
ctx.i := 0;
|
||||
ctx.j := 0;
|
||||
|
@ -26,7 +26,7 @@ package body Spritz is
|
|||
for i in ctx.S'Range loop
|
||||
ctx.S(i) := u8(i);
|
||||
end loop;
|
||||
end;
|
||||
end Initialize;
|
||||
|
||||
procedure Output (ctx : in out Context; z : out u8) is
|
||||
begin
|
||||
|
@ -53,7 +53,7 @@ package body Spritz is
|
|||
|
||||
procedure Whip (ctx : in out Context) is
|
||||
begin
|
||||
for i in 0 .. (2 * N - 1) loop
|
||||
for i in 1 .. 2 * N loop
|
||||
Update(ctx);
|
||||
end loop;
|
||||
ctx.w := ctx.w + 2;
|
||||
|
@ -124,4 +124,17 @@ package body Spritz is
|
|||
end loop;
|
||||
end Absorb;
|
||||
|
||||
procedure Absorb (ctx : in out Context; x : in Natural) is
|
||||
buf : u8_Array (1 .. Integer'Size / 8);
|
||||
c : Integer := 1 + Integer'Size / 8;
|
||||
t : Natural := x;
|
||||
begin
|
||||
while t > 0 loop
|
||||
c := c - 1;
|
||||
buf(c) := u8(t rem 256);
|
||||
t := t / 256;
|
||||
end loop;
|
||||
Absorb(ctx, buf(c .. buf'Last));
|
||||
end Absorb;
|
||||
|
||||
end Spritz;
|
|
@ -20,19 +20,21 @@ use Crypto_Types.Crypto_Types_u8;
|
|||
|
||||
package Spritz is
|
||||
|
||||
N : constant Integer:= 256;
|
||||
|
||||
type Context is private;
|
||||
|
||||
procedure InitializeContext (ctx : out Context);
|
||||
procedure Initialize (ctx : out Context);
|
||||
procedure AbsorbStop (ctx : in out Context);
|
||||
procedure Absorb (ctx : in out Context; x : in u8);
|
||||
procedure Absorb (ctx : in out Context; x : in u8_Array);
|
||||
procedure Absorb (ctx : in out Context; x : in String);
|
||||
procedure Absorb (ctx : in out Context; x : in Natural);
|
||||
procedure Drip (ctx : in out Context; z : out u8);
|
||||
procedure Squeeze (ctx : in out Context; P : out u8_Array);
|
||||
|
||||
private
|
||||
|
||||
N : constant Integer:= 256;
|
||||
|
||||
type S_Array is Array (u8 range <>) of u8;
|
||||
|
|
@ -0,0 +1,121 @@
|
|||
-- Copyright (C) 2015 Daniel Otte <bg@nerilex.org>
|
||||
--
|
||||
-- This program is free software: you can redistribute it and/or modify
|
||||
-- it under the terms of the GNU General Public License as published by
|
||||
-- the Free Software Foundation, either version 3 of the License, or
|
||||
-- (at your option) any later version.
|
||||
--
|
||||
-- This program is distributed in the hope that it will be useful,
|
||||
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-- GNU General Public License for more details.
|
||||
--
|
||||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
package body Spritz_AEAD is
|
||||
|
||||
procedure Initialize (ctx : out Context; key : in u8_Array) is
|
||||
begin
|
||||
Spritz.Initialize(ctx.ctx);
|
||||
Spritz.Absorb(ctx.ctx, key);
|
||||
Spritz.AbsorbStop(ctx.ctx);
|
||||
ctx.state := pre_nonce;
|
||||
end Initialize;
|
||||
|
||||
procedure Initialize (ctx : out Context; key : in String) is
|
||||
begin
|
||||
Spritz.Initialize(ctx.ctx);
|
||||
Spritz.Absorb(ctx.ctx, key);
|
||||
Spritz.AbsorbStop(ctx.ctx);
|
||||
ctx.state := pre_nonce;
|
||||
end Initialize;
|
||||
|
||||
procedure Set_Nonce (ctx : in out Context; nonce : in u8_Array) is
|
||||
begin
|
||||
if ctx.state /= pre_nonce then
|
||||
raise Wrong_Opertaion_Order;
|
||||
end if;
|
||||
Spritz.Absorb(ctx.ctx, nonce);
|
||||
Spritz.AbsorbStop(ctx.ctx);
|
||||
ctx.state := pre_header;
|
||||
end Set_Nonce;
|
||||
|
||||
procedure Set_Nonce (ctx : in out Context; nonce : in String) is
|
||||
begin
|
||||
if ctx.state /= pre_nonce then
|
||||
raise Wrong_Opertaion_Order;
|
||||
end if;
|
||||
Spritz.Absorb(ctx.ctx, nonce);
|
||||
Spritz.AbsorbStop(ctx.ctx);
|
||||
ctx.state := pre_header;
|
||||
end Set_Nonce;
|
||||
|
||||
procedure Add_Header (ctx : in out Context; header : in u8_Array) is
|
||||
begin
|
||||
if ctx.state /= pre_header then
|
||||
raise Wrong_Opertaion_Order;
|
||||
end if;
|
||||
Spritz.Absorb(ctx.ctx, header);
|
||||
end Add_Header;
|
||||
|
||||
procedure Encrypt_Data (ctx : in out Context; data : in out u8_Array) is
|
||||
c : Integer := data'First;
|
||||
begin
|
||||
if ctx.state /= pre_header then
|
||||
Spritz.AbsorbStop(ctx.ctx);
|
||||
ctx.state := pre_data;
|
||||
end if;
|
||||
if ctx.state /= pre_data then
|
||||
raise Wrong_Opertaion_Order;
|
||||
end if;
|
||||
while c <= data'Last loop
|
||||
if ctx.offset = 0 then
|
||||
Spritz.Squeeze(ctx.ctx, ctx.buffer);
|
||||
end if;
|
||||
data(c) := data(c) + ctx.buffer(ctx.offset);
|
||||
ctx.buffer(ctx.offset) := data(c);
|
||||
c := c + 1;
|
||||
ctx.offset := (ctx.offset + 1) mod (Spritz.N / 4);
|
||||
if ctx.offset = 0 then
|
||||
Spritz.Absorb(ctx.ctx, ctx.buffer);
|
||||
end if;
|
||||
end loop;
|
||||
end Encrypt_Data;
|
||||
|
||||
procedure Extract_Tag (ctx : in out Context; tag : out u8_Array) is
|
||||
begin
|
||||
if ctx.state /= pre_data then
|
||||
raise Wrong_Opertaion_Order;
|
||||
end if;
|
||||
Spritz.AbsorbStop(ctx.ctx);
|
||||
Spritz.Absorb(ctx.ctx, Natural(tag'Length));
|
||||
Spritz.Squeeze(ctx.ctx, tag);
|
||||
ctx.state := post_tag;
|
||||
end;
|
||||
|
||||
procedure Decrypt_Data (ctx : in out Context; data : in out u8_Array) is
|
||||
c : Integer := data'First;
|
||||
begin
|
||||
if ctx.state /= pre_header then
|
||||
Spritz.AbsorbStop(ctx.ctx);
|
||||
ctx.state := pre_data;
|
||||
end if;
|
||||
if ctx.state /= pre_data then
|
||||
raise Wrong_Opertaion_Order;
|
||||
end if;
|
||||
while c <= data'Last loop
|
||||
if ctx.offset = 0 then
|
||||
Spritz.Squeeze(ctx.ctx, ctx.buffer);
|
||||
end if;
|
||||
data(c) := data(c) - ctx.buffer(ctx.offset);
|
||||
ctx.buffer(ctx.offset) := data(c);
|
||||
c := c + 1;
|
||||
ctx.offset := (ctx.offset + 1) mod (Spritz.N / 4);
|
||||
if ctx.offset = 0 then
|
||||
Spritz.Absorb(ctx.ctx, ctx.buffer);
|
||||
end if;
|
||||
end loop;
|
||||
end Decrypt_Data;
|
||||
|
||||
end Spritz_AEAD;
|
|
@ -0,0 +1,45 @@
|
|||
-- Copyright (C) 2015 Daniel Otte <bg@nerilex.org>
|
||||
--
|
||||
-- This program is free software: you can redistribute it and/or modify
|
||||
-- it under the terms of the GNU General Public License as published by
|
||||
-- the Free Software Foundation, either version 3 of the License, or
|
||||
-- (at your option) any later version.
|
||||
--
|
||||
-- This program is distributed in the hope that it will be useful,
|
||||
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-- GNU General Public License for more details.
|
||||
--
|
||||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
with Crypto_Core_Types; use Crypto_Core_Types;
|
||||
with Crypto_Types; use Crypto_Types;
|
||||
with Spritz;
|
||||
|
||||
use Crypto_Types.Crypto_Types_u8;
|
||||
|
||||
package Spritz_AEAD is
|
||||
|
||||
type Context is private;
|
||||
|
||||
procedure Initialize (ctx : out Context; key : in u8_Array);
|
||||
procedure Initialize (ctx : out Context; key : in String);
|
||||
procedure Set_Nonce (ctx : in out Context; nonce : in u8_Array);
|
||||
procedure Set_Nonce (ctx : in out Context; nonce : in String);
|
||||
procedure Add_Header (ctx : in out Context; header : in u8_Array);
|
||||
procedure Encrypt_Data (ctx : in out Context; data : in out u8_Array);
|
||||
procedure Extract_Tag (ctx : in out Context; tag : out u8_Array);
|
||||
procedure Decrypt_Data (ctx : in out Context; data : in out u8_Array);
|
||||
|
||||
private
|
||||
|
||||
type state_t is (pre_initialize, pre_nonce, pre_header, pre_data, post_tag);
|
||||
type Context is record
|
||||
state : state_t := pre_initialize;
|
||||
ctx : Spritz.Context;
|
||||
offset : Integer range 1 .. Spritz.N / 4;
|
||||
buffer : u8_Array(1 .. Spritz.N / 4);
|
||||
end record;
|
||||
|
||||
end Spritz_AEAD;
|
|
@ -0,0 +1,52 @@
|
|||
-- Copyright (C) 2015 Daniel Otte <bg@nerilex.org>
|
||||
--
|
||||
-- This program is free software: you can redistribute it and/or modify
|
||||
-- it under the terms of the GNU General Public License as published by
|
||||
-- the Free Software Foundation, either version 3 of the License, or
|
||||
-- (at your option) any later version.
|
||||
--
|
||||
-- This program is distributed in the hope that it will be useful,
|
||||
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-- GNU General Public License for more details.
|
||||
--
|
||||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
package body Spritz_Hash is
|
||||
|
||||
procedure Initialize (ctx : out Context) is
|
||||
begin
|
||||
Spritz.Initialize(Spritz.Context(ctx.ctx));
|
||||
end Initialize;
|
||||
|
||||
procedure Add_Domain (ctx : in out Context; Domain : in String) is
|
||||
begin
|
||||
Spritz.Absorb(Spritz.Context(ctx.ctx), Domain);
|
||||
Spritz.AbsorbStop(Spritz.Context(ctx.ctx));
|
||||
end Add_Domain;
|
||||
|
||||
procedure Add_Domain (ctx : in out Context; Domain : in u8_Array) is
|
||||
begin
|
||||
Spritz.Absorb(Spritz.Context(ctx.ctx), Domain);
|
||||
Spritz.AbsorbStop(Spritz.Context(ctx.ctx));
|
||||
end Add_Domain;
|
||||
|
||||
procedure Add_Data (ctx : in out Context; data : in u8_Array) is
|
||||
begin
|
||||
Spritz.Absorb(Spritz.Context(ctx.ctx), data);
|
||||
end Add_Data;
|
||||
|
||||
procedure Add_Data (ctx : in out Context; data : in String) is
|
||||
begin
|
||||
Spritz.Absorb(Spritz.Context(ctx.ctx), data);
|
||||
end Add_Data;
|
||||
|
||||
procedure Extract_Hash (ctx : in out Context; Hash : out u8_Array) is
|
||||
begin
|
||||
Spritz.AbsorbStop(Spritz.Context(ctx.ctx));
|
||||
Spritz.Absorb(Spritz.Context(ctx.ctx), Natural(Hash'Length));
|
||||
Spritz.Squeeze(Spritz.Context(ctx.ctx), Hash);
|
||||
end Extract_Hash;
|
||||
|
||||
end Spritz_Hash;
|
|
@ -0,0 +1,40 @@
|
|||
-- Copyright (C) 2015 Daniel Otte <bg@nerilex.org>
|
||||
--
|
||||
-- This program is free software: you can redistribute it and/or modify
|
||||
-- it under the terms of the GNU General Public License as published by
|
||||
-- the Free Software Foundation, either version 3 of the License, or
|
||||
-- (at your option) any later version.
|
||||
--
|
||||
-- This program is distributed in the hope that it will be useful,
|
||||
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-- GNU General Public License for more details.
|
||||
--
|
||||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
with Crypto_Core_Types; use Crypto_Core_Types;
|
||||
with Crypto_Types; use Crypto_Types;
|
||||
with Spritz;
|
||||
|
||||
use Crypto_Types.Crypto_Types_u8;
|
||||
|
||||
package Spritz_Hash is
|
||||
|
||||
type Context is private;
|
||||
|
||||
procedure Initialize (ctx : out Context);
|
||||
procedure Add_Domain (ctx : in out Context; Domain : in u8_Array);
|
||||
procedure Add_Domain (ctx : in out Context; Domain : in String);
|
||||
procedure Add_Data (ctx : in out Context; data : in u8_Array);
|
||||
procedure Add_Data (ctx : in out Context; data : in String);
|
||||
procedure Extract_Hash (ctx : in out Context; Hash : out u8_Array);
|
||||
|
||||
private
|
||||
|
||||
type Context is record
|
||||
ctx : Spritz.Context;
|
||||
end record;
|
||||
|
||||
|
||||
end Spritz_Hash;
|
|
@ -0,0 +1,54 @@
|
|||
-- Copyright (C) 2015 Daniel Otte <bg@nerilex.org>
|
||||
--
|
||||
-- This program is free software: you can redistribute it and/or modify
|
||||
-- it under the terms of the GNU General Public License as published by
|
||||
-- the Free Software Foundation, either version 3 of the License, or
|
||||
-- (at your option) any later version.
|
||||
--
|
||||
-- This program is distributed in the hope that it will be useful,
|
||||
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-- GNU General Public License for more details.
|
||||
--
|
||||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
package body Spritz_Stream is
|
||||
|
||||
procedure Initialize (ctx : out Context; key : in u8_Array) is
|
||||
begin
|
||||
Spritz.Initialize(Spritz.Context(ctx.ctx));
|
||||
Spritz.Absorb(Spritz.Context(ctx.ctx), key);
|
||||
end Initialize;
|
||||
|
||||
procedure Initialize (ctx : out Context; key : in String) is
|
||||
begin
|
||||
Spritz.Initialize(Spritz.Context(ctx.ctx));
|
||||
Spritz.Absorb(Spritz.Context(ctx.ctx), key);
|
||||
end Initialize;
|
||||
|
||||
procedure Set_Iv (ctx : in out Context; iv : in u8_Array) is
|
||||
begin
|
||||
Spritz.AbsorbStop(Spritz.Context(ctx.ctx));
|
||||
Spritz.Absorb(Spritz.Context(ctx.ctx), iv);
|
||||
end Set_IV;
|
||||
|
||||
procedure Encrypt (ctx : in out Context; data : in out u8_Array) is
|
||||
z : u8;
|
||||
begin
|
||||
for i in data'Range loop
|
||||
Spritz.Drip(Spritz.Context(ctx.ctx), z);
|
||||
data(i) := data(i) + z;
|
||||
end loop;
|
||||
end Encrypt;
|
||||
|
||||
procedure Decrypt (ctx : in out Context; data : in out u8_Array) is
|
||||
z : u8;
|
||||
begin
|
||||
for i in data'Range loop
|
||||
Spritz.Drip(Spritz.Context(ctx.ctx), z);
|
||||
data(i) := data(i) - z;
|
||||
end loop;
|
||||
end Decrypt;
|
||||
|
||||
end Spritz_Stream;
|
|
@ -0,0 +1,38 @@
|
|||
-- Copyright (C) 2015 Daniel Otte <bg@nerilex.org>
|
||||
--
|
||||
-- This program is free software: you can redistribute it and/or modify
|
||||
-- it under the terms of the GNU General Public License as published by
|
||||
-- the Free Software Foundation, either version 3 of the License, or
|
||||
-- (at your option) any later version.
|
||||
--
|
||||
-- This program is distributed in the hope that it will be useful,
|
||||
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-- GNU General Public License for more details.
|
||||
--
|
||||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
with Crypto_Core_Types; use Crypto_Core_Types;
|
||||
with Crypto_Types; use Crypto_Types;
|
||||
with Spritz;
|
||||
|
||||
use Crypto_Types.Crypto_Types_u8;
|
||||
|
||||
package Spritz_Stream is
|
||||
|
||||
type Context is private;
|
||||
|
||||
procedure Initialize (ctx : out Context; key : in u8_Array);
|
||||
procedure Initialize (ctx : out Context; key : in String);
|
||||
procedure Set_Iv (ctx : in out Context; iv : in u8_Array);
|
||||
procedure Encrypt (ctx : in out Context; data : in out u8_Array);
|
||||
procedure Decrypt (ctx : in out Context; data : in out u8_Array);
|
||||
|
||||
private
|
||||
|
||||
type Context is record
|
||||
ctx : Spritz.Context;
|
||||
end record;
|
||||
|
||||
end Spritz_Stream;
|
|
@ -1,225 +0,0 @@
|
|||
-- Copyright (C) 2015 Daniel Otte <bg@nerilex.org>
|
||||
--
|
||||
-- This program is free software: you can redistribute it and/or modify
|
||||
-- it under the terms of the GNU General Public License as published by
|
||||
-- the Free Software Foundation, either version 3 of the License, or
|
||||
-- (at your option) any later version.
|
||||
--
|
||||
-- This program is distributed in the hope that it will be useful,
|
||||
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-- GNU General Public License for more details.
|
||||
--
|
||||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
|
||||
with Ada.Text_IO; use Ada.Text_IO;
|
||||
-- with Ada.Integer_Text_IO; use Ada.Integer_Text_IO;
|
||||
|
||||
package body AES is
|
||||
|
||||
sbox : constant u8_Array(0 .. 255) := (
|
||||
16#63#, 16#7c#, 16#77#, 16#7b#, 16#f2#, 16#6b#, 16#6f#, 16#c5#, 16#30#, 16#01#, 16#67#, 16#2b#, 16#fe#, 16#d7#, 16#ab#, 16#76#,
|
||||
16#ca#, 16#82#, 16#c9#, 16#7d#, 16#fa#, 16#59#, 16#47#, 16#f0#, 16#ad#, 16#d4#, 16#a2#, 16#af#, 16#9c#, 16#a4#, 16#72#, 16#c0#,
|
||||
16#b7#, 16#fd#, 16#93#, 16#26#, 16#36#, 16#3f#, 16#f7#, 16#cc#, 16#34#, 16#a5#, 16#e5#, 16#f1#, 16#71#, 16#d8#, 16#31#, 16#15#,
|
||||
16#04#, 16#c7#, 16#23#, 16#c3#, 16#18#, 16#96#, 16#05#, 16#9a#, 16#07#, 16#12#, 16#80#, 16#e2#, 16#eb#, 16#27#, 16#b2#, 16#75#,
|
||||
16#09#, 16#83#, 16#2c#, 16#1a#, 16#1b#, 16#6e#, 16#5a#, 16#a0#, 16#52#, 16#3b#, 16#d6#, 16#b3#, 16#29#, 16#e3#, 16#2f#, 16#84#,
|
||||
16#53#, 16#d1#, 16#00#, 16#ed#, 16#20#, 16#fc#, 16#b1#, 16#5b#, 16#6a#, 16#cb#, 16#be#, 16#39#, 16#4a#, 16#4c#, 16#58#, 16#cf#,
|
||||
16#d0#, 16#ef#, 16#aa#, 16#fb#, 16#43#, 16#4d#, 16#33#, 16#85#, 16#45#, 16#f9#, 16#02#, 16#7f#, 16#50#, 16#3c#, 16#9f#, 16#a8#,
|
||||
16#51#, 16#a3#, 16#40#, 16#8f#, 16#92#, 16#9d#, 16#38#, 16#f5#, 16#bc#, 16#b6#, 16#da#, 16#21#, 16#10#, 16#ff#, 16#f3#, 16#d2#,
|
||||
16#cd#, 16#0c#, 16#13#, 16#ec#, 16#5f#, 16#97#, 16#44#, 16#17#, 16#c4#, 16#a7#, 16#7e#, 16#3d#, 16#64#, 16#5d#, 16#19#, 16#73#,
|
||||
16#60#, 16#81#, 16#4f#, 16#dc#, 16#22#, 16#2a#, 16#90#, 16#88#, 16#46#, 16#ee#, 16#b8#, 16#14#, 16#de#, 16#5e#, 16#0b#, 16#db#,
|
||||
16#e0#, 16#32#, 16#3a#, 16#0a#, 16#49#, 16#06#, 16#24#, 16#5c#, 16#c2#, 16#d3#, 16#ac#, 16#62#, 16#91#, 16#95#, 16#e4#, 16#79#,
|
||||
16#e7#, 16#c8#, 16#37#, 16#6d#, 16#8d#, 16#d5#, 16#4e#, 16#a9#, 16#6c#, 16#56#, 16#f4#, 16#ea#, 16#65#, 16#7a#, 16#ae#, 16#08#,
|
||||
16#ba#, 16#78#, 16#25#, 16#2e#, 16#1c#, 16#a6#, 16#b4#, 16#c6#, 16#e8#, 16#dd#, 16#74#, 16#1f#, 16#4b#, 16#bd#, 16#8b#, 16#8a#,
|
||||
16#70#, 16#3e#, 16#b5#, 16#66#, 16#48#, 16#03#, 16#f6#, 16#0e#, 16#61#, 16#35#, 16#57#, 16#b9#, 16#86#, 16#c1#, 16#1d#, 16#9e#,
|
||||
16#e1#, 16#f8#, 16#98#, 16#11#, 16#69#, 16#d9#, 16#8e#, 16#94#, 16#9b#, 16#1e#, 16#87#, 16#e9#, 16#ce#, 16#55#, 16#28#, 16#df#,
|
||||
16#8c#, 16#a1#, 16#89#, 16#0d#, 16#bf#, 16#e6#, 16#42#, 16#68#, 16#41#, 16#99#, 16#2d#, 16#0f#, 16#b0#, 16#54#, 16#bb#, 16#16#
|
||||
);
|
||||
|
||||
|
||||
rcon : constant u8_Array(1 .. 10) := (
|
||||
16#01#, 16#02#, 16#04#, 16#08#, 16#10#, 16#20#, 16#40#, 16#80#, 16#1b#, 16#36#
|
||||
);
|
||||
|
||||
procedure print_hex(value : in u8) is
|
||||
hex_table : constant array (0 .. 15) of Character :=
|
||||
( '0', '1', '2', '3',
|
||||
'4', '5', '6', '7',
|
||||
'8', '9', 'a', 'b',
|
||||
'c', 'd', 'e', 'f');
|
||||
begin
|
||||
Put(hex_table(Integer(Shift_Right(value, 4))));
|
||||
Put(hex_table(Integer(value and 16#F#)));
|
||||
end;
|
||||
|
||||
procedure print_hex(value : in u8_Array) is
|
||||
begin
|
||||
for i in value'Range loop
|
||||
print_hex(value(i));
|
||||
Put(" ");
|
||||
end loop;
|
||||
end;
|
||||
|
||||
function gf256mul(a, b : u8) return u8 is
|
||||
r : u8 := 0;
|
||||
t1 : u8 := a;
|
||||
t2 : u8 := b;
|
||||
begin
|
||||
for i in 1 .. 8 loop
|
||||
if (t1 and 1) = 1 then
|
||||
r := r xor t2;
|
||||
end if;
|
||||
t1 := Shift_Right(t1, 1);
|
||||
if (t2 and 16#80#) = 16#80# then
|
||||
t2 := t2 xor polynom;
|
||||
end if;
|
||||
t2 := Shift_Left(t2, 1);
|
||||
end loop;
|
||||
return r;
|
||||
end gf256mul;
|
||||
|
||||
function RotWord(A : u8_Array) return u8_Array is
|
||||
begin
|
||||
return Rotate_be(A, 8);
|
||||
end;
|
||||
|
||||
function SubArray(A : u8_Array) return u8_Array is
|
||||
r : u8_Array(A'Range);
|
||||
begin
|
||||
for i in A'Range loop
|
||||
r(i) := sbox(Natural(A(i)));
|
||||
end loop;
|
||||
return r;
|
||||
end;
|
||||
|
||||
function Initialize(Key : Key_128) return Context_128 is
|
||||
Ret : Context_128;
|
||||
w : u8_Array(1 .. Ret.Roundkeys'Length * RoundKey_T'Length);
|
||||
temp : u8_Array(1 .. 4);
|
||||
Nk : Constant := Key'Length / 4;
|
||||
k : Integer range rcon'First .. rcon'Last + 1 := 1;
|
||||
j : Integer range w'First .. w'Last + 1 := 1;
|
||||
begin
|
||||
New_Line;
|
||||
Put("== Debug ==");
|
||||
New_Line;
|
||||
|
||||
w(1 .. Key'Length) := u8_Array(Key);
|
||||
for i in 1 + Key'Length / 4 .. Ret.RoundKeys'Length * RoundKey_T'Length / 4 loop
|
||||
temp := w((i - 1) * 4 - 3 .. (i - 1) * 4);
|
||||
print_hex(temp);
|
||||
if (i - 1) mod Nk = 0 then
|
||||
temp := SubArray(RotWord(temp));
|
||||
Put(" - ");
|
||||
print_hex(temp);
|
||||
temp(1) := temp(1) xor rcon(k);
|
||||
k := k + 1;
|
||||
Put(" - ");
|
||||
print_hex(temp);
|
||||
end if;
|
||||
temp := temp xor w((i - Nk) * 4 - 3 .. (i - Nk) * 4);
|
||||
Put(" - ");
|
||||
print_hex(temp);
|
||||
w(i * 4 - 3 .. i * 4) := temp;
|
||||
New_Line;
|
||||
end loop;
|
||||
for i in Ret.RoundKeys'Range loop
|
||||
Ret.RoundKeys(i) := RoundKey_T(w(j .. j + RoundKey_T'Length - 1));
|
||||
j := j + RoundKey_T'Length;
|
||||
end loop;
|
||||
return Ret;
|
||||
end Initialize;
|
||||
|
||||
function Initialize(Key : Key_192) return Context_192 is
|
||||
Ret : Context_192;
|
||||
w : u8_Array(1 .. Ret.Roundkeys'Length * RoundKey_T'Length);
|
||||
temp : u8_Array(1 .. 4);
|
||||
Nk : Constant := Key'Length / 4;
|
||||
k : Integer range rcon'First .. rcon'Last + 1 := 1;
|
||||
j : Integer range w'First .. w'Last + 1 := 1;
|
||||
begin
|
||||
New_Line;
|
||||
Put("== Debug ==");
|
||||
New_Line;
|
||||
|
||||
w(1 .. Key'Length) := u8_Array(Key);
|
||||
for i in 1 + Key'Length / 4 .. Ret.RoundKeys'Length * RoundKey_T'Length / 4 loop
|
||||
temp := w((i - 1) * 4 - 3 .. (i - 1) * 4);
|
||||
print_hex(temp);
|
||||
if (i - 1) mod Nk = 0 then
|
||||
temp := SubArray(RotWord(temp));
|
||||
Put(" - ");
|
||||
print_hex(temp);
|
||||
temp(1) := temp(1) xor rcon(k);
|
||||
k := k + 1;
|
||||
Put(" - ");
|
||||
print_hex(temp);
|
||||
end if;
|
||||
temp := temp xor w((i - Nk) * 4 - 3 .. (i - Nk) * 4);
|
||||
Put(" - ");
|
||||
print_hex(temp);
|
||||
w(i * 4 - 3 .. i * 4) := temp;
|
||||
New_Line;
|
||||
end loop;
|
||||
for i in Ret.RoundKeys'Range loop
|
||||
Ret.RoundKeys(i) := RoundKey_T(w(j .. j + RoundKey_T'Length - 1));
|
||||
j := j + RoundKey_T'Length;
|
||||
end loop;
|
||||
return Ret;
|
||||
end Initialize;
|
||||
|
||||
function Initialize(Key : Key_256) return Context_256 is
|
||||
Ret : Context_256;
|
||||
w : u8_Array(1 .. Ret.Roundkeys'Length * RoundKey_T'Length);
|
||||
temp : u8_Array(1 .. 4);
|
||||
Nk : Constant := Key'Length / 4;
|
||||
k : Integer range rcon'First .. rcon'Last + 1 := 1;
|
||||
j : Integer range w'First .. w'Last + 1 := 1;
|
||||
begin
|
||||
New_Line;
|
||||
Put("== Debug ==");
|
||||
New_Line;
|
||||
|
||||
w(1 .. Key'Length) := u8_Array(Key);
|
||||
for i in 1 + Key'Length / 4 .. Ret.RoundKeys'Length * RoundKey_T'Length / 4 loop
|
||||
temp := w((i - 1) * 4 - 3 .. (i - 1) * 4);
|
||||
print_hex(temp);
|
||||
if (i - 1) mod Nk = 0 then
|
||||
temp := SubArray(RotWord(temp));
|
||||
Put(" - ");
|
||||
print_hex(temp);
|
||||
temp(1) := temp(1) xor rcon(k);
|
||||
k := k + 1;
|
||||
Put(" - ");
|
||||
print_hex(temp);
|
||||
else if Nk > 6 and then (i - 1) mod Nk = 4 then
|
||||
temp := SubArray(temp);
|
||||
end if;
|
||||
end if;
|
||||
temp := temp xor w((i - Nk) * 4 - 3 .. (i - Nk) * 4);
|
||||
Put(" - ");
|
||||
print_hex(temp);
|
||||
w(i * 4 - 3 .. i * 4) := temp;
|
||||
New_Line;
|
||||
end loop;
|
||||
for i in Ret.RoundKeys'Range loop
|
||||
Ret.RoundKeys(i) := RoundKey_T(w(j .. j + RoundKey_T'Length - 1));
|
||||
j := j + RoundKey_T'Length;
|
||||
end loop;
|
||||
return Ret;
|
||||
end Initialize;
|
||||
|
||||
-- function Encrypt(Ctx : Context_128; Source : Plaintext) return Ciphertext;
|
||||
-- function Decrypt(Ctx : Context_128; Source : Ciphertext) return Plaintext;
|
||||
--
|
||||
-- function Initialize(Key : Key_192) return Context_192;
|
||||
-- function Encrypt(Ctx : Context_192; Source : Plaintext) return Ciphertext;
|
||||
-- function Decrypt(Ctx : Context_192; Source : Ciphertext) return Plaintext;
|
||||
--
|
||||
-- function Initialize(Key : Key_256) return Context_256;
|
||||
-- function Encrypt(Ctx : Context_256; Source : Plaintext) return Ciphertext;
|
||||
-- function Decrypt(Ctx : Context_256; Source : Ciphertext) return Plaintext;
|
||||
|
||||
end AES;
|
|
@ -52,6 +52,16 @@ package body Crypto_Generic_Types is
|
|||
return r;
|
||||
end "xor";
|
||||
|
||||
-- procedure eor (Left : in out T_Array; Right : in T_Array) is
|
||||
-- begin
|
||||
-- if Left'Length /= Right'Length then
|
||||
-- raise Constraint_Error;
|
||||
-- end if;
|
||||
-- for i in Left'Range loop
|
||||
-- Left(i) := Left(i) xor Right(i);
|
||||
-- end loop;
|
||||
-- end eor;
|
||||
|
||||
-- xor the left element with each element on the right
|
||||
function "xor"(Left : T; Right : T_Array ) return T is
|
||||
r : T := Left;
|
||||
|
@ -477,27 +487,47 @@ package body Crypto_Generic_Types is
|
|||
end Shift_each;
|
||||
|
||||
-- load a value which is stored big-endian in byte Array
|
||||
function Load_be(A : u8_Array) return T is
|
||||
function Load_BE(A : u8_Array) return T is
|
||||
r : T := 0;
|
||||
begin
|
||||
for i in 0 .. (T'Size / 8 - 1) loop
|
||||
r := Shift_left(r, 8) or T(A(A'First + i));
|
||||
end loop;
|
||||
return r;
|
||||
end Load_be;
|
||||
end Load_BE;
|
||||
|
||||
-- XXX load a value which is stored big-endian in byte Array
|
||||
function Load_BE(A : u8_Array) return T_Array is
|
||||
r : T_Array(1 .. (A'Length * 8 + T'Size - 1) / T'Size);
|
||||
begin
|
||||
for i in r'Range loop
|
||||
r(i) := Load_BE(A(((i - 1) * Bytes + A'First) .. ((i - 1) * Bytes + Bytes + A'First - 1))) ;
|
||||
end loop;
|
||||
return r;
|
||||
end Load_BE;
|
||||
|
||||
-- load a value which is stored little-endian in byte Array
|
||||
function Load_le (A : u8_Array) return T is
|
||||
function Load_LE (A : u8_Array) return T is
|
||||
r : T := 0;
|
||||
begin
|
||||
for i in reverse 0 .. (T'Size / 8 - 1) loop
|
||||
r := Shift_left(r, 8) or T(A(A'First + i));
|
||||
end loop;
|
||||
return r;
|
||||
end Load_le;
|
||||
end Load_LE;
|
||||
|
||||
-- XXX load a value which is stored big-endian in byte Array
|
||||
function Load_LE(A : u8_Array) return T_Array is
|
||||
r : T_Array(1 .. (A'Length * 8 + T'Size - 1) / T'Size);
|
||||
begin
|
||||
for i in r'Range loop
|
||||
r(i) := Load_LE(A(((i - 1) * Bytes + A'First) .. ((i - 1) * Bytes + Bytes + A'First - 1))) ;
|
||||
end loop;
|
||||
return r;
|
||||
end Load_LE;
|
||||
|
||||
-- store a value in big-endian format in a byte Array
|
||||
procedure Store_be(A : out u8_Array; value : in T) is
|
||||
procedure Store_BE(A : out u8_Array; value : in T) is
|
||||
x : T := value;
|
||||
b : u8;
|
||||
begin
|
||||
|
@ -506,10 +536,18 @@ package body Crypto_Generic_Types is
|
|||
A(A'FIrst + i) := b;
|
||||
x := Shift_Right(x, 8);
|
||||
end loop;
|
||||
end Store_be;
|
||||
end Store_BE;
|
||||
|
||||
-- XXX store a value in big-endian format in a byte Array
|
||||
procedure Store_BE(A : out u8_Array; value : in T_Array) is
|
||||
begin
|
||||
for i in value'Range loop
|
||||
Store_BE(A(((i - value'First) * Bytes + A'First) .. ((i - value'First) * Bytes + A'First) + Bytes - 1), value(i));
|
||||
end loop;
|
||||
end Store_BE;
|
||||
|
||||
-- store a value in little-endian format in a byte Array
|
||||
procedure Store_le(A : out u8_Array; value : in T) is
|
||||
procedure Store_LE(A : out u8_Array; value : in T) is
|
||||
x : T := value;
|
||||
b : u8;
|
||||
begin
|
||||
|
@ -518,7 +556,15 @@ package body Crypto_Generic_Types is
|
|||
A(A'FIrst + i) := b;
|
||||
x := Shift_Right(x, 8);
|
||||
end loop;
|
||||
end Store_le;
|
||||
end Store_LE;
|
||||
|
||||
-- XXX store a value in big-endian format in a byte Array
|
||||
procedure Store_LE(A : out u8_Array; value : in T_Array) is
|
||||
begin
|
||||
for i in value'Range loop
|
||||
Store_LE(A(((i - value'First) * Bytes + A'First) .. ((i - value'First) * Bytes + A'First) + Bytes - 1), value(i));
|
||||
end loop;
|
||||
end Store_LE;
|
||||
|
||||
-- swap two elements
|
||||
procedure Swap(A, B : in out T) is
|
||||
|
|
|
@ -47,6 +47,7 @@ generic
|
|||
-- --------------------------
|
||||
package Crypto_Generic_Types is
|
||||
|
||||
Bytes : constant Positive := T'Size / 8;
|
||||
-- compare two array with timing independent of content
|
||||
-- function "="(Left, Right : T_Array ) return Boolean;
|
||||
-- xor each element on the left with the corresponding element on the right
|
||||
|
@ -93,12 +94,20 @@ package Crypto_Generic_Types is
|
|||
function Shift_each(A : T_Array; Amount : Integer) return T_Array;
|
||||
-- load a value which is stored big-endian in byte Array
|
||||
function Load_be (A : u8_Array) return T;
|
||||
-- XXX store a value in big-endian format in a byte Array
|
||||
function Load_be (A : u8_Array) return T_Array;
|
||||
-- load a value which is stored little-endian in byte Array
|
||||
function Load_le(A : u8_Array) return T;
|
||||
-- XXX load a value which is stored little-endian in byte Array
|
||||
function Load_le(A : u8_Array) return T_Array;
|
||||
-- store a value in big-endian format in a byte Array
|
||||
procedure Store_be(A : out u8_Array; value : in T);
|
||||
-- store a value in little-endian format in a byte Array
|
||||
procedure Store_le(A : out u8_Array; value : in T);
|
||||
-- store a value in big-endian format in a byte Array
|
||||
procedure Store_be(A : out u8_Array; value : in T_Array);
|
||||
-- store a value in little-endian format in a byte Array
|
||||
procedure Store_le(A : out u8_Array; value : in T_Array);
|
||||
-- swap two elements
|
||||
procedure Swap(A, B : in out T);
|
||||
|
||||
|
|
175
src/main.adb
175
src/main.adb
|
@ -14,7 +14,7 @@
|
|||
-- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
with Ada.Text_IO; use Ada.Text_IO;
|
||||
with Ada.Integer_Text_IO; use Ada.Integer_Text_IO;
|
||||
-- with Ada.Integer_Text_IO; use Ada.Integer_Text_IO;
|
||||
with Crypto_Core_Types; use Crypto_Core_Types;
|
||||
with Crypto_Types; use Crypto_Types;
|
||||
|
||||
|
@ -23,12 +23,16 @@ with Spritz_Hash;
|
|||
|
||||
with AES;
|
||||
|
||||
with ARIA;
|
||||
|
||||
with SHA2_256;
|
||||
|
||||
use Crypto_Types.Crypto_Types_u8;
|
||||
|
||||
procedure main is
|
||||
-- package u8_IO is new Crypto_Types.u8_Sequential_IO;
|
||||
|
||||
procedure print_hex(value : in u8) is
|
||||
procedure Print_Hex(value : in u8) is
|
||||
hex_table : constant array (0 .. 15) of Character :=
|
||||
( '0', '1', '2', '3',
|
||||
'4', '5', '6', '7',
|
||||
|
@ -39,7 +43,7 @@ procedure main is
|
|||
Put(hex_table(Integer(value and 16#F#)));
|
||||
end;
|
||||
|
||||
procedure print_hex(value : in u8_Array) is
|
||||
procedure Print_Hex(value : in u8_Array) is
|
||||
begin
|
||||
for i in value'Range loop
|
||||
print_hex(value(i));
|
||||
|
@ -78,47 +82,115 @@ procedure main is
|
|||
New_Line;
|
||||
end test_spritz_hash;
|
||||
|
||||
procedure test_aes_schedule(key : u8_Array) is
|
||||
Ctx : AES.Context_128;
|
||||
procedure test_aes is
|
||||
key : AES.Key_256;
|
||||
block : Block_128_bit;
|
||||
ctx128 : AES.Context_128;
|
||||
ctx192 : AES.Context_192;
|
||||
ctx256 : AES.Context_256;
|
||||
begin
|
||||
Ctx := AES.Initialize(AES.Key_128(key));
|
||||
for i in Ctx.RoundKeys'Range loop
|
||||
Put("RoundKey ");
|
||||
Put(i);
|
||||
Put(": ");
|
||||
print_hex(u8_Array(Ctx.RoundKeys(i)));
|
||||
New_Line;
|
||||
for i in key'Range loop
|
||||
key(i) := u8(i - 1);
|
||||
end loop;
|
||||
New_Line;
|
||||
end test_aes_schedule;
|
||||
block(block'First) := 0;
|
||||
for i in block'First + 1 .. block'Last loop
|
||||
block(i) := u8(block(i - 1) + 16#11#);
|
||||
end loop;
|
||||
AES.Initialize(AES.Key_128(key(1 .. 16)), ctx128);
|
||||
AES.Encrypt(ctx128, block);
|
||||
print_hex(block); New_Line;
|
||||
AES.Decrypt(ctx128, block);
|
||||
print_hex(block); New_Line;
|
||||
|
||||
procedure test_aes_schedule192(key : u8_Array) is
|
||||
Ctx : AES.Context_192;
|
||||
begin
|
||||
Ctx := AES.Initialize(AES.Key_192(key));
|
||||
for i in Ctx.RoundKeys'Range loop
|
||||
Put("RoundKey ");
|
||||
Put(i);
|
||||
Put(": ");
|
||||
print_hex(u8_Array(Ctx.RoundKeys(i)));
|
||||
New_Line;
|
||||
end loop;
|
||||
New_Line;
|
||||
end test_aes_schedule192;
|
||||
AES.Initialize(AES.Key_192(key(1 .. 24)), ctx192);
|
||||
AES.Encrypt(ctx192, block);
|
||||
print_hex(block); New_Line;
|
||||
AES.Decrypt(ctx192, block);
|
||||
print_hex(block); New_Line;
|
||||
|
||||
procedure test_aes_schedule256(key : u8_Array) is
|
||||
Ctx : AES.Context_256;
|
||||
AES.Initialize(key, ctx256);
|
||||
AES.Encrypt(ctx256, block);
|
||||
print_hex(block); New_Line;
|
||||
AES.Decrypt(ctx256, block);
|
||||
print_hex(block); New_Line;
|
||||
end test_aes;
|
||||
|
||||
--
|
||||
-- procedure test_aes_128b is
|
||||
-- key : constant AES.Key_128 := (
|
||||
-- 16#2b#, 16#7e#, 16#15#, 16#16#,
|
||||
-- 16#28#, 16#ae#, 16#d2#, 16#a6#,
|
||||
-- 16#ab#, 16#f7#, 16#15#, 16#88#,
|
||||
-- 16#09#, 16#cf#, 16#4f#, 16#3c# );
|
||||
-- block : Block_128_bit := (
|
||||
-- 16#32#, 16#43#, 16#f6#, 16#a8#,
|
||||
-- 16#88#, 16#5a#, 16#30#, 16#8d#,
|
||||
-- 16#31#, 16#31#, 16#98#, 16#a2#,
|
||||
-- 16#e0#, 16#37#, 16#07#, 16#34# );
|
||||
-- ctx : AES.Context_128;
|
||||
-- begin
|
||||
-- AES.Initialize(key, ctx);
|
||||
-- AES.Encrypt(ctx, block);
|
||||
-- print_hex(block);
|
||||
-- end test_aes_128b;
|
||||
|
||||
procedure test_aria is
|
||||
Context : Aria.Context_T;
|
||||
key : Aria.Key_256;
|
||||
Block : Block_128_Bit := (others => 0);
|
||||
begin
|
||||
Ctx := AES.Initialize(AES.Key_256(key));
|
||||
for i in Ctx.RoundKeys'Range loop
|
||||
Put("RoundKey ");
|
||||
Put(i);
|
||||
Put(": ");
|
||||
print_hex(u8_Array(Ctx.RoundKeys(i)));
|
||||
New_Line;
|
||||
for i in Key'Range loop
|
||||
Key(i) := u8(i - 1);
|
||||
end loop;
|
||||
|
||||
for i in 2 .. Block'Last loop
|
||||
Block(i) := Block(i - 1) + 16#11#;
|
||||
end loop;
|
||||
Aria.Initialize(Key => ARIA.Key_128(key(1 .. 16)), Context => Context);
|
||||
Put("Plaintext: "); print_hex(Block); New_Line;
|
||||
Aria.Encrypt(Block => Block, Context => Context);
|
||||
Put("Ciphertext: "); print_hex(Block); New_Line;
|
||||
Aria.Decrypt(Block => Block, Context => Context);
|
||||
Put("Plaintext: "); print_hex(Block); New_Line;
|
||||
New_Line;
|
||||
end test_aes_schedule256;
|
||||
|
||||
Block(1) := 0;
|
||||
for i in 2 .. Block'Last loop
|
||||
Block(i) := Block(i - 1) + 16#11#;
|
||||
end loop;
|
||||
Aria.Initialize(Key => ARIA.Key_192(key(1 .. 24)), Context => Context);
|
||||
Put("Plaintext: "); print_hex(Block); New_Line;
|
||||
Aria.Encrypt(Block => Block, Context => Context);
|
||||
Put("Ciphertext: "); print_hex(Block); New_Line;
|
||||
Aria.Decrypt(Block => Block, Context => Context);
|
||||
Put("Plaintext: "); print_hex(Block); New_Line;
|
||||
New_Line;
|
||||
|
||||
Block(1) := 0;
|
||||
for i in 2 .. Block'Last loop
|
||||
Block(i) := Block(i - 1) + 16#11#;
|
||||
end loop;
|
||||
Aria.Initialize(Key => key, Context => Context);
|
||||
Put("Plaintext: "); print_hex(Block); New_Line;
|
||||
Aria.Encrypt(Block => Block, Context => Context);
|
||||
Put("Ciphertext: "); print_hex(Block); New_Line;
|
||||
Aria.Decrypt(Block => Block, Context => Context);
|
||||
Put("Plaintext: "); print_hex(Block); New_Line;
|
||||
New_Line;
|
||||
end;
|
||||
|
||||
procedure test_sha256(Msg : String) is
|
||||
Data : u8_Array(1 .. Msg'Length);
|
||||
Digest : Block_256_Bit;
|
||||
begin
|
||||
Put("""" & Msg & """: ");
|
||||
for i in data'Range loop
|
||||
Data(i) := u8(Character'Pos(Msg(Msg'First + i - Data'First)));
|
||||
end loop;
|
||||
Sha2_256.Hash(Data, Digest);
|
||||
Print_Hex(Digest);
|
||||
New_Line;
|
||||
end test_sha256;
|
||||
|
||||
|
||||
-- Random_File : File_Type;
|
||||
|
@ -133,28 +205,13 @@ begin
|
|||
test_spritz_hash("arcfour");
|
||||
New_Line;
|
||||
|
||||
test_aes_schedule(u8_Array'(
|
||||
16#2b#, 16#7e#, 16#15#, 16#16#,
|
||||
16#28#, 16#ae#, 16#d2#, 16#a6#,
|
||||
16#ab#, 16#f7#, 16#15#, 16#88#,
|
||||
16#09#, 16#cf#, 16#4f#, 16#3c# ));
|
||||
test_aes;
|
||||
New_Line;
|
||||
|
||||
test_aes_schedule192(u8_Array'(
|
||||
16#8e#, 16#73#, 16#b0#, 16#f7#,
|
||||
16#da#, 16#0e#, 16#64#, 16#52#,
|
||||
16#c8#, 16#10#, 16#f3#, 16#2b#,
|
||||
16#80#, 16#90#, 16#79#, 16#e5#,
|
||||
16#62#, 16#f8#, 16#ea#, 16#d2#,
|
||||
16#52#, 16#2c#, 16#6b#, 16#7b# ));
|
||||
|
||||
test_aes_schedule256(u8_Array'(
|
||||
16#60#, 16#3d#, 16#eb#, 16#10#,
|
||||
16#15#, 16#ca#, 16#71#, 16#be#,
|
||||
16#2b#, 16#73#, 16#ae#, 16#f0#,
|
||||
16#85#, 16#7d#, 16#77#, 16#81#,
|
||||
16#1f#, 16#35#, 16#2c#, 16#07#,
|
||||
16#3b#, 16#61#, 16#08#, 16#d7#,
|
||||
16#2d#, 16#98#, 16#10#, 16#a3#,
|
||||
16#09#, 16#14#, 16#df#, 16#f4# ));
|
||||
test_aria;
|
||||
New_Line;
|
||||
|
||||
test_sha256("abc");
|
||||
test_sha256("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq");
|
||||
New_Line;
|
||||
end main;
|
||||
|
|
|
@ -8,11 +8,11 @@ project Steelcrypt is
|
|||
case Mode is
|
||||
|
||||
when "Release" =>
|
||||
for Source_Dirs use ("src/**", "/home/bg/workspace_steelcrypt/steelcrypt/src/sponge/spritz");
|
||||
for Source_Dirs use ("src/**", "/home/bg/workspace_steelcrypt/steelcrypt/src/algorithms");
|
||||
for Object_Dir use "obj_release";
|
||||
|
||||
when "Debug" =>
|
||||
for Source_Dirs use ("src/**", "/home/bg/workspace_steelcrypt/steelcrypt/src/sponge/spritz");
|
||||
for Source_Dirs use ("src/**", "/home/bg/workspace_steelcrypt/steelcrypt/src/algorithms");
|
||||
for Object_Dir use "obj_debug";
|
||||
end case;
|
||||
|
||||
|
|
Loading…
Reference in New Issue