3 This file is part of the ARM-Crypto-Lib.
4 Copyright (C) 2006-2011 Daniel Otte (daniel.otte@rub.de)
6 This program is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation, either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "mickey128.h"
26 RTAPS = { 0,4,5, 8,10,11,14 ,16,20, 25,30, 32,35,36,38,
27 42,43,46, 50,51,53,54,55, 56,57,60,61,62,63,
28 65,66,69, 73,74,76,79, 80,81,82,85,86, 90,91,92,95,
29 97,100,101, 105,106,107,108,109,111, 112,113,115,116,117,
30 127, 128,129,130,131,133,135, 136,137,140,142, 145,148,150,
33 0011.0001 0100.1101 0001.0001 0100.0010 0101.1001
34 0100.1100 1110.1100 1111.0011
35 0010.0110 1001.0110 0110.0111 1001.1100
36 0011.0010 1011.1110 0011.1011
37 1000.0000 1010.1111 0101.0011 0101.0010
40 1000110010110010100010000100001010011010001100100011011111001111011001
41 0001101001111001100011100101001100011111011101110000000001111101011100
44 1000.1100 1011.0010 1000.1000 0100.0010 1001.1010 0011.0010
45 0011.0111 1100.1111 0110.0100 0110.1001 1110.0110 0011.1001
46 0100.1100 0111.1101 1101.1100 0000.0001 1111.0101 1100.1010
51 0x31, 0x4D, 0x11, 0x42,
52 0x59, 0x4C, 0xEC, 0xF3,
53 0x26, 0x96, 0x67, 0x9C,
54 0x32, 0xBE, 0x3B, 0x80,
55 0xAF, 0x53, 0x52, 0x37
58 #define SHL0(a) c1=((a)>>7); (a)=(((a)<<1)|c0)
59 #define SHL1(a) c0=((a)>>7); (a)=(((a)<<1)|c1)
61 #define SHLX0(a) c1=((a)>>7); (a)^=(((a)<<1)|c0)
62 #define SHLX1(a) c0=((a)>>7); (a)^=(((a)<<1)|c1)
65 void clock_r(uint8_t* r, uint8_t ibit, uint8_t cbit){
66 uint8_t i,c0=0,c1=0; /* carry */
67 ibit ^= ((r[159/8])>>(159%8))&1; /* ibit is now the same as feedback_bit */
84 /* comp0 (filling spaces with zero) (one at each side)
85 * 0101.1110 1111.0010 1101.0110 0101.1101
86 * 0101.0101 0000.1001 0010.0110 0111.1001
87 * 0110.0010 0111.0000 0000.0000 0111.1001
88 * 0011.0001 1101.1001 1010.1111 0011.0111
89 * 1011.1110 0000.0110 1011.1110 0000.1111
98 0x5E, 0xF2, 0xD6, 0x5D,
99 0x55, 0x09, 0x26, 0x79,
100 0x62, 0x70, 0x00, 0x79,
101 0x31, 0xD9, 0xAF, 0x37,
102 0xBE, 0x06, 0xBE, 0x0F
106 /* comp1 (shifting one bit right to make calculation easier, so inserting two zeros)
107 * 0110.0000 0011.1110 0011.0010 1111.1010
108 * 0011.0000 0111.1001 0110.1100 1111.1101
109 * 1100.0001 1000.0111 0000.0001 1111.1000
110 * 1000.1010 1100.0110 1100.0001 1100.1100
111 * 0110.1010 1011.0111 1110.1000 1111.1111
120 uint8_t comp1[] PROGMEM = {
121 0x60, 0x3E, 0x32, 0xFA, 0x30, 0x79, 0x6C, 0xFD, 0xC1, 0x87,
122 0x01, 0xF8, 0x8A, 0xC6, 0xC1, 0xCC, 0x6A, 0xB7, 0xE8, 0xFF
126 * 0000.1100 1111.1000 1001.1000 1011.1110
127 * 0001.1001 0011.1100 0110.1101 0111.1111
128 * 0000.0111 1100.0011 0000.0000 0011.1110
129 * 1010.0010 1100.0111 0000.0110 0110.0110
130 * 1010.1101 1101.1010 0010.1111 1111.1110
139 uint8_t comp1[] PROGMEM = {
140 0x0C, 0xF8, 0x98, 0xBE, 0x19, 0x3C, 0x6D, 0x7F, 0x07, 0xC3,
141 0x00, 0x3E, 0xA2, 0xC7, 0x06, 0x66, 0xAD, 0xDA, 0x2F, 0xFE
145 * 0011.0000 0001.1111 0001.1001 0111.1101
146 * 1001.1000 0011.1100 1011.0110 1111.1110
147 * 1110.0000 1100.0011 0000.0000 0111.1100
148 * 0100.0101 1110.0011 0110.0000 0110.0110
149 * 1011.0101 0101.1011 1111.0100 0111.1111
159 0x30, 0x1F, 0x19, 0x7D,
160 0x98, 0x3C, 0xB6, 0xFE,
161 0xE0, 0xC3, 0x00, 0x7C,
162 0x45, 0xE3, 0x60, 0x66,
163 0xB5, 0x5B, 0xF4, 0x7F
167 * 1010.1111 0001.1111 0011.1100 1100.0100
168 * 0010.0010 1010.0011 0010.1111 0000.1110
169 * 1000.0001 0100.1101 1110.0101 0110.0110
170 * 1001.0001 0100.1011 0101.0100 1101.0100
171 * 1100.0001 0000.1011 0110.0011 1000.0011
180 0xAF, 0x1F, 0x3C, 0xC4,
181 0x22, 0xA3, 0x2F, 0x0E,
182 0x81, 0x4D, 0xE5, 0x66,
183 0x91, 0x4B, 0x54, 0xD4,
184 0xC1, 0x0B, 0x63, 0x83
188 * 1010.1011 0111.0111 1111.0100 1001.1011
189 * 1001.0000 1000.1100 0111.1001 0111.0000
190 * 1011.0110 0001.1000 1001.1010 0110.1111
191 * 1110.0111 0111.1110 0100.1011 0110.1100
192 * 1110.1111 1000.0000 1010.0111 0001.0001
201 0xAB, 0x77, 0xF4, 0x9B,
202 0x90, 0x8C, 0x79, 0x70,
203 0xB6, 0x18, 0x9A, 0x6F,
204 0xE7, 0x7E, 0x4B, 0x6C,
205 0xEF, 0x80, 0xA7, 0x11
209 void clock_s(uint8_t* s, uint8_t ibit, uint8_t cbit){
210 uint8_t s0[20], s1[20];
214 memxor(s0, comp0, 20);
216 s1[19-i]= c|((s[19-i])>>1);
219 memxor(s1, comp1, 20);
223 s[i]=((s[i])<<1) ^ ((s0[i])&(s1[i])) ^ c;
228 memxor(s, cbit?fb1:fb0, 20);
233 void clock_kg(uint8_t* r, uint8_t* s, uint8_t mixing, uint8_t input){
235 rb = ((s[ 54/8])>>(( 54%8))) ^ ((r[106/8])>>(((106%8))));
236 sb = ((s[106/8])>>((106%8))) ^ ((r[ 53/8])>>((( 53%8))));
239 mixing = input ^ (mixing & ((s[80/8]>>((80%8))) & 1));
240 clock_r(r, mixing, rb);
241 clock_s(s, input, sb);
244 void mickey128_init(void* key, uint16_t keysize_b,
245 void* iv, uint16_t ivsize_b,
246 mickey128_ctx_t* ctx){
248 memset(ctx->r, 0, 20);
249 memset(ctx->s, 0, 20);
250 for(i=0; i<ivsize_b; ++i){
251 clock_kg(ctx->r, ctx->s, 1, 1&((((uint8_t*)iv)[i/8])>>(7-(i%8))));
253 for(i=0; i<keysize_b; ++i){
254 clock_kg(ctx->r, ctx->s, 1, 1&((((uint8_t*)key)[i/8])>>(7-(i%8))));
256 for(i=0; i<160; ++i){
257 clock_kg(ctx->r, ctx->s, 1, 0);
261 uint8_t mickey128_getbit(mickey128_ctx_t* ctx){
263 ret = 1&(*(ctx->r) ^ *(ctx->s));
264 clock_kg(ctx->r, ctx->s, 0, 0);
268 uint8_t mickey128_getbyte(mickey128_ctx_t* ctx){
272 ret |= 1&(((ctx->r)[0]) ^ ((ctx->s)[0]));
273 clock_kg(ctx->r, ctx->s, 0, 0);