3 This file is part of the AVR-Crypto-Lib.
4 Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
6 This program is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation, either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 * \email daniel.otte@rub.de
24 * \license GPLv3 or later
30 #include <avr/pgmspace.h>
31 #include "bmw_small.h"
34 #define SHL32(a,n) ((a)<<(n))
35 #define SHR32(a,n) ((a)>>(n))
36 #define ROTL32(a,n) (((a)<<(n))|((a)>>(32-(n))))
37 #define ROTR32(a,n) (((a)>>(n))|((a)<<(32-(n))))
45 void ctx_dump(const bmw_small_ctx_t* ctx){
47 cli_putstr_P(PSTR("\r\n==== ctx dump ===="));
49 cli_putstr_P(PSTR("\r\n h["));
51 cli_putstr_P(PSTR("] = "));
52 cli_hexdump_rev(&(ctx->h[i]), 4);
54 cli_putstr_P(PSTR("\r\n counter = "));
55 cli_hexdump(&(ctx->counter), 4);
58 void dump_x(const uint32_t* q, uint8_t elements, char x){
60 cli_putstr_P(PSTR("\r\n==== "));
62 cli_putstr_P(PSTR(" dump ===="));
63 for(i=0; i<elements;++i){
64 cli_putstr_P(PSTR("\r\n "));
66 cli_putstr_P(PSTR("["));
68 cli_putstr_P(PSTR("] = "));
69 cli_hexdump_rev(&(q[i]), 4);
77 void bmw_small_f1(uint32_t* q, const void* m, const void* h);
78 void bmw_small_f0(uint32_t* h, const void* m, uint32_t* q);
79 void bmw_small_f2(uint32_t* h, uint32_t* q, const void* m);
83 void bmw_small_f2(uint32_t* h, const uint32_t* q, const void* m){
94 cli_putstr_P(PSTR("\r\n XL = "));
95 cli_hexdump_rev(&xl, 4);
96 cli_putstr_P(PSTR("\r\n XH = "));
97 cli_hexdump_rev(&xh, 4);
100 h[0] ^= SHL32(xh, 5) ^ SHR32(q[16], 5);
101 h[5] ^= SHL32(xh, 6) ^ SHR32(q[21], 6);
102 h[3] ^= SHR32(xh, 1) ^ SHL32(q[19], 5);
103 h[4] ^= SHR32(xh, 3) ^ q[20];
104 h[6] ^= SHR32(xh, 4) ^ SHL32(q[22], 6);
105 h[2] ^= SHR32(xh, 5) ^ SHL32(q[18], 5);
106 h[1] ^= SHR32(xh, 7) ^ SHL32(q[17], 8);
107 h[7] ^= SHR32(xh,11) ^ SHL32(q[23], 2);
109 h[i] += xl ^ q[24+i] ^ q[i];
112 h[8+i] ^= xh ^ q[24+i];
113 h[8+i] += ROTL32(h[(4+i)%8],i+9);
115 h[11] += SHL32(xl, 4) ^ q[18] ^ q[11];
116 h[10] += SHL32(xl, 6) ^ q[17] ^ q[10];
117 h[ 8] += SHL32(xl, 8) ^ q[23] ^ q[ 8];
118 h[15] += SHR32(xl, 2) ^ q[22] ^ q[15];
119 h[12] += SHR32(xl, 3) ^ q[19] ^ q[12];
120 h[13] += SHR32(xl, 4) ^ q[20] ^ q[13];
121 h[ 9] += SHR32(xl, 6) ^ q[16] ^ q[ 9];
122 h[14] += SHR32(xl, 7) ^ q[21] ^ q[14];
125 void bmw_small_nextBlock(bmw_small_ctx_t* ctx, const void* block){
127 dump_x(block, 16, 'M');
128 bmw_small_f0(ctx->h, block, q);
130 bmw_small_f1(q, block, ctx->h);
132 bmw_small_f2(ctx->h, q, block);
137 void bmw_small_lastBlock(bmw_small_ctx_t* ctx, const void* block, uint16_t length_b){
139 while(length_b >= BMW_SMALL_BLOCKSIZE){
140 bmw_small_nextBlock(ctx, block);
141 length_b -= BMW_SMALL_BLOCKSIZE;
142 block = (uint8_t*)block + BMW_SMALL_BLOCKSIZE_B;
144 memset(buffer, 0, 64);
145 memcpy(buffer, block, (length_b+7)/8);
146 buffer[length_b>>3] |= 0x80 >> (length_b&0x07);
147 if(length_b+1>64*8-64){
148 bmw_small_nextBlock(ctx, buffer);
149 memset(buffer, 0, 64-8);
152 *((uint64_t*)&(buffer[64-8])) = (uint64_t)(ctx->counter*512LL)+(uint64_t)length_b;
153 bmw_small_nextBlock(ctx, buffer);
156 memset(buffer, 0xaa, 64);
158 buffer[i*4] = i+0xa0;
160 // dump_x(buffer, 16, 'A');
161 dump_x(ctx->h, 16, 'M');
162 bmw_small_f0((uint32_t*)buffer, ctx->h, q);
163 dump_x(buffer, 16, 'a');
165 bmw_small_f1(q, ctx->h, (uint32_t*)buffer);
167 bmw_small_f2((uint32_t*)buffer, q, ctx->h);
168 memcpy(ctx->h, buffer, 64);
171 void bmw224_init(bmw224_ctx_t* ctx){
173 ctx->h[0] = 0x00010203;
175 ctx->h[i] = ctx->h[i-1]+ 0x04040404;
181 void bmw256_init(bmw256_ctx_t* ctx){
183 ctx->h[0] = 0x40414243;
185 ctx->h[i] = ctx->h[i-1]+ 0x04040404;
191 void bmw224_nextBlock(bmw224_ctx_t* ctx, const void* block){
192 bmw_small_nextBlock(ctx, block);
195 void bmw256_nextBlock(bmw256_ctx_t* ctx, const void* block){
196 bmw_small_nextBlock(ctx, block);
199 void bmw224_lastBlock(bmw224_ctx_t* ctx, const void* block, uint16_t length_b){
200 bmw_small_lastBlock(ctx, block, length_b);
203 void bmw256_lastBlock(bmw256_ctx_t* ctx, const void* block, uint16_t length_b){
204 bmw_small_lastBlock(ctx, block, length_b);
207 void bmw224_ctx2hash(void* dest, const bmw224_ctx_t* ctx){
208 memcpy(dest, &(ctx->h[9]), 224/8);
211 void bmw256_ctx2hash(void* dest, const bmw256_ctx_t* ctx){
212 memcpy(dest, &(ctx->h[8]), 256/8);
215 void bmw224(void* dest, const void* msg, uint32_t length_b){
218 while(length_b>=BMW_SMALL_BLOCKSIZE){
219 bmw_small_nextBlock(&ctx, msg);
220 length_b -= BMW_SMALL_BLOCKSIZE;
221 msg = (uint8_t*)msg + BMW_SMALL_BLOCKSIZE_B;
223 bmw_small_lastBlock(&ctx, msg, length_b);
224 bmw224_ctx2hash(dest, &ctx);
227 void bmw256(void* dest, const void* msg, uint32_t length_b){
230 while(length_b>=BMW_SMALL_BLOCKSIZE){
231 bmw_small_nextBlock(&ctx, msg);
232 length_b -= BMW_SMALL_BLOCKSIZE;
233 msg = (uint8_t*)msg + BMW_SMALL_BLOCKSIZE_B;
235 bmw_small_lastBlock(&ctx, msg, length_b);
236 bmw256_ctx2hash(dest, &ctx);
projects / avr-crypto-lib.git / blob