jh/jh_simple_speed.c

   1 /* jh_simple_speed.c */
   2 /*
   3     This file is part of the AVR-Crypto-Lib.
   4     Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
   5
   6     This program is free software: you can redistribute it and/or modify
   7     it under the terms of the GNU General Public License as published by
   8     the Free Software Foundation, either version 3 of the License, or
   9     (at your option) any later version.
  10
  11     This program is distributed in the hope that it will be useful,
  12     but WITHOUT ANY WARRANTY; without even the implied warranty of
  13     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14     GNU General Public License for more details.
  15
  16     You should have received a copy of the GNU General Public License
  17     along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18 */
  19
  20 #include <stdint.h>
  21 #include <avr/pgmspace.h>
  22 #include <stdlib.h>
  23 #include <string.h>
  24 #include "memxor.h"
  25 #include "jh_simple.h"
  26 #include "jh_tables.h"
  27
  28 #define DEBUG 0
  29
  30 #if DEBUG
  31 #include "cli.h"
  32 #endif
  33
  34 void jh_round(uint8_t* a, uint8_t roundno){
  35         uint8_t b[128];
  36         uint8_t i,r,u,v,x,y;
  37         uint8_t *pr;
  38         pr = jh_round_const + 32*roundno;
  39         for(i=0; i<128; ++i){
  40                 if(i%4==0){
  41                         r = pgm_read_byte(pr++);
  42                 }
  43                 b[i]=pgm_read_byte(&(jh_lutbox[((r&0xC0)<<2)|a[i]]));
  44                 r<<=2;
  45         }
  46         for(i=0;i<128;++i){
  47                 u = pgm_read_byte(jh_permutation_table+2*i);
  48                 v = pgm_read_byte(jh_permutation_table+2*i+1);
  49                 x = b[u>>1];
  50                 y = b[v>>1];
  51                 if(u&1){
  52                         x <<= 4;
  53                 }else{
  54                         x &= 0xf0;
  55                 }
  56                 if(v&1){
  57                         y &= 0x0f;
  58                 }else{
  59                         y >>= 4;
  60                 }
  61                 a[i] = x|y;
  62         }
  63 }
  64
  65 uint8_t jh_l_inv(uint8_t a){
  66         uint8_t v,w;
  67         v = a>>4;
  68         w = a&0xf;
  69         v ^= ((w<<1)^(w>>3)^((w>>2)&2))&0xf;
  70         w ^= ((v<<1)^(v>>3)^((v>>2)&2))&0xf;
  71         return w|(v<<4);
  72 }
  73
  74 void group(uint8_t *a){
  75         uint8_t b[128];
  76         uint8_t i,x,y;
  77         for(i=0; i<128; ++i){
  78                 x =   (((a[i/8+  0])>>4)&0x8)
  79                         | (((a[i/8+ 32])>>5)&0x4)
  80                         | (((a[i/8+ 64])>>6)&0x2)
  81                         | (((a[i/8+ 96])>>7)&0x1);
  82                 a[i/8] <<= 1; a[i/8+32]<<=1; a[i/8+64]<<=1; a[i/8+96]<<=1;
  83                 y =   (((a[i/8+ 16])>>4)&0x8)
  84                     | (((a[i/8+ 48])>>5)&0x4)
  85                     | (((a[i/8+ 80])>>6)&0x2)
  86                     | (((a[i/8+112])>>7)&0x1);
  87                 a[i/8+16] <<= 1; a[i/8+48]<<=1; a[i/8+80]<<=1; a[i/8+112]<<=1;
  88                 b[i]= (x<<4)|y;
  89         }
  90         memcpy(a,b,128);
  91 }
  92
  93 void degroup(uint8_t *a){
  94         uint8_t b[128];
  95         uint8_t i,j;
  96         for(i=0;i<128;++i){
  97                 j=i/8;
  98             b[j+  0]<<=1; b[j+  0] |= ((a[i])>>7)&1;
  99             b[j+ 32]<<=1; b[j+ 32] |= ((a[i])>>6)&1;
 100             b[j+ 64]<<=1; b[j+ 64] |= ((a[i])>>5)&1;
 101             b[j+ 96]<<=1; b[j+ 96] |= ((a[i])>>4)&1;
 102             b[j+ 16]<<=1; b[j+ 16] |= ((a[i])>>3)&1;
 103             b[j+ 48]<<=1; b[j+ 48] |= ((a[i])>>2)&1;
 104             b[j+ 80]<<=1; b[j+ 80] |= ((a[i])>>1)&1;
 105             b[j+112]<<=1; b[j+112] |= ((a[i])>>0)&1;
 106         }
 107         memcpy(a,b,128);
 108 }
 109
 110 void jh_encrypt(uint8_t* a){
 111         uint8_t i;
 112         /* grouping */
 113 #if DEBUG
 114         cli_putstr_P(PSTR("\r\n== pre group ==\r\n"));
 115         cli_hexdump_block(a, 128, 4, 16);
 116 #endif
 117         group(a);
 118         for(i=0;i<35;++i){
 119                 jh_round(a, i);
 120         }
 121         uint8_t r;
 122         uint8_t *pr;
 123
 124         pr = jh_round_const + 32*35;
 125         for(i=0; i<128; ++i){
 126                 if(i%4==0){
 127                         r = pgm_read_byte(pr++);
 128                 }
 129                 a[i]=jh_l_inv(pgm_read_byte(&(jh_lutbox[((r&0xC0)<<2)|a[i]])));
 130                 r<<=2;
 131         }
 132         /* degrouping */
 133 #if DEBUG
 134         cli_putstr_P(PSTR("\r\n== pre degroup ==\r\n"));
 135         cli_hexdump_block(a, 128, 4, 16);
 136 #endif
 137         degroup(a);
 138 #if DEBUG
 139         cli_putstr_P(PSTR("\r\n== post degroup ==\r\n"));
 140         cli_hexdump_block(a, 128, 4, 16);
 141 #endif
 142 }
 143
 144 void jh_init(uint16_t hashlen_b, jh_ctx_t* ctx){
 145         memset(ctx->a, 0, 128);
 146         ctx->a[0] = hashlen_b>>8;
 147         ctx->a[1] = hashlen_b&0xff;
 148         jh_encrypt(ctx->a);
 149         ctx->block_hashed=0;
 150 }
 151
 152 void jh_nextBlock(jh_ctx_t* ctx, void* block){
 153         memxor(ctx->a, block, 64);
 154         jh_encrypt(ctx->a);
 155         memxor(ctx->a+64, block, 64);
 156         ctx->block_hashed++;
 157 }
 158
 159 void jh_lastBlock(jh_ctx_t* ctx, void* block, uint16_t length_b){
 160         while(length_b>=64*8){
 161                 jh_nextBlock(ctx, block);
 162                 block = (uint8_t*)block + 64;
 163                 length_b -= 64*8;
 164         }
 165         uint8_t buffer[64];
 166         uint64_t total_length;
 167         memset(buffer, 0, 64);
 168         memcpy(buffer, block, (length_b+7)/8);
 169         buffer[length_b/8] |= 0x80>>(length_b%8);
 170         total_length=ctx->block_hashed*512+length_b;
 171         if(length_b==0){
 172
 173         }else{
 174                 jh_nextBlock(ctx, buffer);
 175                 buffer[0]=0;
 176         }
 177         memset(buffer+1, 0, 64-8-1);
 178         buffer[63] = total_length&0xff;
 179         buffer[62] = (total_length>> 8)&0xff;
 180         buffer[61] = (total_length>>16)&0xff;
 181         buffer[60] = (total_length>>24)&0xff;
 182         buffer[59] = (total_length>>32)&0xff;
 183         buffer[58] = (total_length>>40)&0xff;
 184         buffer[57] = (total_length>>48)&0xff;
 185         buffer[56] = (total_length>>56)&0xff;
 186         jh_nextBlock(ctx, buffer);
 187 }
 188
 189 void jh_ctx2hash(void* dest, uint16_t length_b, jh_ctx_t* ctx){
 190         memcpy(dest, ctx->a+128-(length_b+7)/8, (length_b+7)/8);
 191 }
 192
 193
 194 void jh224_init(jh_ctx_t* ctx){
 195         jh_init(224, ctx);
 196 }
 197
 198 void jh224_ctx2hash(void* dest, jh_ctx_t* ctx){
 199         jh_ctx2hash(dest, 224, ctx);
 200 }
 201
 202 void jh256_init(jh_ctx_t* ctx){
 203         jh_init(256, ctx);
 204 }
 205
 206 void jh256_ctx2hash(void* dest, jh_ctx_t* ctx){
 207         jh_ctx2hash(dest, 256, ctx);
 208 }
 209
 210 void jh384_init(jh_ctx_t* ctx){
 211         jh_init(384, ctx);
 212 }
 213
 214 void jh384_ctx2hash(void* dest, jh_ctx_t* ctx){
 215         jh_ctx2hash(dest, 384, ctx);
 216 }
 217
 218 void jh512_init(jh_ctx_t* ctx){
 219         jh_init(512, ctx);
 220 }
 221
 222 void jh512_ctx2hash(void* dest, jh_ctx_t* ctx){
 223         jh_ctx2hash(dest, 512, ctx);
 224 }