From 4e31ebdb0529eeb61efd3fe181b9de1abe6d7f6c Mon Sep 17 00:00:00 2001 From: bg Date: Sat, 9 May 2009 12:30:07 +0000 Subject: [PATCH] +blake, bug compatibility by default off --- blake_common.c | 53 ++++++ blake_common.h | 38 +++++ blake_large.c | 329 +++++++++++++++++++++++++++++++++++++ blake_large.h | 67 ++++++++ blake_small.c | 323 ++++++++++++++++++++++++++++++++++++ blake_small.h | 67 ++++++++ hfal_blake_large.c | 67 ++++++++ hfal_blake_large.h | 37 +++++ hfal_blake_small.c | 67 ++++++++ hfal_blake_small.h | 37 +++++ host/shavs_test.rb | 2 +- mkfiles/blake_c.mk | 14 ++ test_src/main-blake-test.c | 282 +++++++++++++++++++++++++++++++ test_src/main-bmw-test.c | 4 +- 14 files changed, 1384 insertions(+), 3 deletions(-) create mode 100644 blake_common.c create mode 100644 blake_common.h create mode 100644 blake_large.c create mode 100644 blake_large.h create mode 100644 blake_small.c create mode 100644 blake_small.h create mode 100644 hfal_blake_large.c create mode 100644 hfal_blake_large.h create mode 100644 hfal_blake_small.c create mode 100644 hfal_blake_small.h create mode 100644 mkfiles/blake_c.mk create mode 100644 test_src/main-blake-test.c diff --git a/blake_common.c b/blake_common.c new file mode 100644 index 0000000..a715980 --- /dev/null +++ b/blake_common.c @@ -0,0 +1,53 @@ +/* blake_common.c */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/* + * \file blake_common.c + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2009-05-08 + * \license GPLv3 or later + * + */ + +#include +#include + +uint8_t blake_sigma[] PROGMEM = { + 0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF, + 0xE, 0xA, 0x4, 0x8, 0x9, 0xF, 0xD, 0x6, 0x1, 0xC, 0x0, 0x2, 0xB, 0x7, 0x5, 0x3, + 0xB, 0x8, 0xC, 0x0, 0x5, 0x2, 0xF, 0xD, 0xA, 0xE, 0x3, 0x6, 0x7, 0x1, 0x9, 0x4, + 0x7, 0x9, 0x3, 0x1, 0xD, 0xC, 0xB, 0xE, 0x2, 0x6, 0x5, 0xA, 0x4, 0x0, 0xF, 0x8, + 0x9, 0x0, 0x5, 0x7, 0x2, 0x4, 0xA, 0xF, 0xE, 0x1, 0xB, 0xC, 0x6, 0x8, 0x3, 0xD, + 0x2, 0xC, 0x6, 0xA, 0x0, 0xB, 0x8, 0x3, 0x4, 0xD, 0x7, 0x5, 0xF, 0xE, 0x1, 0x9, + 0xC, 0x5, 0x1, 0xF, 0xE, 0xD, 0x4, 0xA, 0x0, 0x7, 0x6, 0x3, 0x9, 0x2, 0x8, 0xB, + 0xD, 0xB, 0x7, 0xE, 0xC, 0x1, 0x3, 0x9, 0x5, 0x0, 0xF, 0x4, 0x8, 0x6, 0x2, 0xA, + 0x6, 0xF, 0xE, 0x9, 0xB, 0x3, 0x0, 0x8, 0xC, 0x2, 0xD, 0x7, 0x1, 0x4, 0xA, 0x5, + 0xA, 0x2, 0x8, 0x4, 0x7, 0x6, 0x1, 0x5, 0xF, 0xB, 0x9, 0xE, 0x3, 0xC, 0xD, 0x0 +}; + +uint8_t blake_index_lut[] PROGMEM = { + 0x0, 0x4, 0x8, 0xC, + 0x1, 0x5, 0x9, 0xD, + 0x2, 0x6, 0xA, 0xE, + 0x3, 0x7, 0xB, 0xF, + 0x0, 0x5, 0xA, 0xF, + 0x1, 0x6, 0xB, 0xC, + 0x2, 0x7, 0x8, 0xD, + 0x3, 0x4, 0x9, 0xE +}; diff --git a/blake_common.h b/blake_common.h new file mode 100644 index 0000000..3c424a8 --- /dev/null +++ b/blake_common.h @@ -0,0 +1,38 @@ +/* blake_common.h */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/* + * \file blake_common.h + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2009-05-08 + * \license GPLv3 or later + * + */ + + +#ifndef BLAKE_COMMON_H_ +#define BLAKE_COMMON_H_ + +#include +#include + +extern uint8_t blake_sigma[]; +extern uint8_t blake_index_lut[]; + +#endif /* BLAKE_COMMON_H_ */ diff --git a/blake_large.c b/blake_large.c new file mode 100644 index 0000000..722d277 --- /dev/null +++ b/blake_large.c @@ -0,0 +1,329 @@ +/* blake_large.c */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/* + * \file blake_large.c + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2009-05-08 + * \license GPLv3 or later + * + */ + +#include +#include +#include +#include "memxor.h" +#include "blake_large.h" +#include "blake_common.h" + +#define DEBUG 0 +#define DEBUG_2 0 + +#define BUG_3 0 /* bug compatibility with reference code */ +#define BUG_4 0 /* bug compatibility with reference code */ + +#if DEBUG_2 + #include "cli.h" +#endif + +#if DEBUG + #include "cli.h" + void dump_v(uint64_t* v){ + uint8_t i; + cli_putstr_P(PSTR("\r\n=== v dump ===")); + for(i=0; i<16; ++i){ + if(i%4==0) + cli_putstr_P(PSTR("\r\n\t")); + cli_hexdump_rev(v+i, 8); + cli_putc(' '); + } + } +#else + #define dump_v(v) +#endif + +uint64_t pgm_read_qword(void* p){ + union{ + uint64_t v64; + uint32_t v32[2]; + }r; + r.v32[0] = pgm_read_dword(p); + r.v32[1] = pgm_read_dword((uint8_t*)p+4); + return r.v64; +} + +static +uint64_t blake_c[] PROGMEM = { + 0x243F6A8885A308D3LL, 0x13198A2E03707344LL, + 0xA4093822299F31D0LL, 0x082EFA98EC4E6C89LL, + 0x452821E638D01377LL, 0xBE5466CF34E90C6CLL, + 0xC0AC29B7C97C50DDLL, 0x3F84D5B5B5470917LL, + 0x9216D5D98979FB1BLL, 0xD1310BA698DFB5ACLL, + 0x2FFD72DBD01ADFB7LL, 0xB8E1AFED6A267E96LL, + 0xBA7C9045F12C7F99LL, 0x24A19947B3916CF7LL, + 0x0801F2E2858EFC16LL, 0x636920D871574E69LL + +}; + + + +#define ROTL64(a, n) (((a)<<(n))|((a)>>(64-(n)))) +#define ROTR64(a, n) (((a)>>(n))|((a)<<(64-(n)))) +#define CHANGE_ENDIAN32(a) (((a)<<24)| \ + ((0x0000ff00&(a))<<8)| \ + ((0x00ff0000&(a))>>8)| \ + (a)>>24 ) + +void blake_large_g(uint8_t r, uint8_t i, uint64_t* v, const uint64_t* m){ + uint8_t a,b,c,d, s0, s1; + a = pgm_read_byte(blake_index_lut+4*i+0); + b = pgm_read_byte(blake_index_lut+4*i+1); + c = pgm_read_byte(blake_index_lut+4*i+2); + d = pgm_read_byte(blake_index_lut+4*i+3); + s0 = pgm_read_byte(blake_sigma+16*r+2*i+0); + s1 = pgm_read_byte(blake_sigma+16*r+2*i+1); +#if DEBUG + if(i==0){ + cli_putstr_P(PSTR("\r\n s0 = ")); + cli_hexdump(&s0, 1); + cli_putstr_P(PSTR(" s1 = ")); + cli_hexdump(&s1, 1); + cli_putstr_P(PSTR("\r\n m[s0] = ")); + cli_hexdump_rev(m+s0, 4); + cli_putstr_P(PSTR("\r\n m[s1] = ")); + cli_hexdump_rev(m+s1, 4); + } +#endif + v[a] += v[b] + (m[s0] ^ pgm_read_qword(&(blake_c[s1]))); + v[d] = ROTR64(v[d]^v[a], 32); + v[c] += v[d]; + v[b] = ROTR64(v[b]^v[c], 25); + v[a] += v[b] + (m[s1] ^ pgm_read_qword(&(blake_c[s0]))); + v[d] = ROTR64(v[d]^v[a], 16); + v[c] += v[d]; + v[b] = ROTR64(v[b]^v[c], 11); + +} + +void blake_large_expand(uint64_t* v, const blake_large_ctx_t* ctx){ + uint8_t i; + memcpy(v, ctx->h, 8*8); + for(i=0; i<8; ++i){ + v[8+i] = pgm_read_qword(&(blake_c[i])); + } + memxor((uint8_t*)v+8, ctx->s, 4*8); + +} + +void blake_large_changeendian(void* dest, const void* src){ + uint8_t i; + uint32_t tmp; + for(i=0; i<32; i+=2){ + tmp = CHANGE_ENDIAN32(((uint32_t*)src)[i]); + ((uint32_t*)dest)[i] = CHANGE_ENDIAN32(((uint32_t*)src)[i+1]); + ((uint32_t*)dest)[i+1] = tmp; + } +} + +void blake_large_compress(uint64_t* v,const void* m){ + uint8_t r,i; +#if DEBUG + cli_putstr_P(PSTR("\r\n== compress 64 ==")); + dump_v(v); +#endif +#if DEBUG_2 + cli_putstr_P(PSTR("\r\n=== message block ===\r\n m =")); + cli_hexdump_block(m, 1024/8, 4, 16); +#endif + for(r=0; r<14; ++r){ + for(i=0; i<8; ++i){ + blake_large_g(r%10, i, v, (uint64_t*)m); +#if DEBUG + if(1){ + cli_putstr_P(PSTR("\r\n ROUND: ")); + cli_hexdump(&r,1); + cli_putstr_P(PSTR(" I: ")); + cli_hexdump(&i,1); + dump_v(v); + } +#endif + } + } +} + +void blake_large_collapse(blake_large_ctx_t* ctx, uint64_t* v){ + uint8_t i; + for(i=0; i<8; ++i){ + ctx->h[i] ^= ctx->s[i%4] ^ v[i] ^ v[8+i]; + } +} + +void blake_large_nextBlock(blake_large_ctx_t* ctx, const void* msg){ + uint64_t v[16]; + uint64_t m[16]; + union { + uint64_t v64; + uint32_t v32[2]; + }ctr; + blake_large_expand(v,ctx); + ctx->counter++; + ctr.v64 = ctx->counter*1024; + v[12] ^= ctr.v64; + v[13] ^= ctr.v64; + blake_large_changeendian(m, msg); + blake_large_compress(v, m); + blake_large_collapse(ctx, v); +} + +void blake_large_lastBlock(blake_large_ctx_t* ctx, const void* msg, uint16_t length_b){ + while(length_b>=BLAKE_LARGE_BLOCKSIZE){ + blake_large_nextBlock(ctx, msg); + msg = (uint8_t*)msg + BLAKE_LARGE_BLOCKSIZE_B; + length_b -= BLAKE_LARGE_BLOCKSIZE; + } + uint8_t buffer[128]; + uint64_t v[16]; + uint64_t ctr; + ctr = ctx->counter*1024+length_b; + memset(buffer, 0, 128); + memcpy(buffer, msg, (length_b+7)/8); + buffer[length_b/8] |= 0x80 >> (length_b%8); + blake_large_changeendian(buffer, buffer); + blake_large_expand(v, ctx); +#if BUG_3 + uint8_t x=0; + if(length_b%1024<895 && length_b%8) + x=0x40; + v[12] ^= ctr + x; + v[13] ^= ctr + x; + +#else + v[12] ^= ctr; + v[13] ^= ctr; +#endif + if(length_b>1024-128-2){ +#if BUG_4 + if(length_b<1017){ + blake_large_compress(v, buffer); + blake_large_collapse(ctx, v); + } +#else + blake_large_compress(v, buffer); + blake_large_collapse(ctx, v); +#endif + memset(buffer, 0, 128-8); + blake_large_expand(v, ctx); + } + if(ctx->appendone) + buffer[128-16-8] |= 0x01; + *((uint64_t*)(&(buffer[128-8]))) = ctr; + blake_large_compress(v, buffer); + blake_large_collapse(ctx, v); + +} + +uint64_t blake64_iv[] PROGMEM = { + 0x6A09E667F3BCC908LL, 0xBB67AE8584CAA73BLL, + 0x3C6EF372FE94F82BLL, 0xA54FF53A5F1D36F1LL, + 0x510E527FADE682D1LL, 0x9B05688C2B3E6C1FLL, + 0x1F83D9ABFB41BD6BLL, 0x5BE0CD19137E2179LL +}; + +void blake64_init(blake64_ctx_t* ctx){ + uint8_t i; + for(i=0; i<8; ++i){ + ctx->h[i] = pgm_read_qword(&(blake64_iv[i])); + } + memset(ctx->s, 0, 4*8); + ctx->counter = 0; + ctx->appendone = 1; +} + +uint64_t blake48_iv[] PROGMEM = { + 0xCBBB9D5DC1059ED8LL, 0x629A292A367CD507LL, + 0x9159015A3070DD17LL, 0x152FECD8F70E5939LL, + 0x67332667FFC00B31LL, 0x8EB44A8768581511LL, + 0xDB0C2E0D64F98FA7LL, 0x47B5481DBEFA4FA4LL +}; + +void blake48_init(blake48_ctx_t* ctx){ + uint8_t i; + for(i=0; i<8; ++i){ + ctx->h[i] = pgm_read_qword(&(blake48_iv[i])); + } + memset(ctx->s, 0, 4*8); + ctx->counter = 0; + ctx->appendone = 0; +} + +void blake64_ctx2hash(void* dest, const blake64_ctx_t* ctx){ + uint8_t i; + for(i=0; i<8; ++i){ + ((uint32_t*)dest)[2*i+0] = CHANGE_ENDIAN32((ctx->h[i])>>32); + ((uint32_t*)dest)[2*i+1] = CHANGE_ENDIAN32((uint32_t)ctx->h[i]); + } +} + +void blake48_ctx2hash(void* dest, const blake48_ctx_t* ctx){ + uint8_t i; + for(i=0; i<6; ++i){ + ((uint32_t*)dest)[2*i+0] = CHANGE_ENDIAN32((ctx->h[i])>>32); + ((uint32_t*)dest)[2*i+1] = CHANGE_ENDIAN32((uint32_t)ctx->h[i]); + } +} + +void blake64_nextBlock(blake64_ctx_t* ctx, const void* block){ + blake_large_nextBlock(ctx, block); +} + +void blake48_nextBlock(blake48_ctx_t* ctx, const void* block){ + blake_large_nextBlock(ctx, block); +} + +void blake64_lastBlock(blake64_ctx_t* ctx, const void* block, uint16_t length_b){ + blake_large_lastBlock(ctx, block, length_b); +} + +void blake48_lastBlock(blake48_ctx_t* ctx, const void* block, uint16_t length_b){ + blake_large_lastBlock(ctx, block, length_b); +} + +void blake64(void* dest, const void* msg, uint32_t length_b){ + blake_large_ctx_t ctx; + blake64_init(&ctx); + while(length_b>=BLAKE_LARGE_BLOCKSIZE){ + blake_large_nextBlock(&ctx, msg); + msg = (uint8_t*)msg + BLAKE_LARGE_BLOCKSIZE_B; + length_b -= BLAKE_LARGE_BLOCKSIZE; + } + blake_large_lastBlock(&ctx, msg, length_b); + blake64_ctx2hash(dest, &ctx); +} + +void blake48(void* dest, const void* msg, uint32_t length_b){ + blake_large_ctx_t ctx; + blake48_init(&ctx); + while(length_b>=BLAKE_LARGE_BLOCKSIZE){ + blake_large_nextBlock(&ctx, msg); + msg = (uint8_t*)msg + BLAKE_LARGE_BLOCKSIZE_B; + length_b -= BLAKE_LARGE_BLOCKSIZE; + } + blake_large_lastBlock(&ctx, msg, length_b); + blake48_ctx2hash(dest, &ctx); +} diff --git a/blake_large.h b/blake_large.h new file mode 100644 index 0000000..3556f2c --- /dev/null +++ b/blake_large.h @@ -0,0 +1,67 @@ +/* blake_large.h */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/* + * \file blake_large.h + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2009-05-08 + * \license GPLv3 or later + * + */ +#ifndef BLAKE_LARGE_H_ +#define BLAKE_LARGE_H_ + +#include + +#define BLAKE_LARGE_BLOCKSIZE 1024 +#define BLAKE_LARGE_BLOCKSIZE_B ((BLAKE_LARGE_BLOCKSIZE+7)/8) +#define BLAKE48_BLOCKSIZE BLAKE_LARGE_BLOCKSIZE +#define BLAKE48_BLOCKSIZE_B BLAKE_LARGE_BLOCKSIZE_B +#define BLAKE64_BLOCKSIZE BLAKE_LARGE_BLOCKSIZE +#define BLAKE64_BLOCKSIZE_B BLAKE_LARGE_BLOCKSIZE_B + +typedef struct { + uint64_t h[8]; + uint64_t s[4]; + uint32_t counter; + uint8_t appendone; +} blake_large_ctx_t; + +typedef blake_large_ctx_t blake48_ctx_t; +typedef blake_large_ctx_t blake64_ctx_t; + +void blake48_init(blake48_ctx_t* ctx); +void blake64_init(blake64_ctx_t* ctx); + +void blake_large_nextBlock(blake_large_ctx_t* ctx, const void* block); +void blake_large_lastBlock(blake_large_ctx_t* ctx, const void* block, uint16_t length_b); + +void blake48_nextBlock(blake48_ctx_t* ctx, const void* block); +void blake48_lastBlock(blake48_ctx_t* ctx, const void* block, uint16_t length_b); + +void blake64_nextBlock(blake64_ctx_t* ctx, const void* block); +void blake64_lastBlock(blake64_ctx_t* ctx, const void* block, uint16_t length_b); + +void blake48_ctx2hash(void* dest, const blake48_ctx_t* ctx); +void blake64_ctx2hash(void* dest, const blake64_ctx_t* ctx); + +void blake48(void* dest, const void* msg, uint32_t length_b); +void blake64(void* dest, const void* msg, uint32_t length_b); + +#endif /* BLAKE_LARGE_H_ */ diff --git a/blake_small.c b/blake_small.c new file mode 100644 index 0000000..edf5cda --- /dev/null +++ b/blake_small.c @@ -0,0 +1,323 @@ +/* blake_small.c */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/* + * \file blake_small.c + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2009-05-04 + * \license GPLv3 or later + * + */ + +#include +#include +#include +#include "memxor.h" +#include "blake_small.h" +#include "blake_common.h" + +#define DEBUG 0 +#define DEBUG_2 0 + +#define BUG_1 0 /* bug compatibility for zero length message */ +#define BUG_2 0 /* bug compatibility for messages of length%512=505...511 */ + + +#if DEBUG_2 + #include "cli.h" +#endif + +#if DEBUG + #include "cli.h" + void dump_v(uint32_t* v){ + uint8_t i; + cli_putstr_P(PSTR("\r\n=== v dump ===")); + for(i=0; i<16; ++i){ + if(i%8==0) + cli_putstr_P(PSTR("\r\n\t")); + cli_hexdump_rev(v+i, 4); + cli_putc(' '); + } + } +#else + #define dump_v(v) +#endif + +uint32_t blake_c[] PROGMEM = { + 0x243F6A88, 0x85A308D3, + 0x13198A2E, 0x03707344, + 0xA4093822, 0x299F31D0, + 0x082EFA98, 0xEC4E6C89, + 0x452821E6, 0x38D01377, + 0xBE5466CF, 0x34E90C6C, + 0xC0AC29B7, 0xC97C50DD, + 0x3F84D5B5, 0xB5470917 +}; + +#define ROTL32(a, n) (((a)<<(n))|((a)>>(32-(n)))) +#define ROTR32(a, n) (((a)>>(n))|((a)<<(32-(n)))) +#define CHANGE_ENDIAN32(a) (((a)<<24)| \ + ((0x0000ff00&(a))<<8)| \ + ((0x00ff0000&(a))>>8)| \ + (a)>>24 ) + +void blake_small_g(uint8_t r, uint8_t i, uint32_t* v, const uint32_t* m){ + uint8_t a,b,c,d, s0, s1; + a = pgm_read_byte(blake_index_lut+4*i+0); + b = pgm_read_byte(blake_index_lut+4*i+1); + c = pgm_read_byte(blake_index_lut+4*i+2); + d = pgm_read_byte(blake_index_lut+4*i+3); + s0 = pgm_read_byte(blake_sigma+16*r+2*i+0); + s1 = pgm_read_byte(blake_sigma+16*r+2*i+1); +#if DEBUG + if(i==0){ + cli_putstr_P(PSTR("\r\n s0 = ")); + cli_hexdump(&s0, 1); + cli_putstr_P(PSTR(" s1 = ")); + cli_hexdump(&s1, 1); + cli_putstr_P(PSTR("\r\n m[s0] = ")); + cli_hexdump_rev(m+s0, 4); + cli_putstr_P(PSTR("\r\n m[s1] = ")); + cli_hexdump_rev(m+s1, 4); + } +#endif + v[a] += v[b] + (m[s0] ^ pgm_read_dword(&(blake_c[s1]))); + v[d] = ROTR32(v[d]^v[a], 16); + v[c] += v[d]; + v[b] = ROTR32(v[b]^v[c], 12); + v[a] += v[b] + (m[s1] ^ pgm_read_dword(&(blake_c[s0]))); + v[d] = ROTR32(v[d]^v[a], 8); + v[c] += v[d]; + v[b] = ROTR32(v[b]^v[c], 7); + +} + +void blake_small_expand(uint32_t* v, const blake_small_ctx_t* ctx){ + uint8_t i; + memcpy(v, ctx->h, 8*4); + for(i=0; i<8; ++i){ + v[8+i] = pgm_read_dword(&(blake_c[i])); + } + memxor((uint8_t*)v+8, ctx->s, 4*4); + +} + +void blake_small_changeendian(void* dest, const void* src){ + uint8_t i; + for(i=0; i<16; ++i){ + ((uint32_t*)dest)[i] = CHANGE_ENDIAN32(((uint32_t*)src)[i]); + } +} + +void blake_small_compress(uint32_t* v,const void* m){ + uint8_t r,i; +#if DEBUG + cli_putstr_P(PSTR("\r\n== compress 32 ==")); + dump_v(v); +#endif +#if DEBUG_2 + cli_putstr_P(PSTR("\r\n=== message block ===\r\n m =")); + cli_hexdump_block(m, 512/8, 4, 16); +#endif + for(r=0; r<10; ++r){ + for(i=0; i<8; ++i){ + blake_small_g(r, i, v, (uint32_t*)m); +#if DEBUG + if(1){ + cli_putstr_P(PSTR("\r\n ROUND: ")); + cli_hexdump(&r,1); + cli_putstr_P(PSTR(" I: ")); + cli_hexdump(&i,1); + dump_v(v); + } +#endif + } + } +} + +void blake_small_collapse(blake_small_ctx_t* ctx, uint32_t* v){ + uint8_t i; + for(i=0; i<8; ++i){ + ctx->h[i] ^= ctx->s[i%4] ^ v[i] ^ v[8+i]; + } +} + +void blake_small_nextBlock(blake_small_ctx_t* ctx, const void* msg){ + uint32_t v[16]; + uint32_t m[16]; + union { + uint64_t v64; + uint32_t v32[2]; + }ctr; + blake_small_expand(v,ctx); + ctx->counter++; + ctr.v64 = ctx->counter*512; + v[12] ^= ctr.v32[0]; + v[13] ^= ctr.v32[0]; + v[14] ^= ctr.v32[1]; + v[15] ^= ctr.v32[1]; + blake_small_changeendian(m, msg); + blake_small_compress(v, m); + blake_small_collapse(ctx, v); +} + +void blake_small_lastBlock(blake_small_ctx_t* ctx, const void* msg, uint16_t length_b){ + while(length_b>=BLAKE_SMALL_BLOCKSIZE){ + blake_small_nextBlock(ctx, msg); + msg = (uint8_t*)msg + BLAKE_SMALL_BLOCKSIZE_B; + length_b -= BLAKE_SMALL_BLOCKSIZE; + } + uint8_t buffer[64]; + uint32_t v[16]; +#if BUG_2 + uint32_t tmp=0; +#endif + union { + uint64_t v64; + uint32_t v32[2]; + }ctr; + ctr.v64 = ctx->counter*512+length_b; +#if BUG_2 + if(length_b>=505){ + tmp =ctr.v32[0]; + ctr.v32[0] = ctx->counter*512; + ctr.v32[0] |= 0x40+length_b-504; + } +#endif + memset(buffer, 0, 64); + memcpy(buffer, msg, (length_b+7)/8); + buffer[length_b/8] |= 0x80 >> (length_b%8); + blake_small_changeendian(buffer, buffer); + blake_small_expand(v, ctx); + v[12] ^= ctr.v32[0]; + v[13] ^= ctr.v32[0]; + v[14] ^= ctr.v32[1]; + v[15] ^= ctr.v32[1]; +#if BUG_2 + if(length_b>=505) + ctr.v32[0] = tmp; +#endif +#if BUG_1 + if(length_b==0 && ctx->counter==0){ + v[14] ^= 1; + v[15] ^= 1; + } +#endif + if(length_b>512-64-2){ + blake_small_compress(v, buffer); + blake_small_collapse(ctx, v); + memset(buffer, 0, 64-8); + blake_small_expand(v, ctx); + } + if(ctx->appendone) + buffer[64-8-4] |= 0x01; + *((uint32_t*)(&(buffer[64-8]))) = ctr.v32[1]; + *((uint32_t*)(&(buffer[64-4]))) = ctr.v32[0]; + blake_small_compress(v, buffer); + blake_small_collapse(ctx, v); + +} + +uint32_t blake32_iv[] PROGMEM = { + 0x6A09E667L, 0xBB67AE85, + 0x3C6EF372L, 0xA54FF53A, + 0x510E527FL, 0x9B05688C, + 0x1F83D9ABL, 0x5BE0CD19 +}; + +void blake32_init(blake32_ctx_t* ctx){ + uint8_t i; + for(i=0; i<8; ++i){ + ctx->h[i] = pgm_read_dword(&(blake32_iv[i])); + } + memset(ctx->s, 0, 4*4); + ctx->counter = 0; + ctx->appendone = 1; +} + +uint32_t blake28_iv[] PROGMEM = { + 0xC1059ED8, 0x367CD507, + 0x3070DD17, 0xF70E5939, + 0xFFC00B31, 0x68581511, + 0x64F98FA7, 0xBEFA4FA4 +}; + +void blake28_init(blake28_ctx_t* ctx){ + uint8_t i; + for(i=0; i<8; ++i){ + ctx->h[i] = pgm_read_dword(&(blake28_iv[i])); + } + memset(ctx->s, 0, 4*4); + ctx->counter = 0; + ctx->appendone = 0; +} + +void blake32_ctx2hash(void* dest, const blake32_ctx_t* ctx){ + uint8_t i; + for(i=0; i<8; ++i){ + ((uint32_t*)dest)[i] = CHANGE_ENDIAN32(ctx->h[i]); + } +} + +void blake28_ctx2hash(void* dest, const blake28_ctx_t* ctx){ + uint8_t i; + for(i=0; i<7; ++i){ + ((uint32_t*)dest)[i] = CHANGE_ENDIAN32(ctx->h[i]); + } +} + +void blake32_nextBlock(blake32_ctx_t* ctx, const void* block){ + blake_small_nextBlock(ctx, block); +} + +void blake28_nextBlock(blake28_ctx_t* ctx, const void* block){ + blake_small_nextBlock(ctx, block); +} + +void blake32_lastBlock(blake32_ctx_t* ctx, const void* block, uint16_t length_b){ + blake_small_lastBlock(ctx, block, length_b); +} + +void blake28_lastBlock(blake28_ctx_t* ctx, const void* block, uint16_t length_b){ + blake_small_lastBlock(ctx, block, length_b); +} + +void blake32(void* dest, const void* msg, uint32_t length_b){ + blake_small_ctx_t ctx; + blake32_init(&ctx); + while(length_b>=BLAKE_SMALL_BLOCKSIZE){ + blake_small_nextBlock(&ctx, msg); + msg = (uint8_t*)msg + BLAKE_SMALL_BLOCKSIZE_B; + length_b -= BLAKE_SMALL_BLOCKSIZE; + } + blake_small_lastBlock(&ctx, msg, length_b); + blake32_ctx2hash(dest, &ctx); +} + +void blake28(void* dest, const void* msg, uint32_t length_b){ + blake_small_ctx_t ctx; + blake28_init(&ctx); + while(length_b>=BLAKE_SMALL_BLOCKSIZE){ + blake_small_nextBlock(&ctx, msg); + msg = (uint8_t*)msg + BLAKE_SMALL_BLOCKSIZE_B; + length_b -= BLAKE_SMALL_BLOCKSIZE; + } + blake_small_lastBlock(&ctx, msg, length_b); + blake28_ctx2hash(dest, &ctx); +} diff --git a/blake_small.h b/blake_small.h new file mode 100644 index 0000000..9502344 --- /dev/null +++ b/blake_small.h @@ -0,0 +1,67 @@ +/* blake_small.h */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/* + * \file blake_small.h + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2009-04-27 + * \license GPLv3 or later + * + */ +#ifndef BLAKE_SMALL_H_ +#define BLAKE_SMALL_H_ + +#include + +#define BLAKE_SMALL_BLOCKSIZE 512 +#define BLAKE_SMALL_BLOCKSIZE_B ((BLAKE_SMALL_BLOCKSIZE+7)/8) +#define BLAKE28_BLOCKSIZE BLAKE_SMALL_BLOCKSIZE +#define BLAKE28_BLOCKSIZE_B BLAKE_SMALL_BLOCKSIZE_B +#define BLAKE32_BLOCKSIZE BLAKE_SMALL_BLOCKSIZE +#define BLAKE32_BLOCKSIZE_B BLAKE_SMALL_BLOCKSIZE_B + +typedef struct { + uint32_t h[8]; + uint32_t s[4]; + uint32_t counter; + uint8_t appendone; +} blake_small_ctx_t; + +typedef blake_small_ctx_t blake28_ctx_t; +typedef blake_small_ctx_t blake32_ctx_t; + +void blake28_init(blake28_ctx_t* ctx); +void blake32_init(blake32_ctx_t* ctx); + +void blake_small_nextBlock(blake_small_ctx_t* ctx, const void* block); +void blake_small_lastBlock(blake_small_ctx_t* ctx, const void* block, uint16_t length_b); + +void blake28_nextBlock(blake28_ctx_t* ctx, const void* block); +void blake28_lastBlock(blake28_ctx_t* ctx, const void* block, uint16_t length_b); + +void blake32_nextBlock(blake32_ctx_t* ctx, const void* block); +void blake32_lastBlock(blake32_ctx_t* ctx, const void* block, uint16_t length_b); + +void blake28_ctx2hash(void* dest, const blake28_ctx_t* ctx); +void blake32_ctx2hash(void* dest, const blake32_ctx_t* ctx); + +void blake28(void* dest, const void* msg, uint32_t length_b); +void blake32(void* dest, const void* msg, uint32_t length_b); + +#endif /* BLAKE_SMALL_H_ */ diff --git a/hfal_blake_large.c b/hfal_blake_large.c new file mode 100644 index 0000000..a6a2ac9 --- /dev/null +++ b/hfal_blake_large.c @@ -0,0 +1,67 @@ +/* hfal_blake_large.c */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/** + * \file hfal_blake_large.c + * \email daniel.otte@rub.de + * \author Daniel Otte + * \date 2009-05-08 + * \license GPLv3 or later + * + */ + +#include +#include +#include "hashfunction_descriptor.h" +#include "blake_large.h" + + +static const char blake48_str[] PROGMEM = "Blake-48"; +static const char blake64_str[] PROGMEM = "Blake-64"; + +const hfdesc_t blake48_desc PROGMEM = { + HFDESC_TYPE_HASHFUNCTION, + 0, + blake48_str, + sizeof(blake48_ctx_t), + BLAKE48_BLOCKSIZE, + 384, + (hf_init_fpt)blake48_init, + (hf_nextBlock_fpt)blake48_nextBlock, + (hf_lastBlock_fpt)blake48_lastBlock, + (hf_ctx2hash_fpt)blake48_ctx2hash, + (hf_free_fpt)NULL, + (hf_mem_fpt)blake48 +}; + +const hfdesc_t blake64_desc PROGMEM = { + HFDESC_TYPE_HASHFUNCTION, + 0, + blake64_str, + sizeof(blake64_ctx_t), + BLAKE64_BLOCKSIZE, + 512, + (hf_init_fpt)blake64_init, + (hf_nextBlock_fpt)blake64_nextBlock, + (hf_lastBlock_fpt)blake64_lastBlock, + (hf_ctx2hash_fpt)blake64_ctx2hash, + (hf_free_fpt)NULL, + (hf_mem_fpt)blake64 +}; + + diff --git a/hfal_blake_large.h b/hfal_blake_large.h new file mode 100644 index 0000000..e894689 --- /dev/null +++ b/hfal_blake_large.h @@ -0,0 +1,37 @@ +/* hfal_blake_large.h */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/** + * \file hfal_blake_large.h + * \email daniel.otte@rub.de + * \author Daniel Otte + * \date 2009-05-08 + * \license GPLv3 or later + * + */ + +#ifndef HFAL_BLAKE_LARGE_H_ +#define HFAL_BLAKE_LARGE_H_ + +#include +#include "hashfunction_descriptor.h" + +extern const hfdesc_t blake48_desc; +extern const hfdesc_t blake64_desc; + +#endif /* HFAL_BLAKE_LARGE_H_ */ diff --git a/hfal_blake_small.c b/hfal_blake_small.c new file mode 100644 index 0000000..4d6600c --- /dev/null +++ b/hfal_blake_small.c @@ -0,0 +1,67 @@ +/* hfal_blake_small.c */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/** + * \file hfal_blake_small.c + * \email daniel.otte@rub.de + * \author Daniel Otte + * \date 2009-05-05 + * \license GPLv3 or later + * + */ + +#include +#include +#include "hashfunction_descriptor.h" +#include "blake_small.h" + + +static const char blake28_str[] PROGMEM = "Blake-28"; +static const char blake32_str[] PROGMEM = "Blake-32"; + +const hfdesc_t blake28_desc PROGMEM = { + HFDESC_TYPE_HASHFUNCTION, + 0, + blake28_str, + sizeof(blake28_ctx_t), + BLAKE28_BLOCKSIZE, + 224, + (hf_init_fpt)blake28_init, + (hf_nextBlock_fpt)blake28_nextBlock, + (hf_lastBlock_fpt)blake28_lastBlock, + (hf_ctx2hash_fpt)blake28_ctx2hash, + (hf_free_fpt)NULL, + (hf_mem_fpt)blake28 +}; + +const hfdesc_t blake32_desc PROGMEM = { + HFDESC_TYPE_HASHFUNCTION, + 0, + blake32_str, + sizeof(blake32_ctx_t), + BLAKE32_BLOCKSIZE, + 256, + (hf_init_fpt)blake32_init, + (hf_nextBlock_fpt)blake32_nextBlock, + (hf_lastBlock_fpt)blake32_lastBlock, + (hf_ctx2hash_fpt)blake32_ctx2hash, + (hf_free_fpt)NULL, + (hf_mem_fpt)blake32 +}; + + diff --git a/hfal_blake_small.h b/hfal_blake_small.h new file mode 100644 index 0000000..70c8b83 --- /dev/null +++ b/hfal_blake_small.h @@ -0,0 +1,37 @@ +/* hfal_blake_small.h */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/** + * \file hfal_blake_small.h + * \email daniel.otte@rub.de + * \author Daniel Otte + * \date 2009-05-05 + * \license GPLv3 or later + * + */ + +#ifndef HFAL_BLAKE_SMALL_H_ +#define HFAL_BLAKE_SMALL_H_ + +#include +#include "hashfunction_descriptor.h" + +extern const hfdesc_t blake28_desc; +extern const hfdesc_t blake32_desc; + +#endif /* HFAL_BLAKE_SMALL_H_ */ diff --git a/host/shavs_test.rb b/host/shavs_test.rb index e6a90d1..8405a3f 100644 --- a/host/shavs_test.rb +++ b/host/shavs_test.rb @@ -92,7 +92,7 @@ def run_test(filename) b = (/[\s]*MD[\s]*=[\s]*([0-9a-fA-F]*).*/.match(avr_md))[1]; a.upcase! b.upcase! - printf("\n%4d: ", line) if (pos%$linewidth==0 and $linewidth!=0) + printf("\n%4d (%4d): ", line, (line-1)*$linewidth) if (pos%$linewidth==0 and $linewidth!=0) line += 1 if (pos%$linewidth==0 and $linewidth!=0) #putc((a==b)?'*':'!') if(a==b) diff --git a/mkfiles/blake_c.mk b/mkfiles/blake_c.mk new file mode 100644 index 0000000..f08fedf --- /dev/null +++ b/mkfiles/blake_c.mk @@ -0,0 +1,14 @@ +# Makefile for Blake +ALGO_NAME := BLAKE_C + +# comment out the following line for removement of Blake from the build process +HASHES += $(ALGO_NAME) + + +$(ALGO_NAME)_OBJ := blake_small.o blake_large.o blake_common.o memxor.o +$(ALGO_NAME)_TEST_BIN := main-blake-test.o debug.o uart.o hexdigit_tab.o \ + dbz_strings.o nessie_common.o cli.o string-extras.o performance_test.o \ + nessie_hash_test.o hfal-basic.o hfal_blake_small.o hfal_blake_large.o shavs.o +$(ALGO_NAME)_NESSIE_TEST := test nessie +$(ALGO_NAME)_PERFORMANCE_TEST := performance + diff --git a/test_src/main-blake-test.c b/test_src/main-blake-test.c new file mode 100644 index 0000000..6fd492a --- /dev/null +++ b/test_src/main-blake-test.c @@ -0,0 +1,282 @@ +/* main-blake-test.c */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/* + * blake test-suit + * +*/ + +#include "config.h" +#include "serial-tools.h" +#include "uart.h" +#include "debug.h" + +#include "blake_small.h" +#include "blake_large.h" +#include "hfal_blake_small.h" +#include "hfal_blake_large.h" +#include "shavs.h" +#include "cli.h" +#include "nessie_hash_test.h" +#include "performance_test.h" + +#include +#include +#include + +char* algo_name = "Blake"; + +/***************************************************************************** + * additional validation-functions * + *****************************************************************************/ + +void testrun_nessie_blake(void){ + nessie_hash_ctx.hashsize_b = 224; + nessie_hash_ctx.name = "Blake28"; + nessie_hash_ctx.blocksize_B = 512/8; + nessie_hash_ctx.ctx_size_B = sizeof(blake28_ctx_t); + nessie_hash_ctx.hash_init = (nessie_hash_init_fpt)blake28_init; + nessie_hash_ctx.hash_next = (nessie_hash_next_fpt)blake28_nextBlock; + nessie_hash_ctx.hash_last = (nessie_hash_last_fpt)blake28_lastBlock; + nessie_hash_ctx.hash_conv = (nessie_hash_conv_fpt)blake28_ctx2hash; + + nessie_hash_run(); + + nessie_hash_ctx.hashsize_b = 256; + nessie_hash_ctx.name = "Blake32"; + nessie_hash_ctx.blocksize_B = 512/8; + nessie_hash_ctx.ctx_size_B = sizeof(blake32_ctx_t); + nessie_hash_ctx.hash_init = (nessie_hash_init_fpt)blake32_init; + nessie_hash_ctx.hash_next = (nessie_hash_next_fpt)blake32_nextBlock; + nessie_hash_ctx.hash_last = (nessie_hash_last_fpt)blake32_lastBlock; + nessie_hash_ctx.hash_conv = (nessie_hash_conv_fpt)blake32_ctx2hash; + + nessie_hash_run(); +} +void blake28_test(void* msg, uint32_t length_b){ + uint8_t diggest[224/8]; + cli_putstr_P(PSTR("\r\n=== Blake28 test ===\r\n message:\r\n")); + cli_hexdump_block(msg, (length_b+7)/8, 4, 16); + blake28(diggest, msg, length_b); + cli_putstr_P(PSTR("\r\n diggest:\r\n")); + cli_hexdump_block(diggest, 224/8, 4, 16); +} + +void blake32_test(void* msg, uint32_t length_b){ + uint8_t diggest[256/8]; + cli_putstr_P(PSTR("\r\n=== Blake32 test ===\r\n message:\r\n")); + cli_hexdump_block(msg, (length_b+7)/8, 4, 16); + blake32(diggest, msg, length_b); + cli_putstr_P(PSTR("\r\n diggest:\r\n")); + cli_hexdump_block(diggest, 256/8, 4, 16); +} + +void blake48_test(void* msg, uint32_t length_b){ + uint8_t diggest[384/8]; + cli_putstr_P(PSTR("\r\n=== Blake48 test ===\r\n message:\r\n")); + cli_hexdump_block(msg, (length_b+7)/8, 4, 16); + blake48(diggest, msg, length_b); + cli_putstr_P(PSTR("\r\n diggest:\r\n")); + cli_hexdump_block(diggest, 384/8, 4, 16); +} + +void blake64_test(void* msg, uint32_t length_b){ + uint8_t diggest[512/8]; + cli_putstr_P(PSTR("\r\n=== Blake48 test ===\r\n message:\r\n")); + cli_hexdump_block(msg, (length_b+7)/8, 4, 16); + blake64(diggest, msg, length_b); + cli_putstr_P(PSTR("\r\n diggest:\r\n")); + cli_hexdump_block(diggest, 512/8, 4, 16); +} +void testrun_stdtest_blake(void){ + uint8_t msg1[144]; + memset(msg1, 0, 144); + blake28_test("", 8); + blake28_test(msg1, 576); + blake32_test("", 8); + blake32_test(msg1, 576); + blake48_test("", 8); + blake48_test(msg1, 1152); + blake64_test("", 8); + blake64_test(msg1, 1152); +} + +void testshort(void){ + blake32_test("", 8); +} + +void testlshort(void){ + blake64_test("", 8); +} + +void performance_blake(void){ + uint64_t t; + char str[16]; + uint8_t data[64]; + uint8_t hash[512/8]; + blake_small_ctx_t ctx; + blake_large_ctx_t ctx2; + + calibrateTimer(); + print_overhead(); + + memset(data, 0, 64); + + + startTimer(1); + blake28_init(&ctx); + t = stopTimer(); + cli_putstr_P(PSTR("\r\n\tctx-gen time (224): ")); + ultoa((unsigned long)t, str, 10); + cli_putstr(str); + + startTimer(1); + blake32_init(&ctx); + t = stopTimer(); + cli_putstr_P(PSTR("\r\n\tctx-gen time (256): ")); + ultoa((unsigned long)t, str, 10); + cli_putstr(str); + + startTimer(1); + blake48_init(&ctx2); + t = stopTimer(); + cli_putstr_P(PSTR("\r\n\tctx-gen time (384): ")); + ultoa((unsigned long)t, str, 10); + cli_putstr(str); + + startTimer(1); + blake64_init(&ctx2); + t = stopTimer(); + cli_putstr_P(PSTR("\r\n\tctx-gen time (512): ")); + ultoa((unsigned long)t, str, 10); + cli_putstr(str); + + startTimer(1); + blake_small_nextBlock(&ctx, data); + t = stopTimer(); + cli_putstr_P(PSTR("\r\n\tone-block (small) time: ")); + ultoa((unsigned long)t, str, 10); + cli_putstr(str); + + startTimer(1); + blake_large_nextBlock(&ctx2, data); + t = stopTimer(); + cli_putstr_P(PSTR("\r\n\tone-block (large) time: ")); + ultoa((unsigned long)t, str, 10); + cli_putstr(str); + + startTimer(1); + blake_small_lastBlock(&ctx, data, 0); + t = stopTimer(); + cli_putstr_P(PSTR("\r\n\tlast block (small) time: ")); + ultoa((unsigned long)t, str, 10); + cli_putstr(str); + + startTimer(1); + blake_large_lastBlock(&ctx2, data, 0); + t = stopTimer(); + cli_putstr_P(PSTR("\r\n\tlast block (large) time: ")); + ultoa((unsigned long)t, str, 10); + cli_putstr(str); + + startTimer(1); + blake28_ctx2hash(hash, &ctx); + t = stopTimer(); + cli_putstr_P(PSTR("\r\n\tctx2hash time (224): ")); + ultoa((unsigned long)t, str, 10); + cli_putstr(str); + + startTimer(1); + blake32_ctx2hash(hash, &ctx); + t = stopTimer(); + cli_putstr_P(PSTR("\r\n\tctx2hash time (256): ")); + ultoa((unsigned long)t, str, 10); + cli_putstr(str); + + startTimer(1); + blake48_ctx2hash(hash, &ctx2); + t = stopTimer(); + cli_putstr_P(PSTR("\r\n\tctx2hash time (384): ")); + ultoa((unsigned long)t, str, 10); + cli_putstr(str); + + startTimer(1); + blake64_ctx2hash(hash, &ctx2); + t = stopTimer(); + cli_putstr_P(PSTR("\r\n\tctx2hash time (512): ")); + ultoa((unsigned long)t, str, 10); + cli_putstr(str); + + cli_putstr_P(PSTR("\r\n")); + +} + +/***************************************************************************** + * main * + *****************************************************************************/ + +const hfdesc_t* algolist[] PROGMEM = { + (hfdesc_t*)&blake28_desc, + (hfdesc_t*)&blake32_desc, + (hfdesc_t*)&blake48_desc, + (hfdesc_t*)&blake64_desc, + NULL +}; + +const char nessie_str[] PROGMEM = "nessie"; +const char test_str[] PROGMEM = "test"; +const char testshort_str[] PROGMEM = "short"; +const char testlshort_str[] PROGMEM = "lshort"; +const char performance_str[] PROGMEM = "performance"; +const char echo_str[] PROGMEM = "echo"; +const char shavs_list_str[] PROGMEM = "shavs_list"; +const char shavs_set_str[] PROGMEM = "shavs_set"; +const char shavs_test1_str[] PROGMEM = "shavs_test1"; + +cmdlist_entry_t cmdlist[] PROGMEM = { + { nessie_str, NULL, testrun_nessie_blake}, + { test_str, NULL, testrun_stdtest_blake}, + { testshort_str, NULL, testshort}, + { testlshort_str, NULL, testlshort}, + { performance_str, NULL, performance_blake}, + { shavs_list_str, NULL, shavs_listalgos}, + { shavs_set_str, (void*)1, (void_fpt)shavs_setalgo}, + { shavs_test1_str, NULL, shavs_test1}, + { echo_str, (void*)1, (void_fpt)echo_ctrl}, + { NULL, NULL, NULL} +}; + +int main (void){ + DEBUG_INIT(); + + cli_rx = uart_getc; + cli_tx = uart_putc; + shavs_algolist=(hfdesc_t**)algolist; + shavs_algo=(hfdesc_t*)&blake32_desc; + for(;;){ + cli_putstr_P(PSTR("\r\n\r\nCrypto-VS (")); + cli_putstr(algo_name); + cli_putstr_P(PSTR("; ")); + cli_putstr(__DATE__); + cli_putstr_P(PSTR(" ")); + cli_putstr(__TIME__); + cli_putstr_P(PSTR(")\r\nloaded and running\r\n")); + + cmd_interface(cmdlist); + } +} diff --git a/test_src/main-bmw-test.c b/test_src/main-bmw-test.c index 8d157d3..74aa8ff 100644 --- a/test_src/main-bmw-test.c +++ b/test_src/main-bmw-test.c @@ -1,4 +1,4 @@ -/* main-shabal-test.c */ +/* main-bmw-test.c */ /* This file is part of the AVR-Crypto-Lib. Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) @@ -17,7 +17,7 @@ along with this program. If not, see . */ /* - * shabal test-suit + * BlueMidnightWish test-suit * */ -- 2.39.2