From 628319e6c3018268ef1c307976a0e81e4dc549b8 Mon Sep 17 00:00:00 2001 From: bg Date: Fri, 11 Jan 2013 21:32:50 +0100 Subject: [PATCH] [keccak-asm] removing unnecessary c and d fields from context --- keccak/keccak-asm.S | 26 ++++++------- keccak/keccak-stub.c | 93 +++++++++++++++++++++++++++++++------------- keccak/keccak.h | 6 +-- 3 files changed, 82 insertions(+), 43 deletions(-) diff --git a/keccak/keccak-asm.S b/keccak/keccak-asm.S index cec7900..7b7c6cf 100644 --- a/keccak/keccak-asm.S +++ b/keccak/keccak-asm.S @@ -43,10 +43,6 @@ ctx_a: .struct ctx_a + 8 * 5 * 5 ctx_r: .struct ctx_r + 2 -ctx_c: - .struct ctx_c + 2 -ctx_d: - .struct ctx_d + 1 ctx_bs: .section .text @@ -544,15 +540,17 @@ icall_r16_times: */ ; memcpy(a, b, 200) ; X points at b + 32 + 8 = b + 40 = b[1][0] has to point to b[0][0] - ldi r16, 200 + ldi r16, 200 / 8 sbiw XL, 5 * 8 movw ZL, XL subi YL, lo8(5 * 5 * 8) sbci YH, hi8(5 * 5 * 8) movw r2, YL 10: + .rept 8 ld r22, X+ st Y+, r22 + .endr dec r16 brne 10b @@ -635,23 +633,25 @@ void keccak_ctx2hash(void* dest, uint16_t length_b, keccak_ctx_t* ctx){ memcpy(dest, ctx->a, (length_b+7)/8); } */ - .global keccak_ctx2hash - .func keccak_ctx2hash -keccak_ctx2hash: +; .global keccak_ctx2hash +; .func keccak_ctx2hash +;keccak_ctx2hash: push_range 2, 10 movw r4, r20 movw r6, r24 movw ZL, r24 movw r8, r22 subi ZL, lo8(-ctx_r) - subi ZH, hi8(-ctx_r) + sbci ZH, hi8(-ctx_r) ld r2, Z+ ld r3, Z+ ldd r10, Z+3 ; load blocksize (in bytes) 10: - cp r8, r2 - cpc r9, r3 - brcc 40f + ; length_b = (r9:r8) ; r = (r3:r2) ; (H:L) + cp r2, r8 + cpc r3, r9 + rjmp 40f + brsh 40f movw XL, r4 movw ZL, r6 mov r24, r10 @@ -687,5 +687,5 @@ keccak_ctx2hash: 99: pop_range 2, 10 ret - .endfunc +; .endfunc diff --git a/keccak/keccak-stub.c b/keccak/keccak-stub.c index 5f3927d..da6caff 100644 --- a/keccak/keccak-stub.c +++ b/keccak/keccak-stub.c @@ -60,51 +60,92 @@ void keccak_dump_ctx(keccak_ctx_t* ctx){ #endif -void keccak_f1600(uint64_t a[5][5]); +void keccak_f1600(uint8_t a[200]); void keccak_lastBlock(keccak_ctx_t* ctx, const void* block, uint16_t length_b){ - while(length_b >= ctx->r){ + uint8_t length_B; + while(length_b >= ctx->r){ + keccak_nextBlock(ctx, block); + block = (uint8_t*)block + ctx->bs; + length_b -= ctx->r; + } + length_B = length_b / 8; + memxor(ctx->a, block, length_B); + /* append 1 */ + if(length_b & 7){ + /* we have some single bits */ + uint8_t t; + t = ((uint8_t*)block)[length_B] >> (8 - (length_b & 7)); + t |= 0x01 << (length_b & 7); + ctx->a[length_B] ^= t; + }else{ + ctx->a[length_B] ^= 0x01; + } + if(length_b == ctx->r - 1){ + keccak_f1600(ctx->a); + } + ctx->a[ctx->bs - 1] ^= 0x80; + keccak_f1600(ctx->a); +} + +#if 0 +void keccak_lastBlock(keccak_ctx_t* ctx, const void* block, uint16_t length_b){ + uint8_t length_B; + while(length_b >= ctx->r){ keccak_nextBlock(ctx, block); block = (uint8_t*)block + ctx->bs; length_b -= ctx->r; } - memxor(ctx->a, block, (length_b)/8); + length_B = length_b / 8; + memxor(ctx->a, block, length_B); /* append 1 */ if(length_b & 7){ /* we have some single bits */ uint8_t t; - t = ((uint8_t*)block)[length_b / 8] >> (8 - (length_b & 7)); + t = ((uint8_t*)block)[length_B] >> (8 - (length_b & 7)); t |= 0x01 << (length_b & 7); - ((uint8_t*)ctx->a)[length_b / 8] ^= t; + ctx->a[length_B] ^= t; }else{ - ((uint8_t*)ctx->a)[length_b / 8] ^= 0x01; + ctx->a[length_B] ^= 0x01; } - if(length_b / 8 + 1 + 3 <= ctx->bs){ - *((uint8_t*)ctx->a + length_b / 8 + 1) ^= ctx->d; - *((uint8_t*)ctx->a + length_b / 8 + 2) ^= ctx->bs; - *((uint8_t*)ctx->a + length_b / 8 + 3) ^= 1; + if(length_B + 1 + 3 <= ctx->bs){ + ctx->a[length_B + 1] ^= ctx->d; + ctx->a[length_B + 2] ^= ctx->bs; + ctx->a[length_B + 3] ^= 1; }else{ - if(length_b / 8 + 1 + 2 <= ctx->bs){ - *((uint8_t*)ctx->a + length_b / 8 + 1) ^= ctx->d; - *((uint8_t*)ctx->a + length_b / 8 + 2) ^= ctx->bs; + if(length_B + 1 + 2 <= ctx->bs){ + ctx->a[length_B + 1] ^= ctx->d; + ctx->a[length_B + 2] ^= ctx->bs; keccak_f1600(ctx->a); ((uint8_t*)ctx->a)[0] ^= 0x01; }else{ - if(length_b/8+1+1 <= ctx->bs){ - *((uint8_t*)ctx->a + length_b / 8 + 1) ^= ctx->d; + if(length_B + 1 + 1 <= ctx->bs){ + ctx->a[length_B + 1] ^= ctx->d; keccak_f1600(ctx->a); - ((uint8_t*)ctx->a)[0] ^= ctx->bs; - ((uint8_t*)ctx->a)[1] ^= 0x01; + ctx->a[0] ^= ctx->bs; + ctx->a[1] ^= 0x01; }else{ keccak_f1600(ctx->a); - ((uint8_t*)ctx->a)[0] ^= ctx->d; - ((uint8_t*)ctx->a)[1] ^= ctx->bs; - ((uint8_t*)ctx->a)[2] ^= 0x01; + ctx->a[0] ^= ctx->d; + ctx->a[1] ^= ctx->bs; + ctx->a[2] ^= 0x01; } } } keccak_f1600(ctx->a); } +#endif + + +void keccak_ctx2hash(void* dest, uint16_t length_b, keccak_ctx_t* ctx){ + while(length_b>=ctx->r){ + memcpy(dest, ctx->a, ctx->bs); + dest = (uint8_t*)dest + ctx->bs; + length_b -= ctx->r; + keccak_f1600(ctx->a); + } + memcpy(dest, ctx->a, (length_b+7)/8); +} void keccak224_ctx2hash(void* dest, keccak_ctx_t* ctx){ keccak_ctx2hash(dest, 224, ctx); @@ -128,26 +169,24 @@ void keccak512_ctx2hash(void* dest, keccak_ctx_t* ctx){ 3. SHA3-384: ⌊Keccak[r = 832, c = 768, d = 48]⌋384 4. SHA3-512: ⌊Keccak[r = 576, c = 1024, d = 64]⌋512 */ -void keccak_init(uint16_t r, uint16_t c, uint8_t d, keccak_ctx_t* ctx){ +void keccak_init(uint16_t r, keccak_ctx_t* ctx){ memset(ctx->a, 0x00, 5 * 5 * 8); ctx->r = r; - ctx->c = c; - ctx->d = d; ctx->bs = (uint8_t)(r / 8); } void keccak224_init(keccak_ctx_t* ctx){ - keccak_init(1152, 448, 28, ctx); + keccak_init(1152, ctx); } void keccak256_init(keccak_ctx_t* ctx){ - keccak_init(1088, 512, 32, ctx); + keccak_init(1088, ctx); } void keccak384_init(keccak_ctx_t* ctx){ - keccak_init( 832, 768, 48, ctx); + keccak_init( 832, ctx); } void keccak512_init(keccak_ctx_t* ctx){ - keccak_init( 576, 1024, 64, ctx); + keccak_init( 576, ctx); } diff --git a/keccak/keccak.h b/keccak/keccak.h index 736cbc8..b9ecd3e 100644 --- a/keccak/keccak.h +++ b/keccak/keccak.h @@ -32,9 +32,9 @@ #define KECCAK512_BLOCKSIZE_B (KECCAK512_BLOCKSIZE / 8) typedef struct{ - uint64_t a[5][5]; - uint16_t r, c; - uint8_t d, bs; + uint8_t a[200]; + uint16_t r; + uint8_t bs; } keccak_ctx_t; -- 2.39.2