3 This file is part of the AVR-Crypto-Lib.
4 Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
6 This program is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation, either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 * \email daniel.otte@rub.de
24 * \license GPLv3 or later
30 #include <avr/pgmspace.h>
31 #include "bmw_small.h"
34 #define SHL32(a,n) ((a)<<(n))
35 #define SHR32(a,n) ((a)>>(n))
36 #define ROTL32(a,n) (((a)<<(n))|((a)>>(32-(n))))
37 #define ROTR32(a,n) (((a)>>(n))|((a)<<(32-(n))))
45 void ctx_dump(const bmw_small_ctx_t* ctx){
47 cli_putstr_P(PSTR("\r\n==== ctx dump ===="));
49 cli_putstr_P(PSTR("\r\n h["));
51 cli_putstr_P(PSTR("] = "));
52 cli_hexdump_rev(&(ctx->h[i]), 4);
54 cli_putstr_P(PSTR("\r\n counter = "));
55 cli_hexdump(&(ctx->counter), 4);
58 void dump_x(const uint32_t* q, uint8_t elements, char x){
60 cli_putstr_P(PSTR("\r\n==== "));
62 cli_putstr_P(PSTR(" dump ===="));
63 for(i=0; i<elements;++i){
64 cli_putstr_P(PSTR("\r\n "));
66 cli_putstr_P(PSTR("["));
68 cli_putstr_P(PSTR("] = "));
69 cli_hexdump_rev(&(q[i]), 4);
77 void bmw_small_f1(uint32_t* q, const void* m, const void* h);
78 void bmw_small_f0(uint32_t* h, const void* m, uint32_t* q);
79 void bmw_small_f2(uint32_t* h, uint32_t* q, const void* m);
80 void bmw_small_nextBlock(bmw_small_ctx_t* ctx, const void* block);
83 void bmw_small_nextBlock(bmw_small_ctx_t* ctx, const void* block){
85 dump_x(block, 16, 'M');
86 bmw_small_f0(ctx->h, block, q);
88 bmw_small_f1(q, block, ctx->h);
90 bmw_small_f2(ctx->h, q, block);
96 void bmw_small_lastBlock(bmw_small_ctx_t* ctx, const void* block, uint16_t length_b){
101 while(length_b >= BMW_SMALL_BLOCKSIZE){
102 bmw_small_nextBlock(ctx, block);
103 length_b -= BMW_SMALL_BLOCKSIZE;
104 block = (uint8_t*)block + BMW_SMALL_BLOCKSIZE_B;
106 memset(pctx.buffer, 0, 64);
107 memcpy(pctx.buffer, block, (length_b+7)/8);
108 pctx.buffer[length_b>>3] |= 0x80 >> (length_b&0x07);
109 if(length_b+1>64*8-64){
110 bmw_small_nextBlock(ctx, pctx.buffer);
111 memset(pctx.buffer, 0, 64-8);
114 *((uint64_t*)&(pctx.buffer[64-8])) = (uint64_t)(ctx->counter*512LL)+(uint64_t)length_b;
115 bmw_small_nextBlock(ctx, pctx.buffer);
117 memset(pctx.buffer, 0xaa, 64);
119 pctx.buffer[i*4] = i+0xa0;
121 bmw_small_nextBlock((bmw_small_ctx_t*)&pctx, ctx->h);
122 memcpy(ctx->h, pctx.buffer, 64);
125 void bmw224_init(bmw224_ctx_t* ctx){
127 ctx->h[0] = 0x00010203;
129 ctx->h[i] = ctx->h[i-1]+ 0x04040404;
135 void bmw256_init(bmw256_ctx_t* ctx){
137 ctx->h[0] = 0x40414243;
139 ctx->h[i] = ctx->h[i-1]+ 0x04040404;
145 void bmw224_nextBlock(bmw224_ctx_t* ctx, const void* block){
146 bmw_small_nextBlock(ctx, block);
149 void bmw256_nextBlock(bmw256_ctx_t* ctx, const void* block){
150 bmw_small_nextBlock(ctx, block);
153 void bmw224_lastBlock(bmw224_ctx_t* ctx, const void* block, uint16_t length_b){
154 bmw_small_lastBlock(ctx, block, length_b);
157 void bmw256_lastBlock(bmw256_ctx_t* ctx, const void* block, uint16_t length_b){
158 bmw_small_lastBlock(ctx, block, length_b);
161 void bmw224_ctx2hash(void* dest, const bmw224_ctx_t* ctx){
162 memcpy(dest, &(ctx->h[9]), 224/8);
165 void bmw256_ctx2hash(void* dest, const bmw256_ctx_t* ctx){
166 memcpy(dest, &(ctx->h[8]), 256/8);
169 void bmw224(void* dest, const void* msg, uint32_t length_b){
172 while(length_b>=BMW_SMALL_BLOCKSIZE){
173 bmw_small_nextBlock(&ctx, msg);
174 length_b -= BMW_SMALL_BLOCKSIZE;
175 msg = (uint8_t*)msg + BMW_SMALL_BLOCKSIZE_B;
177 bmw_small_lastBlock(&ctx, msg, length_b);
178 bmw224_ctx2hash(dest, &ctx);
181 void bmw256(void* dest, const void* msg, uint32_t length_b){
184 while(length_b>=BMW_SMALL_BLOCKSIZE){
185 bmw_small_nextBlock(&ctx, msg);
186 length_b -= BMW_SMALL_BLOCKSIZE;
187 msg = (uint8_t*)msg + BMW_SMALL_BLOCKSIZE_B;
189 bmw_small_lastBlock(&ctx, msg, length_b);
190 bmw256_ctx2hash(dest, &ctx);