3 This file is part of the AVR-Crypto-Lib.
4 Copyright (C) 2006 2007 2008 2009 Daniel Otte (daniel.otte@rub.de)
6 This program is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation, either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 * \license GPLv3 or later
27 #include <avr/pgmspace.h>
32 #include "hashfunction_descriptor.h"
33 #include "hfal-basic.h"
35 #include "string-extras.h"
47 # include <util/delay.h>
50 hfdesc_t* shavs_algo=NULL;
51 hfdesc_t** shavs_algolist=NULL;
53 void shavs_listalgos(void){
58 cli_putstr_P(PSTR("\r\nthe following algorithms are available:\r\n"));
59 while(option<='z' && (t=(hfdesc_t*)pgm_read_word(&(shavs_algolist[i])))){
61 cli_putc((t==shavs_algo)?'*':' ');
63 cli_putstr_P(PSTR(":\t"));
64 cli_putstr_P((void*)(pgm_read_word(&(t->name))));
65 cli_putstr_P(PSTR("\r\n"));
70 void shavs_setalgo(char* param){
71 param = strstrip(param);
72 if(param[1]=='\0'){ /* single letter specified */
73 uint8_t i,option = param[0]-'a';
76 cli_putstr_P(PSTR("\r\nERROR: shavs_algolist not set!"));
79 for(i=0; i<=option; ++i){
80 if((void*)pgm_read_word(&(shavs_algolist[i]))==NULL){
81 cli_putstr_P(PSTR("\r\nERROR: invalid selection!"));
85 shavs_algo=(hfdesc_t*)pgm_read_word(&(shavs_algolist[option]));
86 } else { /* name specifyed */
89 while((t=(hfdesc_t*)pgm_read_word(&(shavs_algolist[i]))) &&
90 strcasecmp_P(param, (void*)pgm_read_word(&(t->name))))
95 cli_putstr_P(PSTR("\r\nERROR: could not find \""));
97 cli_putstr_P(PSTR("\"!"));
104 uint16_t buffersize_B;
111 static shavs_ctx_t shavs_ctx;
113 uint8_t buffer_add(char c){
115 if(shavs_ctx.buffer_idx==shavs_ctx.buffersize_B){
116 hfal_hash_nextBlock(&(shavs_ctx.ctx), shavs_ctx.buffer);
118 shavs_ctx.buffer_idx=0;
121 memset(shavs_ctx.buffer, 0, shavs_ctx.buffersize_B);
123 if(c>='0' && c<='9'){
126 c &= (uint8_t)~('a' ^ 'A');
127 if(c>='A' && c<='F'){
133 t=shavs_ctx.buffer[shavs_ctx.buffer_idx];
134 if(shavs_ctx.in_byte){
136 shavs_ctx.buffer[shavs_ctx.buffer_idx]=t;
137 shavs_ctx.buffer_idx++;
138 shavs_ctx.in_byte = 0;
141 shavs_ctx.buffer[shavs_ctx.buffer_idx]=t;
142 shavs_ctx.in_byte = 1;
147 int32_t getLength(void){
152 memset(lenstr, 0, 21);
153 cli_getsn_cecho(lenstr, 20);
154 len2 = strstrip(lenstr);
155 if(!strncasecmp_P(len2, PSTR("LEN"), 3)){
156 while(*len2 && *len2!='=')
161 }while(*len2 && !isdigit(*len2));
162 len=(uint32_t)strtoul(len2, NULL, 10);
166 if(!strncasecmp_P(len2, PSTR("EXIT"), 4)){
173 void shavs_test1(void){ /* KAT tests */
175 int32_t expect_input=0;
178 cli_putstr_P(PSTR("\r\nERROR: select algorithm first!"));
182 uint8_t diggest[pgm_read_word(&(shavs_algo->hashsize_b))/8];
183 shavs_ctx.buffersize_B=pgm_read_word(&(shavs_algo->blocksize_b))/8;
184 uint8_t buffer[shavs_ctx.buffersize_B+5];
185 shavs_ctx.buffer = buffer;
186 cli_putstr_P(PSTR("\r\nbuffer_size = 0x"));
187 cli_hexdump_rev(&(shavs_ctx.buffersize_B), 2);
188 cli_putstr_P(PSTR(" bytes"));
190 shavs_ctx.blocks = 0;
191 memset(buffer, 0, shavs_ctx.buffersize_B);
192 length = getLength();
198 cli_putstr_P(PSTR("\r\nLen == "));
199 cli_hexdump_rev(&length, 4);
204 expect_input=((length+7)>>2)&(~1L);
207 cli_putstr_P(PSTR("\r\nexpected_input == "));
208 cli_hexdump_rev(&expect_input, 4);
210 cli_putstr_P(PSTR("\r\nexpected_input == 0 !!!"));
212 shavs_ctx.buffer_idx = 0;
213 shavs_ctx.in_byte = 0;
214 shavs_ctx.blocks = 0;
217 cli_putstr_P(PSTR("\r\n HFAL init"));
218 cli_putstr_P(PSTR("\r\n (2) expected_input == "));
219 cli_hexdump_rev(&expect_input, 4);
221 ret = hfal_hash_init(shavs_algo, &(shavs_ctx.ctx));
223 cli_putstr_P(PSTR("\r\n HFAL init returned with: "));
224 cli_hexdump(&ret, 1);
228 cli_putstr_P(PSTR("\r\n (3) expected_input == "));
229 cli_hexdump_rev(&expect_input, 4);
230 cli_putstr_P(PSTR("\r\n"));
232 while((c=cli_getc_cecho())!='M' && c!='m'){
234 cli_putstr_P(PSTR("\r\nERROR: wrong input (1) [0x"));
236 cli_putstr_P(PSTR("]!\r\n"));
237 hfal_hash_free(&(shavs_ctx.ctx));
241 if((c=cli_getc_cecho())!='s' && c!='S'){
242 cli_putstr_P(PSTR("\r\nERROR: wrong input (2)!\r\n"));
243 hfal_hash_free(&(shavs_ctx.ctx));
246 if((c=cli_getc_cecho())!='g' && c!='G'){
247 cli_putstr_P(PSTR("\r\nERROR: wrong input (3)!\r\n"));
248 hfal_hash_free(&(shavs_ctx.ctx));
251 while((c=cli_getc_cecho())!='='){
253 cli_putstr_P(PSTR("\r\nERROR: wrong input (4)!\r\n"));
254 hfal_hash_free(&(shavs_ctx.ctx));
259 cli_putstr_P(PSTR("\r\nparsing started"));
261 shavs_ctx.buffer_idx = 0;
262 shavs_ctx.in_byte = 0;
263 shavs_ctx.blocks = 0;
264 while(expect_input>0){
267 cli_putstr_P(PSTR("\r\n\t("));
268 cli_hexdump_rev(&expect_input, 4);
269 cli_putstr_P(PSTR(") "));
272 if(buffer_add(c)==0){
275 if(!isblank((uint16_t)c)){
276 cli_putstr_P(PSTR("\r\nERROR: wrong input (5) ("));
278 cli_putstr_P(PSTR(")!\r\n"));
279 hfal_hash_free(&(shavs_ctx.ctx));
285 cli_putstr_P(PSTR("\r\nBuffer-A:"));
286 cli_hexdump_block(buffer, shavs_ctx.buffersize_B, 5, 8);
288 cli_putstr_P(PSTR("\r\n starting finalisation"));
289 cli_putstr_P(PSTR("\r\n\tblocks == "));
290 cli_hexdump_rev(&(shavs_ctx.blocks),4);
291 cli_putstr_P(PSTR("\r\n\tbuffer_idx == "));
292 cli_hexdump_rev(&(shavs_ctx.buffer_idx),2);
293 cli_putstr_P(PSTR("\r\n\tin_byte == "));
294 cli_hexdump_rev(&(shavs_ctx.in_byte),1);
297 cli_putstr_P(PSTR("\r\n starting last block"));
298 cli_putstr_P(PSTR("\r\n\tlength == "));
299 cli_hexdump_rev(&length,4);
300 cli_putstr_P(PSTR("\r\n\tbuffersize_B == "));
301 cli_hexdump_rev(&(shavs_ctx.buffersize_B),2);
302 uint16_t temp=length-(shavs_ctx.blocks)*((shavs_ctx.buffersize_B)*8);
303 cli_putstr_P(PSTR("\r\n\t (temp) == "));
304 cli_hexdump_rev(&temp,2);
306 temp=length-(shavs_ctx.blocks)*((shavs_ctx.buffersize_B)*8);
308 uint16_t temp=length-(shavs_ctx.blocks)*((shavs_ctx.buffersize_B)*8);
310 /* cli_putstr_P(PSTR("\r\n\t (temp) == "));
311 cli_hexdump_rev(&temp,2); */
312 hfal_hash_lastBlock( &(shavs_ctx.ctx), buffer, /* be aware of freaking compilers!!! */
313 // length-(shavs_ctx.blocks)*((shavs_ctx.buffersize_B)*8));
316 cli_putstr_P(PSTR("\r\n starting ctx2hash"));
319 hfal_hash_ctx2hash(diggest, &(shavs_ctx.ctx));
321 cli_putstr_P(PSTR("\r\n starting hash free"));
323 hfal_hash_free(&(shavs_ctx.ctx));
324 cli_putstr_P(PSTR("\r\n MD = "));
325 cli_hexdump(diggest, pgm_read_word(&(shavs_algo->hashsize_b))/8);
330 void shavs_test2(void){ /* Monte Carlo tests for SHA-1 & SHA-2 */
331 uint16_t expected_input;
337 cli_putstr_P(PSTR("\r\nERROR: select algorithm first!"));
340 uint8_t ml=pgm_read_word(&(shavs_algo->hashsize_b))/8;
343 while((c=cli_getc_cecho())!='S' && c!='s'){
345 cli_putstr_P(PSTR("\r\nERROR: wrong input (1) [0x"));
347 cli_putstr_P(PSTR("]!\r\n"));
351 if((c=cli_getc_cecho())!='e' && c!='e'){
352 cli_putstr_P(PSTR("\r\nERROR: wrong input (2)!\r\n"));
355 if((c=cli_getc_cecho())!='e' && c!='e'){
356 cli_putstr_P(PSTR("\r\nERROR: wrong input (3)!\r\n"));
359 if((c=cli_getc_cecho())!='d' && c!='D'){
360 cli_putstr_P(PSTR("\r\nERROR: wrong input (4)!\r\n"));
363 while((c=cli_getc_cecho())!='='){
365 cli_putstr_P(PSTR("\r\nERROR: wrong input (5)!\r\n"));
369 expected_input = ml*2;
370 memset(m+2*ml, 0, ml);
374 if(c>='0' && c<='9'){
378 if(c>='a' && c<='f'){
393 }while(expected_input);
394 /* so we have the seed */
395 cli_putstr_P(PSTR("\r\nstarting processing"));
397 for(count=0; count<100; ++count){
398 memcpy(m, m+ml*2, ml);
399 memcpy(m+ml, m+ml*2, ml);
400 for(j=0; j<1000; ++j){
401 hfal_hash_mem(shavs_algo, m+ml*3, m, ml*3*8);
402 memmove(m, m+ml, 3*ml);
404 cli_putstr_P(PSTR("\r\n\r\nCOUNT = "));
406 cli_putc(count/10+'0');
408 cli_putc(count%10+'0');
409 cli_putstr_P(PSTR("\r\nMD = "));
410 cli_hexdump(m+ml*2, ml);
415 void shavs_test3(void){ /* Monte Carlo tests for SHA-3 */
416 uint16_t expected_input;
422 cli_putstr_P(PSTR("\r\nERROR: select algorithm first!"));
425 uint8_t ml=pgm_read_word(&(shavs_algo->hashsize_b))/8;
428 while((c=cli_getc_cecho())!='S' && c!='s'){
430 cli_putstr_P(PSTR("\r\nERROR: wrong input (1) [0x"));
432 cli_putstr_P(PSTR("]!\r\n"));
436 if((c=cli_getc_cecho())!='e' && c!='e'){
437 cli_putstr_P(PSTR("\r\nERROR: wrong input (2)!\r\n"));
440 if((c=cli_getc_cecho())!='e' && c!='e'){
441 cli_putstr_P(PSTR("\r\nERROR: wrong input (3)!\r\n"));
444 if((c=cli_getc_cecho())!='d' && c!='D'){
445 cli_putstr_P(PSTR("\r\nERROR: wrong input (4)!\r\n"));
448 while((c=cli_getc_cecho())!='='){
450 cli_putstr_P(PSTR("\r\nERROR: wrong input (5)!\r\n"));
454 expected_input = 1024/4;
455 memset(m+ml, 0, 1024/8);
459 if(c>='0' && c<='9'){
463 if(c>='a' && c<='f'){
478 }while(expected_input);
479 /* so we have the seed */
480 cli_putstr_P(PSTR("\r\nstarting processing"));
482 for(count=0; count<100; ++count){
483 for(j=0; j<1000; ++j){
484 hfal_hash_mem(shavs_algo, m, m+ml, 1024);
485 memmove(m+ml, m, 1024/8);
487 cli_putstr_P(PSTR("\r\n\r\nj = "));
489 cli_putc(count/10+'0');
491 cli_putc(count%10+'0');
492 cli_putstr_P(PSTR("\r\nMD = "));
493 cli_hexdump(m+ml, ml);