From: bg Date: Mon, 22 Dec 2008 03:19:07 +0000 (+0000) Subject: now comes twister-512 X-Git-Url: https://git.cryptolib.org/?a=commitdiff_plain;h=0076b72ccd398bf7571c5144ba36eda8a24f6c70;p=avr-crypto-lib.git now comes twister-512 --- diff --git a/config.h b/config.h index 0a0caf1..ac45eaa 100644 --- a/config.h +++ b/config.h @@ -44,7 +44,7 @@ #define UART_RTS_BIT 0 #define UART_CTS_BIT 1 */ - +//#define TWISTER_MUL_TABLE #define CLI_AUTO_HELP #endif diff --git a/get_test.rb b/get_test.rb deleted file mode 100644 index 987a5b1..0000000 --- a/get_test.rb +++ /dev/null @@ -1,111 +0,0 @@ -#!/usr/bin/ruby - -require 'serialport' - -if ARGV.size < 5 - STDERR.print <=6)?ARGV[5]:""; -param=(ARGV.size>=7)?ARGV[6]:""; - -puts("\nPort: "+ARGV[0]+ "@"+ARGV[1]+" "+ARGV[2]+"N"+ARGV[3]+"\n"); -$linewidth = 16 -$sp = SerialPort.new(ARGV[0], ARGV[1].to_i, ARGV[2].to_i, ARGV[3].to_i, SerialPort::NONE); -$sp.read_timeout=1*60*1000; # 5 minutes -$extended_wait=10; -$sp.write(command); - -def readTestVector(param) - fname=$dir; - lb=""; - buffer=""; - set=0; - vector=0; - begin - ctr=$extended_wait; - while((lb=$sp.gets())==nil && ctr>=0)do - ctr -= 1; - end - if (m=/unknown command/.match(lb) || m=/[Ee][Rr]{2}[Oo][Rr]/.match(lb)) - puts("ERROR: "+lb); - exit(2); - end - if(lb==nil) - return false; - end - end while(m=/\*+/.match(lb)); - - buffer += lb; - begin - ctr=$extended_wait; - while((lb=$sp.gets())==nil && ctr>=0)do - ctr -= 1; - end - if(lb==nil) - return false; - end - buffer+=lb; - end while(m=/\*.*/.match(lb)); - - while(!(m=/Test vectors/.match(lb))) - m=/[^:]*:[\s]([A-Za-z0-9_-]*)/.match(lb); - if(m) - fname+=m[1]+"."; - end - buffer+=lb; - ctr=$extended_wait; - while((lb=$sp.gets())==nil && ctr>=0)do - ctr -= 1; - end - end - if(param!="") - fname+=param+"."; - end - puts("-> "+fname+"txt"); - file=File.new(fname+"txt", "w"); - buffer+=lb; - file.write(buffer); - begin - if (m=/Test\ vectors\ \-\-\ set[\s]+([0-9]+)/.match(lb)) - set=m[1].to_i; - print("\nSet "+m[1]+":"); - end - if (m=/Set [0-9]*, vector#[\s]*([0-9]+):/.match(lb)) - vector=m[1].to_i; - #print(" "+m[1]); - if(vector!=0 && vector % $linewidth==0) - print("\n ") - end - printf(" %4u", vector); - end - ctr=$extended_wait; - while((lb=$sp.gets())==nil && ctr>=0)do - ctr -= 1; - end - if(lb==nil) - file.close(); - return false; - end - file.write(lb); - end while(!m=/End of test vectors/.match(lb)); - puts("\n"); - file.close(); - return true -end - -if(readTestVector(param)==false) - puts("ERROR: test seems not to be implemented"); - exit(3); -end - -while(readTestVector(param)) -end - -exit(0); - - diff --git a/gf256mul.S b/gf256mul.S index 02e85e9..5a47f4e 100644 --- a/gf256mul.S +++ b/gf256mul.S @@ -26,6 +26,8 @@ * */ +#include +#define OPTIMIZE_SMALL_A /* * param a: r24 @@ -36,20 +38,45 @@ A = 21 B = 22 P = 24 .global gf256mul + +#ifdef OPTIMIZE_SMALL_A +gf256mul: + mov r21, r24 + clr r24 +1: + lsr A + breq 4f + brcc 2f + eor P, B +2: + lsl B + brcc 3f + eor B, r20 +3: + rjmp 1b +4: + brcc 2f + eor P, B +2: + ret + +#else + gf256mul: mov r21, r24 clr r24 ldi r25, 8 1: - lsr B + lsr A brcc 2f - eor P, A + eor P, B 2: - lsl A + lsl B brcc 3f - eor A, r20 + eor B, r20 3: dec r25 brne 1b ret +#endif diff --git a/host/get_test.rb b/host/get_test.rb new file mode 100644 index 0000000..987a5b1 --- /dev/null +++ b/host/get_test.rb @@ -0,0 +1,111 @@ +#!/usr/bin/ruby + +require 'serialport' + +if ARGV.size < 5 + STDERR.print <=6)?ARGV[5]:""; +param=(ARGV.size>=7)?ARGV[6]:""; + +puts("\nPort: "+ARGV[0]+ "@"+ARGV[1]+" "+ARGV[2]+"N"+ARGV[3]+"\n"); +$linewidth = 16 +$sp = SerialPort.new(ARGV[0], ARGV[1].to_i, ARGV[2].to_i, ARGV[3].to_i, SerialPort::NONE); +$sp.read_timeout=1*60*1000; # 5 minutes +$extended_wait=10; +$sp.write(command); + +def readTestVector(param) + fname=$dir; + lb=""; + buffer=""; + set=0; + vector=0; + begin + ctr=$extended_wait; + while((lb=$sp.gets())==nil && ctr>=0)do + ctr -= 1; + end + if (m=/unknown command/.match(lb) || m=/[Ee][Rr]{2}[Oo][Rr]/.match(lb)) + puts("ERROR: "+lb); + exit(2); + end + if(lb==nil) + return false; + end + end while(m=/\*+/.match(lb)); + + buffer += lb; + begin + ctr=$extended_wait; + while((lb=$sp.gets())==nil && ctr>=0)do + ctr -= 1; + end + if(lb==nil) + return false; + end + buffer+=lb; + end while(m=/\*.*/.match(lb)); + + while(!(m=/Test vectors/.match(lb))) + m=/[^:]*:[\s]([A-Za-z0-9_-]*)/.match(lb); + if(m) + fname+=m[1]+"."; + end + buffer+=lb; + ctr=$extended_wait; + while((lb=$sp.gets())==nil && ctr>=0)do + ctr -= 1; + end + end + if(param!="") + fname+=param+"."; + end + puts("-> "+fname+"txt"); + file=File.new(fname+"txt", "w"); + buffer+=lb; + file.write(buffer); + begin + if (m=/Test\ vectors\ \-\-\ set[\s]+([0-9]+)/.match(lb)) + set=m[1].to_i; + print("\nSet "+m[1]+":"); + end + if (m=/Set [0-9]*, vector#[\s]*([0-9]+):/.match(lb)) + vector=m[1].to_i; + #print(" "+m[1]); + if(vector!=0 && vector % $linewidth==0) + print("\n ") + end + printf(" %4u", vector); + end + ctr=$extended_wait; + while((lb=$sp.gets())==nil && ctr>=0)do + ctr -= 1; + end + if(lb==nil) + file.close(); + return false; + end + file.write(lb); + end while(!m=/End of test vectors/.match(lb)); + puts("\n"); + file.close(); + return true +end + +if(readTestVector(param)==false) + puts("ERROR: test seems not to be implemented"); + exit(3); +end + +while(readTestVector(param)) +end + +exit(0); + + diff --git a/mkfiles/twister512.mk b/mkfiles/twister512.mk new file mode 100644 index 0000000..a0ce47b --- /dev/null +++ b/mkfiles/twister512.mk @@ -0,0 +1,12 @@ +# Makefile for TWISTER-512 +ALGO_NAME := TWISTER512 + +# comment out the following line for removement of TWISTER-512 from the build process +HASHES += $(ALGO_NAME) + +$(ALGO_NAME)_OBJ := twister.o twister-big.o memxor.o gf256mul.o +$(ALGO_NAME)_TEST_BIN := main-twister512-test.o debug.o uart.o serial-tools.o \ + nessie_hash_test.o nessie_common.o cli.o performance_test.o +$(ALGO_NAME)_NESSIE_TEST := "nessie" +$(ALGO_NAME)_PERFORMANCE_TEST := "performance" + diff --git a/test_src/main-twister256-test.c b/test_src/main-twister256-test.c index e6bb300..9467456 100644 --- a/test_src/main-twister256-test.c +++ b/test_src/main-twister256-test.c @@ -71,9 +71,14 @@ void testrun_nessie_twister256(void){ } /***************************************************************************** - * self tests * + * selftests + * *****************************************************************************/ +void print_hash(void* hash){ + uart_hexdump(hash, 256/8); +} + void testrun_twister256(void){ twister256_hash_t hash; char* testv[]={ @@ -92,7 +97,7 @@ void testrun_twister256(void){ uart_putstr(testv[i]); uart_putstr_P(PSTR("\") = \r\n\t")); twister256(&hash, testv[i], strlen(testv[i])*8); - uart_hexdump(hash, 256/8); + print_hash(hash); } uart_putstr_P(PSTR("\r\n\r\n=== TWISTER-256 test suit (short test values) ===")); @@ -103,7 +108,7 @@ void testrun_twister256(void){ uart_hexdump(&(stestv[i]), 1); uart_putstr_P(PSTR("\") = \r\n\t")); twister256(&hash, &(stestv[i]), stestl[i]); - uart_hexdump(hash, 256/8); + print_hash(hash); } uart_putstr_P(PSTR("\r\n\r\n=== TWISTER-256 test suit (long test) ===")); @@ -118,7 +123,7 @@ void testrun_twister256(void){ twister224_nextBlock(&ctx, ltest); } twister256_ctx2hash(hash, &ctx); - uart_hexdump(hash, 256/8); + print_hash(hash); } diff --git a/test_src/main-twister512-test.c b/test_src/main-twister512-test.c new file mode 100644 index 0000000..22309d0 --- /dev/null +++ b/test_src/main-twister512-test.c @@ -0,0 +1,208 @@ +/* main-twister512-test.c */ +/* + This file is part of the Crypto-avr-lib/microcrypt-lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/* + * twister test suit + * +*/ + +#include "config.h" +#include "serial-tools.h" +#include "uart.h" +#include "debug.h" + +#include "twister-big.h" +#include "nessie_hash_test.h" +#include "performance_test.h" + +#include +#include +#include +#include "cli.h" + +char* algo_name = "TWISTER-512"; + +/***************************************************************************** + * additional validation-functions * + *****************************************************************************/ +void twister512_init_dummy(void* ctx){ + twister_big_init(ctx, 512); +} + +void twister512_next_dummy(void* buffer, void* ctx){ + twister_big_nextBlock(ctx, buffer); +} + +void twister512_last_dummy(void* buffer, uint16_t size_b, void* ctx){ + twister_big_lastBlock(ctx, buffer, size_b); +} + +void twister512_ctx2hash_dummy(void* buffer, void* ctx){ + twister_big_ctx2hash(buffer, ctx, 512); +} + + +void testrun_nessie_twister512(void){ + nessie_hash_ctx.hashsize_b = 512; + nessie_hash_ctx.blocksize_B = 512/8; + nessie_hash_ctx.ctx_size_B = sizeof(twister_big_ctx_t); + nessie_hash_ctx.name = algo_name; + nessie_hash_ctx.hash_init = (nessie_hash_init_fpt)twister512_init_dummy; + nessie_hash_ctx.hash_next = (nessie_hash_next_fpt)twister512_next_dummy; + nessie_hash_ctx.hash_last = (nessie_hash_last_fpt)twister512_last_dummy; + nessie_hash_ctx.hash_conv = (nessie_hash_conv_fpt)twister512_ctx2hash_dummy; + + nessie_hash_run(); +} + +/****************************************************************************** + * selftests + ******************************************************************************/ + +void print_hash(void* hash){ + uart_hexdump(hash, 256/8); + uart_putstr_P(PSTR("\r\n\t")); + uart_hexdump((uint8_t*)hash+256/8, 256/8); + +} + +void testrun_twister512(void){ + twister512_hash_t hash; + char* testv[]={ + "", + "a", + "abc", + "message digest", + "abcdefghijklmnopqrstuvwxyz", + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + "12345678901234567890123456789012345678901234567890123456789012345678901234567890"}; + uint32_t i; + + uart_putstr_P(PSTR("\r\n=== TWISTER-512 test suit (MD5 test values) ===")); + for(i=0; i<7; ++i){ + uart_putstr_P(PSTR("\r\n TWISTER-512 (\"")); + uart_putstr(testv[i]); + uart_putstr_P(PSTR("\") = \r\n\t")); + twister512(&hash, testv[i], strlen(testv[i])*8); + print_hash(hash); + // return; + } + + uart_putstr_P(PSTR("\r\n\r\n=== TWISTER-512 test suit (short test values) ===")); + uint8_t stestv[]= {0x00, 0x00, 0xC0, 0xC0, 0x80, 0x48, 0x50}; + uint8_t stestl[]= { 0, 1, 2, 3, 4, 5, 6}; + for(i=0; i<7; ++i){ + uart_putstr_P(PSTR("\r\n TWISTER-512 (\"")); + uart_hexdump(&(stestv[i]), 1); + uart_putstr_P(PSTR("\") = \r\n\t")); + twister512(hash, &(stestv[i]), stestl[i]); + print_hash(hash); + } + + uart_putstr_P(PSTR("\r\n\r\n=== TWISTER-512 test suit (long test) ===")); + char* ltest= "abcdefghbcdefghicdefghijdefghijk" + "efghijklfghijklmghijklmnhijklmno"; + twister512_ctx_t ctx; + twister512_init(&ctx); + uart_putstr_P(PSTR("\r\n TWISTER-512 ( 16777216 x \"")); + uart_putstr(ltest); + uart_putstr_P(PSTR("\") = \r\n\t")); + for(i=0; i<16777216; ++i){ + twister512_nextBlock(&ctx, ltest); + } + twister512_ctx2hash(hash, &ctx); + print_hash(hash); +} + + +void testrun_performance_twister512(void){ + uint64_t t; + char str[16]; + uint8_t data[64]; + twister_big_ctx_t ctx; + + calibrateTimer(); + print_overhead(); + + memset(data, 0, 64); + + startTimer(1); + twister_big_init(&ctx, 512); + t = stopTimer(); + uart_putstr_P(PSTR("\r\n\tctx-gen time: ")); + ultoa((unsigned long)t, str, 10); + uart_putstr(str); + + + startTimer(1); + twister_big_nextBlock(&ctx, data); + t = stopTimer(); + uart_putstr_P(PSTR("\r\n\tone-block time: ")); + ultoa((unsigned long)t, str, 10); + uart_putstr(str); + + + startTimer(1); + twister_big_lastBlock(&ctx, data, 0); + t = stopTimer(); + uart_putstr_P(PSTR("\r\n\tlast block time: ")); + ultoa((unsigned long)t, str, 10); + uart_putstr(str); + + startTimer(1); + twister_big_ctx2hash(data, &ctx, 512); + t = stopTimer(); + uart_putstr_P(PSTR("\r\n\tctx2hash time: ")); + ultoa((unsigned long)t, str, 10); + uart_putstr(str); + + uart_putstr_P(PSTR("\r\n")); +} + + +/***************************************************************************** + * main + * + *****************************************************************************/ + +int main (void){ + char str[20]; + + + DEBUG_INIT(); + uart_putstr_P(PSTR("\r\n")); + + uart_putstr_P(PSTR("\r\n\r\nCrypto-VS (")); + uart_putstr(algo_name); + uart_putstr_P(PSTR(")\r\nloaded and running\r\n")); + PGM_P u = PSTR("nessie\0test\0performance\0"); + void_fpt v[] = { testrun_nessie_twister512, + testrun_twister512, + testrun_performance_twister512 }; + + while(1){ + if (!getnextwordn(str,20)){DEBUG_S("DBG: W1\r\n"); goto error;} + if(execcommand_d0_P(str, u, v)<0){ + uart_putstr_P(PSTR("\r\nunknown command\r\n")); + } + continue; + error: + uart_putstr("ERROR\r\n"); + } +} + diff --git a/twister-big.c b/twister-big.c new file mode 100644 index 0000000..9c8cef7 --- /dev/null +++ b/twister-big.c @@ -0,0 +1,273 @@ +/* twister-big.c */ + +#include +#include +#include "memxor.h" +#include "twister.h" +#include "twister-big.h" + +#undef DEBUG +#define DEBUG + +#ifdef DEBUG +#include +#include "uart.h" +void print_checksum(twister_big_ctx_t* ctx, PGM_P s){ + uint8_t i; + uart_putstr_P(PSTR("\r\n")); + uart_putstr_P(s); + uart_putstr_P(PSTR("\r\n checksum:\r\n")); + for(i=0; i<8; ++i){ + uart_putstr_P(PSTR(" [ ")); + uart_hexdump(&(ctx->checksum[i][0]), 8); + uart_putstr_P(PSTR("]\r\n")); + } +} + +void print_matrix(void* m, PGM_P s){ + uint8_t i; + uart_putstr_P(PSTR("\r\n")); + uart_putstr_P(s); + uart_putstr_P(PSTR("\r\n matrix:\r\n")); + for(i=0; i<8; ++i){ + uart_putstr_P(PSTR(" [ ")); + uart_hexdump(((uint8_t*)m)+i*8, 8); + uart_putstr_P(PSTR("]\r\n")); + } +} + +#define DEBUG_CHKSUM(a,s) print_checksum((a),PSTR(s)) +#else +#define DEBUG_CHKSUM(a,s) +#endif + + +#ifdef DEBUG +# define DEBUG_PRINT(ctx, msg) debug_print((ctx), PSTR(msg)) +#else +# define DEBUG_PRINT(ctx, msg) +#endif + +#ifdef DEBUG + +void print_twister_state(twister_state_t* ctx){ + uint8_t i; + uart_putstr_P(PSTR("\r\nState:\r\n matrix:\r\n")); + for(i=0; i<8; ++i){ + uart_putstr_P(PSTR("\t[ ")); + uart_hexdump(&(ctx->s[i][0]), 8); + uart_putstr_P(PSTR("]\r\n")); + } + uart_putstr_P(PSTR("counter: ")); + uart_hexdump(&(ctx->counter), 8); + + uart_putstr_P(PSTR("\r\nlength_counter_b: ")); + uart_hexdump(&(ctx->length_counter_b), 8); + uart_putstr_P(PSTR("\r\n")); +} + +void debug_print(twister_state_t* ctx, PGM_P msg){ + uart_putstr_P(PSTR("\r\n")); + uart_putstr_P(msg); + print_twister_state(ctx); +} + +#endif + +void transp_matrix(void* dest, void* src){ + uint8_t i,j; + for(i=0; i<8; i++){ + for(j=0; j<8; ++j){ + ((uint8_t*)dest)[i*8+j] = ((uint8_t*)src)[j*8+i]; + } + } +} + +static +void checksum_update(twister_big_ctx_t* ctx, uint8_t col){ + uint8_t i, col2; + uint8_t carry = 0; + int sum = 0; + + col2 = (col+1)%8; + + for( i=0; i<8; i++ ) + { + sum = (int) ctx->checksum[col2][7-i] + + (int) ctx->state.s[7-i][0] /* col or 0 ???*/ + + carry; + ctx->checksum[col][7-i] ^= (uint8_t)sum; + carry = sum>>8; + + } +// DEBUG_CHKSUM(ctx, "post run"); +} + +void twister_big_init(twister_big_ctx_t* ctx, uint16_t hashsize_b){ + memset(ctx->state.s, 0, 64); + memset(ctx->checksum, 0, 64); + ctx->state.counter=0xffffffffffffffffLL; + ctx->state.s[0][7] = hashsize_b>>8; + ctx->state.s[1][7] = hashsize_b&0xff; + ctx->state.length_counter_b = 0; +} + +void twister_big_nextBlock(twister_big_ctx_t* ctx, void* msg){ + uint8_t tmp[8][8]; + + /* 1st maxi round */ + memcpy(tmp, ctx->state.s, 64); + checksum_update(ctx, 0); + twister_mini_round(&(ctx->state), msg); + msg = (uint8_t*)msg + 8; + + checksum_update(ctx, 1); + twister_mini_round(&(ctx->state), msg); + msg = (uint8_t*)msg + 8; + + checksum_update(ctx, 2); + twister_mini_round(&(ctx->state), msg); + msg = (uint8_t*)msg + 8; + memxor(ctx->state.s, tmp, 64); + + /* 2nd maxi round */ + memcpy(tmp, ctx->state.s, 64); + checksum_update(ctx, 3); + twister_mini_round(&(ctx->state), msg); + msg = (uint8_t*)msg + 8; + + twister_blank_round(&(ctx->state)); + + checksum_update(ctx, 4); + twister_mini_round(&(ctx->state), msg); + msg = (uint8_t*)msg + 8; + memxor(ctx->state.s, tmp, 64); + + /* 3rd maxi round */ + memcpy(tmp, ctx->state.s, 64); + checksum_update(ctx, 5); + twister_mini_round(&(ctx->state), msg); + msg = (uint8_t*)msg + 8; + + checksum_update(ctx, 6); + twister_mini_round(&(ctx->state), msg); + msg = (uint8_t*)msg + 8; + + checksum_update(ctx, 7); + twister_mini_round(&(ctx->state), msg); + + twister_blank_round(&(ctx->state)); + memxor(ctx->state.s, tmp, 64); + ctx->state.length_counter_b += 512; +} + +void twister_inject_chksum(twister_big_ctx_t* ctx, uint8_t col){ + *((uint64_t*)(&ctx->state.s[7][0])) ^= *((uint64_t*)(&ctx->checksum[col][0])); + twister_blank_round(&ctx->state); +} + +void twister_big_lastBlock(twister_big_ctx_t* ctx, void* msg, uint16_t length_b){ + uint8_t tmp[64]; + while(length_b>512){ + twister_big_nextBlock(ctx, msg); + msg = ((uint8_t*)msg)+64; + length_b -= 512; + } + memset(tmp, 0, 64); + memcpy(tmp, msg, (length_b+7)/8); + tmp[length_b/8] |= 0x80 >> (length_b&0x07); + twister_big_nextBlock(ctx, tmp); + ctx->state.length_counter_b -= 512 - length_b; + twister_mini_round(&(ctx->state), &(ctx->state.length_counter_b)); + +// DEBUG_PRINT(&(ctx->state), "pre check-round"); + + memcpy(tmp, ctx->state.s, 64); + twister_inject_chksum(ctx, 0); + twister_inject_chksum(ctx, 1); + twister_inject_chksum(ctx, 2); + memxor(ctx->state.s, tmp, 64); + + memcpy(tmp, ctx->state.s, 64); + twister_inject_chksum(ctx, 3); + twister_inject_chksum(ctx, 4); + twister_inject_chksum(ctx, 5); + memxor(ctx->state.s, tmp, 64); + + memcpy(tmp, ctx->state.s, 64); + twister_inject_chksum(ctx, 6); + twister_inject_chksum(ctx, 7); + twister_blank_round(&(ctx->state)); + memxor(ctx->state.s, tmp, 64); + + +// DEBUG_PRINT(&(ctx->state), "post check-round"); +} + +void twister_big_ctx2hash(void* dest, twister_big_ctx_t* ctx, uint16_t hashsize_b){ + twister_ctx2hash(dest, &(ctx->state), hashsize_b); +} + +/******************************************************************************/ +/******************************************************************************/ + +void twister384_init(twister384_ctx_t* ctx){ + twister_big_init(ctx, 384); +} + +void twister384_nextBlock(twister384_ctx_t* ctx, void* msg){ + twister_big_nextBlock(ctx, msg); +} + +void twister384_lastBlock(twister384_ctx_t* ctx, void* msg, uint16_t length_b){ + twister_big_lastBlock(ctx, msg, length_b); +} + +void twister384_ctx2hash(void* dest, twister384_ctx_t* ctx){ + twister_big_ctx2hash(dest, ctx, 384); +} + +void twister384(void* dest, void* msg, uint32_t msg_length_b){ + twister_big_ctx_t ctx; + twister_big_init(&ctx, 384); + while(msg_length_b >=512){ + twister_big_nextBlock(&ctx, msg); + msg = (uint8_t*)msg + 512/8; + msg_length_b -= 512; + } + twister_big_lastBlock(&ctx, msg, msg_length_b); + twister_big_ctx2hash(dest, &ctx, 384); +} + +/******************************************************************************/ + +void twister512_init(twister512_ctx_t* ctx){ + twister_big_init(ctx, 512); +} + +void twister512_nextBlock(twister512_ctx_t* ctx, void* msg){ + twister_big_nextBlock(ctx, msg); +} + +void twister512_lastBlock(twister512_ctx_t* ctx, void* msg, uint16_t length_b){ + twister_big_lastBlock(ctx, msg, length_b); +} + +void twister512_ctx2hash(void* dest, twister512_ctx_t* ctx){ + twister_big_ctx2hash(dest, ctx, 512); +} + +void twister512(void* dest, void* msg, uint32_t msg_length_b){ + twister_big_ctx_t ctx; + twister_big_init(&ctx, 512); + while(msg_length_b >=512){ + twister_big_nextBlock(&ctx, msg); + msg = (uint8_t*)msg + 512/8; + msg_length_b -= 512; + } + twister_big_lastBlock(&ctx, msg, msg_length_b); + twister_big_ctx2hash(dest, &ctx, 512); +} + + + diff --git a/twister-big.h b/twister-big.h new file mode 100644 index 0000000..69be069 --- /dev/null +++ b/twister-big.h @@ -0,0 +1,40 @@ +/* twister-big.h */ + +#ifndef TWISTER_BIG_H_ +#define TWISTER_BIG_H_ + +#include +#include "twister.h" + +typedef uint8_t twister384_hash_t[384/8]; +typedef uint8_t twister512_hash_t[512/8]; + +typedef struct { + twister_state_t state; + twister_checksum_t checksum; +} twister_big_ctx_t; + +typedef twister_big_ctx_t twister384_ctx_t; +typedef twister_big_ctx_t twister512_ctx_t; + +void twister_big_nextBlock(twister_big_ctx_t* ctx, void* msg); +void twister_big_init(twister_big_ctx_t* ctx, uint16_t hashsize_b); +void twister_big_lastBlock(twister_big_ctx_t* ctx, void* msg, uint16_t length_b); +void twister_big_ctx2hash(void* dest, twister_big_ctx_t* ctx, uint16_t hashsize_b); + + +void twister384_init(twister384_ctx_t* ctx); +void twister384_nextBlock(twister384_ctx_t* ctx, void* msg); +void twister384_lastBlock(twister384_ctx_t* ctx, void* msg, uint16_t length_b); +void twister384_ctx2hash(void* dest, twister384_ctx_t* ctx); +void twister384(void* dest, void* msg, uint32_t msg_length_b); + +void twister512_init(twister512_ctx_t* ctx); +void twister512_nextBlock(twister512_ctx_t* ctx, void* msg); +void twister512_lastBlock(twister512_ctx_t* ctx, void* msg, uint16_t length_b); +void twister512_ctx2hash(void* dest, twister512_ctx_t* ctx); +void twister512(void* dest, void* msg, uint32_t msg_length_b); + + +#endif /* TWISTER_BIG_H_ */ + diff --git a/twister-small.c b/twister-small.c index 0713c96..68e8e82 100644 --- a/twister-small.c +++ b/twister-small.c @@ -5,45 +5,51 @@ #include "memxor.h" #include "twister-small.h" -static -void maxi_round3(twister_state_t* ctx, void* msg, uint8_t last_null){ - mini_round(ctx, msg); - msg = ((uint8_t*)msg) + 8; - mini_round(ctx, msg); - if(last_null){ - blank_round(ctx); - } else { - msg = ((uint8_t*)msg) + 8; - mini_round(ctx, msg); - } +/*********************************************************************/ + +void twister_small_init(twister_state_t* ctx, uint16_t hashsize_b){ + memset(ctx->s, 0, 64); + ctx->counter=0xffffffffffffffffLL; + ctx->s[0][7] = hashsize_b>>8; + ctx->s[1][7] = hashsize_b&0xff; + ctx->length_counter_b = 0; } +/*********************************************************************/ + void twister_small_nextBlock(twister_state_t* ctx, void* msg){ uint8_t tmp[8][8]; /* round 1 */ memcpy(tmp, ctx->s, 64); - maxi_round3(ctx, msg, 0); + twister_mini_round(ctx, msg); + msg = ((uint8_t*)msg) + 8; + twister_mini_round(ctx, msg); + msg = ((uint8_t*)msg) + 8; + twister_mini_round(ctx, msg); + msg = ((uint8_t*)msg) + 8; memxor(ctx->s, tmp, 64); - msg = ((uint8_t*)msg) + 3*8; + /* round 2 */ memcpy(tmp, ctx->s, 64); - maxi_round3(ctx, msg, 0); + twister_mini_round(ctx, msg); + msg = ((uint8_t*)msg) + 8; + twister_mini_round(ctx, msg); + msg = ((uint8_t*)msg) + 8; + twister_mini_round(ctx, msg); + msg = ((uint8_t*)msg) + 8; memxor(ctx->s, tmp, 64); - msg = ((uint8_t*)msg) + 3*8; + /* round 3 */ memcpy(tmp, ctx->s, 64); - maxi_round3(ctx, msg, 1); + twister_mini_round(ctx, msg); + msg = ((uint8_t*)msg) + 8; + twister_mini_round(ctx, msg); + twister_blank_round(ctx); memxor(ctx->s, tmp, 64); ctx->length_counter_b += 512; } -void twister_small_init(twister_state_t* ctx, uint16_t hashsize_b){ - memset(ctx->s, 0, 64); - ctx->counter=0xffffffffffffffffLL; - ctx->s[0][7] = hashsize_b>>8; - ctx->s[1][7] = hashsize_b&0xff; - ctx->length_counter_b = 0; -} +/*********************************************************************/ void twister_small_lastBlock(twister_state_t* ctx, void* msg, uint16_t length_b){ uint8_t tmp[64]; @@ -57,55 +63,45 @@ void twister_small_lastBlock(twister_state_t* ctx, void* msg, uint16_t length_b) tmp[length_b/8] |= 0x80 >> (length_b&0x07); twister_small_nextBlock(ctx, tmp); ctx->length_counter_b -= 512 - length_b; - mini_round(ctx, &(ctx->length_counter_b)); - blank_round(ctx); + twister_mini_round(ctx, &(ctx->length_counter_b)); + twister_blank_round(ctx); } +/*********************************************************************/ + void twister_small_ctx2hash(void* dest, twister_state_t* ctx, uint16_t hashsize_b){ - uint8_t tmp[8][8]; - uint8_t j; - uint16_t i=hashsize_b; - while(i>=64){ - i-=64; - memcpy(tmp,ctx->s, 64); - blank_round(ctx); - memxor(ctx->s, tmp, 64); - blank_round(ctx); - for(j=0; j<8; ++j){ - *((uint8_t*)dest) = ctx->s[7-j][0] ^ tmp[7-j][0]; - dest = (uint8_t*)dest + 1; - } - } - if(i>=32){ - memcpy(tmp,ctx->s, 64); - blank_round(ctx); - memxor(ctx->s, tmp, 64); - blank_round(ctx); - for(j=0; j<4; ++j){ - *((uint8_t*)dest) = ctx->s[3-j][0] ^ tmp[3-j][0]; - dest = (uint8_t*)dest + 1; - } - } + twister_ctx2hash(dest, ctx, hashsize_b); } +/*********************************************************************/ +/*********************************************************************/ + #ifndef NO_TWISTER_256 void twister256_init(twister256_ctx_t* ctx){ twister_small_init(ctx, 256); } +/*********************************************************************/ + void twister256_nextBlock(twister256_ctx_t* ctx, void* msg){ twister_small_nextBlock(ctx, msg); } +/*********************************************************************/ + void twister256_lastBlock(twister256_ctx_t* ctx, void* msg, uint16_t length_b){ twister_small_lastBlock(ctx, msg, length_b); } +/*********************************************************************/ + void twister256_ctx2hash(void* dest, twister256_ctx_t* ctx){ - twister_small_ctx2hash(dest, ctx, 256); + twister_ctx2hash(dest, ctx, 256); } +/*********************************************************************/ + void twister256(void* dest, void* msg, uint32_t msg_length_b){ twister_state_t ctx; twister_small_init(&ctx, 256); @@ -115,29 +111,42 @@ void twister256(void* dest, void* msg, uint32_t msg_length_b){ msg_length_b -= 512; } twister_small_lastBlock(&ctx, msg, msg_length_b); - twister_small_ctx2hash(dest, &ctx, 256); + twister_ctx2hash(dest, &ctx, 256); } +/*********************************************************************/ + #endif +/*********************************************************************/ +/*********************************************************************/ + #ifndef NO_TWISTER_224 void twister224_init(twister224_ctx_t* ctx){ twister_small_init(ctx, 224); } +/*********************************************************************/ + void twister224_nextBlock(twister224_ctx_t* ctx, void* msg){ twister_small_nextBlock(ctx, msg); } +/*********************************************************************/ + void twister224_lastBlock(twister224_ctx_t* ctx, void* msg, uint16_t length_b){ twister_small_lastBlock(ctx, msg, length_b); } +/*********************************************************************/ + void twister224_ctx2hash(void* dest, twister224_ctx_t* ctx){ - twister_small_ctx2hash(dest, ctx, 224); + twister_ctx2hash(dest, ctx, 224); } +/*********************************************************************/ + void twister224(void* dest, void* msg, uint32_t msg_length_b){ twister_state_t ctx; twister_small_init(&ctx, 224); @@ -147,7 +156,7 @@ void twister224(void* dest, void* msg, uint32_t msg_length_b){ msg_length_b -= 512; } twister_small_lastBlock(&ctx, msg, msg_length_b); - twister_small_ctx2hash(dest, &ctx, 224); + twister_ctx2hash(dest, &ctx, 224); } #endif diff --git a/twister-small.h b/twister-small.h index ca68e35..ebc27b5 100644 --- a/twister-small.h +++ b/twister-small.h @@ -3,6 +3,7 @@ #ifndef TWISTER_SMALL_H_ #define TWISTER_SMALL_H_ +#include #include "twister.h" typedef uint8_t twister256_hash_t[256/8]; @@ -11,10 +12,10 @@ typedef uint8_t twister224_hash_t[224/8]; typedef twister_state_t twister256_ctx_t; typedef twister_state_t twister224_ctx_t; -void twister_small_nextBlock(twister_state_t* ctx, void* msg); void twister_small_init(twister_state_t* ctx, uint16_t hashsize_b); void twister_small_lastBlock(twister_state_t* ctx, void* msg, uint16_t length_b); -void twister_small_ctx2hash(void* dest, twister256_ctx_t* ctx, uint16_t hashsize_b); +void twister_small_ctx2hash(void* dest, twister_state_t* ctx, uint16_t hashsize_b); +void twister_small_nextBlock(twister_state_t* ctx, void* msg); void twister256_init(twister256_ctx_t* ctx); diff --git a/twister.c b/twister.c index a3ab4b5..f57ca32 100644 --- a/twister.c +++ b/twister.c @@ -17,6 +17,7 @@ along with this program. If not, see . */ +#include "config.h" #include #include #include @@ -24,9 +25,11 @@ #include "twister_tables.h" #include "memxor.h" -#include "gf256mul.h" +#ifndef TWISTER_MUL_TABLE +# include "gf256mul.h" +#endif -//#define DEBUG +#undef DEBUG #ifdef DEBUG # include "uart.h" @@ -41,7 +44,7 @@ #ifdef DEBUG void print_twister_state(twister_state_t* ctx){ - uint8_t i,j; + uint8_t i; uart_putstr_P(PSTR("\r\nState:\r\n matrix:\r\n")); for(i=0; i<8; ++i){ uart_putstr_P(PSTR("\t[ ")); @@ -70,10 +73,13 @@ void shiftrow(void* row, uint8_t shift){ } #define MDS(a,b) pgm_read_byte(&(twister_mds[a][b])) -//#define MULT(a,b) pgm_read_byte(&(twister_multab[a-1][b])) -#define MULT(a,b) gf256mul(a,b, 0x4D) -void blank_round(twister_state_t* ctx){ +#ifdef TWISTER_MUL_TABLE +# define MULT(a,b) pgm_read_byte(&(twister_multab[a][b])) +#else +# define MULT(a,b) gf256mul(a,b, 0x4D) +#endif +void twister_blank_round(twister_state_t* ctx){ uint8_t i,j; uint8_t tmp[8][8]; DEBUG_PRINT(ctx, "blank init"); @@ -91,35 +97,59 @@ void blank_round(twister_state_t* ctx){ shiftrow(&(tmp[i][0]), i); } /* mix columns */ - for( i=0; i<8; i++ ){ - // multiply with mds matrix - for( j=0; j<8; j++ ){ - ctx->s[j][i] = - MULT( MDS(j,0), tmp[0][i] ) ^ - MULT( MDS(j,1), tmp[1][i] ) ^ - MULT( MDS(j,2), tmp[2][i] ) ^ - MULT( MDS(j,3), tmp[3][i] ) ^ - MULT( MDS(j,4), tmp[4][i] ) ^ - MULT( MDS(j,5), tmp[5][i] ) ^ - MULT( MDS(j,6), tmp[6][i] ) ^ - MULT( MDS(j,7), tmp[7][i] ) ; - - } + for( i=0; i<8; i++ ){ + // multiply with mds matrix + for( j=0; j<8; j++ ){ + ctx->s[j][i] = + MULT( MDS(j,0), tmp[0][i] ) ^ + MULT( MDS(j,1), tmp[1][i] ) ^ + MULT( MDS(j,2), tmp[2][i] ) ^ + MULT( MDS(j,3), tmp[3][i] ) ^ + MULT( MDS(j,4), tmp[4][i] ) ^ + MULT( MDS(j,5), tmp[5][i] ) ^ + MULT( MDS(j,6), tmp[6][i] ) ^ + MULT( MDS(j,7), tmp[7][i] ) ; + + } } DEBUG_PRINT(ctx, "post MDS"); } -void mini_round(twister_state_t* ctx, void* msg){ +void twister_mini_round(twister_state_t* ctx, void* msg){ /* inject message */ uint8_t i; for(i=0; i<8; ++i){ ctx->s[7][7-i] ^= *((uint8_t*)msg); msg = (uint8_t*)msg +1; } - blank_round(ctx); + twister_blank_round(ctx); } - - +void twister_ctx2hash(void* dest, twister_state_t* ctx, uint16_t hashsize_b){ + uint8_t tmp[8][8]; + uint8_t j; + uint16_t i=hashsize_b; + while(i>=64){ + i-=64; + memcpy(tmp,ctx->s, 64); + twister_blank_round(ctx); + memxor(ctx->s, tmp, 64); + twister_blank_round(ctx); + for(j=0; j<8; ++j){ + *((uint8_t*)dest) = ctx->s[7-j][0] ^ tmp[7-j][0]; + dest = (uint8_t*)dest + 1; + } + } + if(i>=32){ + memcpy(tmp,ctx->s, 64); + twister_blank_round(ctx); + memxor(ctx->s, tmp, 64); + twister_blank_round(ctx); + for(j=0; j<4; ++j){ + *((uint8_t*)dest) = ctx->s[3-j][0] ^ tmp[3-j][0]; + dest = (uint8_t*)dest + 1; + } + } +} diff --git a/twister.h b/twister.h index 0764dbb..88850b6 100644 --- a/twister.h +++ b/twister.h @@ -35,7 +35,10 @@ typedef struct { uint64_t length_counter_b; } twister_state_t; -void blank_round(twister_state_t* ctx); -void mini_round(twister_state_t* ctx, void* msg); +typedef uint8_t twister_checksum_t[8][8]; + +void twister_blank_round(twister_state_t* ctx); +void twister_mini_round(twister_state_t* ctx, void* msg); +void twister_ctx2hash(void* dest, twister_state_t* ctx, uint16_t hashsize_b); #endif /* TWISTER_H_ */ diff --git a/twister_tables.h b/twister_tables.h index 96686a1..b0f145c 100644 --- a/twister_tables.h +++ b/twister_tables.h @@ -4,6 +4,7 @@ * *******************************************************************/ +#include "config.h" #include #include @@ -42,6 +43,7 @@ static const uint8_t twister_sbox[256] PROGMEM = { 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 }; +#ifndef TWISTER_MUL_TABLE /* Twister MDS matrix */ @@ -56,9 +58,30 @@ static const uint8_t twister_mds[8][8] PROGMEM = { {1, 1, 5, 7, 8, 6, 1, 2} }; -/* +#else + +#define S1 0 +#define S2 1 +#define S3 X +#define S4 X +#define S5 2 +#define S6 3 +#define S7 4 +#define S8 5 + +static const uint8_t twister_mds[8][8] PROGMEM = { + {S2, S1, S1, S5, S7, S8, S6, S1}, + {S1, S2, S1, S1, S5, S7, S8, S6}, + {S6, S1, S2, S1, S1, S5, S7, S8}, + {S8, S6, S1, S2, S1, S1, S5, S7}, + {S7, S8, S6, S1, S2, S1, S1, S5}, + {S5, S7, S8, S6, S1, S2, S1, S1}, + {S1, S5, S7, S8, S6, S1, S2, S1}, + {S1, S1, S5, S7, S8, S6, S1, S2} +}; + static const uint8_t twister_multab[8][256] PROGMEM = { - { + { /* 1 */ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, @@ -76,7 +99,7 @@ static const uint8_t twister_multab[8][256] PROGMEM = { 224, 225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237, 238, 239, 240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, 254, 255 }, - { + { /* 2 */ 0, 2, 4, 6, 8, 10, 12, 14, 16, 18, 20, 22, 24, 26, 28, 30, 32, 34, 36, 38, 40, 42, 44, 46, 48, 50, 52, 54, 56, 58, 60, 62, 64, 66, 68, 70, 72, 74, 76, 78, 80, 82, 84, 86, 88, 90, 92, 94, @@ -94,7 +117,7 @@ static const uint8_t twister_multab[8][256] PROGMEM = { 141, 143, 137, 139, 133, 135, 129, 131, 157, 159, 153, 155, 149, 151, 145, 147, 173, 175, 169, 171, 165, 167, 161, 163, 189, 191, 185, 187, 181, 183, 177, 179 }, - { +/* { / * 3 * / 0, 3, 6, 5, 12, 15, 10, 9, 24, 27, 30, 29, 20, 23, 18, 17, 48, 51, 54, 53, 60, 63, 58, 57, 40, 43, 46, 45, 36, 39, 34, 33, 96, 99, 102, 101, 108, 111, 106, 105, 120, 123, 126, 125, 116, 119, 114, 113, @@ -112,7 +135,7 @@ static const uint8_t twister_multab[8][256] PROGMEM = { 109, 110, 107, 104, 97, 98, 103, 100, 117, 118, 115, 112, 121, 122, 127, 124, 93, 94, 91, 88, 81, 82, 87, 84, 69, 70, 67, 64, 73, 74, 79, 76 }, - { + { / * 4 * / 0, 4, 8, 12, 16, 20, 24, 28, 32, 36, 40, 44, 48, 52, 56, 60, 64, 68, 72, 76, 80, 84, 88, 92, 96, 100, 104, 108, 112, 116, 120, 124, 128, 132, 136, 140, 144, 148, 152, 156, 160, 164, 168, 172, 176, 180, 184, 188, @@ -130,7 +153,7 @@ static const uint8_t twister_multab[8][256] PROGMEM = { 87, 83, 95, 91, 71, 67, 79, 75, 119, 115, 127, 123, 103, 99, 111, 107, 23, 19, 31, 27, 7, 3, 15, 11, 55, 51, 63, 59, 39, 35, 47, 43 }, - { +*/ { /* 5 */ 0, 5, 10, 15, 20, 17, 30, 27, 40, 45, 34, 39, 60, 57, 54, 51, 80, 85, 90, 95, 68, 65, 78, 75, 120, 125, 114, 119, 108, 105, 102, 99, 160, 165, 170, 175, 180, 177, 190, 187, 136, 141, 130, 135, 156, 153, 150, 147, @@ -148,7 +171,7 @@ static const uint8_t twister_multab[8][256] PROGMEM = { 183, 178, 189, 184, 163, 166, 169, 172, 159, 154, 149, 144, 139, 142, 129, 132, 231, 226, 237, 232, 243, 246, 249, 252, 207, 202, 197, 192, 219, 222, 209, 212 }, - { + { /* 6 */ 0, 6, 12, 10, 24, 30, 20, 18, 48, 54, 60, 58, 40, 46, 36, 34, 96, 102, 108, 106, 120, 126, 116, 114, 80, 86, 92, 90, 72, 78, 68, 66, 192, 198, 204, 202, 216, 222, 212, 210, 240, 246, 252, 250, 232, 238, 228, 226, @@ -166,7 +189,7 @@ static const uint8_t twister_multab[8][256] PROGMEM = { 218, 220, 214, 208, 194, 196, 206, 200, 234, 236, 230, 224, 242, 244, 254, 248, 186, 188, 182, 176, 162, 164, 174, 168, 138, 140, 134, 128, 146, 148, 158, 152 }, - { + { /* 7 */ 0, 7, 14, 9, 28, 27, 18, 21, 56, 63, 54, 49, 36, 35, 42, 45, 112, 119, 126, 121, 108, 107, 98, 101, 72, 79, 70, 65, 84, 83, 90, 93, 224, 231, 238, 233, 252, 251, 242, 245, 216, 223, 214, 209, 196, 195, 202, 205, @@ -184,7 +207,7 @@ static const uint8_t twister_multab[8][256] PROGMEM = { 58, 61, 52, 51, 38, 33, 40, 47, 2, 5, 12, 11, 30, 25, 16, 23, 74, 77, 68, 67, 86, 81, 88, 95, 114, 117, 124, 123, 110, 105, 96, 103 }, - { + { /* 8 */ 0, 8, 16, 24, 32, 40, 48, 56, 64, 72, 80, 88, 96, 104, 112, 120, 128, 136, 144, 152, 160, 168, 176, 184, 192, 200, 208, 216, 224, 232, 240, 248, 77, 69, 93, 85, 109, 101, 125, 117, 13, 5, 29, 21, 45, 37, 61, 53, @@ -204,4 +227,6 @@ static const uint8_t twister_multab[8][256] PROGMEM = { } }; -*/ +#endif + +