From: bg Date: Sat, 22 Jan 2011 09:26:26 +0000 (+0000) Subject: trivium broken :-( X-Git-Url: https://git.cryptolib.org/?a=commitdiff_plain;h=12b222bf434f472559a8791acdb57c0f154111fb;p=avr-crypto-lib.git trivium broken :-( --- diff --git a/mkfiles/trivium.mk b/mkfiles/trivium.mk index a668ee7..e8d6830 100644 --- a/mkfiles/trivium.mk +++ b/mkfiles/trivium.mk @@ -6,8 +6,8 @@ STREAM_CIPHERS += $(ALGO_NAME) $(ALGO_NAME)_DIR := trivium/ $(ALGO_NAME)_OBJ := trivium.o -$(ALGO_NAME)_TEST_BIN := main-trivium-test.o $(CLI_STD) \ - nessie_stream_test.o nessie_common.o performance_test.o +$(ALGO_NAME)_INCDIR := memxor/ scal/ +$(ALGO_NAME)_TEST_BIN := main-trivium-test.o $(CLI_STD) $(SCAL_STD) scal_trivium.o $(ALGO_NAME)_NESSIE_TEST := "nessie" $(ALGO_NAME)_PERFORMANCE_TEST := "performance" diff --git a/scal/scal-basic.c b/scal/scal-basic.c index 441a88c..b53e9fb 100644 --- a/scal/scal-basic.c +++ b/scal/scal-basic.c @@ -24,6 +24,8 @@ #include "streamcipher_descriptor.h" #include "keysize_descriptor.h" +#include "cli.h" + uint8_t scal_cipher_init(const scdesc_t* cipher_descriptor, const void* key, uint16_t keysize_b, const void* iv, uint16_t ivsize_b, scgen_ctx_t* ctx){ @@ -112,6 +114,8 @@ uint8_t scal_cipher_gen_byte(scgen_ctx_t* ctx){ r |= ((((sc_gen1_fpt)gen_fpt)(ctx->ctx))&(0xff<<(8-blocksize_b)))>>fill; fill += blocksize_b; }while(fill<8); +// cli_putstr_P(PSTR("\r\nDBG: ")); +// cli_hexdump_byte(r); return r; }else{ uint8_t r; diff --git a/scal/scal_arcfour.c b/scal/scal_arcfour.c index 9303714..ba5784d 100644 --- a/scal/scal_arcfour.c +++ b/scal/scal_arcfour.c @@ -36,7 +36,7 @@ const uint8_t arcfour_ivsize_desc[] PROGMEM = { KS_TYPE_TERMINATOR }; const scdesc_t arcfour_desc PROGMEM = { - SCDESC_TYPE_BLOCKCIPHER, /* abstraction layer type designator */ + SCDESC_TYPE_STREAMCIPHER, /* abstraction layer type designator */ SC_INIT_TYPE_3|SC_GEN_TYPE_1, /* flags*/ arcfour_str, /* name string pointer */ sizeof(arcfour_ctx_t), /* size of context */ diff --git a/scal/scal_trivium.c b/scal/scal_trivium.c new file mode 100644 index 0000000..a8a2789 --- /dev/null +++ b/scal/scal_trivium.c @@ -0,0 +1,56 @@ +/* scal_trivium.c */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2011 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include +#include +#include +#include "streamcipher_descriptor.h" +#include "keysize_descriptor.h" + +#include "trivium.h" + +const char trivium_str[] PROGMEM = "Trivium"; + +const uint8_t trivium_keysize_desc[] PROGMEM = { + KS_TYPE_LIST, 1, KS_INT(80), + KS_TYPE_TERMINATOR }; + +const uint8_t trivium_ivsize_desc[] PROGMEM = { + KS_TYPE_LIST, 2, KS_INT(32), KS_INT(80), + KS_TYPE_TERMINATOR }; + +const scdesc_t trivium_desc PROGMEM = { + SCDESC_TYPE_STREAMCIPHER, /* abstraction layer type designator */ + SC_INIT_TYPE_5|SC_GEN_TYPE_1, /* flags*/ + trivium_str, /* name string pointer */ + sizeof(trivium_ctx_t), /* size of context */ + 1, /* blocksize */ + {(void_fpt)trivium_init}, /* init function pointer */ + {(void_fpt)trivium_enc}, /* key stream generator function pointer */ + {(void_fpt)NULL}, /* key stream generator for random access function pointer */ + (sc_free_fpt)NULL, /* free function pointer */ + trivium_keysize_desc, /* key size descriptor pointer */ + trivium_ivsize_desc /* iv size descriptor pointer */ +}; + + + + + + diff --git a/scal/scal_trivium.h b/scal/scal_trivium.h new file mode 100644 index 0000000..14789a7 --- /dev/null +++ b/scal/scal_trivium.h @@ -0,0 +1,27 @@ +/* scal_trivium.h */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2011 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#ifndef SCAL_ARCFOUR_H_ +#define SCAL_ARCFOUR_H_ + +#include "streamcipher_descriptor.h" + +extern const scdesc_t trivium_desc; + +#endif /* SCAL_ARCFOUR_H_ */ diff --git a/test_src/main-trivium-test.c b/test_src/main-trivium-test.c index 867f324..efbd09d 100644 --- a/test_src/main-trivium-test.c +++ b/test_src/main-trivium-test.c @@ -28,7 +28,8 @@ #include "cli.h" #include "trivium.h" -#include "nessie_stream_test.h" +#include "scal_trivium.h" +#include "scal-nessie.h" #include "performance_test.h" #include @@ -40,30 +41,39 @@ char* algo_name = "Trivium"; /***************************************************************************** * additional validation-functions * *****************************************************************************/ -void trivium_genctx_dummy(uint8_t* key, uint16_t keysize_b, void* ctx){ - uint32_t iv=0; - trivium_init(key, 80, &iv, 32, ctx); -} -uint8_t trivium_getbyte_dummy(trivium_ctx_t* ctx){ - uint8_t i,ret=0; - for(i=0; i<8; ++i){ - ret<<=1; - ret |= trivium_enc(ctx); - } - return ret; +void testrun_nessie_trivium(void){ + scal_nessie_run(&trivium_desc); } -void testrun_nessie_trivium(void){ - nessie_stream_ctx.outsize_b = 8; /* actually unused */ - nessie_stream_ctx.keysize_b = 80; /* this is the one we have refrence vectors for */ - nessie_stream_ctx.ivsize_b = 32; - nessie_stream_ctx.name = algo_name; - nessie_stream_ctx.ctx_size_B = sizeof(trivium_ctx_t); - nessie_stream_ctx.cipher_genctx = (nessie_stream_genctx_fpt)trivium_genctx_dummy; - nessie_stream_ctx.cipher_enc = (nessie_stream_genenc_fpt)trivium_getbyte_dummy; - - nessie_stream_run(); +void testrun_trivium(void){ + uint8_t key[10]; + uint8_t iv[4]; + uint8_t buffer[64]; + scgen_ctx_t ctx; + memset(key, 0, 10); + memset(iv, 0, 4); + key[0] = 0x80; + scal_cipher_init(&trivium_desc, key, 80, iv, 32, &ctx); + scal_cipher_gen_fillblock(buffer, 64, &ctx); + cli_putstr_P(PSTR("\r\nTest:\r\n Key = ")); + cli_hexdump(key, 10); + cli_putstr_P(PSTR("\r\n IV = ")); + cli_hexdump(iv, 4); + cli_putstr_P(PSTR("\r\n Cipher = ")); + cli_hexdump_block(buffer, 64, 4, 8); + scal_cipher_free(&ctx); + key[0] = 0x00; + key[9] = 0x80; + scal_cipher_init(&trivium_desc, key, 80, iv, 32, &ctx); + scal_cipher_gen_fillblock(buffer, 64, &ctx); + cli_putstr_P(PSTR("\r\nTest:\r\n Key = ")); + cli_hexdump(key, 10); + cli_putstr_P(PSTR("\r\n IV = ")); + cli_hexdump(iv, 4); + cli_putstr_P(PSTR("\r\n Cipher = ")); + cli_hexdump_block(buffer, 64, 4, 8); + scal_cipher_free(&ctx); } void testrun_performance_trivium(void){ @@ -106,7 +116,7 @@ const char echo_str[] PROGMEM = "echo"; cmdlist_entry_t cmdlist[] PROGMEM = { { nessie_str, NULL, testrun_nessie_trivium}, - { test_str, NULL, testrun_nessie_trivium}, + { test_str, NULL, testrun_trivium}, { performance_str, NULL, testrun_performance_trivium}, { echo_str, (void*)1, (void_fpt)echo_ctrl}, { NULL, NULL, NULL} diff --git a/trivium/trivium.c b/trivium/trivium.c index 3ac69c3..15f2b93 100644 --- a/trivium/trivium.c +++ b/trivium/trivium.c @@ -29,17 +29,18 @@ #include #include "trivium.h" -#define S(i) ((((*ctx)[(i)/8])>>((i)%8))&1) +#define G(i) ((((*ctx)[(i)/8])>>(((i)%8)))&1) +#define S(i,v) ((*ctx)[(i)/8] = ((*ctx)[(i)/8] & ~(1<<((i)%8))) | ((v)<<((i)%8))) uint8_t trivium_enc(trivium_ctx_t* ctx){ uint8_t t1,t2,t3,z; - t1 = S(65) ^ S(92); - t2 = S(161) ^ S(176); - t3 = S(242) ^ S(287); + t1 = G(65) ^ G(92); + t2 = G(161) ^ G(176); + t3 = G(242) ^ G(287); z = t1^t2^t3; - t1 ^= (S(90) & S(91)) ^ S(170); - t2 ^= (S(174) & S(175)) ^ S(263); - t3 ^= (S(285) & S(286)) ^ S(68); + t1 ^= (G(90) & G(91)) ^ G(170); + t2 ^= (G(174) & G(175)) ^ G(263); + t3 ^= (G(285) & G(286)) ^ G(68); /* shift whole state and insert ts later */ uint8_t i,c1=0,c2; @@ -49,18 +50,18 @@ uint8_t trivium_enc(trivium_ctx_t* ctx){ c1=c2; } /* insert ts */ - (*ctx)[0] = (((*ctx)[0])&0xFE)| t3; /* s0*/ - (*ctx)[93/8] = (((*ctx)[93/8])& (~(1<<(93%8)))) | (t1<<(93%8)); /* s93 */ - (*ctx)[177/8] = (((*ctx)[177/8])& (~(1<<(177%8)))) | (t2<<(177%8));/* s177 */ + S(0, t3); + S(93, t1); + S(177, t2); - return z; + return z?0x080:0x00; } #define KEYSIZE_B ((keysize_b+7)/8) #define IVSIZE_B ((ivsize_b +7)/8) -void trivium_init(const void* key, uint8_t keysize_b, - const void* iv, uint8_t ivsize_b, +void trivium_init(const void* key, uint16_t keysize_b, + const void* iv, uint16_t ivsize_b, trivium_ctx_t* ctx){ uint16_t i; uint8_t c1=0,c2; @@ -68,13 +69,13 @@ void trivium_init(const void* key, uint8_t keysize_b, memset((*ctx)+KEYSIZE_B, 0, 35-KEYSIZE_B); memcpy((*ctx), key, KEYSIZE_B); memcpy((*ctx)+12, iv, IVSIZE_B); /* iv0 is at s96, must shift to s93 */ - + for(i=12+IVSIZE_B; i>10; --i){ c2=(((*ctx)[i])<<5); (*ctx)[i] = (((*ctx)[i])>>3)|c1; c1=c2; } - (*ctx)[35]=0xE0; + (*ctx)[35] |= 0xE0; for(i=0; i<4*288; ++i){ trivium_enc(ctx); diff --git a/trivium/trivium.h b/trivium/trivium.h index 14a005f..a5692dc 100644 --- a/trivium/trivium.h +++ b/trivium/trivium.h @@ -22,8 +22,8 @@ typedef uint8_t trivium_ctx_t[36]; /* 288bit */ uint8_t trivium_enc(trivium_ctx_t* ctx); -void trivium_init(const void* key, uint8_t keysize_b, - const void* iv, uint8_t ivsize_b, +void trivium_init(const void* key, uint16_t keysize_b, + const void* iv, uint16_t ivsize_b, trivium_ctx_t* ctx); #endif /*TRIVIUM_H_*/