From: bg Date: Sun, 14 Jun 2009 07:10:43 +0000 (+0000) Subject: Grøstl in large (384 & 512 bit); warning: freaking linker X-Git-Url: https://git.cryptolib.org/?a=commitdiff_plain;h=951a88cde69f595ef2c00ed941e89ccf1567e3a0;p=avr-crypto-lib.git Grøstl in large (384 & 512 bit); warning: freaking linker --- diff --git a/groestl_large.c b/groestl_large.c new file mode 100644 index 0000000..bcfd8e5 --- /dev/null +++ b/groestl_large.c @@ -0,0 +1,242 @@ +/* groestl_large.c */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/* + * \file groestl_large.c + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2009-06-11 + * \license GPLv3 or later + * + */ + +#include "groestl_large.h" +#include "aes_sbox.h" +#include "gf256mul.h" +#include "memxor.h" +#include +#include +#include + +#define ROUNDS 14 +#define POLYNOM 0x1b + +#define DEBUG 0 + +#if DEBUG + #include "cli.h" + void dump_m(const uint8_t* m){ + uint8_t i,j; + for(i=0; i<16; ++i){ + cli_putstr_P(PSTR("\r\n")); + for(j=0; j<8; ++j){ + cli_putc(' '); + cli_hexdump(m+8*i+j, 1); + } + } + } +#else + #define dump_m(m) +#endif + +static uint8_t matrix[] PROGMEM = { + 2, 2, 3, 4, 5, 3, 5, 7, + 7, 2, 2, 3, 4, 5, 3, 5, + 5, 7, 2, 2, 3, 4, 5, 3, + 3, 5, 7, 2, 2, 3, 4, 5, + 5, 3, 5, 7, 2, 2, 3, 4, + 4, 5, 3, 5, 7, 2, 2, 3, + 3, 4, 5, 3, 5, 7, 2, 2, + 2, 3, 4, 5, 3, 5, 7, 2 +}; + +void groestl_large_rounds(uint8_t *m, uint8_t q){ + uint8_t r,i,j; + uint8_t tmp[16]; + for(r=0; rh, 0, 16*8); + ctx->h[8*16-1] = (uint8_t)384; + ctx->h[8*16-2] = (uint8_t)(384>>8); + ctx->counter = 0; +} + +void groestl512_init(groestl512_ctx_t* ctx){ + memset(ctx->h, 0, 16*8); + ctx->h[8*16-2] = 2; + ctx->counter = 0; +} + +void groestl_large_nextBlock(groestl_large_ctx_t* ctx, const void* block){ + uint8_t tmp1[128], tmp2[128]; +/* + for(i=0; i<8; ++i){ + for(j=0; j<8; ++j){ + tmp1[j*8+i] = ((uint8_t*)block)[i*8+j]; + } + } +*/ + memcpy(tmp1, block, 128); + memcpy(tmp2, tmp1, 128); + memxor(tmp1, ctx->h, 128); + groestl_large_rounds(tmp1, 0); + groestl_large_rounds(tmp2, 1); + memxor(ctx->h, tmp1, 128); + memxor(ctx->h, tmp2, 128); + ctx->counter++; +} + +void groestl_large_lastBlock(groestl_large_ctx_t* ctx, const void* block, uint16_t length_b){ + uint8_t buffer[128]; + while(length_b>=GROESTL_LARGE_BLOCKSIZE){ + groestl_large_nextBlock(ctx, block); + length_b -= GROESTL_LARGE_BLOCKSIZE; + block = (uint8_t*)block + GROESTL_LARGE_BLOCKSIZE_B; + } + memset(buffer, 0, 128); + memcpy(buffer, block, (length_b+7)/8); + buffer[length_b/8] |= 0x80>>(length_b%8); + if(length_b>1024-65){ + groestl_large_nextBlock(ctx, buffer); + memset(buffer, 0, 128-4); + } + ctx->counter++; + buffer[128-1] = (uint8_t)(ctx->counter); + buffer[128-2] = (uint8_t)((ctx->counter)>>8); + buffer[128-3] = (uint8_t)((ctx->counter)>>16); + buffer[128-4] = (uint8_t)((ctx->counter)>>24); + groestl_large_nextBlock(ctx, buffer); +} + +void groestl_large_ctx2hash(void* dest, const groestl_large_ctx_t* ctx, uint16_t outlength_b){ + uint8_t tmp[128]; + memcpy(tmp, ctx->h, 128); + groestl_large_rounds(tmp, 0); + memxor(tmp, ctx->h, 128); +#if DEBUG + cli_putstr_P(PSTR("\r\npost finalisation")); + dump_m(tmp); +#endif + memcpy(dest, tmp+128-outlength_b/8, outlength_b/8); +} + +void groestl384_ctx2hash(void* dest, const groestl384_ctx_t* ctx){ + groestl_large_ctx2hash(dest, ctx, 384); +} + +void groestl512_ctx2hash(void* dest, const groestl512_ctx_t* ctx){ + groestl_large_ctx2hash(dest, ctx, 512); +} + +void groestl384_nextBlock(groestl384_ctx_t* ctx, const void* block){ + groestl_large_nextBlock(ctx, block); +} + +void groestl512_nextBlock(groestl512_ctx_t* ctx, const void* block){ + groestl_large_nextBlock(ctx, block); +} + +void groestl384_lastBlock(groestl384_ctx_t* ctx, const void* block, uint16_t length_b){ + groestl_large_lastBlock(ctx, block, length_b); +} + +void groestl512_lastBlock(groestl512_ctx_t* ctx, const void* block, uint16_t length_b){ + groestl_large_lastBlock(ctx, block, length_b); +} + +void groestl384(void* dest, const void* msg, uint32_t length_b){ + groestl_large_ctx_t ctx; + groestl384_init(&ctx); + while(length_b>=GROESTL_LARGE_BLOCKSIZE){ + groestl_large_nextBlock(&ctx, msg); + length_b -= GROESTL_LARGE_BLOCKSIZE; + msg = (uint8_t*)msg + GROESTL_LARGE_BLOCKSIZE_B; + } + groestl_large_lastBlock(&ctx, msg, length_b); + groestl_large_ctx2hash(dest, &ctx, 384); +} + +void groestl512(void* dest, const void* msg, uint32_t length_b){ + groestl_large_ctx_t ctx; + groestl512_init(&ctx); + while(length_b>=GROESTL_LARGE_BLOCKSIZE){ + groestl_large_nextBlock(&ctx, msg); + length_b -= GROESTL_LARGE_BLOCKSIZE; + msg = (uint8_t*)msg + GROESTL_LARGE_BLOCKSIZE_B; + } + groestl_large_lastBlock(&ctx, msg, length_b); + groestl_large_ctx2hash(dest, &ctx, 512); +} + + + diff --git a/groestl_large.h b/groestl_large.h new file mode 100644 index 0000000..c932fb7 --- /dev/null +++ b/groestl_large.h @@ -0,0 +1,65 @@ +/* groestl_large.h */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/* + * \file groestl_large.h + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2009-05-19 + * \license GPLv3 or later + * + */ +#ifndef GROESTL_LARGE_H_ +#define GROESTL_LARGE_H_ + +#include + +#define GROESTL_LARGE_BLOCKSIZE 1024 +#define GROESTL_LARGE_BLOCKSIZE_B ((GROESTL_LARGE_BLOCKSIZE+7)/8) +#define GROESTL384_BLOCKSIZE GROESTL_LARGE_BLOCKSIZE +#define GROESTL384_BLOCKSIZE_B GROESTL_LARGE_BLOCKSIZE_B +#define GROESTL512_BLOCKSIZE GROESTL_LARGE_BLOCKSIZE +#define GROESTL512_BLOCKSIZE_B GROESTL_LARGE_BLOCKSIZE_B + +typedef struct { + uint8_t h[8*16]; + uint32_t counter; +} groestl_large_ctx_t; + +typedef groestl_large_ctx_t groestl384_ctx_t; +typedef groestl_large_ctx_t groestl512_ctx_t; + +void groestl384_init(groestl384_ctx_t* ctx); +void groestl512_init(groestl512_ctx_t* ctx); + +void groestl_large_nextBlock(groestl_large_ctx_t* ctx, const void* block); +void groestl_large_lastBlock(groestl_large_ctx_t* ctx, const void* block, uint16_t length_b); + +void groestl384_nextBlock(groestl384_ctx_t* ctx, const void* block); +void groestl384_lastBlock(groestl384_ctx_t* ctx, const void* block, uint16_t length_b); + +void groestl512_nextBlock(groestl512_ctx_t* ctx, const void* block); +void groestl512_lastBlock(groestl512_ctx_t* ctx, const void* block, uint16_t length_b); + +void groestl384_ctx2hash(void* dest, const groestl384_ctx_t* ctx); +void groestl512_ctx2hash(void* dest, const groestl512_ctx_t* ctx); + +void groestl384(void* dest, const void* msg, uint32_t length_b); +void groestl512(void* dest, const void* msg, uint32_t length_b); + +#endif /* GROESTL_GROESTL_H_ */ diff --git a/groestl_small.c b/groestl_small.c index caf368b..e5a3d94 100644 --- a/groestl_small.c +++ b/groestl_small.c @@ -54,7 +54,7 @@ #define dump_m(m) #endif -uint8_t matrix[] PROGMEM = { +static uint8_t matrix[] PROGMEM = { 2, 2, 3, 4, 5, 3, 5, 7, 7, 2, 2, 3, 4, 5, 3, 5, 5, 7, 2, 2, 3, 4, 5, 3, @@ -131,7 +131,7 @@ void groestl256_init(groestl256_ctx_t* ctx){ } void groestl_small_nextBlock(groestl_small_ctx_t* ctx, const void* block){ - uint8_t tmp1[64], tmp2[65]; + uint8_t tmp1[64], tmp2[64]; /* for(i=0; i<8; ++i){ for(j=0; j<8; ++j){ tmp1[j*8+i] = ((uint8_t*)block)[i*8+j]; @@ -152,7 +152,7 @@ void groestl_small_lastBlock(groestl_small_ctx_t* ctx, const void* block, uint16 uint8_t buffer[64]; while(length_b>=GROESTL_SMALL_BLOCKSIZE){ groestl_small_nextBlock(ctx, block); - length_b -= GROESTL224_BLOCKSIZE; + length_b -= GROESTL_SMALL_BLOCKSIZE; block = (uint8_t*)block + GROESTL_SMALL_BLOCKSIZE_B; } memset(buffer, 0, 64); diff --git a/groestl_small.h b/groestl_small.h index 2ee1425..819cc4c 100644 --- a/groestl_small.h +++ b/groestl_small.h @@ -32,7 +32,7 @@ #define GROESTL_SMALL_BLOCKSIZE 512 #define GROESTL_SMALL_BLOCKSIZE_B ((GROESTL_SMALL_BLOCKSIZE+7)/8) #define GROESTL224_BLOCKSIZE GROESTL_SMALL_BLOCKSIZE -#define GROESTL224BLOCKSIZE_B GROESTL_SMALL_BLOCKSIZE_B +#define GROESTL224_BLOCKSIZE_B GROESTL_SMALL_BLOCKSIZE_B #define GROESTL256_BLOCKSIZE GROESTL_SMALL_BLOCKSIZE #define GROESTL256_BLOCKSIZE_B GROESTL_SMALL_BLOCKSIZE_B diff --git a/hfal_groestl_large.c b/hfal_groestl_large.c new file mode 100644 index 0000000..c8d9acb --- /dev/null +++ b/hfal_groestl_large.c @@ -0,0 +1,67 @@ +/* hfal_groestl_large.c */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/** + * \file hfal_groestl_large.c + * \email daniel.otte@rub.de + * \author Daniel Otte + * \date 2009-05-05 + * \license GPLv3 or later + * + */ + +#include +#include +#include "hashfunction_descriptor.h" +#include "groestl_large.h" +#include "groestl_small.h" + + +static const char groestl384_str[] PROGMEM = "Groestl-384"; +static const char groestl512_str[] PROGMEM = "Groestl-512"; + +const hfdesc_t groestl384_desc PROGMEM = { + HFDESC_TYPE_HASHFUNCTION, + 0, + groestl384_str, + sizeof(groestl384_ctx_t), + GROESTL384_BLOCKSIZE, + 384, + (hf_init_fpt)groestl384_init, + (hf_nextBlock_fpt)groestl_large_nextBlock, + (hf_lastBlock_fpt)groestl_large_lastBlock, + (hf_ctx2hash_fpt)groestl384_ctx2hash, + (hf_free_fpt)NULL, + (hf_mem_fpt)groestl384 +}; + +const hfdesc_t groestl512_desc PROGMEM = { + HFDESC_TYPE_HASHFUNCTION, + 0, + groestl512_str, + sizeof(groestl512_ctx_t), + GROESTL512_BLOCKSIZE, + 512, + (hf_init_fpt)groestl512_init, + (hf_nextBlock_fpt)groestl_large_nextBlock, + (hf_lastBlock_fpt)groestl_large_lastBlock, + (hf_ctx2hash_fpt)groestl512_ctx2hash, + (hf_free_fpt)NULL, + (hf_mem_fpt)groestl512 +}; + diff --git a/hfal_groestl_large.h b/hfal_groestl_large.h new file mode 100644 index 0000000..6b50db1 --- /dev/null +++ b/hfal_groestl_large.h @@ -0,0 +1,37 @@ +/* hfal_groestl_large.h */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/** + * \file hfal_groestl_large.h + * \email daniel.otte@rub.de + * \author Daniel Otte + * \date 2009-06-11 + * \license GPLv3 or later + * + */ + +#ifndef HFAL_GROESTL_LARGE_H_ +#define HFAL_GROESTL_LARGE_H_ + +#include +#include "hashfunction_descriptor.h" + +extern const hfdesc_t groestl384_desc; +extern const hfdesc_t groestl512_desc; + +#endif /* HFAL_GROESTL_LARGE_H_ */ diff --git a/host/shavs_test.rb b/host/shavs_test.rb index 99553ff..3d6ea06 100644 --- a/host/shavs_test.rb +++ b/host/shavs_test.rb @@ -2,7 +2,7 @@ # shavs_test.rb =begin This file is part of the AVR-Crypto-Lib. - Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + Copyright (C) 2008, 2009 Daniel Otte (daniel.otte@rub.de) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -18,7 +18,8 @@ along with this program. If not, see . =end -$debug = false +$debug = true; +$debug = false; require 'rubygems' require 'serialport' @@ -57,7 +58,7 @@ def send_md(md_string) $sp.print(md_string[i].chr) # print("DBG s: "+ md_string[i].chr) if $debug if(i%20==19) - sleep(0.015) + sleep(0.1) end end end @@ -71,6 +72,7 @@ def run_test(filename) pos = 0 file = File.new(filename, "r"); until file.eof + sleep(0.5) begin lb=file.gets() end while not (file.eof or (/[\s]*Len[\s]*=.*/.match(lb))) diff --git a/mkfiles/groestl_c.mk b/mkfiles/groestl_c.mk index 8d4492c..4fb6e96 100644 --- a/mkfiles/groestl_c.mk +++ b/mkfiles/groestl_c.mk @@ -1,12 +1,12 @@ -# Makefile for Blake +# Makefile for Grøstl ALGO_NAME := GROESTL_C -# comment out the following line for removement of Grøestl from the build process +# comment out the following line for removement of Grøstl from the build process HASHES += $(ALGO_NAME) -$(ALGO_NAME)_OBJ := groestl_small.o memxor.o aes_sbox.o gf256mul.o -$(ALGO_NAME)_TEST_BIN := main-groestl-test.o hfal_groestl_small.o $(CLI_STD) $(HFAL_STD) +$(ALGO_NAME)_OBJ := groestl_small.o groestl_large.o memxor.o aes_sbox.o gf256mul.o +$(ALGO_NAME)_TEST_BIN := hfal_groestl_large.o hfal_groestl_small.o main-groestl-test.o $(CLI_STD) $(HFAL_STD) $(ALGO_NAME)_NESSIE_TEST := test nessie $(ALGO_NAME)_PERFORMANCE_TEST := performance diff --git a/test_src/main-groestl-test.c b/test_src/main-groestl-test.c index a4deb45..30d4bbe 100644 --- a/test_src/main-groestl-test.c +++ b/test_src/main-groestl-test.c @@ -27,9 +27,9 @@ #include "debug.h" #include "groestl_small.h" -//#include "groestl_large.h" +#include "groestl_large.h" #include "hfal_groestl_small.h" -//#include "hfal_groestl_large.h" +#include "hfal_groestl_large.h" #include "hfal-nessie.h" #include "hfal-test.h" #include "hfal-performance.h" @@ -48,8 +48,8 @@ char* algo_name = "Groestl"; const hfdesc_t* algolist[] PROGMEM = { (hfdesc_t*)&groestl224_desc, (hfdesc_t*)&groestl256_desc, -// (hfdesc_t*)&groestl384_desc, -// (hfdesc_t*)&groestl512_desc, + (hfdesc_t*)&groestl384_desc, + (hfdesc_t*)&groestl512_desc, NULL }; @@ -67,7 +67,7 @@ void groestl224_test(void* msg, uint32_t length_b){ void groestl256_test(void* msg, uint32_t length_b){ hfal_test(&groestl256_desc, msg, length_b); } -/* + void groestl384_test(void* msg, uint32_t length_b){ hfal_test(&groestl384_desc, msg, length_b); } @@ -75,7 +75,7 @@ void groestl384_test(void* msg, uint32_t length_b){ void groestl512_test(void* msg, uint32_t length_b){ hfal_test(&groestl512_desc, msg, length_b); } -*/ + void testrun_stdtest_groestl(void){ uint8_t msg1[144]; @@ -84,12 +84,10 @@ void testrun_stdtest_groestl(void){ groestl224_test(msg1, 576); groestl256_test("", 8); groestl256_test(msg1, 576); -/* groestl384_test("", 8); groestl384_test(msg1, 1152); groestl512_test("", 8); groestl512_test(msg1, 1152); -*/ } void testshort(void){ @@ -97,7 +95,7 @@ void testshort(void){ } void testlshort(void){ -// groestl512_test("", 8); + groestl512_test("abc", 24); } diff --git a/test_src/shavs.c b/test_src/shavs.c index 48d9133..63d8b25 100644 --- a/test_src/shavs.c +++ b/test_src/shavs.c @@ -140,8 +140,14 @@ void shavs_test1(void){ } buffersize_B=pgm_read_word(&(shavs_algo->blocksize_b))/8; + cli_putstr_P(PSTR("\r\nbuffer allocated for 0x")); + cli_hexdump(&buffersize_B, 2); + cli_putstr_P(PSTR(" bytes")); buffer = malloc(buffersize_B); - + if(buffer==NULL){ + cli_putstr_P(PSTR("\r\n allocating memory for buffer failed!")); + return; + } for(;;){ blocks = 0; do{ @@ -175,8 +181,15 @@ void shavs_test1(void){ buffer_idx = 0; in_byte=0; len_set = 0; - - hfal_hash_init(shavs_algo, &ctx); + uint8_t ret; + cli_putstr_P(PSTR("\r\n HFAL init")); + ret = hfal_hash_init(shavs_algo, &ctx); + if(ret){ + cli_putstr_P(PSTR("\r\n HFAL init returned with: ")); + cli_hexdump(&ret, 1); + free(buffer); + return; + } cli_putstr_P(PSTR("\r\n")); while((c=cli_getc_cecho())!='M' && c!='m'){ if(!isblank(c)){ @@ -208,6 +221,9 @@ void shavs_test1(void){ buffer_idx=0; while(expect_input>0){ c=cli_getc_cecho(); + cli_putstr_P(PSTR("+(")); + cli_hexdump_rev((uint8_t*)&expect_input, 4); + cli_putstr_P(PSTR(") ")); if(buffer_add(c)==0){ --expect_input; }else{ @@ -220,9 +236,13 @@ void shavs_test1(void){ } } } + cli_putstr_P(PSTR("\r\n starting finalisation")); uint8_t diggest[pgm_read_word(shavs_algo->hashsize_b)/8]; + cli_putstr_P(PSTR("\r\n starting last block")); hfal_hash_lastBlock(&ctx, buffer, length-blocks*(buffersize_B*8)); + cli_putstr_P(PSTR("\r\n starting ctx2hash")); hfal_hash_ctx2hash(diggest, &ctx); + cli_putstr_P(PSTR("\r\n starting hash free")); hfal_hash_free(&ctx); cli_putstr_P(PSTR("\r\n MD = ")); cli_hexdump(diggest, pgm_read_word(&(shavs_algo->hashsize_b))/8);