From: bg Date: Thu, 11 Dec 2008 18:14:49 +0000 (+0000) Subject: seed now in pure asm X-Git-Url: https://git.cryptolib.org/?a=commitdiff_plain;h=a1518b457d04b4d5819e6ce4d7815eab53f937da;p=avr-crypto-lib.git seed now in pure asm --- diff --git a/mkfiles/seed.mk b/mkfiles/seed.mk index 5487e70..ed6e878 100644 --- a/mkfiles/seed.mk +++ b/mkfiles/seed.mk @@ -4,7 +4,7 @@ ALGO_NAME := SEED # comment out the following line for removement of SEED from the build process BLOCK_CIPHERS += $(ALGO_NAME) -$(ALGO_NAME)_OBJ := seed-stub.o seed-asm.o +$(ALGO_NAME)_OBJ := seed-asm.o $(ALGO_NAME)_TEST_BIN := main-seed-test.o debug.o uart.o serial-tools.o \ nessie_bc_test.o nessie_common.o \ cli.o performance_test.o diff --git a/seed-asm.S b/seed-asm.S index 9abad3f..604fc7f 100644 --- a/seed-asm.S +++ b/seed-asm.S @@ -27,36 +27,6 @@ */ #include "avr-asm-macros.S" -.global bigendian_sum32 -; === bigendian_sum32 === -; function that adds two 32-bit words in the bigendian way and returns the result -; param1: the first 32-bit word -; given in r25,r24,r23,22 (r25 is most significant for little endian) -; param2: the second 32-bit word -; given in r21,r20,r19,18 (r21 is most significant for little endian) -; modifys: -bigendian_sum32: - add r25, r21 - adc r24, r20 - adc r23, r19 - adc r22, r18 - ret - -.global bigendian_sub32 -; === bigendian_sub32 === -; function that subtracts a 32-bit words from another in the bigendian way and returns the result -; param1: the minuend 32-bit word -; given in r25,r24,r23,22 (r25 is most significant for little endian) -; param2: the subtrahend 32-bit word -; given in r21,r20,r19,18 (r21 is most significant for little endian) -; modifys: -bigendian_sub32: - sub r25, r21 - sbc r24, r20 - sbc r23, r19 - sbc r22, r18 - ret - /******************************************************************************/ /* #define M0 0xfc @@ -112,7 +82,6 @@ T3 = X1 * X2 = R23 * X3 = R22 */ -.global seed_g_function seed_g_function: ldi r30, lo8(seed_sbox1) ldi r31, hi8(seed_sbox1) @@ -283,7 +252,6 @@ C2 = 14 C3 = 15 D2 = 16 D3 = 17 -.global seed_f_function seed_f_function: push_range 10, 17 movw r30, r24 @@ -472,7 +440,6 @@ compute_keys: mov r18, D0 ret -.global seed_getnextkeys seed_getnextkeys: push_range 10, 17 push r28 @@ -580,7 +547,6 @@ keypair_t getprevkeys(uint32_t *keystate, uint8_t curround){ * param curround: r22 */ -.global seed_getprevkeys seed_getprevkeys: push_range 10, 17 push r28 @@ -657,7 +623,6 @@ r_odd_round: /******************************************************************************/ -.global seed_kc seed_kc: .long 0xb979379e .long 0x73f36e3c @@ -833,6 +798,160 @@ seed_enc: pop_range 9, 17 ret +/******************************************************************************/ +/* +#define L (((uint64_t*)buffer)[0]) +#define R (((uint64_t*)buffer)[1]) +void seed_dec(void * buffer, seed_ctx_t * ctx){ + int8_t r; + keypair_t k; + for(r=7; r>=0; --r){ + k = seed_getprevkeys(ctx->k, 2*r+1); +/ * + DEBUG_S("\r\n\tDBG ka,0: "); uart_hexdump(&k.k0, 4); + DEBUG_S("\r\n\tDBG ka,1: "); uart_hexdump(&k.k1, 4); + DEBUG_S("\r\n\t DBG L: "); uart_hexdump((uint8_t*)buffer+0, 8); + DEBUG_S("\r\n\t DBG R: "); uart_hexdump((uint8_t*)buffer+8, 8); +* / + L ^= seed_f_function(&R,k.k0,k.k1); + + k = seed_getprevkeys(ctx->k, 2*r+0); +/ * + DEBUG_S("\r\n\tDBG kb,0: "); uart_hexdump(&k.k0, 4); + DEBUG_S("\r\n\tDBG kb,1: "); uart_hexdump(&k.k1, 4); + DEBUG_S("\r\n\t DBG L: "); uart_hexdump((uint8_t*)buffer+8, 8); + DEBUG_S("\r\n\t DBG R: "); uart_hexdump((uint8_t*)buffer+0, 8); +* / + R ^= seed_f_function(&L,k.k0,k.k1); + } + / * just an exchange without temp. variable * / + L ^= R; + R ^= L; + L ^= R; +} +*/ +/* + * param buffer: r24:r25 + * param ctx: r22:r23 + */ +CTR = 9 +xLPTR = 10 +xRPTR = 12 +CPTR = 14 +.global seed_dec +seed_dec: + push_range 9, 17 + push r28 + push r29 + ldi r16, 7 + mov CTR, r16 + movw xLPTR, r24 + adiw r24, 8 + movw xRPTR, r24 + movw CPTR, r22 +1: + movw r28, xLPTR + movw r24, CPTR + mov r22, CTR + lsl r22 + inc r22 + rcall seed_getprevkeys + + /* use pen & paper to understand the following permutation */ + movw r16, r22 + movw r22, r18 + movw r18, r24 + movw r24, r20 + movw r20, r22 + movw r22, r24 + movw r24, xRPTR + + rcall seed_f_function + + ld r0, Y + eor r0, r18 + st Y+, r0 + ld r0, Y + eor r0, r19 + st Y+, r0 + ld r0, Y + eor r0, r20 + st Y+, r0 + ld r0, Y + eor r0, r21 + st Y+, r0 + ld r0, Y + eor r0, r22 + st Y+, r0 + ld r0, Y + eor r0, r23 + st Y+, r0 + ld r0, Y + eor r0, r24 + st Y+, r0 + ld r0, Y + eor r0, r25 + st Y+, r0 + /* secound half */ + movw r24, CPTR + mov r22, CTR + lsl r22 + rcall seed_getprevkeys + + movw r16, r22 + movw r22, r18 + movw r18, r24 + movw r24, r20 + movw r20, r22 + movw r22, r24 + movw r24, xLPTR + + rcall seed_f_function + + ld r0, Y + eor r0, r18 + st Y+, r0 + ld r0, Y + eor r0, r19 + st Y+, r0 + ld r0, Y + eor r0, r20 + st Y+, r0 + ld r0, Y + eor r0, r21 + st Y+, r0 + ld r0, Y + eor r0, r22 + st Y+, r0 + ld r0, Y + eor r0, r23 + st Y+, r0 + ld r0, Y + eor r0, r24 + st Y+, r0 + ld r0, Y + eor r0, r25 + st Y+, r0 + + dec CTR + brmi 3f + rjmp 1b +3: + movw r28, xLPTR + movw r30, xRPTR + ldi r17, 8 +4: + ld r10, Y + ld r11, Z + st Z+, r10 + st Y+, r11 + dec r17 + brne 4b +5: + pop r29 + pop r28 + pop_range 9, 17 + ret diff --git a/seed-stub.c b/seed-stub.c deleted file mode 100644 index d9c2289..0000000 --- a/seed-stub.c +++ /dev/null @@ -1,120 +0,0 @@ -/* seed.c */ -/* - This file is part of the Crypto-avr-lib/microcrypt-lib. - Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . -*/ - /** - * \file seed.c - * \author Daniel Otte - * \date 2007-06-1 - * \brief SEED parts in C for AVR - * \par License - * GPL - * - */ -#include -#include -#include -#include "seed.h" -#include "uart.h" -#include "debug.h" - - - -/******************************************************************************/ -typedef struct { - uint32_t k0, k1; -} keypair_t; - -uint64_t seed_f_function(const uint64_t* a, uint32_t k0, uint32_t k1); -keypair_t seed_getnextkeys(uint32_t *keystate, uint8_t curround); -keypair_t seed_getprevkeys(uint32_t *keystate, uint8_t curround); - -/******************************************************************************/ -#if 0 -#define L (((uint64_t*)buffer)[0]) -#define R (((uint64_t*)buffer)[1]) - -void seed_enc(void * buffer, seed_ctx_t * ctx){ - uint8_t r; - keypair_t k; - for(r=0; r<8; ++r){ - k = seed_getnextkeys(ctx->k, 2*r); -/* - DEBUG_S("\r\n\tDBG ka,0: "); uart_hexdump(&k.k0, 4); - DEBUG_S("\r\n\tDBG ka,1: "); uart_hexdump(&k.k1, 4); - DEBUG_S("\r\n\t DBG L: "); uart_hexdump((uint8_t*)buffer+0, 8); - DEBUG_S("\r\n\t DBG R: "); uart_hexdump((uint8_t*)buffer+8, 8); -*/ - L ^= seed_f_function(&R,k.k0,k.k1); - - k = seed_getnextkeys(ctx->k, 2*r+1); -/* - DEBUG_S("\r\n\tDBG kb,0: "); uart_hexdump(&k.k0, 4); - DEBUG_S("\r\n\tDBG kb,1: "); uart_hexdump(&k.k1, 4); - DEBUG_S("\r\n\t DBG L: "); uart_hexdump((uint8_t*)buffer+8, 8); - DEBUG_S("\r\n\t DBG R: "); uart_hexdump((uint8_t*)buffer+0, 8); -*/ - R ^= seed_f_function(&L,k.k0,k.k1); - } - /* just an exchange without temp. variable */ - L ^= R; - R ^= L; - L ^= R; -} -#endif - -/******************************************************************************/ - -#define L (((uint64_t*)buffer)[0]) -#define R (((uint64_t*)buffer)[1]) - -void seed_dec(void * buffer, seed_ctx_t * ctx){ - int8_t r; - keypair_t k; - for(r=7; r>=0; --r){ - k = seed_getprevkeys(ctx->k, 2*r+1); -/* - DEBUG_S("\r\n\tDBG ka,0: "); uart_hexdump(&k.k0, 4); - DEBUG_S("\r\n\tDBG ka,1: "); uart_hexdump(&k.k1, 4); - DEBUG_S("\r\n\t DBG L: "); uart_hexdump((uint8_t*)buffer+0, 8); - DEBUG_S("\r\n\t DBG R: "); uart_hexdump((uint8_t*)buffer+8, 8); -*/ - L ^= seed_f_function(&R,k.k0,k.k1); - - k = seed_getprevkeys(ctx->k, 2*r+0); -/* - DEBUG_S("\r\n\tDBG kb,0: "); uart_hexdump(&k.k0, 4); - DEBUG_S("\r\n\tDBG kb,1: "); uart_hexdump(&k.k1, 4); - DEBUG_S("\r\n\t DBG L: "); uart_hexdump((uint8_t*)buffer+8, 8); - DEBUG_S("\r\n\t DBG R: "); uart_hexdump((uint8_t*)buffer+0, 8); -*/ - R ^= seed_f_function(&L,k.k0,k.k1); - } - /* just an exchange without temp. variable */ - L ^= R; - R ^= L; - L ^= R; -} - - - - - - - - - diff --git a/test_src/main-seed-test.c b/test_src/main-seed-test.c index 678d132..5161d59 100644 --- a/test_src/main-seed-test.c +++ b/test_src/main-seed-test.c @@ -107,7 +107,7 @@ void testrun_performance_seed(void){ void testencrypt(uint8_t* block, uint8_t* key){ seed_ctx_t ctx; - uart_putstr("\r\n==testy-encrypt==\r\n key: "); + uart_putstr("\r\n==testy-encrypt==\r\n key: "); uart_hexdump(key,16); seed_init(key, &ctx); uart_putstr("\r\n plain: "); @@ -119,7 +119,7 @@ void testencrypt(uint8_t* block, uint8_t* key){ void testdecrypt(uint8_t* block, uint8_t* key){ seed_ctx_t ctx; - uart_putstr("\r\n==testy-decrypt==\r\n key: "); + uart_putstr("\r\n==testy-decrypt==\r\n key: "); uart_hexdump(key,16); seed_init(key, &ctx); uart_putstr("\r\n crypt: "); @@ -131,25 +131,25 @@ void testdecrypt(uint8_t* block, uint8_t* key){ void testrun_seed(void){ uint8_t keys[4][16]= - { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, - { 0x47, 0x06, 0x48, 0x08, 0x51, 0xE6, 0x1B, 0xE8, - 0x5D, 0x74, 0xBF, 0xB3, 0xFD, 0x95, 0x61, 0x85 }, - { 0x28, 0xDB, 0xC3, 0xBC, 0x49, 0xFF, 0xD8, 0x7D, - 0xCF, 0xA5, 0x09, 0xB1, 0x1D, 0x42, 0x2B, 0xE7,} - }; + { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x47, 0x06, 0x48, 0x08, 0x51, 0xE6, 0x1B, 0xE8, + 0x5D, 0x74, 0xBF, 0xB3, 0xFD, 0x95, 0x61, 0x85 }, + { 0x28, 0xDB, 0xC3, 0xBC, 0x49, 0xFF, 0xD8, 0x7D, + 0xCF, 0xA5, 0x09, 0xB1, 0x1D, 0x42, 0x2B, 0xE7,} + }; uint8_t datas[4][16]= - { { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x83, 0xA2, 0xF8, 0xA2, 0x88, 0x64, 0x1F, 0xB9, - 0xA4, 0xE9, 0xA5, 0xCC, 0x2F, 0x13, 0x1C, 0x7D }, - { 0xB4, 0x1E, 0x6B, 0xE2, 0xEB, 0xA8, 0x4A, 0x14, - 0x8E, 0x2E, 0xED, 0x84, 0x59, 0x3C, 0x5E, 0xC7 } - }; + { { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x83, 0xA2, 0xF8, 0xA2, 0x88, 0x64, 0x1F, 0xB9, + 0xA4, 0xE9, 0xA5, 0xCC, 0x2F, 0x13, 0x1C, 0x7D }, + { 0xB4, 0x1E, 0x6B, 0xE2, 0xEB, 0xA8, 0x4A, 0x14, + 0x8E, 0x2E, 0xED, 0x84, 0x59, 0x3C, 0x5E, 0xC7 } + }; uint8_t i=0; for(i=0; i<4; ++i){ testencrypt(datas[i],keys[i]);