From 4f50c75ee5a6cc88bf7ea71957ed509e298e6c25 Mon Sep 17 00:00:00 2001 From: bg Date: Thu, 6 Aug 2009 13:31:40 +0000 Subject: [PATCH] new makefile and modified build process --- Makefile | 454 +++++------ aes.h => aes/aes.h | 0 aes128_dec.c => aes/aes128_dec.c | 0 aes128_dec.h => aes/aes128_dec.h | 0 aes128_enc.c => aes/aes128_enc.c | 0 aes128_enc.h => aes/aes128_enc.h | 0 aes192_dec.c => aes/aes192_dec.c | 0 aes192_dec.h => aes/aes192_dec.h | 0 aes192_enc.c => aes/aes192_enc.c | 0 aes192_enc.h => aes/aes192_enc.h | 0 aes256_dec.c => aes/aes256_dec.c | 0 aes256_dec.h => aes/aes256_dec.h | 0 aes256_enc.c => aes/aes256_enc.c | 0 aes256_enc.h => aes/aes256_enc.h | 0 aes_dec-asm.S => aes/aes_dec-asm.S | 0 .../aes_dec-asm_faster.S | 0 aes_dec.c => aes/aes_dec.c | 0 aes_dec.h => aes/aes_dec.h | 0 aes_enc-asm.S => aes/aes_enc-asm.S | 0 aes_enc.c => aes/aes_enc.c | 0 aes_enc.h => aes/aes_enc.h | 0 aes_invsbox-asm.S => aes/aes_invsbox-asm.S | 0 aes_invsbox.c => aes/aes_invsbox.c | 0 aes_invsbox.h => aes/aes_invsbox.h | 0 .../aes_keyschedule-asm.S | 0 aes_keyschedule.c => aes/aes_keyschedule.c | 0 aes_keyschedule.h => aes/aes_keyschedule.h | 0 aes_sbox-asm.S => aes/aes_sbox-asm.S | 0 aes_sbox.c => aes/aes_sbox.c | 0 aes_sbox.h => aes/aes_sbox.h | 0 aes/gf256mul.S | 82 ++ aes/gf256mul.h | 37 + avr-makefile.inc | 6 +- blake_common.c => blake/blake_common.c | 0 blake_common.h => blake/blake_common.h | 0 blake_large.c => blake/blake_large.c | 0 blake_large.h => blake/blake_large.h | 0 blake_small.c => blake/blake_small.c | 0 blake_small.h => blake/blake_small.h | 0 blake/memxor.S | 66 ++ blake/memxor.h | 7 + camellia-asm.S => camellia/camellia-asm.S | 0 camellia.h => camellia/camellia.h | 0 .../camellia128-stub.c | 0 camellia_C.c => camellia/camellia_C.c | 0 config.h | 2 +- groestl/aes_sbox.c | 23 + groestl/aes_sbox.h | 33 + groestl/gf256mul.S | 82 ++ groestl/gf256mul.h | 37 + groestl_large.c => groestl/groestl_large.c | 0 groestl_large.h => groestl/groestl_large.h | 0 groestl_small.c => groestl/groestl_small.c | 0 groestl_small.h => groestl/groestl_small.h | 0 groestl/memxor.S | 66 ++ groestl/memxor.h | 7 + host/shavs_test.rb | 1 + memxor.S | 36 +- mkfiles/aes.mk | 4 +- mkfiles/aes_asm_faster.mk | 3 +- mkfiles/aes_c.mk | 1 + mkfiles/blake_c.mk | 2 +- mkfiles/camellia.mk | 1 + mkfiles/groestl_c.mk | 2 +- mkfiles/mugi.mk | 1 + mkfiles/shabal.mk | 2 +- mkfiles/shabal_c.mk | 2 +- mkfiles/skein.mk | 2 +- mkfiles/threefish.mk | 2 +- mkfiles/twister.mk | 1 + mkfiles/twister_c.mk | 1 + mkfiles/ubi.mk | 2 +- mugi/aes_sbox.c | 23 + mugi/aes_sbox.h | 33 + mugi/gf256mul.S | 82 ++ mugi/gf256mul.h | 37 + mugi.c => mugi/mugi.c | 0 mugi.h => mugi/mugi.h | 0 shabal-asm.S => shabal/shabal-asm.S | 0 shabal.c => shabal/shabal.c | 0 shabal.h => shabal/shabal.h | 0 shabal192-asm.S => shabal/shabal192-asm.S | 0 shabal192.c => shabal/shabal192.c | 0 shabal224-asm.S => shabal/shabal224-asm.S | 0 shabal224.c => shabal/shabal224.c | 0 shabal256-asm.S => shabal/shabal256-asm.S | 0 shabal256.c => shabal/shabal256.c | 0 shabal384-asm.S => shabal/shabal384-asm.S | 0 shabal384.c => shabal/shabal384.c | 0 shabal512-asm.S => shabal/shabal512-asm.S | 0 shabal512.c => shabal/shabal512.c | 0 shabal/shabal_shorttest.log | 123 +++ shabal/shabal_shorttest.log.ps | 713 ++++++++++++++++++ skein/memxor.S | 66 ++ skein/memxor.h | 7 + skein/skein-speed.log | 202 +++++ skein.h => skein/skein.h | 0 skein1024.c => skein/skein1024.c | 0 skein1024_asm.S => skein/skein1024_asm.S | 0 skein256.c => skein/skein256.c | 0 skein256_asm.S => skein/skein256_asm.S | 28 +- skein512.c => skein/skein512.c | 0 skein512_asm.S => skein/skein512_asm.S | 0 skein/skein_algo_list.txt | 20 + threefish.h => skein/threefish.h | 0 .../threefish1024_dec.c | 0 .../threefish1024_dec_asm.S | 0 skein/threefish1024_dec_cstub.c | 97 +++ .../threefish1024_enc.c | 0 .../threefish1024_enc_asm.S | 0 .../threefish256_dec.c | 0 .../threefish256_dec_asm.S | 0 skein/threefish256_dec_cstub.c | 66 ++ .../threefish256_enc.c | 0 .../threefish256_enc_asm.S | 34 +- .../threefish256_enc_small.S | 34 +- .../threefish512_dec.c | 0 .../threefish512_dec_asm.S | 0 skein/threefish512_dec_cstub.c | 81 ++ .../threefish512_enc.c | 0 .../threefish512_enc_asm.S | 0 .../threefish_invmix.S | 0 skein/threefish_invmix_4c.S | 305 ++++++++ .../threefish_invmix_c.c | 0 threefish_mix.S => skein/threefish_mix.S | 0 .../threefish_mix_4c.S | 0 threefish_mix_c.c => skein/threefish_mix_c.c | 0 ubi.h => skein/ubi.h | 0 ubi1024.c => skein/ubi1024.c | 0 ubi1024_asm.S => skein/ubi1024_asm.S | 0 ubi256.c => skein/ubi256.c | 0 ubi256_asm.S => skein/ubi256_asm.S | 0 ubi512.c => skein/ubi512.c | 0 ubi512_asm.S => skein/ubi512_asm.S | 0 test_src/config.h | 2 +- test_src/hexdigit_tab.c | 49 -- test_src/main-aes-test.c | 16 +- test_src/main-aes128-test.c | 8 +- test_src/main-aes192-test.c | 8 +- test_src/main-aes256-test.c | 8 +- twister/gf256mul.S | 82 ++ twister/gf256mul.h | 37 + twister/memxor.S | 66 ++ twister/memxor.h | 7 + twister-asm.S => twister/twister-asm.S | 0 twister/twister-asm.S_shiftmul | 351 +++++++++ .../twister-large-asm.S | 0 twister-large.c => twister/twister-large.c | 0 twister-large.h => twister/twister-large.h | 0 .../twister-sha3api.c | 0 .../twister-sha3api.h | 0 .../twister-small-asm.S | 0 .../twister-small-stub.c | 0 twister-small.c => twister/twister-small.c | 0 twister-small.h => twister/twister-small.h | 0 twister/twister-speed.log | 40 + twister.c => twister/twister.c | 0 twister.h => twister/twister.h | 0 twister224.S => twister/twister224.S | 0 twister256.S => twister/twister256.S | 0 twister384.S => twister/twister384.S | 0 twister512.S => twister/twister512.S | 0 twister_ref.h => twister/twister_ref.h | 0 twister_tables.h => twister/twister_tables.h | 0 164 files changed, 3162 insertions(+), 428 deletions(-) rename aes.h => aes/aes.h (100%) rename aes128_dec.c => aes/aes128_dec.c (100%) rename aes128_dec.h => aes/aes128_dec.h (100%) rename aes128_enc.c => aes/aes128_enc.c (100%) rename aes128_enc.h => aes/aes128_enc.h (100%) rename aes192_dec.c => aes/aes192_dec.c (100%) rename aes192_dec.h => aes/aes192_dec.h (100%) rename aes192_enc.c => aes/aes192_enc.c (100%) rename aes192_enc.h => aes/aes192_enc.h (100%) rename aes256_dec.c => aes/aes256_dec.c (100%) rename aes256_dec.h => aes/aes256_dec.h (100%) rename aes256_enc.c => aes/aes256_enc.c (100%) rename aes256_enc.h => aes/aes256_enc.h (100%) rename aes_dec-asm.S => aes/aes_dec-asm.S (100%) rename aes_dec-asm_faster.S => aes/aes_dec-asm_faster.S (100%) rename aes_dec.c => aes/aes_dec.c (100%) rename aes_dec.h => aes/aes_dec.h (100%) rename aes_enc-asm.S => aes/aes_enc-asm.S (100%) rename aes_enc.c => aes/aes_enc.c (100%) rename aes_enc.h => aes/aes_enc.h (100%) rename aes_invsbox-asm.S => aes/aes_invsbox-asm.S (100%) rename aes_invsbox.c => aes/aes_invsbox.c (100%) rename aes_invsbox.h => aes/aes_invsbox.h (100%) rename aes_keyschedule-asm.S => aes/aes_keyschedule-asm.S (100%) rename aes_keyschedule.c => aes/aes_keyschedule.c (100%) rename aes_keyschedule.h => aes/aes_keyschedule.h (100%) rename aes_sbox-asm.S => aes/aes_sbox-asm.S (100%) rename aes_sbox.c => aes/aes_sbox.c (100%) rename aes_sbox.h => aes/aes_sbox.h (100%) create mode 100644 aes/gf256mul.S create mode 100644 aes/gf256mul.h rename blake_common.c => blake/blake_common.c (100%) rename blake_common.h => blake/blake_common.h (100%) rename blake_large.c => blake/blake_large.c (100%) rename blake_large.h => blake/blake_large.h (100%) rename blake_small.c => blake/blake_small.c (100%) rename blake_small.h => blake/blake_small.h (100%) create mode 100644 blake/memxor.S create mode 100644 blake/memxor.h rename camellia-asm.S => camellia/camellia-asm.S (100%) rename camellia.h => camellia/camellia.h (100%) rename camellia128-stub.c => camellia/camellia128-stub.c (100%) rename camellia_C.c => camellia/camellia_C.c (100%) create mode 100644 groestl/aes_sbox.c create mode 100644 groestl/aes_sbox.h create mode 100644 groestl/gf256mul.S create mode 100644 groestl/gf256mul.h rename groestl_large.c => groestl/groestl_large.c (100%) rename groestl_large.h => groestl/groestl_large.h (100%) rename groestl_small.c => groestl/groestl_small.c (100%) rename groestl_small.h => groestl/groestl_small.h (100%) create mode 100644 groestl/memxor.S create mode 100644 groestl/memxor.h create mode 100644 mugi/aes_sbox.c create mode 100644 mugi/aes_sbox.h create mode 100644 mugi/gf256mul.S create mode 100644 mugi/gf256mul.h rename mugi.c => mugi/mugi.c (100%) rename mugi.h => mugi/mugi.h (100%) rename shabal-asm.S => shabal/shabal-asm.S (100%) rename shabal.c => shabal/shabal.c (100%) rename shabal.h => shabal/shabal.h (100%) rename shabal192-asm.S => shabal/shabal192-asm.S (100%) rename shabal192.c => shabal/shabal192.c (100%) rename shabal224-asm.S => shabal/shabal224-asm.S (100%) rename shabal224.c => shabal/shabal224.c (100%) rename shabal256-asm.S => shabal/shabal256-asm.S (100%) rename shabal256.c => shabal/shabal256.c (100%) rename shabal384-asm.S => shabal/shabal384-asm.S (100%) rename shabal384.c => shabal/shabal384.c (100%) rename shabal512-asm.S => shabal/shabal512-asm.S (100%) rename shabal512.c => shabal/shabal512.c (100%) create mode 100644 shabal/shabal_shorttest.log create mode 100644 shabal/shabal_shorttest.log.ps create mode 100644 skein/memxor.S create mode 100644 skein/memxor.h create mode 100644 skein/skein-speed.log rename skein.h => skein/skein.h (100%) rename skein1024.c => skein/skein1024.c (100%) rename skein1024_asm.S => skein/skein1024_asm.S (100%) rename skein256.c => skein/skein256.c (100%) rename skein256_asm.S => skein/skein256_asm.S (97%) rename skein512.c => skein/skein512.c (100%) rename skein512_asm.S => skein/skein512_asm.S (100%) create mode 100644 skein/skein_algo_list.txt rename threefish.h => skein/threefish.h (100%) rename threefish1024_dec.c => skein/threefish1024_dec.c (100%) rename threefish1024_dec_asm.S => skein/threefish1024_dec_asm.S (100%) create mode 100644 skein/threefish1024_dec_cstub.c rename threefish1024_enc.c => skein/threefish1024_enc.c (100%) rename threefish1024_enc_asm.S => skein/threefish1024_enc_asm.S (100%) rename threefish256_dec.c => skein/threefish256_dec.c (100%) rename threefish256_dec_asm.S => skein/threefish256_dec_asm.S (100%) create mode 100644 skein/threefish256_dec_cstub.c rename threefish256_enc.c => skein/threefish256_enc.c (100%) rename threefish256_enc_asm.S => skein/threefish256_enc_asm.S (96%) rename threefish256_enc_small.S => skein/threefish256_enc_small.S (96%) rename threefish512_dec.c => skein/threefish512_dec.c (100%) rename threefish512_dec_asm.S => skein/threefish512_dec_asm.S (100%) create mode 100644 skein/threefish512_dec_cstub.c rename threefish512_enc.c => skein/threefish512_enc.c (100%) rename threefish512_enc_asm.S => skein/threefish512_enc_asm.S (100%) rename threefish_invmix.S => skein/threefish_invmix.S (100%) create mode 100644 skein/threefish_invmix_4c.S rename threefish_invmix_c.c => skein/threefish_invmix_c.c (100%) rename threefish_mix.S => skein/threefish_mix.S (100%) rename threefish_mix_4c.S => skein/threefish_mix_4c.S (100%) rename threefish_mix_c.c => skein/threefish_mix_c.c (100%) rename ubi.h => skein/ubi.h (100%) rename ubi1024.c => skein/ubi1024.c (100%) rename ubi1024_asm.S => skein/ubi1024_asm.S (100%) rename ubi256.c => skein/ubi256.c (100%) rename ubi256_asm.S => skein/ubi256_asm.S (100%) rename ubi512.c => skein/ubi512.c (100%) rename ubi512_asm.S => skein/ubi512_asm.S (100%) delete mode 100644 test_src/hexdigit_tab.c create mode 100644 twister/gf256mul.S create mode 100644 twister/gf256mul.h create mode 100644 twister/memxor.S create mode 100644 twister/memxor.h rename twister-asm.S => twister/twister-asm.S (100%) create mode 100644 twister/twister-asm.S_shiftmul rename twister-large-asm.S => twister/twister-large-asm.S (100%) rename twister-large.c => twister/twister-large.c (100%) rename twister-large.h => twister/twister-large.h (100%) rename twister-sha3api.c => twister/twister-sha3api.c (100%) rename twister-sha3api.h => twister/twister-sha3api.h (100%) rename twister-small-asm.S => twister/twister-small-asm.S (100%) rename twister-small-stub.c => twister/twister-small-stub.c (100%) rename twister-small.c => twister/twister-small.c (100%) rename twister-small.h => twister/twister-small.h (100%) create mode 100644 twister/twister-speed.log rename twister.c => twister/twister.c (100%) rename twister.h => twister/twister.h (100%) rename twister224.S => twister/twister224.S (100%) rename twister256.S => twister/twister256.S (100%) rename twister384.S => twister/twister384.S (100%) rename twister512.S => twister/twister512.S (100%) rename twister_ref.h => twister/twister_ref.h (100%) rename twister_tables.h => twister/twister_tables.h (100%) diff --git a/Makefile b/Makefile index 7afbe74..5a9090c 100644 --- a/Makefile +++ b/Makefile @@ -2,363 +2,261 @@ # author: Daniel Otte SHELL = sh -BLOCK_CIPHERS := -STREAM_CIPHERS := +BLOCK_CIPHERS := +STREAM_CIPHERS := HASHES := MACS := -PRNGS := +PRNGS := ENCODINGS := AUX := # we use the gnu make standard library include gmsl include avr-makefile.inc + +#------------------------------------------------------------------------------- +# inclusion of make stubs include mkfiles/*.mk -ALGORITHMS = $(BLOCK_CIPHERS) $(STREAM_CIPHERS) $(HASHES) $(PRNGS) $(MACS) $(ENCODINGS) $(AUX) +#------------------------------------------------------------------------------- +ALGORITHMS = $(BLOCK_CIPHERS) $(STREAM_CIPHERS) $(HASHES) $(PRNGS) $(MACS) \ + $(ENCODINGS) $(AUX) ALGORITHMS_OBJ = $(patsubst %,%_OBJ, $(ALGORITHMS)) ALGORITHMS_TEST_BIN = $(patsubst %,%_TEST_BIN, $(ALGORITHMS)) -define OBJinBINDIR_TEMPLATE +#------------------------------------------------------------------------------- +# define binary object in $(BIN_DIR)$(ALGO)/ +define Assert_Template $(1) = $(2) endef -$(foreach a, $(ALGORITHMS_OBJ), $(eval $(call OBJinBINDIR_TEMPLATE, $(a), $(patsubst %.o,$(BIN_DIR)%.o,$($(a)))))) - -$(foreach a, $(ALGORITHMS_TEST_BIN), $(eval $(call OBJinBINDIR_TEMPLATE, $(a), $(patsubst %.o,$(TESTBIN_DIR)%.o,$($(a)))))) - - -#ALGORITHMS_TEST_BIN_IMM = $(foreach a, $(ALGORITHMS_TEST_BIN), $($(a))) -ALGORITHMS_NESSIE_TEST = $(patsubst %,%_NESSIE_TEST, $(ALGORITHMS)) -ALGORITHMS_PERFORMANCE_TEST = $(patsubst %,%_PERORMANCE_TEST, $(ALGORITHMS)) - -ALGORITHMS_LC = $(call lc,$(ALGORITHMS)) - -ALGORITHMS_TEST_TARGET_ELF = $(patsubst %, $(TESTBIN_DIR)main-%-test.elf, $(ALGORITHMS_LC)) -ALGORITHMS_TEST_TARGET_HEX = $(patsubst %, $(TESTBIN_DIR)main-%-test.hex, $(ALGORITHMS_LC)) - +$(foreach a, $(ALGORITHMS), $(eval $(call Assert_Template, \ + $(a)_BINOBJ, \ + $(addprefix $(BIN_DIR)$(call lc,$(a))/,$($(a)_OBJ)) \ +))) + +$(foreach a, $(ALGORITHMS), $(eval $(call Assert_Template, \ + $(a)_TESTBINOBJ, \ + $(addprefix $(BIN_DIR)$(call lc,$(a))/$(TEST_DIR),$($(a)_TEST_BIN)) \ +))) + + +#$(foreach a, $(ALGORITHMS), \ +# $(if $(def $(a)_DIR), \ +# $(eval $(call Assert_Template, \ +# $(a)_DIR, \ +# . \ +# ) \ +# )) \ +#) +# +#$(foreach a, $(ALGORITHMS), \ +# $(if $(call seq($(strip($($(a)_DIR))),)), \ +# $(eval $(call Assert_Template, \ +# $(a)_DIR, \ +# . \ +# ) \ +# )) \ +#) #------------------------------------------------------------------------------- - -all: $(foreach algo, $(ALGORITHMS), $(algo)_OBJ) - -#------------------------------------------------------------------------------- - -define MAIN_OBJ_TEMPLATE -$(2): $(3) $(4) - @echo "[ld] : $$@" -# echo $$^ - @$(CC) $(CFLAGS) $(LDFLAGS)$(patsubst %.elf,%.map,$(2)) -o \ - $(2) \ - $(3) $(4) \ - $(LIBS) +# +### ifeq 'blafoo' '' +### $(error no source ($(2)) for $(1) in TargetSource_Template) +### endif + +define TargetSource_Template +$(1): $(2) + @echo "[cc]: $(1) <-- $(2)" + @mkdir -p $(dir $(1)) + @$(CC) $(CFLAGS_A) -I./$(strip $(3)) -c -o $(1) $(2) endef -$(foreach algo, $(ALGORITHMS), $(eval $(call MAIN_OBJ_TEMPLATE, \ - $(algo), \ - $(TESTBIN_DIR)main-$(call lc,$(algo))-test.elf, \ - $(patsubst %.o,%.o,$($(algo)_TEST_BIN)), \ - $(patsubst %.o,%.o,$($(algo)_OBJ)) ))) - - - - +$(foreach a, $(ALGORITHMS), \ + $(foreach b, $($(a)_OBJ), \ + $(eval $(call TargetSource_Template, \ + $(BIN_DIR)$(call lc, $(a))/$(b), \ + $(filter %.S %.c, $(wildcard $($(a)_DIR)$(notdir $(patsubst %.o,%,$(b))).*)), \ + $($(a)_DIR) \ + )) \ + ) \ +) + +$(foreach a, $(ALGORITHMS), \ + $(foreach b, $($(a)_TEST_BIN), \ + $(eval $(call TargetSource_Template, \ + $(BIN_DIR)$(call lc, $(a))/$(TEST_DIR)$(b), \ + $(if $(call sne,$(strip $(filter %.S %.c, $(wildcard $(TESTSRC_DIR)$(notdir $(patsubst %.o,%,$(b))).*))),), \ + $(filter %.S %.c, $(wildcard $(TESTSRC_DIR)$(notdir $(patsubst %.o,%,$(b))).*)), \ + $(filter %.S %.c, $(wildcard ./$(notdir $(patsubst %.o,%,$(b))).*))\ + ), \ + $($(a)_DIR) \ + )) \ + ) \ +) #------------------------------------------------------------------------------- -.PHONY: help -help: info - -info: - @echo "infos on AVR-Crypto-lib:" - @echo " block ciphers:" - @echo " $(BLOCK_CIPHERS)" - @echo " stream ciphers:" - @echo " $(STREAM_CIPHERS)" - @echo " hash functions:" - @echo " $(HASHES)" - @echo " MAC functions:" - @echo " $(MACS)" - @echo " PRNG functions:" - @echo " $(PRNGS)" - @echo " encodings:" - @echo " $(ENCODINGS)" -# @echo " ALGORITHMS_TEST_BIN:" -# @echo " $(ALGORITHMS_TEST_BIN)" -# @echo " ALGORITHMS_TEST_TARGET_ELF:" -# @echo " $(ALGORITHMS_TEST_TARGET_ELF)" - @echo " targets:" - @echo " all - all algorithm cores" - @echo " cores - all algorithm cores" - @echo " listings - all algorithm core listings" - @echo " tests - all algorithm test programs" - @echo " stats - all algorithm size statistics" - @echo " blockciphers - all blockcipher cores" - @echo " streamciphers - all streamcipher cores" - @echo " hashes - all hash cores" - @echo " macs - all MAC cores" - @echo " prngs - all PRNG cores" - @echo " all_testrun - testrun all algorithms" - @echo " docu - build doxygen documentation" - @echo " clean - remove a lot of builded files" - @echo " xclean - also remove dependency files" - @echo " *_TEST_BIN - build test program" - @echo " *_TESTRUN - run nessie test" - @echo " *_OBJ - build algorithm core" - @echo " *_FLASH - flash test program" - @echo " *_LIST - build assembler listing" -#------------------------------------------------------------------------------- - -define SOURCEFILE_TEMPLATE -$(BIN_DIR)$(1): $(2)/$(3).c - $(CC) $(CFLAGS) -c -o $@ $< +define MainTestElf_Template +$(1): $(2) $(3) + @echo "[ld]: $(1)" + @$(CC) $(CFLAGS_A) $(LDFLAGS)$(patsubst %.elf,%.map,$(1)) -o \ + $(1) \ + $(2) $(3) \ + $(LIBS) endef -#------------------------------------------------------------------------------- -$(BIN_DIR)%.o: %.c - @echo "[gcc]: $@" - @$(CC) $(CFLAGS) -c -o $@ $< - -$(BIN_DIR)%.o: %.S - @echo "[as] : $@" - @$(CC) $(ASFLAGS) -c -o $@ $< - -$(TESTBIN_DIR)%.o: $(TESTSRC_DIR)%.c - @echo "[gcc]: $@" - @$(CC) $(CFLAGS) -c -o $@ $< - -$(TESTBIN_DIR)%.o: $(TESTSRC_DIR)%.S - @echo "[as] : $@" - @$(CC) $(ASFLAGS) -c -o $@ $< - -$(TESTBIN_DIR)%.o: %.c - @echo "[gcc]: $@" - @$(CC) $(CFLAGS) -c -o $@ $< - -$(TESTBIN_DIR)%.o: %.S - @echo "[as] : $@" - @$(CC) $(ASFLAGS) -c -o $@ $< - - - -%.o: %.c - @echo "[gcc]: $@" - @$(CC) $(CFLAGS) -c -o $@ $< - -%.o: %.S - @echo "[as] : $@" - @$(CC) $(ASFLAGS) -c -o $@ $< +$(foreach a, $(ALGORITHMS), \ + $(eval $(call MainTestElf_Template, \ + $(BIN_DIR)$(call lc, $(a))/$(TEST_DIR)main-$(call lc, $(a))-test.elf, \ + $($(a)_BINOBJ), \ + $($(a)_TESTBINOBJ) \ + )) \ +) #------------------------------------------------------------------------------- - -define OBJ_TEMPLATE -$(1)_OBJ: $(2) -# @echo " ALGO: $(1)" -# @echo " REQ: $(2)" -endef - -$(foreach algo, $(ALGORITHMS), $(eval $(call OBJ_TEMPLATE, $(algo), $($(algo)_OBJ)))) +all: $(foreach algo, $(ALGORITHMS), $($(algo)_BINOBJ)) #------------------------------------------------------------------------------- -define TESTBIN_TEMPLATE +define TestBin_TEMPLATE $(1)_TEST_BIN: $(2) endef -$(foreach algo, $(ALGORITHMS), $(eval $(call TESTBIN_TEMPLATE, $(algo), $($(algo)_TEST_BIN)))) +$(foreach algo, $(ALGORITHMS), $(eval $(call TestBin_TEMPLATE, \ + $(algo), \ + $(BIN_DIR)$(call lc, $(algo))/$(TEST_DIR)main-$(call lc, $(algo))-test.elf \ +))) #------------------------------------------------------------------------------- -$(BLOCK_CIPHERS_OBJ): $(patsubst %,%_OBJ, $(BLOCK_CIPHERS)) -$(STREAM_CIPHERS_OBJ): $(patsubst %,%_OBJ, $(STREAM_CIPHERS)) -$(HASHES_OBJ): $(patsubst %,%_OBJ, $(HASHES)) -$(PRNGS_OBJ): $(patsubst %,%_OBJ, $(PRNGS)) -$(MACS_OBJ): $(patsubst %,%_OBJ, $(MACS)) -$(ENCODINGS_OBJ): $(patsubst %,%_OBJ, $(ENCODINGS)) - -#------------------------------------------------------------------------------- - -define SIZE_TEMPLATE -$(1)_size.txt: $(2) - @echo "[size]: $(1)_size.txt" - @$(SIZE) $(2) > $(1)_size.txt -endef - -$(foreach algo, $(ALGORITHMS), $(eval $(call SIZE_TEMPLATE, $(STAT_DIR)$(call lc,$(algo)), $($(algo)_OBJ)))) +%.hex: %.elf + @echo "[objcopy]: $@" + @$(OBJCOPY) -j .text -j .data -O ihex $< $@ #------------------------------------------------------------------------------- -define FLASH_TEMPLATE +define Flash_Template $(1)_FLASH: $(2) @echo "[flash]: $(2)" @$(FLASHCMD)$(call first,$(2)) endef -$(foreach algo, $(ALGORITHMS),$(eval $(call FLASH_TEMPLATE, $(algo), $(TESTBIN_DIR)main-$(call lc,$(algo))-test.hex) )) +$(foreach algo, $(ALGORITHMS), $(eval $(call Flash_Template, \ + $(algo), \ + $(BIN_DIR)$(call lc, $(algo))/$(TEST_DIR)main-$(call lc, $(algo))-test.hex \ +))) #------------------------------------------------------------------------------- -define TESTRUN_TEMPLATE +.PHONY: tests +tests: $(foreach a, $(ALGORITHMS), $(a)_TEST_BIN) + +#------------------------------------------------------------------------------- + +define TestRun_Template $(1)_TESTRUN: $(1)_FLASH @echo "[test]: $(1)" - $(RUBY) $(GET_TEST) $(TESTPORT) $(TESTPORTBAUDR) 8 1 nessie $(TESTLOG_DIR)$(TESTPREFIX) $(2) + $(RUBY) $(GET_TEST) $(TESTPORT) $(TESTPORTBAUDR) 8 1 nessie $(TESTLOG_DIR)$(TESTPREFIX) $(2) endef -$(foreach algo, $(ALGORITHMS),$(eval $(call TESTRUN_TEMPLATE, $(algo), $(call lc,$(algo)) ))) +$(foreach algo, $(ALGORITHMS),$(eval $(call TestRun_Template, $(algo), $(call lc,$(algo)) ))) all_testrun: $(foreach algo, $(ALGORITHMS), $(algo)_TESTRUN) #------------------------------------------------------------------------------- -define TESTSPEED_TEMPLATE -$(1)_TESTSPEED: $(1)_FLASH - @echo "[speed]: $(1)" - $(RUBY) $(GET_PERFORMANCE) $(TESTPORT) $(TESTPORTBAUDR) 8 1 performance $(SPEEDLOG_DIR)$(SPEEDPREFIX) $(2) +define Obj_Template +$(1)_OBJ: $(2) endef -$(foreach algo, $(ALGORITHMS),$(eval $(call TESTSPEED_TEMPLATE, $(algo), $(call lc,$(algo)) ))) - -all_testspeed: $(foreach algo, $(ALGORITHMS), $(algo)_TESTSPEED) -hash_testspeed: $(foreach algo, $(HASHES), $(algo)_TESTSPEED) +$(foreach algo, $(ALGORITHMS), \ + $(eval $(call Obj_Template, \ + $(algo), \ + $($(algo)_BINOBJ)\ + ))\ +) +.PHONY: cores +cores: $(foreach algo, $(ALGORITHMS), $(algo)_OBJ) -#------------------------------------------------------------------------------- +.PHONY: blockchiphers +blockciphers: $(foreach algo, $(BLOCK_CIPHERS), $(algo)_OBJ) -define LISTING_TEMPLATE -$(1)_LIST: $(2) -endef +.PHONY: streamchiphers +streamciphers: $(foreach algo, $(STREAM_CIPHERS), $(algo)_OBJ) -$(foreach algo, $(ALGORITHMS),$(eval $(call LISTING_TEMPLATE,$(call uc, $(algo)), \ - $(patsubst %,$(LIST_DIR)%, \ - $(patsubst $(BIN_DIR)%,%, \ - $(patsubst $(TESTBIN_DIR)%,%, \ - $(patsubst %.o,%.lst,$($(algo)_OBJ)))) )))) +.PHONY: hashes +hashes: $(foreach algo, $(HASHES), $(algo)_OBJ) -listings: $(patsubst %,%_LIST,$(ALGORITHMS)) +.PHONY: macs +macs: $(foreach algo, $(MACS), $(algo)_OBJ) +.PHONY: prngs +prngs: $(foreach algo, $(PRNGS), $(algo)_OBJ) -$(LIST_DIR)%.lst: $(TESTBIN_DIR)%.elf - $(OBJDUMP) -h -S $< > $@ +.PHONY: encodings +encodings: $(foreach algo, $(ENCODINGS), $(algo)_OBJ) -$(LIST_DIR)%.lst: $(BIN_DIR)%.o - $(OBJDUMP) -h -S $< > $@ +.PHONY: aux +aux: $(foreach algo, $(AUX), $(algo)_OBJ) -$(LIST_DIR)%.lst: $(TESTBIN_DIR)%.o - $(OBJDUMP) -h -S $< > $@ #------------------------------------------------------------------------------- -.PHONY: cores -cores: $(ALGORITHMS_OBJ) - -.PHONY: blockciphers -blockciphers: $(patsubst %, %_OBJ, $(BLOCK_CIPHERS)) - -.PHONY: streamciphers -streamciphers: $(patsubst %, %_OBJ, $(STREAM_CIPHERS)) - -.PHONY: hashes -hashes: $(patsubst %, %_OBJ, $(HASHES)) -.PHONY: macs -macs: $(patsubst %, %_OBJ, $(MACS)) - -.PHONY: prngs -prngs: $(patsubst %, %_OBJ, $(PRNGS)) - -.PHONY: encodings -encodings: $(patsubst %, %_OBJ, $(ENCODINGS)) - -tests: $(ALGORITHMS_TEST_BIN) \ - $(ALGORITHMS_TEST_TARGET_ELF) \ - $(ALGORITHMS_TEST_TARGET_HEX) +.PHONY: help +help: info +.PHONY: info +info: + @echo "infos on AVR-Crypto-lib:" + @echo " block ciphers:" + @echo " $(BLOCK_CIPHERS)" + @echo " stream ciphers:" + @echo " $(STREAM_CIPHERS)" + @echo " hash functions:" + @echo " $(HASHES)" + @echo " MAC functions:" + @echo " $(MACS)" + @echo " PRNG functions:" + @echo " $(PRNGS)" + @echo " encodings:" + @echo " $(ENCODINGS)" + @echo " targets:" + @echo " all - all algorithm cores" + @echo " cores - all algorithm cores" + @echo " listings - all algorithm core listings" + @echo " tests - all algorithm test programs" + @echo " stats - all algorithm size statistics" + @echo " blockciphers - all blockcipher cores" + @echo " streamciphers - all streamcipher cores" + @echo " hashes - all hash cores" + @echo " macs - all MAC cores" + @echo " prngs - all PRNG cores" + @echo " all_testrun - testrun all algorithms" + @echo " docu - build doxygen documentation" + @echo " clean - remove a lot of builded files" + @echo " depclean - also remove dependency files" + @echo " *_TEST_BIN - build test program" + @echo " *_TESTRUN - run nessie test" + @echo " *_OBJ - build algorithm core" + @echo " *_FLASH - flash test program" + @echo " *_LIST - build assembler listing" -.PHONY: stats -stats: $(SIZESTAT_FILE) - @cat $(STAT_DIR)$(SIZESTAT_FILE) - -$(SIZESTAT_FILE): $(patsubst %, $(STAT_DIR)%_size.txt, $(ALGORITHMS_LC)) - $(RUBY) sumsize.rb $^ > $(STAT_DIR)$(SIZESTAT_FILE) - -#------------------------------------------------------------------------------- +#------------------------------------------------------------------------------- .PHONY: clean clean: - rm -rf $(BIN_DIR)*.o *.o $(TESTBIN_DIR)*.elf $(TESTBIN_DIR)* *.elf *.eps *.png *.pdf *.bak - rm -rf *.lst *.map $(EXTRA_CLEAN_FILES) $(STAT_DIR)$(SIZESTAT_FILE) $(STAT_DIR)*_size.txt -xclean: clean - rm -rf $(DEP_DIR)*.d $(AUTOASM_DIR)*.s - -docu: - doxygen + rm -rf $(BIN_DIR)* -make.dump: Makefile - $(MAKE) -p -B -n -f $^ > $@ - -make.dot: make.dump - $(MAKE2GRAPH) $^ > $@ - -make.png: make.dot - $(TWOPI) -Tpng -o $@ $^ - -make.svg: make.dot - $(TWOPI) -Tsvg -o $@ $^ - -.PHONY: make-info -make-info: make.png make.svg - - -# Rules for building the .text rom images - -%.hex: %.elf - @echo "[objcopy]: $@" - @$(OBJCOPY) -j .text -j .data -O ihex $< $@ +.PHONY: depclean +depclean: clean + rm $(DEP_DIR)*.d -%.srec: %.elf - @echo "[objcopy]: $@" - @$(OBJCOPY) -j .text -j .data -O srec $< $@ - -%.bin: %.elf - @echo "[objcopy]: $@" - @$(OBJCOPY) -j .text -j .data -O binary $< $@ - -# Rules for building the .eeprom rom images - - -%_eeprom.hex: %.elf - @echo "[objcopy]: $@" - @$(OBJCOPY) -j .eeprom --change-section-lma .eeprom=0 -O ihex $< $@ - -%_eeprom.srec: %.elf - @echo "[objcopy]: $@" - @$(OBJCOPY) -j .eeprom --change-section-lma .eeprom=0 -O srec $< $@ - -%_eeprom.bin: %.elf - @echo "[objcopy]: $@" - @$(OBJCOPY) -j .eeprom --change-section-lma .eeprom=0 -O binary $< $@ - #------------------------------------------------------------------------------- -$(AUTOASM_DIR)%.s: %.c - $(CC) $(CFLAGS) $(AUTOASM_OPT) -o $@ $< - -%.s: %.c - $(CC) $(CFLAGS) $(AUTOASM_OPT) -o $@ $< - -#------------------------------------------------------------------------------- -FIG2DEV = fig2dev -EXTRA_CLEAN_FILES = *.hex *.bin *.srec - - -%.eps: %.fig - $(FIG2DEV) -L eps $< $@ - -%.pdf: %.fig - $(FIG2DEV) -L pdf $< $@ - -%.png: %.fig - $(FIG2DEV) -L png $< $@ - +# dependency inclusion +# DEPS := $(wildcard $(DEP_DIR)*.d) diff --git a/aes.h b/aes/aes.h similarity index 100% rename from aes.h rename to aes/aes.h diff --git a/aes128_dec.c b/aes/aes128_dec.c similarity index 100% rename from aes128_dec.c rename to aes/aes128_dec.c diff --git a/aes128_dec.h b/aes/aes128_dec.h similarity index 100% rename from aes128_dec.h rename to aes/aes128_dec.h diff --git a/aes128_enc.c b/aes/aes128_enc.c similarity index 100% rename from aes128_enc.c rename to aes/aes128_enc.c diff --git a/aes128_enc.h b/aes/aes128_enc.h similarity index 100% rename from aes128_enc.h rename to aes/aes128_enc.h diff --git a/aes192_dec.c b/aes/aes192_dec.c similarity index 100% rename from aes192_dec.c rename to aes/aes192_dec.c diff --git a/aes192_dec.h b/aes/aes192_dec.h similarity index 100% rename from aes192_dec.h rename to aes/aes192_dec.h diff --git a/aes192_enc.c b/aes/aes192_enc.c similarity index 100% rename from aes192_enc.c rename to aes/aes192_enc.c diff --git a/aes192_enc.h b/aes/aes192_enc.h similarity index 100% rename from aes192_enc.h rename to aes/aes192_enc.h diff --git a/aes256_dec.c b/aes/aes256_dec.c similarity index 100% rename from aes256_dec.c rename to aes/aes256_dec.c diff --git a/aes256_dec.h b/aes/aes256_dec.h similarity index 100% rename from aes256_dec.h rename to aes/aes256_dec.h diff --git a/aes256_enc.c b/aes/aes256_enc.c similarity index 100% rename from aes256_enc.c rename to aes/aes256_enc.c diff --git a/aes256_enc.h b/aes/aes256_enc.h similarity index 100% rename from aes256_enc.h rename to aes/aes256_enc.h diff --git a/aes_dec-asm.S b/aes/aes_dec-asm.S similarity index 100% rename from aes_dec-asm.S rename to aes/aes_dec-asm.S diff --git a/aes_dec-asm_faster.S b/aes/aes_dec-asm_faster.S similarity index 100% rename from aes_dec-asm_faster.S rename to aes/aes_dec-asm_faster.S diff --git a/aes_dec.c b/aes/aes_dec.c similarity index 100% rename from aes_dec.c rename to aes/aes_dec.c diff --git a/aes_dec.h b/aes/aes_dec.h similarity index 100% rename from aes_dec.h rename to aes/aes_dec.h diff --git a/aes_enc-asm.S b/aes/aes_enc-asm.S similarity index 100% rename from aes_enc-asm.S rename to aes/aes_enc-asm.S diff --git a/aes_enc.c b/aes/aes_enc.c similarity index 100% rename from aes_enc.c rename to aes/aes_enc.c diff --git a/aes_enc.h b/aes/aes_enc.h similarity index 100% rename from aes_enc.h rename to aes/aes_enc.h diff --git a/aes_invsbox-asm.S b/aes/aes_invsbox-asm.S similarity index 100% rename from aes_invsbox-asm.S rename to aes/aes_invsbox-asm.S diff --git a/aes_invsbox.c b/aes/aes_invsbox.c similarity index 100% rename from aes_invsbox.c rename to aes/aes_invsbox.c diff --git a/aes_invsbox.h b/aes/aes_invsbox.h similarity index 100% rename from aes_invsbox.h rename to aes/aes_invsbox.h diff --git a/aes_keyschedule-asm.S b/aes/aes_keyschedule-asm.S similarity index 100% rename from aes_keyschedule-asm.S rename to aes/aes_keyschedule-asm.S diff --git a/aes_keyschedule.c b/aes/aes_keyschedule.c similarity index 100% rename from aes_keyschedule.c rename to aes/aes_keyschedule.c diff --git a/aes_keyschedule.h b/aes/aes_keyschedule.h similarity index 100% rename from aes_keyschedule.h rename to aes/aes_keyschedule.h diff --git a/aes_sbox-asm.S b/aes/aes_sbox-asm.S similarity index 100% rename from aes_sbox-asm.S rename to aes/aes_sbox-asm.S diff --git a/aes_sbox.c b/aes/aes_sbox.c similarity index 100% rename from aes_sbox.c rename to aes/aes_sbox.c diff --git a/aes_sbox.h b/aes/aes_sbox.h similarity index 100% rename from aes_sbox.h rename to aes/aes_sbox.h diff --git a/aes/gf256mul.S b/aes/gf256mul.S new file mode 100644 index 0000000..b269d3a --- /dev/null +++ b/aes/gf256mul.S @@ -0,0 +1,82 @@ +/* gf256mul.S */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +/* + * File: gf256mul.S + * Author: Daniel Otte + * Date: 2008-12-19 + * License: GPLv3 or later + * Description: peasant's algorithm for multiplication in GF(2^8) + * + */ + +#include +#define OPTIMIZE_SMALL_A + +/* + * param a: r24 + * param b: r22 + * param reducer: r20 + */ +A = 23 +B = 22 +P = 24 +.global gf256mul + +#ifdef OPTIMIZE_SMALL_A +gf256mul: + mov A, r24 + clr r24 +1: + lsr A + breq 4f + brcc 2f + eor P, B +2: + lsl B + brcc 3f + eor B, r20 +3: + rjmp 1b +4: + brcc 2f + eor P, B +2: + ret + +#else + +gf256mul: + mov r21, r24 + clr r24 + ldi r25, 8 +1: + lsr A + brcc 2f + eor P, B +2: + lsl B + brcc 3f + eor B, r20 +3: + dec r25 + brne 1b + ret + +#endif diff --git a/aes/gf256mul.h b/aes/gf256mul.h new file mode 100644 index 0000000..87f1cb3 --- /dev/null +++ b/aes/gf256mul.h @@ -0,0 +1,37 @@ +/* gf256mul.h */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +#ifndef GF256MUL_H_ +#define GF256MUL_H_ + +/** + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2008-12-19 + * \license GPLv3 + * \brief + * + * + */ + +#include + +uint8_t gf256mul(uint8_t a, uint8_t b, uint8_t reducer); + +#endif /* GF256MUL_H_ */ + diff --git a/avr-makefile.inc b/avr-makefile.inc index 323786a..9b6ea71 100644 --- a/avr-makefile.inc +++ b/avr-makefile.inc @@ -6,11 +6,12 @@ DEFS = -D$(call uc, $(MCU_TARGET)) FLASHCMD = avrdude -p $(MCU_TARGET) -P /dev/ttyUSB0 -c $(PROGRAMMER) -U flash:w:# no space at the end #FLASHCMD = avrdude -p $(MCU_TARGET) -c usbasp -U flash:w:# no space at the end DEP_DIR = deps/ +TEST_DIR = test/ BIN_DIR = bin/ TESTBIN_DIR = test_bin/ TESTSRC_DIR = test_src/ #uisp -dprog=bsd -dlpt=/dev/parport1 --upload if=$(PRG).hex -ERASECMD = +ERASECMD = TESTPORT = /dev/ttyUSB1 TESTPORTBAUDR = 38400 TESTLOG_DIR = testlog/ @@ -24,7 +25,8 @@ AUTOASM_OPT = -S CC = avr-gcc CSTD = c99 -override CFLAGS = -MMD -MF$(DEP_DIR)$(patsubst %.c,%.d,$(patsubst $(TESTSRC_DIR)%,%,$<)) -I. -Itest_src -gdwarf-2 -pedantic -std=$(CSTD) -Wall -Wstrict-prototypes $(OPTIMIZE) -mmcu=$(MCU_TARGET) $(DEFS) +override CFLAGS_A = -MMD -MF$(DEP_DIR)$(patsubst %.o,%.d,$(notdir $(1))) -I. -Itest_src -gdwarf-2 -pedantic -std=$(CSTD) -Wall -Wstrict-prototypes $(OPTIMIZE) -mmcu=$(MCU_TARGET) $(DEFS) +override CFLAGS = -MMD -MF$(DEP_DIR)$(patsubst %.o,%.d,$(notdir $@)) -I. -Itest_src -gdwarf-2 -pedantic -std=$(CSTD) -Wall -Wstrict-prototypes $(OPTIMIZE) -mmcu=$(MCU_TARGET) $(DEFS) override LDFLAGS = -gdwarf-2 -Wl,-Map, override ASFLAGS = -mmcu=$(MCU_TARGET) -Wa,--gdwarf-2 diff --git a/blake_common.c b/blake/blake_common.c similarity index 100% rename from blake_common.c rename to blake/blake_common.c diff --git a/blake_common.h b/blake/blake_common.h similarity index 100% rename from blake_common.h rename to blake/blake_common.h diff --git a/blake_large.c b/blake/blake_large.c similarity index 100% rename from blake_large.c rename to blake/blake_large.c diff --git a/blake_large.h b/blake/blake_large.h similarity index 100% rename from blake_large.h rename to blake/blake_large.h diff --git a/blake_small.c b/blake/blake_small.c similarity index 100% rename from blake_small.c rename to blake/blake_small.c diff --git a/blake_small.h b/blake/blake_small.h similarity index 100% rename from blake_small.h rename to blake/blake_small.h diff --git a/blake/memxor.S b/blake/memxor.S new file mode 100644 index 0000000..a32058b --- /dev/null +++ b/blake/memxor.S @@ -0,0 +1,66 @@ +/* memxor.S */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +/* + * File: memxor.S + * Author: Daniel Otte + * Date: 2008-08-07 + * License: GPLv3 or later + * Description: memxor, XORing one block into another + * + */ + +/* + * void memxor(void* dest, const void* src, uint16_t n); + */ + /* + * param dest is passed in r24:r25 + * param src is passed in r22:r23 + * param n is passed in r20:r21 + */ +.global memxor +memxor: + movw r30, r24 + movw r26, r22 + movw r24, r20 + adiw r24, 0 + breq 2f +1: + ld r20, X+ + ld r21, Z + eor r20, r21 + st Z+, r20 + sbiw r24, 1 + brne 1b +2: + ret + + + + + + + + + + + + + + diff --git a/blake/memxor.h b/blake/memxor.h new file mode 100644 index 0000000..a62a616 --- /dev/null +++ b/blake/memxor.h @@ -0,0 +1,7 @@ +#ifndef MEMXOR_H_ +#define MEMXOR_H_ +#include + +void memxor(void* dest, const void* src, uint16_t n); + +#endif diff --git a/camellia-asm.S b/camellia/camellia-asm.S similarity index 100% rename from camellia-asm.S rename to camellia/camellia-asm.S diff --git a/camellia.h b/camellia/camellia.h similarity index 100% rename from camellia.h rename to camellia/camellia.h diff --git a/camellia128-stub.c b/camellia/camellia128-stub.c similarity index 100% rename from camellia128-stub.c rename to camellia/camellia128-stub.c diff --git a/camellia_C.c b/camellia/camellia_C.c similarity index 100% rename from camellia_C.c rename to camellia/camellia_C.c diff --git a/config.h b/config.h index b501bab..5fb1011 100644 --- a/config.h +++ b/config.h @@ -37,7 +37,7 @@ #define UART0_DATABITS UART_DATABITS_8 #define UART0_RXBUFFER_SIZE 64 #define UART0_TXBUFFER_SIZE 64 -#define UART0_SWFLOWCTRL 0 +#define UART0_SWFLOWCTRL 1 #define UART0_THRESH_LOW 10 #define UART0_THRESH_HIGH 48 diff --git a/groestl/aes_sbox.c b/groestl/aes_sbox.c new file mode 100644 index 0000000..85b08de --- /dev/null +++ b/groestl/aes_sbox.c @@ -0,0 +1,23 @@ +/* aes sbox */ + +#include +#include +uint8_t aes_sbox[256] PROGMEM = { + 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, + 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, + 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, + 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, + 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, + 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, + 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, + 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, + 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, + 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, + 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, + 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, + 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, + 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, + 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, + 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 +}; + diff --git a/groestl/aes_sbox.h b/groestl/aes_sbox.h new file mode 100644 index 0000000..5bc03b7 --- /dev/null +++ b/groestl/aes_sbox.h @@ -0,0 +1,33 @@ +/* aes_sbox.h */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/** + * \file aes_sbox.h + * \email daniel.otte@rub.de + * \author Daniel Otte + * \date 2008-12-30 + * \license GPLv3 or later + * + */ +#ifndef AES_SBOX_H_ +#define AES_SBOX_H_ +#include + +extern uint8_t aes_sbox[]; + +#endif diff --git a/groestl/gf256mul.S b/groestl/gf256mul.S new file mode 100644 index 0000000..b269d3a --- /dev/null +++ b/groestl/gf256mul.S @@ -0,0 +1,82 @@ +/* gf256mul.S */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +/* + * File: gf256mul.S + * Author: Daniel Otte + * Date: 2008-12-19 + * License: GPLv3 or later + * Description: peasant's algorithm for multiplication in GF(2^8) + * + */ + +#include +#define OPTIMIZE_SMALL_A + +/* + * param a: r24 + * param b: r22 + * param reducer: r20 + */ +A = 23 +B = 22 +P = 24 +.global gf256mul + +#ifdef OPTIMIZE_SMALL_A +gf256mul: + mov A, r24 + clr r24 +1: + lsr A + breq 4f + brcc 2f + eor P, B +2: + lsl B + brcc 3f + eor B, r20 +3: + rjmp 1b +4: + brcc 2f + eor P, B +2: + ret + +#else + +gf256mul: + mov r21, r24 + clr r24 + ldi r25, 8 +1: + lsr A + brcc 2f + eor P, B +2: + lsl B + brcc 3f + eor B, r20 +3: + dec r25 + brne 1b + ret + +#endif diff --git a/groestl/gf256mul.h b/groestl/gf256mul.h new file mode 100644 index 0000000..87f1cb3 --- /dev/null +++ b/groestl/gf256mul.h @@ -0,0 +1,37 @@ +/* gf256mul.h */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +#ifndef GF256MUL_H_ +#define GF256MUL_H_ + +/** + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2008-12-19 + * \license GPLv3 + * \brief + * + * + */ + +#include + +uint8_t gf256mul(uint8_t a, uint8_t b, uint8_t reducer); + +#endif /* GF256MUL_H_ */ + diff --git a/groestl_large.c b/groestl/groestl_large.c similarity index 100% rename from groestl_large.c rename to groestl/groestl_large.c diff --git a/groestl_large.h b/groestl/groestl_large.h similarity index 100% rename from groestl_large.h rename to groestl/groestl_large.h diff --git a/groestl_small.c b/groestl/groestl_small.c similarity index 100% rename from groestl_small.c rename to groestl/groestl_small.c diff --git a/groestl_small.h b/groestl/groestl_small.h similarity index 100% rename from groestl_small.h rename to groestl/groestl_small.h diff --git a/groestl/memxor.S b/groestl/memxor.S new file mode 100644 index 0000000..a32058b --- /dev/null +++ b/groestl/memxor.S @@ -0,0 +1,66 @@ +/* memxor.S */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +/* + * File: memxor.S + * Author: Daniel Otte + * Date: 2008-08-07 + * License: GPLv3 or later + * Description: memxor, XORing one block into another + * + */ + +/* + * void memxor(void* dest, const void* src, uint16_t n); + */ + /* + * param dest is passed in r24:r25 + * param src is passed in r22:r23 + * param n is passed in r20:r21 + */ +.global memxor +memxor: + movw r30, r24 + movw r26, r22 + movw r24, r20 + adiw r24, 0 + breq 2f +1: + ld r20, X+ + ld r21, Z + eor r20, r21 + st Z+, r20 + sbiw r24, 1 + brne 1b +2: + ret + + + + + + + + + + + + + + diff --git a/groestl/memxor.h b/groestl/memxor.h new file mode 100644 index 0000000..a62a616 --- /dev/null +++ b/groestl/memxor.h @@ -0,0 +1,7 @@ +#ifndef MEMXOR_H_ +#define MEMXOR_H_ +#include + +void memxor(void* dest, const void* src, uint16_t n); + +#endif diff --git a/host/shavs_test.rb b/host/shavs_test.rb index 3d6ea06..4c8589d 100644 --- a/host/shavs_test.rb +++ b/host/shavs_test.rb @@ -133,6 +133,7 @@ $algo_select = ARGV[4] init_system() +errors = 0 for i in (5..(ARGV.size-1)) errors = run_test(ARGV[i]) if errors == 0 diff --git a/memxor.S b/memxor.S index 885dad5..a32058b 100644 --- a/memxor.S +++ b/memxor.S @@ -17,15 +17,15 @@ along with this program. If not, see . */ -/* +/* * File: memxor.S * Author: Daniel Otte * Date: 2008-08-07 * License: GPLv3 or later * Description: memxor, XORing one block into another - * + * */ - + /* * void memxor(void* dest, const void* src, uint16_t n); */ @@ -39,9 +39,7 @@ memxor: movw r30, r24 movw r26, r22 movw r24, r20 - tst r24 - brne 1f - tst r25 + adiw r24, 0 breq 2f 1: ld r20, X+ @@ -52,17 +50,17 @@ memxor: brne 1b 2: ret - - - - - - - - - - - - - + + + + + + + + + + + + + diff --git a/mkfiles/aes.mk b/mkfiles/aes.mk index f19a1c6..d687c74 100644 --- a/mkfiles/aes.mk +++ b/mkfiles/aes.mk @@ -4,9 +4,9 @@ ALGO_NAME := AES # comment out the following line for removement of AES from the build process BLOCK_CIPHERS += $(ALGO_NAME) - +$(ALGO_NAME)_DIR := aes/ $(ALGO_NAME)_OBJ := aes_enc-asm.o aes_dec-asm.o aes_sbox-asm.o aes_invsbox-asm.o \ - aes_keyschedule-asm.o + aes_keyschedule-asm.o $(ALGO_NAME)_TEST_BIN := main-aes-test.o $(CLI_STD) \ nessie_bc_test.o nessie_common.o performance_test.o $(ALGO_NAME)_NESSIE_TEST := test nessie diff --git a/mkfiles/aes_asm_faster.mk b/mkfiles/aes_asm_faster.mk index 18ba9d8..44ced8d 100644 --- a/mkfiles/aes_asm_faster.mk +++ b/mkfiles/aes_asm_faster.mk @@ -5,8 +5,9 @@ ALGO_NAME := AES_FASTER BLOCK_CIPHERS += $(ALGO_NAME) +$(ALGO_NAME)_DIR := aes/ $(ALGO_NAME)_OBJ := aes_enc-asm.o aes_dec-asm_faster.o aes_sbox-asm.o aes_invsbox-asm.o \ - aes_keyschedule-asm.o + aes_keyschedule-asm.o $(ALGO_NAME)_TEST_BIN := main-aes-test.o $(CLI_STD) \ nessie_bc_test.o nessie_common.o performance_test.o $(ALGO_NAME)_NESSIE_TEST := test nessie diff --git a/mkfiles/aes_c.mk b/mkfiles/aes_c.mk index 8f0a4e1..f030136 100644 --- a/mkfiles/aes_c.mk +++ b/mkfiles/aes_c.mk @@ -5,6 +5,7 @@ ALGO_NAME := AES_C BLOCK_CIPHERS += $(ALGO_NAME) +$(ALGO_NAME)_DIR := aes/ $(ALGO_NAME)_OBJ := aes_enc.o aes_dec.o aes_sbox.o aes_invsbox.o \ aes_keyschedule.o gf256mul.o \ aes128_enc.o aes128_dec.o aes192_enc.o aes192_dec.o \ diff --git a/mkfiles/blake_c.mk b/mkfiles/blake_c.mk index cee2547..c79b89b 100644 --- a/mkfiles/blake_c.mk +++ b/mkfiles/blake_c.mk @@ -4,7 +4,7 @@ ALGO_NAME := BLAKE_C # comment out the following line for removement of Blake from the build process HASHES += $(ALGO_NAME) - +$(ALGO_NAME)_DIR := blake/ $(ALGO_NAME)_OBJ := blake_small.o blake_large.o blake_common.o memxor.o $(ALGO_NAME)_TEST_BIN := main-blake-test.o hfal_blake_small.o hfal_blake_large.o $(CLI_STD) $(HFAL_STD) $(ALGO_NAME)_NESSIE_TEST := test nessie diff --git a/mkfiles/camellia.mk b/mkfiles/camellia.mk index 0a7fbc5..4b0213c 100644 --- a/mkfiles/camellia.mk +++ b/mkfiles/camellia.mk @@ -4,6 +4,7 @@ ALGO_NAME := CAMELLIA # comment out the following line for removement of Camellia from the build process BLOCK_CIPHERS += $(ALGO_NAME) +$(ALGO_NAME)_DIR := camellia/ $(ALGO_NAME)_OBJ := camellia128-stub.o camellia-asm.o $(ALGO_NAME)_TEST_BIN := main-camellia-test.o $(CLI_STD) nessie_bc_test.o \ nessie_common.o performance_test.o diff --git a/mkfiles/groestl_c.mk b/mkfiles/groestl_c.mk index 4fb6e96..7d63a0d 100644 --- a/mkfiles/groestl_c.mk +++ b/mkfiles/groestl_c.mk @@ -4,7 +4,7 @@ ALGO_NAME := GROESTL_C # comment out the following line for removement of Grøstl from the build process HASHES += $(ALGO_NAME) - +$(ALGO_NAME)_DIR := groestl/ $(ALGO_NAME)_OBJ := groestl_small.o groestl_large.o memxor.o aes_sbox.o gf256mul.o $(ALGO_NAME)_TEST_BIN := hfal_groestl_large.o hfal_groestl_small.o main-groestl-test.o $(CLI_STD) $(HFAL_STD) $(ALGO_NAME)_NESSIE_TEST := test nessie diff --git a/mkfiles/mugi.mk b/mkfiles/mugi.mk index 7bcb92f..36f4a04 100644 --- a/mkfiles/mugi.mk +++ b/mkfiles/mugi.mk @@ -4,6 +4,7 @@ ALGO_NAME := MUGI_C # comment out the following line for removement of MUGI_C from the build process STREAM_CIPHERS += $(ALGO_NAME) +$(ALGO_NAME)_DIR := mugi/ $(ALGO_NAME)_OBJ := mugi.o gf256mul.o aes_sbox.o $(ALGO_NAME)_TEST_BIN := main-mugi-test.o $(CLI_STD) \ nessie_stream_test.o nessie_common.o \ diff --git a/mkfiles/shabal.mk b/mkfiles/shabal.mk index 15ed875..e2600d4 100644 --- a/mkfiles/shabal.mk +++ b/mkfiles/shabal.mk @@ -4,7 +4,7 @@ ALGO_NAME := SHABAL # comment out the following line for removement of Skein from the build process HASHES += $(ALGO_NAME) - +$(ALGO_NAME)_DIR := shabal/ $(ALGO_NAME)_OBJ := shabal-asm.o shabal192-asm.o shabal224-asm.o \ shabal256-asm.o shabal384-asm.o shabal512-asm.o $(ALGO_NAME)_TEST_BIN := main-shabal-test.o hfal_shabal.o $(CLI_STD) $(HFAL_STD) diff --git a/mkfiles/shabal_c.mk b/mkfiles/shabal_c.mk index 427afa7..5e8082c 100644 --- a/mkfiles/shabal_c.mk +++ b/mkfiles/shabal_c.mk @@ -4,7 +4,7 @@ ALGO_NAME := SHABAL_C # comment out the following line for removement of Skein from the build process HASHES += $(ALGO_NAME) - +$(ALGO_NAME)_DIR := shabal/ $(ALGO_NAME)_OBJ := shabal.o shabal192.o shabal224.o shabal256.o shabal384.o shabal512.o $(ALGO_NAME)_TEST_BIN := main-shabal-test.o hfal_shabal.o $(CLI_STD) $(HFAL_STD) $(ALGO_NAME)_NESSIE_TEST := test nessie diff --git a/mkfiles/skein.mk b/mkfiles/skein.mk index 537988e..123e6a0 100644 --- a/mkfiles/skein.mk +++ b/mkfiles/skein.mk @@ -4,7 +4,7 @@ ALGO_NAME := SKEIN # comment out the following line for removement of Skein from the build process HASHES += $(ALGO_NAME) - +$(ALGO_NAME)_DIR := skein/ $(ALGO_NAME)_OBJ := threefish_mix.o \ threefish256_enc_asm.o ubi256_asm.o skein256_asm.o \ threefish512_enc_asm.o ubi512_asm.o skein512_asm.o \ diff --git a/mkfiles/threefish.mk b/mkfiles/threefish.mk index 7781f37..4e7abc3 100644 --- a/mkfiles/threefish.mk +++ b/mkfiles/threefish.mk @@ -4,7 +4,7 @@ ALGO_NAME := THREEFISH # comment out the following line for removement of threefish from the build process BLOCK_CIPHERS += $(ALGO_NAME) - +$(ALGO_NAME)_DIR := skein/ $(ALGO_NAME)_OBJ := threefish256_enc_asm.o threefish512_enc_asm.o threefish1024_enc_asm.o\ threefish_mix.o threefish_invmix.o \ threefish256_dec_asm.o threefish512_dec_asm.o threefish1024_dec_asm.o diff --git a/mkfiles/twister.mk b/mkfiles/twister.mk index f6196ef..758f33c 100644 --- a/mkfiles/twister.mk +++ b/mkfiles/twister.mk @@ -4,6 +4,7 @@ ALGO_NAME := TWISTER # comment out the following line for removement of TWISTER from the build process HASHES += $(ALGO_NAME) +$(ALGO_NAME)_DIR := twister/ $(ALGO_NAME)_OBJ := twister-small-asm.o twister-large-asm.o twister-asm.o \ twister224.o twister256.o twister384.o twister512.o $(ALGO_NAME)_TEST_BIN := main-twister-test.o hfal_twister224.o hfal_twister256.o \ diff --git a/mkfiles/twister_c.mk b/mkfiles/twister_c.mk index 7d6ec36..eb62653 100644 --- a/mkfiles/twister_c.mk +++ b/mkfiles/twister_c.mk @@ -4,6 +4,7 @@ ALGO_NAME := TWISTER_C # comment out the following line for removement of TWISTER from the build process HASHES += $(ALGO_NAME) +$(ALGO_NAME)_DIR := twister/ $(ALGO_NAME)_OBJ := twister.o twister-small.o twister-large.o memxor.o gf256mul.o $(ALGO_NAME)_TEST_BIN := main-twister-test.o hfal_twister224.o hfal_twister256.o \ hfal_twister384.o hfal_twister512.o $(CLI_STD) $(HFAL_STD) diff --git a/mkfiles/ubi.mk b/mkfiles/ubi.mk index 4c1965e..80a94e0 100644 --- a/mkfiles/ubi.mk +++ b/mkfiles/ubi.mk @@ -4,7 +4,7 @@ ALGO_NAME := UBI # comment out the following line for removement of ubi from the build process AUX += $(ALGO_NAME) - +$(ALGO_NAME)_DIR := skein/ $(ALGO_NAME)_OBJ := threefish_mix.o threefish256_enc_asm.o ubi256_asm.o \ threefish512_enc_asm.o ubi512_asm.o threefish1024_enc_asm.o \ ubi1024_asm.o memxor.o diff --git a/mugi/aes_sbox.c b/mugi/aes_sbox.c new file mode 100644 index 0000000..85b08de --- /dev/null +++ b/mugi/aes_sbox.c @@ -0,0 +1,23 @@ +/* aes sbox */ + +#include +#include +uint8_t aes_sbox[256] PROGMEM = { + 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, + 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, + 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, + 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, + 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, + 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, + 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, + 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, + 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, + 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, + 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, + 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, + 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, + 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, + 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, + 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 +}; + diff --git a/mugi/aes_sbox.h b/mugi/aes_sbox.h new file mode 100644 index 0000000..5bc03b7 --- /dev/null +++ b/mugi/aes_sbox.h @@ -0,0 +1,33 @@ +/* aes_sbox.h */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/** + * \file aes_sbox.h + * \email daniel.otte@rub.de + * \author Daniel Otte + * \date 2008-12-30 + * \license GPLv3 or later + * + */ +#ifndef AES_SBOX_H_ +#define AES_SBOX_H_ +#include + +extern uint8_t aes_sbox[]; + +#endif diff --git a/mugi/gf256mul.S b/mugi/gf256mul.S new file mode 100644 index 0000000..b269d3a --- /dev/null +++ b/mugi/gf256mul.S @@ -0,0 +1,82 @@ +/* gf256mul.S */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +/* + * File: gf256mul.S + * Author: Daniel Otte + * Date: 2008-12-19 + * License: GPLv3 or later + * Description: peasant's algorithm for multiplication in GF(2^8) + * + */ + +#include +#define OPTIMIZE_SMALL_A + +/* + * param a: r24 + * param b: r22 + * param reducer: r20 + */ +A = 23 +B = 22 +P = 24 +.global gf256mul + +#ifdef OPTIMIZE_SMALL_A +gf256mul: + mov A, r24 + clr r24 +1: + lsr A + breq 4f + brcc 2f + eor P, B +2: + lsl B + brcc 3f + eor B, r20 +3: + rjmp 1b +4: + brcc 2f + eor P, B +2: + ret + +#else + +gf256mul: + mov r21, r24 + clr r24 + ldi r25, 8 +1: + lsr A + brcc 2f + eor P, B +2: + lsl B + brcc 3f + eor B, r20 +3: + dec r25 + brne 1b + ret + +#endif diff --git a/mugi/gf256mul.h b/mugi/gf256mul.h new file mode 100644 index 0000000..87f1cb3 --- /dev/null +++ b/mugi/gf256mul.h @@ -0,0 +1,37 @@ +/* gf256mul.h */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +#ifndef GF256MUL_H_ +#define GF256MUL_H_ + +/** + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2008-12-19 + * \license GPLv3 + * \brief + * + * + */ + +#include + +uint8_t gf256mul(uint8_t a, uint8_t b, uint8_t reducer); + +#endif /* GF256MUL_H_ */ + diff --git a/mugi.c b/mugi/mugi.c similarity index 100% rename from mugi.c rename to mugi/mugi.c diff --git a/mugi.h b/mugi/mugi.h similarity index 100% rename from mugi.h rename to mugi/mugi.h diff --git a/shabal-asm.S b/shabal/shabal-asm.S similarity index 100% rename from shabal-asm.S rename to shabal/shabal-asm.S diff --git a/shabal.c b/shabal/shabal.c similarity index 100% rename from shabal.c rename to shabal/shabal.c diff --git a/shabal.h b/shabal/shabal.h similarity index 100% rename from shabal.h rename to shabal/shabal.h diff --git a/shabal192-asm.S b/shabal/shabal192-asm.S similarity index 100% rename from shabal192-asm.S rename to shabal/shabal192-asm.S diff --git a/shabal192.c b/shabal/shabal192.c similarity index 100% rename from shabal192.c rename to shabal/shabal192.c diff --git a/shabal224-asm.S b/shabal/shabal224-asm.S similarity index 100% rename from shabal224-asm.S rename to shabal/shabal224-asm.S diff --git a/shabal224.c b/shabal/shabal224.c similarity index 100% rename from shabal224.c rename to shabal/shabal224.c diff --git a/shabal256-asm.S b/shabal/shabal256-asm.S similarity index 100% rename from shabal256-asm.S rename to shabal/shabal256-asm.S diff --git a/shabal256.c b/shabal/shabal256.c similarity index 100% rename from shabal256.c rename to shabal/shabal256.c diff --git a/shabal384-asm.S b/shabal/shabal384-asm.S similarity index 100% rename from shabal384-asm.S rename to shabal/shabal384-asm.S diff --git a/shabal384.c b/shabal/shabal384.c similarity index 100% rename from shabal384.c rename to shabal/shabal384.c diff --git a/shabal512-asm.S b/shabal/shabal512-asm.S similarity index 100% rename from shabal512-asm.S rename to shabal/shabal512-asm.S diff --git a/shabal512.c b/shabal/shabal512.c similarity index 100% rename from shabal512.c rename to shabal/shabal512.c diff --git a/shabal/shabal_shorttest.log b/shabal/shabal_shorttest.log new file mode 100644 index 0000000..faef503 --- /dev/null +++ b/shabal/shabal_shorttest.log @@ -0,0 +1,123 @@ +test + +Test vectors for Shabal (192 bits): +message: + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +hash: + 0F 70 6E CB 97 CF 4D CE 00 BF BB D2 FB 64 53 0C + 32 87 0C B4 48 39 73 0D + +Test vectors for Shabal (192 bits): +message: + 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 + 71 72 73 74 75 76 77 78 79 7A 2D 30 31 32 33 34 + 35 36 37 38 39 2D 41 42 43 44 45 46 47 48 49 4A + 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A + 2D 30 31 32 33 34 35 36 37 38 39 2D 61 62 63 64 + 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 + 75 76 77 78 79 7A +hash: + 69 0F AE 79 22 6D 95 76 0A E8 FD B4 F5 8C 05 37 + 11 17 56 55 7D 30 7B 15 + +Test vectors for Shabal (224 bits): +message: + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +hash: + 99 DD A6 14 F9 07 D2 E8 81 76 18 F7 30 69 6F 32 + 00 AE CA 8B 5F 85 F4 25 43 BA 20 31 + +Test vectors for Shabal (224 bits): +message: + 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 + 71 72 73 74 75 76 77 78 79 7A 2D 30 31 32 33 34 + 35 36 37 38 39 2D 41 42 43 44 45 46 47 48 49 4A + 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A + 2D 30 31 32 33 34 35 36 37 38 39 2D 61 62 63 64 + 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 + 75 76 77 78 79 7A +hash: + C7 D6 2D 8D 2A 34 74 B4 F4 A9 D1 1A 52 DB 3D 43 + 5B F1 58 CF 45 4C 5D 56 1D 71 25 F5 + +Test vectors for Shabal (256 bits): +message: + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +hash: + DA 8F 08 C0 2A 67 BA 9A 56 BD D0 79 8E 48 AE 07 + 14 21 5E 09 3B 5B 85 06 49 A3 77 18 99 3F 54 A2 + +Test vectors for Shabal (256 bits): +message: + 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 + 71 72 73 74 75 76 77 78 79 7A 2D 30 31 32 33 34 + 35 36 37 38 39 2D 41 42 43 44 45 46 47 48 49 4A + 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A + 2D 30 31 32 33 34 35 36 37 38 39 2D 61 62 63 64 + 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 + 75 76 77 78 79 7A +hash: + B4 9F 34 BF 51 86 4C 30 53 3C C4 6C C2 54 2B DE + C2 F9 6F D0 6F 5C 53 9A FF 6E AD 58 83 F7 32 7A + +Test vectors for Shabal (384 bits): +message: + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +hash: + 9D DE 12 33 91 0D 85 DA 3A 5C 78 03 12 B1 11 C6 + FC CA 1B 5D D2 55 37 03 5E E0 8E 3B 4E 1E 25 15 + 4F 72 6A 63 84 E5 A8 F0 AF EA AB 4A C4 C0 2F 12 + +Test vectors for Shabal (384 bits): +message: + 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 + 71 72 73 74 75 76 77 78 79 7A 2D 30 31 32 33 34 + 35 36 37 38 39 2D 41 42 43 44 45 46 47 48 49 4A + 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A + 2D 30 31 32 33 34 35 36 37 38 39 2D 61 62 63 64 + 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 + 75 76 77 78 79 7A +hash: + 30 01 2C 0E 3E DC 46 0B D7 86 27 C2 C3 09 44 D2 + A1 89 66 9A FA 2D 7A 97 13 EF 2F 77 4C 44 74 A4 + 3A F1 CB CE C5 FA B4 24 8C 08 73 F0 38 FB EB A0 + +Test vectors for Shabal (512 bits): +message: + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +hash: + 15 80 16 C6 C8 1F 3F 0A 52 D9 8D 68 ED 2F 9E 8E + 78 95 EF 23 CB A7 E2 BC 61 09 D8 A5 32 E6 C9 E6 + A6 A5 01 97 9F B8 37 F0 4E C4 C6 20 E7 31 79 DC + 82 AB B5 2B 32 CD AD B3 56 50 E2 9C 98 5E 30 22 + +Test vectors for Shabal (512 bits): +message: + 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 + 71 72 73 74 75 76 77 78 79 7A 2D 30 31 32 33 34 + 35 36 37 38 39 2D 41 42 43 44 45 46 47 48 49 4A + 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A + 2D 30 31 32 33 34 35 36 37 38 39 2D 61 62 63 64 + 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 + 75 76 77 78 79 7A +hash: + 67 7E 6F 7F 12 D7 0A F0 B3 35 66 2F 59 B5 68 51 + F3 65 3E 66 64 7D 33 86 DF DA 01 43 25 4C C8 A5 + DB 3E 21 94 06 8C 6F 71 59 7D 7B 60 98 4D 22 B4 + 7A 1F 60 D9 1C A8 DF CB 17 5D 65 B9 73 59 CE CF +> \ No newline at end of file diff --git a/shabal/shabal_shorttest.log.ps b/shabal/shabal_shorttest.log.ps new file mode 100644 index 0000000..ecb1048 --- /dev/null +++ b/shabal/shabal_shorttest.log.ps @@ -0,0 +1,713 @@ +%!PS-Adobe-3.0 +%%BoundingBox: 24 24 571 818 +%%Title: Enscript Output +%%For: +%%Creator: GNU enscript 1.6.4 +%%CreationDate: Mon Apr 27 00:59:17 2009 +%%Orientation: Portrait +%%Pages: (atend) +%%DocumentMedia: A4 595 842 0 () () +%%DocumentNeededResources: (atend) +%%EndComments +%%BeginProlog +%%BeginResource: procset Enscript-Prolog 1.6 4 +% +% Procedures. +% + +/_S { % save current state + /_s save def +} def +/_R { % restore from saved state + _s restore +} def + +/S { % showpage protecting gstate + gsave + showpage + grestore +} bind def + +/MF { % fontname newfontname -> - make a new encoded font + /newfontname exch def + /fontname exch def + + /fontdict fontname findfont def + /newfont fontdict maxlength dict def + + fontdict { + exch + dup /FID eq { + % skip FID pair + pop pop + } { + % copy to the new font dictionary + exch newfont 3 1 roll put + } ifelse + } forall + + newfont /FontName newfontname put + + % insert only valid encoding vectors + encoding_vector length 256 eq { + newfont /Encoding encoding_vector put + } if + + newfontname newfont definefont pop +} def + +/MF_PS { % fontname newfontname -> - make a new font preserving its enc + /newfontname exch def + /fontname exch def + + /fontdict fontname findfont def + /newfont fontdict maxlength dict def + + fontdict { + exch + dup /FID eq { + % skip FID pair + pop pop + } { + % copy to the new font dictionary + exch newfont 3 1 roll put + } ifelse + } forall + + newfont /FontName newfontname put + + newfontname newfont definefont pop +} def + +/SF { % fontname width height -> - set a new font + /height exch def + /width exch def + + findfont + [width 0 0 height 0 0] makefont setfont +} def + +/SUF { % fontname width height -> - set a new user font + /height exch def + /width exch def + + /F-gs-user-font MF + /F-gs-user-font width height SF +} def + +/SUF_PS { % fontname width height -> - set a new user font preserving its enc + /height exch def + /width exch def + + /F-gs-user-font MF_PS + /F-gs-user-font width height SF +} def + +/M {moveto} bind def +/s {show} bind def + +/Box { % x y w h -> - define box path + /d_h exch def /d_w exch def /d_y exch def /d_x exch def + d_x d_y moveto + d_w 0 rlineto + 0 d_h rlineto + d_w neg 0 rlineto + closepath +} def + +/bgs { % x y height blskip gray str -> - show string with bg color + /str exch def + /gray exch def + /blskip exch def + /height exch def + /y exch def + /x exch def + + gsave + x y blskip sub str stringwidth pop height Box + gray setgray + fill + grestore + x y M str s +} def + +/bgcs { % x y height blskip red green blue str -> - show string with bg color + /str exch def + /blue exch def + /green exch def + /red exch def + /blskip exch def + /height exch def + /y exch def + /x exch def + + gsave + x y blskip sub str stringwidth pop height Box + red green blue setrgbcolor + fill + grestore + x y M str s +} def + +% Highlight bars. +/highlight_bars { % nlines lineheight output_y_margin gray -> - + gsave + setgray + /ymarg exch def + /lineheight exch def + /nlines exch def + + % This 2 is just a magic number to sync highlight lines to text. + 0 d_header_y ymarg sub 2 sub translate + + /cw d_output_w cols div def + /nrows d_output_h ymarg 2 mul sub lineheight div cvi def + + % for each column + 0 1 cols 1 sub { + cw mul /xp exch def + + % for each rows + 0 1 nrows 1 sub { + /rn exch def + rn lineheight mul neg /yp exch def + rn nlines idiv 2 mod 0 eq { + % Draw highlight bar. 4 is just a magic indentation. + xp 4 add yp cw 8 sub lineheight neg Box fill + } if + } for + } for + + grestore +} def + +% Line highlight bar. +/line_highlight { % x y width height gray -> - + gsave + /gray exch def + Box gray setgray fill + grestore +} def + +% Column separator lines. +/column_lines { + gsave + .1 setlinewidth + 0 d_footer_h translate + /cw d_output_w cols div def + 1 1 cols 1 sub { + cw mul 0 moveto + 0 d_output_h rlineto stroke + } for + grestore +} def + +% Column borders. +/column_borders { + gsave + .1 setlinewidth + 0 d_footer_h moveto + 0 d_output_h rlineto + d_output_w 0 rlineto + 0 d_output_h neg rlineto + closepath stroke + grestore +} def + +% Do the actual underlay drawing +/draw_underlay { + ul_style 0 eq { + ul_str true charpath stroke + } { + ul_str show + } ifelse +} def + +% Underlay +/underlay { % - -> - + gsave + 0 d_page_h translate + d_page_h neg d_page_w atan rotate + + ul_gray setgray + ul_font setfont + /dw d_page_h dup mul d_page_w dup mul add sqrt def + ul_str stringwidth pop dw exch sub 2 div ul_h_ptsize -2 div moveto + draw_underlay + grestore +} def + +/user_underlay { % - -> - + gsave + ul_x ul_y translate + ul_angle rotate + ul_gray setgray + ul_font setfont + 0 0 ul_h_ptsize 2 div sub moveto + draw_underlay + grestore +} def + +% Page prefeed +/page_prefeed { % bool -> - + statusdict /prefeed known { + statusdict exch /prefeed exch put + } { + pop + } ifelse +} def + +% Wrapped line markers +/wrapped_line_mark { % x y charwith charheight type -> - + /type exch def + /h exch def + /w exch def + /y exch def + /x exch def + + type 2 eq { + % Black boxes (like TeX does) + gsave + 0 setlinewidth + x w 4 div add y M + 0 h rlineto w 2 div 0 rlineto 0 h neg rlineto + closepath fill + grestore + } { + type 3 eq { + % Small arrows + gsave + .2 setlinewidth + x w 2 div add y h 2 div add M + w 4 div 0 rlineto + x w 4 div add y lineto stroke + + x w 4 div add w 8 div add y h 4 div add M + x w 4 div add y lineto + w 4 div h 8 div rlineto stroke + grestore + } { + % do nothing + } ifelse + } ifelse +} def + +% EPSF import. + +/BeginEPSF { + /b4_Inc_state save def % Save state for cleanup + /dict_count countdictstack def % Count objects on dict stack + /op_count count 1 sub def % Count objects on operand stack + userdict begin + /showpage { } def + 0 setgray 0 setlinecap + 1 setlinewidth 0 setlinejoin + 10 setmiterlimit [ ] 0 setdash newpath + /languagelevel where { + pop languagelevel + 1 ne { + false setstrokeadjust false setoverprint + } if + } if +} bind def + +/EndEPSF { + count op_count sub { pos } repeat % Clean up stacks + countdictstack dict_count sub { end } repeat + b4_Inc_state restore +} bind def + +% Check PostScript language level. +/languagelevel where { + pop /gs_languagelevel languagelevel def +} { + /gs_languagelevel 1 def +} ifelse +%%EndResource +%%BeginResource: procset Enscript-Encoding-88591 1.6 4 +/encoding_vector [ +/.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef +/space /exclam /quotedbl /numbersign +/dollar /percent /ampersand /quoteright +/parenleft /parenright /asterisk /plus +/comma /hyphen /period /slash +/zero /one /two /three +/four /five /six /seven +/eight /nine /colon /semicolon +/less /equal /greater /question +/at /A /B /C +/D /E /F /G +/H /I /J /K +/L /M /N /O +/P /Q /R /S +/T /U /V /W +/X /Y /Z /bracketleft +/backslash /bracketright /asciicircum /underscore +/quoteleft /a /b /c +/d /e /f /g +/h /i /j /k +/l /m /n /o +/p /q /r /s +/t /u /v /w +/x /y /z /braceleft +/bar /braceright /tilde /.notdef +/.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef +/space /exclamdown /cent /sterling +/currency /yen /brokenbar /section +/dieresis /copyright /ordfeminine /guillemotleft +/logicalnot /hyphen /registered /macron +/degree /plusminus /twosuperior /threesuperior +/acute /mu /paragraph /bullet +/cedilla /onesuperior /ordmasculine /guillemotright +/onequarter /onehalf /threequarters /questiondown +/Agrave /Aacute /Acircumflex /Atilde +/Adieresis /Aring /AE /Ccedilla +/Egrave /Eacute /Ecircumflex /Edieresis +/Igrave /Iacute /Icircumflex /Idieresis +/Eth /Ntilde /Ograve /Oacute +/Ocircumflex /Otilde /Odieresis /multiply +/Oslash /Ugrave /Uacute /Ucircumflex +/Udieresis /Yacute /Thorn /germandbls +/agrave /aacute /acircumflex /atilde +/adieresis /aring /ae /ccedilla +/egrave /eacute /ecircumflex /edieresis +/igrave /iacute /icircumflex /idieresis +/eth /ntilde /ograve /oacute +/ocircumflex /otilde /odieresis /divide +/oslash /ugrave /uacute /ucircumflex +/udieresis /yacute /thorn /ydieresis +] def +%%EndResource +%%EndProlog +%%BeginSetup +%%IncludeResource: font Courier-Bold +%%IncludeResource: font Courier +/HFpt_w 10 def +/HFpt_h 10 def +/Courier-Bold /HF-gs-font MF +/HF /HF-gs-font findfont [HFpt_w 0 0 HFpt_h 0 0] makefont def +/Courier /F-gs-font MF +/F-gs-font 10 10 SF +/#copies 1 def +% Pagedevice definitions: +gs_languagelevel 1 gt { + << + /PageSize [595 842] + >> setpagedevice +} if +%%BeginResource: procset Enscript-Header-simple 1.6 4 + +/do_header { % print default simple header + gsave + d_header_x d_header_y HFpt_h 3 div add translate + + HF setfont + user_header_p { + 5 0 moveto user_header_left_str show + + d_header_w user_header_center_str stringwidth pop sub 2 div + 0 moveto user_header_center_str show + + d_header_w user_header_right_str stringwidth pop sub 5 sub + 0 moveto user_header_right_str show + } { + 5 0 moveto fname show + 45 0 rmoveto fmodstr show + 45 0 rmoveto pagenumstr show + } ifelse + + grestore +} def +%%EndResource +/d_page_w 547 def +/d_page_h 794 def +/d_header_x 0 def +/d_header_y 779 def +/d_header_w 547 def +/d_header_h 15 def +/d_footer_x 0 def +/d_footer_y 0 def +/d_footer_w 547 def +/d_footer_h 0 def +/d_output_w 547 def +/d_output_h 779 def +/cols 1 def +%%EndSetup +%%Page: (1) 1 +%%BeginPageSetup +_S +24 24 translate +/pagenum 1 def +/fname (shabal_shorttest.log) def +/fdir () def +/ftail (shabal_shorttest.log) def +% User defined strings: +/fmodstr (Mon Apr 27 00:58:21 2009) def +/pagenumstr (1) def +/user_header_p false def +/user_footer_p false def +%%EndPageSetup +do_header +5 766 M +(test) s +5 744 M +(Test vectors for Shabal \(192 bits\):) s +5 733 M +(message:) s +5 722 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 711 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 700 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 689 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 678 M +(hash:) s +5 667 M +( 0F 70 6E CB 97 CF 4D CE 00 BF BB D2 FB 64 53 0C ) s +5 656 M +( 32 87 0C B4 48 39 73 0D ) s +5 634 M +(Test vectors for Shabal \(192 bits\):) s +5 623 M +(message:) s +5 612 M +( 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 ) s +5 601 M +( 71 72 73 74 75 76 77 78 79 7A 2D 30 31 32 33 34 ) s +5 590 M +( 35 36 37 38 39 2D 41 42 43 44 45 46 47 48 49 4A ) s +5 579 M +( 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A ) s +5 568 M +( 2D 30 31 32 33 34 35 36 37 38 39 2D 61 62 63 64 ) s +5 557 M +( 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 ) s +5 546 M +( 75 76 77 78 79 7A ) s +5 535 M +(hash:) s +5 524 M +( 69 0F AE 79 22 6D 95 76 0A E8 FD B4 F5 8C 05 37 ) s +5 513 M +( 11 17 56 55 7D 30 7B 15 ) s +5 491 M +(Test vectors for Shabal \(224 bits\):) s +5 480 M +(message:) s +5 469 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 458 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 447 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 436 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 425 M +(hash:) s +5 414 M +( 99 DD A6 14 F9 07 D2 E8 81 76 18 F7 30 69 6F 32 ) s +5 403 M +( 00 AE CA 8B 5F 85 F4 25 43 BA 20 31 ) s +5 381 M +(Test vectors for Shabal \(224 bits\):) s +5 370 M +(message:) s +5 359 M +( 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 ) s +5 348 M +( 71 72 73 74 75 76 77 78 79 7A 2D 30 31 32 33 34 ) s +5 337 M +( 35 36 37 38 39 2D 41 42 43 44 45 46 47 48 49 4A ) s +5 326 M +( 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A ) s +5 315 M +( 2D 30 31 32 33 34 35 36 37 38 39 2D 61 62 63 64 ) s +5 304 M +( 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 ) s +5 293 M +( 75 76 77 78 79 7A ) s +5 282 M +(hash:) s +5 271 M +( C7 D6 2D 8D 2A 34 74 B4 F4 A9 D1 1A 52 DB 3D 43 ) s +5 260 M +( 5B F1 58 CF 45 4C 5D 56 1D 71 25 F5 ) s +5 238 M +(Test vectors for Shabal \(256 bits\):) s +5 227 M +(message:) s +5 216 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 205 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 194 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 183 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 172 M +(hash:) s +5 161 M +( DA 8F 08 C0 2A 67 BA 9A 56 BD D0 79 8E 48 AE 07 ) s +5 150 M +( 14 21 5E 09 3B 5B 85 06 49 A3 77 18 99 3F 54 A2 ) s +5 128 M +(Test vectors for Shabal \(256 bits\):) s +5 117 M +(message:) s +5 106 M +( 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 ) s +5 95 M +( 71 72 73 74 75 76 77 78 79 7A 2D 30 31 32 33 34 ) s +5 84 M +( 35 36 37 38 39 2D 41 42 43 44 45 46 47 48 49 4A ) s +5 73 M +( 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A ) s +5 62 M +( 2D 30 31 32 33 34 35 36 37 38 39 2D 61 62 63 64 ) s +5 51 M +( 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 ) s +5 40 M +( 75 76 77 78 79 7A ) s +5 29 M +(hash:) s +5 18 M +( B4 9F 34 BF 51 86 4C 30 53 3C C4 6C C2 54 2B DE ) s +5 7 M +( C2 F9 6F D0 6F 5C 53 9A FF 6E AD 58 83 F7 32 7A ) s +_R +S +%%Page: (2) 2 +%%BeginPageSetup +_S +24 24 translate +/pagenum 2 def +/fname (shabal_shorttest.log) def +/fdir () def +/ftail (shabal_shorttest.log) def +% User defined strings: +/fmodstr (Mon Apr 27 00:58:21 2009) def +/pagenumstr (2) def +/user_header_p false def +/user_footer_p false def +%%EndPageSetup +do_header +5 755 M +(Test vectors for Shabal \(384 bits\):) s +5 744 M +(message:) s +5 733 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 722 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 711 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 700 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 689 M +(hash:) s +5 678 M +( 9D DE 12 33 91 0D 85 DA 3A 5C 78 03 12 B1 11 C6 ) s +5 667 M +( FC CA 1B 5D D2 55 37 03 5E E0 8E 3B 4E 1E 25 15 ) s +5 656 M +( 4F 72 6A 63 84 E5 A8 F0 AF EA AB 4A C4 C0 2F 12 ) s +5 634 M +(Test vectors for Shabal \(384 bits\):) s +5 623 M +(message:) s +5 612 M +( 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 ) s +5 601 M +( 71 72 73 74 75 76 77 78 79 7A 2D 30 31 32 33 34 ) s +5 590 M +( 35 36 37 38 39 2D 41 42 43 44 45 46 47 48 49 4A ) s +5 579 M +( 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A ) s +5 568 M +( 2D 30 31 32 33 34 35 36 37 38 39 2D 61 62 63 64 ) s +5 557 M +( 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 ) s +5 546 M +( 75 76 77 78 79 7A ) s +5 535 M +(hash:) s +5 524 M +( 30 01 2C 0E 3E DC 46 0B D7 86 27 C2 C3 09 44 D2 ) s +5 513 M +( A1 89 66 9A FA 2D 7A 97 13 EF 2F 77 4C 44 74 A4 ) s +5 502 M +( 3A F1 CB CE C5 FA B4 24 8C 08 73 F0 38 FB EB A0 ) s +5 480 M +(Test vectors for Shabal \(512 bits\):) s +5 469 M +(message:) s +5 458 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 447 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 436 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 425 M +( 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ) s +5 414 M +(hash:) s +5 403 M +( 15 80 16 C6 C8 1F 3F 0A 52 D9 8D 68 ED 2F 9E 8E ) s +5 392 M +( 78 95 EF 23 CB A7 E2 BC 61 09 D8 A5 32 E6 C9 E6 ) s +5 381 M +( A6 A5 01 97 9F B8 37 F0 4E C4 C6 20 E7 31 79 DC ) s +5 370 M +( 82 AB B5 2B 32 CD AD B3 56 50 E2 9C 98 5E 30 22 ) s +5 348 M +(Test vectors for Shabal \(512 bits\):) s +5 337 M +(message:) s +5 326 M +( 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 ) s +5 315 M +( 71 72 73 74 75 76 77 78 79 7A 2D 30 31 32 33 34 ) s +5 304 M +( 35 36 37 38 39 2D 41 42 43 44 45 46 47 48 49 4A ) s +5 293 M +( 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A ) s +5 282 M +( 2D 30 31 32 33 34 35 36 37 38 39 2D 61 62 63 64 ) s +5 271 M +( 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 ) s +5 260 M +( 75 76 77 78 79 7A ) s +5 249 M +(hash:) s +5 238 M +( 67 7E 6F 7F 12 D7 0A F0 B3 35 66 2F 59 B5 68 51 ) s +5 227 M +( F3 65 3E 66 64 7D 33 86 DF DA 01 43 25 4C C8 A5 ) s +5 216 M +( DB 3E 21 94 06 8C 6F 71 59 7D 7B 60 98 4D 22 B4 ) s +5 205 M +( 7A 1F 60 D9 1C A8 DF CB 17 5D 65 B9 73 59 CE CF ) s +5 194 M +(>) s +_R +S +%%Trailer +%%Pages: 2 +%%DocumentNeededResources: font Courier-Bold Courier +%%EOF diff --git a/skein/memxor.S b/skein/memxor.S new file mode 100644 index 0000000..a32058b --- /dev/null +++ b/skein/memxor.S @@ -0,0 +1,66 @@ +/* memxor.S */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +/* + * File: memxor.S + * Author: Daniel Otte + * Date: 2008-08-07 + * License: GPLv3 or later + * Description: memxor, XORing one block into another + * + */ + +/* + * void memxor(void* dest, const void* src, uint16_t n); + */ + /* + * param dest is passed in r24:r25 + * param src is passed in r22:r23 + * param n is passed in r20:r21 + */ +.global memxor +memxor: + movw r30, r24 + movw r26, r22 + movw r24, r20 + adiw r24, 0 + breq 2f +1: + ld r20, X+ + ld r21, Z + eor r20, r21 + st Z+, r20 + sbiw r24, 1 + brne 1b +2: + ret + + + + + + + + + + + + + + diff --git a/skein/memxor.h b/skein/memxor.h new file mode 100644 index 0000000..a62a616 --- /dev/null +++ b/skein/memxor.h @@ -0,0 +1,7 @@ +#ifndef MEMXOR_H_ +#define MEMXOR_H_ +#include + +void memxor(void* dest, const void* src, uint16_t n); + +#endif diff --git a/skein/skein-speed.log b/skein/skein-speed.log new file mode 100644 index 0000000..deae3de --- /dev/null +++ b/skein/skein-speed.log @@ -0,0 +1,202 @@ +performance + + === Skein-256-128 performance === + type: hashfunction + hashsize (bits): 128 + ctxsize (bytes): 50 + blocksize (bits): 256 + init (cycles): 42999 + nextBlock (cycles): 42003 + lastBlock (cycles): 41706 + ctx2hash (cycles): 42912 + + === Skein-256-160 performance === + type: hashfunction + hashsize (bits): 160 + ctxsize (bytes): 50 + blocksize (bits): 256 + init (cycles): 42999 + nextBlock (cycles): 42003 + lastBlock (cycles): 41713 + ctx2hash (cycles): 42940 + + === Skein-256-224 performance === + type: hashfunction + hashsize (bits): 224 + ctxsize (bytes): 50 + blocksize (bits): 256 + init (cycles): 43006 + nextBlock (cycles): 42003 + lastBlock (cycles): 41713 + ctx2hash (cycles): 42996 + + === Skein-256-256 performance === + type: hashfunction + hashsize (bits): 256 + ctxsize (bytes): 50 + blocksize (bits): 256 + init (cycles): 43006 + nextBlock (cycles): 42003 + lastBlock (cycles): 41706 + ctx2hash (cycles): 43026 + + === Skein-256-384 performance === + type: hashfunction + hashsize (bits): 384 + ctxsize (bytes): 50 + blocksize (bits): 256 + init (cycles): 42999 + nextBlock (cycles): 42003 + lastBlock (cycles): 41706 + ctx2hash (cycles): 20054 + + === Skein-256-512 performance === + type: hashfunction + hashsize (bits): 512 + ctxsize (bytes): 50 + blocksize (bits): 256 + init (cycles): 42999 + nextBlock (cycles): 42003 + lastBlock (cycles): 41706 + ctx2hash (cycles): 20165 + + === Skein-512-128 performance === + type: hashfunction + hashsize (bits): 128 + ctxsize (bytes): 82 + blocksize (bits): 512 + init (cycles): 30522 + nextBlock (cycles): 29183 + lastBlock (cycles): 28526 + ctx2hash (cycles): 30515 + + === Skein-512-160 performance === + type: hashfunction + hashsize (bits): 160 + ctxsize (bytes): 82 + blocksize (bits): 512 + init (cycles): 30522 + nextBlock (cycles): 29183 + lastBlock (cycles): 28526 + ctx2hash (cycles): 30536 + + === Skein-512-224 performance === + type: hashfunction + hashsize (bits): 224 + ctxsize (bytes): 82 + blocksize (bits): 512 + init (cycles): 30522 + nextBlock (cycles): 29176 + lastBlock (cycles): 28526 + ctx2hash (cycles): 30592 + + === Skein-512-256 performance === + type: hashfunction + hashsize (bits): 256 + ctxsize (bytes): 82 + blocksize (bits): 512 + init (cycles): 30522 + nextBlock (cycles): 29176 + lastBlock (cycles): 28533 + ctx2hash (cycles): 30620 + + === Skein-512-384 performance === + type: hashfunction + hashsize (bits): 384 + ctxsize (bytes): 82 + blocksize (bits): 512 + init (cycles): 30529 + nextBlock (cycles): 29176 + lastBlock (cycles): 28533 + ctx2hash (cycles): 30732 + + === Skein-512-512 performance === + type: hashfunction + hashsize (bits): 512 + ctxsize (bytes): 82 + blocksize (bits): 512 + init (cycles): 30529 + nextBlock (cycles): 29176 + lastBlock (cycles): 28533 + ctx2hash (cycles): 30846 + + === Skein-512-1024 performance === + type: hashfunction + hashsize (bits): 1024 + ctxsize (bytes): 82 + blocksize (bits): 512 + init (cycles): 30529 + nextBlock (cycles): 29176 + lastBlock (cycles): 28526 + ctx2hash (cycles): 61119 + + === Skein-1024-128 performance === + type: hashfunction + hashsize (bits): 128 + ctxsize (bytes): 146 + blocksize (bits): 1024 + init (cycles): 28976 + nextBlock (cycles): 26263 + lastBlock (cycles): 23978 + ctx2hash (cycles): 27216 + + === Skein-1024-160 performance === + type: hashfunction + hashsize (bits): 160 + ctxsize (bytes): 146 + blocksize (bits): 1024 + init (cycles): 28983 + nextBlock (cycles): 26256 + lastBlock (cycles): 23978 + ctx2hash (cycles): 27244 + + === Skein-1024-224 performance === + type: hashfunction + hashsize (bits): 224 + ctxsize (bytes): 146 + blocksize (bits): 1024 + init (cycles): 28983 + nextBlock (cycles): 26256 + lastBlock (cycles): 23978 + ctx2hash (cycles): 27307 + + === Skein-1024-256 performance === + type: hashfunction + hashsize (bits): 256 + ctxsize (bytes): 146 + blocksize (bits): 1024 + init (cycles): 28983 + nextBlock (cycles): 26263 + lastBlock (cycles): 23971 + ctx2hash (cycles): 27335 + + === Skein-1024-384 performance === + type: hashfunction + hashsize (bits): 384 + ctxsize (bytes): 146 + blocksize (bits): 1024 + init (cycles): 28983 + nextBlock (cycles): 26263 + lastBlock (cycles): 23971 + ctx2hash (cycles): 27447 + + === Skein-1024-512 performance === + type: hashfunction + hashsize (bits): 512 + ctxsize (bytes): 146 + blocksize (bits): 1024 + init (cycles): 28983 + nextBlock (cycles): 26263 + lastBlock (cycles): 23971 + ctx2hash (cycles): 27559 + + === Skein-1024-1024 performance === + type: hashfunction + hashsize (bits): 1024 + ctxsize (bytes): 146 + blocksize (bits): 1024 + init (cycles): 28983 + nextBlock (cycles): 26263 + lastBlock (cycles): 23971 + ctx2hash (cycles): 28002 +> \ No newline at end of file diff --git a/skein.h b/skein/skein.h similarity index 100% rename from skein.h rename to skein/skein.h diff --git a/skein1024.c b/skein/skein1024.c similarity index 100% rename from skein1024.c rename to skein/skein1024.c diff --git a/skein1024_asm.S b/skein/skein1024_asm.S similarity index 100% rename from skein1024_asm.S rename to skein/skein1024_asm.S diff --git a/skein256.c b/skein/skein256.c similarity index 100% rename from skein256.c rename to skein/skein256.c diff --git a/skein256_asm.S b/skein/skein256_asm.S similarity index 97% rename from skein256_asm.S rename to skein/skein256_asm.S index 97ef472..0c6c2d0 100644 --- a/skein256_asm.S +++ b/skein/skein256_asm.S @@ -16,12 +16,12 @@ You should have received a copy of the GNU General Public License along with this program. If not, see . */ -/* +/** * \author Daniel Otte * \email daniel.otte@rub.de * \date 2009-03-16 * \license GPLv3 or later - */ + */ #include "avr-asm-macros.S" @@ -86,7 +86,7 @@ skein256_init: movw r24, UBICTX0 movw r22, r30 ldi r20, 4 - rcall ubi256_init + rcall ubi256_init /* call ubi256_lastBlock*/ movw r24, UBICTX0 movw r22, CONF0 @@ -103,7 +103,7 @@ skein256_init: stack_free 64-22 pop_range 2, 5 ret - + /******************************************************************************/ .global skein256_nextBlock skein256_nextBlock: @@ -121,11 +121,11 @@ skein256_lastBlock: void skein256_ctx2hash(void* dest, skein256_ctx_t* ctx){ ubi256_ctx_t uctx; uint16_t outsize_b; - + uint64_t counter=0; uint8_t outbuffer[UBI256_BLOCKSIZE_B]; ubi256_init(&(ctx->ubictx), ctx->ubictx.g, UBI_TYPE_OUT); - + outsize_b = ctx->outsize_b; while(1){ memcpy(&uctx, &(ctx->ubictx), sizeof(ubi256_ctx_t)); @@ -183,7 +183,7 @@ skein256_ctx2hash: movw r24, UBICTX0 ldi r20, 63 rcall ubi256_init - + /* main loop */ /* copy ubictx in uctx*/ 1: movw r30, UCTX0 @@ -201,7 +201,7 @@ skein256_ctx2hash: clr r21 ldi r20, 64 rcall ubi256_lastBlock - /* copy uctx->g to outbuffer */ + /* copy uctx->g to outbuffer */ movw r26, UCTX0 adiw r26, 16 movw r30, UCTX0 @@ -211,13 +211,13 @@ skein256_ctx2hash: st Z+, r25 dec r24 brne 2b - /* compare outsize_b with 256*/ + /* compare outsize_b with 256*/ cpi OUTSIZE_B1, 2 brge 5f cpi OUTSIZE_B1, 1 brlo 3f tst OUTSIZE_B0 - breq 3f + breq 3f 5: /* copy outbuffer to dest */ movw r30, DEST0 movw r26, UCTX0 @@ -260,7 +260,7 @@ skein256_ctx2hash: st Z+, r25 dec r24 brne 7b -8: +8: stack_free_large 88 pop_range 10, 17 ret @@ -321,12 +321,12 @@ skein256: movw r24, DEST0 movw r22, CTX0 rcall skein256_ctx2hash - /* return */ + /* return */ stack_free 50 pop_range 2, 11 ret - -4: /* process preceeding blocks */ + +4: /* process preceeding blocks */ movw r24, CTX0 movw r22, MSG0 rcall skein256_nextBlock diff --git a/skein512.c b/skein/skein512.c similarity index 100% rename from skein512.c rename to skein/skein512.c diff --git a/skein512_asm.S b/skein/skein512_asm.S similarity index 100% rename from skein512_asm.S rename to skein/skein512_asm.S diff --git a/skein/skein_algo_list.txt b/skein/skein_algo_list.txt new file mode 100644 index 0000000..5b25e73 --- /dev/null +++ b/skein/skein_algo_list.txt @@ -0,0 +1,20 @@ + a: Skein-256-128 + b: Skein-256-160 + c: Skein-256-224 + *d: Skein-256-256 + e: Skein-256-384 + f: Skein-256-512 + g: Skein-512-128 + h: Skein-512-160 + i: Skein-512-224 + j: Skein-512-256 + k: Skein-512-384 + l: Skein-512-512 + m: Skein-512-1024 + n: Skein-1024-128 + o: Skein-1024-160 + p: Skein-1024-224 + q: Skein-1024-256 + r: Skein-1024-384 + s: Skein-1024-512 + t: Skein-1024-1024 diff --git a/threefish.h b/skein/threefish.h similarity index 100% rename from threefish.h rename to skein/threefish.h diff --git a/threefish1024_dec.c b/skein/threefish1024_dec.c similarity index 100% rename from threefish1024_dec.c rename to skein/threefish1024_dec.c diff --git a/threefish1024_dec_asm.S b/skein/threefish1024_dec_asm.S similarity index 100% rename from threefish1024_dec_asm.S rename to skein/threefish1024_dec_asm.S diff --git a/skein/threefish1024_dec_cstub.c b/skein/threefish1024_dec_cstub.c new file mode 100644 index 0000000..09b031f --- /dev/null +++ b/skein/threefish1024_dec_cstub.c @@ -0,0 +1,97 @@ +/* threefish1024_enc.c */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/* + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2009-03-12 + * \license GPLv3 or later + * + * + * + */ + +#include +#include +#include "threefish.h" + +#define X(a) (((uint64_t*)data)[(a)]) + +static +void permute_inv16(void* data){ + uint64_t t; + t = X(15); + X(15) = X(7); + X(7) = X(9); + X(9) = X(1); + X(1) = t; + t = X(11); + X(11) = X(5); + X(5) = X(13); + X(13) = X(3); + X(3) = t; + t = X(4); + X(4) = X(6); + X(6) = t; + t = X(14); + X(14) = X(12); + X(12) = X(10); + X(10) = X(8); + X(8) = t; +} + +static +void add_key_16(void* data, const threefish1024_ctx_t* ctx, uint8_t s){ + uint8_t i; + for(i=0; i<13; ++i){ + X(i) -= ctx->k[(s+i)%17]; + } + X(13) -= ctx->k[(s+13)%17] + ctx->t[s%3]; + X(14) -= ctx->k[(s+14)%17] + ctx->t[(s+1)%3]; + X(15) -= ctx->k[(s+15)%17] + s; +} + +void threefish1024_dec(void* data, const threefish1024_ctx_t* ctx){ + uint8_t i=0,s=20; + uint8_t r0[8] = {0x69, 0x72, 0x21, 0x34, 0x42, 0x41, 0x31, 0x79}; + uint8_t r1[8] = {0x61, 0x19, 0x1a, 0x19, 0x53, 0x10, 0x31, 0x53}; + uint8_t r2[8] = {0x33, 0x40, 0x22, 0x69, 0x31, 0x22, 0x6a, 0x5b}; + uint8_t r3[8] = {0x72, 0x6b, 0x31, 0x60, 0x74, 0x71, 0x2b, 0x50}; + uint8_t r4[8] = {0x5b, 0x23, 0x53, 0x63, 0x54, 0x3b, 0x2a, 0x20}; + uint8_t r5[8] = {0x60, 0x22, 0x52, 0x11, 0x11, 0x14, 0x2b, 0x3a}; + uint8_t r6[8] = {0x7b, 0x02, 0x50, 0x43, 0x73, 0x40, 0x64, 0x5a}; + uint8_t r7[8] = {0x70, 0x70, 0x29, 0x51, 0x42, 0x7a, 0x71, 0x14}; + + do{ + if(i%4==0){ + add_key_16(data, ctx, s); + --s; + } + permute_inv16(data); + threefish_invmix((uint8_t*)data + 0, r0[i%8]); + threefish_invmix((uint8_t*)data + 16, r1[i%8]); + threefish_invmix((uint8_t*)data + 32, r2[i%8]); + threefish_invmix((uint8_t*)data + 48, r3[i%8]); + threefish_invmix((uint8_t*)data + 64, r4[i%8]); + threefish_invmix((uint8_t*)data + 80, r5[i%8]); + threefish_invmix((uint8_t*)data + 96, r6[i%8]); + threefish_invmix((uint8_t*)data +112, r7[i%8]); + ++i; + }while(i!=80); + add_key_16(data, ctx, s); +} diff --git a/threefish1024_enc.c b/skein/threefish1024_enc.c similarity index 100% rename from threefish1024_enc.c rename to skein/threefish1024_enc.c diff --git a/threefish1024_enc_asm.S b/skein/threefish1024_enc_asm.S similarity index 100% rename from threefish1024_enc_asm.S rename to skein/threefish1024_enc_asm.S diff --git a/threefish256_dec.c b/skein/threefish256_dec.c similarity index 100% rename from threefish256_dec.c rename to skein/threefish256_dec.c diff --git a/threefish256_dec_asm.S b/skein/threefish256_dec_asm.S similarity index 100% rename from threefish256_dec_asm.S rename to skein/threefish256_dec_asm.S diff --git a/skein/threefish256_dec_cstub.c b/skein/threefish256_dec_cstub.c new file mode 100644 index 0000000..1d89756 --- /dev/null +++ b/skein/threefish256_dec_cstub.c @@ -0,0 +1,66 @@ +/* threefish256_enc.c */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/* + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2009-03-12 + * \license GPLv3 or later + * + * + * + */ + +#include +#include +#include "threefish.h" + +#define X(a) (((uint64_t*)data)[(a)]) +static +void permute_4(void* data){ + uint64_t t; + t = X(1); + X(1) = X(3); + X(3) = t; +} + +static +void add_key_4(void* data, const threefish256_ctx_t* ctx, uint8_t s){ + X(0) -= ctx->k[(s+0)%5]; + X(1) -= ctx->k[(s+1)%5] + ctx->t[s%3]; + X(2) -= ctx->k[(s+2)%5] + ctx->t[(s+1)%3]; + X(3) -= ctx->k[(s+3)%5] + s; +} + +void threefish256_dec(void* data, const threefish256_ctx_t* ctx){ + uint8_t i=0,s=18; + uint8_t r0[8] = {0x73, 0x13, 0x7b, 0x32, 0x72, 0x2b, 0x44, 0x1b}; + uint8_t r1[8] = {0x62, 0x52, 0x43, 0x24, 0x54, 0x6a, 0x34, 0x70}; + do{ + if(i%4==0){ + add_key_4(data, ctx, s); + --s; + } + permute_4(data); + threefish_invmix(data, r0[i%8]); + threefish_invmix((uint8_t*)data + 16, r1[i%8]); + ++i; + }while(i!=72); + add_key_4(data, ctx, s); +} + diff --git a/threefish256_enc.c b/skein/threefish256_enc.c similarity index 100% rename from threefish256_enc.c rename to skein/threefish256_enc.c diff --git a/threefish256_enc_asm.S b/skein/threefish256_enc_asm.S similarity index 96% rename from threefish256_enc_asm.S rename to skein/threefish256_enc_asm.S index f18e7f4..dfa5d05 100644 --- a/threefish256_enc_asm.S +++ b/skein/threefish256_enc_asm.S @@ -21,7 +21,7 @@ * \email daniel.otte@rub.de * \date 2009-03-16 * \license GPLv3 or later - */ + */ #include "avr-asm-macros.S" @@ -113,7 +113,7 @@ threefish256_init: dec r26 brne 2b rjmp 9f -3: +3: movw r26, r22 ld A0, X+ ld A1, X+ @@ -155,7 +155,7 @@ threefish256_init: ld r0, X+ eor A7, r0 st Z+, r0 - + st Z+, A0 st Z+, A1 st Z+, A2 @@ -167,7 +167,7 @@ threefish256_init: 9: pop_range 14, 17 ret - + /******************************************************************************/ /* #define X(a) (((uint64_t*)data)[(a)]) @@ -177,7 +177,7 @@ void permute_4(void* data){ X(1) = X(3); X(3) = t; } -void add_key_4(void* data, threefish256_ctx_t* ctx, uint8_t s){ /* s: 0..19 * / +void add_key_4(void* data, threefish256_ctx_t* ctx, uint8_t s){ / * s: 0..19 * / X(0) += ctx->k[(s+0)%5]; X(1) += ctx->k[(s+1)%5] + ctx->t[s%3]; X(2) += ctx->k[(s+2)%5] + ctx->t[(s+1)%3]; @@ -185,7 +185,7 @@ void add_key_4(void* data, threefish256_ctx_t* ctx, uint8_t s){ /* s: 0..19 * / } void threefish256_enc(void* data, threefish256_ctx_t* ctx){ uint8_t i=0,s=0; - uint8_t r0[8] = { 5, 36, 13, 58, 26, 53, 11, 59}; + uint8_t r0[8] = { 5, 36, 13, 58, 26, 53, 11, 59}; uint8_t r1[8] = {56, 28, 46, 44, 20, 35, 42, 50}; do{ if(i%4==0){ @@ -223,7 +223,7 @@ threefish256_enc: movw CTX0, r22 clr I clr S -1: +1: mov r30, I andi r30, 0x03 breq 2f @@ -254,7 +254,7 @@ threefish256_enc: add r30, IDX3 adc r31, r1 rcall add_z_to_x8 - + /* now the remaining key */ sbiw r26, 3*8 ldi r30, lo8(threefish256_slut3) @@ -305,8 +305,8 @@ exit: pop_range 2, 17 pop r29 pop r28 - ret -4: + ret +4: /* call mix */ ldi r30, lo8(threefish256_rc0) ldi r31, hi8(threefish256_rc0) @@ -362,16 +362,16 @@ exit: st Z+, IDX0 inc I rjmp 1b - + threefish256_slut5: - .byte 0x00, 0x08, 0x10, 0x18, 0x20, 0x00, 0x08, 0x10 + .byte 0x00, 0x08, 0x10, 0x18, 0x20, 0x00, 0x08, 0x10 .byte 0x18, 0x20, 0x00, 0x08, 0x10, 0x18, 0x20, 0x00 .byte 0x08, 0x10, 0x18, 0x20, 0x00, 0x08, 0x10 threefish256_slut3: .byte 0x00, 0x08, 0x10, 0x00, 0x08, 0x10, 0x00, 0x08 - .byte 0x10, 0x00, 0x08, 0x10, 0x00, 0x08, 0x10, 0x00 + .byte 0x10, 0x00, 0x08, 0x10, 0x00, 0x08, 0x10, 0x00 .byte 0x08, 0x10, 0x00, 0x08, 0x10, 0x00, 0x08 -;threefish256_rc0: .byte 5, 36, 13, 58, 26, 53, 11, 59 +;threefish256_rc0: .byte 5, 36, 13, 58, 26, 53, 11, 59 ;threefish256_rc1: .byte 56, 28, 46, 44, 20, 35, 42, 50 threefish256_rc0: .byte 0x1b, 0x44, 0x2b, 0x72, 0x32, 0x7b, 0x13, 0x73 threefish256_rc1: .byte 0x70, 0x34, 0x6a, 0x54, 0x24, 0x43, 0x52, 0x62 @@ -411,9 +411,9 @@ add_z_to_x8: st X+, r1 clr r1 ret - - - + + + diff --git a/threefish256_enc_small.S b/skein/threefish256_enc_small.S similarity index 96% rename from threefish256_enc_small.S rename to skein/threefish256_enc_small.S index da08359..f7392ba 100644 --- a/threefish256_enc_small.S +++ b/skein/threefish256_enc_small.S @@ -16,12 +16,12 @@ You should have received a copy of the GNU General Public License along with this program. If not, see . */ -/* +/** * \author Daniel Otte * \email daniel.otte@rub.de * \date 2009-03-16 * \license GPLv3 or later - */ + */ #include "avr-asm-macros.S" @@ -114,7 +114,7 @@ threefish256_init: dec r26 brne 1b rjmp 9f -3: +3: ld A0, X+ ld A1, X+ ld A2, X+ @@ -166,7 +166,7 @@ threefish256_init: 9: pop_range 14, 17 ret - + /******************************************************************************/ /* #define X(a) (((uint64_t*)data)[(a)]) @@ -176,7 +176,7 @@ void permute_4(void* data){ X(1) = X(3); X(3) = t; } -void add_key_4(void* data, threefish256_ctx_t* ctx, uint8_t s){ /* s: 0..19 * / +void add_key_4(void* data, threefish256_ctx_t* ctx, uint8_t s){ / * s: 0..19 * / X(0) += ctx->k[(s+0)%5]; X(1) += ctx->k[(s+1)%5] + ctx->t[s%3]; X(2) += ctx->k[(s+2)%5] + ctx->t[(s+1)%3]; @@ -184,7 +184,7 @@ void add_key_4(void* data, threefish256_ctx_t* ctx, uint8_t s){ /* s: 0..19 * / } void threefish256_enc(void* data, threefish256_ctx_t* ctx){ uint8_t i=0,s=0; - uint8_t r0[8] = { 5, 36, 13, 58, 26, 53, 11, 59}; + uint8_t r0[8] = { 5, 36, 13, 58, 26, 53, 11, 59}; uint8_t r1[8] = {56, 28, 46, 44, 20, 35, 42, 50}; do{ if(i%4==0){ @@ -222,7 +222,7 @@ threefish256_enc: movw CTX0, r22 clr I clr S -1: +1: mov r30, I andi r30, 0x03 breq 2f @@ -254,7 +254,7 @@ threefish256_enc: add r30, IDX3 adc r31, r1 rcall add_z_to_x8 - + /* now the remaining key */ sbiw r26, 3*8 ldi r30, lo8(threefish256_slut3) @@ -277,7 +277,7 @@ threefish256_enc: add r0, S st X+, r0 ldi r16, 7 -3: +3: ld r0, X adc r0, r1 st X+, r0 @@ -291,8 +291,8 @@ exit: pop_range 2, 17 pop r29 pop r28 - ret -4: + ret +4: /* call mix */ ldi r30, lo8(threefish256_rc0) ldi r31, hi8(threefish256_rc0) @@ -323,14 +323,14 @@ exit: brne 3b inc I rjmp 1b - + threefish256_slut5: - .byte 0x00, 0x08, 0x10, 0x18, 0x20, 0x00, 0x08, 0x10 + .byte 0x00, 0x08, 0x10, 0x18, 0x20, 0x00, 0x08, 0x10 .byte 0x18, 0x20, 0x00, 0x08, 0x10, 0x18, 0x20, 0x00 .byte 0x08, 0x10, 0x18, 0x20, 0x00, 0x08, 0x10 threefish256_slut3: .byte 0x00, 0x08, 0x10, 0x00, 0x08, 0x10, 0x00, 0x08 - .byte 0x10, 0x00, 0x08, 0x10, 0x00, 0x08, 0x10, 0x00 + .byte 0x10, 0x00, 0x08, 0x10, 0x00, 0x08, 0x10, 0x00 .byte 0x08, 0x10, 0x00, 0x08, 0x10, 0x00, 0x08 threefish256_rc0: .byte 0x1b, 0x44, 0x2b, 0x72, 0x32, 0x7b, 0x13, 0x73 threefish256_rc1: .byte 0x70, 0x34, 0x6a, 0x54, 0x24, 0x43, 0x52, 0x62 @@ -350,9 +350,9 @@ add_z_to_x8: brne 1b clr r1 ret - - - + + + diff --git a/threefish512_dec.c b/skein/threefish512_dec.c similarity index 100% rename from threefish512_dec.c rename to skein/threefish512_dec.c diff --git a/threefish512_dec_asm.S b/skein/threefish512_dec_asm.S similarity index 100% rename from threefish512_dec_asm.S rename to skein/threefish512_dec_asm.S diff --git a/skein/threefish512_dec_cstub.c b/skein/threefish512_dec_cstub.c new file mode 100644 index 0000000..aaa9886 --- /dev/null +++ b/skein/threefish512_dec_cstub.c @@ -0,0 +1,81 @@ +/* threefish512_dec.c */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/* + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2009-03-22 + * \license GPLv3 or later + * + * + * + */ + +#include +#include +#include "threefish.h" + + +#define X(a) (((uint64_t*)data)[(a)]) + + +static +void permute_inv8(void* data){ + uint64_t t; + t = X(6); + X(6) = X(4); + X(4) = X(2); + X(2) = X(0); + X(0) = t; + t = X(7); + X(7) = X(3); + X(3) = t; +} + +static +void add_key_8(void* data, const threefish512_ctx_t* ctx, uint8_t s){ + uint8_t i; + for(i=0; i<5; ++i){ + X(i) -= ctx->k[(s+i)%9]; + } + X(5) -= ctx->k[(s+5)%9] + ctx->t[s%3]; + X(6) -= ctx->k[(s+6)%9] + ctx->t[(s+1)%3]; + X(7) -= ctx->k[(s+7)%9] + s; +} + +void threefish512_dec(void* data, const threefish512_ctx_t* ctx){ + uint8_t i=0,s=18; + uint8_t r0[8] = {0x41, 0x4b, 0x59, 0x41, 0x32, 0x42, 0x60, 0x5a}; + uint8_t r1[8] = {0x63, 0x32, 0x33, 0x61, 0x14, 0x2a, 0x24, 0x4a}; + uint8_t r2[8] = {0x59, 0x13, 0x51, 0x10, 0x72, 0x29, 0x53, 0x62}; + uint8_t r3[8] = {0x43, 0x11, 0x2a, 0x52, 0x19, 0x33, 0x49, 0x7b}; + do{ + if(i%4==0){ + add_key_8(data, ctx, s); + --s; + } + permute_inv8(data); + threefish_invmix((uint8_t*)data + 0, r0[i%8]); + threefish_invmix((uint8_t*)data + 16, r1[i%8]); + threefish_invmix((uint8_t*)data + 32, r2[i%8]); + threefish_invmix((uint8_t*)data + 48, r3[i%8]); + ++i; + }while(i!=72); + add_key_8(data, ctx, s); +} + diff --git a/threefish512_enc.c b/skein/threefish512_enc.c similarity index 100% rename from threefish512_enc.c rename to skein/threefish512_enc.c diff --git a/threefish512_enc_asm.S b/skein/threefish512_enc_asm.S similarity index 100% rename from threefish512_enc_asm.S rename to skein/threefish512_enc_asm.S diff --git a/threefish_invmix.S b/skein/threefish_invmix.S similarity index 100% rename from threefish_invmix.S rename to skein/threefish_invmix.S diff --git a/skein/threefish_invmix_4c.S b/skein/threefish_invmix_4c.S new file mode 100644 index 0000000..59cc545 --- /dev/null +++ b/skein/threefish_invmix_4c.S @@ -0,0 +1,305 @@ +/* threefish_invmix.S */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/* + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2009-03-21 + * \license GPLv3 or later + */ + +#include "avr-asm-macros.S" + +/* +#define X0 (((uint64_t*)data)[0]) +#define X1 (((uint64_t*)data)[1]) +void threefish_invmix(void* data, uint8_t rot){ + uint64_t x; + x = X1; + x ^= X0; + X1 = ((x>>rot)|(x<<(64-rot))); + X0 -= X1; +} +*/ +A0 = 10 +A1 = 11 +A2 = 12 +A3 = 13 +A4 = 14 +A5 = 15 +A6 = 16 +A7 = 17 + +B0 = 18 +B1 = 19 +B2 = 20 +B3 = 21 +B4 = 22 +B5 = 23 +B6 = 24 +B7 = 25 +vROT = 27 +/* + * param data: r24:r25 + * param rot: r22 + */ + +.global threefish_invmix +threefish_invmix: + push_range 10, 17 + push r28 + push r29 + movw r28, r24 + mov vROT,r22 + ldd A0, Y+ 0 + ldd A1, Y+ 1 + ldd A2, Y+ 2 + ldd A3, Y+ 3 + ldd A4, Y+ 4 + ldd A5, Y+ 5 + ldd A6, Y+ 6 + ldd A7, Y+ 7 + ldd B0, Y+ 8 + ldd B1, Y+ 9 + ldd B2, Y+10 + ldd B3, Y+11 + ldd B4, Y+12 + ldd B5, Y+13 + ldd B6, Y+14 + ldd B7, Y+15 + eor B0, A0 + eor B1, A1 + eor B2, A2 + eor B3, A3 + eor B4, A4 + eor B5, A5 + eor B6, A6 + eor B7, A7 + + mov r26, vROT + swap r26 + andi r26, 0x07 + ldi r30, pm_lo8(byte_rot_jmptable) + ldi r31, pm_hi8(byte_rot_jmptable) + add r30, r26 + adc r31, r1 + ijmp +post_byterot: + bst vROT, 3 + andi vROT, 0x07 + brts 1f + rjmp bit_rotr +1: rjmp bit_rotl +post_bitrot: + sub A0, B0 + sbc A1, B1 + sbc A2, B2 + sbc A3, B3 + sbc A4, B4 + sbc A5, B5 + sbc A6, B6 + sbc A7, B7 + + std Y+ 0, A0 + std Y+ 1, A1 + std Y+ 2, A2 + std Y+ 3, A3 + std Y+ 4, A4 + std Y+ 5, A5 + std Y+ 6, A6 + std Y+ 7, A7 + std Y+ 8, B0 + std Y+ 9, B1 + std Y+10, B2 + std Y+11, B3 + std Y+12, B4 + std Y+13, B5 + std Y+14, B6 + std Y+15, B7 +exit: + pop r29 + pop r28 + pop_range 10, 17 + ret + +byte_rot_jmptable: + rjmp post_byterot;ret; rjmp byte_rotr_0 + rjmp byte_rotr_1 + rjmp byte_rotr_2 + rjmp byte_rotr_3 + rjmp byte_rotr_4 + rjmp byte_rotr_5 + rjmp byte_rotr_6 + rjmp byte_rotr_7 + rjmp post_byterot;ret; rjmp byte_rotr_0 + + + +; 0 1 2 3 4 5 6 7 +; 1 2 3 4 5 6 7 0 +;.global byte_rotr_1 +;.global byte_rotr_0 +byte_rotr_1: /* 10 words */ + mov r0, B0 + mov B0, B1 + mov B1, B2 + mov B2, B3 + mov B3, B4 + mov B4, B5 + mov B5, B6 + mov B6, B7 + mov B7, r0 +byte_rotr_0: + rjmp post_byterot + +; 0 1 2 3 4 5 6 7 +; 2 3 4 5 6 7 0 1 +;.global byte_rotr_2 +byte_rotr_2: /* 11 words */ + mov r0, B0 + mov B0, B2 + mov B2, B4 + mov B4, B6 + mov B6, r0 + mov r0, B1 + mov B1, B3 + mov B3, B5 + mov B5, B7 + mov B7, r0 + rjmp post_byterot + +; 0 1 2 3 4 5 6 7 +; 3 4 5 6 7 0 1 2 +;.global byte_rotr_3 +byte_rotr_3: /* 10 words */ + mov r0, B0 + mov B0, B3 + mov B3, B6 + mov B6, B1 + mov B1, B4 + mov B4, B7 + mov B7, B2 + mov B2, B5 + mov B5, r0 + rjmp post_byterot + +; 0 1 2 3 4 5 6 7 +; 4 5 6 7 0 1 2 3 +;.global byte_rotr_4 +byte_rotr_4: /* 13 words */ + mov r0, B0 + mov B0, B4 + mov B4, r0 + + mov r0, B1 + mov B1, B5 + mov B5, r0 + + mov r0, B2 + mov B2, B6 + mov B6, r0 + + mov r0, B3 + mov B3, B7 + mov B7, r0 + rjmp post_byterot + +; 0 1 2 3 4 5 6 7 +; 5 6 7 0 1 2 3 4 +;.global byte_rotr_5 +byte_rotr_5: /* 10 words */ + mov r0, B0 + mov B0, B5 + mov B5, B2 + mov B2, B7 + mov B7, B4 + mov B4, B1 + mov B1, B6 + mov B6, B3 + mov B3, r0 + rjmp post_byterot + +; 0 1 2 3 4 5 6 7 +; 6 7 0 1 2 3 4 5 +;.global byte_rotr_6 +byte_rotr_6: /* 11 words */ + mov r0, B0 + mov B0, B6 + mov B6, B4 + mov B4, B2 + mov B2, r0 + + mov r0, B1 + mov B1, B7 + mov B7, B5 + mov B5, B3 + mov B3, r0 + rjmp post_byterot + +; 0 1 2 3 4 5 6 7 +; 7 0 1 2 3 4 5 6 +;.global byte_rotr_7 +byte_rotr_7: /* 10 words */ + mov r0, B7 + mov B7, B6 + mov B6, B5 + mov B5, B4 + mov B4, B3 + mov B3, B2 + mov B2, B1 + mov B1, B0 + mov B0, r0 + rjmp post_byterot + +;.global bit_rotl +bit_rotl: + tst vROT + brne 1f + rjmp post_bitrot +1: mov r0, B7 + rol r0 + rol B0 + rol B1 + rol B2 + rol B3 + rol B4 + rol B5 + rol B6 + rol B7 + dec vROT + rjmp bit_rotl + +;.global bit_rotr +bit_rotr: + tst vROT + brne 1f + rjmp post_bitrot +1: mov r0, B0 + ror r0 + ror B7 + ror B6 + ror B5 + ror B4 + ror B3 + ror B2 + ror B1 + ror B0 + dec vROT + rjmp bit_rotr + + diff --git a/threefish_invmix_c.c b/skein/threefish_invmix_c.c similarity index 100% rename from threefish_invmix_c.c rename to skein/threefish_invmix_c.c diff --git a/threefish_mix.S b/skein/threefish_mix.S similarity index 100% rename from threefish_mix.S rename to skein/threefish_mix.S diff --git a/threefish_mix_4c.S b/skein/threefish_mix_4c.S similarity index 100% rename from threefish_mix_4c.S rename to skein/threefish_mix_4c.S diff --git a/threefish_mix_c.c b/skein/threefish_mix_c.c similarity index 100% rename from threefish_mix_c.c rename to skein/threefish_mix_c.c diff --git a/ubi.h b/skein/ubi.h similarity index 100% rename from ubi.h rename to skein/ubi.h diff --git a/ubi1024.c b/skein/ubi1024.c similarity index 100% rename from ubi1024.c rename to skein/ubi1024.c diff --git a/ubi1024_asm.S b/skein/ubi1024_asm.S similarity index 100% rename from ubi1024_asm.S rename to skein/ubi1024_asm.S diff --git a/ubi256.c b/skein/ubi256.c similarity index 100% rename from ubi256.c rename to skein/ubi256.c diff --git a/ubi256_asm.S b/skein/ubi256_asm.S similarity index 100% rename from ubi256_asm.S rename to skein/ubi256_asm.S diff --git a/ubi512.c b/skein/ubi512.c similarity index 100% rename from ubi512.c rename to skein/ubi512.c diff --git a/ubi512_asm.S b/skein/ubi512_asm.S similarity index 100% rename from ubi512_asm.S rename to skein/ubi512_asm.S diff --git a/test_src/config.h b/test_src/config.h index b501bab..5fb1011 100644 --- a/test_src/config.h +++ b/test_src/config.h @@ -37,7 +37,7 @@ #define UART0_DATABITS UART_DATABITS_8 #define UART0_RXBUFFER_SIZE 64 #define UART0_TXBUFFER_SIZE 64 -#define UART0_SWFLOWCTRL 0 +#define UART0_SWFLOWCTRL 1 #define UART0_THRESH_LOW 10 #define UART0_THRESH_HIGH 48 diff --git a/test_src/hexdigit_tab.c b/test_src/hexdigit_tab.c deleted file mode 100644 index 874109c..0000000 --- a/test_src/hexdigit_tab.c +++ /dev/null @@ -1,49 +0,0 @@ -/* hexdigit_tab.c */ -/* - * This file is part of AnonAccess, an access system which can be used - * to open door or doing other things with an anonymity featured - * account managment. - * Copyright (C) 2006, 2007, 2008 Daniel Otte (daniel.otte@rub.de) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - - - -#include -#include "hexdigit_tab.h" - -char hexdigit_tab_P[] PROGMEM = - {'0','1','2','3', - '4','5','6','7', - '8','9','A','B', - 'C','D','E','F'}; - -char hexdigit_tab_uc_P[] PROGMEM = - {'0','1','2','3', - '4','5','6','7', - '8','9','A','B', - 'C','D','E','F'}; - - -char hexdigit_tab_lc_P[] PROGMEM = - {'0','1','2','3', - '4','5','6','7', - '8','9','a','b', - 'c','d','e','f'}; - - - - - diff --git a/test_src/main-aes-test.c b/test_src/main-aes-test.c index 8d2aba6..765411b 100644 --- a/test_src/main-aes-test.c +++ b/test_src/main-aes-test.c @@ -26,14 +26,14 @@ #include "uart_i.h" #include "debug.h" -#include "aes.h" -#include "aes128_enc.h" -#include "aes128_dec.h" -#include "aes192_enc.h" -#include "aes192_dec.h" -#include "aes256_enc.h" -#include "aes256_dec.h" -#include "aes_keyschedule.h" +#include "aes/aes.h" +#include "aes/aes128_enc.h" +#include "aes/aes128_dec.h" +#include "aes/aes192_enc.h" +#include "aes/aes192_dec.h" +#include "aes/aes256_enc.h" +#include "aes/aes256_dec.h" +#include "aes/aes_keyschedule.h" #include "nessie_bc_test.h" #include "cli.h" diff --git a/test_src/main-aes128-test.c b/test_src/main-aes128-test.c index e9b3ce4..98462a1 100644 --- a/test_src/main-aes128-test.c +++ b/test_src/main-aes128-test.c @@ -26,10 +26,10 @@ #include "uart_i.h" #include "debug.h" -#include "aes.h" -#include "aes128_enc.h" -#include "aes128_dec.h" -#include "aes_keyschedule.h" +#include "aes/aes.h" +#include "aes/aes128_enc.h" +#include "aes/aes128_dec.h" +#include "aes/aes_keyschedule.h" #include "nessie_bc_test.h" #include "cli.h" diff --git a/test_src/main-aes192-test.c b/test_src/main-aes192-test.c index 577d057..c37dc7e 100644 --- a/test_src/main-aes192-test.c +++ b/test_src/main-aes192-test.c @@ -26,10 +26,10 @@ #include "uart_i.h" #include "debug.h" -#include "aes.h" -#include "aes192_enc.h" -#include "aes192_dec.h" -#include "aes_keyschedule.h" +#include "aes/aes.h" +#include "aes/aes192_enc.h" +#include "aes/aes192_dec.h" +#include "aes/aes_keyschedule.h" #include "nessie_bc_test.h" #include "cli.h" diff --git a/test_src/main-aes256-test.c b/test_src/main-aes256-test.c index 6b9f0b5..15d7f83 100644 --- a/test_src/main-aes256-test.c +++ b/test_src/main-aes256-test.c @@ -26,10 +26,10 @@ #include "uart_i.h" #include "debug.h" -#include "aes.h" -#include "aes256_enc.h" -#include "aes256_dec.h" -#include "aes_keyschedule.h" +#include "aes/aes.h" +#include "aes/aes256_enc.h" +#include "aes/aes256_dec.h" +#include "aes/aes_keyschedule.h" #include "nessie_bc_test.h" #include "cli.h" diff --git a/twister/gf256mul.S b/twister/gf256mul.S new file mode 100644 index 0000000..b269d3a --- /dev/null +++ b/twister/gf256mul.S @@ -0,0 +1,82 @@ +/* gf256mul.S */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +/* + * File: gf256mul.S + * Author: Daniel Otte + * Date: 2008-12-19 + * License: GPLv3 or later + * Description: peasant's algorithm for multiplication in GF(2^8) + * + */ + +#include +#define OPTIMIZE_SMALL_A + +/* + * param a: r24 + * param b: r22 + * param reducer: r20 + */ +A = 23 +B = 22 +P = 24 +.global gf256mul + +#ifdef OPTIMIZE_SMALL_A +gf256mul: + mov A, r24 + clr r24 +1: + lsr A + breq 4f + brcc 2f + eor P, B +2: + lsl B + brcc 3f + eor B, r20 +3: + rjmp 1b +4: + brcc 2f + eor P, B +2: + ret + +#else + +gf256mul: + mov r21, r24 + clr r24 + ldi r25, 8 +1: + lsr A + brcc 2f + eor P, B +2: + lsl B + brcc 3f + eor B, r20 +3: + dec r25 + brne 1b + ret + +#endif diff --git a/twister/gf256mul.h b/twister/gf256mul.h new file mode 100644 index 0000000..87f1cb3 --- /dev/null +++ b/twister/gf256mul.h @@ -0,0 +1,37 @@ +/* gf256mul.h */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +#ifndef GF256MUL_H_ +#define GF256MUL_H_ + +/** + * \author Daniel Otte + * \email daniel.otte@rub.de + * \date 2008-12-19 + * \license GPLv3 + * \brief + * + * + */ + +#include + +uint8_t gf256mul(uint8_t a, uint8_t b, uint8_t reducer); + +#endif /* GF256MUL_H_ */ + diff --git a/twister/memxor.S b/twister/memxor.S new file mode 100644 index 0000000..a32058b --- /dev/null +++ b/twister/memxor.S @@ -0,0 +1,66 @@ +/* memxor.S */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +/* + * File: memxor.S + * Author: Daniel Otte + * Date: 2008-08-07 + * License: GPLv3 or later + * Description: memxor, XORing one block into another + * + */ + +/* + * void memxor(void* dest, const void* src, uint16_t n); + */ + /* + * param dest is passed in r24:r25 + * param src is passed in r22:r23 + * param n is passed in r20:r21 + */ +.global memxor +memxor: + movw r30, r24 + movw r26, r22 + movw r24, r20 + adiw r24, 0 + breq 2f +1: + ld r20, X+ + ld r21, Z + eor r20, r21 + st Z+, r20 + sbiw r24, 1 + brne 1b +2: + ret + + + + + + + + + + + + + + diff --git a/twister/memxor.h b/twister/memxor.h new file mode 100644 index 0000000..a62a616 --- /dev/null +++ b/twister/memxor.h @@ -0,0 +1,7 @@ +#ifndef MEMXOR_H_ +#define MEMXOR_H_ +#include + +void memxor(void* dest, const void* src, uint16_t n); + +#endif diff --git a/twister-asm.S b/twister/twister-asm.S similarity index 100% rename from twister-asm.S rename to twister/twister-asm.S diff --git a/twister/twister-asm.S_shiftmul b/twister/twister-asm.S_shiftmul new file mode 100644 index 0000000..3857e19 --- /dev/null +++ b/twister/twister-asm.S_shiftmul @@ -0,0 +1,351 @@ +/* twister-asm.S */ +/* + This file is part of the AVR-Crypto-Lib. + Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +/** + * \file twister-asm.S + * \email daniel.otte@rub.de + * \author Daniel Otte + * \date 2008-12-22 + * \license GPLv3 or later + * + */ + +#include "avr-asm-macros.S" + +twister_sbox: +.byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5 +.byte 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76 +.byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0 +.byte 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0 +.byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc +.byte 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15 +.byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a +.byte 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75 +.byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0 +.byte 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84 +.byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b +.byte 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf +.byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85 +.byte 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8 +.byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5 +.byte 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2 +.byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17 +.byte 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73 +.byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88 +.byte 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb +.byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c +.byte 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79 +.byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9 +.byte 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08 +.byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6 +.byte 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a +.byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e +.byte 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e +.byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94 +.byte 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf +.byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68 +.byte 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 + + +/* + * param ctx: r24:r25 + * + */ +X_SAVE0 = 4 +X_SAVE1 = 5 +Y_SAVE0 = 6 +Y_SAVE1 = 7 +MDS0 = 8 +MDS1 = 9 +MDS2 = 10 +MDS3 = 11 +MDS4 = 12 +MDS5 = 13 +MDS6 = 14 +MDS7 = 15 +IDX1 = 18 +IDX2 = 19 +TMP = 21 +.global twister_blank_round +twister_blank_round: + push_range 4, 17 + push r28 + push r29 + stack_alloc_large 64, r28, r29 + + movw r30, r24 + adiw r30, 63 + adiw r30, 1+8 /* Z points behind counter */ + movw r26, r24 + adiw r26, 1 + ldi r22, 8 +1: /* "add" counter */ + ld r16, -Z + ld r21, X + eor r21, r16 + st X, r21 + adiw r26, 8 + dec r22 + brne 1b + + /* decrement counter */ + subi r16, 1 + st Z+, r16 + ldi r17, 7 +1: + ld r16, Z + sbci r16, 0 + st Z+, r16 + dec r17 + brne 1b + + movw r26, r24 + adiw r28, 1 /* Y points to stack memory */ + movw Y_SAVE0, r28 + ldi r20, lo8(twister_sbox) + ldi r21, hi8(twister_sbox) + ldi r19, 64 + +1: /* sbox substitution */ + ld r0, X+ + movw r30, r20 + add r30, r0 + adc r31, r1 + lpm r0, Z + st Y+, r0 + dec r19 + brne 1b + + /* load MDS-Table to MDS0:MDS7 */ +/* + ldi r18, 1 + mov MDS1, r18 + mov MDS6, r18 + mov MDS7, r18 + ldi r18, 2 + mov MDS0, r18 + ldi r18, 5 + mov MDS5, r18 + ldi r18, 6 + mov MDS2, r18 + ldi r18, 7 + mov MDS4, r18 + ldi r18, 8 + mov MDS3, r18 +*/ + ldi r18, 1 + mov MDS1, r18 + mov MDS2, r18 + mov MDS7, r18 + ldi r18, 2 + mov MDS0, r18 + ldi r18, 5 + mov MDS3, r18 + ldi r18, 6 + mov MDS6, r18 + ldi r18, 7 + mov MDS4, r18 + ldi r18, 8 + mov MDS5, r18 +; sbiw r28, 63 +; sbiw r28, 1 /* Y points again at tmp buffer */ +; movw Y_SAVE0, r28 +; sbiw r26, 63 +; sbiw r26, 1 /* X points again at state buffer */ + movw X_SAVE0, r24 + + ldi r20, 0x4D /* reducer for gf256mul*/ + ldi r16, 0 + +; rjmp 9f +1: + mov IDX1, r16 + movw r26, X_SAVE0 + add r26, r16 + adc r27, r1 + ldi r17, 0 +2: + mov IDX2, r17 + + mov r24, MDS0 + movw r28, Y_SAVE0 + add r28, IDX1 + adc r29, r1 + ld r22, Y + rcall gf256mul + mov r0, r24 + + mov r24, MDS1 + movw r28, Y_SAVE0 + adiw r28, 8 + inc IDX1 + andi IDX1, 0x07 + add r28, IDX1 + adc r29, r1 + ld r22, Y + rcall gf256mul + eor r0, r24 + + mov r24, MDS2 + movw r28, Y_SAVE0 + adiw r28, 8*2 + inc IDX1 + andi IDX1, 0x07 + add r28, IDX1 + adc r29, r1 + ld r22, Y + rcall gf256mul + eor r0, r24 + + mov r24, MDS3 + movw r28, Y_SAVE0 + adiw r28, 8*3 + inc IDX1 + andi IDX1, 0x07 + add r28, IDX1 + adc r29, r1 + ld r22, Y + rcall gf256mul + eor r0, r24 + + mov r24, MDS4 + movw r28, Y_SAVE0 + adiw r28, 8*4 + inc IDX1 + andi IDX1, 0x07 + add r28, IDX1 + adc r29, r1 + ld r22, Y + rcall gf256mul + eor r0, r24 + + mov r24, MDS5 + movw r28, Y_SAVE0 + adiw r28, 8*5 + inc IDX1 + andi IDX1, 0x07 + add r28, IDX1 + adc r29, r1 + ld r22, Y + rcall gf256mul + eor r0, r24 + + mov r24, MDS6 + movw r28, Y_SAVE0 + adiw r28, 8*6 + inc IDX1 + andi IDX1, 0x07 + add r28, IDX1 + adc r29, r1 + ld r22, Y + rcall gf256mul + eor r0, r24 + + mov r24, MDS7 + movw r28, Y_SAVE0 + adiw r28, 8*7 + inc IDX1 + andi IDX1, 0x07 + add r28, IDX1 + adc r29, r1 + ld r22, Y + rcall gf256mul + eor r0, r24 + + st X, r0 + adiw r26, 8 +/* + mov r0, MDS0 + mov MDS0, MDS1 + mov MDS1, MDS2 + mov MDS2, MDS3 + mov MDS3, MDS4 + mov MDS4, MDS5 + mov MDS5, MDS6 + mov MDS6, MDS7 + mov MDS7, r0 +*/ + mov r0, MDS7 + mov MDS7, MDS6 + mov MDS6, MDS5 + mov MDS5, MDS4 + mov MDS4, MDS3 + mov MDS3, MDS2 + mov MDS2, MDS1 + mov MDS1, MDS0 + mov MDS0, r0 + + cpi r17, 7 + breq 8f + inc r17 + rjmp 2b +8: + + mov r0, MDS7 + mov MDS7, MDS6 + mov MDS6, MDS5 + mov MDS5, MDS4 + mov MDS4, MDS3 + mov MDS3, MDS2 + mov MDS2, MDS1 + mov MDS1, MDS0 + mov MDS0, r0 + + cpi r16, 7 + breq 9f + inc r16 + rjmp 1b +9: + stack_free_large 64 + pop r29 + pop r28 + pop_range 4, 17 + ret + + +A = 23 +B = 22 +P = 24 + +gf256mul: + mov A, r24 + clr P +1: + lsr A + breq 4f + brcc 2f + eor P, B +2: + lsl B + brcc 3f + eor B, r20 +3: + rjmp 1b +4: + brcc 2f + eor P, B +2: + ret + + + + + + + + diff --git a/twister-large-asm.S b/twister/twister-large-asm.S similarity index 100% rename from twister-large-asm.S rename to twister/twister-large-asm.S diff --git a/twister-large.c b/twister/twister-large.c similarity index 100% rename from twister-large.c rename to twister/twister-large.c diff --git a/twister-large.h b/twister/twister-large.h similarity index 100% rename from twister-large.h rename to twister/twister-large.h diff --git a/twister-sha3api.c b/twister/twister-sha3api.c similarity index 100% rename from twister-sha3api.c rename to twister/twister-sha3api.c diff --git a/twister-sha3api.h b/twister/twister-sha3api.h similarity index 100% rename from twister-sha3api.h rename to twister/twister-sha3api.h diff --git a/twister-small-asm.S b/twister/twister-small-asm.S similarity index 100% rename from twister-small-asm.S rename to twister/twister-small-asm.S diff --git a/twister-small-stub.c b/twister/twister-small-stub.c similarity index 100% rename from twister-small-stub.c rename to twister/twister-small-stub.c diff --git a/twister-small.c b/twister/twister-small.c similarity index 100% rename from twister-small.c rename to twister/twister-small.c diff --git a/twister-small.h b/twister/twister-small.h similarity index 100% rename from twister-small.h rename to twister/twister-small.h diff --git a/twister/twister-speed.log b/twister/twister-speed.log new file mode 100644 index 0000000..e5377dc --- /dev/null +++ b/twister/twister-speed.log @@ -0,0 +1,40 @@ + === Twister-224 performance === + type: hashfunction + hashsize (bits): 224 + ctxsize (bytes): 80 + blocksize (bits): 512 + init (cycles): 480 + nextBlock (cycles): 36528 + lastBlock (cycles): 8071 + ctx2hash (cycles): 19377 + + === Twister-256 performance === + type: hashfunction + hashsize (bits): 256 + ctxsize (bytes): 80 + blocksize (bits): 512 + init (cycles): 425 + nextBlock (cycles): 36535 + lastBlock (cycles): 8064 + ctx2hash (cycles): 19438 + + === Twister-384 performance === + type: hashfunction + hashsize (bits): 384 + ctxsize (bytes): 144 + blocksize (bits): 512 + init (cycles): 745 + nextBlock (cycles): 55707 + lastBlock (cycles): 42573 + ctx2hash (cycles): 27212 + + === Twister-512 performance === + type: hashfunction + hashsize (bits): 512 + ctxsize (bytes): 144 + blocksize (bits): 512 + init (cycles): 743 + nextBlock (cycles): 55707 + lastBlock (cycles): 42573 + ctx2hash (cycles): 35203 + diff --git a/twister.c b/twister/twister.c similarity index 100% rename from twister.c rename to twister/twister.c diff --git a/twister.h b/twister/twister.h similarity index 100% rename from twister.h rename to twister/twister.h diff --git a/twister224.S b/twister/twister224.S similarity index 100% rename from twister224.S rename to twister/twister224.S diff --git a/twister256.S b/twister/twister256.S similarity index 100% rename from twister256.S rename to twister/twister256.S diff --git a/twister384.S b/twister/twister384.S similarity index 100% rename from twister384.S rename to twister/twister384.S diff --git a/twister512.S b/twister/twister512.S similarity index 100% rename from twister512.S rename to twister/twister512.S diff --git a/twister_ref.h b/twister/twister_ref.h similarity index 100% rename from twister_ref.h rename to twister/twister_ref.h diff --git a/twister_tables.h b/twister/twister_tables.h similarity index 100% rename from twister_tables.h rename to twister/twister_tables.h -- 2.39.5