Startseite Erkunden Hilfe
Registrieren Anmelden
Avans-TI
/
2.3-InternetRadio
2
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Struktur: b12fac4b8e
Branches Tags
2.3-InternetRad...
/
nutos
/
nut
/
contrib
/
arm-crypto-lib
/
blake
/
blake_small.c

blake_small.c 6.4 KB
Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266 
  1. /* blake_small.c */
    2. 

  2. /*
    3. 

  3.     This file is part of the ARM-Crypto-Lib.
    4. 

  4.     Copyright (C) 2006-2010  Daniel Otte (daniel.otte@rub.de)
    5. 

  5. 

  6.     This program is free software: you can redistribute it and/or modify
    7. 

  7.     it under the terms of the GNU General Public License as published by
    8. 

  8.     the Free Software Foundation, either version 3 of the License, or
    9. 

  9.     (at your option) any later version.
    10. 

  10. 

  11.     This program is distributed in the hope that it will be useful,
    12. 

  12.     but WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13.     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14. 

  14.     GNU General Public License for more details.
    15. 

  15. 

  16.     You should have received a copy of the GNU General Public License
    17. 

  17.     along with this program.  If not, see <http://www.gnu.org/licenses/>.
    18. 

  18. */
    19. 

  19. /*
    20. 

  20.  * \file    blake_small.c
    21. 

  21.  * \author  Daniel Otte
    22. 

  22.  * \email   daniel.otte@rub.de
    23. 

  23.  * \date    2009-05-04
    24. 

  24.  * \license GPLv3 or later
    25. 

  25.  *
    26. 

  26.  */
    27. 

  27. 

  28. #include <stdint.h>
    29. 

  29. #include <string.h>
    30. 

  30. #include <crypto/memxor.h>
    31. 

  31. #include <crypto/blake_small.h>
    32. 

  32. #include <crypto/blake_common.h>
    33. 

  33. 

  34. static const
    35. 

  35. uint32_t blake_c[] = {
    36. 

  36.    0x243F6A88, 0x85A308D3,
    37. 

  37.    0x13198A2E, 0x03707344,
    38. 

  38.    0xA4093822, 0x299F31D0,
    39. 

  39.    0x082EFA98, 0xEC4E6C89,
    40. 

  40.    0x452821E6, 0x38D01377,
    41. 

  41.    0xBE5466CF, 0x34E90C6C,
    42. 

  42.    0xC0AC29B7, 0xC97C50DD,
    43. 

  43.    0x3F84D5B5, 0xB5470917
    44. 

  44. };
    45. 

  45. 

  46. #define ROTL32(a, n) (((a)<<(n))|((a)>>(32-(n))))
    47. 

  47. #define ROTR32(a, n) (((a)>>(n))|((a)<<(32-(n))))
    48. 

  48. #define CHANGE_ENDIAN32(a) (((a)<<24)| \
    49. 

  49.                             ((0x0000ff00&(a))<<8)| \
    50. 

  50. 						    ((0x00ff0000&(a))>>8)| \
    51. 

  51. 						    (a)>>24 )
    52. 

  52. static
    53. 

  53. void blake_small_expand(uint32_t* v, const blake_small_ctx_t* ctx){
    54. 

  54. 	uint8_t i;
    55. 

  55. 	memcpy(v, ctx->h, 8*4);
    56. 

  56. 	for(i=0; i<8; ++i){
    57. 

  57. 		v[8+i] = blake_c[i];
    58. 

  58. 	}
    59. 

  59. 	memxor((uint8_t*)v+8, ctx->s, 4*4);
    60. 

  60. 

  61. }
    62. 

  62. 

  63. static
    64. 

  64. void blake_small_changeendian(void* dest, const void* src){
    65. 

  65. 	uint8_t i;
    66. 

  66. 	for(i=0; i<16; ++i){
    67. 

  67. 		((uint32_t*)dest)[i] = CHANGE_ENDIAN32(((uint32_t*)src)[i]);
    68. 

  68. 	}
    69. 

  69. }
    70. 

  70. 

  71. #define A (v[idx.v8[0]])
    72. 

  72. #define B (v[idx.v8[1]])
    73. 

  73. #define C (v[idx.v8[2]])
    74. 

  74. #define D (v[idx.v8[3]])
    75. 

  75. 

  76. static
    77. 

  77. void blake_small_compress(uint32_t* v,const void* m){
    78. 

  78. 	uint8_t r,i;
    79. 

  79. 	uint16_t s, *p=(uint16_t*)blake_sigma;
    80. 

  80. 	union {
    81. 

  81. 		uint32_t v32;
    82. 

  82. 		uint8_t v8[4];
    83. 

  83. 	} idx;
    84. 

  84. 	for(r=0; r<14; ++r){
    85. 

  85. 		for(i=0; i<8; ++i){
    86. 

  86. 			idx.v32 = ((uint32_t*)blake_index_lut)[i];
    87. 

  87. 			s = *p++;
    88. 

  88. 			if(p==(uint16_t*)(blake_sigma+160)){
    89. 

  89. 				p=(uint16_t*)blake_sigma;
    90. 

  90. 			}
    91. 

  91. 			A += B + (((uint32_t*)m)[s&0xff] ^ blake_c[s>>8]);
    92. 

  92. 			D  = ROTR32(A^D, 16);
    93. 

  93. 			C += D;
    94. 

  94. 			B  = ROTR32(B^C, 12);
    95. 

  95. 			A += B + (((uint32_t*)m)[s>>8] ^ blake_c[s&0xff]);
    96. 

  96. 			D  = ROTR32(A^D, 8);
    97. 

  97. 			C += D;
    98. 

  98. 			B  = ROTR32(B^C, 7);
    99. 

  99. 		}
    100. 

  100. 	}
    101. 

  101. }
    102. 

  102. 

  103. static
    104. 

  104. void blake_small_collapse(blake_small_ctx_t* ctx, uint32_t* v){
    105. 

  105. 	uint8_t i;
    106. 

  106. 	for(i=0; i<8; ++i){
    107. 

  107. 		ctx->h[i] ^= ctx->s[i%4] ^ v[i] ^ v[8+i];
    108. 

  108. 	}
    109. 

  109. }
    110. 

  110. 

  111. void blake_small_nextBlock(blake_small_ctx_t* ctx, const void* msg){
    112. 

  112. 	uint32_t v[16];
    113. 

  113. 	uint32_t m[16];
    114. 

  114. 	union {
    115. 

  115. 		uint64_t v64;
    116. 

  116. 		uint32_t v32[2];
    117. 

  117. 	}ctr;
    118. 

  118. 	blake_small_expand(v,ctx);
    119. 

  119. 	ctx->counter++;
    120. 

  120. 	ctr.v64 = ctx->counter*512;
    121. 

  121. 	v[12] ^= ctr.v32[0];
    122. 

  122. 	v[13] ^= ctr.v32[0];
    123. 

  123. 	v[14] ^= ctr.v32[1];
    124. 

  124. 	v[15] ^= ctr.v32[1];
    125. 

  125. 	blake_small_changeendian(m, msg);
    126. 

  126. 	blake_small_compress(v, m);
    127. 

  127. 	blake_small_collapse(ctx, v);
    128. 

  128. }
    129. 

  129. 

  130. void blake_small_lastBlock(blake_small_ctx_t* ctx, const void* msg, uint16_t length_b){
    131. 

  131. 	while(length_b>=BLAKE_SMALL_BLOCKSIZE){
    132. 

  132. 		blake_small_nextBlock(ctx, msg);
    133. 

  133. 		msg = (uint8_t*)msg + BLAKE_SMALL_BLOCKSIZE_B;
    134. 

  134. 		length_b -= BLAKE_SMALL_BLOCKSIZE;
    135. 

  135. 	}
    136. 

  136. 	union {
    137. 

  137. 		uint8_t   v8[64];
    138. 

  138. 		uint32_t v32[16];
    139. 

  139. 		uint64_t v64[ 8];
    140. 

  140. 	} buffer;
    141. 

  141. 	uint32_t v[16];
    142. 

  142. 	union {
    143. 

  143. 		uint64_t v64;
    144. 

  144. 		uint32_t v32[2];
    145. 

  145. 	}ctr;
    146. 

  146. 	ctr.v64 = ctx->counter*512+length_b;
    147. 

  147. 	memset(buffer.v8, 0, 64);
    148. 

  148. 	memcpy(buffer.v8, msg, (length_b+7)/8);
    149. 

  149. 	buffer.v8[length_b/8] |= 0x80 >> (length_b&0x7);
    150. 

  150. 	blake_small_changeendian(buffer.v8, buffer.v8);
    151. 

  151. 	blake_small_expand(v, ctx);
    152. 

  152. 	if(length_b>512-64-2){
    153. 

  153. 		v[12] ^= ctr.v32[0];
    154. 

  154. 		v[13] ^= ctr.v32[0];
    155. 

  155. 		v[14] ^= ctr.v32[1];
    156. 

  156. 		v[15] ^= ctr.v32[1];
    157. 

  157. 		blake_small_compress(v, buffer.v8);
    158. 

  158. 		blake_small_collapse(ctx, v);
    159. 

  159. 		memset(buffer.v8, 0, 64-8);
    160. 

  160. 		blake_small_expand(v, ctx);
    161. 

  161. 	}else{
    162. 

  162. 		if(length_b){
    163. 

  163. 			v[12] ^= ctr.v32[0];
    164. 

  164. 			v[13] ^= ctr.v32[0];
    165. 

  165. 			v[14] ^= ctr.v32[1];
    166. 

  166. 			v[15] ^= ctr.v32[1];
    167. 

  167. 		}
    168. 

  168. 	}
    169. 

  169. 	if(ctx->appendone)
    170. 

  170. 		buffer.v8[64-8-4] |= 0x01;
    171. 

  171. 	buffer.v32[14] = ctr.v32[1];
    172. 

  172. 	buffer.v32[15] = ctr.v32[0];
    173. 

  173. 	blake_small_compress(v, buffer.v8);
    174. 

  174. 	blake_small_collapse(ctx, v);
    175. 

  175. 

  176. }
    177. 

  177. 

  178. static const
    179. 

  179. uint32_t blake256_iv[] = {
    180. 

  180. 	0x6A09E667L, 0xBB67AE85,
    181. 

  181. 	0x3C6EF372L, 0xA54FF53A,
    182. 

  182. 	0x510E527FL, 0x9B05688C,
    183. 

  183. 	0x1F83D9ABL, 0x5BE0CD19
    184. 

  184. };
    185. 

  185. 

  186. void blake256_init(blake256_ctx_t* ctx){
    187. 

  187. 	uint8_t i;
    188. 

  188. 	for(i=0; i<8; ++i){
    189. 

  189. 		ctx->h[i] = blake256_iv[i];
    190. 

  190. 	}
    191. 

  191. 	memset(ctx->s, 0, 4*4);
    192. 

  192. 	ctx->counter = 0;
    193. 

  193. 	ctx->appendone = 1;
    194. 

  194. }
    195. 

  195. 

  196. static const
    197. 

  197. uint32_t blake224_iv[] = {
    198. 

  198. 	0xC1059ED8, 0x367CD507,
    199. 

  199. 	0x3070DD17, 0xF70E5939,
    200. 

  200. 	0xFFC00B31, 0x68581511,
    201. 

  201. 	0x64F98FA7, 0xBEFA4FA4
    202. 

  202. };
    203. 

  203. 

  204. void blake224_init(blake224_ctx_t* ctx){
    205. 

  205. 	uint8_t i;
    206. 

  206. 	for(i=0; i<8; ++i){
    207. 

  207. 		ctx->h[i] = blake224_iv[i];
    208. 

  208. 	}
    209. 

  209. 	memset(ctx->s, 0, 4*4);
    210. 

  210. 	ctx->counter = 0;
    211. 

  211. 	ctx->appendone = 0;
    212. 

  212. }
    213. 

  213. 

  214. void blake256_ctx2hash(void* dest, const blake256_ctx_t* ctx){
    215. 

  215. 	uint8_t i;
    216. 

  216. 	for(i=0; i<8; ++i){
    217. 

  217. 		((uint32_t*)dest)[i] = CHANGE_ENDIAN32(ctx->h[i]);
    218. 

  218. 	}
    219. 

  219. }
    220. 

  220. 

  221. void blake224_ctx2hash(void* dest, const blake224_ctx_t* ctx){
    222. 

  222. 	uint8_t i;
    223. 

  223. 	for(i=0; i<7; ++i){
    224. 

  224. 		((uint32_t*)dest)[i] = CHANGE_ENDIAN32(ctx->h[i]);
    225. 

  225. 	}
    226. 

  226. }
    227. 

  227. 

  228. void blake256_nextBlock(blake256_ctx_t* ctx, const void* block){
    229. 

  229. 	blake_small_nextBlock(ctx, block);
    230. 

  230. }
    231. 

  231. 

  232. void blake224_nextBlock(blake224_ctx_t* ctx, const void* block){
    233. 

  233. 	blake_small_nextBlock(ctx, block);
    234. 

  234. }
    235. 

  235. 

  236. void blake256_lastBlock(blake256_ctx_t* ctx, const void* block, uint16_t length_b){
    237. 

  237. 	blake_small_lastBlock(ctx, block, length_b);
    238. 

  238. }
    239. 

  239. 

  240. void blake224_lastBlock(blake224_ctx_t* ctx, const void* block, uint16_t length_b){
    241. 

  241. 	blake_small_lastBlock(ctx, block, length_b);
    242. 

  242. }
    243. 

  243. 

  244. void blake256(void* dest, const void* msg, uint32_t length_b){
    245. 

  245. 	blake_small_ctx_t ctx;
    246. 

  246. 	blake256_init(&ctx);
    247. 

  247. 	while(length_b>=BLAKE_SMALL_BLOCKSIZE){
    248. 

  248. 		blake_small_nextBlock(&ctx, msg);
    249. 

  249. 		msg = (uint8_t*)msg + BLAKE_SMALL_BLOCKSIZE_B;
    250. 

  250. 		length_b -= BLAKE_SMALL_BLOCKSIZE;
    251. 

  251. 	}
    252. 

  252. 	blake_small_lastBlock(&ctx, msg, length_b);
    253. 

  253. 	blake256_ctx2hash(dest, &ctx);
    254. 

  254. }
    255. 

  255. 

  256. void blake224(void* dest, const void* msg, uint32_t length_b){
    257. 

  257. 	blake_small_ctx_t ctx;
    258. 

  258. 	blake224_init(&ctx);
    259. 

  259. 	while(length_b>=BLAKE_SMALL_BLOCKSIZE){
    260. 

  260. 		blake_small_nextBlock(&ctx, msg);
    261. 

  261. 		msg = (uint8_t*)msg + BLAKE_SMALL_BLOCKSIZE_B;
    262. 

  262. 		length_b -= BLAKE_SMALL_BLOCKSIZE;
    263. 

  263. 	}
    264. 

  264. 	blake_small_lastBlock(&ctx, msg, length_b);
    265. 

  265. 	blake224_ctx2hash(dest, &ctx);
    266. 

  266. }
    267.