صفحهٔ اصلی گشت‌و‌گذار راهنما
ثبت نام ورود
Avans-TI
/
2.3-InternetRadio
2
0
انشعاب 0
پرونده‌ها مشکلات 0 درخواست واکشی 0 ویکی
درخت: b12fac4b8e
شاخه‌ها تگ‌ها
2.3-InternetRad...
/
nutos
/
nut
/
contrib
/
arm-crypto-lib
/
groestl
/
groestl_small.c

groestl_small.c 6.3 KB
تاريخچه خام

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260 
  1. /* groestl_small.c */
    2. 

  2. /*
    3. 

  3.     This file is part of the ARM-Crypto-Lib.
    4. 

  4.     Copyright (C) 2006-2010  Daniel Otte (daniel.otte@rub.de)
    5. 

  5. 

  6.     This program is free software: you can redistribute it and/or modify
    7. 

  7.     it under the terms of the GNU General Public License as published by
    8. 

  8.     the Free Software Foundation, either version 3 of the License, or
    9. 

  9.     (at your option) any later version.
    10. 

  10. 

  11.     This program is distributed in the hope that it will be useful,
    12. 

  12.     but WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13.     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14. 

  14.     GNU General Public License for more details.
    15. 

  15. 

  16.     You should have received a copy of the GNU General Public License
    17. 

  17.     along with this program.  If not, see <http://www.gnu.org/licenses/>.
    18. 

  18. */
    19. 

  19. /*
    20. 

  20.  * \file    groestl_small.c
    21. 

  21.  * \author  Daniel Otte
    22. 

  22.  * \email   daniel.otte@rub.de
    23. 

  23.  * \date    2009-05-19
    24. 

  24.  * \license GPLv3 or later
    25. 

  25.  *
    26. 

  26.  */
    27. 

  27. 

  28. #include <crypto/groestl_small.h>
    29. 

  29. #include <crypto/aes_sbox.h>
    30. 

  30. #include <crypto/gf256mul.h>
    31. 

  31. #include <crypto/memxor.h>
    32. 

  32. #include <stdint.h>
    33. 

  33. #include <string.h>
    34. 

  34. 

  35. #define ROUNDS 10
    36. 

  36. #define POLYNOM 0x1b
    37. 

  37. 

  38. #define DEBUG 0
    39. 

  39. 

  40. #if DEBUG
    41. 

  41.  #include <crypto/cli.h>
    42. 

  42.  void dump_m(const uint8_t* m){
    43. 

  43. 	 uint8_t i,j;
    44. 

  44. 	 for(i=0; i<8; ++i){
    45. 

  45. 		cli_putstr("\r\n");
    46. 

  46. 		for(j=0; j<8; ++j){
    47. 

  47. 			cli_putc(' ');
    48. 

  48. 			cli_hexdump(m+8*i+j, 1);
    49. 

  49. 		}
    50. 

  50. 	 }
    51. 

  51.  }
    52. 

  52. #else
    53. 

  53.  #define dump_m(m)
    54. 

  54. #endif
    55. 

  55. 

  56. static const uint8_t matrix[] = {
    57. 

  57.  2, 2, 3, 4, 5, 3, 5, 7,
    58. 

  58.  7, 2, 2, 3, 4, 5, 3, 5,
    59. 

  59.  5, 7, 2, 2, 3, 4, 5, 3,
    60. 

  60.  3, 5, 7, 2, 2, 3, 4, 5,
    61. 

  61.  5, 3, 5, 7, 2, 2, 3, 4,
    62. 

  62.  4, 5, 3, 5, 7, 2, 2, 3,
    63. 

  63.  3, 4, 5, 3, 5, 7, 2, 2,
    64. 

  64.  2, 3, 4, 5, 3, 5, 7, 2
    65. 

  65. };
    66. 

  66. 

  67. static
    68. 

  68. void shift_columns(uint8_t* a, const uint8_t *shifts){
    69. 

  69. 	uint8_t tmp[8];
    70. 

  70. 	uint8_t i,j,s;
    71. 

  71. 	for(i=0; i<8; ++i){
    72. 

  72. 		s = *shifts++;
    73. 

  73. 		if(s==0){
    74. 

  74. 			continue;
    75. 

  75. 		}
    76. 

  76. 		for(j=0;j<8;++j){
    77. 

  77. 			tmp[j] = a[i+j*8];
    78. 

  78. 		}
    79. 

  79. 		for(j=0;j<8;++j){
    80. 

  80. 			a[i+((j-s+8)%8)*8] = tmp[j];
    81. 

  81. 		}
    82. 

  82. 	}
    83. 

  83. }
    84. 

  84. 

  85. static const uint8_t p_shifts[8] = { 0, 1, 2, 3, 4, 5, 6, 7 };
    86. 

  86. static const uint8_t q_shifts[8] = { 1, 3, 5, 7, 0, 2, 4, 6 };
    87. 

  87. 

  88. static
    89. 

  89. void groestl_small_rounds(uint8_t *m, uint8_t q){
    90. 

  90. 	uint8_t r,i,j;
    91. 

  91. 	uint8_t tmp[8];
    92. 

  92. 	for(r=0; r<ROUNDS; ++r){
    93. 

  93. 		if(q){
    94. 

  94. 			for(i=0; i<64/4; ++i){
    95. 

  95. 				((uint32_t*)m)[i] ^= 0xffffffff;
    96. 

  96. 			}
    97. 

  97. 			for(i=0;i<8; ++i){
    98. 

  98. 				m[7+i*8] ^= r ^ (i<<4);
    99. 

  99. 			}
    100. 

  100. 		}else{
    101. 

  101. 			for(i=0;i<8; ++i){
    102. 

  102. 				m[i*8] ^= r ^ (i<<4);
    103. 

  103. 			}
    104. 

  104. 		}
    105. 

  105. #if DEBUG
    106. 

  106. 		if(r<2){
    107. 

  107. 			cli_putstr("\r\npost add-const");
    108. 

  108. 			dump_m(m);
    109. 

  109. 		}
    110. 

  110. #endif
    111. 

  111. 		for(i=0;i<8*8; ++i){
    112. 

  112. 			m[i] = aes_sbox[m[i]];
    113. 

  113. 		}
    114. 

  114. 		if(q){
    115. 

  115. 			shift_columns(m, q_shifts);
    116. 

  116. 		}else{
    117. 

  117. 			shift_columns(m, p_shifts);
    118. 

  118. 		}
    119. 

  119. #if DEBUG
    120. 

  120. 		if(r<2){
    121. 

  121. 			cli_putstr("\r\npost shift-bytes");
    122. 

  122. 			dump_m(m);
    123. 

  123. 		}
    124. 

  124. #endif
    125. 

  125. 		for(i=0; i<8; ++i){
    126. 

  126. 			memcpy(tmp, m+8*i, 8);
    127. 

  127. 			for(j=0; j<8; ++j){
    128. 

  128. 				m[j+i*8] = gf256mul(matrix[8*j+0],tmp[0], POLYNOM)
    129. 

  129. 				         ^ gf256mul(matrix[8*j+1],tmp[1], POLYNOM)
    130. 

  130. 				         ^ gf256mul(matrix[8*j+2],tmp[2], POLYNOM)
    131. 

  131. 				         ^ gf256mul(matrix[8*j+3],tmp[3], POLYNOM)
    132. 

  132. 				         ^ gf256mul(matrix[8*j+4],tmp[4], POLYNOM)
    133. 

  133. 				         ^ gf256mul(matrix[8*j+5],tmp[5], POLYNOM)
    134. 

  134. 				         ^ gf256mul(matrix[8*j+6],tmp[6], POLYNOM)
    135. 

  135. 				         ^ gf256mul(matrix[8*j+7],tmp[7], POLYNOM);
    136. 

  136. 			}
    137. 

  137. 		}
    138. 

  138. #if DEBUG
    139. 

  139. 		if(r<2){
    140. 

  140. 			cli_putstr("\r\npost mix-bytes");
    141. 

  141. 			dump_m(m);
    142. 

  142. 		}
    143. 

  143. #endif
    144. 

  144. 	}
    145. 

  145. }
    146. 

  146. 

  147. void groestl224_init(groestl224_ctx_t* ctx){
    148. 

  148. 	memset(ctx->h, 0, 8*8);
    149. 

  149. 	ctx->h[8*8-1] = 224;
    150. 

  150. 	ctx->counter = 1;
    151. 

  151. }
    152. 

  152. 

  153. void groestl256_init(groestl256_ctx_t* ctx){
    154. 

  154. 	memset(ctx->h, 0, 8*8);
    155. 

  155. 	ctx->h[8*8-2] = 1;
    156. 

  156. 	ctx->counter = 1;
    157. 

  157. }
    158. 

  158. 

  159. void groestl_small_nextBlock(groestl_small_ctx_t* ctx, const void* block){
    160. 

  160. 	uint8_t tmp1[64], tmp2[64];
    161. 

  161. /*	for(i=0; i<8; ++i){
    162. 

  162. 		for(j=0; j<8; ++j){
    163. 

  163. 			tmp1[j*8+i] = ((uint8_t*)block)[i*8+j];
    164. 

  164. 		}
    165. 

  165. 	}
    166. 

  166. */
    167. 

  167. 	memcpy(tmp1, block, 64);
    168. 

  168. 	memcpy(tmp2, tmp1, 64);
    169. 

  169. 	memxor(tmp1, ctx->h, 64);
    170. 

  170. 	groestl_small_rounds(tmp1, 0);
    171. 

  171. 	groestl_small_rounds(tmp2, 1);
    172. 

  172. 	memxor(ctx->h, tmp1, 64);
    173. 

  173. 	memxor(ctx->h, tmp2, 64);
    174. 

  174. 	ctx->counter++;
    175. 

  175. }
    176. 

  176. 

  177. void groestl_small_lastBlock(groestl_small_ctx_t* ctx, const void* block, uint16_t length_b){
    178. 

  178. 	uint8_t buffer[64];
    179. 

  179. 	while(length_b>=GROESTL_SMALL_BLOCKSIZE){
    180. 

  180. 		groestl_small_nextBlock(ctx, block);
    181. 

  181. 		length_b -= GROESTL_SMALL_BLOCKSIZE;
    182. 

  182. 		block = (uint8_t*)block + GROESTL_SMALL_BLOCKSIZE_B;
    183. 

  183. 	}
    184. 

  184. 	memset(buffer, 0, 64);
    185. 

  185. 	memcpy(buffer, block, (length_b+7)/8);
    186. 

  186. 	buffer[length_b/8] |= 0x80>>(length_b&0x7);
    187. 

  187. 	if(length_b>512-65){
    188. 

  188. 		groestl_small_nextBlock(ctx, buffer);
    189. 

  189. 		memset(buffer, 0, 64-4);
    190. 

  190. 	}
    191. 

  191. //	ctx->counter++;
    192. 

  192. 	buffer[64-1]  = (uint8_t)(ctx->counter);
    193. 

  193. 	buffer[64-2]  = (uint8_t)((ctx->counter)>>8);
    194. 

  194. 	buffer[64-3]  = (uint8_t)((ctx->counter)>>16);
    195. 

  195. 	buffer[64-4]  = (uint8_t)((ctx->counter)>>24);
    196. 

  196. 	groestl_small_nextBlock(ctx, buffer);
    197. 

  197. }
    198. 

  198. 

  199. void groestl_small_ctx2hash(void* dest, const groestl_small_ctx_t* ctx, uint16_t outlength_b){
    200. 

  200. 	uint8_t tmp[64];
    201. 

  201. 	memcpy(tmp, ctx->h, 64);
    202. 

  202. 	groestl_small_rounds(tmp, 0);
    203. 

  203. 	memxor(tmp, ctx->h, 64);
    204. 

  204. #if DEBUG
    205. 

  205. 	cli_putstr("\r\npost finalisation");
    206. 

  206. 	dump_m(tmp);
    207. 

  207. #endif
    208. 

  208. 	memcpy(dest, tmp+64-outlength_b/8, outlength_b/8);
    209. 

  209. }
    210. 

  210. 

  211. void groestl224_ctx2hash(void* dest, const groestl224_ctx_t* ctx){
    212. 

  212. 	groestl_small_ctx2hash(dest, ctx, 224);
    213. 

  213. }
    214. 

  214. 

  215. void groestl256_ctx2hash(void* dest, const groestl256_ctx_t* ctx){
    216. 

  216. 	groestl_small_ctx2hash(dest, ctx, 256);
    217. 

  217. }
    218. 

  218. 

  219. void groestl224_nextBlock(groestl224_ctx_t* ctx, const void* block){
    220. 

  220. 	groestl_small_nextBlock(ctx, block);
    221. 

  221. }
    222. 

  222. 

  223. void groestl256_nextBlock(groestl256_ctx_t* ctx, const void* block){
    224. 

  224. 	groestl_small_nextBlock(ctx, block);
    225. 

  225. }
    226. 

  226. 

  227. void groestl224_lastBlock(groestl224_ctx_t* ctx, const void* block, uint16_t length_b){
    228. 

  228. 	groestl_small_lastBlock(ctx, block, length_b);
    229. 

  229. }
    230. 

  230. 

  231. void groestl256_lastBlock(groestl256_ctx_t* ctx, const void* block, uint16_t length_b){
    232. 

  232. 	groestl_small_lastBlock(ctx, block, length_b);
    233. 

  233. }
    234. 

  234. 

  235. void groestl224(void* dest, const void* msg, uint32_t length_b){
    236. 

  236. 	groestl_small_ctx_t ctx;
    237. 

  237. 	groestl224_init(&ctx);
    238. 

  238. 	while(length_b>=GROESTL_SMALL_BLOCKSIZE){
    239. 

  239. 		groestl_small_nextBlock(&ctx, msg);
    240. 

  240. 		length_b -= GROESTL_SMALL_BLOCKSIZE;
    241. 

  241. 		msg = (uint8_t*)msg + GROESTL_SMALL_BLOCKSIZE_B;
    242. 

  242. 	}
    243. 

  243. 	groestl_small_lastBlock(&ctx, msg, length_b);
    244. 

  244. 	groestl_small_ctx2hash(dest, &ctx, 224);
    245. 

  245. }
    246. 

  246. 

  247. void groestl256(void* dest, const void* msg, uint32_t length_b){
    248. 

  248. 	groestl_small_ctx_t ctx;
    249. 

  249. 	groestl256_init(&ctx);
    250. 

  250. 	while(length_b>=GROESTL_SMALL_BLOCKSIZE){
    251. 

  251. 		groestl_small_nextBlock(&ctx, msg);
    252. 

  252. 		length_b -= GROESTL_SMALL_BLOCKSIZE;
    253. 

  253. 		msg = (uint8_t*)msg + GROESTL_SMALL_BLOCKSIZE_B;
    254. 

  254. 	}
    255. 

  255. 	groestl_small_lastBlock(&ctx, msg, length_b);
    256. 

  256. 	groestl_small_ctx2hash(dest, &ctx, 256);
    257. 

  257. }
    258. 

  258. 

  259. 

  260.