Home Verkennen Help
Registreren Inloggen
Avans-TI
/
2.3-InternetRadio
2
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Boom: b12fac4b8e
Aftakkingen Labels
2.3-InternetRad...
/
nutos
/
nut
/
contrib
/
arm-crypto-lib
/
noekeon
/
noekeon.c

noekeon.c 4.1 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199 
  1. /* noekeon.c */
    2. 

  2. /*
    3. 

  3.     This file is part of the ARM-Crypto-Lib.
    4. 

  4.     Copyright (C) 2006-2010  Daniel Otte (daniel.otte@rub.de)
    5. 

  5. 

  6.     This program is free software: you can redistribute it and/or modify
    7. 

  7.     it under the terms of the GNU General Public License as published by
    8. 

  8.     the Free Software Foundation, either version 3 of the License, or
    9. 

  9.     (at your option) any later version.
    10. 

  10. 

  11.     This program is distributed in the hope that it will be useful,
    12. 

  12.     but WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13.     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14. 

  14.     GNU General Public License for more details.
    15. 

  15. 

  16.     You should have received a copy of the GNU General Public License
    17. 

  17.     along with this program.  If not, see <http://www.gnu.org/licenses/>.
    18. 

  18. */
    19. 

  19. /*
    20. 

  20.  * author: Daniel Otte
    21. 

  21.  * email:  daniel.otte@rub.de
    22. 

  22.  * license: GPLv3 or later
    23. 

  23.  * 
    24. 

  24.  * 
    25. 

  25.  * 
    26. 

  26.  */
    27. 

  27. 

  28. #include <stdint.h>
    29. 

  29. #include <string.h>
    30. 

  30. 

  31. #ifdef __AVR__
    32. 

  32. 	#include <avr/pgmspace.h>
    33. 

  33. #endif
    34. 

  34. #include <crypto/noekeon.h>
    35. 

  35. // #include <crypto/cli.h>
    36. 

  36. 

  37. #define ROUND_NR 16
    38. 

  38. 

  39. #define RC_POS 0
    40. 

  40. 

  41. static
    42. 

  42. void gamma_x(uint32_t* a){
    43. 

  43. 	uint32_t tmp;
    44. 

  44. 	
    45. 

  45. 	a[1] ^= ~((a[3]) | (a[2]));
    46. 

  46. 	a[0] ^=   a[2] & a[1];	
    47. 

  47. 	
    48. 

  48. 	tmp=a[3]; a[3]=a[0]; a[0]=tmp;
    49. 

  49. 	a[2] ^= a[0] ^ a[1] ^ a[3];
    50. 

  50. 	
    51. 

  51. 	a[1] ^= ~((a[3]) | (a[2]));
    52. 

  52. 	a[0] ^=   a[2] & a[1];	
    53. 

  53. }	
    54. 

  54. 

  55. #define ROTL32(a,n) (((a)<<n)|((a)>>(32-n)))
    56. 

  56. #define ROTR32(a,n) (((a)>>n)|((a)<<(32-n)))
    57. 

  57. 

  58. static
    59. 

  59. void pi1(uint32_t* a){
    60. 

  60. 	a[1] = ROTL32(a[1], 1);
    61. 

  61. 	a[2] = ROTL32(a[2], 5);
    62. 

  62. 	a[3] = ROTL32(a[3], 2);
    63. 

  63. }
    64. 

  64. 

  65. static
    66. 

  66. void pi2(uint32_t* a){
    67. 

  67. 	a[1] = ROTR32(a[1], 1);
    68. 

  68. 	a[2] = ROTR32(a[2], 5);
    69. 

  69. 	a[3] = ROTR32(a[3], 2);
    70. 

  70. }
    71. 

  71. 

  72. static
    73. 

  73. void theta(const uint32_t* k, uint32_t* a){
    74. 

  74. 	uint32_t temp;
    75. 

  75. 

  76. 	temp = a[0] ^ a[2]; temp ^= ROTR32(temp, 8) ^ ROTL32(temp, 8);
    77. 

  77. 	a[1] ^= temp;
    78. 

  78. 	a[3] ^= temp;
    79. 

  79. 	
    80. 

  80. 	a[0] ^= k[0];
    81. 

  81. 	a[1] ^= k[1];
    82. 

  82. 	a[2] ^= k[2];
    83. 

  83. 	a[3] ^= k[3];
    84. 

  84. 

  85. 	temp = a[1] ^ a[3]; temp ^= ROTR32(temp, 8) ^ ROTL32(temp, 8);
    86. 

  86. 	a[0] ^= temp;
    87. 

  87. 	a[2] ^= temp;	
    88. 

  88. 

  89. }
    90. 

  90. 

  91. static 
    92. 

  92. void noekeon_round(uint32_t* key, uint32_t* state, uint8_t const1, uint8_t const2){
    93. 

  93. 	((uint8_t*)state)[RC_POS] ^= const1;
    94. 

  94. 	theta(key, state);
    95. 

  95. 	((uint8_t*)state)[RC_POS] ^= const2;
    96. 

  96. 	pi1(state);
    97. 

  97. 	gamma_x(state);
    98. 

  98. 	pi2(state);
    99. 

  99. }
    100. 

  100. 

  101. uint8_t rc_tab[]
    102. 

  102. #ifdef __AVR__
    103. 

  103.  PROGMEM 
    104. 

  104. #endif
    105. 

  105.   = {
    106. 

  106. /*	0x80, */
    107. 

  107. 	      0x1B, 0x36, 0x6C, 0xD8, 0xAB, 0x4D, 0x9A,
    108. 

  108. 	0x2F, 0x5E, 0xBC, 0x63, 0xC6, 0x97, 0x35, 0x6A,
    109. 

  109. 	0xD4
    110. 

  110. };
    111. 

  111. /* for more rounds
    112. 

  112.  0xD4, 0xB3, 0x7D, 0xFA, 0xEF, 0xC5, 0x91, 0x39,
    113. 

  113.  0x72, 0xE4, 0xD3, 0xBD, 0x61, 0xC2, 0x9F, 0x25,
    114. 

  114. */
    115. 

  115. 

  116. static
    117. 

  117. void changendian32(void* a){
    118. 

  118. 	((uint8_t*)a)[0] ^= ((uint8_t*)a)[3];
    119. 

  119. 	((uint8_t*)a)[3] ^= ((uint8_t*)a)[0];
    120. 

  120. 	((uint8_t*)a)[0] ^= ((uint8_t*)a)[3];
    121. 

  121. 	
    122. 

  122. 	((uint8_t*)a)[1] ^= ((uint8_t*)a)[2];
    123. 

  123. 	((uint8_t*)a)[2] ^= ((uint8_t*)a)[1];
    124. 

  124. 	((uint8_t*)a)[1] ^= ((uint8_t*)a)[2];
    125. 

  125. }
    126. 

  126. 

  127. static
    128. 

  128. void changendian(void* a){
    129. 

  129. 	changendian32((uint32_t*)(&(((uint32_t*)a)[0])));
    130. 

  130. 	changendian32((uint32_t*)(&(((uint32_t*)a)[1])));
    131. 

  131. 	changendian32((uint32_t*)(&(((uint32_t*)a)[2])));
    132. 

  132. 	changendian32((uint32_t*)(&(((uint32_t*)a)[3])));
    133. 

  133. }
    134. 

  134. 

  135. /******************************************************************************/
    136. 

  136. 

  137. void noekeon_enc(void* buffer, const void* key){
    138. 

  138. 	uint8_t rc=0x80;
    139. 

  139. 	uint8_t keyb[16];
    140. 

  140. 	int8_t i;
    141. 

  141. 	
    142. 

  142. 	memcpy(keyb, key, 16);
    143. 

  143. 	changendian(buffer);
    144. 

  144. 	changendian(keyb);
    145. 

  145. 

  146. 	for(i=0; i<ROUND_NR; ++i){
    147. 

  147. 		noekeon_round((uint32_t*)keyb, (uint32_t*)buffer, rc, 0);
    148. 

  148. #ifdef __AVR__
    149. 

  149. 		rc = pgm_read_byte(rc_tab+i);
    150. 

  150. #else
    151. 

  151. 		rc = rc_tab[i];
    152. 

  152. #endif
    153. 

  153. 	}
    154. 

  154. 	((uint8_t*)buffer)[RC_POS] ^= rc;
    155. 

  155. 	theta((uint32_t*)keyb, (uint32_t*)buffer);
    156. 

  156. 

  157. 	changendian(buffer);
    158. 

  158. }
    159. 

  159. 

  160. 

  161. void noekeon_dec(void* buffer, const void* key){
    162. 

  162. 	uint8_t rc;
    163. 

  163. 	int8_t i;
    164. 

  164. 	uint8_t nullv[16];
    165. 

  165. 	uint8_t dkey[16];
    166. 

  166. 	
    167. 

  167. 

  168. 	changendian(buffer);
    169. 

  169. 	
    170. 

  170. 	memset(nullv, 0, 16);
    171. 

  171. 	memcpy(dkey, key, 16);
    172. 

  172. 	changendian(dkey);
    173. 

  173. 	
    174. 

  174. 	theta((uint32_t*)nullv, (uint32_t*)dkey);
    175. 

  175. //	cli_putstr("\r\nTheta: ");
    176. 

  176. //	cli_hexdump(dkey, 16);
    177. 

  177. 	
    178. 

  178. 	for(i=ROUND_NR-1; i>=0; --i){
    179. 

  179. #ifdef __AVR__
    180. 

  180. 		rc = pgm_read_byte(rc_tab+i);
    181. 

  181. #else
    182. 

  182. 		rc = rc_tab[i];
    183. 

  183. #endif
    184. 

  184. 		noekeon_round((uint32_t*)dkey, (uint32_t*)buffer, 0, rc);
    185. 

  185. 	}
    186. 

  186. 	theta((uint32_t*)dkey, (uint32_t*)buffer);
    187. 

  187. 	((uint8_t*)buffer)[RC_POS] ^= 0x80;
    188. 

  188. 

  189. 	changendian(buffer);
    190. 

  190. }
    191. 

  191. 

  192. void noekeon_init(const void* key, noekeon_ctx_t* ctx){
    193. 

  193. 	uint8_t nullv[16];
    194. 

  194. 	
    195. 

  195. 	memset(nullv, 0, 16);
    196. 

  196. 	memcpy(ctx, key, 16);
    197. 

  197. 	noekeon_enc(ctx, nullv);
    198. 

  198. }
    199. 

  199.