patrick/zephyr
1
0
Fork 0
Code Issues Pull requests Actions 7 Packages Projects Releases Wiki Activity

tinycrypt: use tabs not spaces

Browse source 
Passing checkpatch check to use tabs instead of spaces for everything.

Change-Id: I2fdd507d48db83fda8d183043c5a4ab1b97148dc
Signed-off-by: Dan Kalowsky <daniel.kalowsky@intel.com>
This commit is contained in:
Dan Kalowsky 2015-10-06 16:28:29 -07:00 committed by Anas Nashif
parent 9d506d0a26
commit 3b650c5c44
14 changed files with 553 additions and 553 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/crypto/tinycrypt/include/tinycrypt/aes.h
View file

@ -58,7 +58,7 @@
#define TC_AES_KEY_SIZE (Nb*Nk) #define TC_AES_KEY_SIZE (Nb*Nk)
struct tc_aes_key_sched_struct { struct tc_aes_key_sched_struct {
uint32_t words[Nb*(Nr+1)]; uint32_t words[Nb*(Nr+1)];
}; };
typedef struct tc_aes_key_sched_struct *TCAesKeySched_t; typedef struct tc_aes_key_sched_struct *TCAesKeySched_t;

4
lib/crypto/tinycrypt/include/tinycrypt/cbc_mode.h
View file

@ -104,7 +104,7 @@
* @param sched IN -- AES key schedule for this encrypt * @param sched IN -- AES key schedule for this encrypt
*/ */
int32_t tc_cbc_mode_encrypt(uint8_t *out, uint32_t outlen, const uint8_t *in, int32_t tc_cbc_mode_encrypt(uint8_t *out, uint32_t outlen, const uint8_t *in,
uint32_t inlen, const uint8_t *iv, uint32_t inlen, const uint8_t *iv,
const TCAesKeySched_t sched); const TCAesKeySched_t sched);
/** /**
@ -137,7 +137,7 @@ int32_t tc_cbc_mode_encrypt(uint8_t *out, uint32_t outlen, const uint8_t *in,
* *
*/ */
int32_t tc_cbc_mode_decrypt(uint8_t *out, uint32_t outlen, const uint8_t *in, int32_t tc_cbc_mode_decrypt(uint8_t *out, uint32_t outlen, const uint8_t *in,
uint32_t inlen, const uint8_t *iv, uint32_t inlen, const uint8_t *iv,
const TCAesKeySched_t sched); const TCAesKeySched_t sched);
#endif #endif

2
lib/crypto/tinycrypt/include/tinycrypt/ctr_mode.h
View file

@ -94,6 +94,6 @@
* @param sched IN -- an initialized AES key schedule * @param sched IN -- an initialized AES key schedule
*/ */
int32_t tc_ctr_mode(uint8_t *out, uint32_t outlen, const uint8_t *in, int32_t tc_ctr_mode(uint8_t *out, uint32_t outlen, const uint8_t *in,
uint32_t inlen, uint8_t *ctr, const TCAesKeySched_t sched); uint32_t inlen, uint8_t *ctr, const TCAesKeySched_t sched);
#endif #endif

4
lib/crypto/tinycrypt/include/tinycrypt/hmac.h
View file

@ -67,9 +67,9 @@
struct tc_hmac_state_struct { struct tc_hmac_state_struct {
/* the internal state required by h */ /* the internal state required by h */
struct tc_sha256_state_struct hash_state; struct tc_sha256_state_struct hash_state;
/* HMAC key schedule */ /* HMAC key schedule */
uint8_t key[2*TC_SHA256_BLOCK_SIZE]; uint8_t key[2*TC_SHA256_BLOCK_SIZE];
}; };
typedef struct tc_hmac_state_struct *TCHmacState_t; typedef struct tc_hmac_state_struct *TCHmacState_t;

8
lib/crypto/tinycrypt/include/tinycrypt/hmac_prng.h
View file

@ -73,13 +73,13 @@
struct tc_hmac_prng_struct { struct tc_hmac_prng_struct {
/* the HMAC instance for this PRNG */ /* the HMAC instance for this PRNG */
struct tc_hmac_state_struct h; struct tc_hmac_state_struct h;
/* the PRNG key */ /* the PRNG key */
uint8_t key[TC_SHA256_DIGEST_SIZE]; uint8_t key[TC_SHA256_DIGEST_SIZE];
/* PRNG state */ /* PRNG state */
uint8_t v[TC_SHA256_DIGEST_SIZE]; uint8_t v[TC_SHA256_DIGEST_SIZE];
/* calls to tc_hmac_prng_generate left before re-seed */ /* calls to tc_hmac_prng_generate left before re-seed */
uint32_t countdown; uint32_t countdown;
}; };
typedef struct tc_hmac_prng_struct *TCHmacPrng_t; typedef struct tc_hmac_prng_struct *TCHmacPrng_t;

8
lib/crypto/tinycrypt/include/tinycrypt/sha256.h
View file

@ -65,10 +65,10 @@
#define TC_SHA256_STATE_BLOCKS (TC_SHA256_DIGEST_SIZE/4) #define TC_SHA256_STATE_BLOCKS (TC_SHA256_DIGEST_SIZE/4)
struct tc_sha256_state_struct { struct tc_sha256_state_struct {
uint32_t iv[TC_SHA256_STATE_BLOCKS]; uint32_t iv[TC_SHA256_STATE_BLOCKS];
uint64_t bits_hashed; uint64_t bits_hashed;
uint8_t leftover[TC_SHA256_BLOCK_SIZE]; uint8_t leftover[TC_SHA256_BLOCK_SIZE];
size_t leftover_offset; size_t leftover_offset;
}; };
typedef struct tc_sha256_state_struct *TCSha256State_t; typedef struct tc_sha256_state_struct *TCSha256State_t;

150
lib/crypto/tinycrypt/source/aes_decrypt.c
View file

@ -36,33 +36,33 @@
#define ZERO_BYTE 0x00 #define ZERO_BYTE 0x00
static const uint8_t inv_sbox[256] = { static const uint8_t inv_sbox[256] = {
0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e,
0x81, 0xf3, 0xd7, 0xfb, 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x81, 0xf3, 0xd7, 0xfb, 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87,
0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, 0x54, 0x7b, 0x94, 0x32, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, 0x54, 0x7b, 0x94, 0x32,
0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49,
0x6d, 0x8b, 0xd1, 0x25, 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0x6d, 0x8b, 0xd1, 0x25, 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16,
0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92, 0x6c, 0x70, 0x48, 0x50, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92, 0x6c, 0x70, 0x48, 0x50,
0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05,
0xb8, 0xb3, 0x45, 0x06, 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xb8, 0xb3, 0x45, 0x06, 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02,
0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b, 0x3a, 0x91, 0x11, 0x41, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b, 0x3a, 0x91, 0x11, 0x41,
0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8,
0x1c, 0x75, 0xdf, 0x6e, 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x1c, 0x75, 0xdf, 0x6e, 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89,
0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b, 0xfc, 0x56, 0x3e, 0x4b, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b, 0xfc, 0x56, 0x3e, 0x4b,
0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59,
0x27, 0x80, 0xec, 0x5f, 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x27, 0x80, 0xec, 0x5f, 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d,
0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef, 0xa0, 0xe0, 0x3b, 0x4d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef, 0xa0, 0xe0, 0x3b, 0x4d,
0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63,
0x55, 0x21, 0x0c, 0x7d 0x55, 0x21, 0x0c, 0x7d
}; };
int32_t tc_aes128_set_decrypt_key(TCAesKeySched_t s, const uint8_t *k) int32_t tc_aes128_set_decrypt_key(TCAesKeySched_t s, const uint8_t *k)
{ {
return tc_aes128_set_encrypt_key(s, k); return tc_aes128_set_encrypt_key(s, k);
} }
#define mult8(a)(_double_byte(_double_byte(_double_byte(a)))) #define mult8(a)(_double_byte(_double_byte(_double_byte(a))))
@ -73,42 +73,42 @@ int32_t tc_aes128_set_decrypt_key(TCAesKeySched_t s, const uint8_t *k)
static inline void mult_row_column(uint8_t *out, const uint8_t *in) static inline void mult_row_column(uint8_t *out, const uint8_t *in)
{ {
out[0] = multe(in[0]) ^ multb(in[1]) ^ multd(in[2]) ^ mult9(in[3]); out[0] = multe(in[0]) ^ multb(in[1]) ^ multd(in[2]) ^ mult9(in[3]);
out[1] = mult9(in[0]) ^ multe(in[1]) ^ multb(in[2]) ^ multd(in[3]); out[1] = mult9(in[0]) ^ multe(in[1]) ^ multb(in[2]) ^ multd(in[3]);
out[2] = multd(in[0]) ^ mult9(in[1]) ^ multe(in[2]) ^ multb(in[3]); out[2] = multd(in[0]) ^ mult9(in[1]) ^ multe(in[2]) ^ multb(in[3]);
out[3] = multb(in[0]) ^ multd(in[1]) ^ mult9(in[2]) ^ multe(in[3]); out[3] = multb(in[0]) ^ multd(in[1]) ^ mult9(in[2]) ^ multe(in[3]);
} }
static inline void inv_mix_columns(uint8_t *s) static inline void inv_mix_columns(uint8_t *s)
{ {
uint8_t t[Nb*Nk]; uint8_t t[Nb*Nk];
mult_row_column(t, s); mult_row_column(t, s);
mult_row_column(&t[Nb], s+Nb); mult_row_column(&t[Nb], s+Nb);
mult_row_column(&t[2*Nb], s+(2*Nb)); mult_row_column(&t[2*Nb], s+(2*Nb));
mult_row_column(&t[3*Nb], s+(3*Nb)); mult_row_column(&t[3*Nb], s+(3*Nb));
(void)_copy(s, sizeof(t), t, sizeof(t)); (void)_copy(s, sizeof(t), t, sizeof(t));
} }
static inline void add_round_key(uint8_t *s, const uint32_t *k) static inline void add_round_key(uint8_t *s, const uint32_t *k)
{ {
s[0] ^= (uint8_t)(k[0] >> 24); s[1] ^= (uint8_t)(k[0] >> 16); s[0] ^= (uint8_t)(k[0] >> 24); s[1] ^= (uint8_t)(k[0] >> 16);
s[2] ^= (uint8_t)(k[0] >> 8); s[3] ^= (uint8_t)(k[0]); s[2] ^= (uint8_t)(k[0] >> 8); s[3] ^= (uint8_t)(k[0]);
s[4] ^= (uint8_t)(k[1] >> 24); s[5] ^= (uint8_t)(k[1] >> 16); s[4] ^= (uint8_t)(k[1] >> 24); s[5] ^= (uint8_t)(k[1] >> 16);
s[6] ^= (uint8_t)(k[1] >> 8); s[7] ^= (uint8_t)(k[1]); s[6] ^= (uint8_t)(k[1] >> 8); s[7] ^= (uint8_t)(k[1]);
s[8] ^= (uint8_t)(k[2] >> 24); s[9] ^= (uint8_t)(k[2] >> 16); s[8] ^= (uint8_t)(k[2] >> 24); s[9] ^= (uint8_t)(k[2] >> 16);
s[10] ^= (uint8_t)(k[2] >> 8); s[11] ^= (uint8_t)(k[2]); s[10] ^= (uint8_t)(k[2] >> 8); s[11] ^= (uint8_t)(k[2]);
s[12] ^= (uint8_t)(k[3] >> 24); s[13] ^= (uint8_t)(k[3] >> 16); s[12] ^= (uint8_t)(k[3] >> 24); s[13] ^= (uint8_t)(k[3] >> 16);
s[14] ^= (uint8_t)(k[3] >> 8); s[15] ^= (uint8_t)(k[3]); s[14] ^= (uint8_t)(k[3] >> 8); s[15] ^= (uint8_t)(k[3]);
} }
static inline void inv_sub_bytes(uint8_t *s) static inline void inv_sub_bytes(uint8_t *s)
{ {
uint32_t i; uint32_t i;
for (i = 0; i < (Nb*Nk); ++i) { for (i = 0; i < (Nb*Nk); ++i) {
s[i] = inv_sbox[s[i]]; s[i] = inv_sbox[s[i]];
} }
} }
/* /*
@ -118,46 +118,46 @@ static inline void inv_sub_bytes(uint8_t *s)
*/ */
static inline void inv_shift_rows(uint8_t *s) static inline void inv_shift_rows(uint8_t *s)
{ {
uint8_t t[Nb*Nk]; uint8_t t[Nb*Nk];
t[0] = s[0]; t[1] = s[13]; t[2] = s[10]; t[3] = s[7]; t[0] = s[0]; t[1] = s[13]; t[2] = s[10]; t[3] = s[7];
t[4] = s[4]; t[5] = s[1]; t[6] = s[14]; t[7] = s[11]; t[4] = s[4]; t[5] = s[1]; t[6] = s[14]; t[7] = s[11];
t[8] = s[8]; t[9] = s[5]; t[10] = s[2]; t[11] = s[15]; t[8] = s[8]; t[9] = s[5]; t[10] = s[2]; t[11] = s[15];
t[12] = s[12]; t[13] = s[9]; t[14] = s[6]; t[15] = s[3]; t[12] = s[12]; t[13] = s[9]; t[14] = s[6]; t[15] = s[3];
(void)_copy(s, sizeof(t), t, sizeof(t)); (void)_copy(s, sizeof(t), t, sizeof(t));
} }
int32_t tc_aes_decrypt(uint8_t *out, const uint8_t *in, const TCAesKeySched_t s) int32_t tc_aes_decrypt(uint8_t *out, const uint8_t *in, const TCAesKeySched_t s)
{ {
uint8_t state[Nk*Nb]; uint8_t state[Nk*Nb];
uint32_t i; uint32_t i;
if (out == (uint8_t *) 0) { if (out == (uint8_t *) 0) {
return TC_FAIL; return TC_FAIL;
} else if (in == (const uint8_t *) 0) { } else if (in == (const uint8_t *) 0) {
return TC_FAIL; return TC_FAIL;
} else if (s == (TCAesKeySched_t) 0) { } else if (s == (TCAesKeySched_t) 0) {
return TC_FAIL; return TC_FAIL;
} }
(void)_copy(state, sizeof(state), in, sizeof(state)); (void)_copy(state, sizeof(state), in, sizeof(state));
add_round_key(state, s->words + Nb*Nr); add_round_key(state, s->words + Nb*Nr);
for (i = Nr-1; i > 0; --i) { for (i = Nr-1; i > 0; --i) {
inv_shift_rows(state); inv_shift_rows(state);
inv_sub_bytes(state); inv_sub_bytes(state);
add_round_key(state, s->words + Nb*i); add_round_key(state, s->words + Nb*i);
inv_mix_columns(state); inv_mix_columns(state);
} }
inv_shift_rows(state); inv_shift_rows(state);
inv_sub_bytes(state); inv_sub_bytes(state);
add_round_key(state, s->words); add_round_key(state, s->words);
(void)_copy(out, sizeof(state), state, sizeof(state)); (void)_copy(out, sizeof(state), state, sizeof(state));
/*zeroing out one byte state buffer */ /*zeroing out one byte state buffer */
_set(state, ZERO_BYTE, sizeof(state)); _set(state, ZERO_BYTE, sizeof(state));
return TC_SUCCESS; return TC_SUCCESS;
} }

192
lib/crypto/tinycrypt/source/aes_encrypt.c
View file

@ -34,33 +34,33 @@
#include <tinycrypt/utils.h> #include <tinycrypt/utils.h>
static const uint8_t sbox[256] = { static const uint8_t sbox[256] = {
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b,
0xfe, 0xd7, 0xab, 0x76, 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xfe, 0xd7, 0xab, 0x76, 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0,
0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, 0xb7, 0xfd, 0x93, 0x26, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, 0xb7, 0xfd, 0x93, 0x26,
0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2,
0xeb, 0x27, 0xb2, 0x75, 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0xeb, 0x27, 0xb2, 0x75, 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0,
0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, 0x53, 0xd1, 0x00, 0xed, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, 0x53, 0xd1, 0x00, 0xed,
0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f,
0x50, 0x3c, 0x9f, 0xa8, 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0x50, 0x3c, 0x9f, 0xa8, 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5,
0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, 0xcd, 0x0c, 0x13, 0xec, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, 0xcd, 0x0c, 0x13, 0xec,
0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14,
0xde, 0x5e, 0x0b, 0xdb, 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xde, 0x5e, 0x0b, 0xdb, 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c,
0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, 0xe7, 0xc8, 0x37, 0x6d, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, 0xe7, 0xc8, 0x37, 0x6d,
0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f,
0x4b, 0xbd, 0x8b, 0x8a, 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x4b, 0xbd, 0x8b, 0x8a, 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e,
0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, 0xe1, 0xf8, 0x98, 0x11, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, 0xe1, 0xf8, 0x98, 0x11,
0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f,
0xb0, 0x54, 0xbb, 0x16 0xb0, 0x54, 0xbb, 0x16
}; };
static inline uint32_t rotword(uint32_t a) static inline uint32_t rotword(uint32_t a)
{ {
return (((a) >> 24)|((a) << 8)); return (((a) >> 24)|((a) << 8));
} }
#define subbyte(a, o)(sbox[((a) >> (o))&0xff] << (o)) #define subbyte(a, o)(sbox[((a) >> (o))&0xff] << (o))
@ -68,75 +68,75 @@ static inline uint32_t rotword(uint32_t a)
int32_t tc_aes128_set_encrypt_key(TCAesKeySched_t s, const uint8_t *k) int32_t tc_aes128_set_encrypt_key(TCAesKeySched_t s, const uint8_t *k)
{ {
const uint32_t rconst[11] = { const uint32_t rconst[11] = {
0x00000000, 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x00000000, 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000,
0x20000000, 0x40000000, 0x80000000, 0x1b000000, 0x36000000 0x20000000, 0x40000000, 0x80000000, 0x1b000000, 0x36000000
}; };
uint32_t i; uint32_t i;
uint32_t t; uint32_t t;
if (s == (TCAesKeySched_t) 0) { if (s == (TCAesKeySched_t) 0) {
return TC_FAIL; return TC_FAIL;
} else if (k == (const uint8_t *) 0) { } else if (k == (const uint8_t *) 0) {
return TC_FAIL; return TC_FAIL;
} }
for (i = 0; i < Nk; ++i) { for (i = 0; i < Nk; ++i) {
s->words[i] = (k[Nb*i]<<24) | (k[Nb*i+1]<<16) | s->words[i] = (k[Nb*i]<<24) | (k[Nb*i+1]<<16) |
(k[Nb*i+2]<<8) | (k[Nb*i+3]); (k[Nb*i+2]<<8) | (k[Nb*i+3]);
} }
for (; i < (Nb*(Nr+1)); ++i) { for (; i < (Nb*(Nr+1)); ++i) {
t = s->words[i-1]; t = s->words[i-1];
if ((i % Nk) == 0) { if ((i % Nk) == 0) {
t = subword(rotword(t)) ^ rconst[i/Nk]; t = subword(rotword(t)) ^ rconst[i/Nk];
} }
s->words[i] = s->words[i-Nk] ^ t; s->words[i] = s->words[i-Nk] ^ t;
} }
return TC_SUCCESS; return TC_SUCCESS;
} }
static inline void add_round_key(uint8_t *s, const uint32_t *k) static inline void add_round_key(uint8_t *s, const uint32_t *k)
{ {
s[0] ^= (uint8_t)(k[0] >> 24); s[1] ^= (uint8_t)(k[0] >> 16); s[0] ^= (uint8_t)(k[0] >> 24); s[1] ^= (uint8_t)(k[0] >> 16);
s[2] ^= (uint8_t)(k[0] >> 8); s[3] ^= (uint8_t)(k[0]); s[2] ^= (uint8_t)(k[0] >> 8); s[3] ^= (uint8_t)(k[0]);
s[4] ^= (uint8_t)(k[1] >> 24); s[5] ^= (uint8_t)(k[1] >> 16); s[4] ^= (uint8_t)(k[1] >> 24); s[5] ^= (uint8_t)(k[1] >> 16);
s[6] ^= (uint8_t)(k[1] >> 8); s[7] ^= (uint8_t)(k[1]); s[6] ^= (uint8_t)(k[1] >> 8); s[7] ^= (uint8_t)(k[1]);
s[8] ^= (uint8_t)(k[2] >> 24); s[9] ^= (uint8_t)(k[2] >> 16); s[8] ^= (uint8_t)(k[2] >> 24); s[9] ^= (uint8_t)(k[2] >> 16);
s[10] ^= (uint8_t)(k[2] >> 8); s[11] ^= (uint8_t)(k[2]); s[10] ^= (uint8_t)(k[2] >> 8); s[11] ^= (uint8_t)(k[2]);
s[12] ^= (uint8_t)(k[3] >> 24); s[13] ^= (uint8_t)(k[3] >> 16); s[12] ^= (uint8_t)(k[3] >> 24); s[13] ^= (uint8_t)(k[3] >> 16);
s[14] ^= (uint8_t)(k[3] >> 8); s[15] ^= (uint8_t)(k[3]); s[14] ^= (uint8_t)(k[3] >> 8); s[15] ^= (uint8_t)(k[3]);
} }
static inline void sub_bytes(uint8_t *s) static inline void sub_bytes(uint8_t *s)
{ {
uint32_t i; uint32_t i;
for (i = 0; i < (Nb*Nk); ++i) { for (i = 0; i < (Nb*Nk); ++i) {
s[i] = sbox[s[i]]; s[i] = sbox[s[i]];
} }
} }
#define triple(a)(_double_byte(a)^(a)) #define triple(a)(_double_byte(a)^(a))
static inline void mult_row_column(uint8_t *out, const uint8_t *in) static inline void mult_row_column(uint8_t *out, const uint8_t *in)
{ {
out[0] = _double_byte(in[0]) ^ triple(in[1]) ^ in[2] ^ in[3]; out[0] = _double_byte(in[0]) ^ triple(in[1]) ^ in[2] ^ in[3];
out[1] = in[0] ^ _double_byte(in[1]) ^ triple(in[2]) ^ in[3]; out[1] = in[0] ^ _double_byte(in[1]) ^ triple(in[2]) ^ in[3];
out[2] = in[0] ^ in[1] ^ _double_byte(in[2]) ^ triple(in[3]); out[2] = in[0] ^ in[1] ^ _double_byte(in[2]) ^ triple(in[3]);
out[3] = triple(in[0]) ^ in[1] ^ in[2] ^ _double_byte(in[3]); out[3] = triple(in[0]) ^ in[1] ^ in[2] ^ _double_byte(in[3]);
} }
static inline void mix_columns(uint8_t *s) static inline void mix_columns(uint8_t *s)
{ {
uint8_t t[Nb*Nk]; uint8_t t[Nb*Nk];
mult_row_column(t, s); mult_row_column(t, s);
mult_row_column(&t[Nb], s+Nb); mult_row_column(&t[Nb], s+Nb);
mult_row_column(&t[2*Nb], s+(2*Nb)); mult_row_column(&t[2*Nb], s+(2*Nb));
mult_row_column(&t[3*Nb], s+(3*Nb)); mult_row_column(&t[3*Nb], s+(3*Nb));
(void) _copy(s, sizeof(t), t, sizeof(t)); (void) _copy(s, sizeof(t), t, sizeof(t));
} }
/* /*
@ -145,44 +145,44 @@ static inline void mix_columns(uint8_t *s)
*/ */
static inline void shift_rows(uint8_t *s) static inline void shift_rows(uint8_t *s)
{ {
uint8_t t[Nb*Nk]; uint8_t t[Nb*Nk];
t[0] = s[0]; t[1] = s[5]; t[2] = s[10]; t[3] = s[15]; t[0] = s[0]; t[1] = s[5]; t[2] = s[10]; t[3] = s[15];
t[4] = s[4]; t[5] = s[9]; t[6] = s[14]; t[7] = s[3]; t[4] = s[4]; t[5] = s[9]; t[6] = s[14]; t[7] = s[3];
t[8] = s[8]; t[9] = s[13]; t[10] = s[2]; t[11] = s[7]; t[8] = s[8]; t[9] = s[13]; t[10] = s[2]; t[11] = s[7];
t[12] = s[12]; t[13] = s[1]; t[14] = s[6]; t[15] = s[11]; t[12] = s[12]; t[13] = s[1]; t[14] = s[6]; t[15] = s[11];
(void) _copy(s, sizeof(t), t, sizeof(t)); (void) _copy(s, sizeof(t), t, sizeof(t));
} }
int32_t tc_aes_encrypt(uint8_t *out, const uint8_t *in, const TCAesKeySched_t s) int32_t tc_aes_encrypt(uint8_t *out, const uint8_t *in, const TCAesKeySched_t s)
{ {
uint8_t state[Nk*Nb]; uint8_t state[Nk*Nb];
uint32_t i; uint32_t i;
if (out == (uint8_t *) 0) { if (out == (uint8_t *) 0) {
return TC_FAIL; return TC_FAIL;
} else if (in == (const uint8_t *) 0) { } else if (in == (const uint8_t *) 0) {
return TC_FAIL; return TC_FAIL;
} else if (s == (TCAesKeySched_t) 0) { } else if (s == (TCAesKeySched_t) 0) {
return TC_FAIL; return TC_FAIL;
} }
(void)_copy(state, sizeof(state), in, sizeof(state)); (void)_copy(state, sizeof(state), in, sizeof(state));
add_round_key(state, s->words); add_round_key(state, s->words);
for (i = 0; i < (Nr-1); ++i) { for (i = 0; i < (Nr-1); ++i) {
sub_bytes(state); sub_bytes(state);
shift_rows(state); shift_rows(state);
mix_columns(state); mix_columns(state);
add_round_key(state, s->words + Nb*(i+1)); add_round_key(state, s->words + Nb*(i+1));
} }
sub_bytes(state); sub_bytes(state);
shift_rows(state); shift_rows(state);
add_round_key(state, s->words + Nb*(i+1)); add_round_key(state, s->words + Nb*(i+1));
(void)_copy(out, sizeof(state), state, sizeof(state)); (void)_copy(out, sizeof(state), state, sizeof(state));
_set(state, 0x00, sizeof(state)); _set(state, 0x00, sizeof(state));
return TC_SUCCESS; return TC_SUCCESS;
} }

112
lib/crypto/tinycrypt/source/cbc_mode.c
View file

@ -34,77 +34,77 @@
#include <tinycrypt/utils.h> #include <tinycrypt/utils.h>
int32_t tc_cbc_mode_encrypt(uint8_t *out, uint32_t outlen, const uint8_t *in, int32_t tc_cbc_mode_encrypt(uint8_t *out, uint32_t outlen, const uint8_t *in,
uint32_t inlen, const uint8_t *iv, uint32_t inlen, const uint8_t *iv,
const TCAesKeySched_t sched) const TCAesKeySched_t sched)
{ {
uint8_t buffer[TC_AES_BLOCK_SIZE]; uint8_t buffer[TC_AES_BLOCK_SIZE];
uint32_t n, m; uint32_t n, m;
/* input sanity check: */ /* input sanity check: */
if (out == (uint8_t *) 0 || if (out == (uint8_t *) 0 ||
in == (const uint8_t *) 0 || in == (const uint8_t *) 0 ||
sched == (TCAesKeySched_t) 0 || sched == (TCAesKeySched_t) 0 ||
inlen == 0 || inlen == 0 ||
outlen == 0 || outlen == 0 ||
(inlen % TC_AES_BLOCK_SIZE) != 0 || (inlen % TC_AES_BLOCK_SIZE) != 0 ||
(outlen % TC_AES_BLOCK_SIZE) != 0 || (outlen % TC_AES_BLOCK_SIZE) != 0 ||
outlen != inlen + TC_AES_BLOCK_SIZE) { outlen != inlen + TC_AES_BLOCK_SIZE) {
return TC_FAIL; return TC_FAIL;
} }
/* copy iv to the buffer */ /* copy iv to the buffer */
(void)_copy(buffer, TC_AES_BLOCK_SIZE, iv, TC_AES_BLOCK_SIZE); (void)_copy(buffer, TC_AES_BLOCK_SIZE, iv, TC_AES_BLOCK_SIZE);
/* copy iv to the output buffer */ /* copy iv to the output buffer */
(void)_copy(out, TC_AES_BLOCK_SIZE, iv, TC_AES_BLOCK_SIZE); (void)_copy(out, TC_AES_BLOCK_SIZE, iv, TC_AES_BLOCK_SIZE);
out += TC_AES_BLOCK_SIZE; out += TC_AES_BLOCK_SIZE;
for (n = m = 0; n < inlen; ++n) { for (n = m = 0; n < inlen; ++n) {
buffer[m++] ^= *in++; buffer[m++] ^= *in++;
if (m == TC_AES_BLOCK_SIZE) { if (m == TC_AES_BLOCK_SIZE) {
(void)tc_aes_encrypt(buffer, buffer, sched); (void)tc_aes_encrypt(buffer, buffer, sched);
(void)_copy(out, TC_AES_BLOCK_SIZE, (void)_copy(out, TC_AES_BLOCK_SIZE,
buffer, TC_AES_BLOCK_SIZE); buffer, TC_AES_BLOCK_SIZE);
out += TC_AES_BLOCK_SIZE; out += TC_AES_BLOCK_SIZE;
m = 0; m = 0;
} }
} }
return TC_SUCCESS; return TC_SUCCESS;
} }
int32_t tc_cbc_mode_decrypt(uint8_t *out, uint32_t outlen, const uint8_t *in, int32_t tc_cbc_mode_decrypt(uint8_t *out, uint32_t outlen, const uint8_t *in,
uint32_t inlen, const uint8_t *iv, uint32_t inlen, const uint8_t *iv,
const TCAesKeySched_t sched) const TCAesKeySched_t sched)
{ {
uint8_t buffer[TC_AES_BLOCK_SIZE]; uint8_t buffer[TC_AES_BLOCK_SIZE];
const uint8_t *p; const uint8_t *p;
uint32_t n, m; uint32_t n, m;
/* sanity check the inputs */ /* sanity check the inputs */
if (out == (uint8_t *) 0 || if (out == (uint8_t *) 0 ||
in == (const uint8_t *) 0 || in == (const uint8_t *) 0 ||
sched == (TCAesKeySched_t) 0 || sched == (TCAesKeySched_t) 0 ||
inlen == 0 || inlen == 0 ||
outlen == 0 || outlen == 0 ||
(inlen % TC_AES_BLOCK_SIZE) != 0 || (inlen % TC_AES_BLOCK_SIZE) != 0 ||
(outlen % TC_AES_BLOCK_SIZE) != 0 || (outlen % TC_AES_BLOCK_SIZE) != 0 ||
outlen != inlen - TC_AES_BLOCK_SIZE) { outlen != inlen - TC_AES_BLOCK_SIZE) {
return TC_FAIL; return TC_FAIL;
} }
/* Note that in == iv + ciphertext, i.e. the iv and the ciphertext are /* Note that in == iv + ciphertext, i.e. the iv and the ciphertext are
* contiguous. This allows for a very efficient decryption algorithm * contiguous. This allows for a very efficient decryption algorithm
* that would not otherwise be possible. */ * that would not otherwise be possible. */
p = iv; p = iv;
for (n = m = 0; n < inlen; ++n) { for (n = m = 0; n < inlen; ++n) {
if ((n % TC_AES_BLOCK_SIZE) == 0) { if ((n % TC_AES_BLOCK_SIZE) == 0) {
(void)tc_aes_decrypt(buffer, in, sched); (void)tc_aes_decrypt(buffer, in, sched);
in += TC_AES_BLOCK_SIZE; in += TC_AES_BLOCK_SIZE;
m = 0; m = 0;
} }
*out++ = buffer[m++] ^ *p++; *out++ = buffer[m++] ^ *p++;
} }
return TC_SUCCESS; return TC_SUCCESS;
} }

76
lib/crypto/tinycrypt/source/ctr_mode.c
View file

@ -37,48 +37,48 @@ int32_t tc_ctr_mode(uint8_t *out, uint32_t outlen, const uint8_t *in,
uint32_t inlen, uint8_t *ctr, const TCAesKeySched_t sched) uint32_t inlen, uint8_t *ctr, const TCAesKeySched_t sched)
{ {
uint8_t buffer[TC_AES_BLOCK_SIZE]; uint8_t buffer[TC_AES_BLOCK_SIZE];
uint8_t nonce[TC_AES_BLOCK_SIZE]; uint8_t nonce[TC_AES_BLOCK_SIZE];
uint32_t block_num; uint32_t block_num;
uint32_t i; uint32_t i;
/* input sanity check: */ /* input sanity check: */
if (out == (uint8_t *) 0 || if (out == (uint8_t *) 0 ||
in == (uint8_t *) 0 || in == (uint8_t *) 0 ||
ctr == (uint8_t *) 0 || ctr == (uint8_t *) 0 ||
sched == (TCAesKeySched_t) 0 || sched == (TCAesKeySched_t) 0 ||
inlen == 0 || inlen == 0 ||
outlen == 0 || outlen == 0 ||
outlen != inlen) { outlen != inlen) {
return TC_FAIL; return TC_FAIL;
} }
/* copy the ctr to the nonce */ /* copy the ctr to the nonce */
(void)_copy(nonce, sizeof(nonce), ctr, sizeof(nonce)); (void)_copy(nonce, sizeof(nonce), ctr, sizeof(nonce));
/* select the last 4 bytes of the nonce to be incremented */ /* select the last 4 bytes of the nonce to be incremented */
block_num = (nonce[12] << 24) | (nonce[13] << 16) | block_num = (nonce[12] << 24) | (nonce[13] << 16) |
(nonce[14] << 8) | (nonce[15]); (nonce[14] << 8) | (nonce[15]);
for (i = 0; i < inlen; ++i) { for (i = 0; i < inlen; ++i) {
if ((i % (TC_AES_BLOCK_SIZE)) == 0) { if ((i % (TC_AES_BLOCK_SIZE)) == 0) {
/* encrypt data using the current nonce */ /* encrypt data using the current nonce */
if (tc_aes_encrypt(buffer, nonce, sched)) { if (tc_aes_encrypt(buffer, nonce, sched)) {
block_num++; block_num++;
nonce[12] = (uint8_t)(block_num >> 24); nonce[12] = (uint8_t)(block_num >> 24);
nonce[13] = (uint8_t)(block_num >> 16); nonce[13] = (uint8_t)(block_num >> 16);
nonce[14] = (uint8_t)(block_num >> 8); nonce[14] = (uint8_t)(block_num >> 8);
nonce[15] = (uint8_t)(block_num); nonce[15] = (uint8_t)(block_num);
} else { } else {
return TC_FAIL; return TC_FAIL;
} }
} }
/* update the output */ /* update the output */
*out++ = buffer[i%(TC_AES_BLOCK_SIZE)] ^ *in++; *out++ = buffer[i%(TC_AES_BLOCK_SIZE)] ^ *in++;
} }
/* update the counter */ /* update the counter */
ctr[12] = nonce[12]; ctr[13] = nonce[13]; ctr[12] = nonce[12]; ctr[13] = nonce[13];
ctr[14] = nonce[14]; ctr[15] = nonce[15]; ctr[14] = nonce[14]; ctr[15] = nonce[15];
return TC_SUCCESS; return TC_SUCCESS;
} }

122
lib/crypto/tinycrypt/source/hmac.c
View file

@ -35,109 +35,109 @@
static void rekey(uint8_t *key, const uint8_t *new_key, uint32_t key_size) static void rekey(uint8_t *key, const uint8_t *new_key, uint32_t key_size)
{ {
const uint8_t inner_pad = (uint8_t) 0x36; const uint8_t inner_pad = (uint8_t) 0x36;
const uint8_t outer_pad = (uint8_t) 0x5c; const uint8_t outer_pad = (uint8_t) 0x5c;
uint32_t i; uint32_t i;
for (i = 0; i < key_size; ++i) { for (i = 0; i < key_size; ++i) {
key[i] = inner_pad ^ new_key[i]; key[i] = inner_pad ^ new_key[i];
key[i + TC_SHA256_BLOCK_SIZE] = outer_pad ^ new_key[i]; key[i + TC_SHA256_BLOCK_SIZE] = outer_pad ^ new_key[i];
} }
for (; i < TC_SHA256_BLOCK_SIZE; ++i) { for (; i < TC_SHA256_BLOCK_SIZE; ++i) {
key[i] = inner_pad; key[i + TC_SHA256_BLOCK_SIZE] = outer_pad; key[i] = inner_pad; key[i + TC_SHA256_BLOCK_SIZE] = outer_pad;
} }
} }
int32_t tc_hmac_set_key(TCHmacState_t ctx, int32_t tc_hmac_set_key(TCHmacState_t ctx,
const uint8_t *key, const uint8_t *key,
uint32_t key_size) uint32_t key_size)
{ {
/* input sanity check: */ /* input sanity check: */
if (ctx == (TCHmacState_t) 0 || if (ctx == (TCHmacState_t) 0 ||
key == (const uint8_t *) 0 || key == (const uint8_t *) 0 ||
key_size == 0) { key_size == 0) {
return TC_FAIL; return TC_FAIL;
} }
const uint8_t dummy_key[key_size]; const uint8_t dummy_key[key_size];
struct tc_hmac_state_struct dummy_state; struct tc_hmac_state_struct dummy_state;
if (key_size <= TC_SHA256_BLOCK_SIZE) { if (key_size <= TC_SHA256_BLOCK_SIZE) {
/* The next three lines consist of dummy calls just to avoid /* The next three lines consist of dummy calls just to avoid
* certain timing attacks. Without these dummy calls, * certain timing attacks. Without these dummy calls,
* adversaries would be able to learn whether the key_size is * adversaries would be able to learn whether the key_size is
* greater than TC_SHA256_BLOCK_SIZE by measuring the time * greater than TC_SHA256_BLOCK_SIZE by measuring the time
* consumed in this process.*/ * consumed in this process.*/
(void)tc_sha256_init(&dummy_state.hash_state); (void)tc_sha256_init(&dummy_state.hash_state);
(void)tc_sha256_update(&dummy_state.hash_state, (void)tc_sha256_update(&dummy_state.hash_state,
dummy_key, dummy_key,
key_size); key_size);
(void)tc_sha256_final(&dummy_state.key[TC_SHA256_DIGEST_SIZE], (void)tc_sha256_final(&dummy_state.key[TC_SHA256_DIGEST_SIZE],
&dummy_state.hash_state); &dummy_state.hash_state);
/* Actual code for when key_size <= TC_SHA256_BLOCK_SIZE: */ /* Actual code for when key_size <= TC_SHA256_BLOCK_SIZE: */
rekey(ctx->key, key, key_size); rekey(ctx->key, key, key_size);
} else { } else {
(void)tc_sha256_init(&ctx->hash_state); (void)tc_sha256_init(&ctx->hash_state);
(void)tc_sha256_update(&ctx->hash_state, key, key_size); (void)tc_sha256_update(&ctx->hash_state, key, key_size);
(void)tc_sha256_final(&ctx->key[TC_SHA256_DIGEST_SIZE], (void)tc_sha256_final(&ctx->key[TC_SHA256_DIGEST_SIZE],
&ctx->hash_state); &ctx->hash_state);
rekey(ctx->key, rekey(ctx->key,
&ctx->key[TC_SHA256_DIGEST_SIZE], &ctx->key[TC_SHA256_DIGEST_SIZE],
TC_SHA256_DIGEST_SIZE); TC_SHA256_DIGEST_SIZE);
} }
return TC_SUCCESS; return TC_SUCCESS;
} }
int32_t tc_hmac_init(TCHmacState_t ctx) int32_t tc_hmac_init(TCHmacState_t ctx)
{ {
/* input sanity check: */ /* input sanity check: */
if (ctx == (TCHmacState_t) 0 || if (ctx == (TCHmacState_t) 0 ||
ctx->key == (uint8_t *) 0) { ctx->key == (uint8_t *) 0) {
return TC_FAIL; return TC_FAIL;
} }
(void)tc_sha256_init(&ctx->hash_state); (void)tc_sha256_init(&ctx->hash_state);
(void)tc_sha256_update(&ctx->hash_state, (void)tc_sha256_update(&ctx->hash_state,
ctx->key, ctx->key,
TC_SHA256_BLOCK_SIZE); TC_SHA256_BLOCK_SIZE);
return TC_SUCCESS; return TC_SUCCESS;
} }
int32_t tc_hmac_update(TCHmacState_t ctx, int32_t tc_hmac_update(TCHmacState_t ctx,
const void *data, const void *data,
uint32_t data_length) uint32_t data_length)
{ {
/* input sanity check: */ /* input sanity check: */
if (ctx == (TCHmacState_t) 0 || ctx->key == (uint8_t *) 0) { if (ctx == (TCHmacState_t) 0 || ctx->key == (uint8_t *) 0) {
return TC_FAIL; return TC_FAIL;
} }
(void)tc_sha256_update(&ctx->hash_state, data, data_length); (void)tc_sha256_update(&ctx->hash_state, data, data_length);
return TC_SUCCESS; return TC_SUCCESS;
} }
int32_t tc_hmac_final(uint8_t *tag, uint32_t taglen, TCHmacState_t ctx) int32_t tc_hmac_final(uint8_t *tag, uint32_t taglen, TCHmacState_t ctx)
{ {
/* input sanity check: */ /* input sanity check: */
if (tag == (uint8_t *) 0 || if (tag == (uint8_t *) 0 ||
taglen != TC_SHA256_DIGEST_SIZE || taglen != TC_SHA256_DIGEST_SIZE ||
ctx == (TCHmacState_t) 0 || ctx == (TCHmacState_t) 0 ||
ctx->key == (uint8_t *) 0) { ctx->key == (uint8_t *) 0) {
return TC_FAIL; return TC_FAIL;
} }
(void) tc_sha256_final(tag, &ctx->hash_state); (void) tc_sha256_final(tag, &ctx->hash_state);
(void)tc_sha256_init(&ctx->hash_state); (void)tc_sha256_init(&ctx->hash_state);
(void)tc_sha256_update(&ctx->hash_state, (void)tc_sha256_update(&ctx->hash_state,
&ctx->key[TC_SHA256_BLOCK_SIZE], &ctx->key[TC_SHA256_BLOCK_SIZE],
TC_SHA256_BLOCK_SIZE); TC_SHA256_BLOCK_SIZE);
(void)tc_sha256_update(&ctx->hash_state, tag, TC_SHA256_DIGEST_SIZE); (void)tc_sha256_update(&ctx->hash_state, tag, TC_SHA256_DIGEST_SIZE);
(void)tc_sha256_final(tag, &ctx->hash_state); (void)tc_sha256_final(tag, &ctx->hash_state);
return TC_SUCCESS; return TC_SUCCESS;
} }

178
lib/crypto/tinycrypt/source/hmac_prng.c
View file

@ -64,131 +64,131 @@ static const uint32_t MAX_OUT = (1 << 19);
*/ */
static void update(TCHmacPrng_t prng, const uint8_t *e, uint32_t len) static void update(TCHmacPrng_t prng, const uint8_t *e, uint32_t len)
{ {
const uint8_t separator0 = 0x00; const uint8_t separator0 = 0x00;
const uint8_t separator1 = 0x01; const uint8_t separator1 = 0x01;
/* use current state, e and separator 0 to compute a new prng key: */ /* use current state, e and separator 0 to compute a new prng key: */
(void)tc_hmac_init(&prng->h); (void)tc_hmac_init(&prng->h);
(void)tc_hmac_update(&prng->h, prng->v, sizeof(prng->v)); (void)tc_hmac_update(&prng->h, prng->v, sizeof(prng->v));
(void)tc_hmac_update(&prng->h, &separator0, sizeof(separator0)); (void)tc_hmac_update(&prng->h, &separator0, sizeof(separator0));
(void)tc_hmac_update(&prng->h, e, len); (void)tc_hmac_update(&prng->h, e, len);
(void)tc_hmac_final(prng->key, sizeof(prng->key), &prng->h); (void)tc_hmac_final(prng->key, sizeof(prng->key), &prng->h);
/* configure the new prng key into the prng's instance of hmac */ /* configure the new prng key into the prng's instance of hmac */
(void)tc_hmac_set_key(&prng->h, prng->key, sizeof(prng->key)); (void)tc_hmac_set_key(&prng->h, prng->key, sizeof(prng->key));
/* use the new key to compute a new state variable v */ /* use the new key to compute a new state variable v */
(void)tc_hmac_init(&prng->h); (void)tc_hmac_init(&prng->h);
(void)tc_hmac_update(&prng->h, prng->v, sizeof(prng->v)); (void)tc_hmac_update(&prng->h, prng->v, sizeof(prng->v));
(void)tc_hmac_final(prng->v, sizeof(prng->v), &prng->h); (void)tc_hmac_final(prng->v, sizeof(prng->v), &prng->h);
/* use current state, e and separator 1 to compute a new prng key: */ /* use current state, e and separator 1 to compute a new prng key: */
(void)tc_hmac_init(&prng->h); (void)tc_hmac_init(&prng->h);
(void)tc_hmac_update(&prng->h, prng->v, sizeof(prng->v)); (void)tc_hmac_update(&prng->h, prng->v, sizeof(prng->v));
(void)tc_hmac_update(&prng->h, &separator1, sizeof(separator1)); (void)tc_hmac_update(&prng->h, &separator1, sizeof(separator1));
(void)tc_hmac_update(&prng->h, e, len); (void)tc_hmac_update(&prng->h, e, len);
(void)tc_hmac_final(prng->key, sizeof(prng->key), &prng->h); (void)tc_hmac_final(prng->key, sizeof(prng->key), &prng->h);
/* configure the new prng key into the prng's instance of hmac */ /* configure the new prng key into the prng's instance of hmac */
(void)tc_hmac_set_key(&prng->h, prng->key, sizeof(prng->key)); (void)tc_hmac_set_key(&prng->h, prng->key, sizeof(prng->key));
/* use the new key to compute a new state variable v */ /* use the new key to compute a new state variable v */
(void)tc_hmac_init(&prng->h); (void)tc_hmac_init(&prng->h);
(void)tc_hmac_update(&prng->h, prng->v, sizeof(prng->v)); (void)tc_hmac_update(&prng->h, prng->v, sizeof(prng->v));
(void)tc_hmac_final(prng->v, sizeof(prng->v), &prng->h); (void)tc_hmac_final(prng->v, sizeof(prng->v), &prng->h);
} }
int32_t tc_hmac_prng_init(TCHmacPrng_t prng, int32_t tc_hmac_prng_init(TCHmacPrng_t prng,
const uint8_t *personalization, const uint8_t *personalization,
uint32_t plen) uint32_t plen)
{ {
/* input sanity check: */ /* input sanity check: */
if (prng == (TCHmacPrng_t) 0 || if (prng == (TCHmacPrng_t) 0 ||
personalization == (uint8_t *) 0 || personalization == (uint8_t *) 0 ||
plen > MAX_PLEN) { plen > MAX_PLEN) {
return TC_FAIL; return TC_FAIL;
} }
/* put the generator into a known state: */ /* put the generator into a known state: */
_set(prng->key, 0x00, sizeof(prng->key)); _set(prng->key, 0x00, sizeof(prng->key));
_set(prng->v, 0x01, sizeof(prng->v)); _set(prng->v, 0x01, sizeof(prng->v));
tc_hmac_set_key(&prng->h, prng->key, sizeof(prng->key)); tc_hmac_set_key(&prng->h, prng->key, sizeof(prng->key));
/* update assumes SOME key has been configured into HMAC */ /* update assumes SOME key has been configured into HMAC */
update(prng, personalization, plen); update(prng, personalization, plen);
/* force a reseed before allowing tc_hmac_prng_generate to succeed: */ /* force a reseed before allowing tc_hmac_prng_generate to succeed: */
prng->countdown = 0; prng->countdown = 0;
return TC_SUCCESS; return TC_SUCCESS;
} }
int32_t tc_hmac_prng_reseed(TCHmacPrng_t prng, int32_t tc_hmac_prng_reseed(TCHmacPrng_t prng,
const uint8_t *seed, const uint8_t *seed,
uint32_t seedlen, uint32_t seedlen,
const uint8_t *additional_input, const uint8_t *additional_input,
uint32_t additionallen) uint32_t additionallen)
{ {
/* input sanity check: */ /* input sanity check: */
if (prng == (TCHmacPrng_t) 0 || if (prng == (TCHmacPrng_t) 0 ||
seed == (const uint8_t *) 0 || seed == (const uint8_t *) 0 ||
seedlen < MIN_SLEN || seedlen < MIN_SLEN ||
seedlen > MAX_SLEN) { seedlen > MAX_SLEN) {
return TC_FAIL; return TC_FAIL;
} }
if (additional_input != (const uint8_t *) 0) { if (additional_input != (const uint8_t *) 0) {
/* Abort if additional_input is provided but has inappropriate /* Abort if additional_input is provided but has inappropriate
* length */ * length */
if (additionallen == 0 || if (additionallen == 0 ||
additionallen > MAX_ALEN) { additionallen > MAX_ALEN) {
return TC_FAIL; return TC_FAIL;
} }
/* call update for the seed and additional_input */ /* call update for the seed and additional_input */
update(prng, seed, seedlen); update(prng, seed, seedlen);
update(prng, additional_input, additionallen); update(prng, additional_input, additionallen);
} else { } else {
/* call update only for the seed */ /* call update only for the seed */
update(prng, seed, seedlen); update(prng, seed, seedlen);
} }
/* ... and enable hmac_prng_get */ /* ... and enable hmac_prng_get */
prng->countdown = MAX_GENS; prng->countdown = MAX_GENS;
return TC_SUCCESS; return TC_SUCCESS;
} }
int32_t tc_hmac_prng_generate(uint8_t *out, uint32_t outlen, TCHmacPrng_t prng) int32_t tc_hmac_prng_generate(uint8_t *out, uint32_t outlen, TCHmacPrng_t prng)
{ {
uint32_t bufferlen; uint32_t bufferlen;
/* input sanity check: */ /* input sanity check: */
if (out == (uint8_t *) 0 || if (out == (uint8_t *) 0 ||
prng == (TCHmacPrng_t) 0 || prng == (TCHmacPrng_t) 0 ||
outlen == 0 || outlen == 0 ||
outlen > MAX_OUT) { outlen > MAX_OUT) {
return TC_FAIL; return TC_FAIL;
} else if (prng->countdown == 0) { } else if (prng->countdown == 0) {
return TC_RESEED_REQ; return TC_RESEED_REQ;
} }
prng->countdown--; prng->countdown--;
while (outlen != 0) { while (outlen != 0) {
/* operate HMAC in OFB mode to create "random" outputs */ /* operate HMAC in OFB mode to create "random" outputs */
(void)tc_hmac_init(&prng->h); (void)tc_hmac_init(&prng->h);
(void)tc_hmac_update(&prng->h, prng->v, sizeof(prng->v)); (void)tc_hmac_update(&prng->h, prng->v, sizeof(prng->v));
(void)tc_hmac_final(prng->v, sizeof(prng->v), &prng->h); (void)tc_hmac_final(prng->v, sizeof(prng->v), &prng->h);
bufferlen = (TC_SHA256_DIGEST_SIZE > outlen) ? bufferlen = (TC_SHA256_DIGEST_SIZE > outlen) ?
outlen : TC_SHA256_DIGEST_SIZE; outlen : TC_SHA256_DIGEST_SIZE;
(void)_copy(out, bufferlen, prng->v, bufferlen); (void)_copy(out, bufferlen, prng->v, bufferlen);
out += bufferlen; out += bufferlen;
outlen = (outlen > TC_SHA256_DIGEST_SIZE) ? outlen = (outlen > TC_SHA256_DIGEST_SIZE) ?
(outlen - TC_SHA256_DIGEST_SIZE) : 0; (outlen - TC_SHA256_DIGEST_SIZE) : 0;
} }
/* block future PRNG compromises from revealing past state */ /* block future PRNG compromises from revealing past state */
update(prng, prng->v, TC_SHA256_DIGEST_SIZE); update(prng, prng->v, TC_SHA256_DIGEST_SIZE);
return TC_SUCCESS; return TC_SUCCESS;
} }

232
lib/crypto/tinycrypt/source/sha256.c
View file

@ -37,120 +37,120 @@ static void compress(uint32_t *iv, const uint8_t *data);
int32_t tc_sha256_init(TCSha256State_t s) int32_t tc_sha256_init(TCSha256State_t s)
{ {
/* input sanity check: */ /* input sanity check: */
if (s == (TCSha256State_t) 0) { if (s == (TCSha256State_t) 0) {
return TC_FAIL; return TC_FAIL;
} }
/* Setting the initial state values. /* Setting the initial state values.
* These values correspond to the first 32 bits of the fractional parts * These values correspond to the first 32 bits of the fractional parts
* of the square roots of the first 8 primes: 2, 3, 5, 7, 11, 13, 17 * of the square roots of the first 8 primes: 2, 3, 5, 7, 11, 13, 17
* and 19. */ * and 19. */
_set((uint8_t *) s, 0x00, sizeof(*s)); _set((uint8_t *) s, 0x00, sizeof(*s));
s->iv[0] = 0x6a09e667; s->iv[0] = 0x6a09e667;
s->iv[1] = 0xbb67ae85; s->iv[1] = 0xbb67ae85;
s->iv[2] = 0x3c6ef372; s->iv[2] = 0x3c6ef372;
s->iv[3] = 0xa54ff53a; s->iv[3] = 0xa54ff53a;
s->iv[4] = 0x510e527f; s->iv[4] = 0x510e527f;
s->iv[5] = 0x9b05688c; s->iv[5] = 0x9b05688c;
s->iv[6] = 0x1f83d9ab; s->iv[6] = 0x1f83d9ab;
s->iv[7] = 0x5be0cd19; s->iv[7] = 0x5be0cd19;
return TC_SUCCESS; return TC_SUCCESS;
} }
int32_t tc_sha256_update(TCSha256State_t s, const uint8_t *data, size_t datalen) int32_t tc_sha256_update(TCSha256State_t s, const uint8_t *data, size_t datalen)
{ {
/* input sanity check: */ /* input sanity check: */
if (s == (TCSha256State_t) 0 || if (s == (TCSha256State_t) 0 ||
s->iv == (uint32_t *) 0 || s->iv == (uint32_t *) 0 ||
data == (void *) 0) { data == (void *) 0) {
return TC_FAIL; return TC_FAIL;
} else if (datalen == 0) { } else if (datalen == 0) {
return TC_SUCCESS; return TC_SUCCESS;
} }
while (datalen-- > 0) { while (datalen-- > 0) {
s->leftover[s->leftover_offset++] = *(data++); s->leftover[s->leftover_offset++] = *(data++);
if (s->leftover_offset >= TC_SHA256_BLOCK_SIZE) { if (s->leftover_offset >= TC_SHA256_BLOCK_SIZE) {
compress(s->iv, s->leftover); compress(s->iv, s->leftover);
s->leftover_offset = 0; s->leftover_offset = 0;
s->bits_hashed += (TC_SHA256_BLOCK_SIZE << 3); s->bits_hashed += (TC_SHA256_BLOCK_SIZE << 3);
} }
} }
return TC_SUCCESS; return TC_SUCCESS;
} }
int32_t tc_sha256_final(uint8_t *digest, TCSha256State_t s) int32_t tc_sha256_final(uint8_t *digest, TCSha256State_t s)
{ {
uint32_t i; uint32_t i;
/* input sanity check: */ /* input sanity check: */
if (digest == (uint8_t *) 0 || if (digest == (uint8_t *) 0 ||
s == (TCSha256State_t) 0 || s == (TCSha256State_t) 0 ||
s->iv == (uint32_t *) 0) { s->iv == (uint32_t *) 0) {
return TC_FAIL; return TC_FAIL;
} }
s->bits_hashed += (s->leftover_offset << 3); s->bits_hashed += (s->leftover_offset << 3);
s->leftover[s->leftover_offset++] = 0x80; /* always room for one byte */ s->leftover[s->leftover_offset++] = 0x80; /* always room for one byte */
if (s->leftover_offset > (sizeof(s->leftover) - 8)) { if (s->leftover_offset > (sizeof(s->leftover) - 8)) {
/* there is not room for all the padding in this block */ /* there is not room for all the padding in this block */
_set(s->leftover + s->leftover_offset, 0x00, _set(s->leftover + s->leftover_offset, 0x00,
sizeof(s->leftover) - s->leftover_offset); sizeof(s->leftover) - s->leftover_offset);
compress(s->iv, s->leftover); compress(s->iv, s->leftover);
s->leftover_offset = 0; s->leftover_offset = 0;
} }
/* add the padding and the length in big-Endian format */ /* add the padding and the length in big-Endian format */
_set(s->leftover + s->leftover_offset, 0x00, _set(s->leftover + s->leftover_offset, 0x00,
sizeof(s->leftover) - 8 - s->leftover_offset); sizeof(s->leftover) - 8 - s->leftover_offset);
s->leftover[sizeof(s->leftover) - 1] = (uint8_t)(s->bits_hashed); s->leftover[sizeof(s->leftover) - 1] = (uint8_t)(s->bits_hashed);
s->leftover[sizeof(s->leftover) - 2] = (uint8_t)(s->bits_hashed >> 8); s->leftover[sizeof(s->leftover) - 2] = (uint8_t)(s->bits_hashed >> 8);
s->leftover[sizeof(s->leftover) - 3] = (uint8_t)(s->bits_hashed >> 16); s->leftover[sizeof(s->leftover) - 3] = (uint8_t)(s->bits_hashed >> 16);
s->leftover[sizeof(s->leftover) - 4] = (uint8_t)(s->bits_hashed >> 24); s->leftover[sizeof(s->leftover) - 4] = (uint8_t)(s->bits_hashed >> 24);
s->leftover[sizeof(s->leftover) - 5] = (uint8_t)(s->bits_hashed >> 32); s->leftover[sizeof(s->leftover) - 5] = (uint8_t)(s->bits_hashed >> 32);
s->leftover[sizeof(s->leftover) - 6] = (uint8_t)(s->bits_hashed >> 40); s->leftover[sizeof(s->leftover) - 6] = (uint8_t)(s->bits_hashed >> 40);
s->leftover[sizeof(s->leftover) - 7] = (uint8_t)(s->bits_hashed >> 48); s->leftover[sizeof(s->leftover) - 7] = (uint8_t)(s->bits_hashed >> 48);
s->leftover[sizeof(s->leftover) - 8] = (uint8_t)(s->bits_hashed >> 56); s->leftover[sizeof(s->leftover) - 8] = (uint8_t)(s->bits_hashed >> 56);
/* hash the padding and length */ /* hash the padding and length */
compress(s->iv, s->leftover); compress(s->iv, s->leftover);
/* copy the iv out to digest */ /* copy the iv out to digest */
for (i = 0; i < TC_SHA256_STATE_BLOCKS; ++i) { for (i = 0; i < TC_SHA256_STATE_BLOCKS; ++i) {
uint32_t t = *((uint32_t *) &s->iv[i]); uint32_t t = *((uint32_t *) &s->iv[i]);
*digest++ = (uint8_t)(t >> 24); *digest++ = (uint8_t)(t >> 24);
*digest++ = (uint8_t)(t >> 16); *digest++ = (uint8_t)(t >> 16);
*digest++ = (uint8_t)(t >> 8); *digest++ = (uint8_t)(t >> 8);
*digest++ = (uint8_t)(t); *digest++ = (uint8_t)(t);
} }
return TC_SUCCESS; return TC_SUCCESS;
} }
/* Initializing SHA-256 Hash constant words K. /* Initializing SHA-256 Hash constant words K.
* These values correspond to the first 32 bits of the fractional parts of the * These values correspond to the first 32 bits of the fractional parts of the
* cube roots of the first 64 primes between 2 and 311. */ * cube roots of the first 64 primes between 2 and 311. */
static const uint32_t k256[64] = { static const uint32_t k256[64] = {
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1,
0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786,
0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147,
0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b,
0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a,
0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
}; };
static inline uint32_t ROTR(uint32_t a, uint32_t n) static inline uint32_t ROTR(uint32_t a, uint32_t n)
{ {
return (((a) >> n) | ((a) << (32 - n))); return (((a) >> n) | ((a) << (32 - n)));
} }
#define Sigma0(a)(ROTR((a), 2) ^ ROTR((a), 13) ^ ROTR((a), 22)) #define Sigma0(a)(ROTR((a), 2) ^ ROTR((a), 13) ^ ROTR((a), 22))
@ -163,49 +163,49 @@ static inline uint32_t ROTR(uint32_t a, uint32_t n)
static inline uint32_t BigEndian(const uint8_t **c) static inline uint32_t BigEndian(const uint8_t **c)
{ {
uint32_t n = 0; uint32_t n = 0;
n = (((uint32_t)(*((*c)++))) << 24); n = (((uint32_t)(*((*c)++))) << 24);
n |= ((uint32_t)(*((*c)++)) << 16); n |= ((uint32_t)(*((*c)++)) << 16);
n |= ((uint32_t)(*((*c)++)) << 8); n |= ((uint32_t)(*((*c)++)) << 8);
n |= ((uint32_t)(*((*c)++))); n |= ((uint32_t)(*((*c)++)));
return n; return n;
} }
static void compress(uint32_t *iv, const uint8_t *data) static void compress(uint32_t *iv, const uint8_t *data)
{ {
uint32_t a, b, c, d, e, f, g, h; uint32_t a, b, c, d, e, f, g, h;
uint32_t s0, s1; uint32_t s0, s1;
uint32_t t1, t2; uint32_t t1, t2;
uint32_t work_space[16]; uint32_t work_space[16];
uint32_t n; uint32_t n;
uint32_t i; uint32_t i;
a = iv[0]; b = iv[1]; c = iv[2]; d = iv[3]; a = iv[0]; b = iv[1]; c = iv[2]; d = iv[3];
e = iv[4]; f = iv[5]; g = iv[6]; h = iv[7]; e = iv[4]; f = iv[5]; g = iv[6]; h = iv[7];
for (i = 0; i < 16; ++i) { for (i = 0; i < 16; ++i) {
n = BigEndian(&data); n = BigEndian(&data);
t1 = work_space[i] = n; t1 = work_space[i] = n;
t1 += h + Sigma1(e) + Ch(e, f, g) + k256[i]; t1 += h + Sigma1(e) + Ch(e, f, g) + k256[i];
t2 = Sigma0(a) + Maj(a, b, c); t2 = Sigma0(a) + Maj(a, b, c);
h = g; g = f; f = e; e = d + t1; h = g; g = f; f = e; e = d + t1;
d = c; c = b; b = a; a = t1 + t2; d = c; c = b; b = a; a = t1 + t2;
} }
for ( ; i < 64; ++i) { for ( ; i < 64; ++i) {
s0 = work_space[(i+1)&0x0f]; s0 = work_space[(i+1)&0x0f];
s0 = sigma0(s0); s0 = sigma0(s0);
s1 = work_space[(i+14)&0x0f]; s1 = work_space[(i+14)&0x0f];
s1 = sigma1(s1); s1 = sigma1(s1);
t1 = work_space[i&0xf] += s0 + s1 + work_space[(i+9)&0xf]; t1 = work_space[i&0xf] += s0 + s1 + work_space[(i+9)&0xf];
t1 += h + Sigma1(e) + Ch(e, f, g) + k256[i]; t1 += h + Sigma1(e) + Ch(e, f, g) + k256[i];
t2 = Sigma0(a) + Maj(a, b, c); t2 = Sigma0(a) + Maj(a, b, c);
h = g; g = f; f = e; e = d + t1; h = g; g = f; f = e; e = d + t1;
d = c; c = b; b = a; a = t1 + t2; d = c; c = b; b = a; a = t1 + t2;
} }
iv[0] += a; iv[1] += b; iv[2] += c; iv[3] += d; iv[0] += a; iv[1] += b; iv[2] += c; iv[3] += d;
iv[4] += e; iv[5] += f; iv[6] += g; iv[7] += h; iv[4] += e; iv[5] += f; iv[6] += g; iv[7] += h;
} }

16
lib/crypto/tinycrypt/source/utils.c
View file

@ -40,17 +40,17 @@
uint32_t _copy(uint8_t *to, uint32_t to_len, uint32_t _copy(uint8_t *to, uint32_t to_len,
const uint8_t *from, uint32_t from_len) const uint8_t *from, uint32_t from_len)
{ {
if (from_len <= to_len) { if (from_len <= to_len) {
(void)memcpy(to, from, from_len); (void)memcpy(to, from, from_len);
return from_len; return from_len;
} else { } else {
return TC_FAIL; return TC_FAIL;
} }
} }
void _set(uint8_t *to, uint8_t val, uint32_t len) void _set(uint8_t *to, uint8_t val, uint32_t len)
{ {
(void)memset(to, val, len); (void)memset(to, val, len);
} }
/* Doubles the value of a byte for values up to 127. Original 'return /* Doubles the value of a byte for values up to 127. Original 'return
@ -58,6 +58,6 @@ void _set(uint8_t *to, uint8_t val, uint32_t len)
* the compiler won't be able to optimize */ * the compiler won't be able to optimize */
uint8_t _double_byte(uint8_t a) uint8_t _double_byte(uint8_t a)
{ {
return (a & MASK_MOST_SIG_BIT) ? return (a & MASK_MOST_SIG_BIT) ?
((a << 1) ^ MASK_TWENTY_SEVEN) : (a << 1); ((a << 1) ^ MASK_TWENTY_SEVEN) : (a << 1);
} }