diff options
Diffstat (limited to 'src/sw')
-rw-r--r-- | src/sw/hash.c | 310 | ||||
-rw-r--r-- | src/sw/hash_tester.c | 688 |
2 files changed, 998 insertions, 0 deletions
diff --git a/src/sw/hash.c b/src/sw/hash.c new file mode 100644 index 0000000..2314fe4 --- /dev/null +++ b/src/sw/hash.c @@ -0,0 +1,310 @@ +/* + * hash.c + * ------ + * This program uses the coretest_hashes subsystem to produce a + * cryptographic hash of a file or input stream. It is a generalization + * of the hash_tester.c test program. + * + * Author: Paul Selkirk + * Copyright (c) 2014, SUNET + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include <string.h> +#include <stdio.h> +#include <stdlib.h> +#include <errno.h> +#include <sys/mman.h> +#include <fcntl.h> +#include <unistd.h> +#include <time.h> +#include <sys/time.h> +#include <linux/i2c-dev.h> +#include <sys/ioctl.h> +#include <arpa/inet.h> +#include <ctype.h> + +char *usage = +"Usage: %s [-d] [-v] [-q] [-i I2C_device] [-a I2C_addr] [algorithm [file]]\n" +"algorithms: sha-1, sha-256, sha-512/224, sha-512/256, sha-384, sha-512\n"; + +/* I2C configuration */ +#define I2C_dev "/dev/i2c-2" + +int debug = 0; +int verbose = 0; + +/* block and digest lengths are number of 32-bit words */ +#define SHA1_BLOCK_LEN 16 +#define SHA1_DIGEST_LEN 5 +#define SHA256_BLOCK_LEN 16 +#define SHA256_DIGEST_LEN 8 +#define SHA512_BLOCK_LEN 32 +#define SHA512_224_DIGEST_LEN 7 +#define SHA512_256_DIGEST_LEN 8 +#define SHA384_DIGEST_LEN 12 +#define SHA512_DIGEST_LEN 16 + +/* ---------------- algorithm lookup code ---------------- */ + +struct ctrl { + char *name; + int i2c_addr; + int block_len; + int digest_len; +} ctrl[] = { + { "sha-1", 0x1e, SHA1_BLOCK_LEN, SHA1_DIGEST_LEN }, + { "sha-256", 0x1f, SHA256_BLOCK_LEN, SHA256_DIGEST_LEN }, + { "sha-512/224", 0x20, SHA512_BLOCK_LEN, SHA512_224_DIGEST_LEN }, + { "sha-512/256", 0x21, SHA512_BLOCK_LEN, SHA512_256_DIGEST_LEN }, + { "sha-384", 0x22, SHA512_BLOCK_LEN, SHA384_DIGEST_LEN }, + { "sha-512", 0x23, SHA512_BLOCK_LEN, SHA512_DIGEST_LEN }, + { NULL, 0, 0, 0 } +}; + +/* return the control structure for the given algorithm */ +struct ctrl *find_algo(char *algo) +{ + int i; + + for (i = 0; ctrl[i].name != NULL; ++i) + if (strcmp(ctrl[i].name, algo) == 0) + return &ctrl[i]; + + fprintf(stderr, "algorithm \"%s\" not found\n", algo); + fprintf(stderr, usage, "hash"); + return NULL; +} + +/* ---------------- I2C low-level code ---------------- */ + +/* return file descriptor for i2c device */ +int i2c_open(char *dev, int addr) +{ + int fd; + + fd = open(dev, O_RDWR); + if (fd < 0) { + fprintf(stderr, "Unable to open %s: ", dev); + perror(""); + return -1; + } + + if (ioctl(fd, I2C_SLAVE, addr) < 0) { + fprintf(stderr, "Unable to set I2C slave device 0x%02x: ", addr); + perror(""); + close(fd); + return -1; + } + + return fd; +} + +void i2c_close(int ifd) +{ + close(ifd); +} + +/* ---------------- hash ---------------- */ + +/* return number of digest bytes read */ +int hash(char *dev, char *algo, char *file, uint8_t *digest) +{ + uint8_t block[SHA512_BLOCK_LEN * 4]; + struct ctrl *ctrl; + int i2c_fd, in_fd = 0; + int addr, blen, dlen; + int nblk, nread; + int i, ret = -1; + struct timeval start, stop, difftime; + + if (debug) printf("hash(dev=%s, algo=%s, file=%s, digest=%p)\n", dev, algo, file, digest); + + ctrl = find_algo(algo); + if (ctrl == NULL) + return -1; + addr = ctrl->i2c_addr; + blen = ctrl->block_len * 4; + dlen = ctrl->digest_len * 4; + + if (debug) printf("algorithm %s, device addr %02x\n", ctrl->name, ctrl->i2c_addr); + + i2c_fd = i2c_open(dev, addr); + if (i2c_fd < 0) + return -1; + + if (strcmp(file, "-") != 0) { + in_fd = open(file, O_RDONLY); + if (in_fd < 0) { + perror("open"); + goto out2; + } + } + + if (verbose) { + if (gettimeofday(&start, NULL) < 0) { + perror("gettimeofday"); + goto out; + } + } + + for (nblk = 0; ; ++nblk) { + nread = read(in_fd, block, blen); + if (nread != blen) { + if (nread < 0) { + /* read error */ + perror("read"); + goto out; + } + else if (nread == 0) { + /* EOF */ + break; + } + else { + /* partial read - pad the block with 0 */ + while (nread < blen) { + block[nread++] = 0; + } + } + } + if (debug) { + printf("write ["); + for (i = 0; i < blen; ++i) + printf(" %02x", block[i]); + printf(" ]\n"); + } + if (write(i2c_fd, block, blen) != blen) { + perror("i2c write failed"); + goto out; + } + } + + for (i = 0; i < dlen; ++i) { + /* read() on the i2c device only returns one byte at a time */ + if (read(i2c_fd, &digest[i], 1) != 1) { + perror("i2c read failed"); + goto out; + } + } + + if (verbose) { + if (gettimeofday(&stop, NULL) < 0) { + perror("gettimeofday"); + goto out; + } + timersub(&stop, &start, &difftime); + printf("%d blocks written in %d.%03d sec (%.3f blocks/sec)\n", + nblk, (int)difftime.tv_sec, (int)difftime.tv_usec/1000, + (float)nblk / ((float)difftime.tv_sec + ((float)difftime.tv_usec)/1000000)); + } + + ret = dlen; +out: + if (in_fd != 0) + close(in_fd); +out2: + i2c_close(i2c_fd); + return ret; +} + +/* ---------------- main ---------------- */ + +int main(int argc, char *argv[]) +{ + char *dev = I2C_dev; + int addr = 0; + int i, opt, quiet = 0; + char *algo = "sha-1"; + char *file = "-"; + uint8_t digest[512/8]; + int dlen; + + while ((opt = getopt(argc, argv, "h?dvqi:a:")) != -1) { + switch (opt) { + case 'h': + case '?': + printf(usage, argv[0]); + return 0; + case 'd': + debug = 1; + break; + case 'v': + verbose = 1; + break; + case 'q': + quiet = 1; + break; + case 'i': + dev = optarg; + break; + case 'a': + addr = (int)strtol(optarg, NULL, 0); + if ((addr < 0x03) || (addr > 0x77)) { + fprintf(stderr, "addr must be between 0x03 and 0x77\n"); + return 1; + } + break; + default: + fprintf(stderr, usage, argv[0]); + return 1; + } + } + + if (optind < argc) { + algo = argv[optind]; + ++optind; + } + else { + if (!quiet) + printf("defaulting to algorithm \"%s\"\n", algo); + } + + if (optind < argc) { + file = argv[optind]; + ++optind; + } + else { + if (!quiet) + printf("reading from stdin\n"); + } + + dlen = hash(dev, algo, file, digest); + if (dlen < 0) + return 1; + + for (i = 0; i < dlen; ++i) { + printf("%02x", digest[i]); + if (i % 16 == 15) + printf("\n"); + else if (i % 4 == 3) + printf(" "); + } + if (dlen % 16 != 0) + printf("\n"); + + return 0; +} diff --git a/src/sw/hash_tester.c b/src/sw/hash_tester.c new file mode 100644 index 0000000..994c305 --- /dev/null +++ b/src/sw/hash_tester.c @@ -0,0 +1,688 @@ +/* + * hash_tester.c + * -------------- + * This program sends several commands to the coretest_hashes subsystem + * in order to verify the SHA-1, SHA-256 and SHA-512/x hash function + * cores. + * + * Note: This version of the program talks to the FPGA over an I2C bus. + * + * The single and dual block test cases are taken from the + * NIST KAT document: + * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/SHA_All.pdf + * + * + * Authors: Joachim Strömbergson, Paul Selkirk + * Copyright (c) 2014, SUNET + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include <string.h> +#include <stdio.h> +#include <stdlib.h> +#include <errno.h> +#include <sys/mman.h> +#include <fcntl.h> +#include <unistd.h> +#include <time.h> +#include <linux/i2c-dev.h> +#include <sys/ioctl.h> +#include <arpa/inet.h> +#include <ctype.h> + +/* I2C configuration */ +#define I2C_DEV "/dev/i2c-2" + +#define I2C_SHA1_ADDR 0x1e +#define I2C_SHA256_ADDR 0x1f +#define I2C_SHA512_ADDR 0x20 + +#define MODE_SHA_512_224 0x00 +#define MODE_SHA_512_256 0x01 +#define MODE_SHA_384 0x02 +#define MODE_SHA_512 0x03 + +int i2cfd; +int debug = 0; + +#define SHA1_BLOCK_BITS 512 +#define SHA1_BLOCK_BYTES SHA1_BLOCK_BITS/8 +#define SHA1_DIGEST_BITS 160 +#define SHA1_DIGEST_BYTES SHA1_DIGEST_BITS/8 + +#define SHA256_BLOCK_BITS 512 +#define SHA256_BLOCK_BYTES SHA256_BLOCK_BITS/8 +#define SHA256_DIGEST_BITS 256 +#define SHA256_DIGEST_BYTES SHA256_DIGEST_BITS/8 + +#define SHA512_BLOCK_BITS 1024 +#define SHA512_BLOCK_BYTES SHA512_BLOCK_BITS/8 +#define SHA512_224_DIGEST_BITS 224 +#define SHA512_224_DIGEST_BYTES SHA512_224_DIGEST_BITS/8 +#define SHA512_256_DIGEST_BITS 256 +#define SHA512_256_DIGEST_BYTES SHA512_256_DIGEST_BITS/8 +#define SHA384_DIGEST_BITS 384 +#define SHA384_DIGEST_BYTES SHA384_DIGEST_BITS/8 +#define SHA512_DIGEST_BITS 512 +#define SHA512_DIGEST_BYTES SHA512_DIGEST_BITS/8 + +/* SHA-1/SHA-256 One Block Message Sample + Input Message: "abc" */ +const uint8_t NIST_512_SINGLE[] = +{ 0x61, 0x62, 0x63, 0x80, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18 }; + +const uint8_t SHA1_SINGLE_DIGEST[] = +{ 0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81, 0x6a, + 0xba, 0x3e, 0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c, + 0x9c, 0xd0, 0xd8, 0x9d }; + +const uint8_t SHA256_SINGLE_DIGEST[] = +{ 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA, + 0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23, + 0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C, + 0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD }; + +/* SHA-1/SHA-256 Two Block Message Sample + Input Message: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" */ +const uint8_t NIST_512_DOUBLE0[] = +{ 0x61, 0x62, 0x63, 0x64, 0x62, 0x63, 0x64, 0x65, + 0x63, 0x64, 0x65, 0x66, 0x64, 0x65, 0x66, 0x67, + 0x65, 0x66, 0x67, 0x68, 0x66, 0x67, 0x68, 0x69, + 0x67, 0x68, 0x69, 0x6A, 0x68, 0x69, 0x6A, 0x6B, + 0x69, 0x6A, 0x6B, 0x6C, 0x6A, 0x6B, 0x6C, 0x6D, + 0x6B, 0x6C, 0x6D, 0x6E, 0x6C, 0x6D, 0x6E, 0x6F, + 0x6D, 0x6E, 0x6F, 0x70, 0x6E, 0x6F, 0x70, 0x71, + 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; +const uint8_t NIST_512_DOUBLE1[] = +{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xC0 }; + +const uint8_t SHA1_DOUBLE_DIGEST[] = +{ 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, + 0xBA, 0xAE, 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, + 0xE5, 0x46, 0x70, 0xF1 }; + +const uint8_t SHA256_DOUBLE_DIGEST[] = +{ 0x24, 0x8D, 0x6A, 0x61, 0xD2, 0x06, 0x38, 0xB8, + 0xE5, 0xC0, 0x26, 0x93, 0x0C, 0x3E, 0x60, 0x39, + 0xA3, 0x3C, 0xE4, 0x59, 0x64, 0xFF, 0x21, 0x67, + 0xF6, 0xEC, 0xED, 0xD4, 0x19, 0xDB, 0x06, 0xC1 }; + +/* SHA-512 One Block Message Sample + Input Message: "abc" */ +const uint8_t NIST_1024_SINGLE[] = +{ 0x61, 0x62, 0x63, 0x80, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18 }; + +const uint8_t SHA512_224_SINGLE_DIGEST[] = +{ 0x46, 0x34, 0x27, 0x0f, 0x70, 0x7b, 0x6a, 0x54, + 0xda, 0xae, 0x75, 0x30, 0x46, 0x08, 0x42, 0xe2, + 0x0e, 0x37, 0xed, 0x26, 0x5c, 0xee, 0xe9, 0xa4, + 0x3e, 0x89, 0x24, 0xaa }; +const uint8_t SHA512_256_SINGLE_DIGEST[] = +{ 0x53, 0x04, 0x8e, 0x26, 0x81, 0x94, 0x1e, 0xf9, + 0x9b, 0x2e, 0x29, 0xb7, 0x6b, 0x4c, 0x7d, 0xab, + 0xe4, 0xc2, 0xd0, 0xc6, 0x34, 0xfc, 0x6d, 0x46, + 0xe0, 0xe2, 0xf1, 0x31, 0x07, 0xe7, 0xaf, 0x23 }; +const uint8_t SHA384_SINGLE_DIGEST[] = +{ 0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b, + 0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07, + 0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63, + 0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed, + 0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23, + 0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7 }; +const uint8_t SHA512_SINGLE_DIGEST[] = +{ 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba, + 0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31, + 0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2, + 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a, + 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8, + 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd, + 0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e, + 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f }; + +/* SHA-512 Two Block Message Sample + Input Message: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" + "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" */ +const uint8_t NIST_1024_DOUBLE0[] = +{ 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, + 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, + 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, + 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, + 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, + 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, + 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, + 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, + 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, + 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, + 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, + 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, + 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, + 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, + 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; +const uint8_t NIST_1024_DOUBLE1[] = +{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x80 }; + +const uint8_t SHA512_224_DOUBLE_DIGEST[] = +{ 0x23, 0xfe, 0xc5, 0xbb, 0x94, 0xd6, 0x0b, 0x23, + 0x30, 0x81, 0x92, 0x64, 0x0b, 0x0c, 0x45, 0x33, + 0x35, 0xd6, 0x64, 0x73, 0x4f, 0xe4, 0x0e, 0x72, + 0x68, 0x67, 0x4a, 0xf9 }; +const uint8_t SHA512_256_DOUBLE_DIGEST[] = +{ 0x39, 0x28, 0xe1, 0x84, 0xfb, 0x86, 0x90, 0xf8, + 0x40, 0xda, 0x39, 0x88, 0x12, 0x1d, 0x31, 0xbe, + 0x65, 0xcb, 0x9d, 0x3e, 0xf8, 0x3e, 0xe6, 0x14, + 0x6f, 0xea, 0xc8, 0x61, 0xe1, 0x9b, 0x56, 0x3a }; +const uint8_t SHA384_DOUBLE_DIGEST[] = +{ 0x09, 0x33, 0x0c, 0x33, 0xf7, 0x11, 0x47, 0xe8, + 0x3d, 0x19, 0x2f, 0xc7, 0x82, 0xcd, 0x1b, 0x47, + 0x53, 0x11, 0x1b, 0x17, 0x3b, 0x3b, 0x05, 0xd2, + 0x2f, 0xa0, 0x80, 0x86, 0xe3, 0xb0, 0xf7, 0x12, + 0xfc, 0xc7, 0xc7, 0x1a, 0x55, 0x7e, 0x2d, 0xb9, + 0x66, 0xc3, 0xe9, 0xfa, 0x91, 0x74, 0x60, 0x39 }; +const uint8_t SHA512_DOUBLE_DIGEST[] = +{ 0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda, + 0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f, + 0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1, + 0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18, + 0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4, + 0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a, + 0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54, + 0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09 }; + +/* ---------------- I2C low-level code ---------------- */ + +int i2c_open(char *dev) +{ + i2cfd = open(dev, O_RDWR); + if (i2cfd < 0) { + fprintf(stderr, "Unable to open %s: ", dev); + perror(""); + i2cfd = 0; + return 1; + } + + return 0; +} + +int i2c_addr(int addr) +{ + static int cur_addr = 0; + + if (addr != cur_addr) { + if (ioctl(i2cfd, I2C_SLAVE, addr) < 0) { + fprintf(stderr, "Unable to set I2C slave device 0x%02x: ", addr); + perror(""); + return 1; + } + addr = cur_addr; + } + + return 0; +} + +int i2c_close(void) +{ + return close(i2cfd); +} + +int i2c_write(const uint8_t *buf, int len) +{ + if (write(i2cfd, buf, len) != len) { + perror("i2c write failed"); + return 1; + } + + return 0; +} + +int i2c_read(uint8_t *b) +{ + /* read() on the i2c device only returns one byte at a time, + * and tc_get_resp() needs to parse the response one byte at a time + */ + if (read(i2cfd, b, 1) != 1) { + perror("i2c read failed"); + return 1; + } + + return 0; +} + +/* ---------------- test-case low-level code ---------------- */ + +int tc_write(int addr, const uint8_t *buf, int len) +{ + /* we only set the i2c device addr on tc_write, because test cases always + * write before reading, plus test cases never call tc_read directly + */ + if (i2c_addr(addr) != 0) + return 1; + + if (debug) { + int i; + printf("write ["); + for (i = 0; i < len; ++i) + printf(" %02x", buf[i]); + printf(" ]\n"); + } + + return i2c_write(buf, len); +} + +int tc_read(uint8_t *buf, int len) +{ + int i; + + if (debug) printf("read ["); + + for (i = 0; i < len; ++i) { + if (i2c_read(&buf[i]) != 0) { + if (debug) printf(" ]\n"); + return 1; + } + if (debug) printf(" %02x", buf[i]); + } + + if (debug) printf(" ]\n"); + + return 0; +} + +int tc_expected(const uint8_t *expected, int len) +{ + uint8_t *buf; + int i; + + buf = malloc(len); + if (buf == NULL) { + perror("malloc"); + return 1; + } + + if (tc_read(buf, len) != 0) + goto errout; + + for (i = 0; i < len; ++i) + if (buf[i] != expected[i]) { + fprintf(stderr, "response byte %d: expected 0x%02x, got 0x%02x\n", + i, expected[i], buf[i]); + goto errout; + } + + free(buf); + return 0; +errout: + free(buf); + return 1; +} + +/* ---------------- SHA-1 test cases ---------------- */ + +#define BLOCK_LEN SHA1_BLOCK_BYTES +#define DIGEST_LEN SHA1_DIGEST_BYTES + +/* TC1: Read name and version from SHA-1 core. */ +int TC1(int addr) +{ + return 0; +} + +/* TC2: SHA-1 Single block message test as specified by NIST. */ +int TC2(int addr) +{ + const uint8_t *block = NIST_512_SINGLE; + const uint8_t *expected = SHA1_SINGLE_DIGEST; + + printf("TC2: Single block message test for SHA-1.\n"); + + if (addr == 0) + addr = I2C_SHA1_ADDR; + + return + tc_write(addr, block, BLOCK_LEN) || + tc_expected(expected, DIGEST_LEN); +} + +/* TC3: SHA-1 Double block message test as specified by NIST. */ +int TC3(int addr) +{ + const uint8_t *block[2] = { NIST_512_DOUBLE0, NIST_512_DOUBLE1 }; + const uint8_t *expected = SHA1_DOUBLE_DIGEST; + + printf("TC3: Double block message test for SHA-1.\n"); + + if (addr == 0) + addr = I2C_SHA1_ADDR; + + return + tc_write(addr, block[0], BLOCK_LEN) || + tc_write(addr, block[1], BLOCK_LEN) || + tc_expected(expected, DIGEST_LEN); +} + +/* ---------------- SHA-256 test cases ---------------- */ + +#undef BLOCK_LEN +#define BLOCK_LEN SHA256_BLOCK_BYTES +#undef DIGEST_LEN +#define DIGEST_LEN SHA256_DIGEST_BYTES + +int TC4(int addr) +{ + return 0; +} + +/* TC5: SHA-256 Single block message test as specified by NIST. */ +int TC5(int addr) +{ + const uint8_t *block = NIST_512_SINGLE; + const uint8_t *expected = SHA256_SINGLE_DIGEST; + + printf("TC5: Single block message test for SHA-256.\n"); + + if (addr == 0) + addr = I2C_SHA256_ADDR; + + return + tc_write(addr, block, BLOCK_LEN) || + tc_expected(expected, DIGEST_LEN); +} + +/* TC6: SHA-256 Double block message test as specified by NIST. */ +int TC6(int addr) +{ + const uint8_t *block[2] = { NIST_512_DOUBLE0, NIST_512_DOUBLE1 }; + const uint8_t *expected = SHA256_DOUBLE_DIGEST; + + printf("TC6: Double block message test for SHA-256.\n"); + + if (addr == 0) + addr = I2C_SHA256_ADDR; + + return + tc_write(addr, block[0], BLOCK_LEN) || + tc_write(addr, block[1], BLOCK_LEN) || + tc_expected(expected, DIGEST_LEN); +} + +/* TC7: SHA-256 Huge message test. */ +int TC7(int addr) +{ + static const uint8_t block[] = + { 0xaa, 0x55, 0xaa, 0x55, 0xde, 0xad, 0xbe, 0xef, + 0x55, 0xaa, 0x55, 0xaa, 0xf0, 0x0f, 0xf0, 0x0f, + 0xaa, 0x55, 0xaa, 0x55, 0xde, 0xad, 0xbe, 0xef, + 0x55, 0xaa, 0x55, 0xaa, 0xf0, 0x0f, 0xf0, 0x0f, + 0xaa, 0x55, 0xaa, 0x55, 0xde, 0xad, 0xbe, 0xef, + 0x55, 0xaa, 0x55, 0xaa, 0xf0, 0x0f, 0xf0, 0x0f, + 0xaa, 0x55, 0xaa, 0x55, 0xde, 0xad, 0xbe, 0xef, + 0x55, 0xaa, 0x55, 0xaa, 0xf0, 0x0f, 0xf0, 0x0f }; + + /* final digest after 1000 iterations */ + static const uint8_t expected[] = + { 0x76, 0x38, 0xf3, 0xbc, 0x50, 0x0d, 0xd1, 0xa6, + 0x58, 0x6d, 0xd4, 0xd0, 0x1a, 0x15, 0x51, 0xaf, + 0xd8, 0x21, 0xd2, 0x35, 0x2f, 0x91, 0x9e, 0x28, + 0xd5, 0x84, 0x2f, 0xab, 0x03, 0xa4, 0x0f, 0x2a }; + + int i, n = 1000; + + printf("TC7: Message with %d blocks test for SHA-256.\n", n); + + if (addr == 0) + addr = I2C_SHA256_ADDR; + + /* Write blocks to SHA-256. */ + for (i = 0; i < n; ++i) + if (tc_write(addr, block, BLOCK_LEN) != 0) + return 1; + + /* Extract the final digest. */ + return tc_expected(expected, DIGEST_LEN); +} + +/* ---------------- SHA-512 test cases ---------------- */ + +#undef BLOCK_LEN +#define BLOCK_LEN SHA512_BLOCK_BYTES + +/* TC8: Read name and version from SHA-512 core. */ +int TC8(int addr) +{ + return 0; +} + +/* TC9: SHA-512 Single block message test as specified by NIST. + We do this for all modes. */ +int tc9(int addr, const uint8_t *expected, int digest_len) +{ + const uint8_t *block = NIST_1024_SINGLE; + + return + tc_write(addr, block, BLOCK_LEN) || + tc_expected(expected, digest_len); +} + +int TC9(int addr) +{ + if (addr == 0) + addr = I2C_SHA512_ADDR; + + printf("TC9-1: Single block message test for SHA-512/224.\n"); + if (tc9(addr + MODE_SHA_512_224, SHA512_224_SINGLE_DIGEST, + sizeof(SHA512_224_SINGLE_DIGEST)) != 0) + return 1; + + printf("TC9-2: Single block message test for SHA-512/256.\n"); + if (tc9(addr + MODE_SHA_512_256, SHA512_256_SINGLE_DIGEST, + sizeof(SHA512_256_SINGLE_DIGEST)) != 0) + return 1; + + printf("TC9-3: Single block message test for SHA-384.\n"); + if (tc9(addr + MODE_SHA_384, SHA384_SINGLE_DIGEST, + sizeof(SHA384_SINGLE_DIGEST)) != 0) + return 1; + + printf("TC9-4: Single block message test for SHA-512.\n"); + if (tc9(addr + MODE_SHA_512, SHA512_SINGLE_DIGEST, + sizeof(SHA512_SINGLE_DIGEST)) != 0) + return 1; + + return 0; +} + +/* TC10: SHA-512 Double block message test as specified by NIST. + We do this for all modes. */ +int tc10(int addr, const uint8_t *expected, int digest_len) +{ + const uint8_t *block[2] = { NIST_1024_DOUBLE0, NIST_1024_DOUBLE1 }; + + return + tc_write(addr, block[0], BLOCK_LEN) || + tc_write(addr, block[1], BLOCK_LEN) || + tc_expected(expected, digest_len); +} + +int TC10(int addr) +{ + if (addr == 0) + addr = I2C_SHA512_ADDR; + + printf("TC10-1: Double block message test for SHA-512/224.\n"); + if (tc10(addr + MODE_SHA_512_224, SHA512_224_DOUBLE_DIGEST, + sizeof(SHA512_224_DOUBLE_DIGEST)) != 0) + return 1; + + printf("TC10-2: Double block message test for SHA-512/256.\n"); + if (tc10(addr + MODE_SHA_512_256, SHA512_256_DOUBLE_DIGEST, + sizeof(SHA512_256_DOUBLE_DIGEST)) != 0) + return 1; + + printf("TC10-3: Double block message test for SHA-384.\n"); + if (tc10(addr + MODE_SHA_384, SHA384_DOUBLE_DIGEST, + sizeof(SHA384_DOUBLE_DIGEST)) != 0) + return 1; + + printf("TC10-4: Double block message test for SHA-512.\n"); + if (tc10(addr + MODE_SHA_512, SHA512_DOUBLE_DIGEST, + sizeof(SHA512_DOUBLE_DIGEST)) != 0) + return 1; + + return 0; +} + +/* ---------------- main ---------------- */ + +int main(int argc, char *argv[]) +{ + typedef int (*tcfp)(int); + tcfp all_tests[] = { TC1, TC2, TC3, TC4, TC5, TC6, TC7, TC9, TC10 + }; + tcfp sha1_tests[] = { TC1, TC2, TC3 }; + tcfp sha256_tests[] = { TC4, TC5, TC6, TC7 }; + tcfp sha512_tests[] = { TC9, TC10 }; + + char *usage = "Usage: %s [-h] [-d] [-i I2C_device] [-a I2C_addr] tc...\n"; + char *dev = I2C_DEV; + int addr = 0; + int i, j, opt; + + while ((opt = getopt(argc, argv, "h?di:a:")) != -1) { + switch (opt) { + case 'h': + case '?': + printf(usage, argv[0]); + return 0; + case 'd': + debug = 1; + break; + case 'i': + dev = optarg; + break; + case 'a': + addr = (int)strtol(optarg, NULL, 0); + if ((addr < 0x03) || (addr > 0x77)) { + fprintf(stderr, "addr must be between 0x03 and 0x77\n"); + return 1; + } + break; + default: + fprintf(stderr, usage, argv[0]); + return 1; + } + } + + if (i2c_open(dev) != 0) + return 1; + + /* no args == run all tests */ + if (optind >= argc) { + for (j = 0; j < sizeof(all_tests)/sizeof(all_tests[0]); ++j) + if (all_tests[j](addr) != 0) + return 1; + return 0; + } + + for (i = optind; i < argc; ++i) { + if (strcmp(argv[i], "sha1") == 0) { + for (j = 0; j < sizeof(sha1_tests)/sizeof(sha1_tests[0]); ++j) + if (sha1_tests[j](addr) != 0) + return 1; + } + else if (strcmp(argv[i], "sha256") == 0) { + for (j = 0; j < sizeof(sha256_tests)/sizeof(sha256_tests[0]); ++j) + if (sha256_tests[j](addr) != 0) + return 1; + } + else if (strcmp(argv[i], "sha512") == 0) { + for (j = 0; j < sizeof(sha512_tests)/sizeof(sha512_tests[0]); ++j) + if (sha512_tests[j](addr) != 0) + return 1; + } + else if (strcmp(argv[i], "all") == 0) { + for (j = 0; j < sizeof(all_tests)/sizeof(all_tests[0]); ++j) + if (all_tests[j](addr) != 0) + return 1; + } + else if (isdigit(argv[i][0]) && + (((j = atoi(argv[i])) > 0) && + (j <= sizeof(all_tests)/sizeof(all_tests[0])))) { + if (all_tests[j - 1](addr) != 0) + return 1; + } + else { + fprintf(stderr, "unknown test case %s\n", argv[i]); + return 1; + } + } + + return 0; +} |