aboutsummaryrefslogtreecommitdiff
path: root/src/sw
diff options
context:
space:
mode:
Diffstat (limited to 'src/sw')
-rw-r--r--src/sw/hash.c310
-rw-r--r--src/sw/hash_tester.c688
2 files changed, 998 insertions, 0 deletions
diff --git a/src/sw/hash.c b/src/sw/hash.c
new file mode 100644
index 0000000..2314fe4
--- /dev/null
+++ b/src/sw/hash.c
@@ -0,0 +1,310 @@
+/*
+ * hash.c
+ * ------
+ * This program uses the coretest_hashes subsystem to produce a
+ * cryptographic hash of a file or input stream. It is a generalization
+ * of the hash_tester.c test program.
+ *
+ * Author: Paul Selkirk
+ * Copyright (c) 2014, SUNET
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/mman.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <time.h>
+#include <sys/time.h>
+#include <linux/i2c-dev.h>
+#include <sys/ioctl.h>
+#include <arpa/inet.h>
+#include <ctype.h>
+
+char *usage =
+"Usage: %s [-d] [-v] [-q] [-i I2C_device] [-a I2C_addr] [algorithm [file]]\n"
+"algorithms: sha-1, sha-256, sha-512/224, sha-512/256, sha-384, sha-512\n";
+
+/* I2C configuration */
+#define I2C_dev "/dev/i2c-2"
+
+int debug = 0;
+int verbose = 0;
+
+/* block and digest lengths are number of 32-bit words */
+#define SHA1_BLOCK_LEN 16
+#define SHA1_DIGEST_LEN 5
+#define SHA256_BLOCK_LEN 16
+#define SHA256_DIGEST_LEN 8
+#define SHA512_BLOCK_LEN 32
+#define SHA512_224_DIGEST_LEN 7
+#define SHA512_256_DIGEST_LEN 8
+#define SHA384_DIGEST_LEN 12
+#define SHA512_DIGEST_LEN 16
+
+/* ---------------- algorithm lookup code ---------------- */
+
+struct ctrl {
+ char *name;
+ int i2c_addr;
+ int block_len;
+ int digest_len;
+} ctrl[] = {
+ { "sha-1", 0x1e, SHA1_BLOCK_LEN, SHA1_DIGEST_LEN },
+ { "sha-256", 0x1f, SHA256_BLOCK_LEN, SHA256_DIGEST_LEN },
+ { "sha-512/224", 0x20, SHA512_BLOCK_LEN, SHA512_224_DIGEST_LEN },
+ { "sha-512/256", 0x21, SHA512_BLOCK_LEN, SHA512_256_DIGEST_LEN },
+ { "sha-384", 0x22, SHA512_BLOCK_LEN, SHA384_DIGEST_LEN },
+ { "sha-512", 0x23, SHA512_BLOCK_LEN, SHA512_DIGEST_LEN },
+ { NULL, 0, 0, 0 }
+};
+
+/* return the control structure for the given algorithm */
+struct ctrl *find_algo(char *algo)
+{
+ int i;
+
+ for (i = 0; ctrl[i].name != NULL; ++i)
+ if (strcmp(ctrl[i].name, algo) == 0)
+ return &ctrl[i];
+
+ fprintf(stderr, "algorithm \"%s\" not found\n", algo);
+ fprintf(stderr, usage, "hash");
+ return NULL;
+}
+
+/* ---------------- I2C low-level code ---------------- */
+
+/* return file descriptor for i2c device */
+int i2c_open(char *dev, int addr)
+{
+ int fd;
+
+ fd = open(dev, O_RDWR);
+ if (fd < 0) {
+ fprintf(stderr, "Unable to open %s: ", dev);
+ perror("");
+ return -1;
+ }
+
+ if (ioctl(fd, I2C_SLAVE, addr) < 0) {
+ fprintf(stderr, "Unable to set I2C slave device 0x%02x: ", addr);
+ perror("");
+ close(fd);
+ return -1;
+ }
+
+ return fd;
+}
+
+void i2c_close(int ifd)
+{
+ close(ifd);
+}
+
+/* ---------------- hash ---------------- */
+
+/* return number of digest bytes read */
+int hash(char *dev, char *algo, char *file, uint8_t *digest)
+{
+ uint8_t block[SHA512_BLOCK_LEN * 4];
+ struct ctrl *ctrl;
+ int i2c_fd, in_fd = 0;
+ int addr, blen, dlen;
+ int nblk, nread;
+ int i, ret = -1;
+ struct timeval start, stop, difftime;
+
+ if (debug) printf("hash(dev=%s, algo=%s, file=%s, digest=%p)\n", dev, algo, file, digest);
+
+ ctrl = find_algo(algo);
+ if (ctrl == NULL)
+ return -1;
+ addr = ctrl->i2c_addr;
+ blen = ctrl->block_len * 4;
+ dlen = ctrl->digest_len * 4;
+
+ if (debug) printf("algorithm %s, device addr %02x\n", ctrl->name, ctrl->i2c_addr);
+
+ i2c_fd = i2c_open(dev, addr);
+ if (i2c_fd < 0)
+ return -1;
+
+ if (strcmp(file, "-") != 0) {
+ in_fd = open(file, O_RDONLY);
+ if (in_fd < 0) {
+ perror("open");
+ goto out2;
+ }
+ }
+
+ if (verbose) {
+ if (gettimeofday(&start, NULL) < 0) {
+ perror("gettimeofday");
+ goto out;
+ }
+ }
+
+ for (nblk = 0; ; ++nblk) {
+ nread = read(in_fd, block, blen);
+ if (nread != blen) {
+ if (nread < 0) {
+ /* read error */
+ perror("read");
+ goto out;
+ }
+ else if (nread == 0) {
+ /* EOF */
+ break;
+ }
+ else {
+ /* partial read - pad the block with 0 */
+ while (nread < blen) {
+ block[nread++] = 0;
+ }
+ }
+ }
+ if (debug) {
+ printf("write [");
+ for (i = 0; i < blen; ++i)
+ printf(" %02x", block[i]);
+ printf(" ]\n");
+ }
+ if (write(i2c_fd, block, blen) != blen) {
+ perror("i2c write failed");
+ goto out;
+ }
+ }
+
+ for (i = 0; i < dlen; ++i) {
+ /* read() on the i2c device only returns one byte at a time */
+ if (read(i2c_fd, &digest[i], 1) != 1) {
+ perror("i2c read failed");
+ goto out;
+ }
+ }
+
+ if (verbose) {
+ if (gettimeofday(&stop, NULL) < 0) {
+ perror("gettimeofday");
+ goto out;
+ }
+ timersub(&stop, &start, &difftime);
+ printf("%d blocks written in %d.%03d sec (%.3f blocks/sec)\n",
+ nblk, (int)difftime.tv_sec, (int)difftime.tv_usec/1000,
+ (float)nblk / ((float)difftime.tv_sec + ((float)difftime.tv_usec)/1000000));
+ }
+
+ ret = dlen;
+out:
+ if (in_fd != 0)
+ close(in_fd);
+out2:
+ i2c_close(i2c_fd);
+ return ret;
+}
+
+/* ---------------- main ---------------- */
+
+int main(int argc, char *argv[])
+{
+ char *dev = I2C_dev;
+ int addr = 0;
+ int i, opt, quiet = 0;
+ char *algo = "sha-1";
+ char *file = "-";
+ uint8_t digest[512/8];
+ int dlen;
+
+ while ((opt = getopt(argc, argv, "h?dvqi:a:")) != -1) {
+ switch (opt) {
+ case 'h':
+ case '?':
+ printf(usage, argv[0]);
+ return 0;
+ case 'd':
+ debug = 1;
+ break;
+ case 'v':
+ verbose = 1;
+ break;
+ case 'q':
+ quiet = 1;
+ break;
+ case 'i':
+ dev = optarg;
+ break;
+ case 'a':
+ addr = (int)strtol(optarg, NULL, 0);
+ if ((addr < 0x03) || (addr > 0x77)) {
+ fprintf(stderr, "addr must be between 0x03 and 0x77\n");
+ return 1;
+ }
+ break;
+ default:
+ fprintf(stderr, usage, argv[0]);
+ return 1;
+ }
+ }
+
+ if (optind < argc) {
+ algo = argv[optind];
+ ++optind;
+ }
+ else {
+ if (!quiet)
+ printf("defaulting to algorithm \"%s\"\n", algo);
+ }
+
+ if (optind < argc) {
+ file = argv[optind];
+ ++optind;
+ }
+ else {
+ if (!quiet)
+ printf("reading from stdin\n");
+ }
+
+ dlen = hash(dev, algo, file, digest);
+ if (dlen < 0)
+ return 1;
+
+ for (i = 0; i < dlen; ++i) {
+ printf("%02x", digest[i]);
+ if (i % 16 == 15)
+ printf("\n");
+ else if (i % 4 == 3)
+ printf(" ");
+ }
+ if (dlen % 16 != 0)
+ printf("\n");
+
+ return 0;
+}
diff --git a/src/sw/hash_tester.c b/src/sw/hash_tester.c
new file mode 100644
index 0000000..994c305
--- /dev/null
+++ b/src/sw/hash_tester.c
@@ -0,0 +1,688 @@
+/*
+ * hash_tester.c
+ * --------------
+ * This program sends several commands to the coretest_hashes subsystem
+ * in order to verify the SHA-1, SHA-256 and SHA-512/x hash function
+ * cores.
+ *
+ * Note: This version of the program talks to the FPGA over an I2C bus.
+ *
+ * The single and dual block test cases are taken from the
+ * NIST KAT document:
+ * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/SHA_All.pdf
+ *
+ *
+ * Authors: Joachim Strömbergson, Paul Selkirk
+ * Copyright (c) 2014, SUNET
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/mman.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <time.h>
+#include <linux/i2c-dev.h>
+#include <sys/ioctl.h>
+#include <arpa/inet.h>
+#include <ctype.h>
+
+/* I2C configuration */
+#define I2C_DEV "/dev/i2c-2"
+
+#define I2C_SHA1_ADDR 0x1e
+#define I2C_SHA256_ADDR 0x1f
+#define I2C_SHA512_ADDR 0x20
+
+#define MODE_SHA_512_224 0x00
+#define MODE_SHA_512_256 0x01
+#define MODE_SHA_384 0x02
+#define MODE_SHA_512 0x03
+
+int i2cfd;
+int debug = 0;
+
+#define SHA1_BLOCK_BITS 512
+#define SHA1_BLOCK_BYTES SHA1_BLOCK_BITS/8
+#define SHA1_DIGEST_BITS 160
+#define SHA1_DIGEST_BYTES SHA1_DIGEST_BITS/8
+
+#define SHA256_BLOCK_BITS 512
+#define SHA256_BLOCK_BYTES SHA256_BLOCK_BITS/8
+#define SHA256_DIGEST_BITS 256
+#define SHA256_DIGEST_BYTES SHA256_DIGEST_BITS/8
+
+#define SHA512_BLOCK_BITS 1024
+#define SHA512_BLOCK_BYTES SHA512_BLOCK_BITS/8
+#define SHA512_224_DIGEST_BITS 224
+#define SHA512_224_DIGEST_BYTES SHA512_224_DIGEST_BITS/8
+#define SHA512_256_DIGEST_BITS 256
+#define SHA512_256_DIGEST_BYTES SHA512_256_DIGEST_BITS/8
+#define SHA384_DIGEST_BITS 384
+#define SHA384_DIGEST_BYTES SHA384_DIGEST_BITS/8
+#define SHA512_DIGEST_BITS 512
+#define SHA512_DIGEST_BYTES SHA512_DIGEST_BITS/8
+
+/* SHA-1/SHA-256 One Block Message Sample
+ Input Message: "abc" */
+const uint8_t NIST_512_SINGLE[] =
+{ 0x61, 0x62, 0x63, 0x80, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18 };
+
+const uint8_t SHA1_SINGLE_DIGEST[] =
+{ 0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81, 0x6a,
+ 0xba, 0x3e, 0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c,
+ 0x9c, 0xd0, 0xd8, 0x9d };
+
+const uint8_t SHA256_SINGLE_DIGEST[] =
+{ 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA,
+ 0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23,
+ 0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C,
+ 0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD };
+
+/* SHA-1/SHA-256 Two Block Message Sample
+ Input Message: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" */
+const uint8_t NIST_512_DOUBLE0[] =
+{ 0x61, 0x62, 0x63, 0x64, 0x62, 0x63, 0x64, 0x65,
+ 0x63, 0x64, 0x65, 0x66, 0x64, 0x65, 0x66, 0x67,
+ 0x65, 0x66, 0x67, 0x68, 0x66, 0x67, 0x68, 0x69,
+ 0x67, 0x68, 0x69, 0x6A, 0x68, 0x69, 0x6A, 0x6B,
+ 0x69, 0x6A, 0x6B, 0x6C, 0x6A, 0x6B, 0x6C, 0x6D,
+ 0x6B, 0x6C, 0x6D, 0x6E, 0x6C, 0x6D, 0x6E, 0x6F,
+ 0x6D, 0x6E, 0x6F, 0x70, 0x6E, 0x6F, 0x70, 0x71,
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
+const uint8_t NIST_512_DOUBLE1[] =
+{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xC0 };
+
+const uint8_t SHA1_DOUBLE_DIGEST[] =
+{ 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E,
+ 0xBA, 0xAE, 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5,
+ 0xE5, 0x46, 0x70, 0xF1 };
+
+const uint8_t SHA256_DOUBLE_DIGEST[] =
+{ 0x24, 0x8D, 0x6A, 0x61, 0xD2, 0x06, 0x38, 0xB8,
+ 0xE5, 0xC0, 0x26, 0x93, 0x0C, 0x3E, 0x60, 0x39,
+ 0xA3, 0x3C, 0xE4, 0x59, 0x64, 0xFF, 0x21, 0x67,
+ 0xF6, 0xEC, 0xED, 0xD4, 0x19, 0xDB, 0x06, 0xC1 };
+
+/* SHA-512 One Block Message Sample
+ Input Message: "abc" */
+const uint8_t NIST_1024_SINGLE[] =
+{ 0x61, 0x62, 0x63, 0x80, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18 };
+
+const uint8_t SHA512_224_SINGLE_DIGEST[] =
+{ 0x46, 0x34, 0x27, 0x0f, 0x70, 0x7b, 0x6a, 0x54,
+ 0xda, 0xae, 0x75, 0x30, 0x46, 0x08, 0x42, 0xe2,
+ 0x0e, 0x37, 0xed, 0x26, 0x5c, 0xee, 0xe9, 0xa4,
+ 0x3e, 0x89, 0x24, 0xaa };
+const uint8_t SHA512_256_SINGLE_DIGEST[] =
+{ 0x53, 0x04, 0x8e, 0x26, 0x81, 0x94, 0x1e, 0xf9,
+ 0x9b, 0x2e, 0x29, 0xb7, 0x6b, 0x4c, 0x7d, 0xab,
+ 0xe4, 0xc2, 0xd0, 0xc6, 0x34, 0xfc, 0x6d, 0x46,
+ 0xe0, 0xe2, 0xf1, 0x31, 0x07, 0xe7, 0xaf, 0x23 };
+const uint8_t SHA384_SINGLE_DIGEST[] =
+{ 0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b,
+ 0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07,
+ 0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63,
+ 0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed,
+ 0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23,
+ 0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7 };
+const uint8_t SHA512_SINGLE_DIGEST[] =
+{ 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba,
+ 0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31,
+ 0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2,
+ 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a,
+ 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8,
+ 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd,
+ 0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e,
+ 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f };
+
+/* SHA-512 Two Block Message Sample
+ Input Message: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
+ "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" */
+const uint8_t NIST_1024_DOUBLE0[] =
+{ 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68,
+ 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69,
+ 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a,
+ 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b,
+ 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
+ 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d,
+ 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e,
+ 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
+ 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70,
+ 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71,
+ 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72,
+ 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73,
+ 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74,
+ 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75,
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
+const uint8_t NIST_1024_DOUBLE1[] =
+{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x80 };
+
+const uint8_t SHA512_224_DOUBLE_DIGEST[] =
+{ 0x23, 0xfe, 0xc5, 0xbb, 0x94, 0xd6, 0x0b, 0x23,
+ 0x30, 0x81, 0x92, 0x64, 0x0b, 0x0c, 0x45, 0x33,
+ 0x35, 0xd6, 0x64, 0x73, 0x4f, 0xe4, 0x0e, 0x72,
+ 0x68, 0x67, 0x4a, 0xf9 };
+const uint8_t SHA512_256_DOUBLE_DIGEST[] =
+{ 0x39, 0x28, 0xe1, 0x84, 0xfb, 0x86, 0x90, 0xf8,
+ 0x40, 0xda, 0x39, 0x88, 0x12, 0x1d, 0x31, 0xbe,
+ 0x65, 0xcb, 0x9d, 0x3e, 0xf8, 0x3e, 0xe6, 0x14,
+ 0x6f, 0xea, 0xc8, 0x61, 0xe1, 0x9b, 0x56, 0x3a };
+const uint8_t SHA384_DOUBLE_DIGEST[] =
+{ 0x09, 0x33, 0x0c, 0x33, 0xf7, 0x11, 0x47, 0xe8,
+ 0x3d, 0x19, 0x2f, 0xc7, 0x82, 0xcd, 0x1b, 0x47,
+ 0x53, 0x11, 0x1b, 0x17, 0x3b, 0x3b, 0x05, 0xd2,
+ 0x2f, 0xa0, 0x80, 0x86, 0xe3, 0xb0, 0xf7, 0x12,
+ 0xfc, 0xc7, 0xc7, 0x1a, 0x55, 0x7e, 0x2d, 0xb9,
+ 0x66, 0xc3, 0xe9, 0xfa, 0x91, 0x74, 0x60, 0x39 };
+const uint8_t SHA512_DOUBLE_DIGEST[] =
+{ 0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda,
+ 0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f,
+ 0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1,
+ 0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18,
+ 0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4,
+ 0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a,
+ 0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54,
+ 0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09 };
+
+/* ---------------- I2C low-level code ---------------- */
+
+int i2c_open(char *dev)
+{
+ i2cfd = open(dev, O_RDWR);
+ if (i2cfd < 0) {
+ fprintf(stderr, "Unable to open %s: ", dev);
+ perror("");
+ i2cfd = 0;
+ return 1;
+ }
+
+ return 0;
+}
+
+int i2c_addr(int addr)
+{
+ static int cur_addr = 0;
+
+ if (addr != cur_addr) {
+ if (ioctl(i2cfd, I2C_SLAVE, addr) < 0) {
+ fprintf(stderr, "Unable to set I2C slave device 0x%02x: ", addr);
+ perror("");
+ return 1;
+ }
+ addr = cur_addr;
+ }
+
+ return 0;
+}
+
+int i2c_close(void)
+{
+ return close(i2cfd);
+}
+
+int i2c_write(const uint8_t *buf, int len)
+{
+ if (write(i2cfd, buf, len) != len) {
+ perror("i2c write failed");
+ return 1;
+ }
+
+ return 0;
+}
+
+int i2c_read(uint8_t *b)
+{
+ /* read() on the i2c device only returns one byte at a time,
+ * and tc_get_resp() needs to parse the response one byte at a time
+ */
+ if (read(i2cfd, b, 1) != 1) {
+ perror("i2c read failed");
+ return 1;
+ }
+
+ return 0;
+}
+
+/* ---------------- test-case low-level code ---------------- */
+
+int tc_write(int addr, const uint8_t *buf, int len)
+{
+ /* we only set the i2c device addr on tc_write, because test cases always
+ * write before reading, plus test cases never call tc_read directly
+ */
+ if (i2c_addr(addr) != 0)
+ return 1;
+
+ if (debug) {
+ int i;
+ printf("write [");
+ for (i = 0; i < len; ++i)
+ printf(" %02x", buf[i]);
+ printf(" ]\n");
+ }
+
+ return i2c_write(buf, len);
+}
+
+int tc_read(uint8_t *buf, int len)
+{
+ int i;
+
+ if (debug) printf("read [");
+
+ for (i = 0; i < len; ++i) {
+ if (i2c_read(&buf[i]) != 0) {
+ if (debug) printf(" ]\n");
+ return 1;
+ }
+ if (debug) printf(" %02x", buf[i]);
+ }
+
+ if (debug) printf(" ]\n");
+
+ return 0;
+}
+
+int tc_expected(const uint8_t *expected, int len)
+{
+ uint8_t *buf;
+ int i;
+
+ buf = malloc(len);
+ if (buf == NULL) {
+ perror("malloc");
+ return 1;
+ }
+
+ if (tc_read(buf, len) != 0)
+ goto errout;
+
+ for (i = 0; i < len; ++i)
+ if (buf[i] != expected[i]) {
+ fprintf(stderr, "response byte %d: expected 0x%02x, got 0x%02x\n",
+ i, expected[i], buf[i]);
+ goto errout;
+ }
+
+ free(buf);
+ return 0;
+errout:
+ free(buf);
+ return 1;
+}
+
+/* ---------------- SHA-1 test cases ---------------- */
+
+#define BLOCK_LEN SHA1_BLOCK_BYTES
+#define DIGEST_LEN SHA1_DIGEST_BYTES
+
+/* TC1: Read name and version from SHA-1 core. */
+int TC1(int addr)
+{
+ return 0;
+}
+
+/* TC2: SHA-1 Single block message test as specified by NIST. */
+int TC2(int addr)
+{
+ const uint8_t *block = NIST_512_SINGLE;
+ const uint8_t *expected = SHA1_SINGLE_DIGEST;
+
+ printf("TC2: Single block message test for SHA-1.\n");
+
+ if (addr == 0)
+ addr = I2C_SHA1_ADDR;
+
+ return
+ tc_write(addr, block, BLOCK_LEN) ||
+ tc_expected(expected, DIGEST_LEN);
+}
+
+/* TC3: SHA-1 Double block message test as specified by NIST. */
+int TC3(int addr)
+{
+ const uint8_t *block[2] = { NIST_512_DOUBLE0, NIST_512_DOUBLE1 };
+ const uint8_t *expected = SHA1_DOUBLE_DIGEST;
+
+ printf("TC3: Double block message test for SHA-1.\n");
+
+ if (addr == 0)
+ addr = I2C_SHA1_ADDR;
+
+ return
+ tc_write(addr, block[0], BLOCK_LEN) ||
+ tc_write(addr, block[1], BLOCK_LEN) ||
+ tc_expected(expected, DIGEST_LEN);
+}
+
+/* ---------------- SHA-256 test cases ---------------- */
+
+#undef BLOCK_LEN
+#define BLOCK_LEN SHA256_BLOCK_BYTES
+#undef DIGEST_LEN
+#define DIGEST_LEN SHA256_DIGEST_BYTES
+
+int TC4(int addr)
+{
+ return 0;
+}
+
+/* TC5: SHA-256 Single block message test as specified by NIST. */
+int TC5(int addr)
+{
+ const uint8_t *block = NIST_512_SINGLE;
+ const uint8_t *expected = SHA256_SINGLE_DIGEST;
+
+ printf("TC5: Single block message test for SHA-256.\n");
+
+ if (addr == 0)
+ addr = I2C_SHA256_ADDR;
+
+ return
+ tc_write(addr, block, BLOCK_LEN) ||
+ tc_expected(expected, DIGEST_LEN);
+}
+
+/* TC6: SHA-256 Double block message test as specified by NIST. */
+int TC6(int addr)
+{
+ const uint8_t *block[2] = { NIST_512_DOUBLE0, NIST_512_DOUBLE1 };
+ const uint8_t *expected = SHA256_DOUBLE_DIGEST;
+
+ printf("TC6: Double block message test for SHA-256.\n");
+
+ if (addr == 0)
+ addr = I2C_SHA256_ADDR;
+
+ return
+ tc_write(addr, block[0], BLOCK_LEN) ||
+ tc_write(addr, block[1], BLOCK_LEN) ||
+ tc_expected(expected, DIGEST_LEN);
+}
+
+/* TC7: SHA-256 Huge message test. */
+int TC7(int addr)
+{
+ static const uint8_t block[] =
+ { 0xaa, 0x55, 0xaa, 0x55, 0xde, 0xad, 0xbe, 0xef,
+ 0x55, 0xaa, 0x55, 0xaa, 0xf0, 0x0f, 0xf0, 0x0f,
+ 0xaa, 0x55, 0xaa, 0x55, 0xde, 0xad, 0xbe, 0xef,
+ 0x55, 0xaa, 0x55, 0xaa, 0xf0, 0x0f, 0xf0, 0x0f,
+ 0xaa, 0x55, 0xaa, 0x55, 0xde, 0xad, 0xbe, 0xef,
+ 0x55, 0xaa, 0x55, 0xaa, 0xf0, 0x0f, 0xf0, 0x0f,
+ 0xaa, 0x55, 0xaa, 0x55, 0xde, 0xad, 0xbe, 0xef,
+ 0x55, 0xaa, 0x55, 0xaa, 0xf0, 0x0f, 0xf0, 0x0f };
+
+ /* final digest after 1000 iterations */
+ static const uint8_t expected[] =
+ { 0x76, 0x38, 0xf3, 0xbc, 0x50, 0x0d, 0xd1, 0xa6,
+ 0x58, 0x6d, 0xd4, 0xd0, 0x1a, 0x15, 0x51, 0xaf,
+ 0xd8, 0x21, 0xd2, 0x35, 0x2f, 0x91, 0x9e, 0x28,
+ 0xd5, 0x84, 0x2f, 0xab, 0x03, 0xa4, 0x0f, 0x2a };
+
+ int i, n = 1000;
+
+ printf("TC7: Message with %d blocks test for SHA-256.\n", n);
+
+ if (addr == 0)
+ addr = I2C_SHA256_ADDR;
+
+ /* Write blocks to SHA-256. */
+ for (i = 0; i < n; ++i)
+ if (tc_write(addr, block, BLOCK_LEN) != 0)
+ return 1;
+
+ /* Extract the final digest. */
+ return tc_expected(expected, DIGEST_LEN);
+}
+
+/* ---------------- SHA-512 test cases ---------------- */
+
+#undef BLOCK_LEN
+#define BLOCK_LEN SHA512_BLOCK_BYTES
+
+/* TC8: Read name and version from SHA-512 core. */
+int TC8(int addr)
+{
+ return 0;
+}
+
+/* TC9: SHA-512 Single block message test as specified by NIST.
+ We do this for all modes. */
+int tc9(int addr, const uint8_t *expected, int digest_len)
+{
+ const uint8_t *block = NIST_1024_SINGLE;
+
+ return
+ tc_write(addr, block, BLOCK_LEN) ||
+ tc_expected(expected, digest_len);
+}
+
+int TC9(int addr)
+{
+ if (addr == 0)
+ addr = I2C_SHA512_ADDR;
+
+ printf("TC9-1: Single block message test for SHA-512/224.\n");
+ if (tc9(addr + MODE_SHA_512_224, SHA512_224_SINGLE_DIGEST,
+ sizeof(SHA512_224_SINGLE_DIGEST)) != 0)
+ return 1;
+
+ printf("TC9-2: Single block message test for SHA-512/256.\n");
+ if (tc9(addr + MODE_SHA_512_256, SHA512_256_SINGLE_DIGEST,
+ sizeof(SHA512_256_SINGLE_DIGEST)) != 0)
+ return 1;
+
+ printf("TC9-3: Single block message test for SHA-384.\n");
+ if (tc9(addr + MODE_SHA_384, SHA384_SINGLE_DIGEST,
+ sizeof(SHA384_SINGLE_DIGEST)) != 0)
+ return 1;
+
+ printf("TC9-4: Single block message test for SHA-512.\n");
+ if (tc9(addr + MODE_SHA_512, SHA512_SINGLE_DIGEST,
+ sizeof(SHA512_SINGLE_DIGEST)) != 0)
+ return 1;
+
+ return 0;
+}
+
+/* TC10: SHA-512 Double block message test as specified by NIST.
+ We do this for all modes. */
+int tc10(int addr, const uint8_t *expected, int digest_len)
+{
+ const uint8_t *block[2] = { NIST_1024_DOUBLE0, NIST_1024_DOUBLE1 };
+
+ return
+ tc_write(addr, block[0], BLOCK_LEN) ||
+ tc_write(addr, block[1], BLOCK_LEN) ||
+ tc_expected(expected, digest_len);
+}
+
+int TC10(int addr)
+{
+ if (addr == 0)
+ addr = I2C_SHA512_ADDR;
+
+ printf("TC10-1: Double block message test for SHA-512/224.\n");
+ if (tc10(addr + MODE_SHA_512_224, SHA512_224_DOUBLE_DIGEST,
+ sizeof(SHA512_224_DOUBLE_DIGEST)) != 0)
+ return 1;
+
+ printf("TC10-2: Double block message test for SHA-512/256.\n");
+ if (tc10(addr + MODE_SHA_512_256, SHA512_256_DOUBLE_DIGEST,
+ sizeof(SHA512_256_DOUBLE_DIGEST)) != 0)
+ return 1;
+
+ printf("TC10-3: Double block message test for SHA-384.\n");
+ if (tc10(addr + MODE_SHA_384, SHA384_DOUBLE_DIGEST,
+ sizeof(SHA384_DOUBLE_DIGEST)) != 0)
+ return 1;
+
+ printf("TC10-4: Double block message test for SHA-512.\n");
+ if (tc10(addr + MODE_SHA_512, SHA512_DOUBLE_DIGEST,
+ sizeof(SHA512_DOUBLE_DIGEST)) != 0)
+ return 1;
+
+ return 0;
+}
+
+/* ---------------- main ---------------- */
+
+int main(int argc, char *argv[])
+{
+ typedef int (*tcfp)(int);
+ tcfp all_tests[] = { TC1, TC2, TC3, TC4, TC5, TC6, TC7, TC9, TC10
+ };
+ tcfp sha1_tests[] = { TC1, TC2, TC3 };
+ tcfp sha256_tests[] = { TC4, TC5, TC6, TC7 };
+ tcfp sha512_tests[] = { TC9, TC10 };
+
+ char *usage = "Usage: %s [-h] [-d] [-i I2C_device] [-a I2C_addr] tc...\n";
+ char *dev = I2C_DEV;
+ int addr = 0;
+ int i, j, opt;
+
+ while ((opt = getopt(argc, argv, "h?di:a:")) != -1) {
+ switch (opt) {
+ case 'h':
+ case '?':
+ printf(usage, argv[0]);
+ return 0;
+ case 'd':
+ debug = 1;
+ break;
+ case 'i':
+ dev = optarg;
+ break;
+ case 'a':
+ addr = (int)strtol(optarg, NULL, 0);
+ if ((addr < 0x03) || (addr > 0x77)) {
+ fprintf(stderr, "addr must be between 0x03 and 0x77\n");
+ return 1;
+ }
+ break;
+ default:
+ fprintf(stderr, usage, argv[0]);
+ return 1;
+ }
+ }
+
+ if (i2c_open(dev) != 0)
+ return 1;
+
+ /* no args == run all tests */
+ if (optind >= argc) {
+ for (j = 0; j < sizeof(all_tests)/sizeof(all_tests[0]); ++j)
+ if (all_tests[j](addr) != 0)
+ return 1;
+ return 0;
+ }
+
+ for (i = optind; i < argc; ++i) {
+ if (strcmp(argv[i], "sha1") == 0) {
+ for (j = 0; j < sizeof(sha1_tests)/sizeof(sha1_tests[0]); ++j)
+ if (sha1_tests[j](addr) != 0)
+ return 1;
+ }
+ else if (strcmp(argv[i], "sha256") == 0) {
+ for (j = 0; j < sizeof(sha256_tests)/sizeof(sha256_tests[0]); ++j)
+ if (sha256_tests[j](addr) != 0)
+ return 1;
+ }
+ else if (strcmp(argv[i], "sha512") == 0) {
+ for (j = 0; j < sizeof(sha512_tests)/sizeof(sha512_tests[0]); ++j)
+ if (sha512_tests[j](addr) != 0)
+ return 1;
+ }
+ else if (strcmp(argv[i], "all") == 0) {
+ for (j = 0; j < sizeof(all_tests)/sizeof(all_tests[0]); ++j)
+ if (all_tests[j](addr) != 0)
+ return 1;
+ }
+ else if (isdigit(argv[i][0]) &&
+ (((j = atoi(argv[i])) > 0) &&
+ (j <= sizeof(all_tests)/sizeof(all_tests[0])))) {
+ if (all_tests[j - 1](addr) != 0)
+ return 1;
+ }
+ else {
+ fprintf(stderr, "unknown test case %s\n", argv[i]);
+ return 1;
+ }
+ }
+
+ return 0;
+}