/*
* Wrapper for x509 hashes.
*/
static void x509_hash( const unsigned char *in, size_t len, int alg,
unsigned char *out )
{
switch( alg )
{
#if defined(POLARSSL_MD2_C)
case SIG_RSA_MD2 : md2( in, len, out ); break;
#endif
#if defined(POLARSSL_MD4_C)
case SIG_RSA_MD4 : md4( in, len, out ); break;
#endif
#if defined(POLARSSL_MD5_C)
case SIG_RSA_MD5 : md5( in, len, out ); break;
#endif
#if defined(POLARSSL_SHA1_C)
case SIG_RSA_SHA1 : sha1( in, len, out ); break;
#endif
#if defined(POLARSSL_SHA2_C)
case SIG_RSA_SHA224 : sha2( in, len, out, 1 ); break;
case SIG_RSA_SHA256 : sha2( in, len, out, 0 ); break;
#endif
#if defined(POLARSSL_SHA4_C)
case SIG_RSA_SHA384 : sha4( in, len, out, 1 ); break;
case SIG_RSA_SHA512 : sha4( in, len, out, 0 ); break;
#endif
default:
memset( out, '\xFF', 64 );
break;
}
}
/* Changes the encryption level of the drive.
If encrypt is true: encrypt drive, else decrypt */
uint8_t sd_change_encryption(uint8_t slot, bool encrypt, bool change_key, uint8_t *old_passwd, uint8_t *new_passwd)
{
sd_mmc_err_t err;
uint32_t i, nb_blocks;
encrypt_config_t *config_ptr = NULL;
security_get_config(&config_ptr);
if ((encrypt == config_ptr->encryption_level) && !change_key)
return CTRL_GOOD;
if (change_key) {
sha2(old_passwd, MAX_PASS_LENGTH, old_hash_cipher_key, 0);
sha2(new_passwd, MAX_PASS_LENGTH, new_hash_cipher_key, 0);
}
if (old_hash_cipher_key == new_hash_cipher_key)
return CTRL_GOOD;
do {
err = sd_mmc_check(slot);
if ((SD_MMC_ERR_NO_CARD != err)
&& (SD_MMC_INIT_ONGOING != err)
&& (SD_MMC_OK != err)) {
while (SD_MMC_ERR_NO_CARD != sd_mmc_check(slot)) {
}
}
} while (SD_MMC_OK != err);
nb_blocks = sd_mmc_get_capacity(slot) * (1024 / SD_MMC_BLOCK_SIZE);
for (i = 0; i < nb_blocks / SD_BLOCKS_PER_ACCESS; ++i) {
if (SD_MMC_OK != sd_mmc_init_read_blocks(slot, i, SD_BLOCKS_PER_ACCESS))
return CTRL_FAIL;
if (SD_MMC_OK != sd_mmc_start_read_blocks(src_buf, SD_BLOCKS_PER_ACCESS))
return CTRL_FAIL;
if (SD_MMC_OK != sd_mmc_wait_end_of_read_blocks())
return CTRL_FAIL;
aes_set_key(&AVR32_AES, (unsigned int *)old_hash_cipher_key);
ram_aes_ram(change_key ? false : encrypt, SD_MMC_BLOCK_SIZE * SD_BLOCKS_PER_ACCESS / sizeof(unsigned int), (unsigned int *)src_buf, (unsigned int *)dest_buf);
if (change_key) {
aes_set_key(&AVR32_AES, (unsigned int *)new_hash_cipher_key);
ram_aes_ram(true, SD_MMC_BLOCK_SIZE * SD_BLOCKS_PER_ACCESS / sizeof(unsigned int), (unsigned int *)dest_buf, (unsigned int *)src_buf);
}
if (SD_MMC_OK != sd_mmc_init_write_blocks(slot, i, SD_BLOCKS_PER_ACCESS))
return CTRL_FAIL;
if (SD_MMC_OK != sd_mmc_start_write_blocks(src_buf, SD_BLOCKS_PER_ACCESS))
return CTRL_FAIL;
if (SD_MMC_OK != sd_mmc_wait_end_of_write_blocks())
return CTRL_FAIL;
}
return CTRL_GOOD;
}
void ShaCalc(void *data, u64 size, u8 *hash, int mode)
{
switch(mode){
case(CTR_SHA_1): sha1((u8*)data, size, hash); break;
case(CTR_SHA_256): sha2((u8*)data, size, hash, 0); break;
}
}
bool Config::checkChallengeAuth(const char *response, const char *challenge)
{
size_t challengeLength = strlen(challenge);
size_t authHashLength = this->authHash.length();
size_t authPlusChallengeSize = authHashLength + challengeLength;
char* authPlusChallenge = (char*)malloc(authPlusChallengeSize);
/* concat authHash and challenge string */
memcpy(authPlusChallenge, this->authHash.c_str(), authHashLength);
memcpy(authPlusChallenge + authHashLength, challenge, challengeLength);
unsigned char respHash[32];
unsigned char respHash64[64];
size_t respHash64Size = 64;
/* hash concatenated authHash and string and base 64 encode */
sha2((unsigned char *)authPlusChallenge, authPlusChallengeSize, respHash, 0);
base64_encode(respHash64, &respHash64Size, respHash, 32);
respHash64[respHash64Size] = 0;
free(authPlusChallenge);
/* compare against response */
return strcmp((char*)respHash64, response) == 0;
}
int
cryDes3Decrypt(const char *sKey, int iKeyLen,
const char *sInBuf, int iInLen, char *sOutBuf, int *piOutLen)
{
unsigned char sHash[32];
unsigned char *pIV = sHash + 24;
des3_context tCtx;
if (iInLen % 8 || *piOutLen < iInLen) {
return -1;
}
*piOutLen = iInLen;
sha2((const unsigned char *)sKey, iKeyLen, sHash, 0);
des3_set3key_dec(&tCtx, sHash);
if (des3_crypt_cbc(&tCtx, DES_DECRYPT, iInLen, pIV,
(const unsigned char *)sInBuf,
(unsigned char *)sOutBuf) != 0) {
return -2;
}
return 0;
}
uint Sha::GetDigest(void* digest,const void* data,uint len,SHA_BITS bits){
if(bits==sha_160){
sha1((byte*)data,len,(byte*)digest);
}else if(bits==sha_224){
sha2((byte*)data,len,(byte*)digest,1);
}else if(bits==sha_256){
sha2((byte*)data,len,(byte*)digest,0);
}else if(bits==sha_384){
sha4((byte*)data,len,(byte*)digest,1);
}else if(bits==sha_512){
sha4((byte*)data,len,(byte*)digest,0);
}else{
_ASSERT(0);
return 0;
}
return bits;
}
int main()
{
u8 *buf = NULL;
FILE *f = fopen("content.bin","rb");
if(!f)
{
puts("Could not open content.bin!");
goto end;
}
fseek(f,0,SEEK_END);
size_t fsize = ftell(f);
fseek(f,0,SEEK_SET);
buf = malloc(fsize);
if(!buf)
{
printf("Unable to allocate %i bytes for content!\n",fsize);
goto end;
}
fread(buf,fsize,1,f);
fclose(f);
if(memcmp(buf+0x100,"NCCH",4) != 0)
{
puts("Content is not a NCCH!");
goto end;
}
else if((*(buf+0x18F) & 4) == 0)
{
puts("Content is encrypted, please decrypt it with Decrypt9WIP!");
goto end;
}
size_t exefspos = *(u32*)(buf+0x1A0)*0x200;
size_t exefssize = *(u32*)(buf+0x1A4)*0x200;
size_t exefsHashSize = *(u32*)(buf+0x1A8)*0x200;
printf("ExeFS Pos:%x,Size:%x,Hash Size:%x\n",exefspos,exefssize, exefsHashSize);
u8 verSha[0x20];
sha2(buf+exefspos,exefsHashSize,verSha,0);
if(memcmp(verSha,buf+0x1C0, 0x20) == 0)
puts("SHA2 of ExeFS is valid!");
else
puts("WARNING:Invalid ExeFS SHA2!");
f = fopen("exefs.bin","wb");
if(!f)
{
puts("Could not open exefs.bin!");
goto end;
}
fwrite(buf+exefspos,exefssize,1,f);
fclose(f);
puts("Wrote exefs.bin");
end:
if(f) fclose(f);
if(buf) free(buf);
return 0;
}
static uint32_t ztex_checkNonce(struct work *work, uint32_t nonce)
{
uint32_t *data32 = (uint32_t *)(work->data);
unsigned char swap[80];
uint32_t *swap32 = (uint32_t *)swap;
unsigned char hash1[32];
unsigned char hash2[32];
uint32_t *hash2_32 = (uint32_t *)hash2;
int i;
swap32[76/4] = htonl(nonce);
for (i = 0; i < 76 / 4; i++)
swap32[i] = swab32(data32[i]);
sha2(swap, 80, hash1);
sha2(hash1, 32, hash2);
return htonl(hash2_32[7]);
}
void ServerThread::registerNewClient(MessageEnvelop &e)
{
if(database->existsUser(e.getName().toStdString()))
{
sendError("The Username already exists M'kay, pick another one M'kay");
emit error(this->s->error());
return;
}
std::ifstream rand("/dev/urandom",std::ios::binary);
char * newSalt = new char[8];
rand.read(newSalt, 8);
rand.close();
char * corrSalt = getAscii85(newSalt, 8);
delete[] newSalt;
std::string s(e.getPassword().toStdString()), qCorrSalt(corrSalt);
s = s + qCorrSalt;
free(corrSalt);
unsigned char hash[32];
char *printableHash;
sha2((unsigned char *) s.c_str(), s.length(), hash, 0);
printableHash = getAscii85((char*) hash, 32);
QString pass(printableHash), Qsalt(qCorrSalt.c_str());
try
{
database->insertUser(e.getName().toStdString(), pass.toStdString(),
Qsalt.toStdString());
}
catch(SqlConnection::SqlException e)
{
sendError("The user was not added");
emit error(this->s->error());
return;
}
QByteArray b;
QDataStream outStr(&b, QIODevice::WriteOnly);
MessageEnvelop ret(REGISTER_APROOVED);
isInitialized = false;
outStr << ret;
this->s->write(b);
}
int ctr_sha_256_verify( const u8* data,
u32 size,
const u8 checkhash[0x20] )
{
u8 hash[0x20];
sha2(data, size, hash, 0);
if (memcmp(hash, checkhash, 0x20) == 0)
return Good;
else
return Fail;
}
int main()
{
u8 *buf = NULL;
FILE *f = fopen("exefs.bin","rb");
if(!f)
{
puts("Could not open exefs.bin!");
goto end;
}
fseek(f,0,SEEK_END);
size_t fsize = ftell(f);
buf = malloc(fsize);
if(!buf)
{
printf("Unable to allocate %i bytes for exefs!\n",fsize);
goto end;
}
fseek(f,0,SEEK_SET);
fread(buf,fsize,1,f);
fclose(f);
mkdir("exefs");
int i;
u8 verSha[0x20];
for(i = 0; i < 0x10; i++)
{
if(*(buf+(i*0x10)) == 0)
break;
u32 thisdatapos = *(u32*)(buf+(i*0x10)+0x8)+0x200;
u32 thisdatasize = *(u32*)(buf+(i*0x10)+0xC);
sha2(buf+thisdatapos,thisdatasize,verSha,0);
if(memcmp(verSha,buf+0x1E0-(i*0x20), 0x20) == 0)
printf("SHA2 of %s is valid!\n",buf+(i*0x10));
else
printf("WARNING:SHA2 of %s is invalid!\n",buf+(i*0x10));
char name[32];
sprintf(name,"exefs/%s",buf+(i*0x10));
f = fopen(name,"wb");
if(!f)
{
printf("Unable to write %s!\n",name);
goto end;
}
fwrite(buf+thisdatapos,thisdatasize,1,f);
fclose(f);
printf("Wrote %s\n",name);
}
end:
if(buf) free(buf);
if(f) fclose(f);
return 0;
}
/**
* @brief SHA256 wrapper
* @param[in] input Input data buffer
* @param[in] inputLength Input data length in bytes
* @param[in] hmacLength Length of output required in bytes, SHA256 output is truncated to the hashLength left bytes. 32 bytes maximum
* @param[out] output Output data buffer.
*
*/
void bctbx_sha256(const uint8_t *input,
size_t inputLength,
uint8_t hashLength,
uint8_t *output)
{
uint8_t hashOutput[32];
sha2(input, inputLength, hashOutput, 0); /* last param to zero to select SHA256 and not SHA224 */
/* check output length, can't be>32 */
if (hashLength>32) {
memcpy(output, hashOutput, 32);
} else {
memcpy(output, hashOutput, hashLength);
}
}
int
cryDes3Encrypt(const char *sKey, int iKeyLen,
const char *sInBuf, int iInLen, char *sOutBuf, int *piOutLen)
{
unsigned char sHash[32];
unsigned char *pIV = sHash + 24;
des3_context tCtx;
int iLast;
iLast = iInLen % 8;
if (iLast) {
iInLen -= iLast;
if (*piOutLen < iInLen + 8) {
return -1;
}
*piOutLen = iInLen + 8;
} else {
if (*piOutLen < iInLen) {
return -2;
}
*piOutLen = iInLen;
}
sha2((const unsigned char *)sKey, iKeyLen, sHash, 0);
des3_set3key_enc(&tCtx, sHash);
if (des3_crypt_cbc(&tCtx, DES_ENCRYPT, iInLen, pIV,
(const unsigned char *)sInBuf,
(unsigned char *)sOutBuf) != 0) {
return -3;
}
if (iLast) {
memcpy(sOutBuf + iInLen, sInBuf + iInLen, iLast);
memset(sOutBuf + iInLen + iLast, 0, 8 - iLast);
if (des3_crypt_cbc(&tCtx, DES_ENCRYPT, 8, pIV,
(const unsigned char *)sOutBuf + iInLen,
(unsigned char *)sOutBuf + iInLen) != 0) {
return -4;
}
}
return 0;
}
/*
* For key auth we use a sha2 hash from client IP and secret passphrase,
* this function check if client key hash match
*/
int check_key(char *packet, unsigned short hdr_len)
{
struct ip *ip_h;
char *client_key_hash;
unsigned char key_hash[SHA256_HASH_LEN];
char key_buffer[KEY_BUFF_LEN + 1];
ip_h = (struct ip*) (packet);
snprintf(key_buffer, KEY_BUFF_LEN,"%s %s",filter.passphrase, inet_ntoa(ip_h->ip_src));
sha2(key_buffer, strlen(key_buffer), key_hash, 0);
client_key_hash = packet + hdr_len;
if (memcmp(client_key_hash, key_hash, SHA256_HASH_LEN) == 0) {
return OK;
}
return ERROR;
}
void Config::setAuth(bool _useAuth, const char *pass)
{
size_t passLength = strlen(pass);
this->useAuth = _useAuth;
if(useAuth)
{
unsigned char salt[32];
unsigned char salt64[64];
size_t salt64Size = 64;
havege_random((void*)&(this->havegeState), salt, 32);
base64_encode(salt64, &salt64Size, salt, 32);
salt64[salt64Size] = 0;
int saltPlusPassSize = salt64Size + passLength;
char* saltPlusPass = (char*)malloc(saltPlusPassSize);
memcpy(saltPlusPass, pass, passLength);
memcpy(saltPlusPass + passLength, salt64, salt64Size);
unsigned char passHash[32];
unsigned char passHash64[64];
size_t passHash64Size = 64;
sha2((unsigned char *)saltPlusPass, saltPlusPassSize, passHash, 0);
zero(saltPlusPass, saltPlusPassSize);
free(saltPlusPass);
base64_encode(passHash64, &passHash64Size, passHash, 32);
passHash64[passHash64Size] = 0;
this->authHash = (char *)passHash64;
this->authSalt = (char *)salt64;
}
}
int fuser_add_user(hashmap *users, const char *name, const char *password)
{
if (users == NULL || name == NULL || password == NULL) return 0;
size_t nlen = strlen(name);
if (nlen > MAX_USERNAME) return 0;
size_t plen = strlen(password);
if (nlen == 0 || plen == 0) return 0;
fuser_t *user = malloc(sizeof(*user));
if (user == NULL) return 0;
int i;
for (i = 0; i < nlen; i++) {
user->username[i] = name[i];
}
user->name_len = nlen;
sha2((uint8_t *)password, plen, user->key, 0);
return hashmap_put(users, user->username, nlen, user);
}
static foreign_t
pl_sha_hash(term_t from, term_t hash, term_t options)
{ char *data;
size_t datalen;
optval opts;
unsigned char hval[SHA2_MAX_DIGEST_SIZE];
if ( !sha_options(options, &opts) )
return FALSE;
if ( !PL_get_nchars(from, &datalen, &data,
CVT_ATOM|CVT_STRING|CVT_LIST|CVT_EXCEPTION) )
return FALSE;
if ( opts.algorithm == ALGORITHM_SHA1 )
{ sha1((unsigned char*)hval,
(unsigned char*)data, (unsigned long)datalen);
} else
{ sha2((unsigned char*)hval, (unsigned long) opts.digest_size,
(unsigned char*)data, (unsigned long)datalen);
}
return PL_unify_list_ncodes(hash, opts.digest_size, (char*)hval);
}
bool ServerThread::verify(const QString & name, const QString & password)
{
if(!database->existsUser(name.toStdString()))
{
return false;
}
auto info = database->getUserByName(name.toStdString());
QString s(password);
s = s + info.getSalt();
unsigned char hash[32];
sha2((unsigned char*) s.toUtf8().constData(), s.length(), hash, 0);
char * base = getAscii85((char*) hash, 32);
QString hashed(base);
free(base);
if(hashed != info.getPass())
{
return false;
}
return true;
}
int main( void )
{
int keysize;
unsigned long i, j, tsc;
unsigned char tmp[64];
t_cpu_time timer;
/* Keep compiler happy */
UNUSED(keysize);
UNUSED(i);
UNUSED(j);
UNUSED(tsc);
UNUSED(tmp[0]);
UNUSED(timer);
// USART options.
static usart_serial_options_t USART_SERIAL_OPTIONS =
{
.baudrate = USART_SERIAL_EXAMPLE_BAUDRATE,
.charlength = USART_SERIAL_CHAR_LENGTH,
.paritytype = USART_SERIAL_PARITY,
.stopbits = USART_SERIAL_STOP_BIT
};
sysclk_init();
// Initialize the board.
// The board-specific conf_board.h file contains the configuration of the board
// initialization.
board_init();
// Initialize Serial Interface using Stdio Library
stdio_serial_init(USART_SERIAL_EXAMPLE,&USART_SERIAL_OPTIONS);
printf( "Start Benchmark\n");
#if defined(POLARSSL_ARC4_C)
arc4_context arc4;
#endif
#if defined(POLARSSL_DES_C)
des3_context des3;
des_context des;
#endif
#if defined(POLARSSL_AES_C)
aes_context aes;
#endif
#if defined(POLARSSL_CAMELLIA_C)
camellia_context camellia;
#endif
#if defined(POLARSSL_RSA_C)
rsa_context rsa;
#endif
memset( buf, 0xAA, sizeof( buf ) );
printf( "\n" );
#if defined(POLARSSL_MD4_C)
printf( " MD4 : " );
fflush( stdout );
cpu_set_timeout(cpu_ms_2_cy(1000, CPU_HZ),&timer);
for( i = 1; !cpu_is_timeout(&timer); i++ )
md4( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
md4( buf, BUFSIZE, tmp );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_MD5_C)
printf( " MD5 : " );
fflush( stdout );
cpu_set_timeout(cpu_ms_2_cy(1000, CPU_HZ),&timer);
for( i = 1; !cpu_is_timeout(&timer); i++ )
md5( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
md5( buf, BUFSIZE, tmp );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_SHA1_C)
printf( " SHA-1 : " );
fflush( stdout );
cpu_set_timeout(cpu_ms_2_cy(1000, CPU_HZ),&timer);
for( i = 1; !cpu_is_timeout(&timer); i++ )
sha1( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
sha1( buf, BUFSIZE, tmp );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_SHA2_C)
printf( " SHA-256 : " );
fflush( stdout );
cpu_set_timeout(cpu_ms_2_cy(1000, CPU_HZ),&timer);
for( i = 1; !cpu_is_timeout(&timer); i++ )
sha2( buf, BUFSIZE, tmp, 0 );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
sha2( buf, BUFSIZE, tmp, 0 );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_SHA4_C)
printf( " SHA-512 : " );
fflush( stdout );
cpu_set_timeout(cpu_ms_2_cy(1000, CPU_HZ),&timer);
for( i = 1; !cpu_is_timeout(&timer); i++ )
sha4( buf, BUFSIZE, tmp, 0 );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
sha4( buf, BUFSIZE, tmp, 0 );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_ARC4_C)
printf( " ARC4 : " );
fflush( stdout );
arc4_setup( &arc4, tmp, 32 );
cpu_set_timeout(cpu_ms_2_cy(1000, CPU_HZ),&timer);
for( i = 1; !cpu_is_timeout(&timer); i++ )
arc4_crypt( &arc4, BUFSIZE, buf, buf );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
arc4_crypt( &arc4, BUFSIZE, buf, buf );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_DES_C)
printf( " 3DES : " );
fflush( stdout );
des3_set3key_enc( &des3, tmp );
cpu_set_timeout(cpu_ms_2_cy(1000, CPU_HZ),&timer);
for( i = 1; !cpu_is_timeout(&timer); i++ )
des3_crypt_cbc( &des3, DES_ENCRYPT, BUFSIZE, tmp, buf, buf );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
des3_crypt_cbc( &des3, DES_ENCRYPT, BUFSIZE, tmp, buf, buf );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
printf( " DES : " );
fflush( stdout );
des_setkey_enc( &des, tmp );
cpu_set_timeout(cpu_ms_2_cy(1000, CPU_HZ),&timer);
for( i = 1; !cpu_is_timeout(&timer); i++ )
des_crypt_cbc( &des, DES_ENCRYPT, BUFSIZE, tmp, buf, buf );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
des_crypt_cbc( &des, DES_ENCRYPT, BUFSIZE, tmp, buf, buf );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_AES_C)
for( keysize = 128; keysize <= 256; keysize += 64 )
{
printf( " AES-%d : ", keysize );
fflush( stdout );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
aes_setkey_enc( &aes, tmp, keysize );
cpu_set_timeout(cpu_ms_2_cy(1000, CPU_HZ),&timer);
for( i = 1; !cpu_is_timeout(&timer); i++ )
aes_crypt_cbc( &aes, AES_ENCRYPT, BUFSIZE, tmp, buf, buf );
tsc = hardclock();
for( j = 0; j < 4096; j++ )
aes_crypt_cbc( &aes, AES_ENCRYPT, BUFSIZE, tmp, buf, buf );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
}
#endif
#if defined(POLARSSL_CAMELLIA_C)
for( keysize = 128; keysize <= 256; keysize += 64 )
{
printf( " CAMELLIA-%d : ", keysize );
fflush( stdout );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
camellia_setkey_enc( &camellia, tmp, keysize );
cpu_set_timeout(cpu_ms_2_cy(1000, CPU_HZ),&timer);
for( i = 1; !cpu_is_timeout(&timer); i++ )
camellia_crypt_cbc( &camellia, CAMELLIA_ENCRYPT, BUFSIZE, tmp, buf, buf );
tsc = hardclock();
for( j = 0; j < 4096; j++ )
camellia_crypt_cbc( &camellia, CAMELLIA_ENCRYPT, BUFSIZE, tmp, buf, buf );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
}
#endif
#if defined(POLARSSL_RSA_C)
rsa_init( &rsa, RSA_PKCS_V15, 0 );
rsa_gen_key( &rsa, myrand, NULL, 1024, 65537 );
printf( " RSA-1024 : " );
fflush( stdout );
cpu_set_timeout(cpu_ms_2_cy(3000, CPU_HZ),&timer);
for( i = 1; !cpu_is_timeout(&timer); i++ )
{
buf[0] = 0;
rsa_public( &rsa, buf, buf );
}
printf( "%9lu public/s\n", i / 3 );
printf( " RSA-1024 : " );
fflush( stdout );
cpu_set_timeout(cpu_ms_2_cy(3000, CPU_HZ),&timer);
for( i = 1; !cpu_is_timeout(&timer); i++ )
{
buf[0] = 0;
rsa_private( &rsa, buf, buf );
}
printf( "%9lu private/s\n", i / 3 );
rsa_free( &rsa );
rsa_init( &rsa, RSA_PKCS_V15, 0 );
rsa_gen_key( &rsa, myrand, NULL, 2048, 65537 );
printf( " RSA-2048 : " );
fflush( stdout );
cpu_set_timeout(cpu_ms_2_cy(3000, CPU_HZ),&timer);
for( i = 1; !cpu_is_timeout(&timer); i++ )
{
buf[0] = 0;
rsa_public( &rsa, buf, buf );
}
printf( "%9lu public/s\n", i / 3 );
printf( " RSA-2048 : " );
fflush( stdout );
cpu_set_timeout(cpu_ms_2_cy(3000, CPU_HZ),&timer);
for( i = 1; ! cpu_is_timeout(&timer); i++ )
{
buf[0] = 0;
rsa_private( &rsa, buf, buf );
}
printf( "%9lu private/s\n", i / 3 );
rsa_free( &rsa );
rsa_init( &rsa, RSA_PKCS_V15, 0 );
rsa_gen_key( &rsa, myrand, NULL, 4096, 65537 );
printf( " RSA-4096 : " );
fflush( stdout );
cpu_set_timeout(cpu_ms_2_cy(3000, CPU_HZ),&timer);
for( i = 1; !cpu_is_timeout(&timer); i++ )
{
buf[0] = 0;
rsa_public( &rsa, buf, buf );
}
printf( "%9lu public/s\n", i / 3 );
printf( " RSA-4096 : " );
fflush( stdout );
cpu_set_timeout(cpu_ms_2_cy(3000, CPU_HZ),&timer);
for( i = 1; ! cpu_is_timeout(&timer); i++ )
{
buf[0] = 0;
rsa_private( &rsa, buf, buf );
}
printf( "%9lu private/s\n", i / 3 );
rsa_free( &rsa );
#endif
printf( "\n" );
#ifdef WIN32
printf( " Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
return( 0 );
}
int protect_buffer(unsigned char **output, int *output_len,
unsigned char *input, int input_len,
char *password,
unsigned char *salt, int salt_len,
unsigned int iterations)
{
int i, pad_len, ret;
unsigned char k_m[32];
unsigned char k_c[32];
unsigned char k_i[32];
unsigned char tmp_1[36];
unsigned char *input_padd;
unsigned char *cipher;
aes_context aes_ctx;
/* *** Init *** */
i = 0;
pad_len = 0;
ret = 1;
input_padd = NULL;
cipher = NULL;
/* *** Deriv password to MasterKey *** */
ret = deriv_passwd(k_m, password, salt, salt_len, iterations);
if(ret != 0) {
fprintf(stderr, "error: deriv_passwd failed\n");
return 1;
}
/* *** Deriv MasterKey to CipherKey / IntegrityKey *** */
i = 0;
memcpy(tmp_1, k_m, 32);
memcpy(tmp_1+32, &i, sizeof(int));
sha2(tmp_1, 36, k_c, 0);
i ++;
memcpy(tmp_1, k_m, 32);
memcpy(tmp_1+32, &i, sizeof(int));
sha2(tmp_1, 36, k_i, 0);
/* *** Padding *** */
pad_len = 16 - (input_len % 16);
input_padd = (unsigned char *) malloc((input_len + pad_len) *
sizeof(char));
if(input_padd == NULL) {
fprintf(stderr, "error : memory allocation failed\n");
ret = 1;
goto cleanup;
}
cipher = (unsigned char *)malloc((input_len + pad_len + 32) *
sizeof(char));
if(cipher == NULL) {
fprintf(stderr, "error : memory allocation failed\n");
ret = 1;
goto cleanup;
}
memcpy(input_padd, input, input_len);
memcpy(input_padd+input_len, padding, pad_len);
/* *** Chiffrement *** */
ret = aes_setkey_enc(&aes_ctx, k_c, 256);
if(ret != 0) {
fprintf(stderr, "error : aes_setkey_enc failed\n");
ret = 1;
goto cleanup;
}
ret = aes_crypt_cbc(&aes_ctx, AES_ENCRYPT, (size_t)
(input_len + pad_len), iv, input_padd, cipher);
if(ret != 0) {
fprintf(stderr, "error : aes_crypt_cbc failed\n");
ret = 1;
goto cleanup;
}
/* *** Ajout du controle d'integrite *** */
sha2_hmac(k_i, 32, cipher, input_len + pad_len, cipher +
input_len + pad_len, 0);
*output = cipher;
*output_len = input_len + pad_len + 32;
ret = 0;
cleanup:
if(input_padd != NULL) {
memset(input_padd, 0x00, input_len + pad_len);
free(input_padd);
}
memset(&aes_ctx, 0x00, sizeof(aes_context));
memset(k_m, 0x00, 32);
memset(k_c, 0x00, 32);
memset(k_i, 0x00, 32);
memset(tmp_1, 0x00, 36);
pad_len = 0;
i = 0;
return ret;
}
int main( int argc, char *argv[] )
{
int keysize;
unsigned long i, j, tsc;
unsigned char tmp[64];
#if defined(POLARSSL_ARC4_C)
arc4_context arc4;
#endif
#if defined(POLARSSL_DES_C)
des3_context des3;
des_context des;
#endif
#if defined(POLARSSL_AES_C)
aes_context aes;
#endif
#if defined(POLARSSL_CAMELLIA_C)
camellia_context camellia;
#endif
#if defined(POLARSSL_RSA_C) && defined(POLARSSL_BIGNUM_C) && \
defined(POLARSSL_GENPRIME)
rsa_context rsa;
#endif
#if defined(POLARSSL_HAVEGE_C)
havege_state hs;
#endif
#if defined(POLARSSL_CTR_DRBG_C)
ctr_drbg_context ctr_drbg;
#endif
((void) argc);
((void) argv);
memset( buf, 0xAA, sizeof( buf ) );
printf( "\n" );
#if defined(POLARSSL_MD4_C)
printf( HEADER_FORMAT, "MD4" );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
md4( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
md4( buf, BUFSIZE, tmp );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_MD5_C)
printf( HEADER_FORMAT, "MD5" );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
md5( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
md5( buf, BUFSIZE, tmp );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_SHA1_C)
printf( HEADER_FORMAT, "SHA-1" );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
sha1( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
sha1( buf, BUFSIZE, tmp );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_SHA2_C)
printf( HEADER_FORMAT, "SHA-256" );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
sha2( buf, BUFSIZE, tmp, 0 );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
sha2( buf, BUFSIZE, tmp, 0 );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_SHA4_C)
printf( HEADER_FORMAT, "SHA-512" );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
sha4( buf, BUFSIZE, tmp, 0 );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
sha4( buf, BUFSIZE, tmp, 0 );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_ARC4_C)
printf( HEADER_FORMAT, "ARC4" );
fflush( stdout );
arc4_setup( &arc4, tmp, 32 );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
arc4_crypt( &arc4, BUFSIZE, buf, buf );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
arc4_crypt( &arc4, BUFSIZE, buf, buf );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_DES_C)
printf( HEADER_FORMAT, "3DES" );
fflush( stdout );
des3_set3key_enc( &des3, tmp );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
des3_crypt_cbc( &des3, DES_ENCRYPT, BUFSIZE, tmp, buf, buf );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
des3_crypt_cbc( &des3, DES_ENCRYPT, BUFSIZE, tmp, buf, buf );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
printf( HEADER_FORMAT, "DES" );
fflush( stdout );
des_setkey_enc( &des, tmp );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
des_crypt_cbc( &des, DES_ENCRYPT, BUFSIZE, tmp, buf, buf );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
des_crypt_cbc( &des, DES_ENCRYPT, BUFSIZE, tmp, buf, buf );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_AES_C)
for( keysize = 128; keysize <= 256; keysize += 64 )
{
printf( " AES-%d : ", keysize );
fflush( stdout );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
aes_setkey_enc( &aes, tmp, keysize );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
aes_crypt_cbc( &aes, AES_ENCRYPT, BUFSIZE, tmp, buf, buf );
tsc = hardclock();
for( j = 0; j < 4096; j++ )
aes_crypt_cbc( &aes, AES_ENCRYPT, BUFSIZE, tmp, buf, buf );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
}
#endif
#if defined(POLARSSL_CAMELLIA_C)
for( keysize = 128; keysize <= 256; keysize += 64 )
{
printf( " CAMELLIA-%d : ", keysize );
fflush( stdout );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
camellia_setkey_enc( &camellia, tmp, keysize );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
camellia_crypt_cbc( &camellia, CAMELLIA_ENCRYPT, BUFSIZE, tmp, buf, buf );
tsc = hardclock();
for( j = 0; j < 4096; j++ )
camellia_crypt_cbc( &camellia, CAMELLIA_ENCRYPT, BUFSIZE, tmp, buf, buf );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
}
#endif
#if defined(POLARSSL_HAVEGE_C)
printf( HEADER_FORMAT, "HAVEGE" );
fflush( stdout );
havege_init( &hs );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
havege_random( &hs, buf, BUFSIZE );
tsc = hardclock();
for( j = 1; j < 1024; j++ )
havege_random( &hs, buf, BUFSIZE );
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_CTR_DRBG_C)
printf( HEADER_FORMAT, "CTR_DRBG (NOPR)" );
fflush( stdout );
if( ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
exit(1);
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
exit(1);
tsc = hardclock();
for( j = 1; j < 1024; j++ )
if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
exit(1);
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
printf( HEADER_FORMAT, "CTR_DRBG (PR)" );
fflush( stdout );
if( ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
exit(1);
ctr_drbg_set_prediction_resistance( &ctr_drbg, CTR_DRBG_PR_ON );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
exit(1);
tsc = hardclock();
for( j = 1; j < 1024; j++ )
if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
exit(1);
printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
#endif
#if defined(POLARSSL_RSA_C) && defined(POLARSSL_BIGNUM_C) && \
defined(POLARSSL_GENPRIME)
rsa_init( &rsa, RSA_PKCS_V15, 0 );
rsa_gen_key( &rsa, myrand, NULL, 1024, 65537 );
printf( HEADER_FORMAT, "RSA-1024" );
fflush( stdout );
set_alarm( 3 );
for( i = 1; ! alarmed; i++ )
{
buf[0] = 0;
rsa_public( &rsa, buf, buf );
}
printf( "%9lu public/s\n", i / 3 );
printf( HEADER_FORMAT, "RSA-1024" );
fflush( stdout );
set_alarm( 3 );
for( i = 1; ! alarmed; i++ )
{
buf[0] = 0;
rsa_private( &rsa, buf, buf );
}
printf( "%9lu private/s\n", i / 3 );
rsa_free( &rsa );
rsa_init( &rsa, RSA_PKCS_V15, 0 );
rsa_gen_key( &rsa, myrand, NULL, 2048, 65537 );
printf( HEADER_FORMAT, "RSA-2048" );
fflush( stdout );
set_alarm( 3 );
for( i = 1; ! alarmed; i++ )
{
buf[0] = 0;
rsa_public( &rsa, buf, buf );
}
printf( "%9lu public/s\n", i / 3 );
printf( HEADER_FORMAT, "RSA-2048" );
fflush( stdout );
set_alarm( 3 );
for( i = 1; ! alarmed; i++ )
{
buf[0] = 0;
rsa_private( &rsa, buf, buf );
}
printf( "%9lu private/s\n", i / 3 );
rsa_free( &rsa );
rsa_init( &rsa, RSA_PKCS_V15, 0 );
rsa_gen_key( &rsa, myrand, NULL, 4096, 65537 );
printf( HEADER_FORMAT, "RSA-4096" );
fflush( stdout );
set_alarm( 3 );
for( i = 1; ! alarmed; i++ )
{
buf[0] = 0;
rsa_public( &rsa, buf, buf );
}
printf( "%9lu public/s\n", i / 3 );
printf( HEADER_FORMAT, "RSA-4096" );
fflush( stdout );
set_alarm( 3 );
for( i = 1; ! alarmed; i++ )
{
buf[0] = 0;
rsa_private( &rsa, buf, buf );
}
printf( "%9lu private/s\n", i / 3 );
rsa_free( &rsa );
#endif
printf( "\n" );
#if defined(_WIN32)
printf( " Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
return( 0 );
}
int main(void)
{
int keysize;
unsigned long i, j, tsc;
unsigned char tmp[32];
#if defined(TROPICSSL_ARC4_C)
arc4_context arc4;
#endif
#if defined(TROPICSSL_DES_C)
des3_context des3;
des_context des;
#endif
#if defined(TROPICSSL_AES_C)
aes_context aes;
#endif
#if defined(TROPICSSL_CAMELLIA_C)
camellia_context camellia;
#endif
#if defined(TROPICSSL_RSA_C)
rsa_context rsa;
#endif
memset(buf, 0xAA, sizeof(buf));
printf("\n");
#if defined(TROPICSSL_MD4_C)
printf(" MD4 : ");
fflush(stdout);
set_alarm(1);
for (i = 1; !alarmed; i++)
md4(buf, BUFSIZE, tmp);
tsc = hardclock();
for (j = 0; j < 1024; j++)
md4(buf, BUFSIZE, tmp);
printf("%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
(hardclock() - tsc) / (j * BUFSIZE));
#endif
#if defined(TROPICSSL_MD5_C)
printf(" MD5 : ");
fflush(stdout);
set_alarm(1);
for (i = 1; !alarmed; i++)
md5(buf, BUFSIZE, tmp);
tsc = hardclock();
for (j = 0; j < 1024; j++)
md5(buf, BUFSIZE, tmp);
printf("%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
(hardclock() - tsc) / (j * BUFSIZE));
#endif
#if defined(TROPICSSL_SHA1_C)
printf(" SHA-1 : ");
fflush(stdout);
set_alarm(1);
for (i = 1; !alarmed; i++)
sha1(buf, BUFSIZE, tmp);
tsc = hardclock();
for (j = 0; j < 1024; j++)
sha1(buf, BUFSIZE, tmp);
printf("%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
(hardclock() - tsc) / (j * BUFSIZE));
#endif
#if defined(TROPICSSL_SHA2_C)
printf(" SHA-256 : ");
fflush(stdout);
set_alarm(1);
for (i = 1; !alarmed; i++)
sha2(buf, BUFSIZE, tmp, 0);
tsc = hardclock();
for (j = 0; j < 1024; j++)
sha2(buf, BUFSIZE, tmp, 0);
printf("%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
(hardclock() - tsc) / (j * BUFSIZE));
#endif
#if defined(TROPICSSL_ARC4_C)
printf(" ARC4 : ");
fflush(stdout);
arc4_setup(&arc4, tmp, 32);
set_alarm(1);
for (i = 1; !alarmed; i++)
arc4_crypt(&arc4, buf, BUFSIZE);
tsc = hardclock();
for (j = 0; j < 1024; j++)
arc4_crypt(&arc4, buf, BUFSIZE);
printf("%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
(hardclock() - tsc) / (j * BUFSIZE));
#endif
#if defined(TROPICSSL_DES_C)
printf(" 3DES : ");
fflush(stdout);
des3_set3key_enc(&des3, tmp);
set_alarm(1);
for (i = 1; !alarmed; i++)
des3_crypt_cbc(&des3, DES_ENCRYPT, BUFSIZE, tmp, buf, buf);
tsc = hardclock();
for (j = 0; j < 1024; j++)
des3_crypt_cbc(&des3, DES_ENCRYPT, BUFSIZE, tmp, buf, buf);
printf("%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
(hardclock() - tsc) / (j * BUFSIZE));
printf(" DES : ");
fflush(stdout);
des_setkey_enc(&des, tmp);
set_alarm(1);
for (i = 1; !alarmed; i++)
des_crypt_cbc(&des, DES_ENCRYPT, BUFSIZE, tmp, buf, buf);
tsc = hardclock();
for (j = 0; j < 1024; j++)
des_crypt_cbc(&des, DES_ENCRYPT, BUFSIZE, tmp, buf, buf);
printf("%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
(hardclock() - tsc) / (j * BUFSIZE));
#endif
#if defined(TROPICSSL_AES_C)
for (keysize = 128; keysize <= 256; keysize += 64) {
printf(" AES-%d : ", keysize);
fflush(stdout);
memset(buf, 0, sizeof(buf));
memset(tmp, 0, sizeof(tmp));
aes_setkey_enc(&aes, tmp, keysize);
set_alarm(1);
for (i = 1; !alarmed; i++)
aes_crypt_cbc(&aes, AES_ENCRYPT, BUFSIZE, tmp, buf,
buf);
tsc = hardclock();
for (j = 0; j < 4096; j++)
aes_crypt_cbc(&aes, AES_ENCRYPT, BUFSIZE, tmp, buf,
buf);
printf("%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
(hardclock() - tsc) / (j * BUFSIZE));
}
#endif
#if defined(TROPICSSL_CAMELLIA_C)
for (keysize = 128; keysize <= 256; keysize += 64) {
printf(" CAMELLIA-%d : ", keysize);
fflush(stdout);
memset(buf, 0, sizeof(buf));
memset(tmp, 0, sizeof(tmp));
camellia_setkey_enc(&camellia, tmp, keysize);
set_alarm(1);
for (i = 1; !alarmed; i++)
camellia_crypt_cbc(&camellia, CAMELLIA_ENCRYPT, BUFSIZE,
tmp, buf, buf);
tsc = hardclock();
for (j = 0; j < 4096; j++)
camellia_crypt_cbc(&camellia, CAMELLIA_ENCRYPT, BUFSIZE,
tmp, buf, buf);
printf("%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024,
(hardclock() - tsc) / (j * BUFSIZE));
}
#endif
#if defined(TROPICSSL_RSA_C)
rsa_init(&rsa, RSA_PKCS_V15, 0, myrand, NULL);
rsa_gen_key(&rsa, 1024, 65537);
printf(" RSA-1024 : ");
fflush(stdout);
set_alarm(3);
for (i = 1; !alarmed; i++) {
buf[0] = 0;
rsa_public(&rsa, buf, buf);
}
printf("%9lu public/s\n", i / 3);
printf(" RSA-1024 : ");
fflush(stdout);
set_alarm(3);
for (i = 1; !alarmed; i++) {
buf[0] = 0;
rsa_private(&rsa, buf, buf);
}
printf("%9lu private/s\n\n", i / 3);
rsa_free(&rsa);
#endif
#ifdef WIN32
printf(" Press Enter to exit this program.\n");
fflush(stdout);
getchar();
#endif
return (0);
}
static bool ztex_checkNonce(struct libztex_device *ztex,
struct work *work,
struct libztex_hash_data *hdata)
{
uint32_t *data32 = (uint32_t *)(work->data);
unsigned char swap[80];
uint32_t *swap32 = (uint32_t *)swap;
unsigned char hash1[32];
unsigned char hash2[32];
uint32_t *hash2_32 = (uint32_t *)hash2;
int i;
#if defined(__BIGENDIAN__) || defined(MIPSEB)
hdata->nonce = swab32(hdata->nonce);
hdata->hash7 = swab32(hdata->hash7);
#endif
work->data[64 + 12 + 0] = (hdata->nonce >> 0) & 0xff;
work->data[64 + 12 + 1] = (hdata->nonce >> 8) & 0xff;
work->data[64 + 12 + 2] = (hdata->nonce >> 16) & 0xff;
work->data[64 + 12 + 3] = (hdata->nonce >> 24) & 0xff;
for (i = 0; i < 80 / 4; i++)
swap32[i] = swab32(data32[i]);
sha2(swap, 80, hash1, false);
sha2(hash1, 32, hash2, false);
#if defined(__BIGENDIAN__) || defined(MIPSEB)
if (hash2_32[7] != ((hdata->hash7 + 0x5be0cd19) & 0xFFFFFFFF)) {
#else
if (swab32(hash2_32[7]) != ((hdata->hash7 + 0x5be0cd19) & 0xFFFFFFFF)) {
#endif
ztex->errorCount[ztex->freqM] += 1.0 / ztex->numNonces;
applog(LOG_DEBUG, "%s: checkNonce failed for %0.8X", ztex->repr, hdata->nonce);
return false;
}
return true;
}
static int64_t ztex_scanhash(struct thr_info *thr, struct work *work,
__maybe_unused int64_t max_nonce)
{
struct libztex_device *ztex;
unsigned char sendbuf[44];
int i, j, k;
uint32_t *backlog;
int backlog_p = 0, backlog_max;
uint32_t *lastnonce;
uint32_t nonce, noncecnt = 0;
bool overflow, found;
struct libztex_hash_data hdata[GOLDEN_BACKLOG];
if (thr->cgpu->deven == DEV_DISABLED)
return -1;
ztex = thr->cgpu->device_ztex;
memcpy(sendbuf, work->data + 64, 12);
memcpy(sendbuf + 12, work->midstate, 32);
ztex_selectFpga(ztex);
i = libztex_sendHashData(ztex, sendbuf);
if (i < 0) {
// Something wrong happened in send
applog(LOG_ERR, "%s: Failed to send hash data with err %d, retrying", ztex->repr, i);
nmsleep(500);
i = libztex_sendHashData(ztex, sendbuf);
if (i < 0) {
// And there's nothing we can do about it
ztex_disable(thr);
applog(LOG_ERR, "%s: Failed to send hash data with err %d, giving up", ztex->repr, i);
ztex_releaseFpga(ztex);
return -1;
}
}
ztex_releaseFpga(ztex);
applog(LOG_DEBUG, "%s: sent hashdata", ztex->repr);
lastnonce = calloc(1, sizeof(uint32_t)*ztex->numNonces);
if (lastnonce == NULL) {
applog(LOG_ERR, "%s: failed to allocate lastnonce[%d]", ztex->repr, ztex->numNonces);
return -1;
}
/* Add an extra slot for detecting dupes that lie around */
backlog_max = ztex->numNonces * (2 + ztex->extraSolutions);
backlog = calloc(1, sizeof(uint32_t) * backlog_max);
if (backlog == NULL) {
applog(LOG_ERR, "%s: failed to allocate backlog[%d]", ztex->repr, backlog_max);
return -1;
}
overflow = false;
applog(LOG_DEBUG, "%s: entering poll loop", ztex->repr);
while (!(overflow || thr->work_restart)) {
nmsleep(250);
if (thr->work_restart) {
applog(LOG_DEBUG, "%s: New work detected", ztex->repr);
break;
}
ztex_selectFpga(ztex);
i = libztex_readHashData(ztex, &hdata[0]);
if (i < 0) {
// Something wrong happened in read
applog(LOG_ERR, "%s: Failed to read hash data with err %d, retrying", ztex->repr, i);
nmsleep(500);
i = libztex_readHashData(ztex, &hdata[0]);
if (i < 0) {
// And there's nothing we can do about it
ztex_disable(thr);
applog(LOG_ERR, "%s: Failed to read hash data with err %d, giving up", ztex->repr, i);
free(lastnonce);
free(backlog);
ztex_releaseFpga(ztex);
return -1;
}
}
ztex_releaseFpga(ztex);
if (thr->work_restart) {
applog(LOG_DEBUG, "%s: New work detected", ztex->repr);
break;
}
ztex->errorCount[ztex->freqM] *= 0.995;
ztex->errorWeight[ztex->freqM] = ztex->errorWeight[ztex->freqM] * 0.995 + 1.0;
for (i = 0; i < ztex->numNonces; i++) {
nonce = hdata[i].nonce;
#if defined(__BIGENDIAN__) || defined(MIPSEB)
nonce = swab32(nonce);
#endif
if (nonce > noncecnt)
noncecnt = nonce;
if (((0xffffffff - nonce) < (nonce - lastnonce[i])) || nonce < lastnonce[i]) {
applog(LOG_DEBUG, "%s: overflow nonce=%0.8x lastnonce=%0.8x", ztex->repr, nonce, lastnonce[i]);
overflow = true;
} else
lastnonce[i] = nonce;
#if !(defined(__BIGENDIAN__) || defined(MIPSEB))
nonce = swab32(nonce);
#endif
if (!ztex_checkNonce(ztex, work, &hdata[i])) {
thr->cgpu->hw_errors++;
continue;
}
for (j=0; j<=ztex->extraSolutions; j++) {
nonce = hdata[i].goldenNonce[j];
if (nonce > 0) {
found = false;
for (k = 0; k < backlog_max; k++) {
if (backlog[k] == nonce) {
found = true;
break;
}
}
if (!found) {
applog(LOG_DEBUG, "%s: Share found N%dE%d", ztex->repr, i, j);
backlog[backlog_p++] = nonce;
if (backlog_p >= backlog_max)
backlog_p = 0;
#if defined(__BIGENDIAN__) || defined(MIPSEB)
nonce = swab32(nonce);
#endif
work->blk.nonce = 0xffffffff;
submit_nonce(thr, work, nonce);
applog(LOG_DEBUG, "%s: submitted %0.8x", ztex->repr, nonce);
}
}
}
}
}
ztex->errorRate[ztex->freqM] = ztex->errorCount[ztex->freqM] / ztex->errorWeight[ztex->freqM] * (ztex->errorWeight[ztex->freqM] < 100? ztex->errorWeight[ztex->freqM] * 0.01: 1.0);
if (ztex->errorRate[ztex->freqM] > ztex->maxErrorRate[ztex->freqM])
ztex->maxErrorRate[ztex->freqM] = ztex->errorRate[ztex->freqM];
if (!ztex_updateFreq(ztex)) {
// Something really serious happened, so mark this thread as dead!
free(lastnonce);
free(backlog);
return -1;
}
applog(LOG_DEBUG, "%s: exit %1.8X", ztex->repr, noncecnt);
work->blk.nonce = 0xffffffff;
free(lastnonce);
free(backlog);
return noncecnt;
}
static void ztex_statline_before(char *buf, struct cgpu_info *cgpu)
{
if (cgpu->deven == DEV_ENABLED) {
tailsprintf(buf, "%s-%d | ", cgpu->device_ztex->snString, cgpu->device_ztex->fpgaNum+1);
tailsprintf(buf, "%0.1fMHz | ", cgpu->device_ztex->freqM1 * (cgpu->device_ztex->freqM + 1));
}
}
static bool ztex_prepare(struct thr_info *thr)
{
struct timeval now;
struct cgpu_info *cgpu = thr->cgpu;
struct libztex_device *ztex = cgpu->device_ztex;
gettimeofday(&now, NULL);
get_datestamp(cgpu->init, &now);
ztex_selectFpga(ztex);
if (libztex_configureFpga(ztex) != 0) {
libztex_resetFpga(ztex);
ztex_releaseFpga(ztex);
applog(LOG_ERR, "%s: Disabling!", thr->cgpu->device_ztex->repr);
thr->cgpu->deven = DEV_DISABLED;
return true;
}
ztex->freqM = ztex->freqMaxM+1;;
//ztex_updateFreq(ztex);
libztex_setFreq(ztex, ztex->freqMDefault);
ztex_releaseFpga(ztex);
applog(LOG_DEBUG, "%s: prepare", ztex->repr);
return true;
}
static void ztex_shutdown(struct thr_info *thr)
{
if (thr->cgpu->device_ztex != NULL) {
if (thr->cgpu->device_ztex->fpgaNum == 0)
pthread_mutex_destroy(&thr->cgpu->device_ztex->mutex);
applog(LOG_DEBUG, "%s: shutdown", thr->cgpu->device_ztex->repr);
libztex_destroy_device(thr->cgpu->device_ztex);
thr->cgpu->device_ztex = NULL;
}
}
static void ztex_disable(struct thr_info *thr)
{
applog(LOG_ERR, "%s: Disabling!", thr->cgpu->device_ztex->repr);
devices[thr->cgpu->device_id]->deven = DEV_DISABLED;
ztex_shutdown(thr);
}
void sha256_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2( input, ilen, output, 0 );
}
void Crypto::Sha256(const u8* in, u32 size, u8 hash[kSha256HashLen])
{
sha2(in, size, hash, false);
}
int main()
{
u8 *buf = NULL, *newContentBuf = NULL;
FILE *f = fopen("title.cia","rb");
if(!f)
{
puts("Unable to open title.cia!");
goto end;
}
fseek(f,0,SEEK_END);
size_t fsize = ftell(f);
fseek(f,0,SEEK_SET);
buf = malloc(fsize);
if(!buf)
{
printf("Unable to allocate %i bytes!\n",fsize);
goto end;
}
fread(buf,1,fsize,f);
fclose(f);
f = NULL;
u32 certsize = A64(*(u32*)(buf+0x8)), tiksize=A64(*(u32*)(buf+0xC)), tmdsize=A64(*(u32*)(buf+0x10)),
metasize=A64(*(u32*)(buf+0x14)), contentsize=A64(*(u32*)(buf+0x18));
printf("Cert Size:%x, Tik Size: %x, TMD Size: %x\nMeta Size: %x, Total Content Size:%x\n",
certsize,tiksize,tmdsize,metasize,contentsize);
u32 tmdstart = 0x2040+certsize+tiksize;
printf("TMD Start: %x\n",tmdstart);
u32 sigtype = S32(*(u32*)(buf+tmdstart));
u32 tmdsigsize = 0x100;
if(sigtype != RSA_2048_SHA256)
{
printf("Signature Type not supported:0x%08x\n",sigtype);
goto end;
}
u32 tmdhdr = A64(tmdstart+4+tmdsigsize);
u32 tmdverpos = tmdhdr+0x40;
int tmdver = *(buf+tmdverpos);
if(tmdver != 1)
{
printf("Unknown tmd ver:%i\n",tmdver);
goto end;
}
printf("Title ID: %016I64x\n",S64(*(u64*)(buf+tmdhdr+0x4C)));
u32 numcontentpos = tmdhdr+0x9E;
u16 numcontents = S16(*(u16*)(buf+numcontentpos));
printf("Num Contents: %i\n",numcontents);
u32 infoshapos = numcontentpos+6; //has sha1 of 0x900 inforecords
u32 inforecords = infoshapos+0x20; //has sha1 of each chunkrecord
f = fopen("content.bin","rb");
fseek(f,0,SEEK_END);
size_t newContentSize = ftell(f);
fseek(f,0,SEEK_SET);
newContentBuf = malloc(newContentSize);
fread(newContentBuf,newContentSize,1,f);
fclose(f);
memcpy(buf+0x18,&newContentSize,4);
printf("New Content Size: %x\n",A64(*(u32*)(buf+0x18)));
u32 chunkrecords = inforecords+(0x40*0x24); //has sha1 of each content
u32 chunkrecordsSize = chunkrecords+(numcontents*0x30);
u32 content = A64(chunkrecordsSize);
printf("Content starts at 0x%x\n",content);
int i;
for(i = 0; i < numcontents; i++)
{
*(u64*)(buf+(chunkrecords+(i*0x30))+0x8) = S64(newContentSize);
u64 thisContentSize = S64(*(u64*)(buf+(chunkrecords+(i*0x30))+0x8));
printf("Content %i Size: %I64x\n",
S16(*(u16*)(buf+(chunkrecords+(i*0x30))+0x4)),
thisContentSize);
sha2(newContentBuf,(u32)thisContentSize,buf+(chunkrecords+(i*0x30))+0x10,0);
}
sha2(buf+chunkrecords,0x30,buf+inforecords+4,0);
sha2(buf+inforecords,(0x40*0x24),buf+infoshapos,0);
printf("Signing TMD, RsaSignVerify=%i\n",
RsaSignVerify(buf+tmdstart+0x140,0xC4,buf+tmdstart+4,mod,priv_exp,RSA_2048_SHA256,CTR_RSA_SIGN));
f = fopen("titleNew.cia","wb");
fwrite(buf,content,1,f);
fwrite(newContentBuf,newContentSize,1,f);
if(metasize > 0)
{
u32 metastart = 0x2040+certsize+tiksize+tmdsize+contentsize;
fwrite(buf+metastart,metasize,1,f);
}
fclose(f);
puts("Wrote titleNew.cia");
end:
if(buf) free(buf);
if(f) fclose(f);
return 0;
}
int unprotect_buffer(unsigned char **output, int *output_len,
unsigned char *input, int input_len,
char *password,
unsigned char *salt, int salt_len,
unsigned int iterations)
{
int ret, i, offset;
unsigned char k_m[32];
unsigned char k_c[32];
unsigned char k_i[32];
unsigned char tmp_1[36];
unsigned char tmp_2[32];
unsigned char *input_padd;
unsigned char *cipher;
unsigned char *plain;
aes_context aes_ctx;
sha2_context sha_ctx;
/* *** Init *** */
ret = 1;
i = 0;
offset = 0;
input_padd = NULL;
cipher = NULL;
plain = NULL;
/* *** Get cipher text *** */
cipher = (unsigned char *) malloc((input_len - 32) * sizeof(char));
if (cipher == NULL) {
fprintf(stderr, "error : memory allocation failed\n");
ret = 1;
goto cleanup;
}
memcpy(cipher, input, input_len - 32);
input_padd = (unsigned char *) malloc((input_len - 32) *
sizeof(char));
if (input_padd == NULL) {
fprintf(stderr, "error : memory allocation failed\n");
ret = 1;
goto cleanup;
}
memcpy(tmp_2, input + (input_len - 32), 32);
/* *** Deriv password to MasterKey *** */
ret = deriv_passwd(k_m, password, salt, salt_len, iterations);
if(ret != 0) {
fprintf(stderr, "error: deriv_passwd failed\n");
ret = 1;
goto cleanup;
}
/* *** Deriv MasterKey to CipherKey / IntegrityKey *** */
i = 0;
memcpy(tmp_1, k_m, 32);
memcpy(tmp_1+32, &i, sizeof(int));
sha2(tmp_1, 36, k_c, 0);
i++;
memcpy(tmp_1, k_m, 32);
memcpy(tmp_1+32, &i, sizeof(int));
sha2(tmp_1, 36, k_i, 0);
/* *** Calculate the integrity key with the given password *** */
sha2_hmac_starts(&sha_ctx, k_i, 32, 0);
sha2_hmac_update(&sha_ctx, cipher, input_len - 32);
sha2_hmac_finish(&sha_ctx, k_i);
/* *** Comparison *** */
if (memcmp(k_i, tmp_2, 32) != 0) {
fprintf(stderr, "error : keys are differents\n");
ret = 1;
goto cleanup;
}
/* *** Dechiffrement *** */
ret = aes_setkey_dec(&aes_ctx, k_c, 256);
if (ret != 0) {
fprintf(stderr, "error : aes_setkey_dec failed\n");
ret = 1;
goto cleanup;
}
ret = aes_crypt_cbc(&aes_ctx, AES_DECRYPT, input_len - 32, iv,
cipher, input_padd);
if (ret != 0) {
fprintf(stderr, "error : aes_crypt_cbc failed\n");
ret = 1;
goto cleanup;
}
/* *** Padding *** */
offset = getPaddingOffset(input_padd, input_len - 32);
plain = (unsigned char *) malloc(offset * sizeof(char) + 1);
if (plain == NULL) {
fprintf(stderr, "error : memory allocation failed\n");
ret = 1;
goto cleanup;
}
memcpy(plain, input_padd, offset);
plain[offset * sizeof(char)] = '\0';
/* *** Output *** */
*output = plain;
*output_len = offset;
ret = 0;
cleanup:
if (input_padd != NULL) {
memset(input_padd, 0x00, input_len - 32);
free(input_padd);
}
if (cipher != NULL) {
memset(cipher, 0x00, input_len - 32);
free(cipher);
}
memset(&aes_ctx, 0x00, sizeof(aes_context));
memset(&sha_ctx, 0x00, sizeof(sha_ctx));
memset(k_m, 0x00, 32);
memset(k_c, 0x00, 32);
memset(k_i, 0x00, 32);
memset(tmp_1, 0x00, 36);
memset(tmp_2, 0x00, 32);
i = 0;
return ret;
}
void ctr_sha_256( const u8* data,
u32 size,
u8 hash[0x20] )
{
sha2(data, size, hash, 0);
}
