├── Gimli ├── make.incl.mk ├── tools │ ├── utils.h │ └── utils.c ├── Permutation │ ├── test_perm.h │ ├── gimli.h │ ├── cycle anaylsis.text │ ├── c-ref.c │ └── asm.S ├── crypto_hash │ ├── crypto_hash.h │ ├── c-ref.c │ └── gimli.c.inc ├── kat.h ├── base.h └── crypto_aead │ └── gimli.c.inc ├── Keccak ├── make.incl.mk ├── base.h └── Permutation │ ├── test_perm.h │ ├── keccakf1600.h │ └── test_perm.c ├── xoodyak ├── make.incl.mk ├── asm │ ├── crypto_hash.h │ ├── api.h │ ├── crypto_aead.h │ ├── Xoodyak.h │ ├── align.h │ ├── hash.c │ ├── Xoodyak.c │ └── Xoodoo-SnP.h ├── lc │ ├── crypto_hash.h │ ├── api.h │ ├── crypto_aead.h │ ├── Xoodyak.h │ ├── align.h │ ├── hash.c │ ├── Xoodyak.c │ └── Xoodoo-SnP.h ├── ref │ ├── crypto_hash.h │ ├── api.h │ ├── crypto_aead.h │ ├── Xoodyak.h │ ├── align.h │ ├── hash.c │ ├── Xoodyak.c │ └── Xoodoo-SnP.h ├── rw_lu │ ├── crypto_hash.h │ ├── api.h │ ├── crypto_aead.h │ ├── Xoodyak.h │ ├── align.h │ ├── hash.c │ ├── Xoodyak.c │ └── Xoodoo-SnP.h ├── kat.h └── base.h ├── murax ├── .gitignore ├── nonvolatile.ld ├── pqvexriscvsim.ld ├── nosys │ ├── issaty.c │ ├── getpid.c │ ├── close.c │ ├── kill.c │ ├── read.c │ ├── lseek.c │ └── fstat.c ├── bsp │ └── vexriscv │ │ ├── init.c │ │ ├── murax.ld │ │ ├── pqvexriscvicoboard.ld │ │ ├── weak_under_alias.h │ │ ├── pqvexriscvsim.ld │ │ ├── pqvexriscvup5k.ld │ │ ├── vexriscv.mk │ │ └── Makefile ├── memcmp.c ├── hal.h ├── hal.c ├── main.c ├── hal-vexriscv.c ├── vexriscv.mk ├── README.md └── crt.S ├── saturnin ├── make.incl.mk ├── crypto_hash │ ├── api.h │ ├── crypto_hash.h │ └── ref │ │ └── hash.c ├── cycles counts.ods ├── tools │ ├── utils.h │ └── utils.c ├── crypto_aead │ ├── saturninctrcascadev2 │ │ ├── bs32 │ │ │ └── api.h │ │ ├── bs32x │ │ │ └── api.h │ │ ├── bs64 │ │ │ └── api.h │ │ └── ref │ │ │ └── api.h │ └── crypto_aead.h ├── kat.h └── base.h ├── shell.nix ├── AES-CTR-Bitsliced ├── make.incl.mk ├── base.h └── Permutation │ ├── test_perm.h │ ├── aes.h │ └── rijndael-alg-fst.h ├── Delirium_opt ├── make.incl.mk ├── opt │ ├── keccak.h │ ├── interleaving.h │ ├── elephant_200.h │ └── crypto_aead.h ├── ref │ ├── keccak_ref.h │ ├── elephant_200_ref.h │ └── crypto_aead_ref.h ├── base.h └── kat.h ├── scheme.tpl.h ├── nonvolatile.ld ├── pqvexriscvsim.ld ├── sparkle ├── make.incl.mk ├── kat.h └── base.h ├── utils ├── utils.h ├── stdlibs.h ├── getcycles.S ├── nist.h ├── nist.c └── tools.py ├── clang-10.mk ├── clang.mk ├── paper.pdf ├── Instructions ├── base.h └── Instr │ ├── empty.S │ ├── test_perm.h │ ├── lb.S │ ├── lw.S │ ├── or.S │ ├── ori.S │ ├── sb.S │ ├── add.S │ ├── and.S │ ├── sll.S │ ├── sra.S │ ├── srl.S │ ├── sub.S │ ├── sw.S │ ├── xor.S │ ├── addi.S │ ├── andi.S │ ├── slli.S │ ├── srai.S │ ├── srli.S │ ├── xori.S │ ├── instr.h │ └── test_perm.c ├── Keccak-200 ├── base.h ├── Permutation │ ├── keccak_ref.h │ ├── keccak_x4.h │ ├── test_perm.h │ ├── interleaving.h │ └── rotate.py ├── make.incl.mk └── tools │ ├── utils.h │ └── utils.c ├── main-valid.elf ├── watch.sh ├── .clang-format ├── AES-LUT ├── base.h └── Permutation │ ├── test_perm.h │ ├── aes.h │ └── rijndael-alg-fst.h ├── test ├── test.c ├── test.h ├── test_hash.h └── test_aead.h ├── Ascon-128 ├── Permutation │ ├── test_perm.h │ ├── ascon.h │ ├── ref.c │ └── opt.c ├── make.incl.mk ├── tools │ ├── utils.h │ └── utils.c ├── crypto_aead │ ├── opt64_asm │ │ └── permutations.h │ ├── endian.h │ ├── crypto_aead.h │ └── opt64_C_unrolled │ │ └── permutations.h ├── kat.h └── base.h ├── sifive_sdk ├── libwrap │ ├── sys │ │ ├── fork.c │ │ ├── getpid.c │ │ ├── wait.c │ │ ├── stub.h │ │ ├── close.c │ │ ├── kill.c │ │ ├── unlink.c │ │ ├── weak_under_alias.h │ │ ├── open.c │ │ ├── link.c │ │ ├── times.c │ │ ├── openat.c │ │ ├── execve.c │ │ ├── isatty.c │ │ ├── stat.c │ │ ├── lseek.c │ │ ├── fstat.c │ │ ├── _exit.c │ │ ├── sbrk.c │ │ ├── puts.c │ │ ├── write.c │ │ └── read.c │ ├── stdlib │ │ └── malloc.c │ ├── misc │ │ └── write_hex.c │ └── libwrap.mk ├── include │ ├── clint.h │ ├── const.h │ ├── otp.h │ ├── gpio.h │ ├── uart.h │ ├── plic.h │ ├── bits.h │ ├── pwm.h │ ├── smp.h │ └── prci.h ├── openocd.cfg └── start.S ├── rweather ├── GIFT-COFB │ ├── base.h │ └── kat.h ├── SPIX │ ├── base.h │ └── kat.h ├── WAGE │ ├── base.h │ └── kat.h ├── ESTATE │ ├── base.h │ └── kat.h ├── HYENA │ ├── base.h │ └── kat.h ├── ACE │ ├── base.h │ └── kat.h ├── Grain-128AEAD │ ├── base.h │ └── kat.h ├── Gimli │ ├── base.h │ ├── kat.h │ └── res-vex.txt ├── Xoodyak │ ├── base.h │ └── kat.h ├── ORANGE │ ├── base.h │ └── kat.h ├── Subterranean │ ├── base.h │ └── kat.h ├── SpoC │ ├── base.h │ └── kat.h ├── LOTUS-AEAD │ ├── base.h │ └── kat.h ├── Oribatida │ ├── base.h │ └── kat.h ├── Saturnin │ ├── base.h │ └── kat.h ├── PHOTON-Beetle │ ├── base.h │ └── kat.h ├── DryGASCON │ ├── base.h │ └── kat.h ├── Elephant │ ├── base.h │ └── kat.h ├── TinyJAMBU │ ├── base.h │ └── kat.h ├── COMET │ ├── base.h │ └── kat.h ├── ASCON │ ├── kat.h │ └── base.h ├── ForkAE │ ├── kat.h │ └── base.h ├── ISAP │ ├── kat.h │ └── base.h ├── KNOT │ ├── kat.h │ └── base.h ├── Pyjamask │ ├── kat.h │ └── base.h ├── Romulus │ ├── kat.h │ └── base.h ├── SPARKLE │ ├── kat.h │ └── base.h ├── SKINNY-AEAD │ ├── kat.h │ └── base.h ├── SUNDAE-GIFT │ ├── kat.h │ └── base.h └── Spook │ ├── kat.h │ └── base.h ├── config.sh ├── .gitignore ├── nix ├── vexriscv.nix ├── paper.nix ├── newlib-nano.nix ├── pqvexriscv.nix ├── default.nix └── spinalhdl.nix ├── .gitattributes ├── gcc_b.mk ├── spike.mk ├── gcc.mk ├── .gitmodules ├── upload.sh ├── main.c ├── LICENSE ├── config.mk ├── gen-tree-rweather.py ├── sifive.mk └── riscvOVPsim.mk /Gimli/make.incl.mk: -------------------------------------------------------------------------------- 1 | OPTS=-O3 -------------------------------------------------------------------------------- /Keccak/make.incl.mk: -------------------------------------------------------------------------------- 1 | OPTS=-Os -------------------------------------------------------------------------------- /xoodyak/make.incl.mk: -------------------------------------------------------------------------------- 1 | OPTS=-O3 -------------------------------------------------------------------------------- /murax/.gitignore: -------------------------------------------------------------------------------- 1 | target/* 2 | -------------------------------------------------------------------------------- /saturnin/make.incl.mk: -------------------------------------------------------------------------------- 1 | OPTS=-O2 -------------------------------------------------------------------------------- /shell.nix: -------------------------------------------------------------------------------- 1 | (import ./.).shell 2 | -------------------------------------------------------------------------------- /AES-CTR-Bitsliced/make.incl.mk: -------------------------------------------------------------------------------- 1 | OPTS=-Os -------------------------------------------------------------------------------- /Delirium_opt/make.incl.mk: -------------------------------------------------------------------------------- 1 | OPTS=-O3 2 | -------------------------------------------------------------------------------- /scheme.tpl.h: -------------------------------------------------------------------------------- 1 | #include "{scheme}/base.h" 2 | -------------------------------------------------------------------------------- /murax/nonvolatile.ld: -------------------------------------------------------------------------------- 1 | bsp/vexriscv/nonvolatile.ld -------------------------------------------------------------------------------- /nonvolatile.ld: -------------------------------------------------------------------------------- 1 | murax/bsp/vexriscv/nonvolatile.ld -------------------------------------------------------------------------------- /murax/pqvexriscvsim.ld: -------------------------------------------------------------------------------- 1 | bsp/vexriscv/pqvexriscvsim.ld -------------------------------------------------------------------------------- /pqvexriscvsim.ld: -------------------------------------------------------------------------------- 1 | murax/bsp/vexriscv/pqvexriscvsim.ld -------------------------------------------------------------------------------- /saturnin/crypto_hash/api.h: -------------------------------------------------------------------------------- 1 | #define CRYPTO_BYTES 32 2 | -------------------------------------------------------------------------------- /sparkle/make.incl.mk: -------------------------------------------------------------------------------- 1 | OPTS=-O3 2 | # OPTS=-O2 3 | # OPTS=-Os 4 | -------------------------------------------------------------------------------- /utils/utils.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | 5 | uint64_t getcycles(); 6 | -------------------------------------------------------------------------------- /clang-10.mk: -------------------------------------------------------------------------------- 1 | CC=clang-10 2 | RISCV_ARCHFLAGS=$(RISCV_ARCHFLAGS_CLANG) 3 | 4 | OPT2=-O2 5 | OPT3=-O3 -------------------------------------------------------------------------------- /clang.mk: -------------------------------------------------------------------------------- 1 | CC=$(CLANG) 2 | RISCV_ARCHFLAGS=$(RISCV_ARCHFLAGS_CLANG) 3 | 4 | OPT2=-O2 5 | OPT3=-O3 -------------------------------------------------------------------------------- /paper.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AsmOptC-RiscV/Assembly-Optimized-C-RiscV/HEAD/paper.pdf -------------------------------------------------------------------------------- /Instructions/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define ADDITIONAL 4 | 5 | #include "Instr/test_perm.h" 6 | -------------------------------------------------------------------------------- /Keccak-200/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define ADDITIONAL 4 | 5 | #include "Permutation/test_perm.h" 6 | -------------------------------------------------------------------------------- /main-valid.elf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AsmOptC-RiscV/Assembly-Optimized-C-RiscV/HEAD/main-valid.elf -------------------------------------------------------------------------------- /xoodyak/asm/crypto_hash.h: -------------------------------------------------------------------------------- 1 | int crypto_hash_asm(unsigned char *out, const unsigned char *in, unsigned long long inlen); -------------------------------------------------------------------------------- /xoodyak/lc/crypto_hash.h: -------------------------------------------------------------------------------- 1 | int crypto_hash_lc(unsigned char *out, const unsigned char *in, unsigned long long inlen); -------------------------------------------------------------------------------- /xoodyak/ref/crypto_hash.h: -------------------------------------------------------------------------------- 1 | int crypto_hash_ref(unsigned char *out, const unsigned char *in, unsigned long long inlen); -------------------------------------------------------------------------------- /Keccak-200/Permutation/keccak_ref.h: -------------------------------------------------------------------------------- 1 | #define BLOCK_SIZE 25 2 | #include 3 | 4 | void permutation(uint8_t *state); -------------------------------------------------------------------------------- /xoodyak/rw_lu/crypto_hash.h: -------------------------------------------------------------------------------- 1 | int crypto_hash_rw_lu(unsigned char *out, const unsigned char *in, unsigned long long inlen); -------------------------------------------------------------------------------- /saturnin/cycles counts.ods: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/AsmOptC-RiscV/Assembly-Optimized-C-RiscV/HEAD/saturnin/cycles counts.ods -------------------------------------------------------------------------------- /watch.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | DEVICE=/dev/ttyUSB1 4 | BAUD=115200 5 | 6 | exec screen -L -Logfile main.log "$DEVICE" $BAUD 7 | -------------------------------------------------------------------------------- /.clang-format: -------------------------------------------------------------------------------- 1 | # We'll use defaults from the LLVM style, but with 4 columns indentation. 2 | BasedOnStyle: LLVM 3 | IndentWidth: 4 4 | -------------------------------------------------------------------------------- /Keccak-200/make.incl.mk: -------------------------------------------------------------------------------- 1 | OPTS=-O3 2 | 3 | # -Os does not seem to work 4 | # -O2 result in a trap 5 | # does not compile with Clang. -------------------------------------------------------------------------------- /AES-LUT/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define ADDITIONAL 4 | 5 | #include "Permutation/aes.h" 6 | #include "Permutation/test_perm.h" 7 | -------------------------------------------------------------------------------- /Keccak/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define ADDITIONAL 4 | 5 | #include "Permutation/keccakf1600.h" 6 | #include "Permutation/test_perm.h" 7 | -------------------------------------------------------------------------------- /AES-CTR-Bitsliced/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define ADDITIONAL 4 | 5 | #include "Permutation/aes.h" 6 | #include "Permutation/test_perm.h" 7 | -------------------------------------------------------------------------------- /Delirium_opt/opt/keccak.h: -------------------------------------------------------------------------------- 1 | #include 2 | #define maxNrRounds 18 3 | #define nrLanes 25 4 | 5 | void permutation_4(uint32_t *state); 6 | -------------------------------------------------------------------------------- /test/test.c: -------------------------------------------------------------------------------- 1 | #include "test.h" 2 | #ifdef ADDITIONAL 3 | 4 | void additional_tests() 5 | { 6 | test_perm(); 7 | } 8 | 9 | #endif 10 | -------------------------------------------------------------------------------- /test/test.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../scheme.h" 4 | 5 | #ifdef ADDITIONAL 6 | 7 | void additional_tests(); 8 | 9 | #endif 10 | -------------------------------------------------------------------------------- /Instructions/Instr/empty.S: -------------------------------------------------------------------------------- 1 | .globl instr_empty 2 | .type instr_empty, %function 3 | .align 3 4 | instr_empty: 5 | ret 6 | .size instr_empty,.-instr_empty -------------------------------------------------------------------------------- /Delirium_opt/ref/keccak_ref.h: -------------------------------------------------------------------------------- 1 | #define BLOCK_SIZE 25 2 | typedef unsigned char BYTE; 3 | typedef unsigned long long SIZE; 4 | 5 | void permutation(BYTE *state); -------------------------------------------------------------------------------- /Ascon-128/Permutation/test_perm.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../../utils/utils.h" 4 | 5 | #include "ascon.h" 6 | #include "../tools/utils.h" 7 | 8 | void test_perm(); 9 | -------------------------------------------------------------------------------- /Instructions/Instr/test_perm.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../../utils/stdlibs.h" 4 | #include "../../utils/utils.h" 5 | 6 | #include "instr.h" 7 | 8 | void test_perm(); 9 | -------------------------------------------------------------------------------- /Keccak/Permutation/test_perm.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../../utils/stdlibs.h" 4 | #include "../../utils/utils.h" 5 | 6 | #include "keccakf1600.h" 7 | 8 | void test_perm(); 9 | -------------------------------------------------------------------------------- /Gimli/tools/utils.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../../utils/stdlibs.h" 4 | #include "../../utils/nist.h" 5 | 6 | void reset_state(uint32_t* x); 7 | 8 | void print_state(uint32_t* x); 9 | -------------------------------------------------------------------------------- /saturnin/tools/utils.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../../utils/stdlibs.h" 4 | #include "../../utils/nist.h" 5 | 6 | void reset_state(uint32_t* x); 7 | 8 | void print_state(uint32_t* x); 9 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/fork.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include "stub.h" 5 | 6 | int fork(void) 7 | { 8 | return _stub(EAGAIN); 9 | } 10 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/getpid.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | #include "weak_under_alias.h" 3 | 4 | int __wrap_getpid(void) 5 | { 6 | return 1; 7 | } 8 | weak_under_alias(getpid); 9 | -------------------------------------------------------------------------------- /Keccak-200/Permutation/keccak_x4.h: -------------------------------------------------------------------------------- 1 | #include 2 | #define maxNrRounds 18 3 | #define nrLanes 25 4 | 5 | void permutation_4(uint32_t *state); 6 | void permutation_4_c_opt(uint32_t *state); 7 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/wait.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include "stub.h" 5 | 6 | int wait(int* status) 7 | { 8 | return _stub(ECHILD); 9 | } 10 | -------------------------------------------------------------------------------- /murax/nosys/issaty.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Stub version. 3 | */ 4 | 5 | #include 6 | #undef errno 7 | extern int errno; 8 | 9 | int 10 | _isatty (int file) 11 | { 12 | errno = ENOSYS; 13 | return 0; 14 | } -------------------------------------------------------------------------------- /AES-LUT/Permutation/test_perm.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../../utils/stdlibs.h" 4 | #include "../../utils/utils.h" 5 | 6 | #include "aes.h" 7 | #include "rijndael-alg-fst.h" 8 | 9 | void test_perm(); 10 | -------------------------------------------------------------------------------- /Gimli/Permutation/test_perm.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../../utils/stdlibs.h" 4 | #include "../../utils/utils.h" 5 | 6 | #include "gimli.h" 7 | #include "../tools/utils.h" 8 | 9 | void test_perm(); 10 | -------------------------------------------------------------------------------- /murax/nosys/getpid.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Stub version. 3 | */ 4 | 5 | #include 6 | #undef errno 7 | extern int errno; 8 | 9 | int 10 | _getpid (void) 11 | { 12 | errno = ENOSYS; 13 | return -1; 14 | } 15 | -------------------------------------------------------------------------------- /saturnin/crypto_aead/saturninctrcascadev2/bs32/api.h: -------------------------------------------------------------------------------- 1 | #define CRYPTO_KEYBYTES 32 2 | #define CRYPTO_NSECBYTES 0 3 | #define CRYPTO_NPUBBYTES 16 4 | #define CRYPTO_ABYTES 32 5 | #define CRYPTO_NOOVERLAP 1 6 | -------------------------------------------------------------------------------- /saturnin/crypto_aead/saturninctrcascadev2/bs32x/api.h: -------------------------------------------------------------------------------- 1 | #define CRYPTO_KEYBYTES 32 2 | #define CRYPTO_NSECBYTES 0 3 | #define CRYPTO_NPUBBYTES 16 4 | #define CRYPTO_ABYTES 32 5 | #define CRYPTO_NOOVERLAP 1 6 | -------------------------------------------------------------------------------- /saturnin/crypto_aead/saturninctrcascadev2/bs64/api.h: -------------------------------------------------------------------------------- 1 | #define CRYPTO_KEYBYTES 32 2 | #define CRYPTO_NSECBYTES 0 3 | #define CRYPTO_NPUBBYTES 16 4 | #define CRYPTO_ABYTES 32 5 | #define CRYPTO_NOOVERLAP 1 6 | -------------------------------------------------------------------------------- /saturnin/crypto_aead/saturninctrcascadev2/ref/api.h: -------------------------------------------------------------------------------- 1 | #define CRYPTO_KEYBYTES 32 2 | #define CRYPTO_NSECBYTES 0 3 | #define CRYPTO_NPUBBYTES 16 4 | #define CRYPTO_ABYTES 32 5 | #define CRYPTO_NOOVERLAP 1 6 | -------------------------------------------------------------------------------- /utils/stdlibs.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | #include 5 | #include 6 | 7 | #ifdef MURAX 8 | #include "../murax/hal.h" 9 | #else 10 | #include 11 | #endif 12 | -------------------------------------------------------------------------------- /murax/nosys/close.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Stub version. 3 | */ 4 | 5 | #include 6 | #undef errno 7 | extern int errno; 8 | 9 | int 10 | _close (int fildes) 11 | { 12 | errno = ENOSYS; 13 | return -1; 14 | } 15 | -------------------------------------------------------------------------------- /AES-CTR-Bitsliced/Permutation/test_perm.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../../utils/stdlibs.h" 4 | #include "../../utils/utils.h" 5 | 6 | #include "aes.h" 7 | #include "rijndael-alg-fst.h" 8 | 9 | void test_perm(); 10 | -------------------------------------------------------------------------------- /murax/nosys/kill.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Stub version. 3 | */ 4 | 5 | #include 6 | #undef errno 7 | extern int errno; 8 | 9 | int 10 | _kill (int pid, 11 | int sig) 12 | { 13 | errno = ENOSYS; 14 | return -1; 15 | } 16 | -------------------------------------------------------------------------------- /Gimli/Permutation/gimli.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | 5 | void gimli(uint32_t *state); 6 | 7 | void gimli_asm(uint32_t *state); 8 | 9 | void gimli_c_opt(uint32_t *state); 10 | 11 | void gimli_c_opt2(uint32_t *state); -------------------------------------------------------------------------------- /Keccak-200/tools/utils.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../../utils/stdlibs.h" 4 | #include "../../utils/nist.h" 5 | 6 | void reset_state(uint32_t* x); 7 | 8 | void wipe_state(uint32_t* x); 9 | 10 | void print_state(uint32_t* x); 11 | -------------------------------------------------------------------------------- /saturnin/crypto_hash/crypto_hash.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | int crypto_hash(unsigned char *out, const unsigned char *in, unsigned long long inlen); 4 | 5 | int crypto_hash_asm(unsigned char *out, const unsigned char *in, unsigned long long inlen); 6 | -------------------------------------------------------------------------------- /test/test_hash.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include "../scheme.h" 3 | 4 | #ifdef crypto_hash 5 | 6 | #include "../utils/nist.h" 7 | #include "../utils/stdlibs.h" 8 | #include "../utils/utils.h" 9 | 10 | void test_crypto_hash(); 11 | 12 | #endif 13 | -------------------------------------------------------------------------------- /Ascon-128/make.incl.mk: -------------------------------------------------------------------------------- 1 | OPTS := -O3 2 | # Ascon-128/Permutation/%.o: CFLAGS += -O1 3 | Ascon-128/crypto_aead/opt64_C2_unrolled/%.o: OPTS := -O1 4 | Ascon-128/crypto_aead/opt64_C_unrolled/%.o: OPTS := -O1 5 | Ascon-128/crypto_aead/bi32/%.o: OPTS := -O1 6 | -------------------------------------------------------------------------------- /rweather/GIFT-COFB/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | 5 | #include "kat.h" 6 | #include "src/gift-cofb.h" 7 | 8 | #define crypto_aead_encrypt gift_cofb_aead_encrypt 9 | #define crypto_aead_decrypt gift_cofb_aead_decrypt 10 | -------------------------------------------------------------------------------- /rweather/SPIX/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/spix.h" 8 | 9 | #define crypto_aead_encrypt spix_aead_encrypt 10 | #define crypto_aead_decrypt spix_aead_decrypt 11 | -------------------------------------------------------------------------------- /rweather/WAGE/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/wage.h" 8 | 9 | #define crypto_aead_encrypt wage_aead_encrypt 10 | #define crypto_aead_decrypt wage_aead_decrypt 11 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/stub.h: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | #ifndef _SIFIVE_SYS_STUB_H 3 | #define _SIFIVE_SYS_STUB_H 4 | 5 | static inline int _stub(int err) 6 | { 7 | return -1; 8 | } 9 | 10 | #endif /* _SIFIVE_SYS_STUB_H */ 11 | -------------------------------------------------------------------------------- /rweather/ESTATE/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | 5 | #include "kat.h" 6 | #include "src/estate.h" 7 | 8 | #define crypto_aead_encrypt estate_twegift_aead_encrypt 9 | #define crypto_aead_decrypt estate_twegift_aead_decrypt 10 | -------------------------------------------------------------------------------- /rweather/HYENA/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/hyena.h" 8 | 9 | #define crypto_aead_encrypt hyena_aead_encrypt 10 | #define crypto_aead_decrypt hyena_aead_decrypt 11 | -------------------------------------------------------------------------------- /test/test_aead.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include "../scheme.h" 3 | 4 | #ifdef crypto_aead_encrypt 5 | 6 | #include "../utils/nist.h" 7 | #include "../utils/stdlibs.h" 8 | #include "../utils/utils.h" 9 | 10 | void test_crypto_aead(); 11 | 12 | #endif 13 | -------------------------------------------------------------------------------- /xoodyak/lc/api.h: -------------------------------------------------------------------------------- 1 | // HASH 2 | #define CRYPTO_BYTES 32 3 | 4 | // AEAD 5 | #define CRYPTO_KEYBYTES 16 6 | #define CRYPTO_NSECBYTES 0 7 | #define CRYPTO_NPUBBYTES 16 8 | #define CRYPTO_ABYTES 16 9 | #define CRYPTO_NOOVERLAP 1 10 | -------------------------------------------------------------------------------- /murax/nosys/read.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Stub version. 3 | */ 4 | 5 | #include 6 | #undef errno 7 | extern int errno; 8 | 9 | int 10 | _read (int file, 11 | char *ptr, 12 | int len) 13 | { 14 | errno = ENOSYS; 15 | return -1; 16 | } -------------------------------------------------------------------------------- /rweather/ACE/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | 5 | #include "kat.h" 6 | #include "src/ace.h" 7 | 8 | #define crypto_aead_encrypt ace_aead_encrypt 9 | #define crypto_aead_decrypt ace_aead_decrypt 10 | #define crypto_hash ace_hash 11 | -------------------------------------------------------------------------------- /xoodyak/asm/api.h: -------------------------------------------------------------------------------- 1 | // HASH 2 | #define CRYPTO_BYTES 32 3 | 4 | // AEAD 5 | #define CRYPTO_KEYBYTES 16 6 | #define CRYPTO_NSECBYTES 0 7 | #define CRYPTO_NPUBBYTES 16 8 | #define CRYPTO_ABYTES 16 9 | #define CRYPTO_NOOVERLAP 1 10 | -------------------------------------------------------------------------------- /xoodyak/ref/api.h: -------------------------------------------------------------------------------- 1 | // HASH 2 | #define CRYPTO_BYTES 32 3 | 4 | // AEAD 5 | #define CRYPTO_KEYBYTES 16 6 | #define CRYPTO_NSECBYTES 0 7 | #define CRYPTO_NPUBBYTES 16 8 | #define CRYPTO_ABYTES 16 9 | #define CRYPTO_NOOVERLAP 1 10 | -------------------------------------------------------------------------------- /xoodyak/rw_lu/api.h: -------------------------------------------------------------------------------- 1 | // HASH 2 | #define CRYPTO_BYTES 32 3 | 4 | // AEAD 5 | #define CRYPTO_KEYBYTES 16 6 | #define CRYPTO_NSECBYTES 0 7 | #define CRYPTO_NPUBBYTES 16 8 | #define CRYPTO_ABYTES 16 9 | #define CRYPTO_NOOVERLAP 1 10 | -------------------------------------------------------------------------------- /murax/bsp/vexriscv/init.c: -------------------------------------------------------------------------------- 1 | #include "weak_under_alias.h" 2 | 3 | void __weak__init() {} 4 | 5 | void __weak__fini() {} 6 | 7 | weak_under_alias(_init); 8 | weak_under_alias(_fini); 9 | 10 | void _exit(int code) { 11 | (void)code; 12 | while (1) {} 13 | } -------------------------------------------------------------------------------- /murax/nosys/lseek.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Stub version. 3 | */ 4 | 5 | #include 6 | #undef errno 7 | extern int errno; 8 | 9 | int 10 | _lseek (int file, 11 | int ptr, 12 | int dir) 13 | { 14 | errno = ENOSYS; 15 | return -1; 16 | } 17 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/close.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include "stub.h" 5 | #include "weak_under_alias.h" 6 | 7 | int __wrap_close(int fd) 8 | { 9 | return _stub(EBADF); 10 | } 11 | weak_under_alias(close); 12 | -------------------------------------------------------------------------------- /utils/getcycles.S: -------------------------------------------------------------------------------- 1 | .text 2 | 3 | .globl getcycles 4 | .align 2 5 | getcycles: 6 | #ifdef sim 7 | csrr a0, cycle 8 | #else 9 | csrr a1, mcycleh 10 | csrr a0, mcycle 11 | csrr a2, mcycleh 12 | bne a1, a2, getcycles 13 | #endif 14 | ret 15 | -------------------------------------------------------------------------------- /rweather/Grain-128AEAD/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/grain128.h" 8 | 9 | #define crypto_aead_encrypt grain128_aead_encrypt 10 | #define crypto_aead_decrypt grain128_aead_decrypt 11 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/kill.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include "stub.h" 5 | #include "weak_under_alias.h" 6 | 7 | int __wrap_kill(int pid, int sig) 8 | { 9 | return _stub(EINVAL); 10 | } 11 | weak_under_alias(kill); 12 | -------------------------------------------------------------------------------- /config.sh: -------------------------------------------------------------------------------- 1 | PREFIX=${PREFIX:-/opt/riscv/bin/riscv64-unknown-elf} 2 | AR=${AR:-${PREFIX}-ar} 3 | GCC=${GCC:-${PREFIX}-gcc} 4 | CLANG=clang 5 | GDB=${GDB:-${PREFIX}-gdb} 6 | OBJDUMP=${OBJDUMP:-${PREFIX}-objdump} 7 | OPENOCD=${OPENOCD:-/opt/riscv/bin/openocd} 8 | ECHO=${ECHO:-echo} 9 | -------------------------------------------------------------------------------- /murax/bsp/vexriscv/murax.ld: -------------------------------------------------------------------------------- 1 | OUTPUT_FORMAT("elf32-littleriscv", "elf32-littleriscv", "elf32-littleriscv") 2 | OUTPUT_ARCH(riscv) 3 | 4 | ENTRY( _start ) 5 | 6 | MEMORY 7 | { 8 | ram (wxa!ri) : ORIGIN = 0x80000000, LENGTH = 8k 9 | } 10 | 11 | INCLUDE volatile.ld 12 | -------------------------------------------------------------------------------- /rweather/Gimli/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | 5 | #include "kat.h" 6 | #include "src/gimli24.h" 7 | 8 | #define crypto_aead_encrypt gimli24_aead_encrypt 9 | #define crypto_aead_decrypt gimli24_aead_decrypt 10 | #define crypto_hash gimli24_hash 11 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/unlink.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include "stub.h" 5 | #include "weak_under_alias.h" 6 | 7 | int __wrap_unlink(const char* name) 8 | { 9 | return _stub(ENOENT); 10 | } 11 | weak_under_alias(unlink); 12 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/weak_under_alias.h: -------------------------------------------------------------------------------- 1 | #ifndef _BSP_LIBWRAP_WEAK_UNDER_ALIAS_H 2 | #define _BSP_LIBWRAP_WEAK_UNDER_ALIAS_H 3 | 4 | #define weak_under_alias(name) \ 5 | extern __typeof (__wrap_##name) __wrap__##name __attribute__ ((weak, alias ("__wrap_"#name))) 6 | 7 | #endif 8 | -------------------------------------------------------------------------------- /Keccak-200/Permutation/test_perm.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../../utils/stdlibs.h" 4 | #include "../../utils/utils.h" 5 | 6 | #include "../tools/utils.h" 7 | #include "keccak_x4.h" 8 | #include "keccak_ref.h" 9 | #include "interleaving.h" 10 | 11 | void test_perm(); 12 | -------------------------------------------------------------------------------- /murax/bsp/vexriscv/pqvexriscvicoboard.ld: -------------------------------------------------------------------------------- 1 | OUTPUT_FORMAT("elf32-littleriscv", "elf32-littleriscv", "elf32-littleriscv") 2 | OUTPUT_ARCH(riscv) 3 | 4 | ENTRY( _start ) 5 | 6 | MEMORY 7 | { 8 | ram (wxa!ri) : ORIGIN = 0x80000000, LENGTH = 1024K 9 | } 10 | 11 | INCLUDE volatile.ld 12 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/open.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include "stub.h" 5 | #include "weak_under_alias.h" 6 | 7 | int __wrap_open(const char* name, int flags, int mode) 8 | { 9 | return _stub(ENOENT); 10 | } 11 | weak_under_alias(open); 12 | -------------------------------------------------------------------------------- /rweather/Xoodyak/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/xoodyak.h" 8 | 9 | #define crypto_aead_encrypt xoodyak_aead_encrypt 10 | #define crypto_aead_decrypt xoodyak_aead_decrypt 11 | #define crypto_hash xoodyak_hash 12 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/link.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include "stub.h" 5 | #include "weak_under_alias.h" 6 | 7 | int __wrap_link(const char *old_name, const char *new_name) 8 | { 9 | return _stub(EMLINK); 10 | } 11 | weak_under_alias(link); 12 | -------------------------------------------------------------------------------- /murax/bsp/vexriscv/weak_under_alias.h: -------------------------------------------------------------------------------- 1 | #ifndef WEAK_UNDER_ALIAS_H 2 | #define WEAK_UNDER_ALIAS_H 3 | 4 | #define weak_under_alias(name) \ 5 | extern __typeof (__weak_##name) name __attribute__ ((weak, alias ("__weak_"#name))) 6 | 7 | #endif /* WEAK_UNDER_ALIAS_H */ 8 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/times.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include 5 | #include "stub.h" 6 | #include "weak_under_alias.h" 7 | 8 | clock_t __wrap_times(struct tms* buf) 9 | { 10 | return _stub(EACCES); 11 | } 12 | weak_under_alias(times); 13 | -------------------------------------------------------------------------------- /rweather/ORANGE/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/orange.h" 8 | 9 | #define crypto_aead_encrypt orange_zest_aead_encrypt 10 | #define crypto_aead_decrypt orange_zest_aead_decrypt 11 | #define crypto_hash orangish_hash 12 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/openat.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include "stub.h" 5 | #include "weak_under_alias.h" 6 | 7 | int __wrap_openat(int dirfd, const char* name, int flags, int mode) 8 | { 9 | return _stub(ENOENT); 10 | } 11 | weak_under_alias(openat); 12 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/execve.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include "stub.h" 5 | #include "weak_under_alias.h" 6 | 7 | int __wrap_execve(const char* name, char* const argv[], char* const env[]) 8 | { 9 | return _stub(ENOMEM); 10 | } 11 | weak_under_alias(execve); 12 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/isatty.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include "weak_under_alias.h" 5 | 6 | int __wrap_isatty(int fd) 7 | { 8 | if (fd == STDOUT_FILENO || fd == STDERR_FILENO) 9 | return 1; 10 | 11 | return 0; 12 | } 13 | weak_under_alias(isatty); 14 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/stat.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include 5 | #include "stub.h" 6 | #include "weak_under_alias.h" 7 | 8 | int __wrap_stat(const char* file, struct stat* st) 9 | { 10 | return _stub(EACCES); 11 | } 12 | weak_under_alias(stat); 13 | -------------------------------------------------------------------------------- /murax/nosys/fstat.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Stub version. 3 | */ 4 | 5 | 6 | #include 7 | #include 8 | #include 9 | #undef errno 10 | extern int errno; 11 | 12 | int 13 | _fstat (int fildes, 14 | struct stat *st) 15 | { 16 | errno = ENOSYS; 17 | return -1; 18 | } 19 | -------------------------------------------------------------------------------- /rweather/Subterranean/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/subterranean.h" 8 | 9 | #define crypto_aead_encrypt subterranean_aead_encrypt 10 | #define crypto_aead_decrypt subterranean_aead_decrypt 11 | #define crypto_hash subterranean_hash 12 | -------------------------------------------------------------------------------- /AES-LUT/Permutation/aes.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | 5 | void AES_128_keyschedule(const uint8_t *, uint8_t *); 6 | void AES_128_encrypt(const uint8_t *, const uint8_t *, uint8_t *); 7 | 8 | void AES_128_keyschedule_C(const uint8_t *, uint8_t *); 9 | void AES_128_encrypt_C(const uint8_t *, const uint8_t *, uint8_t *); -------------------------------------------------------------------------------- /Ascon-128/tools/utils.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include "../../utils/stdlibs.h" 4 | #include "../../utils/nist.h" 5 | #include "../Permutation/ascon.h" 6 | 7 | #define phi 0x9e3779b97f4a7c15 8 | 9 | static const state reset_state = { 1 * phi, 2 * phi, 3 * phi, 4 * phi, 5 * phi }; 10 | 11 | void print_state(state* x); 12 | void print_state_32(uint32_t* x); 13 | -------------------------------------------------------------------------------- /Instructions/Instr/lb.S: -------------------------------------------------------------------------------- 1 | .globl instr_lb 2 | .type instr_lb, %function 3 | .align 3 4 | instr_lb: 5 | lb a1, 0(a0); 6 | lb a1, 1(a0); 7 | lb a1, 2(a0); 8 | lb a1, 3(a0); 9 | lb a1, 4(a0); 10 | lb a1, 5(a0); 11 | lb a1, 6(a0); 12 | lb a1, 7(a0); 13 | lb a1, 8(a0); 14 | lb a1, 9(a0); 15 | ret 16 | .size instr_lb,.-instr_lb -------------------------------------------------------------------------------- /rweather/SpoC/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/spoc.h" 8 | 9 | #define crypto_aead_encrypt spoc_128_aead_encrypt 10 | #define crypto_aead_decrypt spoc_128_aead_decrypt 11 | #define crypto_aead_encrypt_2 spoc_64_aead_encrypt 12 | #define crypto_aead_decrypt_2 spoc_64_aead_decrypt -------------------------------------------------------------------------------- /Instructions/Instr/lw.S: -------------------------------------------------------------------------------- 1 | .globl instr_lw 2 | .type instr_lw, %function 3 | .align 3 4 | instr_lw: 5 | lw a1, 0(a0); 6 | lw a1, 4(a0); 7 | lw a1, 8(a0); 8 | lw a1, 12(a0); 9 | lw a1, 16(a0); 10 | lw a1, 20(a0); 11 | lw a1, 24(a0); 12 | lw a1, 28(a0); 13 | lw a1, 32(a0); 14 | lw a1, 36(a0); 15 | ret 16 | .size instr_lw,.-instr_lw -------------------------------------------------------------------------------- /Instructions/Instr/or.S: -------------------------------------------------------------------------------- 1 | .globl instr_or 2 | .type instr_or, %function 3 | .align 3 4 | instr_or: 5 | or a1, a2, a0; 6 | or a1, a2, a0; 7 | or a1, a2, a0; 8 | or a1, a2, a0; 9 | or a1, a2, a0; 10 | or a1, a2, a0; 11 | or a1, a2, a0; 12 | or a1, a2, a0; 13 | or a1, a2, a0; 14 | or a1, a2, a0; 15 | ret 16 | .size instr_or,.-instr_or -------------------------------------------------------------------------------- /murax/bsp/vexriscv/pqvexriscvsim.ld: -------------------------------------------------------------------------------- 1 | OUTPUT_FORMAT("elf32-littleriscv", "elf32-littleriscv", "elf32-littleriscv") 2 | OUTPUT_ARCH(riscv) 3 | 4 | ENTRY( _start ) 5 | 6 | __ram_size = 384K; 7 | 8 | MEMORY 9 | { 10 | rom (wxa!ri) : ORIGIN = 0x80000000, LENGTH = 256K 11 | ram (wxa!ri) : ORIGIN = 0x80040000, LENGTH = 128K 12 | } 13 | 14 | INCLUDE nonvolatile.ld 15 | -------------------------------------------------------------------------------- /murax/bsp/vexriscv/pqvexriscvup5k.ld: -------------------------------------------------------------------------------- 1 | OUTPUT_FORMAT("elf32-littleriscv", "elf32-littleriscv", "elf32-littleriscv") 2 | OUTPUT_ARCH(riscv) 3 | 4 | ENTRY( _start ) 5 | 6 | __ram_size = 128K; 7 | 8 | MEMORY 9 | { 10 | rom (wxa!ri) : ORIGIN = 0x80000000, LENGTH = 64K 11 | ram (wxa!ri) : ORIGIN = 0x80010000, LENGTH = 64K 12 | } 13 | 14 | INCLUDE volatile-split.ld 15 | -------------------------------------------------------------------------------- /murax/memcmp.c: -------------------------------------------------------------------------------- 1 | /* Public domain. */ 2 | #include 3 | 4 | int 5 | memcmp (const void *str1, const void *str2, size_t count) 6 | { 7 | const unsigned char *s1 = str1; 8 | const unsigned char *s2 = str2; 9 | 10 | while (count-- > 0) 11 | { 12 | if (*s1++ != *s2++) 13 | return s1[-1] < s2[-1] ? -1 : 1; 14 | } 15 | return 0; 16 | } 17 | -------------------------------------------------------------------------------- /rweather/LOTUS-AEAD/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/lotus-locus.h" 8 | 9 | #define crypto_aead_encrypt lotus_aead_encrypt 10 | #define crypto_aead_decrypt lotus_aead_decrypt 11 | #define crypto_aead_encrypt_2 locus_aead_encrypt 12 | #define crypto_aead_decrypt_2 locus_aead_decrypt 13 | -------------------------------------------------------------------------------- /sifive_sdk/include/clint.h: -------------------------------------------------------------------------------- 1 | // See LICENSE for license details 2 | 3 | #ifndef _SIFIVE_CLINT_H 4 | #define _SIFIVE_CLINT_H 5 | 6 | 7 | #define CLINT_MSIP 0x0000 8 | #define CLINT_MSIP_size 0x4 9 | #define CLINT_MTIMECMP 0x4000 10 | #define CLINT_MTIMECMP_size 0x8 11 | #define CLINT_MTIME 0xBFF8 12 | #define CLINT_MTIME_size 0x8 13 | 14 | #endif /* _SIFIVE_CLINT_H */ 15 | -------------------------------------------------------------------------------- /Delirium_opt/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define NO_CHECK 4 | 5 | #include "kat.h" 6 | #include "opt/crypto_aead.h" 7 | #include "ref/crypto_aead_ref.h" 8 | 9 | #define crypto_aead_encrypt elephant_encrypt_ref 10 | #define crypto_aead_decrypt elephant_decrypt_ref 11 | 12 | #define crypto_aead_encrypt_2 elephant_encrypt 13 | #define crypto_aead_decrypt_2 elephant_decrypt 14 | -------------------------------------------------------------------------------- /Instructions/Instr/ori.S: -------------------------------------------------------------------------------- 1 | .globl instr_ori 2 | .type instr_ori, %function 3 | .align 3 4 | instr_ori: 5 | ori a1, a2, 2; 6 | ori a1, a2, 2; 7 | ori a1, a2, 2; 8 | ori a1, a2, 2; 9 | ori a1, a2, 2; 10 | ori a1, a2, 2; 11 | ori a1, a2, 2; 12 | ori a1, a2, 2; 13 | ori a1, a2, 2; 14 | ori a1, a2, 2; 15 | ret 16 | .size instr_ori,.-instr_ori -------------------------------------------------------------------------------- /Instructions/Instr/sb.S: -------------------------------------------------------------------------------- 1 | .globl instr_sb 2 | .type instr_sb, %function 3 | .align 3 4 | instr_sb: 5 | sb zero, 0(a0); 6 | sb zero, 1(a0); 7 | sb zero, 2(a0); 8 | sb zero, 3(a0); 9 | sb zero, 4(a0); 10 | sb zero, 5(a0); 11 | sb zero, 6(a0); 12 | sb zero, 7(a0); 13 | sb zero, 8(a0); 14 | sb zero, 9(a0); 15 | ret 16 | .size instr_sb,.-instr_sb -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/lseek.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include 5 | #include 6 | #include "stub.h" 7 | #include "weak_under_alias.h" 8 | 9 | off_t __wrap_lseek(int fd, off_t ptr, int dir) 10 | { 11 | if (isatty(fd)) 12 | return 0; 13 | 14 | return _stub(EBADF); 15 | } 16 | weak_under_alias(lseek); 17 | -------------------------------------------------------------------------------- /Instructions/Instr/add.S: -------------------------------------------------------------------------------- 1 | .globl instr_add 2 | .type instr_add, %function 3 | .align 3 4 | instr_add: 5 | add a1, a2, a0; 6 | add a1, a2, a0; 7 | add a1, a2, a0; 8 | add a1, a2, a0; 9 | add a1, a2, a0; 10 | add a1, a2, a0; 11 | add a1, a2, a0; 12 | add a1, a2, a0; 13 | add a1, a2, a0; 14 | add a1, a2, a0; 15 | ret 16 | .size instr_add,.-instr_add -------------------------------------------------------------------------------- /Instructions/Instr/and.S: -------------------------------------------------------------------------------- 1 | .globl instr_and 2 | .type instr_and, %function 3 | .align 3 4 | instr_and: 5 | and a1, a2, a0; 6 | and a1, a2, a0; 7 | and a1, a2, a0; 8 | and a1, a2, a0; 9 | and a1, a2, a0; 10 | and a1, a2, a0; 11 | and a1, a2, a0; 12 | and a1, a2, a0; 13 | and a1, a2, a0; 14 | and a1, a2, a0; 15 | ret 16 | .size instr_and,.-instr_and -------------------------------------------------------------------------------- /Instructions/Instr/sll.S: -------------------------------------------------------------------------------- 1 | .globl instr_sll 2 | .type instr_sll, %function 3 | .align 3 4 | instr_sll: 5 | sll a1, a2, a0; 6 | sll a1, a2, a0; 7 | sll a1, a2, a0; 8 | sll a1, a2, a0; 9 | sll a1, a2, a0; 10 | sll a1, a2, a0; 11 | sll a1, a2, a0; 12 | sll a1, a2, a0; 13 | sll a1, a2, a0; 14 | sll a1, a2, a0; 15 | ret 16 | .size instr_sll,.-instr_sll -------------------------------------------------------------------------------- /Instructions/Instr/sra.S: -------------------------------------------------------------------------------- 1 | .globl instr_sra 2 | .type instr_sra, %function 3 | .align 3 4 | instr_sra: 5 | sra a1, a2, a0; 6 | sra a1, a2, a0; 7 | sra a1, a2, a0; 8 | sra a1, a2, a0; 9 | sra a1, a2, a0; 10 | sra a1, a2, a0; 11 | sra a1, a2, a0; 12 | sra a1, a2, a0; 13 | sra a1, a2, a0; 14 | sra a1, a2, a0; 15 | ret 16 | .size instr_sra,.-instr_sra -------------------------------------------------------------------------------- /Instructions/Instr/srl.S: -------------------------------------------------------------------------------- 1 | .globl instr_srl 2 | .type instr_srl, %function 3 | .align 3 4 | instr_srl: 5 | srl a1, a2, a0; 6 | srl a1, a2, a0; 7 | srl a1, a2, a0; 8 | srl a1, a2, a0; 9 | srl a1, a2, a0; 10 | srl a1, a2, a0; 11 | srl a1, a2, a0; 12 | srl a1, a2, a0; 13 | srl a1, a2, a0; 14 | srl a1, a2, a0; 15 | ret 16 | .size instr_srl,.-instr_srl -------------------------------------------------------------------------------- /Instructions/Instr/sub.S: -------------------------------------------------------------------------------- 1 | .globl instr_sub 2 | .type instr_sub, %function 3 | .align 3 4 | instr_sub: 5 | sub a1, a2, a0; 6 | sub a1, a2, a0; 7 | sub a1, a2, a0; 8 | sub a1, a2, a0; 9 | sub a1, a2, a0; 10 | sub a1, a2, a0; 11 | sub a1, a2, a0; 12 | sub a1, a2, a0; 13 | sub a1, a2, a0; 14 | sub a1, a2, a0; 15 | ret 16 | .size instr_sub,.-instr_sub -------------------------------------------------------------------------------- /Instructions/Instr/sw.S: -------------------------------------------------------------------------------- 1 | .globl instr_sw 2 | .type instr_sw, %function 3 | .align 3 4 | instr_sw: 5 | sw zero, 0(a0); 6 | sw zero, 4(a0); 7 | sw zero, 8(a0); 8 | sw zero, 12(a0); 9 | sw zero, 16(a0); 10 | sw zero, 20(a0); 11 | sw zero, 24(a0); 12 | sw zero, 28(a0); 13 | sw zero, 32(a0); 14 | sw zero, 36(a0); 15 | ret 16 | .size instr_sw,.-instr_sw -------------------------------------------------------------------------------- /Instructions/Instr/xor.S: -------------------------------------------------------------------------------- 1 | .globl instr_xor 2 | .type instr_xor, %function 3 | .align 3 4 | instr_xor: 5 | xor a1, a2, a0; 6 | xor a1, a2, a0; 7 | xor a1, a2, a0; 8 | xor a1, a2, a0; 9 | xor a1, a2, a0; 10 | xor a1, a2, a0; 11 | xor a1, a2, a0; 12 | xor a1, a2, a0; 13 | xor a1, a2, a0; 14 | xor a1, a2, a0; 15 | ret 16 | .size instr_xor,.-instr_xor -------------------------------------------------------------------------------- /Instructions/Instr/addi.S: -------------------------------------------------------------------------------- 1 | .globl instr_addi 2 | .type instr_addi, %function 3 | .align 3 4 | instr_addi: 5 | addi a1, a2, 1; 6 | addi a1, a2, 1; 7 | addi a1, a2, 1; 8 | addi a1, a2, 1; 9 | addi a1, a2, 1; 10 | addi a1, a2, 1; 11 | addi a1, a2, 1; 12 | addi a1, a2, 1; 13 | addi a1, a2, 1; 14 | addi a1, a2, 1; 15 | ret 16 | .size instr_addi,.-instr_addi -------------------------------------------------------------------------------- /Instructions/Instr/andi.S: -------------------------------------------------------------------------------- 1 | .globl instr_andi 2 | .type instr_andi, %function 3 | .align 3 4 | instr_andi: 5 | andi a1, a2, 1; 6 | andi a1, a2, 1; 7 | andi a1, a2, 1; 8 | andi a1, a2, 1; 9 | andi a1, a2, 1; 10 | andi a1, a2, 1; 11 | andi a1, a2, 1; 12 | andi a1, a2, 1; 13 | andi a1, a2, 1; 14 | andi a1, a2, 1; 15 | ret 16 | .size instr_andi,.-instr_andi -------------------------------------------------------------------------------- /Instructions/Instr/slli.S: -------------------------------------------------------------------------------- 1 | .globl instr_slli 2 | .type instr_slli, %function 3 | .align 3 4 | instr_slli: 5 | slli a1, a2, 1; 6 | slli a1, a2, 1; 7 | slli a1, a2, 1; 8 | slli a1, a2, 1; 9 | slli a1, a2, 1; 10 | slli a1, a2, 1; 11 | slli a1, a2, 1; 12 | slli a1, a2, 1; 13 | slli a1, a2, 1; 14 | slli a1, a2, 1; 15 | ret 16 | .size instr_slli,.-instr_slli -------------------------------------------------------------------------------- /Instructions/Instr/srai.S: -------------------------------------------------------------------------------- 1 | .globl instr_srai 2 | .type instr_srai, %function 3 | .align 3 4 | instr_srai: 5 | srai a1, a2, 1; 6 | srai a1, a2, 1; 7 | srai a1, a2, 1; 8 | srai a1, a2, 1; 9 | srai a1, a2, 1; 10 | srai a1, a2, 1; 11 | srai a1, a2, 1; 12 | srai a1, a2, 1; 13 | srai a1, a2, 1; 14 | srai a1, a2, 1; 15 | ret 16 | .size instr_srai,.-instr_srai -------------------------------------------------------------------------------- /Instructions/Instr/srli.S: -------------------------------------------------------------------------------- 1 | .globl instr_srli 2 | .type instr_srli, %function 3 | .align 3 4 | instr_srli: 5 | srli a1, a2, 1; 6 | srli a1, a2, 1; 7 | srli a1, a2, 1; 8 | srli a1, a2, 1; 9 | srli a1, a2, 1; 10 | srli a1, a2, 1; 11 | srli a1, a2, 1; 12 | srli a1, a2, 1; 13 | srli a1, a2, 1; 14 | srli a1, a2, 1; 15 | ret 16 | .size instr_srli,.-instr_srli -------------------------------------------------------------------------------- /saturnin/tools/utils.c: -------------------------------------------------------------------------------- 1 | #include "utils.h" 2 | 3 | void reset_state(uint32_t* x) 4 | { 5 | int i; 6 | for (i = 0;i < 12;++i) x[i] = i * i * i + i * 0x9e3779b9; 7 | } 8 | 9 | void print_state(uint32_t* x) 10 | { 11 | int i; 12 | printf("----------------------\n"); 13 | for (i = 0;i < 12;++i) { 14 | printf("%08lx ",x[i]); 15 | if (i % 4 == 3) printf("\n"); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /rweather/Oribatida/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/oribatida.h" 8 | 9 | #define crypto_aead_encrypt oribatida_256_aead_encrypt 10 | #define crypto_aead_decrypt oribatida_256_aead_decrypt 11 | #define crypto_aead_encrypt_2 oribatida_192_aead_encrypt 12 | #define crypto_aead_decrypt_2 oribatida_192_aead_decrypt 13 | -------------------------------------------------------------------------------- /Instructions/Instr/xori.S: -------------------------------------------------------------------------------- 1 | .globl instr_xori 2 | .type instr_xori, %function 3 | .align 3 4 | instr_xori: 5 | xori a1, a2, -1; 6 | xori a1, a2, -1; 7 | xori a1, a2, -1; 8 | xori a1, a2, -1; 9 | xori a1, a2, -1; 10 | xori a1, a2, -1; 11 | xori a1, a2, -1; 12 | xori a1, a2, -1; 13 | xori a1, a2, -1; 14 | xori a1, a2, -1; 15 | ret 16 | .size instr_xori,.-instr_xori -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/fstat.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include 5 | #include 6 | #include "stub.h" 7 | #include "weak_under_alias.h" 8 | 9 | int __wrap_fstat(int fd, struct stat* st) 10 | { 11 | if (isatty(fd)) { 12 | st->st_mode = S_IFCHR; 13 | return 0; 14 | } 15 | 16 | return _stub(EBADF); 17 | } 18 | weak_under_alias(fstat); 19 | -------------------------------------------------------------------------------- /rweather/Saturnin/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/saturnin.h" 8 | 9 | #define crypto_aead_encrypt saturnin_aead_encrypt 10 | #define crypto_aead_decrypt saturnin_aead_decrypt 11 | #define crypto_aead_encrypt_2 saturnin_short_aead_encrypt 12 | #define crypto_aead_decrypt_2 saturnin_short_aead_decrypt 13 | #define crypto_hash saturnin_hash 14 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/stdlib/malloc.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE for license details. */ 2 | 3 | /* These functions are intended for embedded RV32 systems and are 4 | obviously incorrect in general. */ 5 | 6 | void* __wrap_malloc(unsigned long sz) 7 | { 8 | extern void* sbrk(long); 9 | void* res = sbrk(sz); 10 | if ((long)res == -1) 11 | return 0; 12 | return res; 13 | } 14 | 15 | void __wrap_free(void* ptr) 16 | { 17 | } 18 | -------------------------------------------------------------------------------- /Delirium_opt/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // aead related 12 | #define CRYPTO_KEYBYTES 16 13 | #define CRYPTO_NSECBYTES 0 14 | #define CRYPTO_NPUBBYTES 12 15 | #define CRYPTO_ABYTES 16 16 | #define CRYPTO_NOOVERLAP 1 17 | -------------------------------------------------------------------------------- /Gimli/tools/utils.c: -------------------------------------------------------------------------------- 1 | #include "utils.h" 2 | 3 | void reset_state(uint32_t *x) { 4 | int i; 5 | for (i = 0; i < 12; ++i) 6 | x[i] = i * i * i + i * 0x9e3779b9; 7 | } 8 | 9 | void print_state(uint32_t *x) { 10 | int i; 11 | printf("----------------------\n"); 12 | for (i = 0; i < 12; ++i) { 13 | printf("%08lx ", (unsigned long)x[i]); 14 | if (i % 4 == 3) 15 | printf("\n"); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.elf 2 | *.o 3 | .vscode 4 | *.a 5 | __pycache__ 6 | *.idea 7 | **/NIST 8 | *.dump 9 | *.log 10 | !bench.log 11 | -* 12 | scheme.h 13 | /Makefile 14 | /custom-build.sh 15 | 16 | # Compilation files for verilator/vexriscv/openocd/GDB 17 | main.bin 18 | main.elf 19 | main.hex 20 | mainOVPmain 21 | main 22 | 23 | #created by GDB 24 | core 25 | 26 | .gdb_history 27 | 28 | target/ 29 | result* 30 | 31 | rweather/**/src 32 | collection.bib.bck -------------------------------------------------------------------------------- /Ascon-128/crypto_aead/opt64_asm/permutations.h: -------------------------------------------------------------------------------- 1 | #ifndef PERMUTATIONS_H_ 2 | #define PERMUTATIONS_H_ 3 | 4 | #include "../../Permutation/ascon.h" 5 | 6 | #define EXT_BYTE64(x, n) ((u8)((u64)(x) >> (8 * (7 - (n))))) 7 | #define INS_BYTE64(x, n) ((u64)(x) << (8 * (7 - (n)))) 8 | #define ROTR64(x, n) (((x) >> (n)) | ((x) << (64 - (n)))) 9 | 10 | #define P12() (ascon_asm(&s, 0xf0)) 11 | #define P6() (ascon_asm(&s, 0x96)) 12 | 13 | #endif // PERMUTATIONS_H_ 14 | -------------------------------------------------------------------------------- /murax/hal.h: -------------------------------------------------------------------------------- 1 | #ifndef VECRISCV_HAL_H_ 2 | #define VECRISCV_HAL_H_ 3 | 4 | #include 5 | #include 6 | #include 7 | 8 | #define printf printf_ 9 | 10 | void hal_send(const uint8_t* in, const size_t len); 11 | void hal_send_str(const char* in); 12 | 13 | int printf_(const char* format, ...); 14 | 15 | void _putchar(char c); 16 | void _write(int fd, const void* ptr, size_t len); 17 | 18 | #endif /* VECRISCV_HAL_H_ */ 19 | -------------------------------------------------------------------------------- /rweather/PHOTON-Beetle/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/photon-beetle.h" 8 | 9 | #define crypto_aead_encrypt photon_beetle_128_aead_encrypt 10 | #define crypto_aead_decrypt photon_beetle_128_aead_decrypt 11 | #define crypto_aead_encrypt_2 photon_beetle_32_aead_encrypt 12 | #define crypto_aead_decrypt_2 photon_beetle_32_aead_decrypt 13 | #define crypto_hash photon_beetle_hash 14 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/_exit.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include "platform.h" 5 | #include "weak_under_alias.h" 6 | 7 | void __wrap_exit(int code) 8 | { 9 | const char message[] = "\nProgam has exited with code:"; 10 | 11 | write(STDERR_FILENO, message, sizeof(message) - 1); 12 | write_hex(STDERR_FILENO, code); 13 | write(STDERR_FILENO, "\n", 1); 14 | 15 | for (;;); 16 | } 17 | weak_under_alias(exit); 18 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/sbrk.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include "weak_under_alias.h" 5 | 6 | void *__wrap_sbrk(ptrdiff_t incr) 7 | { 8 | extern char _end[]; 9 | extern char _heap_end[]; 10 | static char *curbrk = _end; 11 | 12 | if ((curbrk + incr < _end) || (curbrk + incr > _heap_end)) 13 | return NULL - 1; 14 | 15 | curbrk += incr; 16 | return curbrk - incr; 17 | } 18 | weak_under_alias(sbrk); 19 | -------------------------------------------------------------------------------- /rweather/DryGASCON/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/drygascon.h" 8 | 9 | #define crypto_aead_encrypt drygascon128_aead_encrypt 10 | #define crypto_aead_decrypt drygascon128_aead_decrypt 11 | #define crypto_aead_encrypt_2 drygascon256_aead_encrypt 12 | #define crypto_aead_decrypt_2 drygascon256_aead_decrypt 13 | #define crypto_hash drygascon128_hash 14 | #define crypto_hash_2 drygascon256_hash -------------------------------------------------------------------------------- /rweather/Elephant/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/elephant.h" 8 | 9 | #define crypto_aead_encrypt dumbo_aead_encrypt 10 | #define crypto_aead_decrypt dumbo_aead_decrypt 11 | #define crypto_aead_encrypt_2 jumbo_aead_encrypt 12 | #define crypto_aead_decrypt_2 jumbo_aead_decrypt 13 | #define crypto_aead_encrypt_3 delirium_aead_encrypt 14 | #define crypto_aead_decrypt_3 delirium_aead_decrypt 15 | -------------------------------------------------------------------------------- /sifive_sdk/include/const.h: -------------------------------------------------------------------------------- 1 | // See LICENSE for license details. 2 | /* Derived from */ 3 | 4 | #ifndef _SIFIVE_CONST_H 5 | #define _SIFIVE_CONST_H 6 | 7 | #ifdef __ASSEMBLER__ 8 | #define _AC(X,Y) X 9 | #define _AT(T,X) X 10 | #else 11 | #define _AC(X,Y) (X##Y) 12 | #define _AT(T,X) ((T)(X)) 13 | #endif /* !__ASSEMBLER__*/ 14 | 15 | #define _BITUL(x) (_AC(1,UL) << (x)) 16 | #define _BITULL(x) (_AC(1,ULL) << (x)) 17 | 18 | #endif /* _SIFIVE_CONST_H */ 19 | -------------------------------------------------------------------------------- /utils/nist.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #ifdef MURAX 4 | #include "../murax/hal.h" 5 | #else 6 | #include 7 | #endif 8 | 9 | void print_bstr(const char *label, const unsigned char *data, unsigned long long length); 10 | 11 | void init_buffer(unsigned char *buffer, unsigned long long numbytes); 12 | 13 | void xor_bstr(unsigned char *out, const unsigned char *in, 14 | unsigned long long numbytes); 15 | 16 | void highlight_tag(const char *label, unsigned long long numbytes, unsigned long long taglen); -------------------------------------------------------------------------------- /rweather/TinyJAMBU/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/tinyjambu.h" 8 | 9 | #define crypto_aead_encrypt tiny_jambu_128_aead_encrypt 10 | #define crypto_aead_decrypt tiny_jambu_128_aead_decrypt 11 | #define crypto_aead_encrypt_2 tiny_jambu_192_aead_encrypt 12 | #define crypto_aead_decrypt_2 tiny_jambu_192_aead_decrypt 13 | #define crypto_aead_encrypt_3 tiny_jambu_256_aead_encrypt 14 | #define crypto_aead_decrypt_3 tiny_jambu_256_aead_decrypt 15 | -------------------------------------------------------------------------------- /saturnin/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | #define MAX_MESSAGE_LENGTH_HASH 128 14 | 15 | // aead related 16 | #define CRYPTO_KEYBYTES 32 17 | #define CRYPTO_NSECBYTES 0 18 | #define CRYPTO_NPUBBYTES 16 19 | #define CRYPTO_ABYTES 32 20 | #define CRYPTO_NOOVERLAP 1 21 | -------------------------------------------------------------------------------- /Delirium_opt/opt/interleaving.h: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | typedef unsigned long long SIZE; 4 | 5 | void interleave_4_blocks(uint32_t *output, const uint8_t *input1, 6 | const uint8_t *input2, const uint8_t *input3, 7 | const uint8_t *input4, const SIZE size); 8 | 9 | void deinterleave_uint32_to_blocks(uint8_t *output1, uint8_t *output2, 10 | uint8_t *output3, uint8_t *output4, 11 | const uint32_t *input, const SIZE size); 12 | -------------------------------------------------------------------------------- /Gimli/crypto_hash/crypto_hash.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | int crypto_hash(unsigned char *out, const unsigned char *in, 4 | unsigned long long inlen); 5 | 6 | int crypto_hash_asm(unsigned char *out, const unsigned char *in, 7 | unsigned long long inlen); 8 | 9 | int crypto_hash_c_opt(unsigned char *out, const unsigned char *in, 10 | unsigned long long inlen); 11 | 12 | int crypto_hash_c_opt_unrolled(unsigned char *out, const unsigned char *in, 13 | unsigned long long inlen); 14 | -------------------------------------------------------------------------------- /Keccak-200/Permutation/interleaving.h: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | typedef unsigned long long SIZE; 4 | 5 | void interleave_4_blocks(uint32_t *output, const uint8_t *input1, 6 | const uint8_t *input2, const uint8_t *input3, 7 | const uint8_t *input4, const SIZE size); 8 | 9 | void deinterleave_uint32_to_blocks(uint8_t *output1, uint8_t *output2, 10 | uint8_t *output3, uint8_t *output4, 11 | const uint32_t *input, const SIZE size); 12 | -------------------------------------------------------------------------------- /rweather/COMET/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/comet.h" 8 | 9 | // need to check for comet_64_cham_aead 10 | #define crypto_aead_encrypt comet_128_cham_aead_encrypt 11 | #define crypto_aead_decrypt comet_128_cham_aead_decrypt 12 | #define crypto_aead_encrypt_2 comet_64_speck_aead_encrypt 13 | #define crypto_aead_decrypt_2 comet_64_speck_aead_decrypt 14 | #define crypto_aead_encrypt_3 comet_64_cham_aead_encrypt 15 | #define crypto_aead_decrypt_3 comet_64_cham_aead_decrypt 16 | -------------------------------------------------------------------------------- /Delirium_opt/ref/elephant_200_ref.h: -------------------------------------------------------------------------------- 1 | #include "../kat.h" 2 | #include "crypto_aead_ref.h" 3 | #include 4 | #include 5 | #include "keccak_ref.h" 6 | 7 | #ifndef ELEPHANT_200 8 | #define ELEPHANT_200 9 | 10 | #define BLOCK_SIZE 25 11 | typedef unsigned char BYTE; 12 | typedef unsigned long long SIZE; 13 | 14 | void lfsr_step_ref(BYTE* output, BYTE* input); 15 | 16 | void get_ad_block(BYTE* output, const BYTE* ad, SIZE adlen, const BYTE* npub, SIZE i); 17 | 18 | void get_c_block(BYTE* output, const BYTE* c, SIZE clen, SIZE i); 19 | 20 | #endif -------------------------------------------------------------------------------- /xoodyak/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 128 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 -------------------------------------------------------------------------------- /Gimli/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | #define MAX_MESSAGE_LENGTH_HASH 128 14 | // #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 32 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/misc/write_hex.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include 5 | #include "platform.h" 6 | 7 | void write_hex(int fd, unsigned long int hex) 8 | { 9 | uint8_t ii; 10 | uint8_t jj; 11 | char towrite; 12 | write(fd , "0x", 2); 13 | for (ii = sizeof(unsigned long int) * 2 ; ii > 0; ii--) { 14 | jj = ii - 1; 15 | uint8_t digit = ((hex & (0xF << (jj*4))) >> (jj*4)); 16 | towrite = digit < 0xA ? ('0' + digit) : ('A' + (digit - 0xA)); 17 | write(fd, &towrite, 1); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /Ascon-128/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | #define MAX_MESSAGE_LENGTH_HASH 128 14 | // #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /Keccak-200/tools/utils.c: -------------------------------------------------------------------------------- 1 | #include "utils.h" 2 | 3 | void reset_state(uint32_t *x) { 4 | int i; 5 | for (i = 0; i < 25; ++i) 6 | x[i] = i * i * i + i * 0x9e3779b9; 7 | } 8 | 9 | void wipe_state(uint32_t *x) { 10 | int i; 11 | for (i = 0; i < 25; ++i) 12 | x[i] = 0; 13 | } 14 | 15 | void print_state(uint32_t *x) { 16 | int i; 17 | printf("----------------------\n"); 18 | for (i = 0; i < 25; ++i) { 19 | printf("%08lx ", (unsigned long)x[i]); 20 | if (i % 5 == 4) 21 | printf("\n"); 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /rweather/ACE/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /sparkle/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 48 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 128 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 32 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 32 20 | #define CRYPTO_ABYTES 32 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/ASCON/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 20 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/COMET/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/ESTATE/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/Elephant/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 12 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/ForkAE/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/HYENA/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 12 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/ISAP/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/KNOT/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 64 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 32 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 32 20 | #define CRYPTO_ABYTES 32 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/ORANGE/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/Pyjamask/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 12 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/Romulus/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/SPARKLE/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 48 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 32 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 32 20 | #define CRYPTO_ABYTES 32 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/SPIX/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/Saturnin/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 32 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 32 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/SpoC/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/TinyJAMBU/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 32 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 12 20 | #define CRYPTO_ABYTES 8 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/WAGE/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/Xoodyak/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/DryGASCON/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 64 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 32 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 32 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/Grain-128AEAD/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 8 20 | #define CRYPTO_ABYTES 12 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/LOTUS-AEAD/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 8 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/Oribatida/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/PHOTON-Beetle/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/SKINNY-AEAD/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/SUNDAE-GIFT/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/Subterranean/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 16 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /AES-CTR-Bitsliced/Permutation/aes.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | 5 | typedef struct param { 6 | uint8_t nonce[12]; 7 | uint8_t ctr[4]; 8 | uint8_t rk[2 * 11 * 16]; 9 | } param; 10 | 11 | extern uint32_t AESTable[1024]; 12 | 13 | extern void AES_128_keyschedule(const uint8_t *, uint8_t *); 14 | extern void AES_128_encrypt_ctr(param const *, const uint8_t *, uint8_t *, 15 | uint32_t); 16 | 17 | void AES_128_keyschedule_C(const uint8_t *, uint8_t *); 18 | void AES_128_encrypt_ctr_C(param const *, const uint8_t *, uint8_t *, uint32_t); -------------------------------------------------------------------------------- /Keccak/Permutation/keccakf1600.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | 5 | typedef struct reg { 6 | uint32_t a2; 7 | uint32_t a3; 8 | uint32_t a4; 9 | uint32_t a5; 10 | uint32_t a6; 11 | uint32_t a7; 12 | uint32_t t0; 13 | uint32_t t1; 14 | uint32_t t2; 15 | uint32_t t3; 16 | uint32_t t4; 17 | uint32_t t5; 18 | uint32_t t6; 19 | uint32_t s0; 20 | uint32_t s1; 21 | uint32_t s2; 22 | uint32_t s3; 23 | uint32_t s4; 24 | } reg; 25 | 26 | 27 | extern void keccakf1600(uint32_t *lanes); 28 | void keccakf1600_C(uint32_t *lanes); 29 | -------------------------------------------------------------------------------- /rweather/Gimli/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 32 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/Spook/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 32 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /rweather/GIFT-COFB/kat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define KAT_SUCCESS 0 4 | #define KAT_FILE_OPEN_ERROR -1 5 | #define KAT_DATA_ERROR -3 6 | #define KAT_CRYPTO_FAILURE -4 7 | 8 | #define MAX_MESSAGE_LENGTH_AEAD 128 9 | #define MAX_ASSOCIATED_DATA_LENGTH 128 10 | 11 | // hash related 12 | #define CRYPTO_BYTES 32 13 | // #define MAX_MESSAGE_LENGTH_HASH 1024 14 | #define MAX_MESSAGE_LENGTH_HASH 32 15 | 16 | // aead related 17 | #define CRYPTO_KEYBYTES 32 18 | #define CRYPTO_NSECBYTES 0 19 | #define CRYPTO_NPUBBYTES 16 20 | #define CRYPTO_ABYTES 16 21 | #define CRYPTO_NOOVERLAP 1 22 | -------------------------------------------------------------------------------- /xoodyak/asm/crypto_aead.h: -------------------------------------------------------------------------------- 1 | 2 | int crypto_aead_encrypt_asm( 3 | unsigned char *c, unsigned long long *clen, 4 | const unsigned char *m, unsigned long long mlen, 5 | const unsigned char *ad, unsigned long long adlen, 6 | const unsigned char *nsec, 7 | const unsigned char *npub, 8 | const unsigned char *k); 9 | 10 | int crypto_aead_decrypt_asm( 11 | unsigned char *m, unsigned long long *mlen, 12 | unsigned char *nsec, 13 | const unsigned char *c, unsigned long long clen, 14 | const unsigned char *ad, unsigned long long adlen, 15 | const unsigned char *npub, 16 | const unsigned char *k); -------------------------------------------------------------------------------- /xoodyak/lc/crypto_aead.h: -------------------------------------------------------------------------------- 1 | 2 | int crypto_aead_encrypt_lc( 3 | unsigned char *c, unsigned long long *clen, 4 | const unsigned char *m, unsigned long long mlen, 5 | const unsigned char *ad, unsigned long long adlen, 6 | const unsigned char *nsec, 7 | const unsigned char *npub, 8 | const unsigned char *k); 9 | 10 | int crypto_aead_decrypt_lc( 11 | unsigned char *m, unsigned long long *mlen, 12 | unsigned char *nsec, 13 | const unsigned char *c, unsigned long long clen, 14 | const unsigned char *ad, unsigned long long adlen, 15 | const unsigned char *npub, 16 | const unsigned char *k); -------------------------------------------------------------------------------- /xoodyak/ref/crypto_aead.h: -------------------------------------------------------------------------------- 1 | 2 | int crypto_aead_encrypt_ref( 3 | unsigned char *c, unsigned long long *clen, 4 | const unsigned char *m, unsigned long long mlen, 5 | const unsigned char *ad, unsigned long long adlen, 6 | const unsigned char *nsec, 7 | const unsigned char *npub, 8 | const unsigned char *k); 9 | 10 | int crypto_aead_decrypt_ref( 11 | unsigned char *m, unsigned long long *mlen, 12 | unsigned char *nsec, 13 | const unsigned char *c, unsigned long long clen, 14 | const unsigned char *ad, unsigned long long adlen, 15 | const unsigned char *npub, 16 | const unsigned char *k); -------------------------------------------------------------------------------- /xoodyak/rw_lu/crypto_aead.h: -------------------------------------------------------------------------------- 1 | 2 | int crypto_aead_encrypt_rw_lu( 3 | unsigned char *c, unsigned long long *clen, 4 | const unsigned char *m, unsigned long long mlen, 5 | const unsigned char *ad, unsigned long long adlen, 6 | const unsigned char *nsec, 7 | const unsigned char *npub, 8 | const unsigned char *k); 9 | 10 | int crypto_aead_decrypt_rw_lu( 11 | unsigned char *m, unsigned long long *mlen, 12 | unsigned char *nsec, 13 | const unsigned char *c, unsigned long long clen, 14 | const unsigned char *ad, unsigned long long adlen, 15 | const unsigned char *npub, 16 | const unsigned char *k); -------------------------------------------------------------------------------- /Gimli/Permutation/cycle anaylsis.text: -------------------------------------------------------------------------------- 1 | 2124 cycles total. 2 | 3 | 62 from loads and stores 4 | 1836 cycles from the permutation (unrolled) 5 | 6 | Left 226 cycles comes from the loop implementation: 7 | 8 | 2 cycles to load the 0x9e377901 constant 9 | 4 cycles to load the constants 1 2 3 24 (1, 2, 3 are used in comparisons) 10 | -1 per round = 24 cycles 11 | &3 per round = 24 cycles 12 | beq 0 = 24 cycles 13 | beq 1 = 24 cycles 14 | beq 3 = 18 cycles 15 | beq 2 = 12 cycles 16 | swaps are implemented with 3 xor each. thus 6 x 12 cycles 17 | jump = 12 cycles 18 | 2+4+24+24+24+24+18+12+(6×12)+12 = 216 19 | 10 cycles left 20 | 21 | no clue. 22 | -------------------------------------------------------------------------------- /rweather/ISAP/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/isap.h" 8 | 9 | #define crypto_aead_encrypt isap_keccak_128a_aead_encrypt 10 | #define crypto_aead_decrypt isap_keccak_128a_aead_decrypt 11 | #define crypto_aead_encrypt_2 isap_ascon_128a_aead_encrypt 12 | #define crypto_aead_decrypt_2 isap_ascon_128a_aead_decrypt 13 | #define crypto_aead_encrypt_3 isap_keccak_128_aead_encrypt 14 | #define crypto_aead_decrypt_3 isap_keccak_128_aead_decrypt 15 | #define crypto_aead_encrypt_4 isap_ascon_128_aead_encrypt 16 | #define crypto_aead_decrypt_4 isap_ascon_128_aead_decrypt 17 | -------------------------------------------------------------------------------- /Delirium_opt/opt/elephant_200.h: -------------------------------------------------------------------------------- 1 | #include "../kat.h" 2 | #include "crypto_aead.h" 3 | #include "interleaving.h" 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include "keccak.h" 9 | #include 10 | 11 | #ifndef ELEPHANT_200 12 | #define ELEPHANT_200 13 | 14 | #define BLOCK_SIZE 25 15 | typedef unsigned long long SIZE; 16 | 17 | void lfsr_step(uint8_t *output, uint8_t *input); 18 | 19 | // void get_c_block_4(uint32_t *output, const uint32_t *c, uint32_t clen, uint32_t i); 20 | 21 | // void get_ad_block_4(uint32_t *output, const uint32_t *ad, uint32_t adlen, uint32_t i); 22 | 23 | #endif 24 | -------------------------------------------------------------------------------- /rweather/Pyjamask/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/pyjamask.h" 8 | 9 | #define crypto_aead_encrypt pyjamask_128_aead_encrypt 10 | #define crypto_aead_decrypt pyjamask_128_aead_decrypt 11 | #define crypto_aead_encrypt_2 pyjamask_masked_128_aead_encrypt 12 | #define crypto_aead_decrypt_2 pyjamask_masked_128_aead_decrypt 13 | #define crypto_aead_encrypt_3 pyjamask_96_aead_encrypt 14 | #define crypto_aead_decrypt_3 pyjamask_96_aead_decrypt 15 | #define crypto_aead_encrypt_4 pyjamask_masked_96_aead_encrypt 16 | #define crypto_aead_decrypt_4 pyjamask_masked_96_aead_decrypt 17 | -------------------------------------------------------------------------------- /rweather/SUNDAE-GIFT/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/sundae-gift.h" 8 | 9 | #define crypto_aead_encrypt sundae_gift_0_aead_encrypt 10 | #define crypto_aead_decrypt sundae_gift_0_aead_decrypt 11 | #define crypto_aead_encrypt_2 sundae_gift_64_aead_encrypt 12 | #define crypto_aead_decrypt_2 sundae_gift_64_aead_decrypt 13 | #define crypto_aead_encrypt_3 sundae_gift_96_aead_encrypt 14 | #define crypto_aead_decrypt_3 sundae_gift_96_aead_decrypt 15 | #define crypto_aead_encrypt_4 sundae_gift_128_aead_encrypt 16 | #define crypto_aead_decrypt_4 sundae_gift_128_aead_decrypt 17 | -------------------------------------------------------------------------------- /rweather/Spook/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/spook.h" 8 | 9 | #define crypto_aead_encrypt spook_128_512_su_aead_encrypt 10 | #define crypto_aead_decrypt spook_128_512_su_aead_decrypt 11 | #define crypto_aead_encrypt_2 spook_128_384_su_aead_encrypt 12 | #define crypto_aead_decrypt_2 spook_128_384_su_aead_decrypt 13 | #define crypto_aead_encrypt_3 spook_128_512_mu_aead_encrypt 14 | #define crypto_aead_decrypt_3 spook_128_512_mu_aead_decrypt 15 | #define crypto_aead_encrypt_4 spook_128_384_mu_aead_encrypt 16 | #define crypto_aead_decrypt_4 spook_128_384_mu_aead_decrypt 17 | -------------------------------------------------------------------------------- /sifive_sdk/include/otp.h: -------------------------------------------------------------------------------- 1 | // See LICENSE for license details. 2 | 3 | #ifndef _SIFIVE_OTP_H 4 | #define _SIFIVE_OTP_H 5 | 6 | /* Register offsets */ 7 | 8 | #define OTP_LOCK 0x00 9 | #define OTP_CK 0x04 10 | #define OTP_OE 0x08 11 | #define OTP_SEL 0x0C 12 | #define OTP_WE 0x10 13 | #define OTP_MR 0x14 14 | #define OTP_MRR 0x18 15 | #define OTP_MPP 0x1C 16 | #define OTP_VRREN 0x20 17 | #define OTP_VPPEN 0x24 18 | #define OTP_A 0x28 19 | #define OTP_D 0x2C 20 | #define OTP_Q 0x30 21 | #define OTP_READ_TIMINGS 0x34 22 | 23 | #endif 24 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/puts.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include 5 | #include 6 | #include 7 | 8 | #include "platform.h" 9 | #include "stub.h" 10 | #include "weak_under_alias.h" 11 | 12 | int __wrap_puts(const char *s) 13 | { 14 | while (*s != '\0') { 15 | while (UART0_REG(UART_REG_TXFIFO) & 0x80000000) ; 16 | UART0_REG(UART_REG_TXFIFO) = *s; 17 | 18 | if (*s == '\n') { 19 | while (UART0_REG(UART_REG_TXFIFO) & 0x80000000) ; 20 | UART0_REG(UART_REG_TXFIFO) = '\r'; 21 | } 22 | 23 | ++s; 24 | } 25 | 26 | return 0; 27 | } 28 | weak_under_alias(puts); 29 | -------------------------------------------------------------------------------- /Ascon-128/tools/utils.c: -------------------------------------------------------------------------------- 1 | #include "utils.h" 2 | 3 | // clang-format off 4 | void print_state(state *x) { 5 | printf("--------------------------\n"); 6 | printf("%016llx %016llx %016llx %016llx %016llx\n", 7 | x->x0, x->x1, x->x2, x->x3, x->x4); 8 | } 9 | 10 | void print_state_32(uint32_t *x) { 11 | printf("--------------------------\n"); 12 | printf("%08lx%08lx %08lx%08lx %08lx%08lx %08lx%08lx %08lx%08lx\n", 13 | (unsigned long) x[1], (unsigned long) x[0], 14 | (unsigned long) x[3], (unsigned long) x[2], 15 | (unsigned long) x[5], (unsigned long) x[4], 16 | (unsigned long) x[7], (unsigned long) x[6], 17 | (unsigned long) x[9], (unsigned long) x[8]) ; 18 | } 19 | // clang-format on -------------------------------------------------------------------------------- /Instructions/Instr/instr.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | 5 | void instr_addi(uint8_t *t); 6 | void instr_add(uint8_t *t); 7 | void instr_andi(uint8_t *t); 8 | void instr_and(uint8_t *t); 9 | void instr_empty(uint8_t *t); 10 | void instr_lb(uint8_t *t); 11 | void instr_lw(uint8_t *t); 12 | void instr_ori(uint8_t *t); 13 | void instr_or(uint8_t *t); 14 | void instr_sb(uint8_t *t); 15 | void instr_slli(uint8_t *t); 16 | void instr_sll(uint8_t *t); 17 | void instr_srai(uint8_t *t); 18 | void instr_sra(uint8_t *t); 19 | void instr_srli(uint8_t *t); 20 | void instr_srl(uint8_t *t); 21 | void instr_sub(uint8_t *t); 22 | void instr_sw(uint8_t *t); 23 | void instr_xori(uint8_t *t); 24 | void instr_xor(uint8_t *t); -------------------------------------------------------------------------------- /nix/vexriscv.nix: -------------------------------------------------------------------------------- 1 | { lib, stdenvNoCC, fetchurl, runCommand, fetchFromGitHub, makeWrapper 2 | , spinalhdl, scala_2_11, fetchMavenArtifact }: 3 | 4 | stdenvNoCC.mkDerivation { 5 | name = "vexriscv"; 6 | src = fetchFromGitHub { 7 | rev = "ee36c36fddf84e81a48957e8b4963c2764b27b62"; 8 | owner = "SpinalHDL"; 9 | repo = "VexRiscv"; 10 | sha256 = "02cnvz3xrdairll2pfpscdnprw9ya3a17z8bky9d37kk4axl7bmc"; 11 | }; 12 | 13 | buildInputs = spinalhdl; 14 | nativeBuildInputs = [ scala_2_11 ]; 15 | buildPhase = '' 16 | scalac -d vexriscv.jar $(find src/main/scala -type f) 17 | ''; 18 | 19 | installPhase = '' 20 | mkdir -p $out/share/java 21 | mv vexriscv.jar $out/share/java 22 | ''; 23 | } 24 | -------------------------------------------------------------------------------- /saturnin/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #define HASH 4 | 5 | #define crypto_hash crypto_hash 6 | #define crypto_hash_2 crypto_hash_asm 7 | // #define crypto_hash_3 8 | // #define crypto_hash_4 9 | 10 | #define crypto_aead_encrypt crypto_aead_encrypt 11 | #define crypto_aead_encrypt_2 crypto_aead_encrypt_asm 12 | #define crypto_aead_encrypt_3 crypto_aead_encrypt_bs32x 13 | // #define crypto_aead_encrypt_4 14 | 15 | #define crypto_aead_decrypt crypto_aead_decrypt 16 | #define crypto_aead_decrypt_2 crypto_aead_decrypt_asm 17 | #define crypto_aead_decrypt_3 crypto_aead_decrypt_bs32x 18 | // #define crypto_aead_decrypt_4 19 | 20 | #include "crypto_aead/crypto_aead.h" 21 | #include "crypto_hash/crypto_hash.h" 22 | #include "kat.h" 23 | -------------------------------------------------------------------------------- /rweather/SPARKLE/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/sparkle.h" 8 | 9 | #define crypto_aead_encrypt schwaemm_256_128_aead_encrypt 10 | #define crypto_aead_decrypt schwaemm_256_128_aead_decrypt 11 | #define crypto_aead_encrypt_2 schwaemm_128_128_aead_encrypt 12 | #define crypto_aead_decrypt_2 schwaemm_128_128_aead_decrypt 13 | #define crypto_aead_encrypt_3 schwaemm_192_192_aead_encrypt 14 | #define crypto_aead_decrypt_3 schwaemm_192_192_aead_decrypt 15 | #define crypto_aead_encrypt_4 schwaemm_256_256_aead_encrypt 16 | #define crypto_aead_decrypt_4 schwaemm_256_256_aead_decrypt 17 | #define crypto_hash esch_256_hash 18 | #define crypto_hash_2 esch_384_hash 19 | -------------------------------------------------------------------------------- /nix/paper.nix: -------------------------------------------------------------------------------- 1 | { latexrun, texlive, nix-gitignore, python3, stdenvNoCC }: 2 | 3 | let 4 | texdeps = texlive.combine { 5 | inherit (texlive) 6 | scheme-basic algorithms blindtext booktabs cleveref doublestroke etoolbox 7 | float hyphenat l3packages lineno listings mdframed metafont multirow 8 | needspace pgf pstricks soul type1cm xcolor xkeyval zref; 9 | }; 10 | 11 | in stdenvNoCC.mkDerivation { 12 | name = "paper.pdf"; 13 | src = nix-gitignore.gitignoreSource [ ] ../paper; 14 | buildInputs = [ python3 latexrun texdeps ]; 15 | buildPhase = '' 16 | export HOME=$PWD/.home 17 | python gen.py paper.tex 18 | latexrun paper.tex 19 | ''; 20 | 21 | installPhase = '' 22 | mv paper.pdf $out 23 | ''; 24 | } 25 | -------------------------------------------------------------------------------- /rweather/ASCON/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | 5 | #include "kat.h" 6 | #include "src/ascon128.h" 7 | 8 | #define crypto_hash ascon_hash 9 | // #define crypto_hash_2 ascon_hash 10 | // #define crypto_hash_3 ascon_hash 11 | // #define crypto_hash_4 ascon_hash 12 | 13 | #define crypto_aead_encrypt ascon128_aead_encrypt 14 | #define crypto_aead_encrypt_2 ascon128a_aead_encrypt 15 | #define crypto_aead_encrypt_3 ascon80pq_aead_encrypt 16 | // #define crypto_aead_encrypt_4 crypto_aead_encrypt 17 | 18 | #define crypto_aead_decrypt ascon128_aead_decrypt 19 | #define crypto_aead_decrypt_2 ascon128a_aead_decrypt 20 | #define crypto_aead_decrypt_3 ascon80pq_aead_decrypt 21 | // #define crypto_aead_decrypt_4 crypto_aead_decrypt 22 | 23 | #define NO_CHECK -------------------------------------------------------------------------------- /sifive_sdk/include/gpio.h: -------------------------------------------------------------------------------- 1 | // See LICENSE for license details. 2 | 3 | #ifndef _SIFIVE_GPIO_H 4 | #define _SIFIVE_GPIO_H 5 | 6 | #define GPIO_INPUT_VAL (0x00) 7 | #define GPIO_INPUT_EN (0x04) 8 | #define GPIO_OUTPUT_EN (0x08) 9 | #define GPIO_OUTPUT_VAL (0x0C) 10 | #define GPIO_PULLUP_EN (0x10) 11 | #define GPIO_DRIVE (0x14) 12 | #define GPIO_RISE_IE (0x18) 13 | #define GPIO_RISE_IP (0x1C) 14 | #define GPIO_FALL_IE (0x20) 15 | #define GPIO_FALL_IP (0x24) 16 | #define GPIO_HIGH_IE (0x28) 17 | #define GPIO_HIGH_IP (0x2C) 18 | #define GPIO_LOW_IE (0x30) 19 | #define GPIO_LOW_IP (0x34) 20 | #define GPIO_IOF_EN (0x38) 21 | #define GPIO_IOF_SEL (0x3C) 22 | #define GPIO_OUTPUT_XOR (0x40) 23 | 24 | #endif /* _SIFIVE_GPIO_H */ 25 | -------------------------------------------------------------------------------- /rweather/KNOT/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/knot.h" 8 | 9 | #define crypto_aead_encrypt knot_aead_128_256_encrypt 10 | #define crypto_aead_decrypt knot_aead_128_256_decrypt 11 | #define crypto_aead_encrypt_2 knot_aead_128_384_encrypt 12 | #define crypto_aead_decrypt_2 knot_aead_128_384_decrypt 13 | #define crypto_aead_encrypt_3 knot_aead_192_384_encrypt 14 | #define crypto_aead_decrypt_3 knot_aead_192_384_decrypt 15 | #define crypto_aead_encrypt_4 knot_aead_256_512_encrypt 16 | #define crypto_aead_decrypt_4 knot_aead_256_512_decrypt 17 | #define crypto_hash knot_hash_256_256 18 | #define crypto_hash_2 knot_hash_256_384 19 | #define crypto_hash_3 knot_hash_384_384 20 | #define crypto_hash_4 knot_hash_512_512 -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | # Sources 2 | *.c text diff=c 3 | *.cc text diff=cpp 4 | *.cxx text diff=cpp 5 | *.cpp text diff=cpp 6 | *.c++ text diff=cpp 7 | *.hpp text diff=cpp 8 | *.h text diff=c 9 | *.h++ text diff=cpp 10 | *.hh text diff=cpp 11 | 12 | # Compiled Object files 13 | *.slo binary 14 | *.lo binary 15 | *.o binary 16 | *.obj binary 17 | 18 | # Precompiled Headers 19 | *.gch binary 20 | *.pch binary 21 | 22 | # Compiled Dynamic libraries 23 | *.so binary 24 | *.dylib binary 25 | *.dll binary 26 | 27 | # Compiled Static libraries 28 | *.lai binary 29 | *.la binary 30 | *.a binary 31 | *.lib binary 32 | 33 | # Executables 34 | *.exe binary 35 | *.out binary 36 | *.app binary 37 | *.elf binary 38 | *.bin binary 39 | *.hex binary -------------------------------------------------------------------------------- /Gimli/crypto_hash/c-ref.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include "crypto_hash.h" 4 | 5 | // #include "../../murax/hal.h" 6 | 7 | #include "gimli.c.inc" 8 | 9 | int crypto_hash(unsigned char *out,const unsigned char *in,unsigned long long inlen) 10 | { 11 | uint32_t state[12]; 12 | uint8_t* state_8 = (uint8_t*)state; 13 | uint64_t i; 14 | 15 | memset(state,0,sizeof(state)); 16 | 17 | while (inlen >= 16) { 18 | for(i=0;i<16;++i) state_8[i] ^= in[i]; 19 | in += 16; 20 | inlen -= 16; 21 | gimli(state); 22 | } 23 | 24 | for (i=0;i 2 | 3 | #include 4 | #include 5 | 6 | #include 7 | #undef errno 8 | extern int errno; 9 | 10 | #include "hal.h" 11 | 12 | // int printf_(const char* format, ...); 13 | 14 | void _putchar(char c) { 15 | hal_send((uint8_t*)&c, 1); 16 | } 17 | 18 | 19 | void _write(int fd, const void* ptr, size_t len) { 20 | // Don't care about the fd. Just put everything on the UART console. 21 | (void)fd; 22 | hal_send(ptr, len); 23 | } 24 | 25 | // void _fstat(int fd) {} 26 | // void _sbrk(ptrdiff_t incr) 27 | // { 28 | // extern char _end[]; 29 | // extern char _heap_end[]; 30 | // static char *curbrk = _end; 31 | 32 | // if ((curbrk + incr < _end) || (curbrk + incr > _heap_end)) 33 | // return NULL - 1; 34 | 35 | // curbrk += incr; 36 | // return curbrk - incr; 37 | // } 38 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/write.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include 5 | #include 6 | #include 7 | 8 | #include "platform.h" 9 | #include "stub.h" 10 | #include "weak_under_alias.h" 11 | 12 | ssize_t __wrap_write(int fd, const void* ptr, size_t len) 13 | { 14 | const uint8_t * current = (const uint8_t *)((const char *)ptr); 15 | 16 | if (isatty(fd)) { 17 | for (size_t jj = 0; jj < len; jj++) { 18 | while (UART0_REG(UART_REG_TXFIFO) & 0x80000000) ; 19 | UART0_REG(UART_REG_TXFIFO) = current[jj]; 20 | 21 | if (current[jj] == '\n') { 22 | while (UART0_REG(UART_REG_TXFIFO) & 0x80000000) ; 23 | UART0_REG(UART_REG_TXFIFO) = '\r'; 24 | } 25 | } 26 | return len; 27 | } 28 | 29 | return _stub(EBADF); 30 | } 31 | weak_under_alias(write); 32 | -------------------------------------------------------------------------------- /Gimli/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // do we have additional tests: void test_perm() 4 | #define ADDITIONAL 5 | 6 | #define crypto_hash crypto_hash 7 | #define crypto_hash_2 crypto_hash_asm 8 | #define crypto_hash_3 crypto_hash_c_opt 9 | #define crypto_hash_4 crypto_hash_c_opt_unrolled 10 | 11 | #define crypto_aead_encrypt crypto_aead_encrypt 12 | #define crypto_aead_encrypt_2 crypto_aead_encrypt_asm 13 | #define crypto_aead_encrypt_3 crypto_aead_encrypt_c_opt 14 | #define crypto_aead_encrypt_4 crypto_aead_encrypt_c_opt_unrolled 15 | 16 | #define crypto_aead_decrypt crypto_aead_decrypt 17 | #define crypto_aead_decrypt_2 crypto_aead_decrypt_asm 18 | #define crypto_aead_decrypt_3 crypto_aead_decrypt_c_opt 19 | 20 | #include "Permutation/gimli.h" 21 | #include "Permutation/test_perm.h" 22 | #include "crypto_aead/crypto_aead.h" 23 | #include "crypto_hash/crypto_hash.h" 24 | #include "kat.h" 25 | -------------------------------------------------------------------------------- /nix/pqvexriscv.nix: -------------------------------------------------------------------------------- 1 | { stdenvNoCC, openjdk, fetchFromGitHub, spinalhdl, vexriscv, scala_2_11, makeWrapper }: 2 | 3 | stdenvNoCC.mkDerivation { 4 | name = "pqvexriscv"; 5 | src = fetchFromGitHub { 6 | rev = "bbc4e1af4c912d2d1a7f63dffe760772cb2ebb57"; 7 | owner = "mupq"; 8 | repo = "pqriscv-vexriscv"; 9 | sha256 = "15171zhh549llsyj8wlhj5d6q46zg5savnbd1xg16n6zaz3pcqz5"; 10 | }; 11 | 12 | buildInputs = spinalhdl ++ [ vexriscv ]; 13 | nativeBuildInputs = [ makeWrapper scala_2_11 ]; 14 | buildPhase = '' 15 | scalac -d pqvexriscv.jar $(find src/main/scala -type f) 16 | ''; 17 | 18 | installPhase = '' 19 | mkdir -p $out/share/java $out/bin 20 | mv pqvexriscv.jar $out/share/java 21 | makeWrapper ${scala_2_11}/bin/scala $out/bin/pqvexriscvsim \ 22 | --add-flags "-cp $CLASSPATH:$out/share/java/pqvexriscv.jar mupq.PQVexRiscvSim" 23 | ''; 24 | } 25 | -------------------------------------------------------------------------------- /xoodyak/ref/Xoodyak.h: -------------------------------------------------------------------------------- 1 | /* 2 | Implementation by Ronny Van Keer, hereby denoted as "the implementer". 3 | 4 | For more information, feedback or questions, please refer to our website: 5 | https://keccak.team/ 6 | 7 | To the extent possible under law, the implementer has waived all copyright 8 | and related or neighboring rights to the source code in this file. 9 | http://creativecommons.org/publicdomain/zero/1.0/ 10 | */ 11 | 12 | #ifndef _Xoodyak_h_ 13 | #define _Xoodyak_h_ 14 | 15 | #include 16 | #include "Xoodoo-SnP.h" 17 | #include "Cyclist.h" 18 | 19 | #define Xoodyak_f_bPrime 48 20 | #define Xoodyak_Rhash 16 21 | #define Xoodyak_Rkin 44 22 | #define Xoodyak_Rkout 24 23 | #define Xoodyak_lRatchet 16 24 | 25 | 26 | KCP_DeclareCyclistStructure(Xoodyak, Xoodoo_stateSizeInBytes, Xoodoo_stateAlignment) 27 | KCP_DeclareCyclistFunctions(Xoodyak) 28 | 29 | #endif 30 | -------------------------------------------------------------------------------- /sifive_sdk/libwrap/sys/read.c: -------------------------------------------------------------------------------- 1 | /* See LICENSE of license details. */ 2 | 3 | #include 4 | #include 5 | #include 6 | #include 7 | 8 | #include "platform.h" 9 | #include "stub.h" 10 | #include "weak_under_alias.h" 11 | 12 | ssize_t __wrap_read(int fd, void* ptr, size_t len) 13 | { 14 | uint8_t * current = (uint8_t *)ptr; 15 | volatile uint32_t * uart_rx = (uint32_t *)(UART0_CTRL_ADDR + UART_REG_RXFIFO); 16 | volatile uint8_t * uart_rx_cnt = (uint8_t *)(UART0_CTRL_ADDR + UART_REG_RXCTRL + 2); 17 | 18 | ssize_t result = 0; 19 | 20 | if (isatty(fd)) { 21 | for (current = (uint8_t *)ptr; 22 | (current < ((uint8_t *)ptr) + len) && (*uart_rx_cnt > 0); 23 | current ++) { 24 | *current = *uart_rx; 25 | result++; 26 | } 27 | return result; 28 | } 29 | 30 | return _stub(EBADF); 31 | } 32 | weak_under_alias(read); 33 | -------------------------------------------------------------------------------- /spike.mk: -------------------------------------------------------------------------------- 1 | TARGET := main_B.elf 2 | C_TARGET := main.c 3 | 4 | .PHONY: all 5 | all: $(TARGET) 6 | 7 | PLATFORM=spike 8 | 9 | INCLUDES := -Iutils -I$(RISCVPATH_B)/include 10 | 11 | OPTS ?= $(OPT3) 12 | 13 | COMMON_CFLAGS := -g -fno-builtin-printf \ 14 | -Dsim \ 15 | -Wno-unused-parameter \ 16 | -Wall -Wextra -Wredundant-decls \ 17 | -Wshadow -Wno-unused-function \ 18 | -fno-common 19 | 20 | 21 | help: 22 | @$(ECHO) $(RED)"Compile & Simulate"$(DARKGRAY) 23 | @$(ECHO) $(LIGHTGRAY)"1. "$(CYAN)"make"$(DARKGRAY) 24 | @$(ECHO) $(LIGHTGRAY)"2. "$(CYAN)"make startsim"$(DARKGRAY) 25 | 26 | startsim: $(TARGET) 27 | @$(ECHO) $(CYAN)"/opt/riscv64b/bin/spike --isa=RV64GCB pk" $(TARGET) $(DARKGRAY) 28 | @/opt/riscv64b/bin/spike --isa=RV64GCB pk $(TARGET) 29 | 30 | objdump: $(TARGET) 31 | @$(ECHO) $(LIGHTPURPLE)"Disassembling "$@$(DARKGRAY) 32 | $(OBJDUMP_B) -d $(TARGET) > main.dump 33 | -------------------------------------------------------------------------------- /xoodyak/lc/Xoodyak.h: -------------------------------------------------------------------------------- 1 | /* 2 | Implementation by Ronny Van Keer, hereby denoted as "the implementer". 3 | 4 | For more information, feedback or questions, please refer to our website: 5 | https://keccak.team/ 6 | 7 | To the extent possible under law, the implementer has waived all copyright 8 | and related or neighboring rights to the source code in this file. 9 | http://creativecommons.org/publicdomain/zero/1.0/ 10 | */ 11 | 12 | #ifndef _Xoodyak_h_ 13 | #define _Xoodyak_h_ 14 | 15 | #include 16 | #include "Xoodoo-SnP.h" 17 | #include "Cyclist.h" 18 | 19 | #define Xoodyak_lc_f_bPrime 48 20 | #define Xoodyak_lc_Rhash 16 21 | #define Xoodyak_lc_Rkin 44 22 | #define Xoodyak_lc_Rkout 24 23 | #define Xoodyak_lc_lRatchet 16 24 | 25 | 26 | KCP_DeclareCyclistStructure(Xoodyak_lc, Xoodoo_lc_stateSizeInBytes, Xoodoo_lc_stateAlignment) 27 | KCP_DeclareCyclistFunctions(Xoodyak_lc) 28 | 29 | #endif 30 | -------------------------------------------------------------------------------- /xoodyak/asm/Xoodyak.h: -------------------------------------------------------------------------------- 1 | /* 2 | Implementation by Ronny Van Keer, hereby denoted as "the implementer". 3 | 4 | For more information, feedback or questions, please refer to our website: 5 | https://keccak.team/ 6 | 7 | To the extent possible under law, the implementer has waived all copyright 8 | and related or neighboring rights to the source code in this file. 9 | http://creativecommons.org/publicdomain/zero/1.0/ 10 | */ 11 | 12 | #ifndef _Xoodyak_h_ 13 | #define _Xoodyak_h_ 14 | 15 | #include 16 | #include "Xoodoo-SnP.h" 17 | #include "Cyclist.h" 18 | 19 | #define Xoodyak_asm_f_bPrime 48 20 | #define Xoodyak_asm_Rhash 16 21 | #define Xoodyak_asm_Rkin 44 22 | #define Xoodyak_asm_Rkout 24 23 | #define Xoodyak_asm_lRatchet 16 24 | 25 | 26 | KCP_DeclareCyclistStructure(Xoodyak_asm, Xoodoo_asm_stateSizeInBytes, Xoodoo_asm_stateAlignment) 27 | KCP_DeclareCyclistFunctions(Xoodyak_asm) 28 | 29 | #endif 30 | -------------------------------------------------------------------------------- /rweather/ForkAE/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/forkae.h" 8 | 9 | #define crypto_aead_encrypt forkae_paef_64_192_aead_encrypt 10 | #define crypto_aead_decrypt forkae_paef_64_192_aead_decrypt 11 | #define crypto_aead_encrypt_2 forkae_paef_128_192_aead_encrypt 12 | #define crypto_aead_decrypt_2 forkae_paef_128_192_aead_decrypt 13 | #define crypto_aead_encrypt_3 forkae_paef_128_256_aead_encrypt 14 | #define crypto_aead_decrypt_3 forkae_paef_128_256_aead_decrypt 15 | #define crypto_aead_encrypt_4 forkae_paef_128_288_aead_encrypt 16 | #define crypto_aead_decrypt_4 forkae_paef_128_288_aead_decrypt 17 | #define crypto_aead_encrypt_5 forkae_saef_128_192_aead_encrypt 18 | #define crypto_aead_decrypt_5 forkae_saef_128_192_aead_decrypt 19 | #define crypto_aead_encrypt_6 forkae_saef_128_256_aead_encrypt 20 | #define crypto_aead_decrypt_6 forkae_saef_128_256_aead_decrypt 21 | -------------------------------------------------------------------------------- /rweather/SKINNY-AEAD/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "src/skinny-aead.h" 8 | #include "src/skinny-hash.h" 9 | 10 | #define crypto_aead_encrypt skinny_aead_m1_encrypt 11 | #define crypto_aead_decrypt skinny_aead_m1_decrypt 12 | #define crypto_aead_encrypt_2 skinny_aead_m2_encrypt 13 | #define crypto_aead_decrypt_2 skinny_aead_m2_decrypt 14 | #define crypto_aead_encrypt_3 skinny_aead_m3_encrypt 15 | #define crypto_aead_decrypt_3 skinny_aead_m3_decrypt 16 | #define crypto_aead_encrypt_4 skinny_aead_m4_encrypt 17 | #define crypto_aead_decrypt_4 skinny_aead_m4_decrypt 18 | #define crypto_aead_encrypt_5 skinny_aead_m5_encrypt 19 | #define crypto_aead_decrypt_5 skinny_aead_m5_decrypt 20 | #define crypto_aead_encrypt_6 skinny_aead_m6_encrypt 21 | #define crypto_aead_decrypt_6 skinny_aead_m6_decrypt 22 | #define crypto_hash skinny_tk3_hash 23 | #define crypto_hash_2 skinny_tk2_hash 24 | -------------------------------------------------------------------------------- /gcc.mk: -------------------------------------------------------------------------------- 1 | # SiFive is rv32imac 2 | # murax is rv32im 3 | 4 | CC=$(GCC) 5 | RISCV_ARCHFLAGS=$(RISCV_ARCHFLAGS_GCC) 6 | GCC_CFLAGS_MURAX=-fstrict-volatile-bitfields --specs=nosys.specs 7 | 8 | OPT2 = -O2 9 | OPT2 += -fgcse-after-reload 10 | OPT2 += -finline-functions 11 | # OPT2 += -fipa-cp-clone 12 | # OPT2 += -floop-interchange 13 | OPT2 += -floop-unroll-and-jam 14 | # OPT2 += -fpeel-loops 15 | # OPT2 += -fpredictive-commoning 16 | # OPT2 += -fsplit-loops 17 | # OPT2 += -fsplit-paths 18 | # OPT2 += -ftree-loop-distribute-patterns 19 | # OPT2 += -ftree-loop-distribution 20 | # OPT2 += -ftree-loop-vectorize 21 | # OPT2 += -ftree-partial-pre 22 | # OPT2 += -ftree-slp-vectorize 23 | # OPT2 += -funswitch-loops 24 | # OPT2 += -fversion-loops-for-strides 25 | 26 | 27 | OPT3 = -O3 28 | -------------------------------------------------------------------------------- /xoodyak/rw_lu/Xoodyak.h: -------------------------------------------------------------------------------- 1 | /* 2 | Implementation by Ronny Van Keer, hereby denoted as "the implementer". 3 | 4 | For more information, feedback or questions, please refer to our website: 5 | https://keccak.team/ 6 | 7 | To the extent possible under law, the implementer has waived all copyright 8 | and related or neighboring rights to the source code in this file. 9 | http://creativecommons.org/publicdomain/zero/1.0/ 10 | */ 11 | 12 | #ifndef _Xoodyak_h_ 13 | #define _Xoodyak_h_ 14 | 15 | #include 16 | #include "Xoodoo-SnP.h" 17 | #include "Cyclist.h" 18 | 19 | #define Xoodyak_rw_lu_f_bPrime 48 20 | #define Xoodyak_rw_lu_Rhash 16 21 | #define Xoodyak_rw_lu_Rkin 44 22 | #define Xoodyak_rw_lu_Rkout 24 23 | #define Xoodyak_rw_lu_lRatchet 16 24 | 25 | 26 | KCP_DeclareCyclistStructure(Xoodyak_rw_lu, Xoodoo_rw_lu_stateSizeInBytes, Xoodoo_rw_lu_stateAlignment) 27 | KCP_DeclareCyclistFunctions(Xoodyak_rw_lu) 28 | 29 | #endif 30 | -------------------------------------------------------------------------------- /murax/main.c: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | #include "hal.h" 4 | 5 | void init_buffer(unsigned char *buffer, unsigned long long numbytes) 6 | { 7 | unsigned long long i; 8 | for (i = 0; i < numbytes; i++) 9 | buffer[i] = (unsigned char)i; 10 | } 11 | 12 | int main(void) 13 | { 14 | unsigned char msg[64]; 15 | unsigned long long i, length; 16 | hal_send_str("Hello World!\n"); 17 | printf_("printf_: Hello World (%d) :D\n", 1337); 18 | printf_("printf_: Hello World (0x%X) :D\n", 0x1337); 19 | printf("printf: Hello World (0x%08X) :D\n", 0x1337); 20 | 21 | init_buffer(msg, sizeof(msg)); 22 | 23 | for (length = 0; length < 64; length++) 24 | { 25 | printf("len %llu:\n",length); 26 | for (i = 0; i < length; i++) 27 | printf("%02X", msg[i]); 28 | printf("\n"); 29 | } 30 | 31 | printf("DONE!\n"); 32 | volatile int a = 0; 33 | while (true) { 34 | a += 42; 35 | } 36 | 37 | return 0; 38 | } 39 | -------------------------------------------------------------------------------- /sifive_sdk/include/plic.h: -------------------------------------------------------------------------------- 1 | // See LICENSE for license details. 2 | 3 | #ifndef PLIC_H 4 | #define PLIC_H 5 | 6 | #include "const.h" 7 | 8 | // 32 bits per source 9 | #define PLIC_PRIORITY_OFFSET _AC(0x0000,UL) 10 | #define PLIC_PRIORITY_SHIFT_PER_SOURCE 2 11 | // 1 bit per source (1 address) 12 | #define PLIC_PENDING_OFFSET _AC(0x1000,UL) 13 | #define PLIC_PENDING_SHIFT_PER_SOURCE 0 14 | 15 | //0x80 per target 16 | #define PLIC_ENABLE_OFFSET _AC(0x2000,UL) 17 | #define PLIC_ENABLE_SHIFT_PER_TARGET 7 18 | 19 | 20 | #define PLIC_THRESHOLD_OFFSET _AC(0x200000,UL) 21 | #define PLIC_CLAIM_OFFSET _AC(0x200004,UL) 22 | #define PLIC_THRESHOLD_SHIFT_PER_TARGET 12 23 | #define PLIC_CLAIM_SHIFT_PER_TARGET 12 24 | 25 | #define PLIC_MAX_SOURCE 1023 26 | #define PLIC_SOURCE_MASK 0x3FF 27 | 28 | #define PLIC_MAX_TARGET 15871 29 | #define PLIC_TARGET_MASK 0x3FFF 30 | 31 | #endif /* PLIC_H */ 32 | -------------------------------------------------------------------------------- /xoodyak/asm/align.h: -------------------------------------------------------------------------------- 1 | /* 2 | Implementation by the Keccak Team, namely, Guido Bertoni, Joan Daemen, 3 | Michaël Peeters, Gilles Van Assche and Ronny Van Keer, 4 | hereby denoted as "the implementer". 5 | 6 | For more information, feedback or questions, please refer to our website: 7 | https://keccak.team/ 8 | 9 | To the extent possible under law, the implementer has waived all copyright 10 | and related or neighboring rights to the source code in this file. 11 | http://creativecommons.org/publicdomain/zero/1.0/ 12 | */ 13 | 14 | #ifndef _align_h_ 15 | #define _align_h_ 16 | 17 | /* on Mac OS-X and possibly others, ALIGN(x) is defined in param.h, and -Werror chokes on the redef. */ 18 | #ifdef ALIGN 19 | #undef ALIGN 20 | #endif 21 | 22 | #if defined(__GNUC__) 23 | #define ALIGN(x) __attribute__ ((aligned(x))) 24 | #elif defined(_MSC_VER) 25 | #define ALIGN(x) __declspec(align(x)) 26 | #elif defined(__ARMCC_VERSION) 27 | #define ALIGN(x) __align(x) 28 | #else 29 | #define ALIGN(x) 30 | #endif 31 | 32 | #endif 33 | -------------------------------------------------------------------------------- /xoodyak/lc/align.h: -------------------------------------------------------------------------------- 1 | /* 2 | Implementation by the Keccak Team, namely, Guido Bertoni, Joan Daemen, 3 | Michaël Peeters, Gilles Van Assche and Ronny Van Keer, 4 | hereby denoted as "the implementer". 5 | 6 | For more information, feedback or questions, please refer to our website: 7 | https://keccak.team/ 8 | 9 | To the extent possible under law, the implementer has waived all copyright 10 | and related or neighboring rights to the source code in this file. 11 | http://creativecommons.org/publicdomain/zero/1.0/ 12 | */ 13 | 14 | #ifndef _align_h_ 15 | #define _align_h_ 16 | 17 | /* on Mac OS-X and possibly others, ALIGN(x) is defined in param.h, and -Werror chokes on the redef. */ 18 | #ifdef ALIGN 19 | #undef ALIGN 20 | #endif 21 | 22 | #if defined(__GNUC__) 23 | #define ALIGN(x) __attribute__ ((aligned(x))) 24 | #elif defined(_MSC_VER) 25 | #define ALIGN(x) __declspec(align(x)) 26 | #elif defined(__ARMCC_VERSION) 27 | #define ALIGN(x) __align(x) 28 | #else 29 | #define ALIGN(x) 30 | #endif 31 | 32 | #endif 33 | -------------------------------------------------------------------------------- /xoodyak/ref/align.h: -------------------------------------------------------------------------------- 1 | /* 2 | Implementation by the Keccak Team, namely, Guido Bertoni, Joan Daemen, 3 | Michaël Peeters, Gilles Van Assche and Ronny Van Keer, 4 | hereby denoted as "the implementer". 5 | 6 | For more information, feedback or questions, please refer to our website: 7 | https://keccak.team/ 8 | 9 | To the extent possible under law, the implementer has waived all copyright 10 | and related or neighboring rights to the source code in this file. 11 | http://creativecommons.org/publicdomain/zero/1.0/ 12 | */ 13 | 14 | #ifndef _align_h_ 15 | #define _align_h_ 16 | 17 | /* on Mac OS-X and possibly others, ALIGN(x) is defined in param.h, and -Werror chokes on the redef. */ 18 | #ifdef ALIGN 19 | #undef ALIGN 20 | #endif 21 | 22 | #if defined(__GNUC__) 23 | #define ALIGN(x) __attribute__ ((aligned(x))) 24 | #elif defined(_MSC_VER) 25 | #define ALIGN(x) __declspec(align(x)) 26 | #elif defined(__ARMCC_VERSION) 27 | #define ALIGN(x) __align(x) 28 | #else 29 | #define ALIGN(x) 30 | #endif 31 | 32 | #endif 33 | -------------------------------------------------------------------------------- /xoodyak/rw_lu/align.h: -------------------------------------------------------------------------------- 1 | /* 2 | Implementation by the Keccak Team, namely, Guido Bertoni, Joan Daemen, 3 | Michaël Peeters, Gilles Van Assche and Ronny Van Keer, 4 | hereby denoted as "the implementer". 5 | 6 | For more information, feedback or questions, please refer to our website: 7 | https://keccak.team/ 8 | 9 | To the extent possible under law, the implementer has waived all copyright 10 | and related or neighboring rights to the source code in this file. 11 | http://creativecommons.org/publicdomain/zero/1.0/ 12 | */ 13 | 14 | #ifndef _align_h_ 15 | #define _align_h_ 16 | 17 | /* on Mac OS-X and possibly others, ALIGN(x) is defined in param.h, and -Werror chokes on the redef. */ 18 | #ifdef ALIGN 19 | #undef ALIGN 20 | #endif 21 | 22 | #if defined(__GNUC__) 23 | #define ALIGN(x) __attribute__ ((aligned(x))) 24 | #elif defined(_MSC_VER) 25 | #define ALIGN(x) __declspec(align(x)) 26 | #elif defined(__ARMCC_VERSION) 27 | #define ALIGN(x) __align(x) 28 | #else 29 | #define ALIGN(x) 30 | #endif 31 | 32 | #endif 33 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "Building_Tools/openocd_riscv"] 2 | path = Building_Tools/openocd_riscv 3 | url = https://github.com/SpinalHDL/openocd_riscv 4 | ignore = dirty 5 | [submodule "Building_Tools/verilator"] 6 | path = Building_Tools/verilator 7 | url = https://git.veripool.org/git/verilator 8 | ignore = dirty 9 | [submodule "Building_Tools/pqriscv-vexriscv"] 10 | path = Building_Tools/pqriscv-vexriscv 11 | url = https://github.com/mupq/pqriscv-vexriscv 12 | ignore = dirty 13 | [submodule "Building_Tools/riscv-gnu-toolchain"] 14 | path = Building_Tools/riscv-gnu-toolchain 15 | url = https://github.com/sifive/riscv-gnu-toolchain 16 | ignore = dirty 17 | [submodule "Building_Tools/riscv-openocd"] 18 | path = Building_Tools/riscv-openocd 19 | url = https://github.com/sifive/riscv-openocd 20 | ignore = dirty 21 | [submodule "rweather-repo"] 22 | path = rweather-repo 23 | url = https://github.com/rweather/lightweight-crypto 24 | [submodule "riscvOVPsim"] 25 | path = riscvOVPsim 26 | url = https://github.com/riscv/riscv-ovpsim 27 | -------------------------------------------------------------------------------- /sifive_sdk/include/bits.h: -------------------------------------------------------------------------------- 1 | // See LICENSE for license details. 2 | #ifndef _RISCV_BITS_H 3 | #define _RISCV_BITS_H 4 | 5 | #define likely(x) __builtin_expect((x), 1) 6 | #define unlikely(x) __builtin_expect((x), 0) 7 | 8 | #define ROUNDUP(a, b) ((((a)-1)/(b)+1)*(b)) 9 | #define ROUNDDOWN(a, b) ((a)/(b)*(b)) 10 | 11 | #define MAX(a, b) ((a) > (b) ? (a) : (b)) 12 | #define MIN(a, b) ((a) < (b) ? (a) : (b)) 13 | #define CLAMP(a, lo, hi) MIN(MAX(a, lo), hi) 14 | 15 | #define EXTRACT_FIELD(val, which) (((val) & (which)) / ((which) & ~((which)-1))) 16 | #define INSERT_FIELD(val, which, fieldval) (((val) & ~(which)) | ((fieldval) * ((which) & ~((which)-1)))) 17 | 18 | #define STR(x) XSTR(x) 19 | #define XSTR(x) #x 20 | 21 | #if __riscv_xlen == 64 22 | # define SLL32 sllw 23 | # define STORE sd 24 | # define LOAD ld 25 | # define LWU lwu 26 | # define LOG_REGBYTES 3 27 | #else 28 | # define SLL32 sll 29 | # define STORE sw 30 | # define LOAD lw 31 | # define LWU lw 32 | # define LOG_REGBYTES 2 33 | #endif 34 | #define REGBYTES (1 << LOG_REGBYTES) 35 | 36 | #endif 37 | -------------------------------------------------------------------------------- /upload.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | GDB_PORT=3333 3 | 4 | # Check argument. 5 | if [ -z "$1" ]; then 6 | echo "$0 " 7 | exit 0 8 | fi 9 | 10 | if [ ! -f "$1" ]; then 11 | echo "$1 is not a valid file" 12 | exit 1 13 | fi 14 | 15 | # Retrieve dependencies. 16 | . ./config.sh 17 | 18 | # Check dependencies. 19 | checkdep() { 20 | path_to_dep=$(command -v "$1") 21 | if [ ! -x "$1" ] && [ ! -x "$path_to_dep" ]; then 22 | echo "$1 does not seem to exist. Please set the right path in config.mk or add the directory to your \$PATH." 23 | exit 1 24 | fi 25 | } 26 | checkdep "$GDB" 27 | checkdep "$OPENOCD" 28 | 29 | echo $GDB 30 | echo $OPENOCD 31 | 32 | "$OPENOCD" \ 33 | -s "sifive_sdk" \ 34 | -f openocd.cfg & \ 35 | "$GDB" "$1" --batch \ 36 | -ex "set remotetimeout 240" \ 37 | -ex "target extended-remote localhost:$GDB_PORT" \ 38 | -ex "monitor reset halt" \ 39 | -ex "monitor flash protect 0 64 last off" \ 40 | -ex "load" \ 41 | -ex "monitor resume" \ 42 | -ex "monitor shutdown" \ 43 | -ex "quit" && \ 44 | echo "Done." 45 | -------------------------------------------------------------------------------- /sparkle/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "sparkle.h" 8 | 9 | #define crypto_aead_encrypt schwaemm_256_128_aead_encrypt 10 | #define crypto_aead_decrypt schwaemm_256_128_aead_decrypt 11 | //#define crypto_aead_encrypt_2 schwaemm_128_128_aead_encrypt 12 | //#define crypto_aead_decrypt_2 schwaemm_128_128_aead_decrypt 13 | //#define crypto_aead_encrypt_3 schwaemm_192_192_aead_encrypt 14 | //#define crypto_aead_decrypt_3 schwaemm_192_192_aead_decrypt 15 | //#define crypto_aead_encrypt_4 schwaemm_256_256_aead_encrypt 16 | //#define crypto_aead_decrypt_4 schwaemm_256_256_aead_decrypt 17 | 18 | #define crypto_hash esch_256_hash 19 | #define crypto_hash_2 esch_256_hash_opt_c 20 | #define crypto_hash_3 esch_256_hash_asm 21 | 22 | // LM + FC results 23 | #define crypto_aead_encrypt_2 schwaemm_256_128_aead_encrypt_opt_c 24 | #define crypto_aead_decrypt_2 schwaemm_256_128_aead_decrypt_opt_c 25 | 26 | #define crypto_aead_encrypt_3 schwaemm_256_128_aead_encrypt_asm 27 | #define crypto_aead_decrypt_3 schwaemm_256_128_aead_decrypt_asm 28 | 29 | 30 | 31 | -------------------------------------------------------------------------------- /sifive_sdk/openocd.cfg: -------------------------------------------------------------------------------- 1 | adapter_khz 10000 2 | 3 | interface ftdi 4 | ftdi_device_desc "Dual RS232-HS" 5 | ftdi_vid_pid 0x0403 0x6010 6 | 7 | ftdi_layout_init 0x0008 0x001b 8 | ftdi_layout_signal nSRST -oe 0x0020 -data 0x0020 9 | 10 | #Reset Stretcher logic on FE310 is ~1 second long 11 | #This doesn't apply if you use 12 | # ftdi_set_signal, but still good to document 13 | #adapter_nsrst_delay 1500 14 | 15 | set _CHIPNAME riscv 16 | jtag newtap $_CHIPNAME cpu -irlen 5 -expected-id 0x10e31913 17 | 18 | set _TARGETNAME $_CHIPNAME.cpu 19 | target create $_TARGETNAME riscv -chain-position $_TARGETNAME 20 | $_TARGETNAME configure -work-area-phys 0x80000000 -work-area-size 10000 -work-area-backup 1 21 | 22 | flash bank onboard_spi_flash fespi 0x20000000 0 0 0 $_TARGETNAME 23 | init 24 | #reset -- This type of reset is not implemented yet 25 | if {[ info exists pulse_srst]} { 26 | ftdi_set_signal nSRST 0 27 | ftdi_set_signal nSRST z 28 | #Wait for the reset stretcher 29 | #It will work without this, but 30 | #will incur lots of delays for later commands. 31 | sleep 1500 32 | } 33 | halt 34 | #flash protect 0 64 last off 35 | -------------------------------------------------------------------------------- /main.c: -------------------------------------------------------------------------------- 1 | #include "scheme.h" 2 | 3 | #include "test/test.h" 4 | #include "test/test_aead.h" 5 | #include "test/test_hash.h" 6 | 7 | #ifdef MURAX 8 | #include "murax/hal.h" 9 | #endif 10 | 11 | #include 12 | 13 | inline static void __attribute__((always_inline)) do_nothing() { 14 | for (int i = 0; i < 1000; ++i) { 15 | __asm__("NOP"); 16 | } 17 | for (int i = 0; i < 2; ++i) 18 | printf("\n"); 19 | } 20 | 21 | int main(void) { 22 | // Instruction cache misses are relatively expensive, so for more 23 | // consistent benchmarks that depend less on the relative speed of 24 | // the QSPI flash, you might want to fill the instruction cache first. 25 | // Note that it can hold 16 KiB of instructions on the HiFive1. 26 | 27 | do_nothing(); 28 | 29 | printf("starting benchmarking program\n"); 30 | 31 | do_nothing(); 32 | 33 | #ifdef ADDITIONAL 34 | additional_tests(); 35 | #endif 36 | 37 | #ifdef crypto_hash 38 | test_crypto_hash(); 39 | #endif 40 | 41 | #ifdef crypto_aead_encrypt 42 | test_crypto_aead(); 43 | #endif 44 | 45 | printf("DONE!\n"); 46 | 47 | return 0; 48 | } 49 | -------------------------------------------------------------------------------- /xoodyak/ref/hash.c: -------------------------------------------------------------------------------- 1 | /* 2 | Implementation by Ronny Van Keer, hereby denoted as "the implementer". 3 | 4 | For more information, feedback or questions, please refer to our website: 5 | https://keccak.team/ 6 | 7 | To the extent possible under law, the implementer has waived all copyright 8 | and related or neighboring rights to the source code in this file. 9 | http://creativecommons.org/publicdomain/zero/1.0/ 10 | */ 11 | 12 | #include "crypto_hash.h" 13 | 14 | #ifndef crypto_hash_BYTES 15 | #define crypto_hash_BYTES 32 16 | #endif 17 | 18 | #include "Xoodyak.h" 19 | 20 | int crypto_hash_ref(unsigned char *out, const unsigned char *in, unsigned long long inlen) 21 | { 22 | Xoodyak_Instance instance; 23 | 24 | Xoodyak_Initialize(&instance, NULL, 0, NULL, 0, NULL, 0); 25 | Xoodyak_Absorb(&instance, in, (size_t)inlen); 26 | Xoodyak_Squeeze(&instance, out, crypto_hash_BYTES); 27 | #if 0 28 | { 29 | unsigned int i; 30 | for (i = 0; i < crypto_hash_BYTES; ++i ) 31 | { 32 | printf("\\x%02x", out[i] ); 33 | } 34 | printf("\n"); 35 | } 36 | #endif 37 | return 0; 38 | } -------------------------------------------------------------------------------- /utils/nist.c: -------------------------------------------------------------------------------- 1 | #include "nist.h" 2 | 3 | void init_buffer(unsigned char *buffer, unsigned long long numbytes) { 4 | for (unsigned long long i = 0; i < numbytes; i++) 5 | buffer[i] = (unsigned char)i; 6 | } 7 | 8 | void print_bstr(const char *label, const unsigned char *data, 9 | unsigned long long length) { 10 | printf("%s", label); 11 | 12 | for (unsigned long long i = 0; i < length; i++) { 13 | printf("%02X", data[i]); 14 | } 15 | printf("\n"); 16 | } 17 | 18 | void xor_bstr(unsigned char *out, const unsigned char *in, 19 | unsigned long long numbytes) { 20 | for (unsigned long long i = 0; i < numbytes; i++) { 21 | *out ^= *in; 22 | out++; 23 | in++; 24 | } 25 | } 26 | 27 | void highlight_tag(const char *label, unsigned long long numbytes, 28 | unsigned long long taglen) { 29 | printf("%s", label); 30 | 31 | for (unsigned long long i = 0; i < numbytes - taglen; i++) { 32 | printf(".."); 33 | } 34 | for (unsigned long long i = 0; i < taglen; i++) { 35 | printf("XX"); 36 | } 37 | printf("\n"); 38 | } 39 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2020 Assembly-Optimized-C-RiscV 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /xoodyak/lc/hash.c: -------------------------------------------------------------------------------- 1 | /* 2 | Implementation by Ronny Van Keer, hereby denoted as "the implementer". 3 | 4 | For more information, feedback or questions, please refer to our website: 5 | https://keccak.team/ 6 | 7 | To the extent possible under law, the implementer has waived all copyright 8 | and related or neighboring rights to the source code in this file. 9 | http://creativecommons.org/publicdomain/zero/1.0/ 10 | */ 11 | 12 | #include "crypto_hash.h" 13 | 14 | #ifndef crypto_hash_BYTES 15 | #define crypto_hash_BYTES 32 16 | #endif 17 | 18 | #include "Xoodyak.h" 19 | 20 | int crypto_hash_lc(unsigned char *out, const unsigned char *in, unsigned long long inlen) 21 | { 22 | Xoodyak_lc_Instance instance; 23 | 24 | Xoodyak_lc_Initialize(&instance, NULL, 0, NULL, 0, NULL, 0); 25 | Xoodyak_lc_Absorb(&instance, in, (size_t)inlen); 26 | Xoodyak_lc_Squeeze(&instance, out, crypto_hash_BYTES); 27 | #if 0 28 | { 29 | unsigned int i; 30 | for (i = 0; i < crypto_hash_BYTES; ++i ) 31 | { 32 | printf("\\x%02x", out[i] ); 33 | } 34 | printf("\n"); 35 | } 36 | #endif 37 | return 0; 38 | } -------------------------------------------------------------------------------- /utils/tools.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | def read(fn): 4 | with open(fn, 'r', encoding="utf-8") as file: 5 | return file.read() 6 | 7 | def save(fn, z): 8 | d = open(fn, 'w', encoding="utf-8") 9 | d.write(z) 10 | d.close() 11 | 12 | class bcolors: 13 | NO_COLOR='\033[0m' 14 | RED = '\033[38;5;009m' 15 | GREEN = '\033[38;5;010m' 16 | YELLOW = '\033[38;5;011m' 17 | ORANGE = '\033[38;5;214m' 18 | LIGHTPURPLE = '\033[38;5;177m' 19 | PURPLE = '\033[38;5;135m' 20 | CYAN = '\033[38;5;014m' 21 | LIGHTBLUE = '\033[38;5;39m' 22 | BLUE = '\033[38;5;27m' 23 | DARKBLUE = '\033[38;5;19m' 24 | LIGHTGRAY = '\033[38;5;252m' 25 | DARKGRAY = '\033[38;5;242m' 26 | BRIGHTRED = '\033[91m' 27 | BOLD = '\033[1m' 28 | NORMAL = '\033[0m' 29 | UNDERLINE = '\033[4m' 30 | 31 | # ENDC = '\033[0m' 32 | # BOLD = '\033[1m' 33 | # UNDERLINE = '\033[4m' 34 | # RED = '\033[31m' 35 | # BRIGHTRED = '\033[91m' 36 | # MAGENTA = '\033[35m' 37 | # PURPLE = '\033[95m' 38 | # ORANGE = '\033[33m' 39 | # YELLOW = '\033[93m' 40 | # BLUE = '\033[94m' 41 | # GREEN = '\033[92m' 42 | -------------------------------------------------------------------------------- /xoodyak/asm/hash.c: -------------------------------------------------------------------------------- 1 | /* 2 | Implementation by Ronny Van Keer, hereby denoted as "the implementer". 3 | 4 | For more information, feedback or questions, please refer to our website: 5 | https://keccak.team/ 6 | 7 | To the extent possible under law, the implementer has waived all copyright 8 | and related or neighboring rights to the source code in this file. 9 | http://creativecommons.org/publicdomain/zero/1.0/ 10 | */ 11 | 12 | #include "crypto_hash.h" 13 | 14 | #ifndef crypto_hash_BYTES 15 | #define crypto_hash_BYTES 32 16 | #endif 17 | 18 | #include "Xoodyak.h" 19 | 20 | int crypto_hash_asm(unsigned char *out, const unsigned char *in, unsigned long long inlen) 21 | { 22 | Xoodyak_asm_Instance instance; 23 | 24 | Xoodyak_asm_Initialize(&instance, NULL, 0, NULL, 0, NULL, 0); 25 | Xoodyak_asm_Absorb(&instance, in, (size_t)inlen); 26 | Xoodyak_asm_Squeeze(&instance, out, crypto_hash_BYTES); 27 | #if 0 28 | { 29 | unsigned int i; 30 | for (i = 0; i < crypto_hash_BYTES; ++i ) 31 | { 32 | printf("\\x%02x", out[i] ); 33 | } 34 | printf("\n"); 35 | } 36 | #endif 37 | return 0; 38 | } -------------------------------------------------------------------------------- /xoodyak/rw_lu/hash.c: -------------------------------------------------------------------------------- 1 | /* 2 | Implementation by Ronny Van Keer, hereby denoted as "the implementer". 3 | 4 | For more information, feedback or questions, please refer to our website: 5 | https://keccak.team/ 6 | 7 | To the extent possible under law, the implementer has waived all copyright 8 | and related or neighboring rights to the source code in this file. 9 | http://creativecommons.org/publicdomain/zero/1.0/ 10 | */ 11 | 12 | #include "crypto_hash.h" 13 | 14 | #ifndef crypto_hash_BYTES 15 | #define crypto_hash_BYTES 32 16 | #endif 17 | 18 | #include "Xoodyak.h" 19 | 20 | int crypto_hash_rw_lu(unsigned char *out, const unsigned char *in, unsigned long long inlen) 21 | { 22 | Xoodyak_rw_lu_Instance instance; 23 | 24 | Xoodyak_rw_lu_Initialize(&instance, NULL, 0, NULL, 0, NULL, 0); 25 | Xoodyak_rw_lu_Absorb(&instance, in, (size_t)inlen); 26 | Xoodyak_rw_lu_Squeeze(&instance, out, crypto_hash_BYTES); 27 | #if 0 28 | { 29 | unsigned int i; 30 | for (i = 0; i < crypto_hash_BYTES; ++i ) 31 | { 32 | printf("\\x%02x", out[i] ); 33 | } 34 | printf("\n"); 35 | } 36 | #endif 37 | return 0; 38 | } -------------------------------------------------------------------------------- /sifive_sdk/include/pwm.h: -------------------------------------------------------------------------------- 1 | // See LICENSE for license details. 2 | 3 | #ifndef _SIFIVE_PWM_H 4 | #define _SIFIVE_PWM_H 5 | 6 | /* Register offsets */ 7 | 8 | #define PWM_CFG 0x00 9 | #define PWM_COUNT 0x08 10 | #define PWM_S 0x10 11 | #define PWM_CMP0 0x20 12 | #define PWM_CMP1 0x24 13 | #define PWM_CMP2 0x28 14 | #define PWM_CMP3 0x2C 15 | 16 | /* Constants */ 17 | 18 | #define PWM_CFG_SCALE 0x0000000F 19 | #define PWM_CFG_STICKY 0x00000100 20 | #define PWM_CFG_ZEROCMP 0x00000200 21 | #define PWM_CFG_DEGLITCH 0x00000400 22 | #define PWM_CFG_ENALWAYS 0x00001000 23 | #define PWM_CFG_ONESHOT 0x00002000 24 | #define PWM_CFG_CMP0CENTER 0x00010000 25 | #define PWM_CFG_CMP1CENTER 0x00020000 26 | #define PWM_CFG_CMP2CENTER 0x00040000 27 | #define PWM_CFG_CMP3CENTER 0x00080000 28 | #define PWM_CFG_CMP0GANG 0x01000000 29 | #define PWM_CFG_CMP1GANG 0x02000000 30 | #define PWM_CFG_CMP2GANG 0x04000000 31 | #define PWM_CFG_CMP3GANG 0x08000000 32 | #define PWM_CFG_CMP0IP 0x10000000 33 | #define PWM_CFG_CMP1IP 0x20000000 34 | #define PWM_CFG_CMP2IP 0x40000000 35 | #define PWM_CFG_CMP3IP 0x80000000 36 | 37 | #endif /* _SIFIVE_PWM_H */ 38 | -------------------------------------------------------------------------------- /config.mk: -------------------------------------------------------------------------------- 1 | NO_COLOR="\033[0m" 2 | RED="\033[38;5;009m" 3 | GREEN="\033[38;5;010m" 4 | YELLOW="\033[38;5;011m" 5 | ORANGE="\033[38;5;214m" 6 | LIGHTPURPLE="\033[38;5;177m" 7 | PURPLE="\033[38;5;135m" 8 | CYAN="\033[38;5;014m" 9 | LIGHTBLUE="\033[38;5;39m" 10 | BLUE="\033[38;5;75m" 11 | DARKBLUE="\033[38;5;33m" 12 | LIGHTGRAY="\033[38;5;252m" 13 | DARKGRAY="\033[38;5;242m" 14 | BRIGHTRED="\033[91m" 15 | BOLD="\033[1m" 16 | 17 | 18 | PATH_RISCV=/opt/riscv/ 19 | #PATH_RISCV=/opt/riscv/ 20 | PATH_RISC_BIN=$(PATH_RISCV)bin/ 21 | PATH_VERILATOR_BIN?=/opt/verilator/bin/ 22 | PREFIX?=$(PATH_RISC_BIN)riscv64-unknown-elf 23 | 24 | # If these tools are not in your $PATH, enter the full path. 25 | AR?=$(PREFIX)-ar 26 | GCC?=$(PREFIX)-gcc 27 | CLANG=clang 28 | GDB?=$(PREFIX)-gdb 29 | OBJDUMP?=$(PREFIX)-objdump 30 | OBJCOPY?=$(PREFIX)-objcopy 31 | RISCVPATH=$(PATH_RISCV)riscv64-unknown-elf 32 | OPENOCD?=$(PATH_RISC_BIN)openocd 33 | ECHO?=echo 34 | 35 | RISCV_ARCH?=rv32im 36 | RISCV_ABI?=ilp32 37 | RISCV_CMODEL?=medany 38 | RISCV_ARCHFLAGS_GCC+=-march=$(RISCV_ARCH) 39 | RISCV_ARCHFLAGS_GCC+=-mabi=$(RISCV_ABI) 40 | RISCV_ARCHFLAGS_GCC+=-mcmodel=$(RISCV_CMODEL) 41 | 42 | RISCV_ARCHFLAGS_CLANG+=--target=riscv32 43 | 44 | 45 | -------------------------------------------------------------------------------- /Gimli/crypto_aead/gimli.c.inc: -------------------------------------------------------------------------------- 1 | static uint32_t rotate(uint32_t x,int bits) 2 | { 3 | if (bits == 0) return x; 4 | return (x << bits) | (x >> (32 - bits)); 5 | } 6 | 7 | static void gimli(uint32_t *state) 8 | { 9 | int round, column; 10 | uint32_t x, y, z; 11 | 12 | for (round = 24; round > 0; --round) { 13 | for (column = 0; column < 4; ++column) { 14 | x = rotate(state[ column], 24); 15 | y = rotate(state[4 + column], 9); 16 | z = state[8 + column]; 17 | state[8 + column] = x ^ (z << 1) ^ ((y&z) << 2); 18 | state[4 + column] = y ^ x ^ ((x|z) << 1); 19 | state[ column] = z ^ y ^ ((x&y) << 3); 20 | } 21 | if ((round & 3) == 0) { // small swap: pattern s...s...s... etc. 22 | x = state[0]; state[0] = state[1]; state[1] = x; 23 | x = state[2]; state[2] = state[3]; state[3] = x; 24 | } 25 | if ((round & 3) == 2) { // big swap: pattern ..S...S...S. etc. 26 | x = state[0]; state[0] = state[2]; state[2] = x; 27 | x = state[1]; state[1] = state[3]; state[3] = x; 28 | } 29 | if ((round & 3) == 0) // add constant: pattern c...c...c... etc. 30 | state[0] ^= (0x9e377900 | round); 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /Gimli/crypto_hash/gimli.c.inc: -------------------------------------------------------------------------------- 1 | static uint32_t rotate(uint32_t x,int bits) 2 | { 3 | if (bits == 0) return x; 4 | return (x << bits) | (x >> (32 - bits)); 5 | } 6 | 7 | static void gimli(uint32_t *state) 8 | { 9 | int round, column; 10 | uint32_t x, y, z; 11 | 12 | for (round = 24; round > 0; --round) { 13 | for (column = 0; column < 4; ++column) { 14 | x = rotate(state[ column], 24); 15 | y = rotate(state[4 + column], 9); 16 | z = state[8 + column]; 17 | state[8 + column] = x ^ (z << 1) ^ ((y&z) << 2); 18 | state[4 + column] = y ^ x ^ ((x|z) << 1); 19 | state[ column] = z ^ y ^ ((x&y) << 3); 20 | } 21 | if ((round & 3) == 0) { // small swap: pattern s...s...s... etc. 22 | x = state[0]; state[0] = state[1]; state[1] = x; 23 | x = state[2]; state[2] = state[3]; state[3] = x; 24 | } 25 | if ((round & 3) == 2) { // big swap: pattern ..S...S...S. etc. 26 | x = state[0]; state[0] = state[2]; state[2] = x; 27 | x = state[1]; state[1] = state[3]; state[3] = x; 28 | } 29 | if ((round & 3) == 0) // add constant: pattern c...c...c... etc. 30 | state[0] ^= (0x9e377900 | round); 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /nix/default.nix: -------------------------------------------------------------------------------- 1 | self: super: rec { 2 | spinalhdl = self.callPackage ./spinalhdl.nix { }; 3 | vexriscv = self.callPackage ./vexriscv.nix { }; 4 | pqvexriscv = self.callPackage ./pqvexriscv.nix { }; 5 | 6 | latexrun = super.latexrun.overrideAttrs (old: { 7 | patches = [ 8 | (self.fetchurl { 9 | url = 10 | "https://github.com/aslushnikov/latexrun/commit/566809a5b8feecc16a13033f3036b6a3c84e8ed7.patch"; 11 | sha256 = "00ygj0yddrv54h1m8j2mxp9qlqwyjyc294iwplk65kpqkc01gl72"; 12 | }) 13 | ]; 14 | }); 15 | 16 | scala_2_11 = super.scala_2_11.overrideAttrs (old: { 17 | installPhase = '' 18 | mkdir -p $out 19 | rm "bin/"*.bat 20 | mv * $out 21 | 22 | # put docs in correct subdirectory 23 | mkdir -p $out/share/doc 24 | mv $out/doc $out/share/doc/${old.name} 25 | mv $out/man $out/share/man 26 | 27 | for p in $(ls $out/bin/) ; do 28 | wrapProgram $out/bin/$p \ 29 | --prefix PATH ":" ${self.coreutils}/bin \ 30 | --prefix PATH ":" ${self.gnugrep}/bin \ 31 | --prefix PATH ":" ${self.jdk}/bin \ 32 | --set JAVA_HOME ${self.jdk}/lib/openjdk 33 | done 34 | ''; 35 | }); 36 | } 37 | -------------------------------------------------------------------------------- /Gimli/Permutation/c-ref.c: -------------------------------------------------------------------------------- 1 | #include "gimli.h" 2 | 3 | static uint32_t rotate(uint32_t x,int bits) 4 | { 5 | if (bits == 0) return x; 6 | return (x << bits) | (x >> (32 - bits)); 7 | } 8 | 9 | 10 | void gimli(uint32_t *state) 11 | { 12 | int round, column; 13 | uint32_t x, y, z; 14 | 15 | for (round = 24; round > 0; --round) { 16 | for (column = 0; column < 4; ++column) { 17 | x = rotate(state[ column], 24); 18 | y = rotate(state[4 + column], 9); 19 | z = state[8 + column]; 20 | state[8 + column] = x ^ (z << 1) ^ ((y&z) << 2); 21 | state[4 + column] = y ^ x ^ ((x|z) << 1); 22 | state[ column] = z ^ y ^ ((x&y) << 3); 23 | } 24 | if ((round & 3) == 0) { // small swap: pattern s...s...s... etc. 25 | x = state[0]; state[0] = state[1]; state[1] = x; 26 | x = state[2]; state[2] = state[3]; state[3] = x; 27 | } 28 | if ((round & 3) == 2) { // big swap: pattern ..S...S...S. etc. 29 | x = state[0]; state[0] = state[2]; state[2] = x; 30 | x = state[1]; state[1] = state[3]; state[3] = x; 31 | } 32 | if ((round & 3) == 0) // add constant: pattern c...c...c... etc. 33 | state[0] ^= (0x9e377900 | round); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /Ascon-128/Permutation/ascon.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | typedef uint64_t u64; 5 | typedef uint64_t U64; 6 | typedef uint8_t U8; 7 | typedef uint8_t u8; 8 | 9 | typedef struct { 10 | uint64_t x0, x1, x2, x3, x4; 11 | } state; 12 | 13 | void ascon_ref(state *s, int round_constant); 14 | void ascon_asm(state *s, int round_constant); 15 | void ascon_opt(state *s, int round_constant); 16 | void ascon_opt_2(state *s, int round_constant); 17 | 18 | inline static uint64_t __attribute__((always_inline)) 19 | BYTES_TO_U64(const uint8_t* bytes, int n) { 20 | int i; 21 | uint64_t x = 0; 22 | for (i = 0; i < n; i++) x |= ((uint64_t)bytes[i]) << (56 - 8 * i); 23 | return x; 24 | } 25 | 26 | inline static void __attribute__((always_inline)) 27 | U64_TO_BYTES(uint8_t* bytes, const uint64_t x, int n) { 28 | int i; 29 | for (i = 0; i < n; i++) bytes[i] = (uint8_t)(x >> (56 - 8 * i)); 30 | } 31 | 32 | inline static uint64_t __attribute__((always_inline)) 33 | BYTE_MASK(int n) { 34 | int i; 35 | uint64_t x = 0; 36 | for (i = 0; i < n; i++) x |= 0xffull << (56 - 8 * i); 37 | return x; 38 | } 39 | 40 | inline static uint64_t __attribute__((always_inline)) 41 | ROTR64(uint64_t x, int n) { return (x << (64 - n)) | (x >> n); } 42 | -------------------------------------------------------------------------------- /Ascon-128/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // do we have additional tests: void test_perm() 4 | #define ADDITIONAL 5 | 6 | #define crypto_aead_encrypt crypto_aead_encrypt_ref 7 | #define crypto_aead_encrypt_2 crypto_aead_encrypt_ref_asm 8 | #define crypto_aead_encrypt_3 crypto_aead_encrypt_ref_c 9 | #define crypto_aead_encrypt_4 crypto_aead_encrypt_opt64_C2_unrolled 10 | #define crypto_aead_encrypt_5 crypto_aead_encrypt_opt64_asm 11 | #define crypto_aead_encrypt_6 crypto_aead_encrypt_opt64_C_unrolled 12 | #define crypto_aead_encrypt_7 crypto_aead_encrypt_opt_C6 13 | #define crypto_aead_encrypt_8 crypto_aead_encrypt_bit_interleaving_32 14 | 15 | #define crypto_aead_decrypt crypto_aead_decrypt_ref 16 | #define crypto_aead_decrypt_2 crypto_aead_decrypt_ref_asm 17 | #define crypto_aead_decrypt_3 crypto_aead_decrypt_ref_c 18 | #define crypto_aead_decrypt_4 crypto_aead_decrypt_opt64_C2_unrolled 19 | #define crypto_aead_decrypt_5 crypto_aead_decrypt_opt64_asm 20 | #define crypto_aead_decrypt_6 crypto_aead_decrypt_opt64_C_unrolled 21 | #define crypto_aead_decrypt_7 crypto_aead_decrypt_opt_C6 22 | #define crypto_aead_decrypt_8 crypto_aead_decrypt_bit_interleaving_32 23 | 24 | #include "Permutation/ascon.h" 25 | #include "Permutation/test_perm.h" 26 | #include "crypto_aead/crypto_aead.h" 27 | #include "kat.h" 28 | -------------------------------------------------------------------------------- /Delirium_opt/ref/crypto_aead_ref.h: -------------------------------------------------------------------------------- 1 | #ifndef CRYPTO_AEAD_REF 2 | #define CRYPTO_AEAD_REF 3 | 4 | // generating a ciphertext c[0],c[1],...,c[*clen-1] 5 | // from a plaintext m[0],m[1],...,m[mlen-1] 6 | // and associated data ad[0],ad[1],...,ad[adlen-1] 7 | // and secret message number nsec[0],nsec[1],... 8 | // and public message number npub[0],npub[1],... 9 | // and secret key k[0],k[1],... 10 | int elephant_encrypt_ref( 11 | unsigned char *c, unsigned long long *clen, 12 | const unsigned char *m, unsigned long long mlen, 13 | const unsigned char *ad, unsigned long long adlen, 14 | const unsigned char *nsec, 15 | const unsigned char *npub, 16 | const unsigned char *k); 17 | 18 | // generating a plaintext m[0],m[1],...,m[*mlen-1] 19 | // and secret message number nsec[0],nsec[1],... 20 | // from a ciphertext c[0],c[1],...,c[clen-1] 21 | // and associated data ad[0],ad[1],...,ad[adlen-1] 22 | // and public message number npub[0],npub[1],... 23 | // and secret key k[0],k[1],... 24 | int elephant_decrypt_ref( 25 | unsigned char *m, unsigned long long *mlen, 26 | unsigned char *nsec, 27 | const unsigned char *c, unsigned long long clen, 28 | const unsigned char *ad, unsigned long long adlen, 29 | const unsigned char *npub, 30 | const unsigned char *k); 31 | 32 | #endif 33 | 34 | -------------------------------------------------------------------------------- /Ascon-128/crypto_aead/endian.h: -------------------------------------------------------------------------------- 1 | #ifndef ENDIAN_H_ 2 | #define ENDIAN_H_ 3 | 4 | #if defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ 5 | 6 | // macros for big endian machines 7 | #define U64BIG(x) (x) 8 | #define U32BIG(x) (x) 9 | #define U16BIG(x) (x) 10 | 11 | #elif defined(_MSC_VER) || \ 12 | (defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__) 13 | 14 | // macros for little endian machines 15 | #define U64BIG(x) \ 16 | ((((x) & 0x00000000000000FFULL) << 56) | (((x) & 0x000000000000FF00ULL) << 40) | \ 17 | (((x) & 0x0000000000FF0000ULL) << 24) | (((x) & 0x00000000FF000000ULL) << 8) | \ 18 | (((x) & 0x000000FF00000000ULL) >> 8) | (((x) & 0x0000FF0000000000ULL) >> 24) | \ 19 | (((x) & 0x00FF000000000000ULL) >> 40) | (((x) & 0xFF00000000000000ULL) >> 56)) 20 | #define U32BIG(x) \ 21 | ((((x) & 0x000000FF) << 24) | (((x) & 0x0000FF00) << 8) | \ 22 | (((x) & 0x00FF0000) >> 8) | (((x) & 0xFF000000) >> 24)) 23 | #define U16BIG(x) \ 24 | ((((x) & 0x00FF) << 8) | (((x) & 0xFF00) >> 8)) 25 | 26 | #else 27 | #error "ascon byte order macros not defined in endian.h" 28 | #endif 29 | 30 | #endif // ENDIAN_H_ 31 | 32 | -------------------------------------------------------------------------------- /Ascon-128/Permutation/ref.c: -------------------------------------------------------------------------------- 1 | #include "ascon.h" 2 | 3 | void ascon_ref(state *p, int round_constant) { 4 | state s = *p; 5 | state t; 6 | for (; round_constant > 0x3c; round_constant -= 15) { 7 | // addition of round constant 8 | s.x2 ^= (uint64_t)round_constant; 9 | // substitution layer 10 | s.x0 ^= s.x4; 11 | s.x4 ^= s.x3; 12 | s.x2 ^= s.x1; 13 | // start of keccak s-box 14 | t.x0 = ~s.x0; 15 | t.x1 = ~s.x1; 16 | t.x2 = ~s.x2; 17 | t.x3 = ~s.x3; 18 | t.x4 = ~s.x4; 19 | t.x0 &= s.x1; 20 | t.x1 &= s.x2; 21 | t.x2 &= s.x3; 22 | t.x3 &= s.x4; 23 | t.x4 &= s.x0; 24 | s.x0 ^= t.x1; 25 | s.x1 ^= t.x2; 26 | s.x2 ^= t.x3; 27 | s.x3 ^= t.x4; 28 | s.x4 ^= t.x0; 29 | // end of keccak s-box 30 | s.x1 ^= s.x0; 31 | s.x0 ^= s.x4; 32 | s.x3 ^= s.x2; 33 | s.x2 = ~s.x2; 34 | // linear diffusion layer 35 | s.x0 ^= ROTR64(s.x0, 19) ^ ROTR64(s.x0, 28); 36 | s.x1 ^= ROTR64(s.x1, 61) ^ ROTR64(s.x1, 39); 37 | s.x2 ^= ROTR64(s.x2, 1) ^ ROTR64(s.x2, 6); 38 | s.x3 ^= ROTR64(s.x3, 10) ^ ROTR64(s.x3, 17); 39 | s.x4 ^= ROTR64(s.x4, 7) ^ ROTR64(s.x4, 41); 40 | } 41 | *p = s; 42 | } 43 | -------------------------------------------------------------------------------- /rweather/Gimli/res-vex.txt: -------------------------------------------------------------------------------- 1 | ################################# 2 | test vector crypto_hash checked. 3 | --------------------------------- 4 | length (Bytes) Ref Optimized 5 | 0 4297 4297 6 | 1 4299 4299 7 | 2 4310 4310 8 | 4 4332 4332 9 | 8 4376 4376 10 | 16 6521 6521 11 | 32 8746 8746 12 | ################################# 13 | test vector crypto_aead checked. 14 | --------------------------------- 15 | adlen mlen Ref Optimized 16 | 0 0 6468 6468 17 | 1 0 6473 6473 18 | 2 0 6484 6484 19 | 4 0 6506 6506 20 | 8 0 6550 6550 21 | 16 0 8680 8680 22 | 32 0 10889 10889 23 | 1 1 6635 6635 24 | 2 1 6646 6646 25 | 4 1 6668 6668 26 | 8 1 6712 6712 27 | 16 1 8842 8842 28 | 32 1 11051 11051 29 | 1 2 6648 6648 30 | 2 2 6659 6659 31 | 4 2 6681 6681 32 | 8 2 6725 6725 33 | 16 2 8855 8855 34 | 32 2 11064 11064 35 | 1 4 6519 6519 36 | 2 4 6530 6530 37 | 4 4 6552 6552 38 | 8 4 6596 6596 39 | 16 4 8726 8726 40 | 32 4 10935 10935 41 | 1 8 6571 6571 42 | 2 8 6582 6582 43 | 4 8 6604 6604 44 | 8 8 6648 6648 45 | 16 8 8778 8778 46 | 32 8 10987 10987 47 | 1 16 8719 8719 48 | 2 16 8730 8730 49 | 4 16 8752 8752 50 | 8 16 8796 8796 51 | 16 16 10926 10926 52 | 32 16 13135 13135 53 | 1 32 10961 10961 54 | 2 32 10972 10972 55 | 4 32 10994 10994 56 | 8 32 11038 11038 57 | 16 32 13168 13168 58 | 32 32 15377 15377 -------------------------------------------------------------------------------- /murax/bsp/vexriscv/vexriscv.mk: -------------------------------------------------------------------------------- 1 | PLATFORM ?= murax 2 | 3 | LIBWRAP_CFLAGS += -Os -Wall -Wextra 4 | LIBWRAP_CFLAGS += $(RISCV_ARCHFLAGS_GCC) -fstrict-volatile-bitfields --specs=nosys.specs 5 | 6 | ifeq ($(PLATFORM),murax) 7 | LIBWRAP_CFLAGS += -DVEXRISCV_VOLATILE 8 | endif 9 | 10 | ifeq ($(PLATFORM),pqvexriscvup5k) 11 | LIBWRAP_CFLAGS += -DVEXRISCV_VOLATILE -DVEXRISCV_RWMTVEC 12 | endif 13 | 14 | ifeq ($(PLATFORM),pqvexriscvicoboard) 15 | LIBWRAP_CFLAGS += -DVEXRISCV_VOLATILE -DVEXRISCV_RWMTVEC 16 | endif 17 | 18 | ifeq ($(PLATFORM),pqvexriscvsim) 19 | LIBWRAP_CFLAGS += -DVEXRISCV_RWMTVEC 20 | endif 21 | 22 | LIBWRAP_DIR := $(dir $(lastword $(MAKEFILE_LIST))) 23 | 24 | LIBWRAP_SRCS_C = init.c 25 | LIBWRAP_SRCS_ASM = start.s 26 | 27 | LIBWRAP_OBJS_ = $(LIBWRAP_SRCS_C:.c=.o) $(LIBWRAP_SRCS_ASM:.s=.o) 28 | LIBWRAP_OBJS = $(addprefix $(LIBWRAP_DIR)$(PLATFORM)_,$(LIBWRAP_OBJS_)) 29 | 30 | LIBWRAP = lib$(PLATFORM)bsp.a 31 | 32 | $(LIBWRAP): $(LIBWRAP_OBJS) 33 | @$(ECHO) $(LIGHTBLUE)"building "$@""$(DARKGRAY) 34 | $(AR) rcs $@ $^ 35 | 36 | $(LIBWRAP_DIR)$(PLATFORM)_%.o: $(LIBWRAP_DIR)%.c 37 | @$(ECHO) $(DARKBLUE)"building "$@" (.c)"$(DARKGRAY) 38 | $(GCC) $(LIBWRAP_CFLAGS) -c -o $@ $< 39 | 40 | $(LIBWRAP_DIR)$(PLATFORM)_%.o: $(LIBWRAP_DIR)%.S 41 | @$(ECHO) $(DARKBLUE)"building "$@" (.S)"$(DARKGRAY) 42 | $(GCC) $(LIBWRAP_CFLAGS) -c -o $@ $< 43 | -------------------------------------------------------------------------------- /Ascon-128/Permutation/opt.c: -------------------------------------------------------------------------------- 1 | #include "ascon.h" 2 | 3 | // This is a translation of the optimizations made in asm.S. 4 | // It does not manually split 64-bit words into 32-bit words. 5 | // It does include the optimized sbox formula. 6 | 7 | void ascon_opt(state *p, int round_constant) { 8 | uint64_t s0 = p->x0; 9 | uint64_t s1 = p->x1; 10 | uint64_t s2 = p->x2; 11 | uint64_t s3 = p->x3; 12 | uint64_t s4 = p->x4; 13 | uint64_t t0, t1, t2; 14 | uint64_t r0, r1, r2, r3, r4; 15 | for (; round_constant > 0x3c; round_constant -= 15) { 16 | // addition of round constant 17 | s2 ^= (uint64_t)round_constant; 18 | // substitution layer 19 | t0 = s1 ^ s2; 20 | t1 = s0 ^ s4; 21 | t2 = s3 ^ s4; 22 | s4 = ~s4; 23 | s4 = s4 | s3; 24 | r2 = s4 ^ t0; 25 | s3 = s3 ^ s1; 26 | s3 = s3 | t0; 27 | r1 = s3 ^ t1; 28 | s2 = s2 ^ t1; 29 | s2 = s2 | s1; 30 | r0 = s2 ^ t2; 31 | t1 = ~t1; 32 | s1 = s1 & t1; 33 | r4 = s1 ^ t2; 34 | s0 = s0 | t2; 35 | r3 = s0 ^ t0; 36 | // linear diffusion layer 37 | s0 = r0 ^ ROTR64(r0, 19) ^ ROTR64(r0, 28); 38 | s1 = r1 ^ ROTR64(r1, 61) ^ ROTR64(r1, 39); 39 | s2 = r2 ^ ROTR64(r2, 1) ^ ROTR64(r2, 6); 40 | s3 = r3 ^ ROTR64(r3, 10) ^ ROTR64(r3, 17); 41 | s4 = r4 ^ ROTR64(r4, 7) ^ ROTR64(r4, 41); 42 | } 43 | p->x0 = s0; 44 | p->x1 = s1; 45 | p->x2 = s2; 46 | p->x3 = s3; 47 | p->x4 = s4; 48 | } 49 | -------------------------------------------------------------------------------- /Delirium_opt/opt/crypto_aead.h: -------------------------------------------------------------------------------- 1 | #ifndef CRYPTO_AEAD 2 | #define CRYPTO_AEAD 3 | 4 | // generating a ciphertext c[0],c[1],...,c[*clen-1] 5 | // from a plaintext m[0],m[1],...,m[mlen-1] 6 | // and associated data ad[0],ad[1],...,ad[adlen-1] 7 | // and secret message number nsec[0],nsec[1],... 8 | // and public message number npub[0],npub[1],... 9 | // and secret key k[0],k[1],... 10 | int elephant_encrypt(unsigned char *c, unsigned long long *clen, 11 | const unsigned char *m, unsigned long long mlen, 12 | const unsigned char *ad, unsigned long long adlen, 13 | const unsigned char *nsec, const unsigned char *npub, 14 | const unsigned char *k); 15 | 16 | // generating a plaintext m[0],m[1],...,m[*mlen-1] 17 | // and secret message number nsec[0],nsec[1],... 18 | // from a ciphertext c[0],c[1],...,c[clen-1] 19 | // and associated data ad[0],ad[1],...,ad[adlen-1] 20 | // and public message number npub[0],npub[1],... 21 | // and secret key k[0],k[1],... 22 | int elephant_decrypt(unsigned char *m, unsigned long long *mlen, 23 | unsigned char *nsec, const unsigned char *c, 24 | unsigned long long clen, const unsigned char *ad, 25 | unsigned long long adlen, const unsigned char *npub, 26 | const unsigned char *k); 27 | 28 | #endif 29 | -------------------------------------------------------------------------------- /gen-tree-rweather.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | 3 | import os 4 | import glob 5 | import sys 6 | from utils.tools import read, save, bcolors 7 | from os import listdir 8 | 9 | if __name__ == "__main__": 10 | action = 'install'; 11 | if len(sys.argv) > 1: 12 | action = sys.argv[1] 13 | 14 | ciphers = [f for f in os.listdir('rweather-repo/src/individual') if not f == 'Makefile'] 15 | 16 | if action == 'install': 17 | for cipher in ciphers: 18 | if not os.path.isdir('rweather/' + cipher) : 19 | os.mkdir('rweather/' + cipher) 20 | src = '../../rweather-repo/src/individual/' + cipher 21 | dst = 'rweather/' + cipher + '/src' 22 | try: 23 | os.symlink(src, dst) 24 | print('set up symbolic link to ' + dst) 25 | except: 26 | print('link to ' + src + ' already exists!') 27 | 28 | if action == 'remove' or action == 'uninstall': 29 | for cipher in ciphers: 30 | if os.path.isdir('rweather/' + cipher) : 31 | if os.path.exists('rweather/' + cipher + '/src') : 32 | os.unlink('rweather/' + cipher + '/src') 33 | print('removed symbolic link rweather/' + cipher + '/src') 34 | else: 35 | print('rweather/' + cipher + '/src not found') 36 | 37 | -------------------------------------------------------------------------------- /murax/hal-vexriscv.c: -------------------------------------------------------------------------------- 1 | #include "hal.h" 2 | #include 3 | 4 | /* Murax UART */ 5 | 6 | typedef struct { 7 | volatile uint32_t DATA; 8 | volatile uint32_t STATUS; 9 | volatile uint32_t CLOCK_DIVIDER; 10 | volatile uint32_t FRAME_CONFIG; 11 | } Uart_Reg; 12 | 13 | enum UartParity { NONE = 0, EVEN = 1, ODD = 2 }; 14 | enum UartStop { ONE = 0, TWO = 1 }; 15 | 16 | typedef struct { 17 | uint32_t dataLength; 18 | enum UartParity parity; 19 | enum UartStop stop; 20 | uint32_t clockDivider; 21 | } Uart_Config; 22 | 23 | static uint32_t uart_writeAvailability(Uart_Reg* reg) 24 | { 25 | return (reg->STATUS >> 16) & 0xFF; 26 | } 27 | 28 | static void uart_write(Uart_Reg* reg, uint32_t data) 29 | { 30 | while (uart_writeAvailability(reg) == 0) 31 | ; 32 | reg->DATA = data; 33 | } 34 | 35 | #define UART ((Uart_Reg*)(0xF0010000)) 36 | 37 | void hal_send(const uint8_t* in, const size_t len) { 38 | for (size_t i = 0; i < len; i++) { 39 | uart_write(UART, in[i]); 40 | } 41 | } 42 | 43 | void hal_send_str(const char* in) 44 | { 45 | const char* cur = in; 46 | while(*cur) { 47 | uart_write(UART, *cur); 48 | cur += 1; 49 | } 50 | } 51 | 52 | __attribute__((naked)) uint64_t hal_get_time(void) 53 | { 54 | #define LE "\n\t" 55 | asm volatile (LE"csrr a1, mcycleh" 56 | LE"csrr a0, mcycle" 57 | LE"csrr a2, mcycleh" 58 | LE"bne a1, a2, hal_get_time" 59 | LE"ret"); 60 | } 61 | -------------------------------------------------------------------------------- /sifive.mk: -------------------------------------------------------------------------------- 1 | TARGET := main.elf 2 | C_TARGET := $(TARGET:.elf=.c) 3 | 4 | .PHONY: all 5 | all: $(TARGET) 6 | 7 | include sifive_sdk/libwrap/libwrap.mk 8 | 9 | # SDK 10 | SDK_ASM_SRCS := $(wildcard sifive_sdk/*.S) 11 | SDK_C_SRCS := $(wildcard sifive_sdk/*.c) 12 | SDK_C_OBJS := $(SDK_C_SRCS:.c=.o) 13 | SDK_ASM_OBJS := $(SDK_ASM_SRCS:.S=.o) 14 | SDK_OBJS := $(SDK_C_OBJS) $(SDK_ASM_OBJS) 15 | 16 | #flags: 17 | LDSCRIPT := sifive_sdk/flash.lds 18 | INCLUDES := -Isifive_sdk/include -Iutils -I$(RISCVPATH)/include 19 | # INCLUDES_C := -include sys/cdefs.h 20 | 21 | OPTS ?= $(OPT3) 22 | 23 | COMMON_CFLAGS := -g -fno-builtin-printf \ 24 | -Wno-unused-parameter \ 25 | -Wall -Wextra -Wredundant-decls \ 26 | -Wshadow -Wno-unused-function \ 27 | -fno-common 28 | # -Wundef 29 | 30 | LDFLAGS += -static -T$(LDSCRIPT) -nostartfiles \ 31 | -Lsdk --specs=nano.specs -Wl,--gc-sections 32 | 33 | 34 | DUMP := $(TARGET:.elf=.dump) 35 | LOG := $(TARGET:.elf=.log) # to modify in watch.sh 36 | 37 | objdump: $(TARGET) 38 | @$(ECHO) $(LIGHTPURPLE)"Disassembling "$@$(DARKGRAY) 39 | $(OBJDUMP) -D $(TARGET) > $(DUMP) 40 | 41 | 42 | upload: $(TARGET) 43 | @$(ECHO) $(PURPLE)"Uploading "$<$(DARKGRAY) 44 | -rm -f $(LOG) 45 | sudo ./upload.sh $< 46 | 47 | reset: main-valid.elf 48 | @$(ECHO) $(PURPLE)"Reseting board by uploading "$<$(DARKGRAY) 49 | -rm -f $(LOG) 50 | sudo ./upload.sh $< > /dev/null 2>&1 51 | -------------------------------------------------------------------------------- /xoodyak/ref/Xoodyak.c: -------------------------------------------------------------------------------- 1 | /* 2 | Implementation by Ronny Van Keer, hereby denoted as "the implementer". 3 | 4 | For more information, feedback or questions, please refer to our website: 5 | https://keccak.team/ 6 | 7 | To the extent possible under law, the implementer has waived all copyright 8 | and related or neighboring rights to the source code in this file. 9 | http://creativecommons.org/publicdomain/zero/1.0/ 10 | */ 11 | 12 | #ifdef XoodooReference 13 | #include "displayIntermediateValues.h" 14 | #endif 15 | 16 | #include 17 | #include 18 | #include "Xoodyak.h" 19 | 20 | #ifdef OUTPUT 21 | #include 22 | #include 23 | 24 | static void displayByteString(FILE *f, const char* synopsis, const uint8_t *data, unsigned int length); 25 | static void displayByteString(FILE *f, const char* synopsis, const uint8_t *data, unsigned int length) 26 | { 27 | unsigned int i; 28 | 29 | fprintf(f, "%s:", synopsis); 30 | for(i=0; i ", dest(x, y)) 17 | 18 | print(destinations) 19 | 20 | start = 1 21 | print('x = A[{}]'.format(1)) 22 | for x in range(24): 23 | save = start 24 | start = destinations.index(start) 25 | if x < 23: 26 | print('A[{}] = A[{}];'.format(save, start)) 27 | else: 28 | print('A[{}] = x;'.format(save)) 29 | 30 | print('--------------------------------------') 31 | for x in range(5): 32 | x1 = (x + 1) % 5 33 | x2 = (x + 4) % 5 34 | print('D[{}] = ROL32(C[{}], 4) ^ C[{}]'.format( 35 | x, x1, x2)) 36 | 37 | print('---------------------------------------') 38 | 39 | for y in range(5): 40 | for x in range(5): 41 | print('C[{}] = A[{}] ^ ((~A[{}]) & A[{}]);'.format(x, 42 | index(x, y), 43 | index(x + 1, y), 44 | index(x + 2, y))) 45 | for x in range(5): 46 | print('A[{}] = C[{}];'.format(index(x, y), 47 | x)) 48 | -------------------------------------------------------------------------------- /xoodyak/asm/Xoodyak.c: -------------------------------------------------------------------------------- 1 | /* 2 | Implementation by Ronny Van Keer, hereby denoted as "the implementer". 3 | 4 | For more information, feedback or questions, please refer to our website: 5 | https://keccak.team/ 6 | 7 | To the extent possible under law, the implementer has waived all copyright 8 | and related or neighboring rights to the source code in this file. 9 | http://creativecommons.org/publicdomain/zero/1.0/ 10 | */ 11 | 12 | #ifdef XoodooReference 13 | #include "displayIntermediateValues.h" 14 | #endif 15 | 16 | #include 17 | #include 18 | #include "Xoodyak.h" 19 | 20 | #ifdef OUTPUT 21 | #include 22 | #include 23 | 24 | static void displayByteString(FILE *f, const char* synopsis, const uint8_t *data, unsigned int length); 25 | static void displayByteString(FILE *f, const char* synopsis, const uint8_t *data, unsigned int length) 26 | { 27 | unsigned int i; 28 | 29 | fprintf(f, "%s:", synopsis); 30 | for(i=0; i 17 | #include 18 | #include "Xoodyak.h" 19 | 20 | #ifdef OUTPUT 21 | #include 22 | #include 23 | 24 | static void displayByteString(FILE *f, const char* synopsis, const uint8_t *data, unsigned int length); 25 | static void displayByteString(FILE *f, const char* synopsis, const uint8_t *data, unsigned int length) 26 | { 27 | unsigned int i; 28 | 29 | fprintf(f, "%s:", synopsis); 30 | for(i=0; i 17 | #include 18 | #include "Xoodyak.h" 19 | 20 | #ifdef OUTPUT 21 | #include 22 | #include 23 | 24 | static void displayByteString(FILE *f, const char* synopsis, const uint8_t *data, unsigned int length); 25 | static void displayByteString(FILE *f, const char* synopsis, const uint8_t *data, unsigned int length) 26 | { 27 | unsigned int i; 28 | 29 | fprintf(f, "%s:", synopsis); 30 | for(i=0; i. 13 | - Build and install openocd-vexriscv (https://github.com/SpinalHDL/openocd_riscv) 14 | 15 | libyaml-dev 16 | 17 | python3.7-dbg 18 | 19 | ## Workflow 20 | 21 | - Start 3 terminals. 22 | - In terminal 1: `cd` to `murax/`. 23 | - In terminal 2 & 3: `cd` to your `pqriscv-vexriscv` repo. 24 | - In terminal 1: run `make clean` and then `make`. This will build an example main file (currently located at `murax/main.c`). 25 | See `murax/Makefile` for more details. 26 | - In terminal 2: run `sbt "runMain mupq.PQVexRiscvSim --ram 256,128"` to start the simulator. 27 | Note, the simulator will forever run, and will keep a core on your machine busy until it is terminated. 28 | - In terminal 3: run `openocd-vexriscv --file pqvexriscvsim.cfg` 29 | - In terminal 1: run the following GDB command: 30 | 31 | ```shell 32 | /opt/riscv/bin/riscv64-unknown-elf-gdb -ex 'set remotetimeout 15' -ex 'target remote :3333' -ex 'load' -ex 'break main' -ex 'continue' main 33 | # set remotetimeout 15 set the timout of the remote (openocd) to 15 seconds 34 | # target remote :3333 connect to `openocd-vexriscv` on localhost:3333 35 | # load load `main` onto the simulated core 36 | # break main set a breakpoint on main 37 | # continue start running (until we hit main) 38 | ``` 39 | 40 | ## Important notes 41 | 42 | - ALWAYS call `make clean` before calling `make`. 43 | - I chose to not call the contructors in libc! Do **not** rely on them! 44 | -------------------------------------------------------------------------------- /sifive_sdk/include/prci.h: -------------------------------------------------------------------------------- 1 | // See LICENSE for license details. 2 | 3 | #ifndef _SIFIVE_PRCI_H 4 | #define _SIFIVE_PRCI_H 5 | 6 | /* Register offsets */ 7 | 8 | #define PRCI_HFROSCCFG (0x0000) 9 | #define PRCI_HFXOSCCFG (0x0004) 10 | #define PRCI_PLLCFG (0x0008) 11 | #define PRCI_PLLDIV (0x000C) 12 | #define PRCI_PROCMONCFG (0x00F0) 13 | 14 | /* Fields */ 15 | #define ROSC_DIV(x) (((x) & 0x2F) << 0 ) 16 | #define ROSC_TRIM(x) (((x) & 0x1F) << 16) 17 | #define ROSC_EN(x) (((x) & 0x1 ) << 30) 18 | #define ROSC_RDY(x) (((x) & 0x1 ) << 31) 19 | 20 | #define XOSC_EN(x) (((x) & 0x1) << 30) 21 | #define XOSC_RDY(x) (((x) & 0x1) << 31) 22 | 23 | #define PLL_R(x) (((x) & 0x7) << 0) 24 | // single reserved bit for F LSB. 25 | #define PLL_F(x) (((x) & 0x3F) << 4) 26 | #define PLL_Q(x) (((x) & 0x3) << 10) 27 | #define PLL_SEL(x) (((x) & 0x1) << 16) 28 | #define PLL_REFSEL(x) (((x) & 0x1) << 17) 29 | #define PLL_BYPASS(x) (((x) & 0x1) << 18) 30 | #define PLL_LOCK(x) (((x) & 0x1) << 31) 31 | 32 | #define PLL_R_default 0x1 33 | #define PLL_F_default 0x1F 34 | #define PLL_Q_default 0x3 35 | 36 | #define PLL_REFSEL_HFROSC 0x0 37 | #define PLL_REFSEL_HFXOSC 0x1 38 | 39 | #define PLL_SEL_HFROSC 0x0 40 | #define PLL_SEL_PLL 0x1 41 | 42 | #define PLL_FINAL_DIV(x) (((x) & 0x3F) << 0) 43 | #define PLL_FINAL_DIV_BY_1(x) (((x) & 0x1 ) << 8) 44 | 45 | #define PROCMON_DIV(x) (((x) & 0x1F) << 0) 46 | #define PROCMON_TRIM(x) (((x) & 0x1F) << 8) 47 | #define PROCMON_EN(x) (((x) & 0x1) << 16) 48 | #define PROCMON_SEL(x) (((x) & 0x3) << 24) 49 | #define PROCMON_NT_EN(x) (((x) & 0x1) << 28) 50 | 51 | #define PROCMON_SEL_HFCLK 0 52 | #define PROCMON_SEL_HFXOSCIN 1 53 | #define PROCMON_SEL_PLLOUTDIV 2 54 | #define PROCMON_SEL_PROCMON 3 55 | 56 | #endif // _SIFIVE_PRCI_H 57 | -------------------------------------------------------------------------------- /xoodyak/base.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | // #define ADDITIONAL 4 | #define NO_CHECK 5 | 6 | #include "kat.h" 7 | #include "ref/crypto_aead.h" 8 | #include "ref/crypto_hash.h" 9 | #include "asm/crypto_aead.h" 10 | #include "asm/crypto_hash.h" 11 | #include "rw_lu/crypto_aead.h" 12 | #include "rw_lu/crypto_hash.h" 13 | #include "lc/crypto_aead.h" 14 | #include "lc/crypto_hash.h" 15 | 16 | #define crypto_aead_encrypt crypto_aead_encrypt_ref 17 | #define crypto_aead_decrypt crypto_aead_decrypt_ref 18 | #define crypto_aead_encrypt_2 crypto_aead_encrypt_asm 19 | #define crypto_aead_decrypt_2 crypto_aead_decrypt_asm 20 | #define crypto_aead_encrypt_3 crypto_aead_encrypt_rw_lu 21 | #define crypto_aead_decrypt_3 crypto_aead_decrypt_rw_lu 22 | #define crypto_aead_encrypt_4 crypto_aead_encrypt_lc 23 | #define crypto_aead_decrypt_4 crypto_aead_decrypt_lc 24 | //#define crypto_aead_encrypt_2 schwaemm_128_128_aead_encrypt 25 | //#define crypto_aead_decrypt_2 schwaemm_128_128_aead_decrypt 26 | //#define crypto_aead_encrypt_3 schwaemm_192_192_aead_encrypt 27 | //#define crypto_aead_decrypt_3 schwaemm_192_192_aead_decrypt 28 | //#define crypto_aead_encrypt_4 schwaemm_256_256_aead_encrypt 29 | //#define crypto_aead_decrypt_4 schwaemm_256_256_aead_decrypt 30 | 31 | #define crypto_hash crypto_hash_ref 32 | #define crypto_hash_2 crypto_hash_asm 33 | #define crypto_hash_3 crypto_hash_rw_lu 34 | #define crypto_hash_4 crypto_hash_lc 35 | 36 | // LM + FC results 37 | // #define crypto_aead_encrypt_2 schwaemm_256_128_aead_encrypt_opt_c 38 | // #define crypto_aead_decrypt_2 schwaemm_256_128_aead_decrypt_opt_c 39 | 40 | // #define crypto_aead_encrypt_3 schwaemm_256_128_aead_encrypt_asm 41 | // #define crypto_aead_decrypt_3 schwaemm_256_128_aead_decrypt_asm 42 | 43 | // #define crypto_hash_2 esch_256_hash_opt_c 44 | // #define crypto_hash_3 esch_256_hash_asm 45 | 46 | -------------------------------------------------------------------------------- /Keccak/Permutation/test_perm.c: -------------------------------------------------------------------------------- 1 | #include "test_perm.h" 2 | 3 | unsigned int __attribute__((noinline)) 4 | fn_test1(void fn(const uint32_t *), uint32_t *x) { 5 | uint64_t oldcount, newcount; 6 | fn(x); 7 | oldcount = getcycles(); 8 | fn(x); 9 | newcount = getcycles(); 10 | return (unsigned int)(newcount - oldcount); 11 | } 12 | 13 | static void check_test() { 14 | 15 | uint32_t lanes[50] = {0}; 16 | uint32_t lanes2[50] = {0}; 17 | 18 | // Generate round keys 19 | // Ko code 20 | keccakf1600(lanes); 21 | keccakf1600_C(lanes2); 22 | 23 | // Print ciphertext 24 | // Print all round keys 25 | if (memcmp(lanes, lanes2, 50 * 4)) { 26 | printf("out:\n"); 27 | for (unsigned int i = 0; i < 50; ++i) { 28 | printf("lanes[%2d] = %08x", i, (unsigned int)lanes[i]); 29 | printf(" lanes2[%2d] = %08x", i, (unsigned int)lanes2[i]); 30 | printf("\n"); 31 | } 32 | } else { 33 | printf("Permutation is correct.\n"); 34 | } 35 | printf("---------------------------\n"); 36 | } 37 | 38 | static void speed_test() { 39 | uint32_t lanes[50] = {0}; 40 | 41 | int i; 42 | unsigned int time1, time2; 43 | void *ks_1 = &keccakf1600; 44 | void *ks_2 = &keccakf1600_C; 45 | 46 | for (i = 0; i < 20; i++) 47 | time1 = fn_test1(ks_1, lanes); 48 | for (i = 0; i < 20; i++) 49 | time2 = fn_test1(ks_2, lanes); 50 | printf("---------------------------\n"); 51 | printf("ASM took %d cycles.\n", time1); 52 | printf("---------------------------\n"); 53 | printf("Optimized C took %d cycles.\n", time2); 54 | } 55 | 56 | void test_perm() { 57 | printf("######################\n"); 58 | check_test(); 59 | printf("######################\n"); 60 | speed_test(); 61 | } 62 | -------------------------------------------------------------------------------- /riscvOVPsim.mk: -------------------------------------------------------------------------------- 1 | TARGET := mainOVP.elf 2 | C_TARGET := main.c 3 | 4 | .PHONY: all 5 | all: $(TARGET) 6 | 7 | PLATFORM=riscvOVPsim 8 | 9 | #LDSCRIPT = $(PLATFORM).ld 10 | 11 | #LDFLAGS = -L$(PATH_RISCV)lib/gcc/riscv64-unknown-elf/9.2.0/rv32imac/ilp32 12 | #LDFLAGS += -L$(RISCVPATH)lib/rv32imac/ilp32 13 | #LDFLAGS += -specs=nosys.specs 14 | #LDFLAGS += -Wl,-T$(LDSCRIPT) 15 | #LDFLAGS += -nostartfiles -ffreestanding -Wl,--gc-sections 16 | #LDFLAGS += -L. 17 | #LDFLAGS += -Wl,--start-group -l$(PLATFORM)bsp -lc -Wl,--end-group 18 | 19 | INCLUDES := -Iutils -I$(RISCVPATH)/include 20 | 21 | OPTS ?= $(OPT3) 22 | 23 | #include murax/bsp/vexriscv/vexriscv.mk 24 | 25 | # SDK 26 | #SDK_ASM_SRCS := $(wildcard murax/*.S) 27 | #SDK_H := $(wildcard murax/*.h) 28 | #SDK_C_SRCS := $(filter-out murax/main.c, $(wildcard murax/*.c)) $(wildcard murax/nosys/*.c) 29 | #SDK_C_OBJS := $(SDK_C_SRCS:.c=.o) 30 | #SDK_ASM_OBJS := $(SDK_ASM_SRCS:.S=.o) 31 | #SDK_OBJS := $(SDK_C_OBJS) $(SDK_ASM_OBJS) 32 | 33 | 34 | COMMON_CFLAGS := -g -fno-builtin-printf \ 35 | -Wno-unused-parameter \ 36 | -Wall -Wextra -Wredundant-decls \ 37 | -Wshadow -Wno-unused-function \ 38 | -fno-common 39 | 40 | #COMMON_CFLAGS := -g $(OPTS) -march=rv32imc -mabi=ilp32 41 | 42 | 43 | help: 44 | @$(ECHO) $(RED)"Compile & Simulate"$(DARKGRAY) 45 | @$(ECHO) $(LIGHTGRAY)"1. "$(CYAN)"make"$(DARKGRAY) 46 | @$(ECHO) $(LIGHTGRAY)"2. "$(CYAN)"make startsim"$(DARKGRAY) 47 | 48 | startsim: $(TARGET) 49 | @$(ECHO) $(CYAN)'./riscvOVPsim/bin/Linux64/riscvOVPsim.exe --program $(TARGET) --variant RV32IMC'$(DARKGRAY) 50 | @cd riscvOVPsim/bin/Linux64/ ; \ 51 | ./riscvOVPsim.exe --program ../../../$(TARGET) --variant RV32IMC 52 | 53 | objdump: $(TARGET) 54 | @$(ECHO) $(LIGHTPURPLE)"Disassembling "$@$(DARKGRAY) 55 | $(OBJDUMP) -d $(TARGET) > main.dump 56 | -------------------------------------------------------------------------------- /Instructions/Instr/test_perm.c: -------------------------------------------------------------------------------- 1 | #include "test_perm.h" 2 | 3 | unsigned int __attribute__((noinline)) fn_test(void fn(uint8_t *), uint8_t *x) { 4 | uint64_t oldcount, newcount; 5 | fn(x); 6 | oldcount = getcycles(); 7 | fn(x); 8 | newcount = getcycles(); 9 | return (unsigned int)(newcount - oldcount); 10 | } 11 | 12 | #define stringify(x) #x 13 | #define run_test(funname) \ 14 | fn = &funname; \ 15 | for (i = 0; i < 20; i++) \ 16 | time1 = fn_test(fn, var); \ 17 | printf("---------------------------\n"); \ 18 | printf("%d cycles: " stringify(funname) "\n", time1); 19 | 20 | static void speed_test() { 21 | uint8_t var[10 * 4] = {0}; 22 | 23 | int i; 24 | unsigned int time1; 25 | void *fn; 26 | 27 | run_test(instr_empty); 28 | printf("---------------------------\n"); 29 | printf("\n"); 30 | run_test(instr_lb); 31 | run_test(instr_sb); 32 | run_test(instr_lw); 33 | run_test(instr_sw); 34 | printf("---------------------------\n"); 35 | printf("\n"); 36 | run_test(instr_addi); 37 | run_test(instr_add); 38 | run_test(instr_andi); 39 | run_test(instr_and); 40 | run_test(instr_ori); 41 | run_test(instr_or); 42 | run_test(instr_slli); 43 | run_test(instr_sll); 44 | run_test(instr_srai); 45 | run_test(instr_sra); 46 | run_test(instr_srli); 47 | run_test(instr_srl); 48 | run_test(instr_sub); 49 | run_test(instr_xori); 50 | run_test(instr_xor); 51 | printf("---------------------------\n"); 52 | } 53 | 54 | void test_perm() { 55 | printf("######################\n"); 56 | speed_test(); 57 | } 58 | -------------------------------------------------------------------------------- /saturnin/crypto_aead/crypto_aead.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | #include 5 | 6 | int crypto_aead_encrypt( 7 | unsigned char *c, unsigned long long *clen, 8 | const unsigned char *m, unsigned long long mlen, 9 | const unsigned char *ad, unsigned long long adlen, 10 | const unsigned char *nsec, 11 | const unsigned char *npub, 12 | const unsigned char *k); 13 | 14 | int crypto_aead_encrypt_asm( 15 | unsigned char *c, unsigned long long *clen, 16 | const unsigned char *m, unsigned long long mlen, 17 | const unsigned char *ad, unsigned long long adlen, 18 | const unsigned char *nsec, 19 | const unsigned char *npub, 20 | const unsigned char *k); 21 | 22 | int crypto_aead_encrypt_bs32x( 23 | unsigned char *c, unsigned long long *clen, 24 | const unsigned char *m, unsigned long long mlen, 25 | const unsigned char *ad, unsigned long long adlen, 26 | const unsigned char *nsec, 27 | const unsigned char *npub, 28 | const unsigned char *k); 29 | 30 | int crypto_aead_decrypt( 31 | unsigned char *m, unsigned long long *mlen, 32 | unsigned char *nsec, 33 | const unsigned char *c, unsigned long long clen, 34 | const unsigned char *ad, unsigned long long adlen, 35 | const unsigned char *npub, 36 | const unsigned char *k); 37 | 38 | int crypto_aead_decrypt_asm( 39 | unsigned char *m, unsigned long long *mlen, 40 | unsigned char *nsec, 41 | const unsigned char *c, unsigned long long clen, 42 | const unsigned char *ad, unsigned long long adlen, 43 | const unsigned char *npub, 44 | const unsigned char *k); 45 | 46 | int crypto_aead_decrypt_bs32x( 47 | unsigned char *m, unsigned long long *mlen, 48 | unsigned char *nsec, 49 | const unsigned char *c, unsigned long long clen, 50 | const unsigned char *ad, unsigned long long adlen, 51 | const unsigned char *npub, 52 | const unsigned char *k); 53 | -------------------------------------------------------------------------------- /murax/bsp/vexriscv/Makefile: -------------------------------------------------------------------------------- 1 | NO_COLOR="\033[0m" 2 | RED = "\033[38;5;009m" 3 | GREEN = "\033[38;5;010m" 4 | YELLOW = "\033[38;5;011m" 5 | ORANGE = "\033[38;5;214m" 6 | LIGHTPURPLE = "\033[38;5;177m" 7 | PURPLE = "\033[38;5;135m" 8 | CYAN = "\033[38;5;014m" 9 | LIGHTBLUE = "\033[38;5;39m" 10 | BLUE = "\033[38;5;27m" 11 | DARKBLUE = "\033[38;5;19m" 12 | LIGHTGRAY = "\033[38;5;252m" 13 | DARKGRAY = "\033[38;5;242m" 14 | BRIGHTRED = "\033[91m" 15 | BOLD = "\033[1m" 16 | ECHO?=echo 17 | 18 | PLATFORM ?= murax 19 | RISCV_ARCH ?= rv32im 20 | RISCV_ABI ?= ilp32 21 | RISCV_CMODEL ?= medany 22 | RISCV_ARCHFLAGS += -march=$(RISCV_ARCH) 23 | RISCV_ARCHFLAGS += -mabi=$(RISCV_ABI) 24 | RISCV_ARCHFLAGS += -mcmodel=$(RISCV_CMODEL) 25 | 26 | CFLAGS += -Os -Wall -Wextra 27 | CFLAGS += $(RISCV_ARCHFLAGS) 28 | CFLAGS += -fstrict-volatile-bitfields 29 | CFLAGS += --specs=nosys.specs 30 | 31 | ifeq ($(PLATFORM),murax) 32 | CFLAGS += -DVEXRISCV_VOLATILE 33 | endif 34 | 35 | ifeq ($(PLATFORM),pqvexriscvup5k) 36 | CFLAGS += -DVEXRISCV_VOLATILE -DVEXRISCV_RWMTVEC 37 | endif 38 | 39 | ifeq ($(PLATFORM),pqvexriscvicoboard) 40 | CFLAGS += -DVEXRISCV_VOLATILE -DVEXRISCV_RWMTVEC 41 | endif 42 | 43 | ifeq ($(PLATFORM),pqvexriscvsim) 44 | CFLAGS += -DVEXRISCV_RWMTVEC 45 | endif 46 | 47 | CROSS_PREFIX ?= riscv64-unknown-elf 48 | CC = /opt/riscv/bin/$(CROSS_PREFIX)-gcc 49 | AR = /opt/riscv/bin/$(CROSS_PREFIX)-ar 50 | 51 | SRCS = init.c start.s 52 | OBJS = $(PLATFORM)_init.o $(PLATFORM)_start.o 53 | TARGET = lib$(PLATFORM)bsp.a 54 | 55 | all: $(TARGET) 56 | 57 | $(TARGET): $(OBJS) 58 | @$(ECHO) $(LIGHTBLUE)"building "$@""$(DARKGRAY) 59 | $(AR) rcs $@ $^ 60 | 61 | $(PLATFORM)_%.o: %.c 62 | @$(ECHO) $(YELLOW)"building "$@" (.c)"$(DARKGRAY) 63 | $(CC) $(CFLAGS) -c -o $@ $< 64 | 65 | $(PLATFORM)_%.o: %.S 66 | @$(ECHO) $(ORANGE)"building "$@""$(DARKGRAY) 67 | $(CC) $(CFLAGS) -c -o $@ $< 68 | 69 | .PHONY: clean 70 | clean: 71 | @$(ECHO) $(RED)"cleaning..."$(DARKGRAY) 72 | rm -rf $(OBJS) $(TARGET) 73 | -------------------------------------------------------------------------------- /Ascon-128/crypto_aead/opt64_C_unrolled/permutations.h: -------------------------------------------------------------------------------- 1 | #ifndef PERMUTATIONS_H_ 2 | #define PERMUTATIONS_H_ 3 | 4 | typedef unsigned char u8; 5 | typedef unsigned long long u64; 6 | 7 | typedef struct { 8 | u64 x0, x1, x2, x3, x4; 9 | } state; 10 | 11 | #define EXT_BYTE64(x, n) ((u8)((u64)(x) >> (8 * (7 - (n))))) 12 | #define INS_BYTE64(x, n) ((u64)(x) << (8 * (7 - (n)))) 13 | #define ROTR64(x, n) (((x) >> (n)) | ((x) << (64 - (n)))) 14 | 15 | #define ROUND(C) \ 16 | do { \ 17 | state t, r; \ 18 | s.x2 ^= C; \ 19 | t.x0 = s.x1 ^ s.x2; \ 20 | t.x1 = s.x0 ^ s.x4; \ 21 | t.x2 = s.x3 ^ s.x4; \ 22 | s.x4 = ~s.x4; \ 23 | s.x4 = s.x4 | s.x3; \ 24 | r.x2 = s.x4 ^ t.x0; \ 25 | s.x3 = s.x3 ^ s.x1; \ 26 | s.x3 = s.x3 | t.x0; \ 27 | r.x1 = s.x3 ^ t.x1; \ 28 | s.x2 = s.x2 ^ t.x1; \ 29 | s.x2 = s.x2 | s.x1; \ 30 | r.x0 = s.x2 ^ t.x2; \ 31 | t.x1 = ~t.x1; \ 32 | s.x1 = s.x1 & t.x1; \ 33 | r.x4 = s.x1 ^ t.x2; \ 34 | s.x0 = s.x0 | t.x2; \ 35 | r.x3 = s.x0 ^ t.x0; \ 36 | s.x0 = r.x0 ^ ROTR64(r.x0, 19) ^ ROTR64(r.x0, 28); \ 37 | s.x1 = r.x1 ^ ROTR64(r.x1, 61) ^ ROTR64(r.x1, 39); \ 38 | s.x2 = r.x2 ^ ROTR64(r.x2, 1) ^ ROTR64(r.x2, 6); \ 39 | s.x3 = r.x3 ^ ROTR64(r.x3, 10) ^ ROTR64(r.x3, 17); \ 40 | s.x4 = r.x4 ^ ROTR64(r.x4, 7) ^ ROTR64(r.x4, 41); \ 41 | } while (0) 42 | 43 | #define P12() \ 44 | do { \ 45 | ROUND(0xf0); \ 46 | ROUND(0xe1); \ 47 | ROUND(0xd2); \ 48 | ROUND(0xc3); \ 49 | ROUND(0xb4); \ 50 | ROUND(0xa5); \ 51 | ROUND(0x96); \ 52 | ROUND(0x87); \ 53 | ROUND(0x78); \ 54 | ROUND(0x69); \ 55 | ROUND(0x5a); \ 56 | ROUND(0x4b); \ 57 | } while (0) 58 | 59 | #define P6() \ 60 | do { \ 61 | ROUND(0x96); \ 62 | ROUND(0x87); \ 63 | ROUND(0x78); \ 64 | ROUND(0x69); \ 65 | ROUND(0x5a); \ 66 | ROUND(0x4b); \ 67 | } while (0) 68 | 69 | #endif // PERMUTATIONS_H_ 70 | 71 | -------------------------------------------------------------------------------- /murax/crt.S: -------------------------------------------------------------------------------- 1 | # .global crtStart 2 | # .global main 3 | # .global irqCallback 4 | 5 | # crtStart: 6 | # j crtInit 7 | # nop 8 | # nop 9 | # nop 10 | # nop 11 | # nop 12 | # nop 13 | # nop 14 | 15 | # .global trap_entry 16 | # trap_entry: 17 | # sw x1, - 1*4(sp) 18 | # sw x5, - 2*4(sp) 19 | # sw x6, - 3*4(sp) 20 | # sw x7, - 4*4(sp) 21 | # sw x10, - 5*4(sp) 22 | # sw x11, - 6*4(sp) 23 | # sw x12, - 7*4(sp) 24 | # sw x13, - 8*4(sp) 25 | # sw x14, - 9*4(sp) 26 | # sw x15, -10*4(sp) 27 | # sw x16, -11*4(sp) 28 | # sw x17, -12*4(sp) 29 | # sw x28, -13*4(sp) 30 | # sw x29, -14*4(sp) 31 | # sw x30, -15*4(sp) 32 | # sw x31, -16*4(sp) 33 | # addi sp,sp,-16*4 34 | # call irqCallback 35 | # lw x1 , 15*4(sp) 36 | # lw x5, 14*4(sp) 37 | # lw x6, 13*4(sp) 38 | # lw x7, 12*4(sp) 39 | # lw x10, 11*4(sp) 40 | # lw x11, 10*4(sp) 41 | # lw x12, 9*4(sp) 42 | # lw x13, 8*4(sp) 43 | # lw x14, 7*4(sp) 44 | # lw x15, 6*4(sp) 45 | # lw x16, 5*4(sp) 46 | # lw x17, 4*4(sp) 47 | # lw x28, 3*4(sp) 48 | # lw x29, 2*4(sp) 49 | # lw x30, 1*4(sp) 50 | # lw x31, 0*4(sp) 51 | # addi sp,sp,16*4 52 | # mret 53 | # .text 54 | 55 | 56 | # crtInit: 57 | # .option push 58 | # .option norelax 59 | # la gp, __global_pointer$ 60 | # .option pop 61 | # la sp, _stack_start 62 | 63 | # bss_init: 64 | # la a0, _bss_start 65 | # la a1, _bss_end 66 | # bss_loop: 67 | # beq a0,a1,bss_done 68 | # sw zero,0(a0) 69 | # add a0,a0,4 70 | # j bss_loop 71 | # bss_done: 72 | 73 | # ctors_init: 74 | # la a0, _ctors_start 75 | # addi sp,sp,-4 76 | # ctors_loop: 77 | # la a1, _ctors_end 78 | # beq a0,a1,ctors_done 79 | # lw a3,0(a0) 80 | # add a0,a0,4 81 | # sw a0,0(sp) 82 | # jalr a3 83 | # lw a0,0(sp) 84 | # j ctors_loop 85 | # ctors_done: 86 | # addi sp,sp,4 87 | 88 | 89 | # li a0, 0x880 //880 enable timer + external interrupts 90 | # csrw mie,a0 91 | # li a0, 0x1808 //1808 enable interrupts 92 | # csrw mstatus,a0 93 | 94 | # call main 95 | # infinitLoop: 96 | # j infinitLoop 97 | 98 | -------------------------------------------------------------------------------- /saturnin/crypto_hash/ref/hash.c: -------------------------------------------------------------------------------- 1 | /* ======================================================================== */ 2 | /* 3 | * Saturnin-Hash (NIST API). 4 | */ 5 | 6 | #include "../crypto_hash.h" 7 | 8 | #include 9 | #include 10 | 11 | void saturnin_block_encrypt(int R, int D, const uint8_t *key, uint8_t *buf); 12 | void saturnin_block_decrypt(int R, int D, const uint8_t *key, uint8_t *buf); 13 | 14 | #define SATURNIN_HASH_R 16 15 | #define SATURNIN_HASH_D1 7 16 | #define SATURNIN_HASH_D2 8 17 | 18 | int crypto_hash(unsigned char *out, 19 | const unsigned char *in, unsigned long long inlen) 20 | { 21 | uint8_t r[32]; 22 | size_t u, len; 23 | 24 | /* 25 | * Input is padded with a bit of value 1 (i.e. a byte of value 26 | * 0x80), then the minimum number of bits of value 0 to reach a 27 | * length which is a multiple of the block size (256 bits = 32 28 | * bytes). A running state r (256 bits) is maintained; 29 | * processing of each input block m computes the new value of r 30 | * as the XOR of m and Saturnin(r,m) (i.e. encryption of m with 31 | * the old r as key). There are 16 super-rounds. The domain is 32 | * 7, except for the processing of the last block (the one that 33 | * contains the padding bit of value 1) for which the domain is 34 | * 8. 35 | */ 36 | len = (size_t)inlen; 37 | memset(r, 0, sizeof r); 38 | u = 0; 39 | for (;;) 40 | { 41 | size_t clen, v; 42 | int domain; 43 | uint8_t m[32], t[32]; 44 | 45 | domain = SATURNIN_HASH_D1; 46 | clen = len - u; 47 | if (clen >= sizeof t) 48 | { 49 | memcpy(t, in + u, sizeof t); 50 | u += sizeof t; 51 | } 52 | else 53 | { 54 | memcpy(t, in + u, clen); 55 | t[clen] = 0x80; 56 | memset(t + clen + 1, 0, (sizeof t) - clen - 1); 57 | domain = SATURNIN_HASH_D2; 58 | } 59 | memcpy(m, t, sizeof t); 60 | saturnin_block_encrypt(SATURNIN_HASH_R, domain, r, m); 61 | for (v = 0; v < sizeof r; v++) 62 | { 63 | r[v] = m[v] ^ t[v]; 64 | } 65 | if (domain == SATURNIN_HASH_D2) 66 | { 67 | break; 68 | } 69 | } 70 | memcpy(out, r, sizeof r); 71 | return 0; 72 | } 73 | -------------------------------------------------------------------------------- /sifive_sdk/start.S: -------------------------------------------------------------------------------- 1 | // See LICENSE for license details. 2 | #include "smp.h" 3 | #include "encoding.h" 4 | 5 | /* This is defined in sifive/platform.h, but that can't be included from 6 | * assembly. */ 7 | #define CLINT_CTRL_ADDR 0x02000000 8 | 9 | .section .init 10 | .globl _start 11 | .type _start,@function 12 | 13 | _start: 14 | .cfi_startproc 15 | .cfi_undefined ra 16 | .option push 17 | .option norelax 18 | la gp, __global_pointer$ 19 | .option pop 20 | la sp, _sp 21 | 22 | #if defined(ENABLE_SMP) 23 | smp_pause(t0, t1) 24 | #endif 25 | 26 | /* Load data section */ 27 | la a0, _data_lma 28 | la a1, _data 29 | la a2, _edata 30 | bgeu a1, a2, 2f 31 | 1: 32 | lw t0, (a0) 33 | sw t0, (a1) 34 | addi a0, a0, 4 35 | addi a1, a1, 4 36 | bltu a1, a2, 1b 37 | 2: 38 | 39 | /* Clear bss section */ 40 | la a0, __bss_start 41 | la a1, _end 42 | bgeu a0, a1, 2f 43 | 1: 44 | sw zero, (a0) 45 | addi a0, a0, 4 46 | bltu a0, a1, 1b 47 | 2: 48 | 49 | /* Call global constructors */ 50 | la a0, __libc_fini_array 51 | call atexit 52 | call __libc_init_array 53 | 54 | #ifndef __riscv_float_abi_soft 55 | /* Enable FPU */ 56 | li t0, MSTATUS_FS 57 | csrs mstatus, t0 58 | csrr t1, mstatus 59 | and t1, t1, t0 60 | beqz t1, 1f 61 | fssr x0 62 | 1: 63 | #endif 64 | 65 | #if defined(ENABLE_SMP) 66 | smp_resume(t0, t1) 67 | 68 | csrr a0, mhartid 69 | bnez a0, 2f 70 | #endif 71 | 72 | auipc ra, 0 73 | addi sp, sp, -16 74 | #if __riscv_xlen == 32 75 | sw ra, 8(sp) 76 | #else 77 | sd ra, 8(sp) 78 | #endif 79 | 80 | /* argc = argv = 0 */ 81 | li a0, 0 82 | li a1, 0 83 | call main 84 | tail exit 85 | 1: 86 | j 1b 87 | 88 | #if defined(ENABLE_SMP) 89 | 2: 90 | la t0, trap_entry 91 | csrw mtvec, t0 92 | 93 | csrr a0, mhartid 94 | la t1, _sp 95 | slli t0, a0, 10 96 | sub sp, t1, t0 97 | 98 | auipc ra, 0 99 | addi sp, sp, -16 100 | #if __riscv_xlen == 32 101 | sw ra, 8(sp) 102 | #else 103 | sd ra, 8(sp) 104 | #endif 105 | 106 | call secondary_main 107 | tail exit 108 | 109 | 1: 110 | j 1b 111 | #endif 112 | .cfi_endproc 113 | -------------------------------------------------------------------------------- /AES-LUT/Permutation/rijndael-alg-fst.h: -------------------------------------------------------------------------------- 1 | /** 2 | * rijndael-alg-fst.h 3 | * 4 | * @version 3.0 (December 2000) 5 | * 6 | * Optimised ANSI C code for the Rijndael cipher (now AES) 7 | * 8 | * @author Vincent Rijmen 9 | * @author Antoon Bosselaers 10 | * @author Paulo Barreto 11 | * 12 | * This code is hereby placed in the public domain. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS 15 | * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 16 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE 18 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 19 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 20 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 21 | * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 22 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE 23 | * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, 24 | * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | #ifndef __RIJNDAEL_ALG_FST_H 27 | #define __RIJNDAEL_ALG_FST_H 28 | 29 | #define MAXKC (256/32) 30 | #define MAXKB (256/8) 31 | #define MAXNR 14 32 | 33 | typedef unsigned char u8; 34 | typedef unsigned short u16; 35 | typedef unsigned int u32; 36 | 37 | int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits); 38 | int rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits); 39 | void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16], u8 ct[16]); 40 | void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16], u8 pt[16]); 41 | 42 | #ifdef INTERMEDIATE_VALUE_KAT 43 | void rijndaelEncryptRound(const u32 rk[/*4*(Nr + 1)*/], int Nr, u8 block[16], int rounds); 44 | void rijndaelDecryptRound(const u32 rk[/*4*(Nr + 1)*/], int Nr, u8 block[16], int rounds); 45 | #endif /* INTERMEDIATE_VALUE_KAT */ 46 | 47 | #endif /* __RIJNDAEL_ALG_FST_H */ -------------------------------------------------------------------------------- /AES-CTR-Bitsliced/Permutation/rijndael-alg-fst.h: -------------------------------------------------------------------------------- 1 | /** 2 | * rijndael-alg-fst.h 3 | * 4 | * @version 3.0 (December 2000) 5 | * 6 | * Optimised ANSI C code for the Rijndael cipher (now AES) 7 | * 8 | * @author Vincent Rijmen 9 | * @author Antoon Bosselaers 10 | * @author Paulo Barreto 11 | * 12 | * This code is hereby placed in the public domain. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS 15 | * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 16 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE 18 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 19 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 20 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 21 | * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 22 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE 23 | * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, 24 | * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | #ifndef __RIJNDAEL_ALG_FST_H 27 | #define __RIJNDAEL_ALG_FST_H 28 | 29 | #define MAXKC (256/32) 30 | #define MAXKB (256/8) 31 | #define MAXNR 14 32 | 33 | typedef unsigned char u8; 34 | typedef unsigned short u16; 35 | typedef unsigned int u32; 36 | 37 | int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits); 38 | int rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits); 39 | void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16], u8 ct[16]); 40 | void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16], u8 pt[16]); 41 | 42 | #ifdef INTERMEDIATE_VALUE_KAT 43 | void rijndaelEncryptRound(const u32 rk[/*4*(Nr + 1)*/], int Nr, u8 block[16], int rounds); 44 | void rijndaelDecryptRound(const u32 rk[/*4*(Nr + 1)*/], int Nr, u8 block[16], int rounds); 45 | #endif /* INTERMEDIATE_VALUE_KAT */ 46 | 47 | #endif /* __RIJNDAEL_ALG_FST_H */ --------------------------------------------------------------------------------