gem5  v22.1.0.0
qarma.cc
Go to the documentation of this file.
1 // -*- mode:c++ -*-
2 
3 // Copyright (c) 2020 Metempsy Technology Consulting
4 // All rights reserved
5 //
6 // The license below extends only to copyright in the software and shall
7 // not be construed as granting a license to any other intellectual
8 // property including but not limited to intellectual property relating
9 // to a hardware implementation of the functionality of the software
10 // licensed hereunder. You may use the software subject to the license
11 // terms below provided that you ensure that this notice is replicated
12 // unmodified and in its entirety in all distributions of the software,
13 // modified or unmodified, in source code or in binary form.
14 //
15 // Redistribution and use in source and binary forms, with or without
16 // modification, are permitted provided that the following conditions are
17 // met: redistributions of source code must retain the above copyright
18 // notice, this list of conditions and the following disclaimer;
19 // redistributions in binary form must reproduce the above copyright
20 // notice, this list of conditions and the following disclaimer in the
21 // documentation and/or other materials provided with the distribution;
22 // neither the name of the copyright holders nor the names of its
23 // contributors may be used to endorse or promote products derived from
24 // this software without specific prior written permission.
25 //
26 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
27 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
28 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
29 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
30 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
31 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
32 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
33 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
34 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
35 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
36 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37 
38 #include "arch/arm/qarma.hh"
39 
40 #include <array>
41 
42 #include "base/bitfield.hh"
43 
44 namespace gem5
45 {
46 
47 using namespace QARMA;
48 
49 
50 uint8_t
51 QARMA::rotCell(uint8_t incell, int amount)
52 {
53  uint8_t res = ((incell << amount) | (incell >> (4-amount)))& 0xF;
54  return res;
55 }
56 
57 uint8_t
58 QARMA::tweakCellInvRot(uint8_t incell)
59 {
60  uint8_t outcell = 0x0;
61  outcell = incell << 1;
62  uint8_t t = 0x1 & (incell ^ (incell>>3));
63  outcell |= t;
64  return outcell & 0xF;
65 }
66 
67 uint8_t
68 QARMA::tweakCellRot(uint8_t incell)
69 {
70  uint8_t outcell = 0x0;
71  outcell = incell >> 1;
72  uint8_t t = 0x1 & (incell ^ (incell>>1));
73  outcell |= t<<3;
74  return outcell & 0xF;
75 }
76 
77 BIT64
78 QARMA::tweakInvShuffle(BIT64 indata)
79 {
80  BIT64 outdata = 0x0;
81  outdata.b0 = tweakCellInvRot(indata.b12);
82  outdata.b1 = indata.b13;
83  outdata.b2 = indata.b5;
84  outdata.b3 = indata.b6;
85  outdata.b4 = indata.b0;
86  outdata.b5 = indata.b1;
87  outdata.b6 = tweakCellInvRot(indata.b2);
88  outdata.b7 = indata.b3;
89  outdata.b8 = tweakCellInvRot(indata.b7);
90  outdata.b9 = tweakCellInvRot(indata.b15);
91  outdata.b10 = tweakCellInvRot(indata.b14);
92  outdata.b11 = tweakCellInvRot(indata.b4);
93  outdata.b12 = indata.b8;
94  outdata.b13 = indata.b9;
95  outdata.b14 = indata.b10;
96  outdata.b15 = tweakCellInvRot(indata.b11);
97  return outdata;
98 }
99 
100 BIT64
101 QARMA::tweakShuffle(BIT64 indata)
102 {
103  BIT64 outdata = 0x0;
104  outdata.b0 = indata.b4;
105  outdata.b1 = indata.b5;
106  outdata.b2 = tweakCellRot(indata.b6);
107  outdata.b3 = indata.b7;
108  outdata.b4 = tweakCellRot(indata.b11);
109  outdata.b5 = indata.b2;
110  outdata.b6 = indata.b3;
111  outdata.b7 = tweakCellRot(indata.b8);
112  outdata.b8 = indata.b12;
113  outdata.b9 = indata.b13;
114  outdata.b10 = indata.b14;
115  outdata.b11 = tweakCellRot(indata.b15);
116  outdata.b12 = tweakCellRot(indata.b0);
117  outdata.b13 = indata.b1;
118  outdata.b14 = tweakCellRot(indata.b10);
119  outdata.b15 = tweakCellRot(indata.b9);
120  return outdata;
121 }
122 
123 
124 BIT64
125 QARMA::PACCellInvShuffle(BIT64 indata)
126 {
127  BIT64 outdata = 0x0;
128  outdata.b0 = indata.b3;
129  outdata.b1 = indata.b6;
130  outdata.b2 = indata.b12;
131  outdata.b3 = indata.b9;
132  outdata.b4 = indata.b14;
133  outdata.b5 = indata.b11;
134  outdata.b6 = indata.b1;
135  outdata.b7 = indata.b4;
136  outdata.b8 = indata.b8;
137  outdata.b9 = indata.b13;
138  outdata.b10 = indata.b7;
139  outdata.b11 = indata.b2;
140  outdata.b12 = indata.b5;
141  outdata.b13 = indata.b0;
142  outdata.b14 = indata.b10;
143  outdata.b15 = indata.b15;
144  return outdata;
145 }
146 
147 BIT64
148 QARMA::PACCellShuffle(BIT64 indata)
149 {
150  BIT64 outdata = 0x0;
151  outdata.b0 = indata.b13;
152  outdata.b1 = indata.b6;
153  outdata.b2 = indata.b11;
154  outdata.b3 = indata.b0;
155  outdata.b4 = indata.b7;
156  outdata.b5 = indata.b12;
157  outdata.b6 = indata.b1;
158  outdata.b7 = indata.b10;
159  outdata.b8 = indata.b8;
160  outdata.b9 = indata.b3;
161  outdata.b10 = indata.b14;
162  outdata.b11 = indata.b5;
163  outdata.b12 = indata.b2;
164  outdata.b13 = indata.b9;
165  outdata.b14 = indata.b4;
166  outdata.b15 = indata.b15;
167  return outdata;
168 }
169 
170 
171 uint64_t
172 QARMA::PACInvSub(uint64_t tInput)
173 {
174  // This is a 4-bit substitution from the PRINCE-family cipher
175  uint64_t t_output = 0x0;
176  for (int i=15; i>=0; i--) {
177  t_output = t_output << 4;
178  uint8_t b = (tInput >> i*4 ) & 0xF;
179  switch ( b ) {
180  case 0x0:
181  t_output |= 0x5;
182  break;
183  case 0x1:
184  t_output |= 0xe;
185  break;
186  case 0x2:
187  t_output |= 0xd;
188  break;
189  case 0x3:
190  t_output |= 0x8;
191  break;
192  case 0x4:
193  t_output |= 0xa;
194  break;
195  case 0x5:
196  t_output |= 0xb;
197  break;
198  case 0x6:
199  t_output |= 0x1;
200  break;
201  case 0x7:
202  t_output |= 0x9;
203  break;
204  case 0x8:
205  t_output |= 0x2;
206  break;
207  case 0x9:
208  t_output |= 0x6;
209  break;
210  case 0xa:
211  t_output |= 0xf;
212  break;
213  case 0xb:
214  t_output |= 0x0;
215  break;
216  case 0xc:
217  t_output |= 0x4;
218  break;
219  case 0xd:
220  t_output |= 0xc;
221  break;
222  case 0xe:
223  t_output |= 0x7;
224  break;
225  case 0xf:
226  t_output |= 0x3;
227  break;
228  default:
229  //unreachable
230  break;
231  }
232  }
233  return t_output;
234 }
235 
236 uint64_t
237 QARMA::PACSub(uint64_t tInput){
238  // This is a 4-bit substitution from the PRINCE-family cipher
239  uint64_t t_output = 0x0;
240  for (int i=15; i>=0; i--) {
241  t_output = t_output << 4;
242  uint8_t b = (tInput >> i*4 ) & 0xF;
243  switch ( b ) {
244  case 0x0:
245  t_output |= 0xb;
246  break;
247  case 0x1:
248  t_output |= 0x6;
249  break;
250  case 0x2:
251  t_output |= 0x8;
252  break;
253  case 0x3:
254  t_output |= 0xf;
255  break;
256  case 0x4:
257  t_output |= 0xc;
258  break;
259  case 0x5:
260  t_output |= 0x0;
261  break;
262  case 0x6:
263  t_output |= 0x9;
264  break;
265  case 0x7:
266  t_output |= 0xe;
267  break;
268  case 0x8:
269  t_output |= 0x3;
270  break;
271  case 0x9:
272  t_output |= 0x7;
273  break;
274  case 0xa:
275  t_output |= 0x4;
276  break;
277  case 0xb:
278  t_output |= 0x5;
279  break;
280  case 0xc:
281  t_output |= 0xd;
282  break;
283  case 0xd:
284  t_output |= 0x2;
285  break;
286  case 0xe:
287  t_output |= 0x1;
288  break;
289  case 0xf:
290  t_output |= 0xa;
291  break;
292  default:
293  //unreachable
294  break;
295  }
296  }
297  return t_output;
298 }
299 
300 uint64_t
301 QARMA::PACMult(uint64_t tInput)
302 {
303  uint64_t t_output = 0;
304 
305  for (int i=0;i<=3; i++) {
306  uint8_t b8 = (tInput >> (4*(i+8))) & 0xF;
307  uint8_t b4 = (tInput >> (4*(i+4))) & 0xF;
308  uint8_t b12 = (tInput >> (4*(i+12))) & 0xF;
309  uint8_t b0 = (tInput >> (4*(i))) & 0xF;
310 
311  uint64_t t0 = rotCell(b8, 1) ^ rotCell(b4, 2);
312  t0 = t0 ^ rotCell(b0, 1);
313 
314  uint64_t t1 = rotCell(b12, 1) ^ rotCell(b4, 1);
315  t1 = t1 ^ rotCell(b0, 2);
316 
317  uint64_t t2 = rotCell(b12, 2) ^ rotCell(b8, 1);
318  t2 = t2 ^ rotCell(b0, 1);
319 
320  uint64_t t3 = rotCell(b12, 1) ^ rotCell(b8, 2);
321  t3 = t3 ^ rotCell(b4, 1);
322 
323  t_output |= (t3 << (4*i));
324  t_output |= (t2 << (4*(i+4)));
325  t_output |= (t1 << (4*(i+8)));
326  t_output |= (t0 << (4*(i+12)));
327  }
328  return t_output;
329 }
330 
331 BIT64
332 QARMA::computePAC(BIT64 data, BIT64 modifier, BIT64 key0, BIT64 key1)
333 {
334  BIT64 workingval;
335  BIT64 runningmod;
336  BIT64 roundkey;
337  BIT64 modk0;
338  std::array<BIT64, 5> RC;
339  RC[0] = (BIT64) 0x0000000000000000;
340  RC[1] = (BIT64) 0x13198A2E03707344;
341  RC[2] = (BIT64) 0xA4093822299F31D0;
342  RC[3] = (BIT64) 0x082EFA98EC4E6C89;
343  RC[4] = (BIT64) 0x452821E638D01377;
344 
345  const BIT64 alpha = 0xC0AC29B7C97C50DD;
346  //modk0 = key0<0>:key0<63:2>:
347 
348  modk0 = (key0 & 0x1) << 63;
349  modk0 = modk0 | ((key0 & ~0x3) >> 1);
350  modk0 = modk0 | ((key0.b15>>3) ^ ((key0.b0 & 0x2)>>1));
351 
352  runningmod = modifier;
353  workingval = data^key0;
354  for (int i=0; i<=4; i++) {
355  roundkey = key1 ^ runningmod;
356  workingval = workingval ^ roundkey;
357  workingval = workingval ^ RC[i];
358 
359  if (i > 0) {
360  workingval = PACCellShuffle(workingval);
361  workingval = PACMult(workingval);
362  }
363  workingval = PACSub(workingval);
364  runningmod = tweakShuffle(runningmod);
365  }
366  roundkey = modk0 ^ runningmod;
367  workingval = workingval ^ roundkey;
368 
369  workingval = PACCellShuffle(workingval);
370  workingval = PACMult(workingval);
371  workingval = PACSub(workingval);
372  workingval = PACCellShuffle(workingval);
373  workingval = PACMult(workingval);
374  workingval = key1 ^ workingval;
375 
376  workingval = PACCellInvShuffle(workingval);
377  workingval = PACInvSub(workingval);
378  workingval = PACMult(workingval);
379  workingval = PACCellInvShuffle(workingval);
380  workingval = workingval ^ key0;
381  workingval = workingval ^ runningmod;
382 
383  for (int i=0; i<=4; i++) {
384  workingval = PACInvSub(workingval);
385  if (i < 4) {
386  workingval = PACMult(workingval);
387  workingval = PACCellInvShuffle(workingval);
388  }
389  runningmod = tweakInvShuffle(runningmod);
390  roundkey = key1 ^ runningmod;
391  workingval = workingval ^ RC[4-i];
392  workingval = workingval ^ roundkey;
393  workingval = workingval ^ alpha;
394  }
395  workingval = workingval ^ modk0;
396  return workingval;
397 }
398 
399 } // namespace gem5
data
const char data[]
Definition: circlebuf.test.cc:48
gem5::ArmISA::t2
Bitfield< 2 > t2
Definition: misc_types.hh:233
gem5::ArmISA::b
Bitfield< 7 > b
Definition: misc_types.hh:388
gem5::ArmISA::t3
Bitfield< 3 > t3
Definition: misc_types.hh:232
gem5::ArmISA::i
Bitfield< 7 > i
Definition: misc_types.hh:67
gem5::ArmISA::t1
Bitfield< 1 > t1
Definition: misc_types.hh:234
gem5::ArmISA::t0
Bitfield< 0 > t0
Definition: misc_types.hh:235
gem5::QARMA::tweakCellRot
uint8_t tweakCellRot(uint8_t incell)
Definition: qarma.cc:68
gem5::QARMA::tweakInvShuffle
BIT64 tweakInvShuffle(BIT64 indata)
Definition: qarma.cc:78
gem5::QARMA::amount
int amount
Definition: qarma.hh:70
gem5::QARMA::PACInvSub
uint64_t PACInvSub(uint64_t tInput)
Definition: qarma.cc:172
gem5::QARMA::PACCellInvShuffle
BIT64 PACCellInvShuffle(BIT64 indata)
Definition: qarma.cc:125
gem5::QARMA::tweakCellInvRot
uint8_t tweakCellInvRot(uint8_t incell)
Definition: qarma.cc:58
gem5::QARMA::computePAC
BIT64 computePAC(BIT64 data, BIT64 modifier, BIT64 key0, BIT64 key1)
Definition: qarma.cc:332
gem5::QARMA::PACSub
uint64_t PACSub(uint64_t tInput)
Definition: qarma.cc:237
gem5::QARMA::tweakShuffle
BIT64 tweakShuffle(BIT64 indata)
Definition: qarma.cc:101
gem5::QARMA::PACCellShuffle
BIT64 PACCellShuffle(BIT64 indata)
Definition: qarma.cc:148
gem5::QARMA::b12
Bitfield< 51, 48 > b12
Definition: qarma.hh:54
gem5::QARMA::PACMult
uint64_t PACMult(uint64_t tInput)
Definition: qarma.cc:301
gem5::QARMA::b0
Bitfield< 3, 0 > b0
Definition: qarma.hh:66
gem5::QARMA::b4
Bitfield< 19, 16 > b4
Definition: qarma.hh:62
gem5::QARMA::b8
Bitfield< 35, 32 > b8
Definition: qarma.hh:58
gem5::VegaISA::t
Bitfield< 51 > t
Definition: pagetable.hh:56
gem5
Reference material can be found at the JEDEC website: UFS standard http://www.jedec....
Definition: gpu_translation_state.hh:38
Generated on Wed Dec 21 2022 10:22:26 for gem5 by doxygen 1.9.1