diff --git a/doc/crypto.dox b/doc/crypto.dox
index e546e163..f02c8979 100644
--- a/doc/crypto.dox
+++ b/doc/crypto.dox
@@ -30,14 +30,14 @@
\li Block cipher modes: CTR, CFB, CBC, OFB, GCM
\li Stream ciphers: ChaCha
\li Authenticated encryption with associated data (AEAD): ChaChaPoly, EAX, GCM
-\li Hash algorithms: SHA1, SHA256, SHA512, SHA3_256, SHA3_512, BLAKE2s, BLAKE2b (regular and HMAC modes)
+\li Hash algorithms: SHA256, SHA512, SHA3_256, SHA3_512, BLAKE2s, BLAKE2b (regular and HMAC modes)
\li Message authenticators: Poly1305, GHASH
\li Public key algorithms: Curve25519, Ed25519
\li Random number generation: \link RNGClass RNG\endlink, TransistorNoiseSource, RingOscillatorNoiseSource
All cryptographic algorithms have been optimized for 8-bit Arduino platforms
-like the Uno. Memory usage is also reduced, particularly for SHA1, SHA256,
-and SHA512 which save 256, 192, and 512 bytes respectively over traditional
+like the Uno. Memory usage is also reduced, particularly for SHA256
+and SHA512 which save 192 and 512 bytes respectively over traditional
implementations. For all algorithms, static sbox tables and the like are
placed into program memory to further reduce data memory usage.
@@ -94,7 +94,6 @@ Ardunino Mega 2560 running at 16 MHz are similar:
| EAX<SpeckLowMemory> (128-bit key) | 75.08us | 75.07us | 1243.66us | 122 |
| |
| Hash Algorithm | Hashing (per byte) | Finalization | | State Size (bytes) |
-| SHA1 | 21.90us | 1423.28us | | 95 |
| SHA256 | 43.85us | 2841.04us | | 107 |
| SHA512 | 122.82us | 15953.42us | | 211 |
| SHA3_256 | 60.69us | 8180.24us | | 205 |
@@ -103,7 +102,6 @@ Ardunino Mega 2560 running at 16 MHz are similar:
| BLAKE2b | 65.22us | 8375.36us | | 211 |
| |
| Authentication Algorithm | Hashing (per byte) | Finalization | Key Setup | State Size (bytes) |
-| SHA1 (HMAC mode) | 21.90us | 4296.33us | 1420.24us | 95 |
| SHA256 (HMAC mode) | 43.85us | 8552.61us | 2836.49us | 107 |
| BLAKE2s (HMAC mode) | 20.65us | 4055.56us | 1350.00us | 107 |
| Poly1305 | 26.26us | 489.11us | 17.06us | 53 |
@@ -151,7 +149,6 @@ All figures are for the Arduino Due running at 84 MHz:
| EAX<SpeckLowMemory> (128-bit key) | 6.29us | 6.29us | 106.60us | 144 |
| |
| Hash Algorithm | Hashing (per byte) | Finalization | | State Size (bytes) |
-| SHA1 | 0.94us | 62.55us | | 112 |
| SHA256 | 1.15us | 76.60us | | 120 |
| SHA512 | 2.87us | 370.37us | | 224 |
| SHA3_256 | 5.64us | 735.29us | | 224 |
@@ -160,7 +157,6 @@ All figures are for the Arduino Due running at 84 MHz:
| BLAKE2b | 1.29us | 165.28us | | 224 |
| |
| Authentication Algorithm | Hashing (per byte) | Finalization | Key Setup | State Size (bytes) |
-| SHA1 (HMAC mode) | 0.94us | 193.92us | 65.09us | 112 |
| SHA256 (HMAC mode) | 1.15us | 238.98us | 80.44us | 120 |
| BLAKE2s (HMAC mode) | 0.72us | 157.75us | 57.18us | 120 |
| Poly1305 | 0.81us | 19.01us | 2.57us | 60 |
diff --git a/doc/mainpage.dox b/doc/mainpage.dox
index fc00b07b..a9e25cc6 100644
--- a/doc/mainpage.dox
+++ b/doc/mainpage.dox
@@ -95,7 +95,7 @@ realtime clock and the LCD library to implement an alarm clock.
\li Block cipher modes: CTR, CFB, CBC, OFB, GCM
\li Stream ciphers: ChaCha
\li Authenticated encryption with associated data (AEAD): ChaChaPoly, EAX, GCM
-\li Hash algorithms: SHA1, SHA256, SHA512, SHA3_256, SHA3_512, BLAKE2s, BLAKE2b (regular and HMAC modes)
+\li Hash algorithms: SHA256, SHA512, SHA3_256, SHA3_512, BLAKE2s, BLAKE2b (regular and HMAC modes)
\li Message authenticators: Poly1305, GHASH
\li Public key algorithms: Curve25519, Ed25519
\li Random number generation: \link RNGClass RNG\endlink, TransistorNoiseSource, RingOscillatorNoiseSource
diff --git a/libraries/Crypto/BLAKE2b.cpp b/libraries/Crypto/BLAKE2b.cpp
index 1f7d21e7..8cd8a880 100644
--- a/libraries/Crypto/BLAKE2b.cpp
+++ b/libraries/Crypto/BLAKE2b.cpp
@@ -38,7 +38,7 @@
*
* Reference: https://blake2.net/
*
- * \sa BLAKE2s, SHA512
+ * \sa BLAKE2s, SHA512, SHA3_512
*/
/**
diff --git a/libraries/Crypto/BLAKE2s.cpp b/libraries/Crypto/BLAKE2s.cpp
index 3d70304d..e99117b3 100644
--- a/libraries/Crypto/BLAKE2s.cpp
+++ b/libraries/Crypto/BLAKE2s.cpp
@@ -38,7 +38,7 @@
*
* Reference: https://blake2.net/
*
- * \sa SHA256
+ * \sa BLAKE2b, SHA256, SHA3_256
*/
/**
diff --git a/libraries/Crypto/Hash.cpp b/libraries/Crypto/Hash.cpp
index 57432a8e..f49b9b6f 100644
--- a/libraries/Crypto/Hash.cpp
+++ b/libraries/Crypto/Hash.cpp
@@ -27,7 +27,7 @@
* \class Hash Hash.h
* \brief Abstract base class for cryptographic hash algorithms.
*
- * \sa SHA1, SHA256
+ * \sa SHA256, SHA3_256, BLAKE2s
*/
/**
diff --git a/libraries/Crypto/SHA1.cpp b/libraries/Crypto/SHA1.cpp
deleted file mode 100644
index 9d212068..00000000
--- a/libraries/Crypto/SHA1.cpp
+++ /dev/null
@@ -1,241 +0,0 @@
-/*
- * Copyright (C) 2015 Southern Storm Software, Pty Ltd.
- *
- * Permission is hereby granted, free of charge, to any person obtaining a
- * copy of this software and associated documentation files (the "Software"),
- * to deal in the Software without restriction, including without limitation
- * the rights to use, copy, modify, merge, publish, distribute, sublicense,
- * and/or sell copies of the Software, and to permit persons to whom the
- * Software is furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included
- * in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
- * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
- * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- */
-
-#include "SHA1.h"
-#include "Crypto.h"
-#include "utility/RotateUtil.h"
-#include "utility/EndianUtil.h"
-#include
-
-/**
- * \class SHA1 SHA1.h
- * \brief SHA-1 hash algorithm.
- *
- * Reference: http://en.wikipedia.org/wiki/SHA-1
- *
- * \sa SHA256, SHA512
- */
-
-/**
- * \brief Constructs a SHA-1 hash object.
- */
-SHA1::SHA1()
-{
- reset();
-}
-
-/**
- * \brief Destroys this SHA-1 hash object after clearing sensitive information.
- */
-SHA1::~SHA1()
-{
- clean(state);
-}
-
-size_t SHA1::hashSize() const
-{
- return 20;
-}
-
-size_t SHA1::blockSize() const
-{
- return 64;
-}
-
-void SHA1::reset()
-{
- state.h[0] = 0x67452301;
- state.h[1] = 0xEFCDAB89;
- state.h[2] = 0x98BADCFE;
- state.h[3] = 0x10325476;
- state.h[4] = 0xC3D2E1F0;
- state.chunkSize = 0;
- state.length = 0;
-}
-
-void SHA1::update(const void *data, size_t len)
-{
- // Update the total length (in bits, not bytes).
- state.length += ((uint64_t)len) << 3;
-
- // Break the input up into 512-bit chunks and process each in turn.
- const uint8_t *d = (const uint8_t *)data;
- while (len > 0) {
- uint8_t size = 64 - state.chunkSize;
- if (size > len)
- size = len;
- memcpy(((uint8_t *)state.w) + state.chunkSize, d, size);
- state.chunkSize += size;
- len -= size;
- d += size;
- if (state.chunkSize == 64) {
- processChunk();
- state.chunkSize = 0;
- }
- }
-}
-
-void SHA1::finalize(void *hash, size_t len)
-{
- // Pad the last chunk. We may need two padding chunks if there
- // isn't enough room in the first for the padding and length.
- uint8_t *wbytes = (uint8_t *)state.w;
- if (state.chunkSize <= (64 - 9)) {
- wbytes[state.chunkSize] = 0x80;
- memset(wbytes + state.chunkSize + 1, 0x00, 64 - 8 - (state.chunkSize + 1));
- state.w[14] = htobe32((uint32_t)(state.length >> 32));
- state.w[15] = htobe32((uint32_t)state.length);
- processChunk();
- } else {
- wbytes[state.chunkSize] = 0x80;
- memset(wbytes + state.chunkSize + 1, 0x00, 64 - (state.chunkSize + 1));
- processChunk();
- memset(wbytes, 0x00, 64 - 8);
- state.w[14] = htobe32((uint32_t)(state.length >> 32));
- state.w[15] = htobe32((uint32_t)state.length);
- processChunk();
- }
-
- // Convert the result into big endian and return it.
- for (uint8_t posn = 0; posn < 5; ++posn)
- state.w[posn] = htobe32(state.h[posn]);
-
- // Copy the hash to the caller's return buffer.
- if (len > 20)
- len = 20;
- memcpy(hash, state.w, len);
-}
-
-void SHA1::clear()
-{
- clean(state);
- reset();
-}
-
-void SHA1::resetHMAC(const void *key, size_t keyLen)
-{
- formatHMACKey(state.w, key, keyLen, 0x36);
- state.length += 64 * 8;
- processChunk();
-}
-
-void SHA1::finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen)
-{
- uint8_t temp[20];
- finalize(temp, sizeof(temp));
- formatHMACKey(state.w, key, keyLen, 0x5C);
- state.length += 64 * 8;
- processChunk();
- update(temp, sizeof(temp));
- finalize(hash, hashLen);
- clean(temp);
-}
-
-/**
- * \brief Processes a single 512-bit chunk with the core SHA-1 algorithm.
- *
- * Reference: http://en.wikipedia.org/wiki/SHA-1
- */
-void SHA1::processChunk()
-{
- uint8_t index;
-
- // Convert the first 16 words from big endian to host byte order.
- for (index = 0; index < 16; ++index)
- state.w[index] = be32toh(state.w[index]);
-
- // Initialize the hash value for this chunk.
- uint32_t a = state.h[0];
- uint32_t b = state.h[1];
- uint32_t c = state.h[2];
- uint32_t d = state.h[3];
- uint32_t e = state.h[4];
-
- // Perform the first 16 rounds of the compression function main loop.
- uint32_t temp;
- for (index = 0; index < 16; ++index) {
- temp = leftRotate5(a) + ((b & c) | ((~b) & d)) + e + 0x5A827999 + state.w[index];
- e = d;
- d = c;
- c = leftRotate30(b);
- b = a;
- a = temp;
- }
-
- // Perform the 64 remaining rounds. We expand the first 16 words to
- // 80 in-place in the "w" array. This saves 256 bytes of memory
- // that would have otherwise need to be allocated to the "w" array.
- for (; index < 20; ++index) {
- temp = state.w[index & 0x0F] = leftRotate1
- (state.w[(index - 3) & 0x0F] ^ state.w[(index - 8) & 0x0F] ^
- state.w[(index - 14) & 0x0F] ^ state.w[(index - 16) & 0x0F]);
- temp = leftRotate5(a) + ((b & c) | ((~b) & d)) + e + 0x5A827999 + temp;
- e = d;
- d = c;
- c = leftRotate30(b);
- b = a;
- a = temp;
- }
- for (; index < 40; ++index) {
- temp = state.w[index & 0x0F] = leftRotate1
- (state.w[(index - 3) & 0x0F] ^ state.w[(index - 8) & 0x0F] ^
- state.w[(index - 14) & 0x0F] ^ state.w[(index - 16) & 0x0F]);
- temp = leftRotate5(a) + (b ^ c ^ d) + e + 0x6ED9EBA1 + temp;
- e = d;
- d = c;
- c = leftRotate30(b);
- b = a;
- a = temp;
- }
- for (; index < 60; ++index) {
- temp = state.w[index & 0x0F] = leftRotate1
- (state.w[(index - 3) & 0x0F] ^ state.w[(index - 8) & 0x0F] ^
- state.w[(index - 14) & 0x0F] ^ state.w[(index - 16) & 0x0F]);
- temp = leftRotate5(a) + ((b & c) | (b & d) | (c & d)) + e + 0x8F1BBCDC + temp;
- e = d;
- d = c;
- c = leftRotate30(b);
- b = a;
- a = temp;
- }
- for (; index < 80; ++index) {
- temp = state.w[index & 0x0F] = leftRotate1
- (state.w[(index - 3) & 0x0F] ^ state.w[(index - 8) & 0x0F] ^
- state.w[(index - 14) & 0x0F] ^ state.w[(index - 16) & 0x0F]);
- temp = leftRotate5(a) + (b ^ c ^ d) + e + 0xCA62C1D6 + temp;
- e = d;
- d = c;
- c = leftRotate30(b);
- b = a;
- a = temp;
- }
-
- // Add this chunk's hash to the result so far.
- state.h[0] += a;
- state.h[1] += b;
- state.h[2] += c;
- state.h[3] += d;
- state.h[4] += e;
-
- // Attempt to clean up the stack.
- a = b = c = d = e = temp = 0;
-}
diff --git a/libraries/Crypto/SHA1.h b/libraries/Crypto/SHA1.h
deleted file mode 100644
index 328ca39a..00000000
--- a/libraries/Crypto/SHA1.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright (C) 2015 Southern Storm Software, Pty Ltd.
- *
- * Permission is hereby granted, free of charge, to any person obtaining a
- * copy of this software and associated documentation files (the "Software"),
- * to deal in the Software without restriction, including without limitation
- * the rights to use, copy, modify, merge, publish, distribute, sublicense,
- * and/or sell copies of the Software, and to permit persons to whom the
- * Software is furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included
- * in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
- * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
- * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- */
-
-#ifndef CRYPTO_SHA1_h
-#define CRYPTO_SHA1_h
-
-#include "Hash.h"
-
-class SHA1 : public Hash
-{
-public:
- SHA1();
- virtual ~SHA1();
-
- size_t hashSize() const;
- size_t blockSize() const;
-
- void reset();
- void update(const void *data, size_t len);
- void finalize(void *hash, size_t len);
-
- void clear();
-
- void resetHMAC(const void *key, size_t keyLen);
- void finalizeHMAC(const void *key, size_t keyLen, void *hash, size_t hashLen);
-
-private:
- struct {
- uint32_t h[5];
- uint32_t w[16];
- uint64_t length;
- uint8_t chunkSize;
- } state;
-
- void processChunk();
-};
-
-#endif
diff --git a/libraries/Crypto/SHA256.cpp b/libraries/Crypto/SHA256.cpp
index 1c877936..098b2e7a 100644
--- a/libraries/Crypto/SHA256.cpp
+++ b/libraries/Crypto/SHA256.cpp
@@ -33,7 +33,7 @@
*
* Reference: http://en.wikipedia.org/wiki/SHA-2
*
- * \sa SHA512, SHA1, BLAKE2s
+ * \sa SHA512, SHA3_256, BLAKE2s
*/
/**
diff --git a/libraries/Crypto/SHA512.cpp b/libraries/Crypto/SHA512.cpp
index 1176ef96..71cf0197 100644
--- a/libraries/Crypto/SHA512.cpp
+++ b/libraries/Crypto/SHA512.cpp
@@ -33,7 +33,7 @@
*
* Reference: http://en.wikipedia.org/wiki/SHA-2
*
- * \sa SHA256, SHA1
+ * \sa SHA256, SHA3_512, BLAKE2b
*/
/**
diff --git a/libraries/Crypto/examples/TestSHA1/TestSHA1.ino b/libraries/Crypto/examples/TestSHA1/TestSHA1.ino
deleted file mode 100644
index 3a4d6640..00000000
--- a/libraries/Crypto/examples/TestSHA1/TestSHA1.ino
+++ /dev/null
@@ -1,319 +0,0 @@
-/*
- * Copyright (C) 2015 Southern Storm Software, Pty Ltd.
- *
- * Permission is hereby granted, free of charge, to any person obtaining a
- * copy of this software and associated documentation files (the "Software"),
- * to deal in the Software without restriction, including without limitation
- * the rights to use, copy, modify, merge, publish, distribute, sublicense,
- * and/or sell copies of the Software, and to permit persons to whom the
- * Software is furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included
- * in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
- * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
- * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- */
-
-/*
-This example runs tests on the SHA1 implementation to verify correct behaviour.
-*/
-
-#include
-#include
-#include
-
-#define HASH_SIZE 20
-#define BLOCK_SIZE 64
-
-struct TestHashVector
-{
- const char *name;
- const char *key;
- const char *data;
- uint8_t hash[HASH_SIZE];
-};
-
-static TestHashVector const testVectorSHA1_1 = {
- "SHA-1 #1",
- 0,
- "abc",
- {0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A,
- 0xBA, 0x3E, 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C,
- 0x9C, 0xD0, 0xD8, 0x9D}
-};
-static TestHashVector const testVectorSHA1_2 = {
- "SHA-1 #2",
- 0,
- "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
- {0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E,
- 0xBA, 0xAE, 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5,
- 0xE5, 0x46, 0x70, 0xF1}
-};
-static TestHashVector const testVectorHMAC_SHA1_1 = {
- "HMAC-SHA-1 #1",
- "",
- "",
- {0xfb, 0xdb, 0x1d, 0x1b, 0x18, 0xaa, 0x6c, 0x08,
- 0x32, 0x4b, 0x7d, 0x64, 0xb7, 0x1f, 0xb7, 0x63,
- 0x70, 0x69, 0x0e, 0x1d}
-};
-static TestHashVector const testVectorHMAC_SHA1_2 = {
- "HMAC-SHA-1 #2",
- "key",
- "The quick brown fox jumps over the lazy dog",
- {0xde, 0x7c, 0x9b, 0x85, 0xb8, 0xb7, 0x8a, 0xa6,
- 0xbc, 0x8a, 0x7a, 0x36, 0xf7, 0x0a, 0x90, 0x70,
- 0x1c, 0x9d, 0xb4, 0xd9}
-};
-
-SHA1 sha1;
-
-byte buffer[128];
-
-bool testHash_N(Hash *hash, const struct TestHashVector *test, size_t inc)
-{
- size_t size = strlen(test->data);
- size_t posn, len;
- uint8_t value[HASH_SIZE];
-
- hash->reset();
- for (posn = 0; posn < size; posn += inc) {
- len = size - posn;
- if (len > inc)
- len = inc;
- hash->update(test->data + posn, len);
- }
- hash->finalize(value, sizeof(value));
- if (memcmp(value, test->hash, sizeof(value)) != 0)
- return false;
-
- return true;
-}
-
-void testHash(Hash *hash, const struct TestHashVector *test)
-{
- bool ok;
-
- Serial.print(test->name);
- Serial.print(" ... ");
-
- ok = testHash_N(hash, test, strlen(test->data));
- ok &= testHash_N(hash, test, 1);
- ok &= testHash_N(hash, test, 2);
- ok &= testHash_N(hash, test, 5);
- ok &= testHash_N(hash, test, 8);
- ok &= testHash_N(hash, test, 13);
- ok &= testHash_N(hash, test, 16);
- ok &= testHash_N(hash, test, 24);
- ok &= testHash_N(hash, test, 63);
- ok &= testHash_N(hash, test, 64);
-
- if (ok)
- Serial.println("Passed");
- else
- Serial.println("Failed");
-}
-
-// Very simple method for hashing a HMAC inner or outer key.
-void hashKey(Hash *hash, const uint8_t *key, size_t keyLen, uint8_t pad)
-{
- size_t posn;
- uint8_t buf;
- uint8_t result[HASH_SIZE];
- if (keyLen <= BLOCK_SIZE) {
- hash->reset();
- for (posn = 0; posn < BLOCK_SIZE; ++posn) {
- if (posn < keyLen)
- buf = key[posn] ^ pad;
- else
- buf = pad;
- hash->update(&buf, 1);
- }
- } else {
- hash->reset();
- hash->update(key, keyLen);
- hash->finalize(result, HASH_SIZE);
- hash->reset();
- for (posn = 0; posn < BLOCK_SIZE; ++posn) {
- if (posn < HASH_SIZE)
- buf = result[posn] ^ pad;
- else
- buf = pad;
- hash->update(&buf, 1);
- }
- }
-}
-
-void testHMAC(Hash *hash, size_t keyLen)
-{
- uint8_t result[HASH_SIZE];
-
- Serial.print("HMAC-SHA-1 keysize=");
- Serial.print(keyLen);
- Serial.print(" ... ");
-
- // Construct the expected result with a simple HMAC implementation.
- memset(buffer, (uint8_t)keyLen, keyLen);
- hashKey(hash, buffer, keyLen, 0x36);
- memset(buffer, 0xBA, sizeof(buffer));
- hash->update(buffer, sizeof(buffer));
- hash->finalize(result, HASH_SIZE);
- memset(buffer, (uint8_t)keyLen, keyLen);
- hashKey(hash, buffer, keyLen, 0x5C);
- hash->update(result, HASH_SIZE);
- hash->finalize(result, HASH_SIZE);
-
- // Now use the library to compute the HMAC.
- hash->resetHMAC(buffer, keyLen);
- memset(buffer, 0xBA, sizeof(buffer));
- hash->update(buffer, sizeof(buffer));
- memset(buffer, (uint8_t)keyLen, keyLen);
- hash->finalizeHMAC(buffer, keyLen, buffer, HASH_SIZE);
-
- // Check the result.
- if (!memcmp(result, buffer, HASH_SIZE))
- Serial.println("Passed");
- else
- Serial.println("Failed");
-}
-
-void testHMAC(Hash *hash, const struct TestHashVector *test)
-{
- uint8_t result[HASH_SIZE];
-
- Serial.print(test->name);
- Serial.print(" ... ");
-
- hash->resetHMAC(test->key, strlen(test->key));
- hash->update(test->data, strlen(test->data));
- hash->finalizeHMAC(test->key, strlen(test->key), result, sizeof(result));
-
- if (!memcmp(result, test->hash, HASH_SIZE))
- Serial.println("Passed");
- else
- Serial.println("Failed");
-}
-
-void perfHash(Hash *hash)
-{
- unsigned long start;
- unsigned long elapsed;
- int count;
-
- Serial.print("Hashing ... ");
-
- for (size_t posn = 0; posn < sizeof(buffer); ++posn)
- buffer[posn] = (uint8_t)posn;
-
- hash->reset();
- start = micros();
- for (count = 0; count < 1000; ++count) {
- hash->update(buffer, sizeof(buffer));
- }
- elapsed = micros() - start;
-
- Serial.print(elapsed / (sizeof(buffer) * 1000.0));
- Serial.print("us per byte, ");
- Serial.print((sizeof(buffer) * 1000.0 * 1000000.0) / elapsed);
- Serial.println(" bytes per second");
-}
-
-void perfFinalize(Hash *hash)
-{
- unsigned long start;
- unsigned long elapsed;
- int count;
-
- Serial.print("Finalizing ... ");
-
- hash->reset();
- hash->update("abc", 3);
- start = micros();
- for (count = 0; count < 1000; ++count) {
- hash->finalize(buffer, hash->hashSize());
- }
- elapsed = micros() - start;
-
- Serial.print(elapsed / 1000.0);
- Serial.print("us per op, ");
- Serial.print((1000.0 * 1000000.0) / elapsed);
- Serial.println(" ops per second");
-}
-
-void perfHMAC(Hash *hash)
-{
- unsigned long start;
- unsigned long elapsed;
- int count;
-
- Serial.print("HMAC Reset ... ");
-
- for (size_t posn = 0; posn < sizeof(buffer); ++posn)
- buffer[posn] = (uint8_t)posn;
-
- start = micros();
- for (count = 0; count < 1000; ++count) {
- hash->resetHMAC(buffer, hash->hashSize());
- }
- elapsed = micros() - start;
-
- Serial.print(elapsed / 1000.0);
- Serial.print("us per op, ");
- Serial.print((1000.0 * 1000000.0) / elapsed);
- Serial.println(" ops per second");
-
- Serial.print("HMAC Finalize ... ");
-
- hash->resetHMAC(buffer, hash->hashSize());
- hash->update("abc", 3);
- start = micros();
- for (count = 0; count < 1000; ++count) {
- hash->finalizeHMAC(buffer, hash->hashSize(), buffer, hash->hashSize());
- }
- elapsed = micros() - start;
-
- Serial.print(elapsed / 1000.0);
- Serial.print("us per op, ");
- Serial.print((1000.0 * 1000000.0) / elapsed);
- Serial.println(" ops per second");
-}
-
-void setup()
-{
- Serial.begin(9600);
-
- Serial.println();
-
- Serial.print("State Size ...");
- Serial.println(sizeof(SHA1));
- Serial.println();
-
- Serial.println("Test Vectors:");
- testHash(&sha1, &testVectorSHA1_1);
- testHash(&sha1, &testVectorSHA1_2);
- testHMAC(&sha1, &testVectorHMAC_SHA1_1);
- testHMAC(&sha1, &testVectorHMAC_SHA1_2);
- testHMAC(&sha1, (size_t)0);
- testHMAC(&sha1, 1);
- testHMAC(&sha1, HASH_SIZE);
- testHMAC(&sha1, BLOCK_SIZE);
- testHMAC(&sha1, BLOCK_SIZE + 1);
- testHMAC(&sha1, sizeof(buffer));
-
- Serial.println();
-
- Serial.println("Performance Tests:");
- perfHash(&sha1);
- perfFinalize(&sha1);
- perfHMAC(&sha1);
-}
-
-void loop()
-{
-}
diff --git a/libraries/Crypto/keywords.txt b/libraries/Crypto/keywords.txt
index 5b52718a..66339da7 100644
--- a/libraries/Crypto/keywords.txt
+++ b/libraries/Crypto/keywords.txt
@@ -1,12 +1,13 @@
AES128 KEYWORD1
AES192 KEYWORD1
AES256 KEYWORD1
+Speck KEYWORD1
+SpeckLowMemory KEYWORD1
ChaCha KEYWORD1
ChaChaPoly KEYWORD1
BLAKE2b KEYWORD1
BLAKE2s KEYWORD1
-SHA1 KEYWORD1
SHA256 KEYWORD1
SHA512 KEYWORD1
SHA3_256 KEYWORD1
@@ -16,12 +17,14 @@ Poly1305 KEYWORD1
GHASH KEYWORD1
Curve25519 KEYWORD1
+Ed25519 KEYWORD1
CBC KEYWORD1
CFB KEYWORD1
CTR KEYWORD1
OFB KEYWORD1
GCM KEYWORD1
+EAX KEYWORD1
RNG KEYWORD1