summaryrefslogtreecommitdiffstats
path: root/web/server/h2o/libh2o/deps/picotls/deps/cifra/src/sha3.h
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--web/server/h2o/libh2o/deps/picotls/deps/cifra/src/sha3.h180
1 files changed, 180 insertions, 0 deletions
diff --git a/web/server/h2o/libh2o/deps/picotls/deps/cifra/src/sha3.h b/web/server/h2o/libh2o/deps/picotls/deps/cifra/src/sha3.h
new file mode 100644
index 00000000..44895dc3
--- /dev/null
+++ b/web/server/h2o/libh2o/deps/picotls/deps/cifra/src/sha3.h
@@ -0,0 +1,180 @@
+/*
+ * cifra - embedded cryptography library
+ * Written in 2014 by Joseph Birr-Pixton <jpixton@gmail.com>
+ *
+ * To the extent possible under law, the author(s) have dedicated all
+ * copyright and related and neighboring rights to this software to the
+ * public domain worldwide. This software is distributed without any
+ * warranty.
+ *
+ * You should have received a copy of the CC0 Public Domain Dedication
+ * along with this software. If not, see
+ * <http://creativecommons.org/publicdomain/zero/1.0/>.
+ */
+
+#ifndef SHA3_H
+#define SHA3_H
+
+#include <stddef.h>
+#include <stdint.h>
+
+#include "chash.h"
+
+/**
+ * SHA3/Keccak
+ * ===========
+ * This implementation is compatible with FIPS 202,
+ * rather than the original Keccak submission.
+ *
+ */
+
+/* .. c:macro:: CF_SHA3_224_HASHSZ
+ * The output size of SHA3-224: 28 bytes. */
+#define CF_SHA3_224_HASHSZ 28
+
+/* .. c:macro:: CF_SHA3_256_HASHSZ
+ * The output size of SHA3-256: 32 bytes. */
+#define CF_SHA3_256_HASHSZ 32
+
+/* .. c:macro:: CF_SHA3_384_HASHSZ
+ * The output size of SHA3-384: 48 bytes. */
+#define CF_SHA3_384_HASHSZ 48
+
+/* .. c:macro:: CF_SHA3_512_HASHSZ
+ * The output size of SHA3-512: 64 bytes. */
+#define CF_SHA3_512_HASHSZ 64
+
+/* .. c:macro:: CF_SHA3_224_BLOCKSZ
+ * The block size of SHA3-224. */
+#define CF_SHA3_224_BLOCKSZ 144
+
+/* .. c:macro:: CF_SHA3_256_BLOCKSZ
+ * The block size of SHA3-256. */
+#define CF_SHA3_256_BLOCKSZ 136
+
+/* .. c:macro:: CF_SHA3_384_BLOCKSZ
+ * The block size of SHA3-384. */
+#define CF_SHA3_384_BLOCKSZ 104
+
+/* .. c:macro:: CF_SHA3_512_BLOCKSZ
+ * The block size of SHA3-512. */
+#define CF_SHA3_512_BLOCKSZ 72
+
+/* We use bit-interleaved internal representation. This
+ * stores a 64 bit quantity in two 32 bit words: one word
+ * contains odd bits, the other even. This means 64-bit rotations
+ * are cheaper to compute. */
+typedef struct
+{
+ uint32_t odd, evn;
+} cf_sha3_bi;
+
+/* .. c:type:: cf_sha3_context
+ * Incremental SHA3 hashing context.
+ *
+ * .. c:member:: cf_sha3_context.A
+ * Intermediate state.
+ *
+ * .. c:member:: cf_sha3_context.partial
+ * Unprocessed input.
+ *
+ * .. c:member:: cf_sha3_context.npartial
+ * Number of bytes of unprocessed input.
+ *
+ * .. c:member:: cf_sha3_context.rate
+ * Sponge absorption rate.
+ *
+ * .. c:member:: cf_sha3_context.rate
+ * Sponge capacity.
+ */
+typedef struct
+{
+ /* State is a 5x5 block of 64-bit values, for Keccak-f[1600]. */
+ cf_sha3_bi A[5][5];
+ uint8_t partial[CF_SHA3_224_BLOCKSZ];
+ size_t npartial;
+ uint16_t rate, capacity; /* rate and capacity, in bytes. */
+} cf_sha3_context;
+
+
+/* -- _init functions -- */
+
+/* .. c:function:: $DECL */
+extern void cf_sha3_224_init(cf_sha3_context *ctx);
+
+/* .. c:function:: $DECL */
+extern void cf_sha3_256_init(cf_sha3_context *ctx);
+
+/* .. c:function:: $DECL */
+extern void cf_sha3_384_init(cf_sha3_context *ctx);
+
+/* .. c:function:: $DECL
+ * Sets up `ctx` ready to hash a new message.
+ */
+extern void cf_sha3_512_init(cf_sha3_context *ctx);
+
+/* -- _update functions -- */
+
+/* .. c:function:: $DECL */
+extern void cf_sha3_224_update(cf_sha3_context *ctx, const void *data, size_t nbytes);
+
+/* .. c:function:: $DECL */
+extern void cf_sha3_256_update(cf_sha3_context *ctx, const void *data, size_t nbytes);
+
+/* .. c:function:: $DECL */
+extern void cf_sha3_384_update(cf_sha3_context *ctx, const void *data, size_t nbytes);
+
+/* .. c:function:: $DECL
+ * Hashes `nbytes` at `data`. Copies the data for processing later if there
+ * isn't enough to make a full block.
+ */
+extern void cf_sha3_512_update(cf_sha3_context *ctx, const void *data, size_t nbytes);
+
+/* -- _digest functions -- */
+
+/* .. c:function:: $DECL */
+extern void cf_sha3_224_digest(const cf_sha3_context *ctx, uint8_t hash[CF_SHA3_224_HASHSZ]);
+
+/* .. c:function:: $DECL */
+extern void cf_sha3_256_digest(const cf_sha3_context *ctx, uint8_t hash[CF_SHA3_256_HASHSZ]);
+
+/* .. c:function:: $DECL */
+extern void cf_sha3_384_digest(const cf_sha3_context *ctx, uint8_t hash[CF_SHA3_384_HASHSZ]);
+
+/* .. c:function:: $DECL
+ * Finishes the hashing operation, writing result to `hash`.
+ *
+ * This leaves `ctx` unchanged.
+ */
+extern void cf_sha3_512_digest(const cf_sha3_context *ctx, uint8_t hash[CF_SHA3_512_HASHSZ]);
+
+/* -- _digest_final functions -- */
+
+/* .. c:function:: $DECL */
+extern void cf_sha3_224_digest_final(cf_sha3_context *ctx, uint8_t hash[CF_SHA3_224_HASHSZ]);
+
+/* .. c:function:: $DECL */
+extern void cf_sha3_256_digest_final(cf_sha3_context *ctx, uint8_t hash[CF_SHA3_256_HASHSZ]);
+
+/* .. c:function:: $DECL */
+extern void cf_sha3_384_digest_final(cf_sha3_context *ctx, uint8_t hash[CF_SHA3_384_HASHSZ]);
+
+/* .. c:function:: $DECL
+ * Finishes the hashing operation, writing result to `hash`.
+ *
+ * This destroys the contents of `ctx`.
+ */
+extern void cf_sha3_512_digest_final(cf_sha3_context *ctx, uint8_t hash[CF_SHA3_512_HASHSZ]);
+
+/* .. c:var:: cf_sha3_224
+ * .. c:var:: cf_sha3_256
+ * .. c:var:: cf_sha3_384
+ * .. c:var:: cf_sha3_512
+ * Abstract interface to SHA3 functions. See :c:type:`cf_chash` for more information.
+ */
+extern const cf_chash cf_sha3_224;
+extern const cf_chash cf_sha3_256;
+extern const cf_chash cf_sha3_384;
+extern const cf_chash cf_sha3_512;
+
+#endif