diff options
Diffstat (limited to '')
-rw-r--r-- | web/server/h2o/libh2o/deps/picotls/deps/cifra/src/sha3.h | 180 |
1 files changed, 180 insertions, 0 deletions
diff --git a/web/server/h2o/libh2o/deps/picotls/deps/cifra/src/sha3.h b/web/server/h2o/libh2o/deps/picotls/deps/cifra/src/sha3.h new file mode 100644 index 00000000..44895dc3 --- /dev/null +++ b/web/server/h2o/libh2o/deps/picotls/deps/cifra/src/sha3.h @@ -0,0 +1,180 @@ +/* + * cifra - embedded cryptography library + * Written in 2014 by Joseph Birr-Pixton <jpixton@gmail.com> + * + * To the extent possible under law, the author(s) have dedicated all + * copyright and related and neighboring rights to this software to the + * public domain worldwide. This software is distributed without any + * warranty. + * + * You should have received a copy of the CC0 Public Domain Dedication + * along with this software. If not, see + * <http://creativecommons.org/publicdomain/zero/1.0/>. + */ + +#ifndef SHA3_H +#define SHA3_H + +#include <stddef.h> +#include <stdint.h> + +#include "chash.h" + +/** + * SHA3/Keccak + * =========== + * This implementation is compatible with FIPS 202, + * rather than the original Keccak submission. + * + */ + +/* .. c:macro:: CF_SHA3_224_HASHSZ + * The output size of SHA3-224: 28 bytes. */ +#define CF_SHA3_224_HASHSZ 28 + +/* .. c:macro:: CF_SHA3_256_HASHSZ + * The output size of SHA3-256: 32 bytes. */ +#define CF_SHA3_256_HASHSZ 32 + +/* .. c:macro:: CF_SHA3_384_HASHSZ + * The output size of SHA3-384: 48 bytes. */ +#define CF_SHA3_384_HASHSZ 48 + +/* .. c:macro:: CF_SHA3_512_HASHSZ + * The output size of SHA3-512: 64 bytes. */ +#define CF_SHA3_512_HASHSZ 64 + +/* .. c:macro:: CF_SHA3_224_BLOCKSZ + * The block size of SHA3-224. */ +#define CF_SHA3_224_BLOCKSZ 144 + +/* .. c:macro:: CF_SHA3_256_BLOCKSZ + * The block size of SHA3-256. */ +#define CF_SHA3_256_BLOCKSZ 136 + +/* .. c:macro:: CF_SHA3_384_BLOCKSZ + * The block size of SHA3-384. */ +#define CF_SHA3_384_BLOCKSZ 104 + +/* .. c:macro:: CF_SHA3_512_BLOCKSZ + * The block size of SHA3-512. */ +#define CF_SHA3_512_BLOCKSZ 72 + +/* We use bit-interleaved internal representation. This + * stores a 64 bit quantity in two 32 bit words: one word + * contains odd bits, the other even. This means 64-bit rotations + * are cheaper to compute. */ +typedef struct +{ + uint32_t odd, evn; +} cf_sha3_bi; + +/* .. c:type:: cf_sha3_context + * Incremental SHA3 hashing context. + * + * .. c:member:: cf_sha3_context.A + * Intermediate state. + * + * .. c:member:: cf_sha3_context.partial + * Unprocessed input. + * + * .. c:member:: cf_sha3_context.npartial + * Number of bytes of unprocessed input. + * + * .. c:member:: cf_sha3_context.rate + * Sponge absorption rate. + * + * .. c:member:: cf_sha3_context.rate + * Sponge capacity. + */ +typedef struct +{ + /* State is a 5x5 block of 64-bit values, for Keccak-f[1600]. */ + cf_sha3_bi A[5][5]; + uint8_t partial[CF_SHA3_224_BLOCKSZ]; + size_t npartial; + uint16_t rate, capacity; /* rate and capacity, in bytes. */ +} cf_sha3_context; + + +/* -- _init functions -- */ + +/* .. c:function:: $DECL */ +extern void cf_sha3_224_init(cf_sha3_context *ctx); + +/* .. c:function:: $DECL */ +extern void cf_sha3_256_init(cf_sha3_context *ctx); + +/* .. c:function:: $DECL */ +extern void cf_sha3_384_init(cf_sha3_context *ctx); + +/* .. c:function:: $DECL + * Sets up `ctx` ready to hash a new message. + */ +extern void cf_sha3_512_init(cf_sha3_context *ctx); + +/* -- _update functions -- */ + +/* .. c:function:: $DECL */ +extern void cf_sha3_224_update(cf_sha3_context *ctx, const void *data, size_t nbytes); + +/* .. c:function:: $DECL */ +extern void cf_sha3_256_update(cf_sha3_context *ctx, const void *data, size_t nbytes); + +/* .. c:function:: $DECL */ +extern void cf_sha3_384_update(cf_sha3_context *ctx, const void *data, size_t nbytes); + +/* .. c:function:: $DECL + * Hashes `nbytes` at `data`. Copies the data for processing later if there + * isn't enough to make a full block. + */ +extern void cf_sha3_512_update(cf_sha3_context *ctx, const void *data, size_t nbytes); + +/* -- _digest functions -- */ + +/* .. c:function:: $DECL */ +extern void cf_sha3_224_digest(const cf_sha3_context *ctx, uint8_t hash[CF_SHA3_224_HASHSZ]); + +/* .. c:function:: $DECL */ +extern void cf_sha3_256_digest(const cf_sha3_context *ctx, uint8_t hash[CF_SHA3_256_HASHSZ]); + +/* .. c:function:: $DECL */ +extern void cf_sha3_384_digest(const cf_sha3_context *ctx, uint8_t hash[CF_SHA3_384_HASHSZ]); + +/* .. c:function:: $DECL + * Finishes the hashing operation, writing result to `hash`. + * + * This leaves `ctx` unchanged. + */ +extern void cf_sha3_512_digest(const cf_sha3_context *ctx, uint8_t hash[CF_SHA3_512_HASHSZ]); + +/* -- _digest_final functions -- */ + +/* .. c:function:: $DECL */ +extern void cf_sha3_224_digest_final(cf_sha3_context *ctx, uint8_t hash[CF_SHA3_224_HASHSZ]); + +/* .. c:function:: $DECL */ +extern void cf_sha3_256_digest_final(cf_sha3_context *ctx, uint8_t hash[CF_SHA3_256_HASHSZ]); + +/* .. c:function:: $DECL */ +extern void cf_sha3_384_digest_final(cf_sha3_context *ctx, uint8_t hash[CF_SHA3_384_HASHSZ]); + +/* .. c:function:: $DECL + * Finishes the hashing operation, writing result to `hash`. + * + * This destroys the contents of `ctx`. + */ +extern void cf_sha3_512_digest_final(cf_sha3_context *ctx, uint8_t hash[CF_SHA3_512_HASHSZ]); + +/* .. c:var:: cf_sha3_224 + * .. c:var:: cf_sha3_256 + * .. c:var:: cf_sha3_384 + * .. c:var:: cf_sha3_512 + * Abstract interface to SHA3 functions. See :c:type:`cf_chash` for more information. + */ +extern const cf_chash cf_sha3_224; +extern const cf_chash cf_sha3_256; +extern const cf_chash cf_sha3_384; +extern const cf_chash cf_sha3_512; + +#endif |