1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
|
/*
* cifra - embedded cryptography library
* Written in 2014 by Joseph Birr-Pixton <jpixton@gmail.com>
*
* To the extent possible under law, the author(s) have dedicated all
* copyright and related and neighboring rights to this software to the
* public domain worldwide. This software is distributed without any
* warranty.
*
* You should have received a copy of the CC0 Public Domain Dedication
* along with this software. If not, see
* <http://creativecommons.org/publicdomain/zero/1.0/>.
*/
#ifndef SHA3_H
#define SHA3_H
#include <stddef.h>
#include <stdint.h>
#include "chash.h"
/**
* SHA3/Keccak
* ===========
* This implementation is compatible with FIPS 202,
* rather than the original Keccak submission.
*
*/
/* .. c:macro:: CF_SHA3_224_HASHSZ
* The output size of SHA3-224: 28 bytes. */
#define CF_SHA3_224_HASHSZ 28
/* .. c:macro:: CF_SHA3_256_HASHSZ
* The output size of SHA3-256: 32 bytes. */
#define CF_SHA3_256_HASHSZ 32
/* .. c:macro:: CF_SHA3_384_HASHSZ
* The output size of SHA3-384: 48 bytes. */
#define CF_SHA3_384_HASHSZ 48
/* .. c:macro:: CF_SHA3_512_HASHSZ
* The output size of SHA3-512: 64 bytes. */
#define CF_SHA3_512_HASHSZ 64
/* .. c:macro:: CF_SHA3_224_BLOCKSZ
* The block size of SHA3-224. */
#define CF_SHA3_224_BLOCKSZ 144
/* .. c:macro:: CF_SHA3_256_BLOCKSZ
* The block size of SHA3-256. */
#define CF_SHA3_256_BLOCKSZ 136
/* .. c:macro:: CF_SHA3_384_BLOCKSZ
* The block size of SHA3-384. */
#define CF_SHA3_384_BLOCKSZ 104
/* .. c:macro:: CF_SHA3_512_BLOCKSZ
* The block size of SHA3-512. */
#define CF_SHA3_512_BLOCKSZ 72
/* We use bit-interleaved internal representation. This
* stores a 64 bit quantity in two 32 bit words: one word
* contains odd bits, the other even. This means 64-bit rotations
* are cheaper to compute. */
typedef struct
{
uint32_t odd, evn;
} cf_sha3_bi;
/* .. c:type:: cf_sha3_context
* Incremental SHA3 hashing context.
*
* .. c:member:: cf_sha3_context.A
* Intermediate state.
*
* .. c:member:: cf_sha3_context.partial
* Unprocessed input.
*
* .. c:member:: cf_sha3_context.npartial
* Number of bytes of unprocessed input.
*
* .. c:member:: cf_sha3_context.rate
* Sponge absorption rate.
*
* .. c:member:: cf_sha3_context.rate
* Sponge capacity.
*/
typedef struct
{
/* State is a 5x5 block of 64-bit values, for Keccak-f[1600]. */
cf_sha3_bi A[5][5];
uint8_t partial[CF_SHA3_224_BLOCKSZ];
size_t npartial;
uint16_t rate, capacity; /* rate and capacity, in bytes. */
} cf_sha3_context;
/* -- _init functions -- */
/* .. c:function:: $DECL */
extern void cf_sha3_224_init(cf_sha3_context *ctx);
/* .. c:function:: $DECL */
extern void cf_sha3_256_init(cf_sha3_context *ctx);
/* .. c:function:: $DECL */
extern void cf_sha3_384_init(cf_sha3_context *ctx);
/* .. c:function:: $DECL
* Sets up `ctx` ready to hash a new message.
*/
extern void cf_sha3_512_init(cf_sha3_context *ctx);
/* -- _update functions -- */
/* .. c:function:: $DECL */
extern void cf_sha3_224_update(cf_sha3_context *ctx, const void *data, size_t nbytes);
/* .. c:function:: $DECL */
extern void cf_sha3_256_update(cf_sha3_context *ctx, const void *data, size_t nbytes);
/* .. c:function:: $DECL */
extern void cf_sha3_384_update(cf_sha3_context *ctx, const void *data, size_t nbytes);
/* .. c:function:: $DECL
* Hashes `nbytes` at `data`. Copies the data for processing later if there
* isn't enough to make a full block.
*/
extern void cf_sha3_512_update(cf_sha3_context *ctx, const void *data, size_t nbytes);
/* -- _digest functions -- */
/* .. c:function:: $DECL */
extern void cf_sha3_224_digest(const cf_sha3_context *ctx, uint8_t hash[CF_SHA3_224_HASHSZ]);
/* .. c:function:: $DECL */
extern void cf_sha3_256_digest(const cf_sha3_context *ctx, uint8_t hash[CF_SHA3_256_HASHSZ]);
/* .. c:function:: $DECL */
extern void cf_sha3_384_digest(const cf_sha3_context *ctx, uint8_t hash[CF_SHA3_384_HASHSZ]);
/* .. c:function:: $DECL
* Finishes the hashing operation, writing result to `hash`.
*
* This leaves `ctx` unchanged.
*/
extern void cf_sha3_512_digest(const cf_sha3_context *ctx, uint8_t hash[CF_SHA3_512_HASHSZ]);
/* -- _digest_final functions -- */
/* .. c:function:: $DECL */
extern void cf_sha3_224_digest_final(cf_sha3_context *ctx, uint8_t hash[CF_SHA3_224_HASHSZ]);
/* .. c:function:: $DECL */
extern void cf_sha3_256_digest_final(cf_sha3_context *ctx, uint8_t hash[CF_SHA3_256_HASHSZ]);
/* .. c:function:: $DECL */
extern void cf_sha3_384_digest_final(cf_sha3_context *ctx, uint8_t hash[CF_SHA3_384_HASHSZ]);
/* .. c:function:: $DECL
* Finishes the hashing operation, writing result to `hash`.
*
* This destroys the contents of `ctx`.
*/
extern void cf_sha3_512_digest_final(cf_sha3_context *ctx, uint8_t hash[CF_SHA3_512_HASHSZ]);
/* .. c:var:: cf_sha3_224
* .. c:var:: cf_sha3_256
* .. c:var:: cf_sha3_384
* .. c:var:: cf_sha3_512
* Abstract interface to SHA3 functions. See :c:type:`cf_chash` for more information.
*/
extern const cf_chash cf_sha3_224;
extern const cf_chash cf_sha3_256;
extern const cf_chash cf_sha3_384;
extern const cf_chash cf_sha3_512;
#endif
|
