RubyGems - digest-kangarootwelve - Versions diffs - 0.0.2 → 0.3.2 - Mend

digest-kangarootwelve 0.0.2 → 0.3.2

Files changed (307) hide show

data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakSpongeWidth1600.link.c ADDED Viewed

	@@ -0,0 +1 @@
1	+ #include "../common/KeccakSpongeWidth1600.c"

data/ext/digest/kangarootwelve/keccak/bulldozer/PlSnP-Fallback.inc ADDED Viewed

@@ -0,0 +1,287 @@
+/*
+Implementation by Gilles Van Assche, hereby denoted as "the implementer".
+For more information, feedback or questions, please refer to our website:
+https://keccak.team/
+To the extent possible under law, the implementer has waived all copyright
+and related or neighboring rights to the source code in this file.
+http://creativecommons.org/publicdomain/zero/1.0/
+---
+This file contains macros that help make a PlSnP-compatible implementation by
+serially falling back on a SnP-compatible implementation or on a PlSnP-compatible
+implementation of lower parallism degree.
+Please refer to PlSnP-documentation.h for more details.
+*/
+/* expect PlSnP_baseParallelism, PlSnP_targetParallelism */
+/* expect SnP_stateSizeInBytes, SnP_stateAlignment */
+/* expect prefix */
+/* expect SnP_* */
+#define JOIN0(a, b)                     a ## b
+#define JOIN(a, b)                      JOIN0(a, b)
+#define PlSnP_StaticInitialize          JOIN(prefix, _StaticInitialize)
+#define PlSnP_InitializeAll             JOIN(prefix, _InitializeAll)
+#define PlSnP_AddByte                   JOIN(prefix, _AddByte)
+#define PlSnP_AddBytes                  JOIN(prefix, _AddBytes)
+#define PlSnP_AddLanesAll               JOIN(prefix, _AddLanesAll)
+#define PlSnP_OverwriteBytes            JOIN(prefix, _OverwriteBytes)
+#define PlSnP_OverwriteLanesAll         JOIN(prefix, _OverwriteLanesAll)
+#define PlSnP_OverwriteWithZeroes       JOIN(prefix, _OverwriteWithZeroes)
+#define PlSnP_ExtractBytes              JOIN(prefix, _ExtractBytes)
+#define PlSnP_ExtractLanesAll           JOIN(prefix, _ExtractLanesAll)
+#define PlSnP_ExtractAndAddBytes        JOIN(prefix, _ExtractAndAddBytes)
+#define PlSnP_ExtractAndAddLanesAll     JOIN(prefix, _ExtractAndAddLanesAll)
+#if (PlSnP_baseParallelism == 1)
+    #define SnP_stateSizeInBytes            JOIN(SnP, _stateSizeInBytes)
+    #define SnP_stateAlignment              JOIN(SnP, _stateAlignment)
+#else
+    #define SnP_stateSizeInBytes            JOIN(SnP, _statesSizeInBytes)
+    #define SnP_stateAlignment              JOIN(SnP, _statesAlignment)
+#endif
+#define PlSnP_factor ((PlSnP_targetParallelism)/(PlSnP_baseParallelism))
+#define SnP_stateOffset (((SnP_stateSizeInBytes+(SnP_stateAlignment-1))/SnP_stateAlignment)*SnP_stateAlignment)
+#define stateWithIndex(i) ((unsigned char *)states+((i)*SnP_stateOffset))
+#define SnP_StaticInitialize            JOIN(SnP, _StaticInitialize)
+#define SnP_Initialize                  JOIN(SnP, _Initialize)
+#define SnP_InitializeAll               JOIN(SnP, _InitializeAll)
+#define SnP_AddByte                     JOIN(SnP, _AddByte)
+#define SnP_AddBytes                    JOIN(SnP, _AddBytes)
+#define SnP_AddLanesAll                 JOIN(SnP, _AddLanesAll)
+#define SnP_OverwriteBytes              JOIN(SnP, _OverwriteBytes)
+#define SnP_OverwriteLanesAll           JOIN(SnP, _OverwriteLanesAll)
+#define SnP_OverwriteWithZeroes         JOIN(SnP, _OverwriteWithZeroes)
+#define SnP_ExtractBytes                JOIN(SnP, _ExtractBytes)
+#define SnP_ExtractLanesAll             JOIN(SnP, _ExtractLanesAll)
+#define SnP_ExtractAndAddBytes          JOIN(SnP, _ExtractAndAddBytes)
+#define SnP_ExtractAndAddLanesAll       JOIN(SnP, _ExtractAndAddLanesAll)
+void PlSnP_StaticInitialize( void )
+{
+    SnP_StaticInitialize();
+}
+void PlSnP_InitializeAll(void *states)
+{
+    unsigned int i;
+    for(i=0; i<PlSnP_factor; i++)
+    #if (PlSnP_baseParallelism == 1)
+        SnP_Initialize(stateWithIndex(i));
+    #else
+        SnP_InitializeAll(stateWithIndex(i));
+    #endif
+}
+void PlSnP_AddByte(void *states, unsigned int instanceIndex, unsigned char byte, unsigned int offset)
+{
+    #if (PlSnP_baseParallelism == 1)
+        SnP_AddByte(stateWithIndex(instanceIndex), byte, offset);
+    #else
+        SnP_AddByte(stateWithIndex(instanceIndex/PlSnP_baseParallelism), instanceIndex%PlSnP_baseParallelism, byte, offset);
+    #endif
+}
+void PlSnP_AddBytes(void *states, unsigned int instanceIndex, const unsigned char *data, unsigned int offset, unsigned int length)
+{
+    #if (PlSnP_baseParallelism == 1)
+        SnP_AddBytes(stateWithIndex(instanceIndex), data, offset, length);
+    #else
+        SnP_AddBytes(stateWithIndex(instanceIndex/PlSnP_baseParallelism), instanceIndex%PlSnP_baseParallelism, data, offset, length);
+    #endif
+}
+void PlSnP_AddLanesAll(void *states, const unsigned char *data, unsigned int laneCount, unsigned int laneOffset)
+{
+    unsigned int i;
+    for(i=0; i<PlSnP_factor; i++) {
+        #if (PlSnP_baseParallelism == 1)
+            SnP_AddBytes(stateWithIndex(i), data, 0, laneCount*SnP_laneLengthInBytes);
+        #else
+            SnP_AddLanesAll(stateWithIndex(i), data, laneCount, laneOffset);
+        #endif
+        data += PlSnP_baseParallelism*laneOffset*SnP_laneLengthInBytes;
+    }
+}
+void PlSnP_OverwriteBytes(void *states, unsigned int instanceIndex, const unsigned char *data, unsigned int offset, unsigned int length)
+{
+    #if (PlSnP_baseParallelism == 1)
+        SnP_OverwriteBytes(stateWithIndex(instanceIndex), data, offset, length);
+    #else
+        SnP_OverwriteBytes(stateWithIndex(instanceIndex/PlSnP_baseParallelism), instanceIndex%PlSnP_baseParallelism, data, offset, length);
+    #endif
+}
+void PlSnP_OverwriteLanesAll(void *states, const unsigned char *data, unsigned int laneCount, unsigned int laneOffset)
+{
+    unsigned int i;
+    for(i=0; i<PlSnP_factor; i++) {
+        #if (PlSnP_baseParallelism == 1)
+            SnP_OverwriteBytes(stateWithIndex(i), data, 0, laneCount*SnP_laneLengthInBytes);
+        #else
+            SnP_OverwriteLanesAll(stateWithIndex(i), data, laneCount, laneOffset);
+        #endif
+        data += PlSnP_baseParallelism*laneOffset*SnP_laneLengthInBytes;
+    }
+}
+void PlSnP_OverwriteWithZeroes(void *states, unsigned int instanceIndex, unsigned int byteCount)
+{
+    #if (PlSnP_baseParallelism == 1)
+        SnP_OverwriteWithZeroes(stateWithIndex(instanceIndex), byteCount);
+    #else
+        SnP_OverwriteWithZeroes(stateWithIndex(instanceIndex/PlSnP_baseParallelism), instanceIndex%PlSnP_baseParallelism, byteCount);
+    #endif
+}
+void PlSnP_PermuteAll(void *states)
+{
+    unsigned int i;
+    for(i=0; i<PlSnP_factor; i++) {
+        #if (PlSnP_baseParallelism == 1)
+            SnP_Permute(stateWithIndex(i));
+        #else
+            SnP_PermuteAll(stateWithIndex(i));
+        #endif
+    }
+}
+#if (defined(SnP_Permute_12rounds) || defined(SnP_PermuteAll_12rounds))
+void PlSnP_PermuteAll_12rounds(void *states)
+{
+    unsigned int i;
+    for(i=0; i<PlSnP_factor; i++) {
+        #if (PlSnP_baseParallelism == 1)
+            SnP_Permute_12rounds(stateWithIndex(i));
+        #else
+            SnP_PermuteAll_12rounds(stateWithIndex(i));
+        #endif
+    }
+}
+#endif
+#if (defined(SnP_Permute_Nrounds) || defined(SnP_PermuteAll_6rounds))
+void PlSnP_PermuteAll_6rounds(void *states)
+{
+    unsigned int i;
+    for(i=0; i<PlSnP_factor; i++) {
+        #if (PlSnP_baseParallelism == 1)
+            SnP_Permute_Nrounds(stateWithIndex(i), 6);
+        #else
+            SnP_PermuteAll_6rounds(stateWithIndex(i));
+        #endif
+    }
+}
+#endif
+#if (defined(SnP_Permute_Nrounds) || defined(SnP_PermuteAll_4rounds))
+void PlSnP_PermuteAll_4rounds(void *states)
+{
+    unsigned int i;
+    for(i=0; i<PlSnP_factor; i++) {
+        #if (PlSnP_baseParallelism == 1)
+            SnP_Permute_Nrounds(stateWithIndex(i), 4);
+        #else
+            SnP_PermuteAll_4rounds(stateWithIndex(i));
+        #endif
+    }
+}
+#endif
+void PlSnP_ExtractBytes(void *states, unsigned int instanceIndex, unsigned char *data, unsigned int offset, unsigned int length)
+{
+    #if (PlSnP_baseParallelism == 1)
+        SnP_ExtractBytes(stateWithIndex(instanceIndex), data, offset, length);
+    #else
+        SnP_ExtractBytes(stateWithIndex(instanceIndex/PlSnP_baseParallelism), instanceIndex%PlSnP_baseParallelism, data, offset, length);
+    #endif
+}
+void PlSnP_ExtractLanesAll(const void *states, unsigned char *data, unsigned int laneCount, unsigned int laneOffset)
+{
+    unsigned int i;
+    for(i=0; i<PlSnP_factor; i++) {
+        #if (PlSnP_baseParallelism == 1)
+            SnP_ExtractBytes(stateWithIndex(i), data, 0, laneCount*SnP_laneLengthInBytes);
+        #else
+            SnP_ExtractLanesAll(stateWithIndex(i), data, laneCount, laneOffset);
+        #endif
+        data += laneOffset*SnP_laneLengthInBytes*PlSnP_baseParallelism;
+    }
+}
+void PlSnP_ExtractAndAddBytes(void *states, unsigned int instanceIndex, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length)
+{
+    #if (PlSnP_baseParallelism == 1)
+        SnP_ExtractAndAddBytes(stateWithIndex(instanceIndex), input, output, offset, length);
+    #else
+        SnP_ExtractAndAddBytes(stateWithIndex(instanceIndex/PlSnP_baseParallelism), instanceIndex%PlSnP_baseParallelism, input, output, offset, length);
+    #endif
+}
+void PlSnP_ExtractAndAddLanesAll(const void *states, const unsigned char *input, unsigned char *output, unsigned int laneCount, unsigned int laneOffset)
+{
+    unsigned int i;
+    for(i=0; i<PlSnP_factor; i++) {
+        #if (PlSnP_baseParallelism == 1)
+            SnP_ExtractAndAddBytes(stateWithIndex(i), input, output, 0, laneCount*SnP_laneLengthInBytes);
+        #else
+            SnP_ExtractAndAddLanesAll(stateWithIndex(i), input, output, laneCount, laneOffset);
+        #endif
+        input += laneOffset*SnP_laneLengthInBytes*PlSnP_baseParallelism;
+        output += laneOffset*SnP_laneLengthInBytes*PlSnP_baseParallelism;
+    }
+}
+#undef PlSnP_factor
+#undef SnP_stateOffset
+#undef stateWithIndex
+#undef JOIN0
+#undef JOIN
+#undef PlSnP_StaticInitialize
+#undef PlSnP_InitializeAll
+#undef PlSnP_AddByte
+#undef PlSnP_AddBytes
+#undef PlSnP_AddLanesAll
+#undef PlSnP_OverwriteBytes
+#undef PlSnP_OverwriteLanesAll
+#undef PlSnP_OverwriteWithZeroes
+#undef PlSnP_PermuteAll
+#undef PlSnP_ExtractBytes
+#undef PlSnP_ExtractLanesAll
+#undef PlSnP_ExtractAndAddBytes
+#undef PlSnP_ExtractAndAddLanesAll
+#undef SnP_stateAlignment
+#undef SnP_stateSizeInBytes
+#undef PlSnP_factor
+#undef SnP_stateOffset
+#undef stateWithIndex
+#undef SnP_StaticInitialize
+#undef SnP_Initialize
+#undef SnP_InitializeAll
+#undef SnP_AddByte
+#undef SnP_AddBytes
+#undef SnP_AddLanesAll
+#undef SnP_OverwriteBytes
+#undef SnP_OverwriteWithZeroes
+#undef SnP_OverwriteLanesAll
+#undef SnP_ExtractBytes
+#undef SnP_ExtractLanesAll
+#undef SnP_ExtractAndAddBytes
+#undef SnP_ExtractAndAddLanesAll

data/ext/digest/kangarootwelve/keccak/bulldozer/SIMD128-config.h ADDED Viewed

@@ -0,0 +1,9 @@
+/*
+This file defines some parameters of the implementation in the parent directory.
+*/
+#define KeccakP1600times2_implementation_config "XOP, all rounds unrolled"
+#define KeccakP1600times2_fullUnrolling
+#define KeccakP1600times2_useSSE
+#define KeccakP1600times2_useSSE2
+#define KeccakP1600times2_useXOP

data/ext/digest/kangarootwelve/{SnP-Relaned.h → keccak/bulldozer/SnP-Relaned.h} RENAMED Viewed

@@ -1,16 +1,22 @@
 /*
-Implementation by the Keccak, Keyak and Ketje Teams, namely, Guido Bertoni,
-Joan Daemen, Michaël Peeters, Gilles Van Assche and Ronny Van Keer, hereby
-denoted as "the implementer".
+Implementation by the Keccak Team, namely, Guido Bertoni, Joan Daemen,
+Michaël Peeters, Gilles Van Assche and Ronny Van Keer,
+hereby denoted as "the implementer".
-For more information, feedback or questions, please refer to our websites:
-http://keccak.noekeon.org/
-http://keyak.noekeon.org/
-http://ketje.noekeon.org/
+For more information, feedback or questions, please refer to our website:
+https://keccak.team/
 To the extent possible under law, the implementer has waived all copyright
 and related or neighboring rights to the source code in this file.
 http://creativecommons.org/publicdomain/zero/1.0/
+---
+This file contains macros that help implement a permutation in a SnP-compatible way.
+It converts an implementation that implement state input/output functions
+in a lane-oriented fashion (i.e., using SnP_AddLanes() and SnP_AddBytesInLane,
+and similarly for Overwite, Extract and ExtractAndAdd) to the byte-oriented SnP.
+Please refer to SnP-documentation.h for more details.
 */
 #ifndef _SnP_Relaned_h_

data/ext/digest/kangarootwelve/keccak/bulldozer/ext.link.c ADDED Viewed

	@@ -0,0 +1 @@
1	+ #include "../../ext.c"

data/ext/digest/kangarootwelve/{KangarooTwelve.c → keccak/common/KangarooTwelve.c} RENAMED Viewed

@@ -1,12 +1,8 @@
 /*
-Implementation by the Keccak, Keyak and Ketje Teams, namely, Guido Bertoni,
-Joan Daemen, Michaël Peeters, Gilles Van Assche and Ronny Van Keer, hereby
-denoted as "the implementer".
+Implementation by Ronny Van Keer, hereby denoted as "the implementer".
-For more information, feedback or questions, please refer to our websites:
-http://keccak.noekeon.org/
-http://keyak.noekeon.org/
-http://ketje.noekeon.org/
+For more information, feedback or questions, please refer to our website:
+https://keccak.team/
 To the extent possible under law, the implementer has waived all copyright
 and related or neighboring rights to the source code in this file.
@@ -155,7 +151,7 @@ int KangarooTwelve_Update(KangarooTwelve_Instance *ktInstance, const unsigned ch
         }
     }
-    #if defined(KeccakP1600times8_implementation)
+    #if defined(KeccakP1600times8_implementation) && !defined(KeccakP1600times8_isFallback)
     #if defined(KeccakP1600times8_12rounds_FastLoop_supported)
     ParallelSpongeFastLoop( 8 )
     #else
@@ -163,7 +159,7 @@ int KangarooTwelve_Update(KangarooTwelve_Instance *ktInstance, const unsigned ch
     #endif
     #endif
-    #if defined(KeccakP1600times4_implementation)
+    #if defined(KeccakP1600times4_implementation) && !defined(KeccakP1600times4_isFallback)
     #if defined(KeccakP1600times4_12rounds_FastLoop_supported)
     ParallelSpongeFastLoop( 4 )
     #else
@@ -171,7 +167,7 @@ int KangarooTwelve_Update(KangarooTwelve_Instance *ktInstance, const unsigned ch
     #endif
     #endif
-    #if defined(KeccakP1600times2_implementation)
+    #if defined(KeccakP1600times2_implementation) && !defined(KeccakP1600times2_isFallback)
     #if defined(KeccakP1600times2_12rounds_FastLoop_supported)
     ParallelSpongeFastLoop( 2 )
     #else

data/ext/digest/kangarootwelve/{KangarooTwelve.h → keccak/common/KangarooTwelve.h} RENAMED Viewed

@@ -1,12 +1,8 @@
 /*
-Implementation by the Keccak, Keyak and Ketje Teams, namely, Guido Bertoni,
-Joan Daemen, Michaël Peeters, Gilles Van Assche and Ronny Van Keer, hereby
-denoted as "the implementer".
+Implementation by Ronny Van Keer, hereby denoted as "the implementer".
-For more information, feedback or questions, please refer to our websites:
-http://keccak.noekeon.org/
-http://keyak.noekeon.org/
-http://ketje.noekeon.org/
+For more information, feedback or questions, please refer to our website:
+https://keccak.team/
 To the extent possible under law, the implementer has waived all copyright
 and related or neighboring rights to the source code in this file.

data/ext/digest/kangarootwelve/keccak/common/KeccakDuplex-common.h ADDED Viewed

@@ -0,0 +1,37 @@
+/*
+Implementation by the Keccak Team, namely, Guido Bertoni, Joan Daemen,
+Michaël Peeters, Gilles Van Assche and Ronny Van Keer,
+hereby denoted as "the implementer".
+For more information, feedback or questions, please refer to our website:
+https://keccak.team/
+To the extent possible under law, the implementer has waived all copyright
+and related or neighboring rights to the source code in this file.
+http://creativecommons.org/publicdomain/zero/1.0/
+*/
+#ifndef _KeccakDuplexCommon_h_
+#define _KeccakDuplexCommon_h_
+#include "align.h"
+#define KCP_DeclareDuplexStructure(prefix, size, alignment) \
+    ALIGN(alignment) typedef struct prefix##_DuplexInstanceStruct { \
+        unsigned char state[size]; \
+        unsigned int rate; \
+        unsigned int byteInputIndex; \
+        unsigned int byteOutputIndex; \
+    } prefix##_DuplexInstance;
+#define KCP_DeclareDuplexFunctions(prefix) \
+    int prefix##_DuplexInitialize(prefix##_DuplexInstance *duplexInstance, unsigned int rate, unsigned int capacity); \
+    int prefix##_Duplexing(prefix##_DuplexInstance *duplexInstance, const unsigned char *sigmaBegin, unsigned int sigmaBeginByteLen, unsigned char *Z, unsigned int ZByteLen, unsigned char delimitedSigmaEnd); \
+    int prefix##_DuplexingFeedPartialInput(prefix##_DuplexInstance *duplexInstance, const unsigned char *input, unsigned int inputByteLen); \
+    int prefix##_DuplexingFeedZeroes(prefix##_DuplexInstance *duplexInstance, unsigned int inputByteLen); \
+    int prefix##_DuplexingOverwritePartialInput(prefix##_DuplexInstance *duplexInstance, const unsigned char *input, unsigned int inputByteLen); \
+    int prefix##_DuplexingOverwriteWithZeroes(prefix##_DuplexInstance *duplexInstance, unsigned int inputByteLen); \
+    int prefix##_DuplexingGetFurtherOutput(prefix##_DuplexInstance *duplexInstance, unsigned char *out, unsigned int outByteLen); \
+    int prefix##_DuplexingGetFurtherOutputAndAdd(prefix##_DuplexInstance *duplexInstance, const unsigned char *input, unsigned char *output, unsigned int outputByteLen);
+#endif

data/ext/digest/kangarootwelve/keccak/common/KeccakDuplex.inc ADDED Viewed

@@ -0,0 +1,192 @@
+/*
+Implementation by the Keccak Team, namely, Guido Bertoni, Joan Daemen,
+Michaël Peeters, Gilles Van Assche and Ronny Van Keer,
+hereby denoted as "the implementer".
+For more information, feedback or questions, please refer to our website:
+https://keccak.team/
+To the extent possible under law, the implementer has waived all copyright
+and related or neighboring rights to the source code in this file.
+http://creativecommons.org/publicdomain/zero/1.0/
+*/
+#define JOIN0(a, b)                     a ## b
+#define JOIN(a, b)                      JOIN0(a, b)
+#define DuplexInstance                  JOIN(prefix, _DuplexInstance)
+#define DuplexInitialize                JOIN(prefix, _DuplexInitialize)
+#define Duplexing                       JOIN(prefix, _Duplexing)
+#define DuplexingFeedPartialInput       JOIN(prefix, _DuplexingFeedPartialInput)
+#define DuplexingFeedZeroes             JOIN(prefix, _DuplexingFeedZeroes)
+#define DuplexingOverwritePartialInput  JOIN(prefix, _DuplexingOverwritePartialInput)
+#define DuplexingOverwriteWithZeroes    JOIN(prefix, _DuplexingOverwriteWithZeroes)
+#define DuplexingGetFurtherOutput       JOIN(prefix, _DuplexingGetFurtherOutput)
+#define DuplexingGetFurtherOutputAndAdd JOIN(prefix, _DuplexingGetFurtherOutputAndAdd)
+#define SnP_stateSizeInBytes            JOIN(SnP, _stateSizeInBytes)
+#define SnP_stateAlignment              JOIN(SnP, _stateAlignment)
+#define SnP_StaticInitialize            JOIN(SnP, _StaticInitialize)
+#define SnP_Initialize                  JOIN(SnP, _Initialize)
+#define SnP_AddByte                     JOIN(SnP, _AddByte)
+#define SnP_AddBytes                    JOIN(SnP, _AddBytes)
+#define SnP_OverwriteBytes              JOIN(SnP, _OverwriteBytes)
+#define SnP_OverwriteWithZeroes         JOIN(SnP, _OverwriteWithZeroes)
+#define SnP_ExtractBytes                JOIN(SnP, _ExtractBytes)
+#define SnP_ExtractAndAddBytes          JOIN(SnP, _ExtractAndAddBytes)
+int DuplexInitialize(DuplexInstance *instance, unsigned int rate, unsigned int capacity)
+{
+    if (rate+capacity != SnP_width)
+        return 1;
+    if ((rate <= 2) || (rate > SnP_width))
+        return 1;
+    SnP_StaticInitialize();
+    instance->rate = rate;
+    SnP_Initialize(instance->state);
+    instance->byteInputIndex = 0;
+    instance->byteOutputIndex = (instance->rate+7)/8;
+    return 0;
+}
+int Duplexing(DuplexInstance *instance, const unsigned char *sigmaBegin, unsigned int sigmaBeginByteLen, unsigned char *Z, unsigned int ZByteLen, unsigned char delimitedSigmaEnd)
+{
+    const unsigned int rho_max = instance->rate - 2;
+    if (delimitedSigmaEnd == 0)
+        return 1;
+    if ((instance->byteInputIndex+sigmaBeginByteLen)*8 > rho_max)
+        return 1;
+    if (rho_max - sigmaBeginByteLen*8 < 7) {
+        unsigned int maxBitsInDelimitedSigmaEnd = rho_max - sigmaBeginByteLen*8;
+        if (delimitedSigmaEnd >= (1 << (maxBitsInDelimitedSigmaEnd+1)))
+            return 1;
+    }
+    if (ZByteLen > (instance->rate+7)/8)
+        return 1; /* The output length must not be greater than the rate (rounded up to a byte) */
+    SnP_AddBytes(instance->state, sigmaBegin, instance->byteInputIndex, sigmaBeginByteLen);
+    #ifdef KeccakReference
+    {
+        unsigned char block[SnP_width/8];
+        memcpy(block, sigmaBegin, sigmaBeginByteLen);
+        block[sigmaBeginByteLen] = delimitedSigmaEnd;
+        memset(block+sigmaBeginByteLen+1, 0, sizeof(block)-sigmaBeginByteLen-1);
+        block[(instance->rate-1)/8] |= 1 << ((instance->rate-1) % 8);
+        displayBytes(1, "Block to be absorbed (after padding)", block, (instance->rate+7)/8);
+    }
+    #endif
+    /* Last few bits, whose delimiter coincides with first bit of padding */
+    SnP_AddByte(instance->state, delimitedSigmaEnd, instance->byteInputIndex+sigmaBeginByteLen);
+    /* Second bit of padding */
+    SnP_AddByte(instance->state, (unsigned char)1 << ((instance->rate - 1)%8), (instance->rate - 1)/8);
+    SnP_Permute(instance->state);
+    SnP_ExtractBytes(instance->state, Z, 0, ZByteLen);
+    if (ZByteLen*8 > instance->rate) {
+        unsigned char mask = (unsigned char)(1 << (instance->rate % 8)) - 1;
+        Z[ZByteLen-1] &= mask;
+    }
+    instance->byteInputIndex = 0;
+    instance->byteOutputIndex = ZByteLen;
+    return 0;
+}
+int DuplexingFeedPartialInput(DuplexInstance *instance, const unsigned char *input, unsigned int inputByteLen)
+{
+    const unsigned int rho_max = instance->rate - 2;
+    if ((instance->byteInputIndex+inputByteLen)*8 > rho_max)
+        return 1;
+    SnP_AddBytes(instance->state, input, instance->byteInputIndex, inputByteLen);
+    instance->byteInputIndex += inputByteLen;
+    return 0;
+}
+int DuplexingFeedZeroes(DuplexInstance *instance, unsigned int inputByteLen)
+{
+    const unsigned int rho_max = instance->rate - 2;
+    if ((instance->byteInputIndex+inputByteLen)*8 > rho_max)
+        return 1;
+    instance->byteInputIndex += inputByteLen;
+    return 0;
+}
+int DuplexingOverwritePartialInput(DuplexInstance *instance, const unsigned char *input, unsigned int inputByteLen)
+{
+    const unsigned int rho_max = instance->rate - 2;
+    if ((instance->byteInputIndex+inputByteLen)*8 > rho_max)
+        return 1;
+    SnP_OverwriteBytes(instance->state, input, instance->byteInputIndex, inputByteLen);
+    instance->byteInputIndex += inputByteLen;
+    return 0;
+}
+int DuplexingOverwriteWithZeroes(DuplexInstance *instance, unsigned int inputByteLen)
+{
+    const unsigned int rho_max = instance->rate - 2;
+    if ((instance->byteInputIndex != 0) || (inputByteLen*8 > rho_max))
+        return 1;
+    SnP_OverwriteWithZeroes(instance->state, inputByteLen);
+    instance->byteInputIndex = inputByteLen;
+    return 0;
+}
+int DuplexingGetFurtherOutput(DuplexInstance *instance, unsigned char *output, unsigned int outputByteLen)
+{
+    if ((outputByteLen+instance->byteOutputIndex) > (instance->rate+7)/8)
+        return 1; /* The output length must not be greater than the rate (rounded up to a byte) */
+    SnP_ExtractBytes(instance->state, output, instance->byteOutputIndex, outputByteLen);
+    instance->byteOutputIndex += outputByteLen;
+    if (instance->byteOutputIndex*8 > instance->rate) {
+        unsigned char mask = (1 << (instance->rate % 8)) - 1;
+        output[outputByteLen-1] &= mask;
+    }
+    return 0;
+}
+int DuplexingGetFurtherOutputAndAdd(DuplexInstance *instance, const unsigned char *input, unsigned char *output, unsigned int outputByteLen)
+{
+    if ((outputByteLen+instance->byteOutputIndex) > (instance->rate+7)/8)
+        return 1; /* The output length must not be greater than the rate (rounded up to a byte) */
+    SnP_ExtractAndAddBytes(instance->state, input, output, instance->byteOutputIndex, outputByteLen);
+    instance->byteOutputIndex += outputByteLen;
+    if (instance->byteOutputIndex*8 > instance->rate) {
+        unsigned char mask = (1 << (instance->rate % 8)) - 1;
+        output[outputByteLen-1] &= mask;
+    }
+    return 0;
+}
+#undef DuplexInstance
+#undef DuplexInitialize
+#undef Duplexing
+#undef DuplexingFeedPartialInput
+#undef DuplexingFeedZeroes
+#undef DuplexingOverwritePartialInput
+#undef DuplexingOverwriteWithZeroes
+#undef DuplexingGetFurtherOutput
+#undef DuplexingGetFurtherOutputAndAdd
+#undef SnP_stateSizeInBytes
+#undef SnP_stateAlignment
+#undef SnP_StaticInitialize
+#undef SnP_Initialize
+#undef SnP_AddByte
+#undef SnP_AddBytes
+#undef SnP_OverwriteBytes
+#undef SnP_OverwriteWithZeroes
+#undef SnP_ExtractBytes
+#undef SnP_ExtractAndAddBytes