sha3-ruby 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +17 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +29 -0
- data/Rakefile +7 -0
- data/ext/sha3/KeccakReferenceAndOptimized/KeccakCompact.vcproj +207 -0
- data/ext/sha3/KeccakReferenceAndOptimized/KeccakCompact8.vcproj +207 -0
- data/ext/sha3/KeccakReferenceAndOptimized/KeccakInplace.vcproj +203 -0
- data/ext/sha3/KeccakReferenceAndOptimized/KeccakInplace32BI.vcproj +201 -0
- data/ext/sha3/KeccakReferenceAndOptimized/KeccakOptimized32.vcproj +267 -0
- data/ext/sha3/KeccakReferenceAndOptimized/KeccakOptimized64.vcproj +267 -0
- data/ext/sha3/KeccakReferenceAndOptimized/KeccakReference.vcproj +243 -0
- data/ext/sha3/KeccakReferenceAndOptimized/KeccakReference32BI.vcproj +243 -0
- data/ext/sha3/KeccakReferenceAndOptimized/KeccakReferenceAndOptimized.sln +62 -0
- data/ext/sha3/KeccakReferenceAndOptimized/KeccakSimple.vcproj +203 -0
- data/ext/sha3/KeccakReferenceAndOptimized/KeccakSimple32BI.vcproj +201 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/AVR8-rotate64.h +27 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/AVR8-rotate64.s +285 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-avr8-settings.h +2 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-avr8-test.c +142 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-avr8-util.h +15 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-avr8-util.s +119 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-avr8.c +184 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-avr8.h +25 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-compact-settings.h +3 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-compact-test.c +317 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-compact.c +341 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-compact.h +50 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-compact8-settings.h +2 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-compact8-test.c +192 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-compact8.c +375 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-compact8.h +47 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-crypto_hash-inplace-armgcc-ARMv7A-NEON.s +406 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-inplace-minimal-test.c +231 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-inplace-settings.h +3 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-inplace-test.c +221 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-inplace.c +445 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-inplace32BI-armgcc-ARMv6M.s +844 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-inplace32BI-armgcc-ARMv7A.s +687 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-inplace32BI-armgcc-ARMv7M.s +687 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-inplace32BI.c +849 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-simple-settings.h +3 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-simple-test.c +221 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-simple.c +403 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccak-simple32BI.c +673 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakDuplex.c +68 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakDuplex.h +59 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-32-rvk.macros +555 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-32-s1.macros +1187 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-32-s2.macros +1187 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-32.macros +26 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-64.macros +728 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-arm.c +123 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-armcc.s +653 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-armgcc.s +686 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-avr8.c +163 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-avr8asm-compact.s +647 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-avr8asm-fast.s +934 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-inplace-armgcc-ARMv7A-NEON.s +446 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-int-set.h +6 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-interface.h +46 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-opt32-settings.h +4 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-opt32.c +524 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-opt64-settings.h +7 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-opt64.c +504 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-reference.c +300 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-reference.h +20 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-reference.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-reference32BI.c +371 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-simd128.macros +651 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-simd64.macros +517 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-unrolling.macros +124 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-x86-64-asm.c +62 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-x86-64-gas.s +766 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-x86-64-shld-gas.s +766 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakF-1600-xop.macros +573 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakNISTInterface.c +81 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakNISTInterface.h +70 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakNISTInterface.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakSponge.c +266 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakSponge.h +76 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/KeccakSponge.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccakc1024-crypto_hash-inplace-armgcc-ARMv7A-NEON.s +296 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/Keccakc512-crypto_hash-inplace-armgcc-ARMv7A-NEON.s +429 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/brg_endian.h +142 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/crypto_hash.h +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/displayIntermediateValues.c +117 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/displayIntermediateValues.h +29 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/displayIntermediateValues.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/genKAT.c +692 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/mainARM.c +88 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/mainOptimized.c +23 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/mainReference.c +381 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/timing.c +436 -0
- data/ext/sha3/KeccakReferenceAndOptimized/Sources/timing.h +13 -0
- data/ext/sha3/KeccakReferenceAndOptimized/TreeHashing/Sources/DoublePermutation-config.h +2 -0
- data/ext/sha3/KeccakReferenceAndOptimized/TreeHashing/Sources/DoublePermutation.c +572 -0
- data/ext/sha3/KeccakReferenceAndOptimized/TreeHashing/Sources/DoublePermutation.h +38 -0
- data/ext/sha3/KeccakReferenceAndOptimized/TreeHashing/Sources/KeccakF-1600-unrolling.macros +124 -0
- data/ext/sha3/KeccakReferenceAndOptimized/TreeHashing/Sources/Keccakc256TreeD2.c +81 -0
- data/ext/sha3/KeccakReferenceAndOptimized/TreeHashing/Sources/Keccakc256TreeD2.h +18 -0
- data/ext/sha3/KeccakReferenceAndOptimized/TreeHashing/Sources/Keccakc512TreeD2.c +81 -0
- data/ext/sha3/KeccakReferenceAndOptimized/TreeHashing/Sources/Keccakc512TreeD2.h +18 -0
- data/ext/sha3/KeccakReferenceAndOptimized/TreeHashing/Sources/crypto_hash.h +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/TreeHashing/Sources/mainOptimized.c +112 -0
- data/ext/sha3/KeccakReferenceAndOptimized/TreeHashing/Sources/timing-Double.c +225 -0
- data/ext/sha3/KeccakReferenceAndOptimized/TreeHashing/Sources/timing-Double.h +20 -0
- data/ext/sha3/KeccakReferenceAndOptimized/TreeHashing/makefile +68 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/KeccakCompact +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/KeccakOptimized32 +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/KeccakOptimized64 +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/KeccakReference +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/KeccakReference32BI +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/KeccakSimple +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/KeccakSimple32BI +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/compact/Keccak-compact-test.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/compact/Keccak-compact.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/optimized32/KeccakDuplex.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/optimized32/KeccakF-1600-opt32.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/optimized32/KeccakNISTInterface.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/optimized32/KeccakSponge.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/optimized32/genKAT.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/optimized32/mainOptimized.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/optimized32/timing.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/optimized64/KeccakDuplex.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/optimized64/KeccakF-1600-opt64.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/optimized64/KeccakNISTInterface.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/optimized64/KeccakSponge.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/optimized64/genKAT.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/optimized64/mainOptimized.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/optimized64/timing.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/reference/KeccakDuplex.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/reference/KeccakF-1600-reference.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/reference/KeccakNISTInterface.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/reference/KeccakSponge.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/reference/displayIntermediateValues.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/reference/genKAT.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/reference/mainReference.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/reference32bi/KeccakDuplex.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/reference32bi/KeccakF-1600-reference32BI.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/reference32bi/KeccakNISTInterface.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/reference32bi/KeccakSponge.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/reference32bi/displayIntermediateValues.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/reference32bi/genKAT.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/reference32bi/mainReference.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/simple/Keccak-simple-test.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/simple/Keccak-simple.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/simple32BI/Keccak-simple-test.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/bin/simple32BI/Keccak-simple32BI.o +0 -0
- data/ext/sha3/KeccakReferenceAndOptimized/compile64.bat +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/checksum-keccak +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/checksum-keccakc1024 +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/checksum-keccakc256 +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/checksum-keccakc256treed2 +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/checksum-keccakc448 +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/checksum-keccakc512 +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/checksum-keccakc512treed2 +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/checksum-keccakc768 +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/hash-keccak.c +11 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/hash-keccakc1024.c +11 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/hash-keccakc256.c +11 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/hash-keccakc448.c +11 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/hash-keccakc512.c +11 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/hash-keccakc768.c +11 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/int-set-keccak.h +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/int-set-keccakc1024.h +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/int-set-keccakc256.h +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/int-set-keccakc448.h +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/int-set-keccakc512.h +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/int-set-keccakc768.h +1 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/populate.py +506 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/simple-keccak.h +2 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/simple-keccakc1024.h +2 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/simple-keccakc256.h +2 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/simple-keccakc448.h +2 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/simple-keccakc512.h +2 -0
- data/ext/sha3/KeccakReferenceAndOptimized/eBASH/simple-keccakc768.h +2 -0
- data/ext/sha3/KeccakReferenceAndOptimized/makefile +327 -0
- data/ext/sha3/Makefile +240 -0
- data/ext/sha3/depend +28 -0
- data/ext/sha3/extconf.rb +21 -0
- data/ext/sha3/sha3.c +95 -0
- data/lib/sha3-ruby.rb +27 -0
- data/lib/sha3-ruby/version.rb +5 -0
- data/sha3-ruby.gemspec +21 -0
- metadata +233 -0
|
@@ -0,0 +1,142 @@
|
|
|
1
|
+
/*
|
|
2
|
+
The Keccak sponge function, designed by Guido Bertoni, Joan Daemen,
|
|
3
|
+
Michaël Peeters and Gilles Van Assche. For more information, feedback or
|
|
4
|
+
questions, please refer to our website: http://keccak.noekeon.org/
|
|
5
|
+
|
|
6
|
+
Implementation by Ronny Van Keer, hereby denoted as "the implementer".
|
|
7
|
+
|
|
8
|
+
To the extent possible under law, the implementer has waived all copyright
|
|
9
|
+
and related or neighboring rights to the source code in this file.
|
|
10
|
+
http://creativecommons.org/publicdomain/zero/1.0/
|
|
11
|
+
*/
|
|
12
|
+
|
|
13
|
+
#include "Keccak-avr8.h"
|
|
14
|
+
#include <avr/pgmspace.h>
|
|
15
|
+
|
|
16
|
+
#define cKeccakR_SizeInBytes (cKeccakR / 8)
|
|
17
|
+
#include <string.h>
|
|
18
|
+
#include <stdio.h>
|
|
19
|
+
#include <stdlib.h>
|
|
20
|
+
#include <ctype.h>
|
|
21
|
+
|
|
22
|
+
#ifndef crypto_hash_BYTES
|
|
23
|
+
#ifdef cKeccakFixedOutputLengthInBytes
|
|
24
|
+
#define crypto_hash_BYTES cKeccakFixedOutputLengthInBytes
|
|
25
|
+
#else
|
|
26
|
+
#define crypto_hash_BYTES cKeccakR_SizeInBytes
|
|
27
|
+
#endif
|
|
28
|
+
#endif
|
|
29
|
+
|
|
30
|
+
#if (cKeccakR == 1152)
|
|
31
|
+
|
|
32
|
+
//All-in-one test for Keccak[r=1152, c=448]
|
|
33
|
+
const unsigned char testVectorAccumulated[128] PROGMEM =
|
|
34
|
+
"\x02\x57\x78\x6E\xA6\xA0\x75\xC2\xD1\x16\x7E\x19\x8B\xD6\x60\x3D\xC9\x2D\x31\xD9\xF2\x24\x94\x3E\x10\xBE\x2D\x77\x2F\xFC\xB6\xCE\xAE\x69\xB0\x30\xA0\xC2\xE2\x40\xB4\xAA\x7E\x42\x64\x8D\x88\x1E\x98\x0B\xC5\x2D\x9B\x64\x9B\x03\x10\x08\xF8\x0C\x71\x11\x69\x2B\xB9\x2A\xB8\x6E\x14\x93\xAC\xFE\xEB\xF8\x73\x9B\x59\x65\x47\xE5\xDC\xE0\x29\x21\xD7\xF4\x84\x93\xC9\xBD\xB8\x97\x98\xD5\x69\x15\x38\x1A\x8F\x86\xB2\xAD\xC7\xD2\x63\x43\x69\xDD\x9E\x8A\x27\x58\xEE\xF9\x7B\xA1\x6D\xCC\xFE\x98\x2A\x64\xC5\x1D\x83\xDF\x68\x55";
|
|
35
|
+
|
|
36
|
+
#elif (cKeccakR == 1088)
|
|
37
|
+
|
|
38
|
+
//All-in-one test for Keccak[r=1088, c=512]
|
|
39
|
+
const unsigned char testVectorAccumulated[128] PROGMEM =
|
|
40
|
+
"\xD2\x53\x12\x20\x01\x89\x0C\x19\xCE\x06\x9D\x1A\xBE\x36\x7E\xBA\x43\x80\x14\xA1\xCA\xA4\xB3\x99\xAD\xBB\x9B\x1A\xD3\xDE\xA8\xE6\xE3\x44\xDC\xBA\x44\xB1\x5C\x52\x47\x32\xE0\x0F\xDF\x55\x15\x7B\xD3\x49\x0B\xD2\x58\x7D\xC0\x1E\x93\x1E\x8F\xFF\x28\xDC\x7F\x00\xE6\xDF\xD3\xBB\xDC\x94\x05\x5A\xA1\x5B\xB3\x29\x86\x25\x26\x3D\xC6\xB1\xEF\x3B\x89\x18\x20\x71\x92\xFA\xA7\x58\xA4\x8A\xF9\xFF\x19\x61\x96\xC4\x73\x91\x85\xF3\x19\x73\xE3\x52\x6D\xBD\x0A\xD9\xF8\x95\x68\x43\x31\x50\x90\xD7\x68\x5F\x75\xA1\x61\x1E\x08\x2D";
|
|
41
|
+
|
|
42
|
+
#elif (cKeccakR == 1024)
|
|
43
|
+
|
|
44
|
+
//All-in-one test for Keccak[r=1024, c=576]
|
|
45
|
+
const unsigned char testVectorAccumulated[128] PROGMEM =
|
|
46
|
+
"\x74\x00\x1E\xA7\xD2\xBE\x68\x0D\x36\x0C\x80\x0D\x6D\xDB\x4D\x07\x01\x10\xE5\x19\x99\x8C\x0C\x1C\x63\xCD\x5C\xC0\x2D\xC3\x12\x4C\x9C\xD1\xC1\x5A\x8E\xC9\x06\xA8\x1E\xE6\x02\x77\x14\x40\x38\xD5\x09\x89\xE2\x2D\xF2\x66\x37\x4A\x48\xBC\xB9\xE2\x7D\x53\x86\xAC\x1F\x3D\x4C\xEF\x4E\x90\x97\xFB\x9C\x45\x40\xED\xAB\x16\x29\x05\x87\x17\x26\xE8\xBD\xFA\x82\x72\x5F\x77\xFF\xFA\x26\xE6\x50\x0B\x1D\x40\x25\x62\xC7\xEE\xCA\xAA\x38\x78\x52\xE6\x15\x7B\xC7\x3E\x16\xB2\xFE\x05\xB8\x8D\x68\x0C\x18\xC1\x48\x0B\x50\x97\xD9\xC7";
|
|
47
|
+
|
|
48
|
+
const char testVectorMessage[] PROGMEM =
|
|
49
|
+
"\x3A\x3A\x81\x9C\x48\xEF\xDE\x2A\xD9\x14\xFB\xF0\x0E\x18\xAB\x6B\xC4\xF1\x45\x13\xAB\x27\xD0\xC1\x78\xA1\x88\xB6\x14\x31\xE7\xF5"
|
|
50
|
+
"\x62\x3C\xB6\x6B\x23\x34\x67\x75\xD3\x86\xB5\x0E\x98\x2C\x49\x3A\xDB\xBF\xC5\x4B\x9A\x3C\xD3\x83\x38\x23\x36\xA1\xA0\xB2\x15\x0A"
|
|
51
|
+
"\x15\x35\x8F\x33\x6D\x03\xAE\x18\xF6\x66\xC7\x57\x3D\x55\xC4\xFD\x18\x1C\x29\xE6\xCC\xFD\xE6\x3E\xA3\x5F\x0A\xDF\x58\x85\xCF\xC0"
|
|
52
|
+
"\xA3\xD8\x4A\x2B\x2E\x4D\xD2\x44\x96\xDB\x78\x9E\x66\x31\x70\xCE\xF7\x47\x98\xAA\x1B\xBC\xD4\x57\x4E\xA0\xBB\xA4\x04\x89\xD7\x64"
|
|
53
|
+
"\xB2\xF8\x3A\xAD\xC6\x6B\x14\x8B\x4A\x0C\xD9\x52\x46\xC1\x27\xD5\x87\x1C\x4F\x11\x41\x86\x90\xA5\xDD\xF0\x12\x46\xA0\xC8\x0A\x43"
|
|
54
|
+
"\xC7\x00\x88\xB6\x18\x36\x39\xDC\xFD\xA4\x12\x5B\xD1\x13\xA8\xF4\x9E\xE2\x3E\xD3\x06\xFA\xAC\x57\x6C\x3F\xB0\xC1\xE2\x56\x67\x1D"
|
|
55
|
+
"\x81\x7F\xC2\x53\x4A\x52\xF5\xB4\x39\xF7\x2E\x42\x4D\xE3\x76\xF4\xC5\x65\xCC\xA8\x23\x07\xDD\x9E\xF7\x6D\xA5\xB7\xC4\xEB\x7E\x08"
|
|
56
|
+
"\x51\x72\xE3\x28\x80\x7C\x02\xD0\x11\xFF\xBF\x33\x78\x53\x78\xD7\x9D\xC2\x66\xF6\xA5\xBE\x6B\xB0\xE4\xA9\x2E\xCE\xEB\xAE\xB1";
|
|
57
|
+
|
|
58
|
+
const char testVectorSqueezed[] PROGMEM =
|
|
59
|
+
"\x94\x35\xFC\x67\x1D\xFC\xFC\xDA\xC1\x49\x27\x7E\x2C\xAA\xA8\x0E\xD3\xD4\xA2\x35\x93\x00\xDB\x89\x2B\x80\x93\xDF\xFA\x94\x42\xBB\x5C\x08\xF2\x42\xF2\xFC\x2C\xB5\xF8\x38\x80\x32\x29\x9F\x1D\xF4\x7A\x57\x48\x9A\x4F\xC0\xD6\x6D\x88\xE4\x83\x09\x23\x20\xA4\x71\x89\x7F\xB6\xAD\xE6\x78\x97\xE5\x13\x8C\x45\xF1\x91\x74\xA4\xB1\xAE\x0E\x51\x0F\xA3\x90\x82\x5D\x17\x56\x89\x89\xC3\x65\x9F\xC5\x7B\x93\x45\xD7\xD9\x3E\xE5\x88\xCB\x26\x29\xC5\x77\x08\x08\x19\x52\x57\xBB\xF4\x2B\x06\x95\x76\xD9\x40\x11\x98\x9D\xC6\xEB\xC4";
|
|
60
|
+
|
|
61
|
+
#define cKeccakMessageSizeInBytes (sizeof(testVectorMessage) - 1)
|
|
62
|
+
#define cKeccakHashSizeInBytes (sizeof(testVectorSqueezed) - 1)
|
|
63
|
+
|
|
64
|
+
#elif (cKeccakR == 832)
|
|
65
|
+
|
|
66
|
+
//All-in-one test for Keccak[r=832, c=768]
|
|
67
|
+
const unsigned char testVectorAccumulated[128] PROGMEM =
|
|
68
|
+
"\x6C\x07\xDB\x71\x61\x77\xCC\x99\xFF\xB4\x79\xA1\x54\xDC\xA7\xDA\x42\x6D\x5C\x04\x26\xBF\x01\xA2\x93\x9A\x35\xB1\xCC\x2E\x6C\x5D\xBA\x5E\x43\xAD\xD1\x7C\xA8\x45\xF5\x49\xA7\x02\xA3\x84\x4B\x7A\x15\x2B\x23\x9E\x41\xA7\x4C\x83\x09\x04\xF1\xBB\x40\x17\x7A\x67\x72\x3C\xF4\x28\x4B\xAB\x94\xC2\x02\xF4\x7B\x28\xB4\x5D\x57\xCA\x7E\x3F\x27\x0D\x2C\x09\x4F\x68\x54\xA3\xE6\x38\xF3\x82\x25\x0B\xC3\x16\x52\x2B\x8A\xDE\x93\x4F\x10\xC5\x21\x57\x4B\x21\xE7\xC6\xF6\xBB\x84\xF1\x7A\x78\x8E\xD3\x9E\xE2\xC7\x2F\xE3\x0F\xBB\x60";
|
|
69
|
+
|
|
70
|
+
#elif (cKeccakR == 576)
|
|
71
|
+
|
|
72
|
+
//All-in-one test for Keccak[r=576, c=1024]
|
|
73
|
+
const unsigned char testVectorAccumulated[128] PROGMEM =
|
|
74
|
+
"\xFB\x00\xFB\x55\x4B\xDA\x9D\x59\xD7\xD4\x42\x9A\xAB\xA5\x19\xA4\x14\x8D\x48\x67\xF6\xF0\xC8\x54\x1A\x48\xA4\x33\x4E\x68\xB7\xF0\x59\x13\x07\xED\xE3\x93\xE1\xA3\xA4\x79\x9E\x94\xDE\x9C\x32\x8A\xBB\x4F\xF2\x75\x47\xB0\x5E\x41\x7D\x78\xF6\x22\x0D\x83\x22\xC6\xB0\x7D\xBD\x2F\xB8\x5F\x4D\x99\x50\x86\xA5\x9B\x03\x51\x56\x35\x94\xB6\xFE\x72\x2B\x63\x7B\x4A\xDC\xDD\xA1\x83\xCF\xB7\xE7\xB2\x9D\x3A\x0D\x29\xBD\x30\xD4\xC5\x9F\x30\xBB\x60\x5A\x52\xC3\x83\x4B\xCA\xF4\x7D\x67\x37\x99\xBA\x28\x2E\xBC\x37\x76\xB3\x53\x56";
|
|
75
|
+
|
|
76
|
+
#endif
|
|
77
|
+
|
|
78
|
+
#define MIN(a,b) (((a) < (b)) ? (a) : (b))
|
|
79
|
+
|
|
80
|
+
#define MAX_INPUT_LEN (4096/8)
|
|
81
|
+
|
|
82
|
+
unsigned char input[MAX_INPUT_LEN];
|
|
83
|
+
unsigned char output[cKeccakR/8];
|
|
84
|
+
unsigned char accu[MIN(cKeccakR/8, 128)];
|
|
85
|
+
|
|
86
|
+
int main( void )
|
|
87
|
+
{
|
|
88
|
+
unsigned int i;
|
|
89
|
+
unsigned int size;
|
|
90
|
+
|
|
91
|
+
#if (cKeccakR == 1024)
|
|
92
|
+
|
|
93
|
+
// One test vector for crypto_hash()
|
|
94
|
+
for ( i = 0; i < cKeccakMessageSizeInBytes; i++ )
|
|
95
|
+
{
|
|
96
|
+
input[i] = (unsigned char)pgm_read_byte(&testVectorMessage[i]);
|
|
97
|
+
}
|
|
98
|
+
|
|
99
|
+
crypto_hash( output, input, cKeccakMessageSizeInBytes );
|
|
100
|
+
|
|
101
|
+
for ( i = 0; (i < cKeccakHashSizeInBytes) && (i < crypto_hash_BYTES); i++ )
|
|
102
|
+
{
|
|
103
|
+
if ( output[i] != (unsigned char)pgm_read_byte(&testVectorSqueezed[i]) )
|
|
104
|
+
{
|
|
105
|
+
for ( ; ; );
|
|
106
|
+
}
|
|
107
|
+
}
|
|
108
|
+
|
|
109
|
+
// small performance measurement
|
|
110
|
+
crypto_hash( output, input, cKeccakR_SizeInBytes-1 );
|
|
111
|
+
crypto_hash( output, input, 2*cKeccakR_SizeInBytes-1 );
|
|
112
|
+
|
|
113
|
+
#endif
|
|
114
|
+
|
|
115
|
+
// Acumulated test vector for crypto_hash()
|
|
116
|
+
memset( accu, 0, sizeof(accu) );
|
|
117
|
+
|
|
118
|
+
for ( size = 0; size <= MAX_INPUT_LEN; ++size )
|
|
119
|
+
{
|
|
120
|
+
|
|
121
|
+
for ( i = 0; i < size; ++i )
|
|
122
|
+
{
|
|
123
|
+
input[i] = (unsigned char)(i - size);
|
|
124
|
+
}
|
|
125
|
+
|
|
126
|
+
crypto_hash( output, input, size );
|
|
127
|
+
|
|
128
|
+
for ( i = 0; i < MIN(crypto_hash_BYTES, 128); ++i )
|
|
129
|
+
{
|
|
130
|
+
accu[i] ^= output[i];
|
|
131
|
+
}
|
|
132
|
+
}
|
|
133
|
+
for ( i = 0; i < MIN(crypto_hash_BYTES, 128); ++i )
|
|
134
|
+
{
|
|
135
|
+
if ( accu[i] != (unsigned char)pgm_read_byte(&testVectorAccumulated[i]) )
|
|
136
|
+
{
|
|
137
|
+
for ( ; ; );
|
|
138
|
+
}
|
|
139
|
+
}
|
|
140
|
+
|
|
141
|
+
return ( 0 );
|
|
142
|
+
}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
/*
|
|
2
|
+
The Keccak sponge function, designed by Guido Bertoni, Joan Daemen,
|
|
3
|
+
Michaël Peeters and Gilles Van Assche. For more information, feedback or
|
|
4
|
+
questions, please refer to our website: http://keccak.noekeon.org/
|
|
5
|
+
|
|
6
|
+
Implementation by Ronny Van Keer,
|
|
7
|
+
hereby denoted as "the implementer".
|
|
8
|
+
|
|
9
|
+
To the extent possible under law, the implementer has waived all copyright
|
|
10
|
+
and related or neighboring rights to the source code in this file.
|
|
11
|
+
http://creativecommons.org/publicdomain/zero/1.0/
|
|
12
|
+
*/
|
|
13
|
+
|
|
14
|
+
const void * xorBytes( void* dest, const void* src, unsigned char n );
|
|
15
|
+
const void * xorLanes( void* dest, const void* src, unsigned char n );
|
|
@@ -0,0 +1,119 @@
|
|
|
1
|
+
/*
|
|
2
|
+
The Keccak sponge function, designed by Guido Bertoni, Joan Daemen,
|
|
3
|
+
Michaël Peeters and Gilles Van Assche. For more information, feedback or
|
|
4
|
+
questions, please refer to our website: http://keccak.noekeon.org/
|
|
5
|
+
|
|
6
|
+
Implementation by Ronny Van Keer,
|
|
7
|
+
hereby denoted as "the implementer".
|
|
8
|
+
|
|
9
|
+
To the extent possible under law, the implementer has waived all copyright
|
|
10
|
+
and related or neighboring rights to the source code in this file.
|
|
11
|
+
http://creativecommons.org/publicdomain/zero/1.0/
|
|
12
|
+
*/
|
|
13
|
+
|
|
14
|
+
/*
|
|
15
|
+
* const void * xorBytes( void * dest, const void * src, unsigned char n );
|
|
16
|
+
*
|
|
17
|
+
* param dest is passed in r24:r25
|
|
18
|
+
* param src is passed in r22:r23
|
|
19
|
+
* param n is passed in r20
|
|
20
|
+
*/
|
|
21
|
+
.global xorBytes
|
|
22
|
+
xorBytes:
|
|
23
|
+
movw r30, r24
|
|
24
|
+
movw r26, r22
|
|
25
|
+
|
|
26
|
+
lsr r20
|
|
27
|
+
brcc xorBytes2
|
|
28
|
+
ld r22, X+
|
|
29
|
+
ld r23, Z
|
|
30
|
+
eor r22, r23
|
|
31
|
+
st Z+, r22
|
|
32
|
+
xorBytes2:
|
|
33
|
+
lsr r20
|
|
34
|
+
brcc xorBytes4
|
|
35
|
+
ld r22, X+
|
|
36
|
+
ld r23, Z
|
|
37
|
+
eor r22, r23
|
|
38
|
+
st Z+, r22
|
|
39
|
+
ld r22, X+
|
|
40
|
+
ld r23, Z
|
|
41
|
+
eor r22, r23
|
|
42
|
+
st Z+, r22
|
|
43
|
+
xorBytes4:
|
|
44
|
+
lsr r20
|
|
45
|
+
brcc xorBytes8
|
|
46
|
+
ld r22, X+
|
|
47
|
+
ld r23, Z
|
|
48
|
+
eor r22, r23
|
|
49
|
+
st Z+, r22
|
|
50
|
+
ld r22, X+
|
|
51
|
+
ld r23, Z
|
|
52
|
+
eor r22, r23
|
|
53
|
+
st Z+, r22
|
|
54
|
+
ld r22, X+
|
|
55
|
+
ld r23, Z
|
|
56
|
+
eor r22, r23
|
|
57
|
+
st Z+, r22
|
|
58
|
+
ld r22, X+
|
|
59
|
+
ld r23, Z
|
|
60
|
+
eor r22, r23
|
|
61
|
+
st Z+, r22
|
|
62
|
+
|
|
63
|
+
subi r20,0
|
|
64
|
+
xorBytes8:
|
|
65
|
+
brne xorLanesLoop
|
|
66
|
+
movw r24, r26
|
|
67
|
+
ret
|
|
68
|
+
|
|
69
|
+
|
|
70
|
+
|
|
71
|
+
/*
|
|
72
|
+
* const void * xorLanes( void * dest, const void * src, unsigned char n );
|
|
73
|
+
*
|
|
74
|
+
* param dest is passed in r24:r25
|
|
75
|
+
* param src is passed in r22:r23
|
|
76
|
+
* param n is passed in r20 No check if n is zero
|
|
77
|
+
*/
|
|
78
|
+
.global xorLanes
|
|
79
|
+
xorLanes:
|
|
80
|
+
movw r30, r24
|
|
81
|
+
movw r26, r22
|
|
82
|
+
xorLanesLoop:
|
|
83
|
+
ld r22, X+
|
|
84
|
+
ld r23, Z
|
|
85
|
+
eor r22, r23
|
|
86
|
+
st Z+, r22
|
|
87
|
+
ld r22, X+
|
|
88
|
+
ld r23, Z
|
|
89
|
+
eor r22, r23
|
|
90
|
+
st Z+, r22
|
|
91
|
+
ld r22, X+
|
|
92
|
+
ld r23, Z
|
|
93
|
+
eor r22, r23
|
|
94
|
+
st Z+, r22
|
|
95
|
+
ld r22, X+
|
|
96
|
+
ld r23, Z
|
|
97
|
+
eor r22, r23
|
|
98
|
+
st Z+, r22
|
|
99
|
+
ld r22, X+
|
|
100
|
+
ld r23, Z
|
|
101
|
+
eor r22, r23
|
|
102
|
+
st Z+, r22
|
|
103
|
+
ld r22, X+
|
|
104
|
+
ld r23, Z
|
|
105
|
+
eor r22, r23
|
|
106
|
+
st Z+, r22
|
|
107
|
+
ld r22, X+
|
|
108
|
+
ld r23, Z
|
|
109
|
+
eor r22, r23
|
|
110
|
+
st Z+, r22
|
|
111
|
+
ld r22, X+
|
|
112
|
+
ld r23, Z
|
|
113
|
+
eor r22, r23
|
|
114
|
+
st Z+, r22
|
|
115
|
+
|
|
116
|
+
subi r20, 1
|
|
117
|
+
brne xorLanesLoop
|
|
118
|
+
movw r24, r26
|
|
119
|
+
ret
|
|
@@ -0,0 +1,184 @@
|
|
|
1
|
+
/*
|
|
2
|
+
The Keccak sponge function, designed by Guido Bertoni, Joan Daemen,
|
|
3
|
+
Michaël Peeters and Gilles Van Assche. For more information, feedback or
|
|
4
|
+
questions, please refer to our website: http://keccak.noekeon.org/
|
|
5
|
+
|
|
6
|
+
Implementation by Ronny Van Keer,
|
|
7
|
+
hereby denoted as "the implementer".
|
|
8
|
+
|
|
9
|
+
To the extent possible under law, the implementer has waived all copyright
|
|
10
|
+
and related or neighboring rights to the source code in this file.
|
|
11
|
+
http://creativecommons.org/publicdomain/zero/1.0/
|
|
12
|
+
*/
|
|
13
|
+
|
|
14
|
+
#include <string.h>
|
|
15
|
+
#include <avr/pgmspace.h>
|
|
16
|
+
#include "Keccak-avr8.h"
|
|
17
|
+
#include "Keccak-avr8-util.h"
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
#define cKeccakR_SizeInBytes (cKeccakR / 8)
|
|
21
|
+
#include "crypto_hash.h"
|
|
22
|
+
#ifndef crypto_hash_BYTES
|
|
23
|
+
#ifdef cKeccakFixedOutputLengthInBytes
|
|
24
|
+
#define crypto_hash_BYTES cKeccakFixedOutputLengthInBytes
|
|
25
|
+
#else
|
|
26
|
+
#define crypto_hash_BYTES cKeccakR_SizeInBytes
|
|
27
|
+
#endif
|
|
28
|
+
#endif
|
|
29
|
+
#if (crypto_hash_BYTES > cKeccakR_SizeInBytes)
|
|
30
|
+
#error "Full squeezing not yet implemented"
|
|
31
|
+
#endif
|
|
32
|
+
|
|
33
|
+
typedef unsigned char UINT8;
|
|
34
|
+
typedef UINT8 tSmallUInt;
|
|
35
|
+
typedef unsigned long long UINT64;
|
|
36
|
+
typedef UINT64 tKeccakLane;
|
|
37
|
+
|
|
38
|
+
void KeccakF( tKeccakLane * state );
|
|
39
|
+
|
|
40
|
+
|
|
41
|
+
int crypto_hash( unsigned char *out, const unsigned char *in, unsigned long long inlen )
|
|
42
|
+
{
|
|
43
|
+
#if 1
|
|
44
|
+
|
|
45
|
+
tSmallUInt len;
|
|
46
|
+
tKeccakLane state[5 * 5];
|
|
47
|
+
|
|
48
|
+
memset( state, 0, sizeof(state) );
|
|
49
|
+
|
|
50
|
+
/* Full blocks */
|
|
51
|
+
for ( /* empty */; inlen >= cKeccakR_SizeInBytes; inlen -= cKeccakR_SizeInBytes )
|
|
52
|
+
{
|
|
53
|
+
in = xorLanes( state, in, cKeccakR_SizeInBytes / 8 );
|
|
54
|
+
KeccakF( state );
|
|
55
|
+
}
|
|
56
|
+
|
|
57
|
+
/* Last uncomplete block */
|
|
58
|
+
len = (tSmallUInt)inlen;
|
|
59
|
+
xorBytes( state, in, len );
|
|
60
|
+
|
|
61
|
+
/* Padding */
|
|
62
|
+
*((UINT8*)state + len) ^= 1;
|
|
63
|
+
((UINT8*)state)[cKeccakR_SizeInBytes-1] ^= 0x80;
|
|
64
|
+
KeccakF( state );
|
|
65
|
+
|
|
66
|
+
memcpy( out, state, crypto_hash_BYTES );
|
|
67
|
+
|
|
68
|
+
return ( 0 );
|
|
69
|
+
|
|
70
|
+
#else
|
|
71
|
+
|
|
72
|
+
hashState state;
|
|
73
|
+
|
|
74
|
+
Init( &state );
|
|
75
|
+
Update( &state, in, inlen * 8 );
|
|
76
|
+
return (Final( &state, out, crypto_hash_BYTES ) );
|
|
77
|
+
|
|
78
|
+
#endif
|
|
79
|
+
|
|
80
|
+
}
|
|
81
|
+
|
|
82
|
+
|
|
83
|
+
/*
|
|
84
|
+
** API with a message queue
|
|
85
|
+
*/
|
|
86
|
+
|
|
87
|
+
HashReturn Init(hashState *state)
|
|
88
|
+
{
|
|
89
|
+
memset( state, 0, sizeof(hashState) );
|
|
90
|
+
return ( SUCCESS );
|
|
91
|
+
}
|
|
92
|
+
|
|
93
|
+
HashReturn Update(hashState *state, const BitSequence *data, DataLength databitlen)
|
|
94
|
+
{
|
|
95
|
+
tSmallUInt trailingBits;
|
|
96
|
+
tSmallUInt len;
|
|
97
|
+
|
|
98
|
+
if ( (state->bytesInQueue == 0xFF) || (state->trailingBitsInQueue != 0) )
|
|
99
|
+
{
|
|
100
|
+
/* Final() already called or bits already in queue not modulo 8. */
|
|
101
|
+
return ( FAIL );
|
|
102
|
+
}
|
|
103
|
+
|
|
104
|
+
trailingBits = (unsigned char)databitlen & 7;
|
|
105
|
+
databitlen >>= 3; /* becomes byte length */
|
|
106
|
+
|
|
107
|
+
/* If already data in queue, continue queuing first */
|
|
108
|
+
if ( (state->bytesInQueue != 0) && (databitlen != 0) )
|
|
109
|
+
{
|
|
110
|
+
len = cKeccakR_SizeInBytes - state->bytesInQueue;
|
|
111
|
+
if ( databitlen < len )
|
|
112
|
+
{
|
|
113
|
+
len = (unsigned char)databitlen;
|
|
114
|
+
}
|
|
115
|
+
data = xorBytes( state->state + state->bytesInQueue, data, len );
|
|
116
|
+
databitlen -= len;
|
|
117
|
+
if ( (state->bytesInQueue += len) == cKeccakR_SizeInBytes )
|
|
118
|
+
{
|
|
119
|
+
KeccakF( (tKeccakLane *)state->state );
|
|
120
|
+
state->bytesInQueue = 0;
|
|
121
|
+
}
|
|
122
|
+
}
|
|
123
|
+
|
|
124
|
+
/* Absorb complete blocks */
|
|
125
|
+
for ( /* */; databitlen >= cKeccakR_SizeInBytes; databitlen -= cKeccakR_SizeInBytes )
|
|
126
|
+
{
|
|
127
|
+
data = xorLanes( state->state, data, cKeccakR_SizeInBytes / 8 );
|
|
128
|
+
KeccakF( (tKeccakLane *)state->state );
|
|
129
|
+
}
|
|
130
|
+
|
|
131
|
+
/* Queue remaining data bytes */
|
|
132
|
+
if ( (unsigned char)databitlen != 0 )
|
|
133
|
+
{
|
|
134
|
+
data = xorBytes( state->state, data, (unsigned char)databitlen );
|
|
135
|
+
state->bytesInQueue = (unsigned char)databitlen;
|
|
136
|
+
}
|
|
137
|
+
|
|
138
|
+
/* Queue eventual remaining data bits plus add first padding bit */
|
|
139
|
+
if ( trailingBits != 0 )
|
|
140
|
+
{
|
|
141
|
+
state->trailingBitsInQueue = trailingBits;
|
|
142
|
+
state->state[state->bytesInQueue] ^= (*data >> (8 - trailingBits));
|
|
143
|
+
}
|
|
144
|
+
return ( SUCCESS );
|
|
145
|
+
}
|
|
146
|
+
|
|
147
|
+
HashReturn Final(hashState *state, BitSequence *hashval, int hashbytelen)
|
|
148
|
+
{
|
|
149
|
+
tSmallUInt size;
|
|
150
|
+
|
|
151
|
+
if ( state->bytesInQueue < 0 )
|
|
152
|
+
{
|
|
153
|
+
/* Final() already called. */
|
|
154
|
+
return ( FAIL );
|
|
155
|
+
}
|
|
156
|
+
|
|
157
|
+
// Padding
|
|
158
|
+
if ((state->bytesInQueue == (cKeccakR_SizeInBytes - 1)) && (state->trailingBitsInQueue == 7))
|
|
159
|
+
{
|
|
160
|
+
state->state[cKeccakR_SizeInBytes-1] ^= 0x80;
|
|
161
|
+
KeccakF( (tKeccakLane *)state->state );
|
|
162
|
+
}
|
|
163
|
+
else
|
|
164
|
+
{
|
|
165
|
+
state->state[state->bytesInQueue] ^= 1 << state->trailingBitsInQueue;
|
|
166
|
+
}
|
|
167
|
+
state->state[cKeccakR_SizeInBytes-1] ^= 0x80;
|
|
168
|
+
KeccakF( (tKeccakLane *)state->state );
|
|
169
|
+
|
|
170
|
+
for ( /* empty */; hashbytelen != 0; hashval += size, hashbytelen -= size )
|
|
171
|
+
{
|
|
172
|
+
size = (hashbytelen < cKeccakR_SizeInBytes) ? hashbytelen : cKeccakR_SizeInBytes;
|
|
173
|
+
|
|
174
|
+
memcpy( hashval, state->state, size );
|
|
175
|
+
|
|
176
|
+
if ( size != hashbytelen )
|
|
177
|
+
{
|
|
178
|
+
KeccakF( (tKeccakLane *)state->state );
|
|
179
|
+
}
|
|
180
|
+
}
|
|
181
|
+
|
|
182
|
+
state->bytesInQueue = 0xFF; /* flag final state */
|
|
183
|
+
return ( SUCCESS );
|
|
184
|
+
}
|