sha3 1.0.3 → 1.0.5

data/ext/sha3/lib/low/KeccakP-1600/ref-64bits/KeccakP-1600-reference.c

@@ -0,0 +1,444 @@
+/*
+The eXtended Keccak Code Package (XKCP)
+https://github.com/XKCP/XKCP
+
+The Keccak-p permutations, designed by Guido Bertoni, Joan Daemen, Michaël Peeters and Gilles Van Assche.
+
+Implementation by the designers, hereby denoted as "the implementer".
+
+For more information, feedback or questions, please refer to the Keccak Team website:
+https://keccak.team/
+
+To the extent possible under law, the implementer has waived all copyright
+and related or neighboring rights to the source code in this file.
+http://creativecommons.org/publicdomain/zero/1.0/
+
+---
+
+This file implements Keccak-p[1600] in a SnP-compatible way.
+Please refer to SnP-documentation.h for more details.
+
+This implementation comes with KeccakP-1600-SnP.h in the same folder.
+Please refer to LowLevel.build for the exact list of other files it must be combined with.
+*/
+
+#if DEBUG
+#include <assert.h>
+#endif
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "brg_endian.h"
+#ifdef KeccakReference
+#include "displayIntermediateValues.h"
+#endif
+
+typedef uint64_t tKeccakLane;
+
+#define maxNrRounds 24
+#define nrLanes 25
+#define index(x, y) (((x)%5)+5*((y)%5))
+
+#ifdef KeccakReference
+
+static tKeccakLane KeccakRoundConstants[maxNrRounds];
+static unsigned int KeccakRhoOffsets[nrLanes];
+
+/* ---------------------------------------------------------------- */
+
+void KeccakP1600_InitializeRoundConstants(void);
+void KeccakP1600_InitializeRhoOffsets(void);
+static int LFSR86540(uint8_t *LFSR);
+
+void KeccakP1600_StaticInitialize(void)
+{
+    if (sizeof(tKeccakLane) != 8) {
+        printf("tKeccakLane should be 64-bit wide\n");
+        abort();
+    }
+    KeccakP1600_InitializeRoundConstants();
+    KeccakP1600_InitializeRhoOffsets();
+}
+
+void KeccakP1600_InitializeRoundConstants(void)
+{
+    uint8_t LFSRstate = 0x01;
+    unsigned int i, j, bitPosition;
+
+    for(i=0; i<maxNrRounds; i++) {
+        KeccakRoundConstants[i] = 0;
+        for(j=0; j<7; j++) {
+            bitPosition = (1<<j)-1; /* 2^j-1 */
+            if (LFSR86540(&LFSRstate))
+                KeccakRoundConstants[i] ^= (tKeccakLane)1<<bitPosition;
+        }
+    }
+}
+
+void KeccakP1600_InitializeRhoOffsets(void)
+{
+    unsigned int x, y, t, newX, newY;
+
+    KeccakRhoOffsets[index(0, 0)] = 0;
+    x = 1;
+    y = 0;
+    for(t=0; t<24; t++) {
+        KeccakRhoOffsets[index(x, y)] = ((t+1)*(t+2)/2) % 64;
+        newX = (0*x+1*y) % 5;
+        newY = (2*x+3*y) % 5;
+        x = newX;
+        y = newY;
+    }
+}
+
+static int LFSR86540(uint8_t *LFSR)
+{
+    int result = ((*LFSR) & 0x01) != 0;
+    if (((*LFSR) & 0x80) != 0)
+        /* Primitive polynomial over GF(2): x^8+x^6+x^5+x^4+1 */
+        (*LFSR) = ((*LFSR) << 1) ^ 0x71;
+    else
+        (*LFSR) <<= 1;
+    return result;
+}
+
+#else
+
+static const tKeccakLane KeccakRoundConstants[maxNrRounds] =
+{
+    0x0000000000000001,
+    0x0000000000008082,
+    0x800000000000808a,
+    0x8000000080008000,
+    0x000000000000808b,
+    0x0000000080000001,
+    0x8000000080008081,
+    0x8000000000008009,
+    0x000000000000008a,
+    0x0000000000000088,
+    0x0000000080008009,
+    0x000000008000000a,
+    0x000000008000808b,
+    0x800000000000008b,
+    0x8000000000008089,
+    0x8000000000008003,
+    0x8000000000008002,
+    0x8000000000000080,
+    0x000000000000800a,
+    0x800000008000000a,
+    0x8000000080008081,
+    0x8000000000008080,
+    0x0000000080000001,
+    0x8000000080008008,
+};
+
+static const unsigned int KeccakRhoOffsets[nrLanes] =
+{
+     0,  1, 62, 28, 27, 36, 44,  6, 55, 20,  3, 10, 43, 25, 39, 41, 45, 15, 21,  8, 18,  2, 61, 56, 14
+};
+
+#endif
+
+/* ---------------------------------------------------------------- */
+
+void KeccakP1600_Initialize(void *state)
+{
+    memset(state, 0, 1600/8);
+}
+
+/* ---------------------------------------------------------------- */
+
+void KeccakP1600_AddByte(void *state, unsigned char byte, unsigned int offset)
+{
+    #if DEBUG
+    assert(offset < 200);
+    #endif
+    ((unsigned char *)state)[offset] ^= byte;
+}
+
+/* ---------------------------------------------------------------- */
+
+void KeccakP1600_AddBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length)
+{
+    unsigned int i;
+
+    #if DEBUG
+    assert(offset < 200);
+    assert(offset+length <= 200);
+    #endif
+    for(i=0; i<length; i++)
+        ((unsigned char *)state)[offset+i] ^= data[i];
+}
+
+/* ---------------------------------------------------------------- */
+
+void KeccakP1600_OverwriteBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length)
+{
+    #if DEBUG
+    assert(offset < 200);
+    assert(offset+length <= 200);
+    #endif
+    memcpy((unsigned char*)state+offset, data, length);
+}
+
+/* ---------------------------------------------------------------- */
+
+void KeccakP1600_OverwriteWithZeroes(void *state, unsigned int byteCount)
+{
+    #if DEBUG
+    assert(byteCount <= 200);
+    #endif
+    memset(state, 0, byteCount);
+}
+
+/* ---------------------------------------------------------------- */
+
+#if (PLATFORM_BYTE_ORDER != IS_LITTLE_ENDIAN)
+static void fromBytesToWords(tKeccakLane *stateAsWords, const unsigned char *state);
+static void fromWordsToBytes(unsigned char *state, const tKeccakLane *stateAsWords);
+#endif
+void KeccakP1600OnWords(tKeccakLane *state, unsigned int nrRounds);
+void KeccakP1600Round(tKeccakLane *state, unsigned int indexRound);
+static void theta(tKeccakLane *A);
+static void rho(tKeccakLane *A);
+static void pi(tKeccakLane *A);
+static void chi(tKeccakLane *A);
+static void iota(tKeccakLane *A, unsigned int indexRound);
+
+void KeccakP1600_Permute_Nrounds(void *state, unsigned int nrounds)
+{
+#if (PLATFORM_BYTE_ORDER != IS_LITTLE_ENDIAN)
+    tKeccakLane stateAsWords[1600/64];
+#endif
+
+#ifdef KeccakReference
+    displayStateAsBytes(1, "Input of permutation", (const unsigned char *)state, 1600);
+#endif
+#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
+    KeccakP1600OnWords((tKeccakLane*)state, nrounds);
+#else
+    fromBytesToWords(stateAsWords, (const unsigned char *)state);
+    KeccakP1600OnWords(stateAsWords, nrounds);
+    fromWordsToBytes((unsigned char *)state, stateAsWords);
+#endif
+#ifdef KeccakReference
+    displayStateAsBytes(1, "State after permutation", (const unsigned char *)state, 1600);
+#endif
+}
+
+void KeccakP1600_Permute_12rounds(void *state)
+{
+#if (PLATFORM_BYTE_ORDER != IS_LITTLE_ENDIAN)
+    tKeccakLane stateAsWords[1600/64];
+#endif
+
+#ifdef KeccakReference
+    displayStateAsBytes(1, "Input of permutation", (const unsigned char *)state, 1600);
+#endif
+#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
+    KeccakP1600OnWords((tKeccakLane*)state, 12);
+#else
+    fromBytesToWords(stateAsWords, (const unsigned char *)state);
+    KeccakP1600OnWords(stateAsWords, 12);
+    fromWordsToBytes((unsigned char *)state, stateAsWords);
+#endif
+#ifdef KeccakReference
+    displayStateAsBytes(1, "State after permutation", (const unsigned char *)state, 1600);
+#endif
+}
+
+void KeccakP1600_Permute_24rounds(void *state)
+{
+#if (PLATFORM_BYTE_ORDER != IS_LITTLE_ENDIAN)
+    tKeccakLane stateAsWords[1600/64];
+#endif
+
+#ifdef KeccakReference
+    displayStateAsBytes(1, "Input of permutation", (const unsigned char *)state, 1600);
+#endif
+#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
+    KeccakP1600OnWords((tKeccakLane*)state, 24);
+#else
+    fromBytesToWords(stateAsWords, (const unsigned char *)state);
+    KeccakP1600OnWords(stateAsWords, 24);
+    fromWordsToBytes((unsigned char *)state, stateAsWords);
+#endif
+#ifdef KeccakReference
+    displayStateAsBytes(1, "State after permutation", (const unsigned char *)state, 1600);
+#endif
+}
+
+#if (PLATFORM_BYTE_ORDER != IS_LITTLE_ENDIAN)
+static void fromBytesToWords(tKeccakLane *stateAsWords, const unsigned char *state)
+{
+    unsigned int i, j;
+
+    for(i=0; i<nrLanes; i++) {
+        stateAsWords[i] = 0;
+        for(j=0; j<(64/8); j++)
+            stateAsWords[i] |= (tKeccakLane)(state[i*(64/8)+j]) << (8*j);
+    }
+}
+
+static void fromWordsToBytes(unsigned char *state, const tKeccakLane *stateAsWords)
+{
+    unsigned int i, j;
+
+    for(i=0; i<nrLanes; i++)
+        for(j=0; j<(64/8); j++)
+            state[i*(64/8)+j] = (unsigned char)((stateAsWords[i] >> (8*j)) & 0xFF);
+}
+#endif
+
+void KeccakP1600OnWords(tKeccakLane *state, unsigned int nrRounds)
+{
+    unsigned int i;
+
+#ifdef KeccakReference
+    displayStateAsLanes(3, "Same, with lanes as 64-bit words", state, 1600);
+#endif
+
+    for(i=(maxNrRounds-nrRounds); i<maxNrRounds; i++)
+        KeccakP1600Round(state, i);
+}
+
+void KeccakP1600Round(tKeccakLane *state, unsigned int indexRound)
+{
+#ifdef KeccakReference
+    displayRoundNumber(3, indexRound);
+#endif
+
+    theta(state);
+#ifdef KeccakReference
+    displayStateAsLanes(3, "After theta", state, 1600);
+#endif
+
+    rho(state);
+#ifdef KeccakReference
+    displayStateAsLanes(3, "After rho", state, 1600);
+#endif
+
+    pi(state);
+#ifdef KeccakReference
+    displayStateAsLanes(3, "After pi", state, 1600);
+#endif
+
+    chi(state);
+#ifdef KeccakReference
+    displayStateAsLanes(3, "After chi", state, 1600);
+#endif
+
+    iota(state, indexRound);
+#ifdef KeccakReference
+    displayStateAsLanes(3, "After iota", state, 1600);
+#endif
+}
+
+#define ROL64(a, offset) ((offset != 0) ? ((((tKeccakLane)a) << offset) ^ (((tKeccakLane)a) >> (64-offset))) : a)
+
+static void theta(tKeccakLane *A)
+{
+    unsigned int x, y;
+    tKeccakLane C[5], D[5];
+
+    for(x=0; x<5; x++) {
+        C[x] = 0;
+        for(y=0; y<5; y++)
+            C[x] ^= A[index(x, y)];
+    }
+    for(x=0; x<5; x++)
+        D[x] = ROL64(C[(x+1)%5], 1) ^ C[(x+4)%5];
+    for(x=0; x<5; x++)
+        for(y=0; y<5; y++)
+            A[index(x, y)] ^= D[x];
+}
+
+static void rho(tKeccakLane *A)
+{
+    unsigned int x, y;
+
+    for(x=0; x<5; x++) for(y=0; y<5; y++)
+        A[index(x, y)] = ROL64(A[index(x, y)], KeccakRhoOffsets[index(x, y)]);
+}
+
+static void pi(tKeccakLane *A)
+{
+    unsigned int x, y;
+    tKeccakLane tempA[25];
+
+    for(x=0; x<5; x++) for(y=0; y<5; y++)
+        tempA[index(x, y)] = A[index(x, y)];
+    for(x=0; x<5; x++) for(y=0; y<5; y++)
+        A[index(0*x+1*y, 2*x+3*y)] = tempA[index(x, y)];
+}
+
+static void chi(tKeccakLane *A)
+{
+    unsigned int x, y;
+    tKeccakLane C[5];
+
+    for(y=0; y<5; y++) {
+        for(x=0; x<5; x++)
+            C[x] = A[index(x, y)] ^ ((~A[index(x+1, y)]) & A[index(x+2, y)]);
+        for(x=0; x<5; x++)
+            A[index(x, y)] = C[x];
+    }
+}
+
+static void iota(tKeccakLane *A, unsigned int indexRound)
+{
+    A[index(0, 0)] ^= KeccakRoundConstants[indexRound];
+}
+
+/* ---------------------------------------------------------------- */
+
+void KeccakP1600_ExtractBytes(const void *state, unsigned char *data, unsigned int offset, unsigned int length)
+{
+    #if DEBUG
+    assert(offset < 200);
+    assert(offset+length <= 200);
+    #endif
+    memcpy(data, (unsigned char*)state+offset, length);
+}
+
+/* ---------------------------------------------------------------- */
+
+void KeccakP1600_ExtractAndAddBytes(const void *state, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length)
+{
+    unsigned int i;
+
+    #if DEBUG
+    assert(offset < 200);
+    assert(offset+length <= 200);
+    #endif
+    for(i=0; i<length; i++)
+        output[i] = input[i] ^ ((unsigned char *)state)[offset+i];
+}
+
+/* ---------------------------------------------------------------- */
+
+void KeccakP1600_DisplayRoundConstants(FILE *f)
+{
+    unsigned int i;
+
+    for(i=0; i<maxNrRounds; i++) {
+        fprintf(f, "RC[%02i][0][0] = ", i);
+        fprintf(f, "%08X", (unsigned int)(KeccakRoundConstants[i] >> 32));
+        fprintf(f, "%08X", (unsigned int)(KeccakRoundConstants[i] & 0xFFFFFFFFULL));
+        fprintf(f, "\n");
+    }
+    fprintf(f, "\n");
+}
+
+void KeccakP1600_DisplayRhoOffsets(FILE *f)
+{
+    unsigned int x, y;
+
+    for(y=0; y<5; y++) for(x=0; x<5; x++) {
+        fprintf(f, "RhoOffset[%i][%i] = ", x, y);
+        fprintf(f, "%2i", KeccakRhoOffsets[index(x, y)]);
+        fprintf(f, "\n");
+    }
+    fprintf(f, "\n");
+}

data/ext/sha3/lib/low/KeccakP-1600/ref-64bits/KeccakP-1600-reference.h

@@ -0,0 +1,23 @@
+/*
+The eXtended Keccak Code Package (XKCP)
+https://github.com/XKCP/XKCP
+
+The Keccak-p permutations, designed by Guido Bertoni, Joan Daemen, Michaël Peeters and Gilles Van Assche.
+
+Implementation by the designers, hereby denoted as "the implementer".
+
+For more information, feedback or questions, please refer to the Keccak Team website:
+https://keccak.team/
+
+To the extent possible under law, the implementer has waived all copyright
+and related or neighboring rights to the source code in this file.
+http://creativecommons.org/publicdomain/zero/1.0/
+*/
+
+#ifndef _KeccakP_1600_reference_h_
+#define _KeccakP_1600_reference_h_
+
+void KeccakP1600_DisplayRoundConstants(FILE *f);
+void KeccakP1600_DisplayRhoOffsets(FILE *f);
+
+#endif

data/lib/sha3/doc.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'digest'
 
 module SHA3
@@ -99,8 +101,7 @@ module SHA3
     # @example
     #   SHA3::Digest.hexdigest(256, 'compute me, please')
     #   SHA3::Digest::SHA256.hexdigest('compute me, please') # => Alternate syntax
-    def self.hexdigest(type, data)
-    end
+    def self.hexdigest(type, data); end
 
     # Returns computed hash value for given hash type, and data in bytes.
     #
@@ -112,8 +113,7 @@ module SHA3
     # @example
     #   SHA3::Digest.digest(256, 'compute me, please')
     #   SHA3::Digest::SHA256.digest('compute me, please') # => Alternate syntax
-    def self.digest(type, data)
-    end
+    def self.digest(type, data); end
   end
 
   class DigestError < StandardError

data/lib/sha3/version.rb

@@ -1,9 +1,9 @@
-module SHA3
-  extend self
+# frozen_string_literal: true
 
+module SHA3
   # sha3 release version
-  VERSION = '1.0.3'.freeze
+  VERSION = '1.0.5'
 
   # keccak version number
-  KECCAK_VERSION = '4.0'.freeze
+  KECCAK_VERSION = '4.0'
 end

data/lib/sha3.rb

@@ -1,35 +1,37 @@
+# frozen_string_literal: true
+
 require 'sha3_n'
 require 'sha3/version'
 
 module SHA3
   class Digest
-
     # Based on 'OpenSSL for Ruby 2' project
     # Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
-    alg = { :sha224 => "SHA224", :sha256 => "SHA256", :sha384 => "SHA384", :sha512 => "SHA512"}
+    alg = { sha224: 'SHA224', sha256: 'SHA256', sha384: 'SHA384', sha512: 'SHA512' }
 
     def self.digest(name, data)
       super(data, name)
     end
 
-    alg.each { |key, name|
-      klass = Class.new(Digest) {
-        define_method(:initialize) { |*data|
+    alg.each do |key, name|
+      klass = Class.new(Digest) do
+        define_method(:initialize) do |*data|
           if data.length > 1
             raise ArgumentError,
-              "wrong number of arguments (#{data.length} for 1)"
+                  "wrong number of arguments (#{data.length} for 1)"
           end
 
           super(key, data.first)
-        }
-      }
+        end
+      end
+
       singleton = (class << klass; self; end)
-      singleton.class_eval{
-        define_method(:digest){ |data| Digest.digest(key, data) }
-        define_method(:hexdigest){ |data| Digest.hexdigest(key, data) }
-      }
+      singleton.class_eval do
+        define_method(:digest) { |data| Digest.digest(key, data) }
+        define_method(:hexdigest) { |data| Digest.hexdigest(key, data) }
+      end
 
       const_set(name, klass)
-    }
+    end
   end
 end

data/sha3.gemspec

@@ -1,23 +1,54 @@
-require File.expand_path('lib/sha3/version', __dir__)
-
-Gem::Specification.new do |gem|
-  gem.name          = 'sha3'
-  gem.version       = SHA3::VERSION
-  gem.summary       = 'SHA3 for Ruby'
-  gem.description   = 'SHA3 for Ruby is a native (C) FIPS 202 compliant implementation of SHA3 (Keccak) cryptographic hashing algorithm.'
-  gem.license       = 'MIT'
-  gem.authors       = ['Johanns Gregorian']
-  gem.email         = 'io+sha3@jsg.io'
-  gem.homepage      = 'https://github.com/johanns/sha3#readme'
-
-  gem.files         = `git ls-files`.split($/)
-  gem.executables   = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) }
-  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
-  gem.require_paths = ['lib']
-  gem.extensions    = ['ext/sha3/extconf.rb']
-
-  gem.add_development_dependency 'rake-compiler', '~> 1.1'
-  gem.add_development_dependency 'rspec', '~> 3.3'
-  gem.add_development_dependency 'rubygems-tasks', '~> 0.2'
-  gem.add_development_dependency 'yard', '~> 0.9'
+# frozen_string_literal: true
+
+require_relative 'lib/sha3/version'
+
+# rubocop:disable Metrics/BlockLength(Rubocop)
+Gem::Specification.new do |spec|
+  spec.name = 'sha3'
+  spec.version = SHA3::VERSION
+
+  spec.authors = ['Johanns Gregorian']
+  spec.email = ['io+sha3@jsg.io']
+
+  spec.description = 'A XKCP based native (C) binding to SHA3 (FIPS 202) cryptographic hashing algorithm.'
+  spec.summary = 'SHA3 (FIPS 202) cryptographic hashing algorithm'
+
+  spec.homepage = 'https://github.com/johanns/sha3'
+  spec.license = 'MIT'
+  spec.required_ruby_version = '>= 2.6.0'
+
+  spec.metadata['changelog_uri'] = "#{spec.homepage}/CHANGELOG.md"
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = spec.homepage
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").reject do |f|
+      (f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
+    end
+  end
+
+  spec.bindir = 'exe'
+  spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
+  spec.extensions = ['ext/sha3/extconf.rb']
+  spec.require_paths = ['lib']
+
+  # Uncomment to register a new dependency of your gem
+  # spec.add_dependency "example-gem", "~> 1.0"
+
+  # For more information and examples about making a new gem, check out our
+  # guide at: https://bundler.io/guides/creating_gem.html
+  spec.metadata['rubygems_mfa_required'] = 'true'
+
+  spec.add_development_dependency('rake', '~> 13.0')
+  spec.add_development_dependency('rake-compiler', '~> 1.2')
+  spec.add_development_dependency('rspec', '~> 3.11')
+  spec.add_development_dependency('rubocop', '~> 1.37')
+  spec.add_development_dependency('rubocop-rake', '~> 0.6')
+  spec.add_development_dependency('rubocop-rspec', '~> 2.14')
+
+  spec.cert_chain = ['certs/johanns.pem']
+  spec.signing_key = File.expand_path('~/.ssh/gem-private_key.pem') if $PROGRAM_NAME =~ /gem\z/
 end
+# rubocop:enable Metrics/BlockLength(Rubocop)

data/tests.sh

@@ -11,18 +11,19 @@ else
 fi
 
 pushd "spec/data"
-
 if [ -f "*.txt" ]
 then
     rm -v *.txt
 fi
 
-wget "https://raw.githubusercontent.com/XKCP/XKCP/master/tests/TestVectors/ShortMsgKAT_SHA3-224.txt"
-wget "https://raw.githubusercontent.com/XKCP/XKCP/master/tests/TestVectors/ShortMsgKAT_SHA3-256.txt"
-wget "https://raw.githubusercontent.com/XKCP/XKCP/master/tests/TestVectors/ShortMsgKAT_SHA3-384.txt"
-wget "https://raw.githubusercontent.com/XKCP/XKCP/master/tests/TestVectors/ShortMsgKAT_SHA3-512.txt"
-
-cd ".."
+curl "https://raw.githubusercontent.com/XKCP/XKCP/master/tests/TestVectors/ShortMsgKAT_SHA3-224.txt" > ShortMsgKAT_SHA3-224.txt
+curl "https://raw.githubusercontent.com/XKCP/XKCP/master/tests/TestVectors/ShortMsgKAT_SHA3-256.txt" > ShortMsgKAT_SHA3-256.txt
+curl "https://raw.githubusercontent.com/XKCP/XKCP/master/tests/TestVectors/ShortMsgKAT_SHA3-384.txt" > ShortMsgKAT_SHA3-384.txt
+curl "https://raw.githubusercontent.com/XKCP/XKCP/master/tests/TestVectors/ShortMsgKAT_SHA3-512.txt" > ShortMsgKAT_SHA3-512.txt
+popd
 
+pushd spec
 ruby generate_tests.rb
+popd
+
 rake