sha3 2.0.0 → 2.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/.clang-format +5 -52
- data/.document +1 -2
- data/.rdoc_options +1 -0
- data/.rubocop.yml +3 -0
- data/.vscode/launch.json +15 -0
- data/.vscode/settings.json +9 -0
- data/.vscode/tasks.json +29 -0
- data/CHANGELOG.md +15 -0
- data/Gemfile +1 -0
- data/README.md +116 -33
- data/Rakefile +4 -2
- data/doc/sha3.rb +2 -0
- data/ext/sha3/config.h +2 -2
- data/ext/sha3/cshake.c +391 -0
- data/ext/sha3/cshake.h +17 -0
- data/ext/sha3/digest.c +320 -231
- data/ext/sha3/digest.h +3 -71
- data/ext/sha3/extconf.rb +14 -8
- data/ext/sha3/kmac.c +474 -0
- data/ext/sha3/kmac.h +14 -0
- data/ext/sha3/sha3.c +35 -0
- data/ext/sha3/sha3.h +17 -0
- data/ext/sha3/sp800_185.c +311 -0
- data/ext/sha3/sp800_185.h +94 -0
- data/lib/constants.rb +5 -0
- data/lib/sha3.rb +28 -24
- data.tar.gz.sig +0 -0
- metadata +22 -21
- metadata.gz.sig +0 -0
data/ext/sha3/digest.c
CHANGED
|
@@ -1,5 +1,8 @@
|
|
|
1
1
|
#include "digest.h"
|
|
2
2
|
|
|
3
|
+
#include "KeccakHash.h"
|
|
4
|
+
#include "sha3.h"
|
|
5
|
+
|
|
3
6
|
/*
|
|
4
7
|
* == Notes
|
|
5
8
|
*
|
|
@@ -7,181 +10,259 @@
|
|
|
7
10
|
* | .alloc() ->
|
|
8
11
|
* | .new() ->
|
|
9
12
|
* | .update() ->
|
|
10
|
-
* | .digest or .hexdigest or .inspect -> (Instance.digest or .hexdigest())
|
|
11
|
-
* ->
|
|
13
|
+
* | .digest or .hexdigest or .inspect -> (Instance.digest or .hexdigest()) ->
|
|
12
14
|
* --| .alloc() ->
|
|
13
15
|
* | .copy() ->
|
|
14
16
|
* | .finish() ->
|
|
15
17
|
*
|
|
16
18
|
*/
|
|
17
19
|
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
20
|
+
/*** Types and structs ***/
|
|
21
|
+
|
|
22
|
+
typedef enum { SHA3_224 = 0, SHA3_256, SHA3_384, SHA3_512, SHAKE_128, SHAKE_256 } sha3_digest_algorithms;
|
|
23
|
+
|
|
24
|
+
typedef struct {
|
|
25
|
+
Keccak_HashInstance *state;
|
|
26
|
+
int hashbitlen;
|
|
27
|
+
sha3_digest_algorithms algorithm;
|
|
28
|
+
} sha3_digest_context_t;
|
|
29
|
+
|
|
30
|
+
typedef HashReturn (*keccak_init_func)(Keccak_HashInstance *);
|
|
31
|
+
|
|
32
|
+
/*** Function prototypes ***/
|
|
33
|
+
|
|
34
|
+
static int compare_contexts(const sha3_digest_context_t *, const sha3_digest_context_t *);
|
|
35
|
+
static inline void get_sha3_digest_context(VALUE, sha3_digest_context_t **);
|
|
36
|
+
static inline void safe_get_sha3_digest_context(VALUE, sha3_digest_context_t **);
|
|
37
|
+
static inline int is_shake_algorithm(sha3_digest_algorithms);
|
|
38
|
+
|
|
39
|
+
static int get_hashbit_length(VALUE, sha3_digest_algorithms *);
|
|
40
|
+
static HashReturn keccak_hash_initialize(sha3_digest_context_t *);
|
|
41
|
+
|
|
42
|
+
static void sha3_digest_free_context(void *);
|
|
43
|
+
static size_t sha3_digest_context_size(const void *);
|
|
44
|
+
|
|
45
|
+
/* Allocation and initialization */
|
|
46
|
+
static VALUE rb_sha3_digest_alloc(VALUE);
|
|
47
|
+
static VALUE rb_sha3_digest_init(int, VALUE *, VALUE);
|
|
48
|
+
static VALUE rb_sha3_digest_copy(VALUE, VALUE);
|
|
49
|
+
|
|
50
|
+
/* Core digest operations */
|
|
51
|
+
static VALUE rb_sha3_digest_finish(int, VALUE *, VALUE);
|
|
52
|
+
static VALUE rb_sha3_digest_reset(VALUE);
|
|
53
|
+
static VALUE rb_sha3_digest_update(VALUE, VALUE);
|
|
54
|
+
|
|
55
|
+
/* Digest properties */
|
|
56
|
+
static VALUE rb_sha3_digest_block_length(VALUE);
|
|
57
|
+
static VALUE rb_sha3_digest_length(VALUE);
|
|
58
|
+
static VALUE rb_sha3_digest_name(VALUE);
|
|
59
|
+
|
|
60
|
+
/* Output methods */
|
|
61
|
+
static VALUE rb_sha3_digest_digest(int, VALUE *, VALUE);
|
|
62
|
+
static VALUE rb_sha3_digest_hexdigest(int, VALUE *, VALUE);
|
|
63
|
+
static VALUE rb_sha3_digest_hex_squeeze(VALUE, VALUE);
|
|
64
|
+
static VALUE rb_sha3_digest_squeeze(VALUE, VALUE);
|
|
65
|
+
static VALUE rb_sha3_digest_self_digest(VALUE, VALUE, VALUE);
|
|
66
|
+
static VALUE rb_sha3_digest_self_hexdigest(VALUE, VALUE, VALUE);
|
|
67
|
+
|
|
68
|
+
/*** Globals variables ***/
|
|
69
|
+
|
|
70
|
+
VALUE _sha3_digest_class;
|
|
71
|
+
VALUE _sha3_digest_error_class;
|
|
72
|
+
|
|
73
|
+
/* Define the ID variables */
|
|
74
|
+
static ID _sha3_224_id;
|
|
75
|
+
static ID _sha3_256_id;
|
|
76
|
+
static ID _sha3_384_id;
|
|
77
|
+
static ID _sha3_512_id;
|
|
78
|
+
static ID _shake_128_id;
|
|
79
|
+
static ID _shake_256_id;
|
|
80
|
+
|
|
81
|
+
/* TypedData structure for sha3_digest_context_t */
|
|
82
|
+
const rb_data_type_t sha3_digest_data_type_t = {"SHA3::Digest",
|
|
83
|
+
{
|
|
84
|
+
NULL,
|
|
85
|
+
sha3_digest_free_context,
|
|
86
|
+
sha3_digest_context_size,
|
|
87
|
+
},
|
|
88
|
+
NULL,
|
|
89
|
+
NULL,
|
|
90
|
+
RUBY_TYPED_FREE_IMMEDIATELY};
|
|
91
|
+
|
|
21
92
|
void Init_sha3_digest(void) {
|
|
22
93
|
rb_require("digest");
|
|
23
94
|
|
|
24
95
|
/* Initialize static symbol IDs for faster lookup in get_hlen() */
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
96
|
+
_sha3_224_id = rb_intern("sha3_224");
|
|
97
|
+
_sha3_256_id = rb_intern("sha3_256");
|
|
98
|
+
_sha3_384_id = rb_intern("sha3_384");
|
|
99
|
+
_sha3_512_id = rb_intern("sha3_512");
|
|
100
|
+
_shake_128_id = rb_intern("shake_128");
|
|
101
|
+
_shake_256_id = rb_intern("shake_256");
|
|
31
102
|
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
*/
|
|
37
|
-
sha3_module = rb_define_module("SHA3");
|
|
103
|
+
if (NIL_P(_sha3_module)) {
|
|
104
|
+
// This is both a safeguard and a workaround for RDoc
|
|
105
|
+
_sha3_module = rb_define_module("SHA3");
|
|
106
|
+
}
|
|
38
107
|
|
|
39
108
|
/*
|
|
40
109
|
* Document-class: SHA3::Digest
|
|
41
110
|
*
|
|
42
111
|
* It is a subclass of the Digest::Class class, which provides a framework for
|
|
43
|
-
* creating and manipulating hash
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
*
|
|
49
|
-
*
|
|
50
|
-
* It is the version of the SHA3 module.
|
|
112
|
+
* creating and manipulating hash digest. Supported Algorithms are:
|
|
113
|
+
* - SHA3-224 (:sha3_224)
|
|
114
|
+
* - SHA3-256 (:sha3_256)
|
|
115
|
+
* - SHA3-384 (:sha3_384)
|
|
116
|
+
* - SHA3-512 (:sha3_512)
|
|
117
|
+
* - SHAKE128 (:shake_128)
|
|
118
|
+
* - SHAKE256 (:shake_256)
|
|
51
119
|
*/
|
|
52
|
-
|
|
120
|
+
_sha3_digest_class = rb_define_class_under(_sha3_module, "Digest", rb_path2class("Digest::Class"));
|
|
53
121
|
|
|
54
122
|
/*
|
|
55
123
|
* Document-class: SHA3::Digest::DigestError
|
|
56
124
|
*
|
|
125
|
+
* All SHA3::Digest methods raise this exception on error.
|
|
126
|
+
*
|
|
57
127
|
* It is a subclass of the StandardError class -- see the Ruby documentation
|
|
58
128
|
* for more information.
|
|
59
129
|
*/
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
rb_define_alloc_func(
|
|
63
|
-
rb_define_method(
|
|
64
|
-
rb_define_method(
|
|
65
|
-
rb_define_method(
|
|
66
|
-
rb_define_method(
|
|
67
|
-
rb_define_method(
|
|
68
|
-
rb_define_method(
|
|
69
|
-
rb_define_method(
|
|
70
|
-
|
|
71
|
-
rb_define_method(
|
|
72
|
-
rb_define_method(
|
|
73
|
-
rb_define_method(
|
|
74
|
-
|
|
130
|
+
_sha3_digest_error_class = rb_define_class_under(_sha3_digest_class, "Error", rb_eStandardError);
|
|
131
|
+
|
|
132
|
+
rb_define_alloc_func(_sha3_digest_class, rb_sha3_digest_alloc);
|
|
133
|
+
rb_define_method(_sha3_digest_class, "initialize", rb_sha3_digest_init, -1);
|
|
134
|
+
rb_define_method(_sha3_digest_class, "update", rb_sha3_digest_update, 1);
|
|
135
|
+
rb_define_method(_sha3_digest_class, "reset", rb_sha3_digest_reset, 0);
|
|
136
|
+
rb_define_method(_sha3_digest_class, "initialize_copy", rb_sha3_digest_copy, 1);
|
|
137
|
+
rb_define_method(_sha3_digest_class, "digest_length", rb_sha3_digest_length, 0);
|
|
138
|
+
rb_define_method(_sha3_digest_class, "block_length", rb_sha3_digest_block_length, 0);
|
|
139
|
+
rb_define_method(_sha3_digest_class, "name", rb_sha3_digest_name, 0);
|
|
140
|
+
|
|
141
|
+
rb_define_method(_sha3_digest_class, "squeeze", rb_sha3_digest_squeeze, 1);
|
|
142
|
+
rb_define_method(_sha3_digest_class, "hex_squeeze", rb_sha3_digest_hex_squeeze, 1);
|
|
143
|
+
rb_define_method(_sha3_digest_class, "digest", rb_sha3_digest_digest, -1);
|
|
144
|
+
rb_define_method(_sha3_digest_class, "hexdigest", rb_sha3_digest_hexdigest, -1);
|
|
145
|
+
|
|
146
|
+
rb_define_private_method(_sha3_digest_class, "finish", rb_sha3_digest_finish, -1);
|
|
75
147
|
|
|
76
148
|
/* Define the class method self.digest */
|
|
77
|
-
rb_define_singleton_method(
|
|
78
|
-
rb_define_singleton_method(
|
|
79
|
-
|
|
149
|
+
rb_define_singleton_method(_sha3_digest_class, "digest", rb_sha3_digest_self_digest, 2);
|
|
150
|
+
rb_define_singleton_method(_sha3_digest_class, "hexdigest", rb_sha3_digest_self_hexdigest, 2);
|
|
151
|
+
|
|
152
|
+
rb_define_alias(_sha3_digest_class, "<<", "update");
|
|
80
153
|
}
|
|
81
154
|
|
|
82
|
-
|
|
155
|
+
// Static inline functions replacing macros
|
|
156
|
+
static inline void get_sha3_digest_context(VALUE obj, sha3_digest_context_t **context) {
|
|
157
|
+
TypedData_Get_Struct((obj), sha3_digest_context_t, &sha3_digest_data_type_t, (*context));
|
|
158
|
+
if (!(*context)) {
|
|
159
|
+
rb_raise(rb_eRuntimeError, "Digest data not initialized!");
|
|
160
|
+
}
|
|
161
|
+
}
|
|
162
|
+
|
|
163
|
+
static inline void safe_get_sha3_digest_context(VALUE obj, sha3_digest_context_t **context) {
|
|
164
|
+
if (!rb_obj_is_kind_of(obj, _sha3_digest_class)) {
|
|
165
|
+
rb_raise(rb_eTypeError, "wrong argument (%s)! (expected %s)", rb_obj_classname(obj),
|
|
166
|
+
rb_class2name(_sha3_digest_class));
|
|
167
|
+
}
|
|
168
|
+
get_sha3_digest_context(obj, context);
|
|
169
|
+
}
|
|
170
|
+
|
|
171
|
+
static inline int is_shake_algorithm(sha3_digest_algorithms alg) { return alg == SHAKE_128 || alg == SHAKE_256; }
|
|
172
|
+
|
|
173
|
+
int get_hashbit_length(VALUE obj, sha3_digest_algorithms *algorithm) {
|
|
83
174
|
if (TYPE(obj) == T_SYMBOL) {
|
|
84
175
|
ID symid = SYM2ID(obj);
|
|
85
176
|
|
|
86
|
-
if (symid ==
|
|
177
|
+
if (symid == _sha3_224_id) {
|
|
87
178
|
*algorithm = SHA3_224;
|
|
88
179
|
return 224;
|
|
89
|
-
} else if (symid ==
|
|
180
|
+
} else if (symid == _sha3_256_id) {
|
|
90
181
|
*algorithm = SHA3_256;
|
|
91
182
|
return 256;
|
|
92
|
-
} else if (symid ==
|
|
183
|
+
} else if (symid == _sha3_384_id) {
|
|
93
184
|
*algorithm = SHA3_384;
|
|
94
185
|
return 384;
|
|
95
|
-
} else if (symid ==
|
|
186
|
+
} else if (symid == _sha3_512_id) {
|
|
96
187
|
*algorithm = SHA3_512;
|
|
97
188
|
return 512;
|
|
98
|
-
} else if (symid ==
|
|
189
|
+
} else if (symid == _shake_128_id) {
|
|
99
190
|
*algorithm = SHAKE_128;
|
|
100
191
|
return 128;
|
|
101
|
-
} else if (symid ==
|
|
192
|
+
} else if (symid == _shake_256_id) {
|
|
102
193
|
*algorithm = SHAKE_256;
|
|
103
194
|
return 256;
|
|
104
195
|
}
|
|
105
196
|
|
|
106
|
-
rb_raise(
|
|
197
|
+
rb_raise(rb_eArgError,
|
|
107
198
|
"invalid hash algorithm symbol (should be: :sha3_224, "
|
|
108
199
|
":sha3_256, :sha3_384, :sha3_512, :shake_128, or :shake_256)");
|
|
109
200
|
}
|
|
110
201
|
|
|
111
|
-
rb_raise(
|
|
202
|
+
rb_raise(_sha3_digest_error_class, "unknown type value");
|
|
203
|
+
|
|
112
204
|
return 0; // Never reached, but silences compiler warnings
|
|
113
205
|
}
|
|
114
206
|
|
|
115
|
-
static void
|
|
116
|
-
|
|
117
|
-
if (
|
|
118
|
-
if (
|
|
119
|
-
free(
|
|
207
|
+
static void sha3_digest_free_context(void *ptr) {
|
|
208
|
+
sha3_digest_context_t *context = (sha3_digest_context_t *)ptr;
|
|
209
|
+
if (context) {
|
|
210
|
+
if (context->state) {
|
|
211
|
+
free(context->state);
|
|
120
212
|
}
|
|
121
|
-
free(
|
|
213
|
+
free(context);
|
|
122
214
|
}
|
|
123
215
|
}
|
|
124
216
|
|
|
125
|
-
static size_t
|
|
126
|
-
const
|
|
127
|
-
size_t size = sizeof(
|
|
217
|
+
static size_t sha3_digest_context_size(const void *ptr) {
|
|
218
|
+
const sha3_digest_context_t *context = (const sha3_digest_context_t *)ptr;
|
|
219
|
+
size_t size = sizeof(sha3_digest_context_t);
|
|
128
220
|
|
|
129
|
-
if (
|
|
221
|
+
if (context && context->state) {
|
|
130
222
|
size += sizeof(Keccak_HashInstance);
|
|
131
223
|
}
|
|
132
224
|
|
|
133
225
|
return size;
|
|
134
226
|
}
|
|
135
227
|
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
{
|
|
139
|
-
NULL,
|
|
140
|
-
mdx_free,
|
|
141
|
-
mdx_memsize,
|
|
142
|
-
},
|
|
143
|
-
NULL,
|
|
144
|
-
NULL,
|
|
145
|
-
RUBY_TYPED_FREE_IMMEDIATELY};
|
|
146
|
-
|
|
147
|
-
static VALUE rb_digest_alloc(VALUE klass) {
|
|
148
|
-
MDX* mdx = (MDX*)malloc(sizeof(MDX));
|
|
149
|
-
if (!mdx) {
|
|
150
|
-
rb_raise(digest_error_class, "failed to allocate object memory");
|
|
151
|
-
}
|
|
152
|
-
|
|
153
|
-
mdx->state = (Keccak_HashInstance*)calloc(1, sizeof(Keccak_HashInstance));
|
|
154
|
-
if (!mdx->state) {
|
|
155
|
-
mdx_free(mdx);
|
|
156
|
-
rb_raise(digest_error_class, "failed to allocate state memory");
|
|
157
|
-
}
|
|
158
|
-
|
|
159
|
-
VALUE obj = TypedData_Wrap_Struct(klass, &mdx_type, mdx);
|
|
160
|
-
mdx->hashbitlen = 0;
|
|
161
|
-
mdx->algorithm = SHA3_256; // Default algorithm
|
|
162
|
-
|
|
163
|
-
return obj;
|
|
164
|
-
}
|
|
165
|
-
|
|
166
|
-
HashReturn keccak_hash_initialize(MDX* mdx) {
|
|
167
|
-
switch (mdx->algorithm) {
|
|
228
|
+
static HashReturn keccak_hash_initialize(sha3_digest_context_t *context) {
|
|
229
|
+
switch (context->algorithm) {
|
|
168
230
|
case SHA3_224:
|
|
169
|
-
return Keccak_HashInitialize_SHA3_224(
|
|
231
|
+
return Keccak_HashInitialize_SHA3_224(context->state);
|
|
170
232
|
case SHA3_256:
|
|
171
|
-
return Keccak_HashInitialize_SHA3_256(
|
|
233
|
+
return Keccak_HashInitialize_SHA3_256(context->state);
|
|
172
234
|
case SHA3_384:
|
|
173
|
-
return Keccak_HashInitialize_SHA3_384(
|
|
235
|
+
return Keccak_HashInitialize_SHA3_384(context->state);
|
|
174
236
|
case SHA3_512:
|
|
175
|
-
return Keccak_HashInitialize_SHA3_512(
|
|
237
|
+
return Keccak_HashInitialize_SHA3_512(context->state);
|
|
176
238
|
case SHAKE_128:
|
|
177
|
-
return Keccak_HashInitialize_SHAKE128(
|
|
239
|
+
return Keccak_HashInitialize_SHAKE128(context->state);
|
|
178
240
|
case SHAKE_256:
|
|
179
|
-
return Keccak_HashInitialize_SHAKE256(
|
|
241
|
+
return Keccak_HashInitialize_SHAKE256(context->state);
|
|
180
242
|
}
|
|
181
243
|
|
|
182
244
|
return KECCAK_FAIL;
|
|
183
245
|
}
|
|
184
246
|
|
|
247
|
+
static VALUE rb_sha3_digest_alloc(VALUE klass) {
|
|
248
|
+
sha3_digest_context_t *context = (sha3_digest_context_t *)malloc(sizeof(sha3_digest_context_t));
|
|
249
|
+
if (!context) {
|
|
250
|
+
rb_raise(_sha3_digest_error_class, "failed to allocate object memory");
|
|
251
|
+
}
|
|
252
|
+
|
|
253
|
+
context->state = (Keccak_HashInstance *)calloc(1, sizeof(Keccak_HashInstance));
|
|
254
|
+
if (!context->state) {
|
|
255
|
+
sha3_digest_free_context(context);
|
|
256
|
+
rb_raise(_sha3_digest_error_class, "failed to allocate state memory");
|
|
257
|
+
}
|
|
258
|
+
|
|
259
|
+
VALUE obj = TypedData_Wrap_Struct(klass, &sha3_digest_data_type_t, context);
|
|
260
|
+
context->hashbitlen = 0;
|
|
261
|
+
context->algorithm = SHA3_256; // Default algorithm
|
|
262
|
+
|
|
263
|
+
return obj;
|
|
264
|
+
}
|
|
265
|
+
|
|
185
266
|
/*
|
|
186
267
|
* :call-seq:
|
|
187
268
|
* ::new() -> instance
|
|
@@ -206,26 +287,26 @@ HashReturn keccak_hash_initialize(MDX* mdx) {
|
|
|
206
287
|
* SHA3::Digest.new(:sha3_256)
|
|
207
288
|
* SHA3::Digest.new(:shake_128, "initial data")
|
|
208
289
|
*/
|
|
209
|
-
static VALUE
|
|
210
|
-
|
|
290
|
+
static VALUE rb_sha3_digest_init(int argc, VALUE *argv, VALUE self) {
|
|
291
|
+
sha3_digest_context_t *context;
|
|
211
292
|
VALUE hlen, data;
|
|
212
293
|
|
|
213
294
|
rb_scan_args(argc, argv, "02", &hlen, &data);
|
|
214
|
-
|
|
295
|
+
get_sha3_digest_context(self, &context);
|
|
215
296
|
|
|
216
297
|
if (NIL_P(hlen)) {
|
|
217
|
-
|
|
218
|
-
|
|
298
|
+
context->algorithm = SHA3_256;
|
|
299
|
+
context->hashbitlen = 256;
|
|
219
300
|
} else {
|
|
220
|
-
|
|
301
|
+
context->hashbitlen = get_hashbit_length(hlen, &context->algorithm);
|
|
221
302
|
}
|
|
222
303
|
|
|
223
|
-
if (keccak_hash_initialize(
|
|
224
|
-
rb_raise(
|
|
304
|
+
if (keccak_hash_initialize(context) != KECCAK_SUCCESS) {
|
|
305
|
+
rb_raise(_sha3_digest_error_class, "failed to initialize algorithm state");
|
|
225
306
|
}
|
|
226
307
|
|
|
227
308
|
if (!NIL_P(data)) {
|
|
228
|
-
return
|
|
309
|
+
return rb_sha3_digest_update(self, data);
|
|
229
310
|
}
|
|
230
311
|
|
|
231
312
|
return self;
|
|
@@ -244,12 +325,12 @@ static VALUE rb_digest_init(int argc, VALUE* argv, VALUE self) {
|
|
|
244
325
|
* digest.update("more data")
|
|
245
326
|
* digest << "more data" # alias for update
|
|
246
327
|
*/
|
|
247
|
-
static VALUE
|
|
248
|
-
|
|
328
|
+
static VALUE rb_sha3_digest_update(VALUE self, VALUE data) {
|
|
329
|
+
sha3_digest_context_t *context;
|
|
249
330
|
BitLength dlen;
|
|
250
331
|
|
|
251
332
|
StringValue(data);
|
|
252
|
-
|
|
333
|
+
get_sha3_digest_context(self, &context);
|
|
253
334
|
|
|
254
335
|
// Check for empty data
|
|
255
336
|
if (RSTRING_LEN(data) == 0) {
|
|
@@ -258,13 +339,13 @@ static VALUE rb_digest_update(VALUE self, VALUE data) {
|
|
|
258
339
|
|
|
259
340
|
// Check for NULL data pointer
|
|
260
341
|
if (RSTRING_PTR(data) == NULL) {
|
|
261
|
-
rb_raise(
|
|
342
|
+
rb_raise(_sha3_digest_error_class, "cannot update with NULL data");
|
|
262
343
|
}
|
|
263
344
|
|
|
264
345
|
dlen = (RSTRING_LEN(data) * 8);
|
|
265
346
|
|
|
266
|
-
if (Keccak_HashUpdate(
|
|
267
|
-
rb_raise(
|
|
347
|
+
if (Keccak_HashUpdate(context->state, (BitSequence *)RSTRING_PTR(data), dlen) != KECCAK_SUCCESS) {
|
|
348
|
+
rb_raise(_sha3_digest_error_class, "failed to update hash data");
|
|
268
349
|
}
|
|
269
350
|
|
|
270
351
|
return self;
|
|
@@ -279,41 +360,41 @@ static VALUE rb_digest_update(VALUE self, VALUE data) {
|
|
|
279
360
|
* = example
|
|
280
361
|
* digest.reset
|
|
281
362
|
*/
|
|
282
|
-
static VALUE
|
|
283
|
-
|
|
284
|
-
|
|
363
|
+
static VALUE rb_sha3_digest_reset(VALUE self) {
|
|
364
|
+
sha3_digest_context_t *context;
|
|
365
|
+
get_sha3_digest_context(self, &context);
|
|
285
366
|
|
|
286
|
-
memset(
|
|
367
|
+
memset(context->state, 0, sizeof(Keccak_HashInstance));
|
|
287
368
|
|
|
288
|
-
if (keccak_hash_initialize(
|
|
289
|
-
rb_raise(
|
|
369
|
+
if (keccak_hash_initialize(context) != KECCAK_SUCCESS) {
|
|
370
|
+
rb_raise(_sha3_digest_error_class, "failed to reset internal state");
|
|
290
371
|
}
|
|
291
372
|
|
|
292
373
|
return self;
|
|
293
374
|
}
|
|
294
375
|
|
|
295
|
-
static int
|
|
376
|
+
static int compare_contexts(const sha3_digest_context_t *context1, const sha3_digest_context_t *context2) {
|
|
296
377
|
// First check the hashbitlen and algorithm
|
|
297
|
-
if (
|
|
378
|
+
if (context1->hashbitlen != context2->hashbitlen || context1->algorithm != context2->algorithm) {
|
|
298
379
|
return 0;
|
|
299
380
|
}
|
|
300
381
|
|
|
301
382
|
// Compare the internal state structure
|
|
302
|
-
if (memcmp(&(
|
|
303
|
-
sizeof(
|
|
383
|
+
if (memcmp(&(context1->state->sponge.state), &(context2->state->sponge.state),
|
|
384
|
+
sizeof(context1->state->sponge.state)) != 0) {
|
|
304
385
|
return 0;
|
|
305
386
|
}
|
|
306
387
|
|
|
307
388
|
// Compare sponge parameters
|
|
308
|
-
if ((
|
|
309
|
-
(
|
|
310
|
-
(
|
|
389
|
+
if ((context1->state->sponge.rate != context2->state->sponge.rate) ||
|
|
390
|
+
(context1->state->sponge.byteIOIndex != context2->state->sponge.byteIOIndex) ||
|
|
391
|
+
(context1->state->sponge.squeezing != context2->state->sponge.squeezing)) {
|
|
311
392
|
return 0;
|
|
312
393
|
}
|
|
313
394
|
|
|
314
395
|
// Compare hash-specific parameters
|
|
315
|
-
if ((
|
|
316
|
-
(
|
|
396
|
+
if ((context1->state->fixedOutputLength != context2->state->fixedOutputLength) ||
|
|
397
|
+
(context1->state->delimitedSuffix != context2->state->delimitedSuffix)) {
|
|
317
398
|
return 0;
|
|
318
399
|
}
|
|
319
400
|
|
|
@@ -333,23 +414,29 @@ static int cmp_states(const MDX* mdx1, const MDX* mdx2) {
|
|
|
333
414
|
* = example
|
|
334
415
|
* new_digest = digest.dup
|
|
335
416
|
*/
|
|
336
|
-
static VALUE
|
|
337
|
-
|
|
417
|
+
static VALUE rb_sha3_digest_copy(VALUE self, VALUE other) {
|
|
418
|
+
sha3_digest_context_t *context;
|
|
419
|
+
sha3_digest_context_t *other_context;
|
|
338
420
|
|
|
339
421
|
rb_check_frozen(self);
|
|
340
|
-
if (self ==
|
|
422
|
+
if (self == other) {
|
|
341
423
|
return self;
|
|
342
424
|
}
|
|
343
425
|
|
|
344
|
-
|
|
345
|
-
|
|
426
|
+
if (!rb_obj_is_kind_of(other, _sha3_digest_class)) {
|
|
427
|
+
rb_raise(rb_eTypeError, "wrong argument (%s)! (expected %s)", rb_obj_classname(other),
|
|
428
|
+
rb_class2name(_sha3_digest_class));
|
|
429
|
+
}
|
|
430
|
+
|
|
431
|
+
safe_get_sha3_digest_context(other, &other_context);
|
|
432
|
+
get_sha3_digest_context(self, &context);
|
|
346
433
|
|
|
347
|
-
|
|
348
|
-
|
|
349
|
-
|
|
434
|
+
context->hashbitlen = other_context->hashbitlen;
|
|
435
|
+
context->algorithm = other_context->algorithm;
|
|
436
|
+
memcpy(context->state, other_context->state, sizeof(Keccak_HashInstance));
|
|
350
437
|
|
|
351
|
-
if (!
|
|
352
|
-
rb_raise(
|
|
438
|
+
if (!compare_contexts(context, other_context)) {
|
|
439
|
+
rb_raise(_sha3_digest_error_class, "failed to copy state");
|
|
353
440
|
}
|
|
354
441
|
|
|
355
442
|
return self;
|
|
@@ -364,11 +451,11 @@ static VALUE rb_digest_copy(VALUE self, VALUE obj) {
|
|
|
364
451
|
* = example
|
|
365
452
|
* digest.length #=> 32 for SHA3-256
|
|
366
453
|
*/
|
|
367
|
-
static VALUE
|
|
368
|
-
|
|
369
|
-
|
|
454
|
+
static VALUE rb_sha3_digest_length(VALUE self) {
|
|
455
|
+
sha3_digest_context_t *context;
|
|
456
|
+
get_sha3_digest_context(self, &context);
|
|
370
457
|
|
|
371
|
-
return ULL2NUM(
|
|
458
|
+
return ULL2NUM(context->hashbitlen / 8);
|
|
372
459
|
}
|
|
373
460
|
|
|
374
461
|
/*
|
|
@@ -380,11 +467,11 @@ static VALUE rb_digest_length(VALUE self) {
|
|
|
380
467
|
* = example
|
|
381
468
|
* digest.block_length
|
|
382
469
|
*/
|
|
383
|
-
static VALUE
|
|
384
|
-
|
|
385
|
-
|
|
470
|
+
static VALUE rb_sha3_digest_block_length(VALUE self) {
|
|
471
|
+
sha3_digest_context_t *context;
|
|
472
|
+
get_sha3_digest_context(self, &context);
|
|
386
473
|
|
|
387
|
-
return ULL2NUM(200 - (2 * (
|
|
474
|
+
return ULL2NUM(200 - (2 * (context->hashbitlen / 8)));
|
|
388
475
|
}
|
|
389
476
|
|
|
390
477
|
/*
|
|
@@ -396,11 +483,11 @@ static VALUE rb_digest_block_length(VALUE self) {
|
|
|
396
483
|
* = example
|
|
397
484
|
* digest.name #=> "SHA3-256"
|
|
398
485
|
*/
|
|
399
|
-
static VALUE
|
|
400
|
-
|
|
401
|
-
|
|
486
|
+
static VALUE rb_sha3_digest_name(VALUE self) {
|
|
487
|
+
sha3_digest_context_t *context;
|
|
488
|
+
get_sha3_digest_context(self, &context);
|
|
402
489
|
|
|
403
|
-
switch (
|
|
490
|
+
switch (context->algorithm) {
|
|
404
491
|
case SHA3_224:
|
|
405
492
|
return rb_str_new2("SHA3-224");
|
|
406
493
|
case SHA3_256:
|
|
@@ -414,7 +501,7 @@ static VALUE rb_digest_name(VALUE self) {
|
|
|
414
501
|
case SHAKE_256:
|
|
415
502
|
return rb_str_new2("SHAKE256");
|
|
416
503
|
default:
|
|
417
|
-
rb_raise(
|
|
504
|
+
rb_raise(_sha3_digest_error_class, "unknown algorithm");
|
|
418
505
|
}
|
|
419
506
|
}
|
|
420
507
|
|
|
@@ -431,17 +518,17 @@ static VALUE rb_digest_name(VALUE self) {
|
|
|
431
518
|
* digest.finish
|
|
432
519
|
* digest.finish("final chunk")
|
|
433
520
|
*/
|
|
434
|
-
static VALUE
|
|
435
|
-
|
|
521
|
+
static VALUE rb_sha3_digest_finish(int argc, VALUE *argv, VALUE self) {
|
|
522
|
+
sha3_digest_context_t *context;
|
|
436
523
|
VALUE str;
|
|
437
524
|
int digest_bytes;
|
|
438
525
|
|
|
439
526
|
rb_scan_args(argc, argv, "01", &str);
|
|
440
|
-
|
|
527
|
+
get_sha3_digest_context(self, &context);
|
|
441
528
|
|
|
442
529
|
// For both SHA3 and SHAKE algorithms, use the security strength (hashbitlen)
|
|
443
530
|
// as the default output length
|
|
444
|
-
digest_bytes =
|
|
531
|
+
digest_bytes = context->hashbitlen / 8;
|
|
445
532
|
|
|
446
533
|
if (NIL_P(str)) {
|
|
447
534
|
str = rb_str_new(0, digest_bytes);
|
|
@@ -450,8 +537,8 @@ static VALUE rb_digest_finish(int argc, VALUE* argv, VALUE self) {
|
|
|
450
537
|
rb_str_resize(str, digest_bytes);
|
|
451
538
|
}
|
|
452
539
|
|
|
453
|
-
if (Keccak_HashFinal(
|
|
454
|
-
rb_raise(
|
|
540
|
+
if (Keccak_HashFinal(context->state, (BitSequence *)RSTRING_PTR(str)) != KECCAK_SUCCESS) {
|
|
541
|
+
rb_raise(_sha3_digest_error_class, "failed to finalize digest");
|
|
455
542
|
}
|
|
456
543
|
|
|
457
544
|
return str;
|
|
@@ -462,6 +549,7 @@ static VALUE rb_digest_finish(int argc, VALUE* argv, VALUE self) {
|
|
|
462
549
|
* squeeze(length) -> String
|
|
463
550
|
*
|
|
464
551
|
* Returns the squeezed output as a binary string. Only available for SHAKE algorithms.
|
|
552
|
+
* This method creates a copy of the current instance to preserve the original state.
|
|
465
553
|
*
|
|
466
554
|
* +length+::
|
|
467
555
|
* The length in bytes of the output to squeeze.
|
|
@@ -469,8 +557,8 @@ static VALUE rb_digest_finish(int argc, VALUE* argv, VALUE self) {
|
|
|
469
557
|
* = example
|
|
470
558
|
* digest.squeeze(32) # Get 32 bytes of output
|
|
471
559
|
*/
|
|
472
|
-
static VALUE
|
|
473
|
-
|
|
560
|
+
static VALUE rb_sha3_digest_squeeze(VALUE self, VALUE length) {
|
|
561
|
+
sha3_digest_context_t *context;
|
|
474
562
|
VALUE str, copy;
|
|
475
563
|
int output_bytes;
|
|
476
564
|
|
|
@@ -478,38 +566,35 @@ static VALUE rb_digest_squeeze(VALUE self, VALUE length) {
|
|
|
478
566
|
output_bytes = NUM2INT(length);
|
|
479
567
|
|
|
480
568
|
if (output_bytes <= 0) {
|
|
481
|
-
rb_raise(
|
|
569
|
+
rb_raise(_sha3_digest_error_class, "output length must be positive");
|
|
482
570
|
}
|
|
483
571
|
|
|
484
|
-
|
|
572
|
+
get_sha3_digest_context(self, &context);
|
|
485
573
|
|
|
486
574
|
// Only SHAKE algorithms support arbitrary-length output
|
|
487
|
-
if (
|
|
488
|
-
rb_raise(
|
|
575
|
+
if (!is_shake_algorithm(context->algorithm)) {
|
|
576
|
+
rb_raise(_sha3_digest_error_class, "squeeze is only supported for SHAKE algorithms");
|
|
489
577
|
}
|
|
490
578
|
|
|
491
579
|
// Create a copy of the digest object to avoid modifying the original
|
|
492
580
|
copy = rb_obj_clone(self);
|
|
493
581
|
|
|
494
|
-
// Get the
|
|
495
|
-
|
|
496
|
-
|
|
582
|
+
// Get the sha3_digest_context_t struct from the copy
|
|
583
|
+
sha3_digest_context_t *context_copy;
|
|
584
|
+
get_sha3_digest_context(copy, &context_copy);
|
|
497
585
|
|
|
498
586
|
str = rb_str_new(0, output_bytes);
|
|
499
587
|
|
|
500
588
|
// Finalize the hash on the copy
|
|
501
|
-
if (Keccak_HashFinal(
|
|
502
|
-
rb_raise(
|
|
589
|
+
if (Keccak_HashFinal(context_copy->state, NULL) != KECCAK_SUCCESS) {
|
|
590
|
+
rb_raise(_sha3_digest_error_class, "failed to finalize digest");
|
|
503
591
|
}
|
|
504
592
|
|
|
505
593
|
// Then squeeze out the desired number of bytes
|
|
506
|
-
if (Keccak_HashSqueeze(
|
|
507
|
-
|
|
508
|
-
rb_raise(digest_error_class, "failed to squeeze output");
|
|
594
|
+
if (Keccak_HashSqueeze(context_copy->state, (BitSequence *)RSTRING_PTR(str), output_bytes * 8) != KECCAK_SUCCESS) {
|
|
595
|
+
rb_raise(_sha3_digest_error_class, "failed to squeeze output");
|
|
509
596
|
}
|
|
510
597
|
|
|
511
|
-
// NOTE: We don't need the copy anymore...Ruby's GC will handle freeing it
|
|
512
|
-
|
|
513
598
|
return str;
|
|
514
599
|
}
|
|
515
600
|
|
|
@@ -526,17 +611,31 @@ static VALUE rb_digest_squeeze(VALUE self, VALUE length) {
|
|
|
526
611
|
* = example
|
|
527
612
|
* digest.hex_squeeze(32) # Get 64 hex characters (32 bytes)
|
|
528
613
|
*/
|
|
529
|
-
static VALUE
|
|
530
|
-
VALUE bin_str, result_array;
|
|
531
|
-
|
|
614
|
+
static VALUE rb_sha3_digest_hex_squeeze(VALUE self, VALUE length) {
|
|
532
615
|
// Get the binary output using the existing squeeze function
|
|
533
|
-
bin_str =
|
|
534
|
-
|
|
616
|
+
VALUE bin_str = rb_sha3_digest_squeeze(self, length);
|
|
535
617
|
// Use Ruby's built-in unpack method to convert to hex
|
|
536
|
-
|
|
618
|
+
return rb_funcall(bin_str, rb_intern("unpack1"), 1, rb_str_new2("H*"));
|
|
619
|
+
}
|
|
620
|
+
|
|
621
|
+
static VALUE prepare_shake_output(VALUE self, int argc, VALUE *argv, int hex_output) {
|
|
622
|
+
sha3_digest_context_t *context;
|
|
623
|
+
VALUE length, data;
|
|
624
|
+
|
|
625
|
+
get_sha3_digest_context(self, &context);
|
|
626
|
+
rb_scan_args(argc, argv, "02", &length, &data);
|
|
627
|
+
|
|
628
|
+
if (NIL_P(length)) {
|
|
629
|
+
rb_raise(_sha3_digest_error_class, "output length must be specified for SHAKE algorithms");
|
|
630
|
+
}
|
|
631
|
+
|
|
632
|
+
Check_Type(length, T_FIXNUM);
|
|
633
|
+
|
|
634
|
+
if (!NIL_P(data)) {
|
|
635
|
+
rb_sha3_digest_update(self, data);
|
|
636
|
+
}
|
|
537
637
|
|
|
538
|
-
|
|
539
|
-
return rb_ary_entry(result_array, 0);
|
|
638
|
+
return hex_output ? rb_sha3_digest_hex_squeeze(self, length) : rb_sha3_digest_squeeze(self, length);
|
|
540
639
|
}
|
|
541
640
|
|
|
542
641
|
/*
|
|
@@ -561,28 +660,15 @@ static VALUE rb_digest_hex_squeeze(VALUE self, VALUE length) {
|
|
|
561
660
|
* digest.digest(12) # For SHAKE algorithms
|
|
562
661
|
* digest.digest(12, 'compute me') # For SHAKE algorithms
|
|
563
662
|
*/
|
|
564
|
-
static VALUE
|
|
565
|
-
|
|
566
|
-
|
|
663
|
+
static VALUE rb_sha3_digest_digest(int argc, VALUE *argv, VALUE self) {
|
|
664
|
+
sha3_digest_context_t *context;
|
|
665
|
+
get_sha3_digest_context(self, &context);
|
|
567
666
|
|
|
568
|
-
if (
|
|
667
|
+
if (context->algorithm != SHAKE_128 && context->algorithm != SHAKE_256) {
|
|
569
668
|
return rb_call_super(argc, argv);
|
|
570
669
|
}
|
|
571
670
|
|
|
572
|
-
|
|
573
|
-
rb_scan_args(argc, argv, "02", &length, &data);
|
|
574
|
-
|
|
575
|
-
// For SHAKE algorithms
|
|
576
|
-
if (NIL_P(length)) {
|
|
577
|
-
rb_raise(digest_error_class, "output length must be specified for SHAKE algorithms");
|
|
578
|
-
}
|
|
579
|
-
|
|
580
|
-
// If data is provided, update the state before squeezing
|
|
581
|
-
if (!NIL_P(data)) {
|
|
582
|
-
rb_digest_update(self, data);
|
|
583
|
-
}
|
|
584
|
-
|
|
585
|
-
return rb_digest_squeeze(self, length);
|
|
671
|
+
return prepare_shake_output(self, argc, argv, 0);
|
|
586
672
|
}
|
|
587
673
|
|
|
588
674
|
/*
|
|
@@ -607,27 +693,15 @@ static VALUE rb_digest_digest(int argc, VALUE* argv, VALUE self) {
|
|
|
607
693
|
* digest.hexdigest(12) # For SHAKE algorithms
|
|
608
694
|
* digest.hexdigest(12, 'compute me') # For SHAKE algorithms
|
|
609
695
|
*/
|
|
610
|
-
static VALUE
|
|
611
|
-
|
|
612
|
-
|
|
696
|
+
static VALUE rb_sha3_digest_hexdigest(int argc, VALUE *argv, VALUE self) {
|
|
697
|
+
sha3_digest_context_t *context;
|
|
698
|
+
get_sha3_digest_context(self, &context);
|
|
613
699
|
|
|
614
|
-
if (
|
|
700
|
+
if (context->algorithm != SHAKE_128 && context->algorithm != SHAKE_256) {
|
|
615
701
|
return rb_call_super(argc, argv);
|
|
616
702
|
}
|
|
617
703
|
|
|
618
|
-
|
|
619
|
-
rb_scan_args(argc, argv, "02", &length, &data);
|
|
620
|
-
|
|
621
|
-
if (NIL_P(length)) {
|
|
622
|
-
rb_raise(digest_error_class, "output length must be specified for SHAKE algorithms");
|
|
623
|
-
}
|
|
624
|
-
|
|
625
|
-
// If data is provided, update the state before squeezing
|
|
626
|
-
if (!NIL_P(data)) {
|
|
627
|
-
rb_digest_update(self, data);
|
|
628
|
-
}
|
|
629
|
-
|
|
630
|
-
return rb_digest_hex_squeeze(self, length);
|
|
704
|
+
return prepare_shake_output(self, argc, argv, 1);
|
|
631
705
|
}
|
|
632
706
|
|
|
633
707
|
/*
|
|
@@ -656,25 +730,38 @@ static VALUE rb_digest_hexdigest(int argc, VALUE* argv, VALUE self) {
|
|
|
656
730
|
* This method defaults to squeezing 16 bytes for SHAKE128 and 32 bytes for SHAKE256.
|
|
657
731
|
* To squeeze a different length, use #squeeze instance method.
|
|
658
732
|
*/
|
|
659
|
-
static VALUE
|
|
733
|
+
static VALUE rb_sha3_digest_self_digest(VALUE klass, VALUE name, VALUE data) {
|
|
734
|
+
// Add null checks
|
|
735
|
+
if (NIL_P(name) || NIL_P(data)) {
|
|
736
|
+
rb_raise(_sha3_digest_error_class, "algorithm name and data cannot be nil");
|
|
737
|
+
}
|
|
738
|
+
|
|
739
|
+
// Add type validation for name
|
|
740
|
+
if (TYPE(name) != T_SYMBOL) {
|
|
741
|
+
rb_raise(_sha3_digest_error_class, "algorithm name must be a symbol");
|
|
742
|
+
}
|
|
743
|
+
|
|
744
|
+
// Existing code...
|
|
660
745
|
VALUE args[2];
|
|
661
|
-
|
|
746
|
+
|
|
747
|
+
// Need to add type checking for the data parameter
|
|
748
|
+
StringValue(data);
|
|
662
749
|
|
|
663
750
|
/* For SHAKE algorithms, we need to handle them differently */
|
|
664
751
|
if (TYPE(name) == T_SYMBOL) {
|
|
665
752
|
ID symid = SYM2ID(name);
|
|
666
|
-
if (symid ==
|
|
753
|
+
if (symid == _shake_128_id || symid == _shake_256_id) {
|
|
667
754
|
/* Create a new digest instance with the specified algorithm */
|
|
668
755
|
VALUE digest = rb_class_new_instance(1, &name, klass);
|
|
669
756
|
|
|
670
757
|
/* Update it with the data */
|
|
671
|
-
|
|
758
|
+
rb_sha3_digest_update(digest, data);
|
|
672
759
|
|
|
673
760
|
/* For SHAKE algorithms, use a default output length based on the security strength */
|
|
674
|
-
int output_length = (symid ==
|
|
761
|
+
int output_length = (symid == _shake_128_id) ? 16 : 32; /* 128/8 or 256/8 */
|
|
675
762
|
|
|
676
763
|
/* Return the squeezed output */
|
|
677
|
-
return
|
|
764
|
+
return rb_sha3_digest_squeeze(digest, INT2NUM(output_length));
|
|
678
765
|
}
|
|
679
766
|
}
|
|
680
767
|
|
|
@@ -712,25 +799,27 @@ static VALUE rb_digest_self_digest(VALUE klass, VALUE name, VALUE data) {
|
|
|
712
799
|
* This method defaults to squeezing 16 bytes for SHAKE128 and 32 bytes for SHAKE256.
|
|
713
800
|
* To squeeze a different length, use #hex_squeeze instance method.
|
|
714
801
|
*/
|
|
715
|
-
static VALUE
|
|
802
|
+
static VALUE rb_sha3_digest_self_hexdigest(VALUE klass, VALUE name, VALUE data) {
|
|
716
803
|
VALUE args[2];
|
|
717
|
-
|
|
804
|
+
|
|
805
|
+
// Need to add type checking for the data parameter
|
|
806
|
+
StringValue(data);
|
|
718
807
|
|
|
719
808
|
/* For SHAKE algorithms, we need to handle them differently */
|
|
720
809
|
if (TYPE(name) == T_SYMBOL) {
|
|
721
810
|
ID symid = SYM2ID(name);
|
|
722
|
-
if (symid ==
|
|
811
|
+
if (symid == _shake_128_id || symid == _shake_256_id) {
|
|
723
812
|
/* Create a new digest instance with the specified algorithm */
|
|
724
813
|
VALUE digest = rb_class_new_instance(1, &name, klass);
|
|
725
814
|
|
|
726
815
|
/* Update it with the data */
|
|
727
|
-
|
|
816
|
+
rb_sha3_digest_update(digest, data);
|
|
728
817
|
|
|
729
818
|
/* For SHAKE algorithms, use a default output length based on the security strength */
|
|
730
|
-
int output_length = (symid ==
|
|
819
|
+
int output_length = (symid == _shake_128_id) ? 16 : 32; /* 128/8 or 256/8 */
|
|
731
820
|
|
|
732
821
|
/* Return the hexadecimal representation of the squeezed output */
|
|
733
|
-
return
|
|
822
|
+
return rb_sha3_digest_hex_squeeze(digest, INT2NUM(output_length));
|
|
734
823
|
}
|
|
735
824
|
}
|
|
736
825
|
|