sharpetronics/liboqs
1
0
Fork 0
mirror of https://github.com/open-quantum-safe/liboqs.git synced 2025-10-17 00:05:38 -04:00
Code Issues Projects Releases Wiki Activity

Prettyprint

Browse Source
This commit is contained in:
Douglas Stebila 2019-07-04 21:40:51 -04:00
parent d9747e398e
commit 034df22563
4 changed files with 483 additions and 487 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/crypto/sha3/fips202.c
View File

@ -23,7 +23,7 @@
static uint64_t load64(const uint8_t *x) {
uint64_t r = 0;
for (size_t i = 0; i < 8; ++i) {
r |= (uint64_t)x[i] << 8 * i;
r |= (uint64_t) x[i] << 8 * i;
}
return r;
@ -39,7 +39,7 @@ static uint64_t load64(const uint8_t *x) {
**************************************************/
static void store64(uint8_t *x, uint64_t u) {
for (size_t i = 0; i < 8; ++i) {
x[i] = (uint8_t) (u >> 8 * i);
x[i] = (uint8_t)(u >> 8 * i);
}
}
@ -56,8 +56,7 @@ static const uint64_t KeccakF_RoundConstants[NROUNDS] = {
0x8000000000008002ULL, 0x8000000000000080ULL,
0x000000000000800aULL, 0x800000008000000aULL,
0x8000000080008081ULL, 0x8000000000008080ULL,
0x0000000080000001ULL, 0x8000000080008008ULL
};
0x0000000080000001ULL, 0x8000000080008008ULL};
/*************************************************
* Name: KeccakF1600_StatePermute
@ -442,7 +441,7 @@ static void keccak_inc_absorb(uint64_t *s_inc, uint32_t r, const uint8_t *m,
for (i = 0; i < r - s_inc[25]; i++) {
/* Take the i'th byte from message
xor with the s_inc[25] + i'th byte of the state; little-endian */
s_inc[(s_inc[25] + i) >> 3] ^= (uint64_t)m[i] << (8 * ((s_inc[25] + i) & 0x07));
s_inc[(s_inc[25] + i) >> 3] ^= (uint64_t) m[i] << (8 * ((s_inc[25] + i) & 0x07));
}
mlen -= (size_t)(r - s_inc[25]);
m += r - s_inc[25];
@ -452,7 +451,7 @@ static void keccak_inc_absorb(uint64_t *s_inc, uint32_t r, const uint8_t *m,
}
for (i = 0; i < mlen; i++) {
s_inc[(s_inc[25] + i) >> 3] ^= (uint64_t)m[i] << (8 * ((s_inc[25] + i) & 0x07));
s_inc[(s_inc[25] + i) >> 3] ^= (uint64_t) m[i] << (8 * ((s_inc[25] + i) & 0x07));
}
s_inc[25] += mlen;
}
@ -473,8 +472,8 @@ static void keccak_inc_absorb(uint64_t *s_inc, uint32_t r, const uint8_t *m,
static void keccak_inc_finalize(uint64_t *s_inc, uint32_t r, uint8_t p) {
/* After keccak_inc_absorb, we are guaranteed that s_inc[25] < r,
so we can always use one more byte for p in the current state. */
s_inc[s_inc[25] >> 3] ^= (uint64_t)p << (8 * (s_inc[25] & 0x07));
s_inc[(r - 1) >> 3] ^= (uint64_t)128 << (8 * ((r - 1) & 0x07));
s_inc[s_inc[25] >> 3] ^= (uint64_t) p << (8 * (s_inc[25] & 0x07));
s_inc[(r - 1) >> 3] ^= (uint64_t) 128 << (8 * ((r - 1) & 0x07));
s_inc[25] = 0;
}
@ -550,7 +549,6 @@ void shake256_inc_squeeze(uint8_t *output, size_t outlen, shake256incctx *state)
keccak_inc_squeeze(output, outlen, state->ctx, SHAKE256_RATE);
}
/*************************************************
* Name: shake128_absorb
*

2
src/crypto/sha3/sha3.h
View File

@ -249,7 +249,7 @@ void OQS_SHA3_cshake128_inc_absorb(OQS_SHA3_shake128_inc_ctx *state, const uint8
void OQS_SHA3_cshake128_inc_finalize(OQS_SHA3_shake128_inc_ctx *state);
void OQS_SHA3_cshake128_inc_squeeze(uint8_t *output, size_t outlen, OQS_SHA3_shake128_inc_ctx *state);
void OQS_SHA3_cshake256(uint8_t *output, size_t outlen, const uint8_t *name, size_t namelen, const uint8_t* cstm, size_t cstmlen, const uint8_t *input, size_t inlen);
void OQS_SHA3_cshake256(uint8_t *output, size_t outlen, const uint8_t *name, size_t namelen, const uint8_t *cstm, size_t cstmlen, const uint8_t *input, size_t inlen);
void OQS_SHA3_cshake256_inc_init(OQS_SHA3_shake256_inc_ctx *state, const uint8_t *name, size_t namelen, const uint8_t *cstm, size_t cstmlen);
void OQS_SHA3_cshake256_inc_absorb(OQS_SHA3_shake256_inc_ctx *state, const uint8_t *input, size_t inlen);

2
src/crypto/sha3/sha3_c.c
View File

@ -103,7 +103,6 @@ void OQS_SHA3_cshake128_simple(uint8_t *output, size_t outlen, uint16_t cstm, co
/* generate output */
OQS_SHA3_cshake128_inc_finalize(&state);
OQS_SHA3_cshake128_inc_squeeze(output, outlen, &state);
}
void OQS_SHA3_cshake256_simple(uint8_t *output, size_t outlen, uint16_t cstm, const uint8_t *input, size_t inplen) {
@ -141,5 +140,4 @@ void OQS_SHA3_cshake256_simple(uint8_t *output, size_t outlen, uint16_t cstm, co
/* generate output */
OQS_SHA3_cshake256_inc_finalize(&state);
OQS_SHA3_cshake256_inc_squeeze(output, outlen, &state);
}

16
src/crypto/sha3/sp800-185.c
View File

@ -11,14 +11,14 @@ static size_t left_encode(uint8_t *encbuf, size_t value) {
n = 1;
}
for (i = 1; i <= n; i++) {
encbuf[i] = (uint8_t)(value >> (8 * (n-i)));
encbuf[i] = (uint8_t)(value >> (8 * (n - i)));
}
encbuf[0] = (uint8_t)n;
encbuf[0] = (uint8_t) n;
return n + 1;
}
void cshake128_inc_init(shake128incctx *state, const uint8_t *name, size_t namelen, const uint8_t *cstm, size_t cstmlen) {
uint8_t encbuf[sizeof(size_t)+1];
uint8_t encbuf[sizeof(size_t) + 1];
shake128_inc_init(state);
@ -42,8 +42,8 @@ void cshake128_inc_absorb(shake128incctx *state, const uint8_t *input, size_t in
}
void cshake128_inc_finalize(shake128incctx *state) {
state->ctx[state->ctx[25] >> 3] ^= (uint64_t)0x04 << (8 * (state->ctx[25] & 0x07));
state->ctx[(SHAKE128_RATE - 1) >> 3] ^= (uint64_t)128 << (8 * ((SHAKE128_RATE - 1) & 0x07));
state->ctx[state->ctx[25] >> 3] ^= (uint64_t) 0x04 << (8 * (state->ctx[25] & 0x07));
state->ctx[(SHAKE128_RATE - 1) >> 3] ^= (uint64_t) 128 << (8 * ((SHAKE128_RATE - 1) & 0x07));
state->ctx[25] = 0;
}
@ -52,7 +52,7 @@ void cshake128_inc_squeeze(uint8_t *output, size_t outlen, shake128incctx *state
}
void cshake256_inc_init(shake256incctx *state, const uint8_t *name, size_t namelen, const uint8_t *cstm, size_t cstmlen) {
uint8_t encbuf[sizeof(size_t)+1];
uint8_t encbuf[sizeof(size_t) + 1];
shake256_inc_init(state);
@ -76,8 +76,8 @@ void cshake256_inc_absorb(shake256incctx *state, const uint8_t *input, size_t in
}
void cshake256_inc_finalize(shake256incctx *state) {
state->ctx[state->ctx[25] >> 3] ^= (uint64_t)0x04 << (8 * (state->ctx[25] & 0x07));
state->ctx[(SHAKE256_RATE - 1) >> 3] ^= (uint64_t)128 << (8 * ((SHAKE256_RATE - 1) & 0x07));
state->ctx[state->ctx[25] >> 3] ^= (uint64_t) 0x04 << (8 * (state->ctx[25] & 0x07));
state->ctx[(SHAKE256_RATE - 1) >> 3] ^= (uint64_t) 128 << (8 * ((SHAKE256_RATE - 1) & 0x07));
state->ctx[25] = 0;
}