mirror of
https://github.com/open-quantum-safe/liboqs.git
synced 2025-10-08 00:03:38 -04:00
Factor out SHA3 from newhope.
This commit is contained in:
Alex Parent
parent
d23f8d3edd
commit
8f706feb47
13
Makefile
13
Makefile
@ -55,6 +55,7 @@ links:
|
||||
rm -rf include/oqs
|
||||
mkdir -p include/oqs
|
||||
$(LN) ../../src/aes/aes.h include/oqs
|
||||
$(LN) ../../src/sha3/sha3.h include/oqs
|
||||
$(LN) ../../src/kex/kex.h include/oqs
|
||||
$(LN) ../../src/kex_rlwe_bcns15/kex_rlwe_bcns15.h include/oqs
|
||||
$(LN) ../../src/kex_rlwe_newhope/kex_rlwe_newhope.h include/oqs
|
||||
@ -84,7 +85,7 @@ $(KEX_RLWE_BCNS15_OBJS): $(KEX_RLWE_BCNS15_HEADERS)
|
||||
|
||||
# KEX_NEWHOPE
|
||||
KEX_RLWE_NEWHOPE_OBJS := $(addprefix objs/kex_rlwe_newhope/, kex_rlwe_newhope.o)
|
||||
KEX_RLWE_NEWHOPE_HEADERS := $(addprefix src/kex_rlwe_newhope/, kex_rlwe_newhope.h fips202.c newhope.c params.h poly.c precomp.c)
|
||||
KEX_RLWE_NEWHOPE_HEADERS := $(addprefix src/kex_rlwe_newhope/, kex_rlwe_newhope.h newhope.c params.h poly.c precomp.c)
|
||||
$(KEX_RLWE_NEWHOPE_OBJS): $(KEX_RLWE_NEWHOPE_HEADERS)
|
||||
|
||||
# KEX_RLWE_MSRLN16
|
||||
@ -112,6 +113,10 @@ COMMON_OBJS := $(addprefix objs/common/, common.o)
|
||||
COMMON_HEADERS := $(addprefix src/common/, common.h)
|
||||
$(COMMON_OBJS): $(COMMON_HEADERS)
|
||||
|
||||
# SHA3
|
||||
SHA3_OBJS := $(addprefix objs/sha3/, sha3.o)
|
||||
SHA3_HEADERS := $(addprefix src/sha3/, sha3.h)
|
||||
$(SHA3_OBJS): $(SHA3_HEADERS)
|
||||
|
||||
# KEX
|
||||
objs/kex/kex.o: src/kex/kex.h
|
||||
@ -119,9 +124,11 @@ objs/kex/kex.o: src/kex/kex.h
|
||||
# LIB
|
||||
|
||||
|
||||
RAND_OBJS := $(RAND_URANDOM_AESCTR_OBJS) $(RAND_URANDOM_CHACHA_OBJS)
|
||||
RAND_OBJS := $(RAND_URANDOM_AESCTR_OBJS) $(RAND_URANDOM_CHACHA_OBJS) objs/rand/rand.o
|
||||
|
||||
lib: $(RAND_OBJS) $(KEX_RLWE_BCNS15_OBJS) $(KEX_RLWE_NEWHOPE_OBJS) $(KEX_RLWE_MSRLN16_OBJS) $(KEX_LWE_FRODO_OBJS) $(KEX_SIDH_CLN16_OBJS) objs/rand/rand.o objs/kex/kex.o $(AES_OBJS) $(COMMON_OBJS)
|
||||
KEX_OBJS := $(KEX_RLWE_BCNS15_OBJS) $(KEX_RLWE_NEWHOPE_OBJS) $(KEX_RLWE_MSRLN16_OBJS) $(KEX_LWE_FRODO_OBJS) $(KEX_SIDH_CLN16_OBJS) objs/kex/kex.o
|
||||
|
||||
lib: $(RAND_OBJS) $(KEX_OBJS) $(AES_OBJS) $(COMMON_OBJS) $(SHA3_OBJS)
|
||||
rm -f liboqs.a
|
||||
$(AR) liboqs.a $^
|
||||
$(RANLIB) liboqs.a
|
||||
|
||||
@ -1,6 +1,8 @@
|
||||
#include <stdint.h>
|
||||
|
||||
#include <oqs/sha3.h>
|
||||
|
||||
#include "precomp.c"
|
||||
#include "fips202.c"
|
||||
#include "poly.c"
|
||||
|
||||
static void encode_a(unsigned char *r, const poly *pk, const unsigned char *seed) {
|
||||
@ -94,7 +96,7 @@ static void sharedb(unsigned char *sharedkey, unsigned char *send, const unsigne
|
||||
rec(sharedkey, &v, &c);
|
||||
|
||||
#ifndef STATISTICAL_TEST
|
||||
sha3256(sharedkey, sharedkey, 32);
|
||||
OQS_SHA3_sha3256(sharedkey, sharedkey, 32);
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -110,6 +112,6 @@ static void shareda(unsigned char *sharedkey, const poly *sk, const unsigned cha
|
||||
rec(sharedkey, &v, &c);
|
||||
|
||||
#ifndef STATISTICAL_TEST
|
||||
sha3256(sharedkey, sharedkey, 32);
|
||||
OQS_SHA3_sha3256(sharedkey, sharedkey, 32);
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -146,9 +146,9 @@ static void poly_uniform(poly *a, const unsigned char *seed) {
|
||||
unsigned int nblocks = 16;
|
||||
uint8_t buf[2688]; // SHAKE128_RATE * nblocks
|
||||
|
||||
shake128_absorb(state, seed, NEWHOPE_SEEDBYTES);
|
||||
OQS_SHA3_shake128_absorb(state, seed, NEWHOPE_SEEDBYTES);
|
||||
|
||||
shake128_squeezeblocks((unsigned char *) buf, nblocks, state);
|
||||
OQS_SHA3_shake128_squeezeblocks((unsigned char *) buf, nblocks, state);
|
||||
|
||||
while (ctr < PARAM_N) {
|
||||
val = (buf[pos] | ((uint16_t) buf[pos + 1] << 8)) & 0x3fff; // Specialized for q = 12889
|
||||
@ -156,9 +156,9 @@ static void poly_uniform(poly *a, const unsigned char *seed) {
|
||||
a->coeffs[ctr++] = val;
|
||||
}
|
||||
pos += 2;
|
||||
if (pos > SHAKE128_RATE * nblocks - 2) {
|
||||
if (pos > OQS_SHA3_SHAKE128_RATE * nblocks - 2) {
|
||||
nblocks = 1;
|
||||
shake128_squeezeblocks((unsigned char *) buf, nblocks, state);
|
||||
OQS_SHA3_shake128_squeezeblocks((unsigned char *) buf, nblocks, state);
|
||||
pos = 0;
|
||||
}
|
||||
}
|
||||
|
||||
@ -7,9 +7,10 @@
|
||||
|
||||
#include <stdint.h>
|
||||
#include <assert.h>
|
||||
#include <oqs/sha3.h>
|
||||
|
||||
#define SHAKE128_RATE 168
|
||||
#define SHA3_256_RATE 136
|
||||
#define SHAKE128_RATE OQS_SHA3_SHAKE128_RATE
|
||||
#define SHA3_256_RATE OQS_SHA3_SHA3_256_RATE
|
||||
#define NROUNDS 24
|
||||
#define ROL(a, offset) ((a << offset) ^ (a >> (64-offset)))
|
||||
|
||||
@ -334,37 +335,32 @@ static void keccak_absorb(uint64_t *s,
|
||||
unsigned long long i;
|
||||
unsigned char t[200];
|
||||
|
||||
for (i = 0; i < 25; ++i) {
|
||||
for (i = 0; i < 25; ++i)
|
||||
s[i] = 0;
|
||||
}
|
||||
|
||||
while (mlen >= r) {
|
||||
for (i = 0; i < r / 8; ++i) {
|
||||
for (i = 0; i < r / 8; ++i)
|
||||
s[i] ^= load64(m + 8 * i);
|
||||
}
|
||||
|
||||
KeccakF1600_StatePermute(s);
|
||||
mlen -= r;
|
||||
m += r;
|
||||
}
|
||||
|
||||
for (i = 0; i < r; ++i) {
|
||||
for (i = 0; i < r; ++i)
|
||||
t[i] = 0;
|
||||
}
|
||||
for (i = 0; i < mlen; ++i) {
|
||||
for (i = 0; i < mlen; ++i)
|
||||
t[i] = m[i];
|
||||
}
|
||||
t[i] = p;
|
||||
t[r - 1] |= 128;
|
||||
for (i = 0; i < r / 8; ++i) {
|
||||
for (i = 0; i < r / 8; ++i)
|
||||
s[i] ^= load64(t + 8 * i);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
static void keccak_squeezeblocks(unsigned char *h, unsigned long long int nblocks,
|
||||
uint64_t *s,
|
||||
unsigned int r) {
|
||||
void OQS_SHA3_keccak_squeezeblocks(unsigned char *h, unsigned long long int nblocks,
|
||||
uint64_t *s,
|
||||
unsigned int r) {
|
||||
unsigned int i;
|
||||
while (nblocks > 0) {
|
||||
KeccakF1600_StatePermute(s);
|
||||
@ -376,22 +372,21 @@ static void keccak_squeezeblocks(unsigned char *h, unsigned long long int nblock
|
||||
}
|
||||
}
|
||||
|
||||
static void shake128_absorb(uint64_t *s, const unsigned char *input, unsigned int inputByteLen) {
|
||||
void OQS_SHA3_shake128_absorb(uint64_t *s, const unsigned char *input, unsigned int inputByteLen) {
|
||||
keccak_absorb(s, SHAKE128_RATE, input, inputByteLen, 0x1F);
|
||||
}
|
||||
|
||||
static void shake128_squeezeblocks(unsigned char *output, unsigned long long nblocks, uint64_t *s) {
|
||||
keccak_squeezeblocks(output, nblocks, s, SHAKE128_RATE);
|
||||
void OQS_SHA3_shake128_squeezeblocks(unsigned char *output, unsigned long long nblocks, uint64_t *s) {
|
||||
OQS_SHA3_keccak_squeezeblocks(output, nblocks, s, SHAKE128_RATE);
|
||||
}
|
||||
|
||||
static void sha3256(unsigned char *output, const unsigned char *input, unsigned int inputByteLen) {
|
||||
void OQS_SHA3_sha3256(unsigned char *output, const unsigned char *input, unsigned int inputByteLen) {
|
||||
uint64_t s[25];
|
||||
unsigned char t[SHA3_256_RATE];
|
||||
int i;
|
||||
|
||||
keccak_absorb(s, SHA3_256_RATE, input, inputByteLen, 0x06);
|
||||
keccak_squeezeblocks(t, 1, s, SHA3_256_RATE);
|
||||
for (i = 0; i < 32; i++) {
|
||||
OQS_SHA3_keccak_squeezeblocks(t, 1, s, SHA3_256_RATE);
|
||||
for (i = 0; i < 32; i++)
|
||||
output[i] = t[i];
|
||||
}
|
||||
}
|
||||
19
src/sha3/sha3.h
Normal file
19
src/sha3/sha3.h
Normal file
@ -0,0 +1,19 @@
|
||||
/**
|
||||
* \file sha3.h
|
||||
* \brief Header defining the API for OQS SHA3
|
||||
*/
|
||||
|
||||
#ifndef __OQS_SHA3_H
|
||||
#define __OQS_SHA3_H
|
||||
|
||||
#define OQS_SHA3_SHAKE128_RATE 168
|
||||
#define OQS_SHA3_SHA3_256_RATE 136
|
||||
|
||||
void OQS_SHA3_shake128_absorb(uint64_t *s, const unsigned char *input, unsigned int inputByteLen);
|
||||
void OQS_SHA3_keccak_squeezeblocks(unsigned char *h, unsigned long long int nblocks, uint64_t *s, unsigned int r);
|
||||
void OQS_SHA3_sha3256(unsigned char *output, const unsigned char *input, unsigned int inputByteLen);
|
||||
void OQS_SHA3_shake128_squeezeblocks(unsigned char *output, unsigned long long nblocks, uint64_t *s);
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user