diff options
| -rw-r--r-- | sha3.h | 141 | 
1 files changed, 129 insertions, 12 deletions
| @@ -17,11 +17,11 @@ typedef union {    uint64_t u64[25];  } sha3_state_t; -// XOF state +// Internal XOF state  typedef struct { -  size_t num_bytes; -  sha3_state_t a; -  _Bool squeezing; +  size_t num_bytes; // number of bytes absorbed +  sha3_state_t a; // internal state +  _Bool squeezing; // mode (absorbing or squeezing)  } sha3_xof_t;  /** @@ -102,7 +102,7 @@ void shake128_xof_init(sha3_xof_t * const xof);   * context `xof`.  Can be called iteratively to absorb input data in   * chunks.   * - * @param[in] xof SHAKE128 XOF context. + * @param[in/out] xof SHAKE128 XOF context.   * @param[in] m Input data.   * @param[in] len Input data length, in bytes.   * @@ -115,7 +115,7 @@ _Bool shake128_xof_absorb(sha3_xof_t *xof, const uint8_t *m, const size_t len);   * XOF context `xof`.  Can be called iteratively to squeeze output data   * in chunks.   * - * @param[in] xof SHAKE128 XOF context. + * @param[in/out] xof SHAKE128 XOF context.   * @param[out] dst Destination buffer.   * @param[in] len Destination buffer length, in bytes.   */ @@ -145,7 +145,7 @@ void shake256_xof_init(sha3_xof_t *xof);   * context `xof`.  Can be called iteratively to absorb input data in   * chunks.   * - * @param[in] xof SHAKE256 XOF context. + * @param[in/out] xof SHAKE256 XOF context.   * @param[in] m Input data.   * @param[in] len Input data length, in bytes.   * @@ -158,7 +158,7 @@ _Bool shake256_xof_absorb(sha3_xof_t *xof, const uint8_t *m, const size_t len);   * XOF context `xof`.  Can be called iteratively to squeeze output data   * in chunks.   * - * @param[in] xof SHAKE256 XOF context. + * @param[in/out] xof SHAKE256 XOF context.   * @param[out] dst Destination buffer.   * @param[in] len Destination buffer length, in bytes.   */ @@ -184,15 +184,132 @@ typedef struct {    const size_t custom_len; // length of customization string, in bytes  } cshake_params_t; -void cshake128(const cshake_params_t params, const uint8_t *msg, const size_t msg_len, uint8_t *dst, const size_t dst_len); -void cshake256(const cshake_params_t params, const uint8_t *msg, const size_t msg_len, uint8_t *dst, const size_t dst_len); +/** + * Initialize internal cSHAKE128 (customizable SHAKE128, as defined in + * section 3 of NIST SP 800-185) context with customization parameters + * `params`, absorb data in buffer `src` of length `src_len` bytes into + * internal context, then squeeze `dst_len` bytes of output into + * destination buffer `dst`. + * + * Note: cSHAKE is used to implement the hash and extendable output + * functions (XOF) defined in NIST SP 800-185 and should generally not + * be used directly. + * + * @param[in] params cSHAKE customization parameters. + * @param[in] src Input data buffer. + * @param[in] src_len Input data buffer length, in bytes. + * @param[out] dst Destination buffer. + * @param[in] len Destination buffer length, in bytes. + */ +void cshake128(const cshake_params_t params, const uint8_t *src, const size_t src_len, uint8_t *dst, const size_t dst_len); + +/** + * Initialize internal cSHAKE256 (customizable SHAKE256, as defined in + * section 3 of NIST SP 800-185) context with customization parameters + * `params`, absorb data in buffer `src` of length `src_len` bytes into + * internal context, then squeeze `dst_len` bytes of output into + * destination buffer `dst`. + * + * Note: cSHAKE is used to implement the hash and extendable output + * functions (XOF) defined in NIST SP 800-185 and should generally not + * be used directly. + * + * @param[in] params cSHAKE customization parameters. + * @param[in] src Input data buffer. + * @param[in] src_len Input data buffer length, in bytes. + * @param[out] dst Destination buffer. + * @param[in] len Destination buffer length, in bytes. + */ +void cshake256(const cshake_params_t params, const uint8_t *src, const size_t src_len, uint8_t *dst, const size_t dst_len); +/** + * Initialize cSHAKE128 (customizable SHAKE128, as defined in section 3 of + * NIST SP 800-185) XOF context with customization parameters `params`. + * + * Note: cSHAKE is used to implement the hash and extendable output + * functions (XOF) defined in NIST SP 800-185 and should generally not + * be used directly. + * + * @param[out] xof cSHAKE128 context. + * @param[in] params cSHAKE128 customization parameters. + */  void cshake128_xof_init(sha3_xof_t *xof, const cshake_params_t params); -_Bool cshake128_xof_absorb(sha3_xof_t *xof, const uint8_t *msg, const size_t len); + +/** + * Absorb data in buffer `src` of length `len` bytes into cSHAKE128 XOF + * context `xof`.  Can be called iteratively to absorb input data in + * chunks. + * + * Note: cSHAKE is used to implement the hash and extendable output + * functions (XOF) defined in NIST SP 800-185 and should generally not + * be used directly. + * + * @param[in/out] xof cSHAKE128 context. + * @param[in] msg Input data buffer. + * @param[in] len Input data buffer length, in bytes. + * + * @return True if data was absorbed, and false otherwise (e.g., if context has already been squeezed). + */ +_Bool cshake128_xof_absorb(sha3_xof_t *xof, const uint8_t *src, const size_t len); + +/** + * Squeeze `dst_len` bytes data into output buffer `dst` from cSHAKE128 + * context XOF context `xof`.  Can be called iteratively to squeeze + * output data in chunks. + * + * Note: cSHAKE is used to implement the hash and extendable output + * functions (XOF) defined in NIST SP 800-185 and should generally not + * be used directly. + * + * @param[in/out] xof cSHAKE128 context. + * @param[out] dst Destination buffer. + * @param[in] len Destination buffer length, in bytes. + */  void cshake128_xof_squeeze(sha3_xof_t *xof, uint8_t *dst, const size_t len); +/** + * Initialize cSHAKE256 (customizable SHAKE256, as defined in section 3 of + * NIST SP 800-185) XOF context with customization parameters `params`. + * + * Note: cSHAKE is used to implement the hash and extendable output + * functions (XOF) defined in NIST SP 800-185 and should generally not + * be used directly. + * + * @param[out] xof cSHAKE256 context. + * @param[in] params cSHAKE256 customization parameters. + */  void cshake256_xof_init(sha3_xof_t *xof, const cshake_params_t params); -_Bool cshake256_xof_absorb(sha3_xof_t *xof, const uint8_t *msg, const size_t len); + +/** + * Absorb data in buffer `src` of length `len` bytes into cSHAKE256 XOF + * context `xof`.  Can be called iteratively to absorb input data in + * chunks. + * + * Note: cSHAKE is used to implement the hash and extendable output + * functions (XOF) defined in NIST SP 800-185 and should generally not + * be used directly. + * + * @param[in/out] xof cSHAKE256 context. + * @param[in] msg Input data buffer. + * @param[in] len Input data buffer length, in bytes. + * + * @return True if data was absorbed, and false otherwise (e.g., if context has already been squeezed). + */ +_Bool cshake256_xof_absorb(sha3_xof_t *xof, const uint8_t *src, const size_t len); + +/** + * Squeeze `dst_len` bytes data into output buffer `dst` from cSHAKE256 + * context XOF context `xof`.  Can be called iteratively to squeeze + * output data in chunks. + * + * Note: cSHAKE is used to implement the hash and extendable output + * functions (XOF) defined in NIST SP 800-185 and should generally not + * be used directly. + * + * @param[in/out] xof cSHAKE256 context. + * @param[out] dst Destination buffer. + * @param[in] len Destination buffer length, in bytes. + */  void cshake256_xof_squeeze(sha3_xof_t *xof, uint8_t *dst, const size_t len);  typedef struct { | 
