From 55fd87e4ecb7593216ed81678206496e884e0d21 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 12 Feb 2019 15:01:40 -0500
Subject: [PATCH] Add Keccak branch This has SHAKE128, SHAKE256,
 ParallelHash128 and some other tweaks.

---
 Filelist.txt             |   6 +-
 GNUmakefile              |   5 +
 cryptest.vcxproj.user    |   5 +-
 cryptlib.vcxproj         |   6 +-
 cryptlib.vcxproj.filters |  14 ++-
 keccak.cpp               |  10 +-
 keccak.h                 |  52 ++++----
 keccak_core.cpp          | 261 +++++++++++++++++++++++++++++++++++++++
 keccakc.cpp              | 258 --------------------------------------
 keccakc.h                |  13 --
 sha3.cpp                 |  10 +-
 test.cpp                 |  22 ++++
 12 files changed, 349 insertions(+), 313 deletions(-)
 create mode 100644 keccak_core.cpp
 delete mode 100644 keccakc.cpp
 delete mode 100644 keccakc.h

diff --git a/Filelist.txt b/Filelist.txt
index 366cecd4..7dade1eb 100644
--- a/Filelist.txt
+++ b/Filelist.txt
@@ -186,9 +186,9 @@ kalynatab.cpp
 kalyna.cpp
 kalyna.h
 keccak.cpp
+keccak_core.cpp
+keccak_simd.cpp
 keccak.h
-keccakc.cpp
-keccakc.h
 lubyrack.h
 lea.cpp
 lea_simd.cpp
@@ -309,6 +309,8 @@ sha3.h
 shacal2.cpp
 shacal2_simd.cpp
 shacal2.h
+shake.cpp
+shake.h
 shark.cpp
 shark.h
 sharkbox.cpp
diff --git a/GNUmakefile b/GNUmakefile
index fae27745..83ff39b1 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -270,6 +270,7 @@ ifeq ($(DETECT_FEATURES),1)
   ifeq ($(strip $(HAVE_OPT)),0)
     ARIA_FLAG = $(SSSE3_FLAG)
     CHAM_FLAG = $(SSSE3_FLAG)
+    KECCAK_FLAG = $(SSSE3_FLAG)
     LEA_FLAG = $(SSSE3_FLAG)
     SIMECK_FLAG = $(SSSE3_FLAG)
     SIMON64_FLAG = $(SSSE3_FLAG)
@@ -1475,6 +1476,10 @@ gcm_simd.o : gcm_simd.cpp
 gf2n_simd.o : gf2n_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(GF2N_FLAG) -c) $<
 
+# SSSE3 available
+keccak_simd.o : keccak_simd.cpp
+	$(CXX) $(strip $(CXXFLAGS) $(KECCAK_FLAG) -c) $<
+
 # SSSE3 available
 lea_simd.o : lea_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(LEA_FLAG) -c) $<
diff --git a/cryptest.vcxproj.user b/cryptest.vcxproj.user
index 4b2caa7e..90ea5acd 100644
--- a/cryptest.vcxproj.user
+++ b/cryptest.vcxproj.user
@@ -1,6 +1,9 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
-    <LocalDebuggerCommandArguments>v</LocalDebuggerCommandArguments>
+    <LocalDebuggerCommandArguments>tv keccak</LocalDebuggerCommandArguments>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
   </PropertyGroup>
 </Project>
\ No newline at end of file
diff --git a/cryptlib.vcxproj b/cryptlib.vcxproj
index 7c99e338..afaae0d4 100644
--- a/cryptlib.vcxproj
+++ b/cryptlib.vcxproj
@@ -257,7 +257,8 @@
     <ClCompile Include="kalyna.cpp" />
     <ClCompile Include="kalynatab.cpp" />
     <ClCompile Include="keccak.cpp" />
-    <ClCompile Include="keccakc.cpp" />
+    <ClCompile Include="keccak_core.cpp" />
+    <ClCompile Include="keccak_simd.cpp" />
     <ClCompile Include="lea.cpp" />
     <ClCompile Include="lea_simd.cpp" />
     <ClCompile Include="luc.cpp" />
@@ -309,6 +310,7 @@
     <ClCompile Include="sha3.cpp" />
     <ClCompile Include="shacal2.cpp" />
     <ClCompile Include="shacal2_simd.cpp" />
+    <ClCompile Include="shake.cpp" />
     <ClCompile Include="shark.cpp" />
     <ClCompile Include="sharkbox.cpp" />
     <ClCompile Include="simeck.cpp" />
@@ -460,7 +462,6 @@
     <ClInclude Include="iterhash.h" />
     <ClInclude Include="kalyna.h" />
     <ClInclude Include="keccak.h" />
-    <ClInclude Include="keccakc.h" />
     <ClInclude Include="lubyrack.h" />
     <ClInclude Include="lea.h" />
     <ClInclude Include="luc.h" />
@@ -514,6 +515,7 @@
     <ClInclude Include="sha.h" />
     <ClInclude Include="sha3.h" />
     <ClInclude Include="shacal2.h" />
+    <ClInclude Include="shake.h" />
     <ClInclude Include="shark.h" />
     <ClInclude Include="simple.h" />
     <ClInclude Include="simeck.h" />
diff --git a/cryptlib.vcxproj.filters b/cryptlib.vcxproj.filters
index c30ef7f9..f3a0db1a 100644
--- a/cryptlib.vcxproj.filters
+++ b/cryptlib.vcxproj.filters
@@ -257,7 +257,10 @@
     <ClCompile Include="keccak.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
-    <ClCompile Include="keccakc.cpp">
+    <ClCompile Include="keccak_core.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="keccak_simd.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
     <ClCompile Include="lea.cpp">
@@ -407,6 +410,9 @@
     <ClCompile Include="shacal2_simd.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
+    <ClCompile Include="shake.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
     <ClCompile Include="shark.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
@@ -759,9 +765,6 @@
     <ClInclude Include="keccak.h">
       <Filter>Header Files</Filter>
     </ClInclude>
-    <ClInclude Include="keccakc.h">
-      <Filter>Header Files</Filter>
-    </ClInclude>
     <ClInclude Include="lubyrack.h">
       <Filter>Header Files</Filter>
     </ClInclude>
@@ -921,6 +924,9 @@
     <ClInclude Include="shacal2.h">
       <Filter>Header Files</Filter>
     </ClInclude>
+    <ClInclude Include="shake.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
     <ClInclude Include="shark.h">
       <Filter>Header Files</Filter>
     </ClInclude>
diff --git a/keccak.cpp b/keccak.cpp
index 2cfff8fd..ed69590e 100644
--- a/keccak.cpp
+++ b/keccak.cpp
@@ -19,10 +19,12 @@ http://creativecommons.org/publicdomain/zero/1.0/
 
 #include "pch.h"
 #include "keccak.h"
-#include "keccakc.h"
 
 NAMESPACE_BEGIN(CryptoPP)
 
+// The Keccak core function
+extern void KeccakF1600(word64 *state);
+
 void Keccak::Update(const byte *input, size_t length)
 {
     CRYPTOPP_ASSERT(!(input == NULLPTR && length != 0));
@@ -52,13 +54,13 @@ void Keccak::Restart()
 
 void Keccak::TruncatedFinal(byte *hash, size_t size)
 {
-	CRYPTOPP_ASSERT(hash != NULLPTR);
+    CRYPTOPP_ASSERT(hash != NULLPTR);
     ThrowIfInvalidTruncatedSize(size);
 
-    m_state.BytePtr()[m_counter] ^= 1;
+    m_state.BytePtr()[m_counter] ^= 0x01;
     m_state.BytePtr()[r()-1] ^= 0x80;
     KeccakF1600(m_state);
-    memcpy(hash, m_state, size);
+    std::memcpy(hash, m_state, size);
     Restart();
 }
 
diff --git a/keccak.h b/keccak.h
index a686f0a3..011c82de 100644
--- a/keccak.h
+++ b/keccak.h
@@ -40,29 +40,27 @@ NAMESPACE_BEGIN(CryptoPP)
 class Keccak : public HashTransformation
 {
 public:
-	/// \brief Construct a Keccak
-	/// \param digestSize the digest size, in bytes
-	/// \details Keccak is the base class for Keccak_224, Keccak_256, Keccak_384 and Keccak_512.
-	///   Library users should instantiate a derived class, and only use Keccak
-	///   as a base class reference or pointer.
-	/// \since Crypto++ 5.6.4
-	Keccak(unsigned int digestSize) : m_digestSize(digestSize) {Restart();}
-	unsigned int DigestSize() const {return m_digestSize;}
-	std::string AlgorithmName() const {return "Keccak-" + IntToString(m_digestSize*8);}
-	CRYPTOPP_STATIC_CONSTEXPR const char* StaticAlgorithmName() { return "Keccak"; }
-	unsigned int OptimalDataAlignment() const {return GetAlignmentOf<word64>();}
+    /// \brief Construct a Keccak
+    /// \param digestSize the digest size, in bytes
+    /// \details Keccak is the base class for Keccak_224, Keccak_256, Keccak_384 and Keccak_512.
+    ///   Library users should instantiate a derived class, and only use Keccak
+    ///   as a base class reference or pointer.
+    /// \since Crypto++ 5.6.4
+    Keccak(unsigned int digestSize) : m_digestSize(digestSize) {Restart();}
+    unsigned int DigestSize() const {return m_digestSize;}
+    std::string AlgorithmName() const {return "Keccak-" + IntToString(m_digestSize*8);}
+    CRYPTOPP_STATIC_CONSTEXPR const char* StaticAlgorithmName() { return "Keccak"; }
+    unsigned int OptimalDataAlignment() const {return GetAlignmentOf<word64>();}
 
-	void Update(const byte *input, size_t length);
-	void Restart();
-	void TruncatedFinal(byte *hash, size_t size);
-
-	//unsigned int BlockSize() const { return r(); } // that's the idea behind it
+    void Update(const byte *input, size_t length);
+    void Restart();
+    void TruncatedFinal(byte *hash, size_t size);
 
 protected:
-	inline unsigned int r() const {return 200 - 2 * m_digestSize;}
+    inline unsigned int r() const {return 200 - 2 * m_digestSize;}
 
-	FixedSizeSecBlock<word64, 25> m_state;
-	unsigned int m_digestSize, m_counter;
+    FixedSizeSecBlock<word64, 25> m_state;
+    unsigned int m_digestSize, m_counter;
 };
 
 /// \brief Keccak message digest template
@@ -72,16 +70,16 @@ template<unsigned int T_DigestSize>
 class Keccak_Final : public Keccak
 {
 public:
-	CRYPTOPP_CONSTANT(DIGESTSIZE = T_DigestSize)
-	CRYPTOPP_CONSTANT(BLOCKSIZE = 200 - 2 * DIGESTSIZE)
+    CRYPTOPP_CONSTANT(DIGESTSIZE = T_DigestSize)
+    CRYPTOPP_CONSTANT(BLOCKSIZE = 200 - 2 * DIGESTSIZE)
 
-		/// \brief Construct a Keccak-X message digest
-	Keccak_Final() : Keccak(DIGESTSIZE) {}
-	static std::string StaticAlgorithmName() { return "Keccak-" + IntToString(DIGESTSIZE * 8); }
-	unsigned int BlockSize() const { return BLOCKSIZE; }
+    /// \brief Construct a Keccak-X message digest
+    Keccak_Final() : Keccak(DIGESTSIZE) {}
+    static std::string StaticAlgorithmName() { return "Keccak-" + IntToString(DIGESTSIZE * 8); }
+    unsigned int BlockSize() const { return BLOCKSIZE; }
 private:
-	CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math
-	CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > (int)T_DigestSize); // this is a general expectation by HMAC
+    CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math
+    CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > (int)T_DigestSize); // this is a general expectation by HMAC
 };
 
 /// \brief Keccak-224 message digest
diff --git a/keccak_core.cpp b/keccak_core.cpp
new file mode 100644
index 00000000..6a8a91bf
--- /dev/null
+++ b/keccak_core.cpp
@@ -0,0 +1,261 @@
+// keccakc.cpp - Keccak core functions shared between SHA3 and Keccak.
+//               written and placed in the public domain by JW.
+
+/*
+The Keccak sponge function, designed by Guido Bertoni, Joan Daemen,
+Michael Peeters and Gilles Van Assche. For more information, feedback or
+questions, please refer to our website: http://keccak.noekeon.org/
+
+Implementation by Ronny Van Keer, hereby denoted as "the implementer".
+
+To the extent possible under law, the implementer has waived all copyright
+and related or neighboring rights to the source code in this file.
+http://creativecommons.org/publicdomain/zero/1.0/
+*/
+
+#include "pch.h"
+#include "keccak.h"
+
+NAMESPACE_BEGIN(CryptoPP)
+
+// The Keccak core function
+extern void KeccakF1600(word64 *state);
+// The F1600 round constants
+extern const word64 KeccakF1600Constants[24];
+
+NAMESPACE_END
+
+NAMESPACE_BEGIN(CryptoPP)
+
+CRYPTOPP_ALIGN_DATA(8)
+const word64 KeccakF1600Constants[24] =
+{
+    W64LIT(0x0000000000000001), W64LIT(0x0000000000008082),
+    W64LIT(0x800000000000808a), W64LIT(0x8000000080008000),
+    W64LIT(0x000000000000808b), W64LIT(0x0000000080000001),
+    W64LIT(0x8000000080008081), W64LIT(0x8000000000008009),
+    W64LIT(0x000000000000008a), W64LIT(0x0000000000000088),
+    W64LIT(0x0000000080008009), W64LIT(0x000000008000000a),
+    W64LIT(0x000000008000808b), W64LIT(0x800000000000008b),
+    W64LIT(0x8000000000008089), W64LIT(0x8000000000008003),
+    W64LIT(0x8000000000008002), W64LIT(0x8000000000000080),
+    W64LIT(0x000000000000800a), W64LIT(0x800000008000000a),
+    W64LIT(0x8000000080008081), W64LIT(0x8000000000008080),
+    W64LIT(0x0000000080000001), W64LIT(0x8000000080008008)
+};
+
+void KeccakF1600(word64 *state)
+{
+    word64 Aba, Abe, Abi, Abo, Abu;
+    word64 Aga, Age, Agi, Ago, Agu;
+    word64 Aka, Ake, Aki, Ako, Aku;
+    word64 Ama, Ame, Ami, Amo, Amu;
+    word64 Asa, Ase, Asi, Aso, Asu;
+    word64 BCa, BCe, BCi, BCo, BCu;
+    word64 Da, De, Di, Do, Du;
+    word64 Eba, Ebe, Ebi, Ebo, Ebu;
+    word64 Ega, Ege, Egi, Ego, Egu;
+    word64 Eka, Eke, Eki, Eko, Eku;
+    word64 Ema, Eme, Emi, Emo, Emu;
+    word64 Esa, Ese, Esi, Eso, Esu;
+
+    typedef BlockGetAndPut<word64, LittleEndian, true, true> Block;
+    Block::Get(state)(Aba)(Abe)(Abi)(Abo)(Abu)(Aga)(Age)(Agi)(Ago)(Agu)(Aka)(Ake)(Aki)(Ako)(Aku)(Ama)(Ame)(Ami)(Amo)(Amu)(Asa)(Ase)(Asi)(Aso)(Asu);
+
+    for( unsigned int round = 0; round < 24; round += 2 )
+    {
+        //    prepareTheta
+        BCa = Aba^Aga^Aka^Ama^Asa;
+        BCe = Abe^Age^Ake^Ame^Ase;
+        BCi = Abi^Agi^Aki^Ami^Asi;
+        BCo = Abo^Ago^Ako^Amo^Aso;
+        BCu = Abu^Agu^Aku^Amu^Asu;
+
+        //thetaRhoPiChiIotaPrepareTheta(round  , A, E)
+        Da = BCu^rotlConstant<1>(BCe);
+        De = BCa^rotlConstant<1>(BCi);
+        Di = BCe^rotlConstant<1>(BCo);
+        Do = BCi^rotlConstant<1>(BCu);
+        Du = BCo^rotlConstant<1>(BCa);
+
+        Aba ^= Da;
+        BCa = Aba;
+        Age ^= De;
+        BCe = rotlConstant<44>(Age);
+        Aki ^= Di;
+        BCi = rotlConstant<43>(Aki);
+        Amo ^= Do;
+        BCo = rotlConstant<21>(Amo);
+        Asu ^= Du;
+        BCu = rotlConstant<14>(Asu);
+        Eba = BCa ^((~BCe)&  BCi );
+        Eba ^= KeccakF1600Constants[round];
+        Ebe = BCe ^((~BCi)&  BCo );
+        Ebi = BCi ^((~BCo)&  BCu );
+        Ebo = BCo ^((~BCu)&  BCa );
+        Ebu = BCu ^((~BCa)&  BCe );
+
+        Abo ^= Do;
+        BCa = rotlConstant<28>(Abo);
+        Agu ^= Du;
+        BCe = rotlConstant<20>(Agu);
+        Aka ^= Da;
+        BCi = rotlConstant<3>(Aka);
+        Ame ^= De;
+        BCo = rotlConstant<45>(Ame);
+        Asi ^= Di;
+        BCu = rotlConstant<61>(Asi);
+        Ega = BCa ^((~BCe)&  BCi );
+        Ege = BCe ^((~BCi)&  BCo );
+        Egi = BCi ^((~BCo)&  BCu );
+        Ego = BCo ^((~BCu)&  BCa );
+        Egu = BCu ^((~BCa)&  BCe );
+
+        Abe ^= De;
+        BCa = rotlConstant<1>(Abe);
+        Agi ^= Di;
+        BCe = rotlConstant<6>(Agi);
+        Ako ^= Do;
+        BCi = rotlConstant<25>(Ako);
+        Amu ^= Du;
+        BCo = rotlConstant<8>(Amu);
+        Asa ^= Da;
+        BCu = rotlConstant<18>(Asa);
+        Eka = BCa ^((~BCe)&  BCi );
+        Eke = BCe ^((~BCi)&  BCo );
+        Eki = BCi ^((~BCo)&  BCu );
+        Eko = BCo ^((~BCu)&  BCa );
+        Eku = BCu ^((~BCa)&  BCe );
+
+        Abu ^= Du;
+        BCa = rotlConstant<27>(Abu);
+        Aga ^= Da;
+        BCe = rotlConstant<36>(Aga);
+        Ake ^= De;
+        BCi = rotlConstant<10>(Ake);
+        Ami ^= Di;
+        BCo = rotlConstant<15>(Ami);
+        Aso ^= Do;
+        BCu = rotlConstant<56>(Aso);
+        Ema = BCa ^((~BCe)&  BCi );
+        Eme = BCe ^((~BCi)&  BCo );
+        Emi = BCi ^((~BCo)&  BCu );
+        Emo = BCo ^((~BCu)&  BCa );
+        Emu = BCu ^((~BCa)&  BCe );
+
+        Abi ^= Di;
+        BCa = rotlConstant<62>(Abi);
+        Ago ^= Do;
+        BCe = rotlConstant<55>(Ago);
+        Aku ^= Du;
+        BCi = rotlConstant<39>(Aku);
+        Ama ^= Da;
+        BCo = rotlConstant<41>(Ama);
+        Ase ^= De;
+        BCu = rotlConstant<2>(Ase);
+        Esa = BCa ^((~BCe)&  BCi );
+        Ese = BCe ^((~BCi)&  BCo );
+        Esi = BCi ^((~BCo)&  BCu );
+        Eso = BCo ^((~BCu)&  BCa );
+        Esu = BCu ^((~BCa)&  BCe );
+
+        //    prepareTheta
+        BCa = Eba^Ega^Eka^Ema^Esa;
+        BCe = Ebe^Ege^Eke^Eme^Ese;
+        BCi = Ebi^Egi^Eki^Emi^Esi;
+        BCo = Ebo^Ego^Eko^Emo^Eso;
+        BCu = Ebu^Egu^Eku^Emu^Esu;
+
+        //thetaRhoPiChiIotaPrepareTheta(round+1, E, A)
+        Da = BCu^rotlConstant<1>(BCe);
+        De = BCa^rotlConstant<1>(BCi);
+        Di = BCe^rotlConstant<1>(BCo);
+        Do = BCi^rotlConstant<1>(BCu);
+        Du = BCo^rotlConstant<1>(BCa);
+
+        Eba ^= Da;
+        BCa = Eba;
+        Ege ^= De;
+        BCe = rotlConstant<44>(Ege);
+        Eki ^= Di;
+        BCi = rotlConstant<43>(Eki);
+        Emo ^= Do;
+        BCo = rotlConstant<21>(Emo);
+        Esu ^= Du;
+        BCu = rotlConstant<14>(Esu);
+        Aba = BCa ^((~BCe)&  BCi );
+        Aba ^= KeccakF1600Constants[round+1];
+        Abe = BCe ^((~BCi)&  BCo );
+        Abi = BCi ^((~BCo)&  BCu );
+        Abo = BCo ^((~BCu)&  BCa );
+        Abu = BCu ^((~BCa)&  BCe );
+
+        Ebo ^= Do;
+        BCa = rotlConstant<28>(Ebo);
+        Egu ^= Du;
+        BCe = rotlConstant<20>(Egu);
+        Eka ^= Da;
+        BCi = rotlConstant<3>(Eka);
+        Eme ^= De;
+        BCo = rotlConstant<45>(Eme);
+        Esi ^= Di;
+        BCu = rotlConstant<61>(Esi);
+        Aga = BCa ^((~BCe)&  BCi );
+        Age = BCe ^((~BCi)&  BCo );
+        Agi = BCi ^((~BCo)&  BCu );
+        Ago = BCo ^((~BCu)&  BCa );
+        Agu = BCu ^((~BCa)&  BCe );
+
+        Ebe ^= De;
+        BCa = rotlConstant<1>(Ebe);
+        Egi ^= Di;
+        BCe = rotlConstant<6>(Egi);
+        Eko ^= Do;
+        BCi = rotlConstant<25>(Eko);
+        Emu ^= Du;
+        BCo = rotlConstant<8>(Emu);
+        Esa ^= Da;
+        BCu = rotlConstant<18>(Esa);
+        Aka = BCa ^((~BCe)&  BCi );
+        Ake = BCe ^((~BCi)&  BCo );
+        Aki = BCi ^((~BCo)&  BCu );
+        Ako = BCo ^((~BCu)&  BCa );
+        Aku = BCu ^((~BCa)&  BCe );
+
+        Ebu ^= Du;
+        BCa = rotlConstant<27>(Ebu);
+        Ega ^= Da;
+        BCe = rotlConstant<36>(Ega);
+        Eke ^= De;
+        BCi = rotlConstant<10>(Eke);
+        Emi ^= Di;
+        BCo = rotlConstant<15>(Emi);
+        Eso ^= Do;
+        BCu = rotlConstant<56>(Eso);
+        Ama = BCa ^((~BCe)&  BCi );
+        Ame = BCe ^((~BCi)&  BCo );
+        Ami = BCi ^((~BCo)&  BCu );
+        Amo = BCo ^((~BCu)&  BCa );
+        Amu = BCu ^((~BCa)&  BCe );
+
+        Ebi ^= Di;
+        BCa = rotlConstant<62>(Ebi);
+        Ego ^= Do;
+        BCe = rotlConstant<55>(Ego);
+        Eku ^= Du;
+        BCi = rotlConstant<39>(Eku);
+        Ema ^= Da;
+        BCo = rotlConstant<41>(Ema);
+        Ese ^= De;
+        BCu = rotlConstant<2>(Ese);
+        Asa = BCa ^((~BCe)&  BCi );
+        Ase = BCe ^((~BCi)&  BCo );
+        Asi = BCi ^((~BCo)&  BCu );
+        Aso = BCo ^((~BCu)&  BCa );
+        Asu = BCu ^((~BCa)&  BCe );
+    }
+
+    Block::Put(NULLPTR, state)(Aba)(Abe)(Abi)(Abo)(Abu)(Aga)(Age)(Agi)(Ago)(Agu)(Aka)(Ake)(Aki)(Ako)(Aku)(Ama)(Ame)(Ami)(Amo)(Amu)(Asa)(Ase)(Asi)(Aso)(Asu);
+}
+
+NAMESPACE_END
diff --git a/keccakc.cpp b/keccakc.cpp
deleted file mode 100644
index 7dd8e729..00000000
--- a/keccakc.cpp
+++ /dev/null
@@ -1,258 +0,0 @@
-// keccakc.cpp - Keccak core functions shared between SHA3 and Keccak.
-//               written and placed in the public domain by JW.
-
-/*
-The Keccak sponge function, designed by Guido Bertoni, Joan Daemen,
-Michael Peeters and Gilles Van Assche. For more information, feedback or
-questions, please refer to our website: http://keccak.noekeon.org/
-
-Implementation by Ronny Van Keer, hereby denoted as "the implementer".
-
-To the extent possible under law, the implementer has waived all copyright
-and related or neighboring rights to the source code in this file.
-http://creativecommons.org/publicdomain/zero/1.0/
-*/
-
-#include "pch.h"
-#include "keccak.h"
-#include "keccakc.h"
-
-ANONYMOUS_NAMESPACE_BEGIN
-
-using CryptoPP::word64;
-
-const word64 KeccakF_RoundConstants[24] =
-{
-    W64LIT(0x0000000000000001), W64LIT(0x0000000000008082), W64LIT(0x800000000000808a),
-    W64LIT(0x8000000080008000), W64LIT(0x000000000000808b), W64LIT(0x0000000080000001),
-    W64LIT(0x8000000080008081), W64LIT(0x8000000000008009), W64LIT(0x000000000000008a),
-    W64LIT(0x0000000000000088), W64LIT(0x0000000080008009), W64LIT(0x000000008000000a),
-    W64LIT(0x000000008000808b), W64LIT(0x800000000000008b), W64LIT(0x8000000000008089),
-    W64LIT(0x8000000000008003), W64LIT(0x8000000000008002), W64LIT(0x8000000000000080),
-    W64LIT(0x000000000000800a), W64LIT(0x800000008000000a), W64LIT(0x8000000080008081),
-    W64LIT(0x8000000000008080), W64LIT(0x0000000080000001), W64LIT(0x8000000080008008)
-};
-
-ANONYMOUS_NAMESPACE_END
-
-NAMESPACE_BEGIN(CryptoPP)
-
-void KeccakF1600(word64 *state)
-{
-    {
-        word64 Aba, Abe, Abi, Abo, Abu;
-        word64 Aga, Age, Agi, Ago, Agu;
-        word64 Aka, Ake, Aki, Ako, Aku;
-        word64 Ama, Ame, Ami, Amo, Amu;
-        word64 Asa, Ase, Asi, Aso, Asu;
-        word64 BCa, BCe, BCi, BCo, BCu;
-        word64 Da, De, Di, Do, Du;
-        word64 Eba, Ebe, Ebi, Ebo, Ebu;
-        word64 Ega, Ege, Egi, Ego, Egu;
-        word64 Eka, Eke, Eki, Eko, Eku;
-        word64 Ema, Eme, Emi, Emo, Emu;
-        word64 Esa, Ese, Esi, Eso, Esu;
-
-        //copyFromState(A, state)
-        typedef BlockGetAndPut<word64, LittleEndian, true, true> Block;
-        Block::Get(state)(Aba)(Abe)(Abi)(Abo)(Abu)(Aga)(Age)(Agi)(Ago)(Agu)(Aka)(Ake)(Aki)(Ako)(Aku)(Ama)(Ame)(Ami)(Amo)(Amu)(Asa)(Ase)(Asi)(Aso)(Asu);
-
-        for( unsigned int round = 0; round < 24; round += 2 )
-        {
-            //    prepareTheta
-            BCa = Aba^Aga^Aka^Ama^Asa;
-            BCe = Abe^Age^Ake^Ame^Ase;
-            BCi = Abi^Agi^Aki^Ami^Asi;
-            BCo = Abo^Ago^Ako^Amo^Aso;
-            BCu = Abu^Agu^Aku^Amu^Asu;
-
-            //thetaRhoPiChiIotaPrepareTheta(round  , A, E)
-            Da = BCu^rotlConstant<1>(BCe);
-            De = BCa^rotlConstant<1>(BCi);
-            Di = BCe^rotlConstant<1>(BCo);
-            Do = BCi^rotlConstant<1>(BCu);
-            Du = BCo^rotlConstant<1>(BCa);
-
-            Aba ^= Da;
-            BCa = Aba;
-            Age ^= De;
-            BCe = rotlConstant<44>(Age);
-            Aki ^= Di;
-            BCi = rotlConstant<43>(Aki);
-            Amo ^= Do;
-            BCo = rotlConstant<21>(Amo);
-            Asu ^= Du;
-            BCu = rotlConstant<14>(Asu);
-            Eba =   BCa ^((~BCe)&  BCi );
-            Eba ^= (word64)KeccakF_RoundConstants[round];
-            Ebe =   BCe ^((~BCi)&  BCo );
-            Ebi =   BCi ^((~BCo)&  BCu );
-            Ebo =   BCo ^((~BCu)&  BCa );
-            Ebu =   BCu ^((~BCa)&  BCe );
-
-            Abo ^= Do;
-            BCa = rotlConstant<28>(Abo);
-            Agu ^= Du;
-            BCe = rotlConstant<20>(Agu);
-            Aka ^= Da;
-            BCi = rotlConstant<3>(Aka);
-            Ame ^= De;
-            BCo = rotlConstant<45>(Ame);
-            Asi ^= Di;
-            BCu = rotlConstant<61>(Asi);
-            Ega =   BCa ^((~BCe)&  BCi );
-            Ege =   BCe ^((~BCi)&  BCo );
-            Egi =   BCi ^((~BCo)&  BCu );
-            Ego =   BCo ^((~BCu)&  BCa );
-            Egu =   BCu ^((~BCa)&  BCe );
-
-            Abe ^= De;
-            BCa = rotlConstant<1>(Abe);
-            Agi ^= Di;
-            BCe = rotlConstant<6>(Agi);
-            Ako ^= Do;
-            BCi = rotlConstant<25>(Ako);
-            Amu ^= Du;
-            BCo = rotlConstant<8>(Amu);
-            Asa ^= Da;
-            BCu = rotlConstant<18>(Asa);
-            Eka =   BCa ^((~BCe)&  BCi );
-            Eke =   BCe ^((~BCi)&  BCo );
-            Eki =   BCi ^((~BCo)&  BCu );
-            Eko =   BCo ^((~BCu)&  BCa );
-            Eku =   BCu ^((~BCa)&  BCe );
-
-            Abu ^= Du;
-            BCa = rotlConstant<27>(Abu);
-            Aga ^= Da;
-            BCe = rotlConstant<36>(Aga);
-            Ake ^= De;
-            BCi = rotlConstant<10>(Ake);
-            Ami ^= Di;
-            BCo = rotlConstant<15>(Ami);
-            Aso ^= Do;
-            BCu = rotlConstant<56>(Aso);
-            Ema =   BCa ^((~BCe)&  BCi );
-            Eme =   BCe ^((~BCi)&  BCo );
-            Emi =   BCi ^((~BCo)&  BCu );
-            Emo =   BCo ^((~BCu)&  BCa );
-            Emu =   BCu ^((~BCa)&  BCe );
-
-            Abi ^= Di;
-            BCa = rotlConstant<62>(Abi);
-            Ago ^= Do;
-            BCe = rotlConstant<55>(Ago);
-            Aku ^= Du;
-            BCi = rotlConstant<39>(Aku);
-            Ama ^= Da;
-            BCo = rotlConstant<41>(Ama);
-            Ase ^= De;
-            BCu = rotlConstant<2>(Ase);
-            Esa =   BCa ^((~BCe)&  BCi );
-            Ese =   BCe ^((~BCi)&  BCo );
-            Esi =   BCi ^((~BCo)&  BCu );
-            Eso =   BCo ^((~BCu)&  BCa );
-            Esu =   BCu ^((~BCa)&  BCe );
-
-            //    prepareTheta
-            BCa = Eba^Ega^Eka^Ema^Esa;
-            BCe = Ebe^Ege^Eke^Eme^Ese;
-            BCi = Ebi^Egi^Eki^Emi^Esi;
-            BCo = Ebo^Ego^Eko^Emo^Eso;
-            BCu = Ebu^Egu^Eku^Emu^Esu;
-
-            //thetaRhoPiChiIotaPrepareTheta(round+1, E, A)
-            Da = BCu^rotlConstant<1>(BCe);
-            De = BCa^rotlConstant<1>(BCi);
-            Di = BCe^rotlConstant<1>(BCo);
-            Do = BCi^rotlConstant<1>(BCu);
-            Du = BCo^rotlConstant<1>(BCa);
-
-            Eba ^= Da;
-            BCa = Eba;
-            Ege ^= De;
-            BCe = rotlConstant<44>(Ege);
-            Eki ^= Di;
-            BCi = rotlConstant<43>(Eki);
-            Emo ^= Do;
-            BCo = rotlConstant<21>(Emo);
-            Esu ^= Du;
-            BCu = rotlConstant<14>(Esu);
-            Aba =   BCa ^((~BCe)&  BCi );
-            Aba ^= (word64)KeccakF_RoundConstants[round+1];
-            Abe =   BCe ^((~BCi)&  BCo );
-            Abi =   BCi ^((~BCo)&  BCu );
-            Abo =   BCo ^((~BCu)&  BCa );
-            Abu =   BCu ^((~BCa)&  BCe );
-
-            Ebo ^= Do;
-            BCa = rotlConstant<28>(Ebo);
-            Egu ^= Du;
-            BCe = rotlConstant<20>(Egu);
-            Eka ^= Da;
-            BCi = rotlConstant<3>(Eka);
-            Eme ^= De;
-            BCo = rotlConstant<45>(Eme);
-            Esi ^= Di;
-            BCu = rotlConstant<61>(Esi);
-            Aga =   BCa ^((~BCe)&  BCi );
-            Age =   BCe ^((~BCi)&  BCo );
-            Agi =   BCi ^((~BCo)&  BCu );
-            Ago =   BCo ^((~BCu)&  BCa );
-            Agu =   BCu ^((~BCa)&  BCe );
-
-            Ebe ^= De;
-            BCa = rotlConstant<1>(Ebe);
-            Egi ^= Di;
-            BCe = rotlConstant<6>(Egi);
-            Eko ^= Do;
-            BCi = rotlConstant<25>(Eko);
-            Emu ^= Du;
-            BCo = rotlConstant<8>(Emu);
-            Esa ^= Da;
-            BCu = rotlConstant<18>(Esa);
-            Aka =   BCa ^((~BCe)&  BCi );
-            Ake =   BCe ^((~BCi)&  BCo );
-            Aki =   BCi ^((~BCo)&  BCu );
-            Ako =   BCo ^((~BCu)&  BCa );
-            Aku =   BCu ^((~BCa)&  BCe );
-
-            Ebu ^= Du;
-            BCa = rotlConstant<27>(Ebu);
-            Ega ^= Da;
-            BCe = rotlConstant<36>(Ega);
-            Eke ^= De;
-            BCi = rotlConstant<10>(Eke);
-            Emi ^= Di;
-            BCo = rotlConstant<15>(Emi);
-            Eso ^= Do;
-            BCu = rotlConstant<56>(Eso);
-            Ama =   BCa ^((~BCe)&  BCi );
-            Ame =   BCe ^((~BCi)&  BCo );
-            Ami =   BCi ^((~BCo)&  BCu );
-            Amo =   BCo ^((~BCu)&  BCa );
-            Amu =   BCu ^((~BCa)&  BCe );
-
-            Ebi ^= Di;
-            BCa = rotlConstant<62>(Ebi);
-            Ego ^= Do;
-            BCe = rotlConstant<55>(Ego);
-            Eku ^= Du;
-            BCi = rotlConstant<39>(Eku);
-            Ema ^= Da;
-            BCo = rotlConstant<41>(Ema);
-            Ese ^= De;
-            BCu = rotlConstant<2>(Ese);
-            Asa =   BCa ^((~BCe)&  BCi );
-            Ase =   BCe ^((~BCi)&  BCo );
-            Asi =   BCi ^((~BCo)&  BCu );
-            Aso =   BCo ^((~BCu)&  BCa );
-            Asu =   BCu ^((~BCa)&  BCe );
-        }
-
-        //copyToState(state, A)
-        Block::Put(NULLPTR, state)(Aba)(Abe)(Abi)(Abo)(Abu)(Aga)(Age)(Agi)(Ago)(Agu)(Aka)(Ake)(Aki)(Ako)(Aku)(Ama)(Ame)(Ami)(Amo)(Amu)(Asa)(Ase)(Asi)(Aso)(Asu);
-    }
-}
-
-NAMESPACE_END
diff --git a/keccakc.h b/keccakc.h
deleted file mode 100644
index ed186593..00000000
--- a/keccakc.h
+++ /dev/null
@@ -1,13 +0,0 @@
-// keccakc.h - Keccak core functions shared between SHA3 and Keccak.
-//             written and placed in the public domain by JW.
-
-#ifndef CRYPTOPP_KECCAK_CORE
-#define CRYPTOPP_KECCAK_CORE
-
-NAMESPACE_BEGIN(CryptoPP)
-
-void KeccakF1600(word64 *state);
-
-NAMESPACE_END
-
-#endif  // CRYPTOPP_KECCAK_CORE
diff --git a/sha3.cpp b/sha3.cpp
index 0a4ba893..35de1b13 100644
--- a/sha3.cpp
+++ b/sha3.cpp
@@ -19,7 +19,13 @@ http://creativecommons.org/publicdomain/zero/1.0/
 
 #include "pch.h"
 #include "sha3.h"
-#include "keccakc.h"
+
+NAMESPACE_BEGIN(CryptoPP)
+
+// The Keccak core function
+extern void KeccakF1600(word64 *state);
+
+NAMESPACE_END
 
 NAMESPACE_BEGIN(CryptoPP)
 
@@ -58,7 +64,7 @@ void SHA3::TruncatedFinal(byte *hash, size_t size)
     m_state.BytePtr()[m_counter] ^= 0x06;
     m_state.BytePtr()[r()-1] ^= 0x80;
     KeccakF1600(m_state);
-    memcpy(hash, m_state, size);
+    std::memcpy(hash, m_state, size);
     Restart();
 }
 
diff --git a/test.cpp b/test.cpp
index 8226b975..ede06978 100644
--- a/test.cpp
+++ b/test.cpp
@@ -31,6 +31,8 @@
 #include "validate.h"
 #include "bench.h"
 
+#include "shake.h"
+
 #include <iostream>
 #include <sstream>
 #include <locale>
@@ -185,6 +187,26 @@ int scoped_main(int argc, char *argv[])
 		cipher.SetKeyWithIV((byte *)s_globalSeed.data(), 16, (byte *)s_globalSeed.data());
 #endif
 
+		{
+			SHAKE128 hash;
+			byte digest[32];
+			hash.Final(digest);
+
+			std::cout << "SHAKE128 Digest:\n";
+			StringSource(digest, sizeof(digest), true, new HexEncoder(new FileSink(std::cout)));
+			std::cout << "\n" << std::endl;
+		}
+
+		{
+			SHAKE256 hash;
+			byte digest[64];
+			hash.Final(digest);
+
+			std::cout << "SHAKE256 Digest:\n";
+			StringSource(digest, sizeof(digest), true, new HexEncoder(new FileSink(std::cout)));
+			std::cout << "\n" << std::endl;
+		}
+
 		std::string command, executableName, macFilename;
 
 		if (argc < 2)