From b9a6034a816b8cfce728745d16bd4880b4f1171c Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Wed, 22 Aug 2018 00:40:30 -0400 Subject: [PATCH] Add keccakc.h and keccakc.cpp for shared F1600 --- cryptlib.vcxproj | 2 + cryptlib.vcxproj.filters | 6 + keccak.cpp | 242 ++---------------------------------- keccakc.cpp | 258 +++++++++++++++++++++++++++++++++++++++ keccakc.h | 13 ++ sha3.cpp | 242 ++---------------------------------- 6 files changed, 295 insertions(+), 468 deletions(-) create mode 100644 keccakc.cpp create mode 100644 keccakc.h diff --git a/cryptlib.vcxproj b/cryptlib.vcxproj index 6115e9f0..156fa30f 100644 --- a/cryptlib.vcxproj +++ b/cryptlib.vcxproj @@ -244,6 +244,7 @@ + @@ -439,6 +440,7 @@ + diff --git a/cryptlib.vcxproj.filters b/cryptlib.vcxproj.filters index 5c178559..2ddb498f 100644 --- a/cryptlib.vcxproj.filters +++ b/cryptlib.vcxproj.filters @@ -230,6 +230,9 @@ Source Files + + Source Files + Source Files @@ -711,6 +714,9 @@ Header Files + + Header Files + Header Files diff --git a/keccak.cpp b/keccak.cpp index 3450dd6a..2cfff8fd 100644 --- a/keccak.cpp +++ b/keccak.cpp @@ -1,13 +1,16 @@ -// keccak.cpp - modified by Wei Dai from Ronny Van Keer's public domain sha3-simple.c -// all modifications here are placed in the public domain by Wei Dai +// keccak.cpp - modified by Wei Dai from Ronny Van Keer's public domain +// sha3-simple.c. All modifications here are placed in the +// public domain by Wei Dai. +// Keccack core function moved to keccakc.cpp in AUG 2018 +// by Jeffrey Walton. Separating the core file allows both +// SHA3 and Keccack to share the core implementation. /* The Keccak sponge function, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gilles Van Assche. For more information, feedback or questions, please refer to our website: http://keccak.noekeon.org/ -Implementation by Ronny Van Keer, -hereby denoted as "the implementer". +Implementation by Ronny Van Keer, hereby denoted as "the implementer". To the extent possible under law, the implementer has waived all copyright and related or neighboring rights to the source code in this file. @@ -16,239 +19,10 @@ http://creativecommons.org/publicdomain/zero/1.0/ #include "pch.h" #include "keccak.h" +#include "keccakc.h" NAMESPACE_BEGIN(CryptoPP) -static const word64 KeccakF_RoundConstants[24] = -{ - W64LIT(0x0000000000000001), W64LIT(0x0000000000008082), W64LIT(0x800000000000808a), - W64LIT(0x8000000080008000), W64LIT(0x000000000000808b), W64LIT(0x0000000080000001), - W64LIT(0x8000000080008081), W64LIT(0x8000000000008009), W64LIT(0x000000000000008a), - W64LIT(0x0000000000000088), W64LIT(0x0000000080008009), W64LIT(0x000000008000000a), - W64LIT(0x000000008000808b), W64LIT(0x800000000000008b), W64LIT(0x8000000000008089), - W64LIT(0x8000000000008003), W64LIT(0x8000000000008002), W64LIT(0x8000000000000080), - W64LIT(0x000000000000800a), W64LIT(0x800000008000000a), W64LIT(0x8000000080008081), - W64LIT(0x8000000000008080), W64LIT(0x0000000080000001), W64LIT(0x8000000080008008) -}; - -static void KeccakF1600(word64 *state) -{ - { - word64 Aba, Abe, Abi, Abo, Abu; - word64 Aga, Age, Agi, Ago, Agu; - word64 Aka, Ake, Aki, Ako, Aku; - word64 Ama, Ame, Ami, Amo, Amu; - word64 Asa, Ase, Asi, Aso, Asu; - word64 BCa, BCe, BCi, BCo, BCu; - word64 Da, De, Di, Do, Du; - word64 Eba, Ebe, Ebi, Ebo, Ebu; - word64 Ega, Ege, Egi, Ego, Egu; - word64 Eka, Eke, Eki, Eko, Eku; - word64 Ema, Eme, Emi, Emo, Emu; - word64 Esa, Ese, Esi, Eso, Esu; - - //copyFromState(A, state) - typedef BlockGetAndPut Block; - Block::Get(state)(Aba)(Abe)(Abi)(Abo)(Abu)(Aga)(Age)(Agi)(Ago)(Agu)(Aka)(Ake)(Aki)(Ako)(Aku)(Ama)(Ame)(Ami)(Amo)(Amu)(Asa)(Ase)(Asi)(Aso)(Asu); - - for( unsigned int round = 0; round < 24; round += 2 ) - { - // prepareTheta - BCa = Aba^Aga^Aka^Ama^Asa; - BCe = Abe^Age^Ake^Ame^Ase; - BCi = Abi^Agi^Aki^Ami^Asi; - BCo = Abo^Ago^Ako^Amo^Aso; - BCu = Abu^Agu^Aku^Amu^Asu; - - //thetaRhoPiChiIotaPrepareTheta(round , A, E) - Da = BCu^rotlConstant<1>(BCe); - De = BCa^rotlConstant<1>(BCi); - Di = BCe^rotlConstant<1>(BCo); - Do = BCi^rotlConstant<1>(BCu); - Du = BCo^rotlConstant<1>(BCa); - - Aba ^= Da; - BCa = Aba; - Age ^= De; - BCe = rotlConstant<44>(Age); - Aki ^= Di; - BCi = rotlConstant<43>(Aki); - Amo ^= Do; - BCo = rotlConstant<21>(Amo); - Asu ^= Du; - BCu = rotlConstant<14>(Asu); - Eba = BCa ^((~BCe)& BCi ); - Eba ^= (word64)KeccakF_RoundConstants[round]; - Ebe = BCe ^((~BCi)& BCo ); - Ebi = BCi ^((~BCo)& BCu ); - Ebo = BCo ^((~BCu)& BCa ); - Ebu = BCu ^((~BCa)& BCe ); - - Abo ^= Do; - BCa = rotlConstant<28>(Abo); - Agu ^= Du; - BCe = rotlConstant<20>(Agu); - Aka ^= Da; - BCi = rotlConstant<3>(Aka); - Ame ^= De; - BCo = rotlConstant<45>(Ame); - Asi ^= Di; - BCu = rotlConstant<61>(Asi); - Ega = BCa ^((~BCe)& BCi ); - Ege = BCe ^((~BCi)& BCo ); - Egi = BCi ^((~BCo)& BCu ); - Ego = BCo ^((~BCu)& BCa ); - Egu = BCu ^((~BCa)& BCe ); - - Abe ^= De; - BCa = rotlConstant<1>(Abe); - Agi ^= Di; - BCe = rotlConstant<6>(Agi); - Ako ^= Do; - BCi = rotlConstant<25>(Ako); - Amu ^= Du; - BCo = rotlConstant<8>(Amu); - Asa ^= Da; - BCu = rotlConstant<18>(Asa); - Eka = BCa ^((~BCe)& BCi ); - Eke = BCe ^((~BCi)& BCo ); - Eki = BCi ^((~BCo)& BCu ); - Eko = BCo ^((~BCu)& BCa ); - Eku = BCu ^((~BCa)& BCe ); - - Abu ^= Du; - BCa = rotlConstant<27>(Abu); - Aga ^= Da; - BCe = rotlConstant<36>(Aga); - Ake ^= De; - BCi = rotlConstant<10>(Ake); - Ami ^= Di; - BCo = rotlConstant<15>(Ami); - Aso ^= Do; - BCu = rotlConstant<56>(Aso); - Ema = BCa ^((~BCe)& BCi ); - Eme = BCe ^((~BCi)& BCo ); - Emi = BCi ^((~BCo)& BCu ); - Emo = BCo ^((~BCu)& BCa ); - Emu = BCu ^((~BCa)& BCe ); - - Abi ^= Di; - BCa = rotlConstant<62>(Abi); - Ago ^= Do; - BCe = rotlConstant<55>(Ago); - Aku ^= Du; - BCi = rotlConstant<39>(Aku); - Ama ^= Da; - BCo = rotlConstant<41>(Ama); - Ase ^= De; - BCu = rotlConstant<2>(Ase); - Esa = BCa ^((~BCe)& BCi ); - Ese = BCe ^((~BCi)& BCo ); - Esi = BCi ^((~BCo)& BCu ); - Eso = BCo ^((~BCu)& BCa ); - Esu = BCu ^((~BCa)& BCe ); - - // prepareTheta - BCa = Eba^Ega^Eka^Ema^Esa; - BCe = Ebe^Ege^Eke^Eme^Ese; - BCi = Ebi^Egi^Eki^Emi^Esi; - BCo = Ebo^Ego^Eko^Emo^Eso; - BCu = Ebu^Egu^Eku^Emu^Esu; - - //thetaRhoPiChiIotaPrepareTheta(round+1, E, A) - Da = BCu^rotlConstant<1>(BCe); - De = BCa^rotlConstant<1>(BCi); - Di = BCe^rotlConstant<1>(BCo); - Do = BCi^rotlConstant<1>(BCu); - Du = BCo^rotlConstant<1>(BCa); - - Eba ^= Da; - BCa = Eba; - Ege ^= De; - BCe = rotlConstant<44>(Ege); - Eki ^= Di; - BCi = rotlConstant<43>(Eki); - Emo ^= Do; - BCo = rotlConstant<21>(Emo); - Esu ^= Du; - BCu = rotlConstant<14>(Esu); - Aba = BCa ^((~BCe)& BCi ); - Aba ^= (word64)KeccakF_RoundConstants[round+1]; - Abe = BCe ^((~BCi)& BCo ); - Abi = BCi ^((~BCo)& BCu ); - Abo = BCo ^((~BCu)& BCa ); - Abu = BCu ^((~BCa)& BCe ); - - Ebo ^= Do; - BCa = rotlConstant<28>(Ebo); - Egu ^= Du; - BCe = rotlConstant<20>(Egu); - Eka ^= Da; - BCi = rotlConstant<3>(Eka); - Eme ^= De; - BCo = rotlConstant<45>(Eme); - Esi ^= Di; - BCu = rotlConstant<61>(Esi); - Aga = BCa ^((~BCe)& BCi ); - Age = BCe ^((~BCi)& BCo ); - Agi = BCi ^((~BCo)& BCu ); - Ago = BCo ^((~BCu)& BCa ); - Agu = BCu ^((~BCa)& BCe ); - - Ebe ^= De; - BCa = rotlConstant<1>(Ebe); - Egi ^= Di; - BCe = rotlConstant<6>(Egi); - Eko ^= Do; - BCi = rotlConstant<25>(Eko); - Emu ^= Du; - BCo = rotlConstant<8>(Emu); - Esa ^= Da; - BCu = rotlConstant<18>(Esa); - Aka = BCa ^((~BCe)& BCi ); - Ake = BCe ^((~BCi)& BCo ); - Aki = BCi ^((~BCo)& BCu ); - Ako = BCo ^((~BCu)& BCa ); - Aku = BCu ^((~BCa)& BCe ); - - Ebu ^= Du; - BCa = rotlConstant<27>(Ebu); - Ega ^= Da; - BCe = rotlConstant<36>(Ega); - Eke ^= De; - BCi = rotlConstant<10>(Eke); - Emi ^= Di; - BCo = rotlConstant<15>(Emi); - Eso ^= Do; - BCu = rotlConstant<56>(Eso); - Ama = BCa ^((~BCe)& BCi ); - Ame = BCe ^((~BCi)& BCo ); - Ami = BCi ^((~BCo)& BCu ); - Amo = BCo ^((~BCu)& BCa ); - Amu = BCu ^((~BCa)& BCe ); - - Ebi ^= Di; - BCa = rotlConstant<62>(Ebi); - Ego ^= Do; - BCe = rotlConstant<55>(Ego); - Eku ^= Du; - BCi = rotlConstant<39>(Eku); - Ema ^= Da; - BCo = rotlConstant<41>(Ema); - Ese ^= De; - BCu = rotlConstant<2>(Ese); - Asa = BCa ^((~BCe)& BCi ); - Ase = BCe ^((~BCi)& BCo ); - Asi = BCi ^((~BCo)& BCu ); - Aso = BCo ^((~BCu)& BCa ); - Asu = BCu ^((~BCa)& BCe ); - } - - //copyToState(state, A) - Block::Put(NULLPTR, state)(Aba)(Abe)(Abi)(Abo)(Abu)(Aga)(Age)(Agi)(Ago)(Agu)(Aka)(Ake)(Aki)(Ako)(Aku)(Ama)(Ame)(Ami)(Amo)(Amu)(Asa)(Ase)(Asi)(Aso)(Asu); - } -} - void Keccak::Update(const byte *input, size_t length) { CRYPTOPP_ASSERT(!(input == NULLPTR && length != 0)); diff --git a/keccakc.cpp b/keccakc.cpp new file mode 100644 index 00000000..7dd8e729 --- /dev/null +++ b/keccakc.cpp @@ -0,0 +1,258 @@ +// keccakc.cpp - Keccak core functions shared between SHA3 and Keccak. +// written and placed in the public domain by JW. + +/* +The Keccak sponge function, designed by Guido Bertoni, Joan Daemen, +Michael Peeters and Gilles Van Assche. For more information, feedback or +questions, please refer to our website: http://keccak.noekeon.org/ + +Implementation by Ronny Van Keer, hereby denoted as "the implementer". + +To the extent possible under law, the implementer has waived all copyright +and related or neighboring rights to the source code in this file. +http://creativecommons.org/publicdomain/zero/1.0/ +*/ + +#include "pch.h" +#include "keccak.h" +#include "keccakc.h" + +ANONYMOUS_NAMESPACE_BEGIN + +using CryptoPP::word64; + +const word64 KeccakF_RoundConstants[24] = +{ + W64LIT(0x0000000000000001), W64LIT(0x0000000000008082), W64LIT(0x800000000000808a), + W64LIT(0x8000000080008000), W64LIT(0x000000000000808b), W64LIT(0x0000000080000001), + W64LIT(0x8000000080008081), W64LIT(0x8000000000008009), W64LIT(0x000000000000008a), + W64LIT(0x0000000000000088), W64LIT(0x0000000080008009), W64LIT(0x000000008000000a), + W64LIT(0x000000008000808b), W64LIT(0x800000000000008b), W64LIT(0x8000000000008089), + W64LIT(0x8000000000008003), W64LIT(0x8000000000008002), W64LIT(0x8000000000000080), + W64LIT(0x000000000000800a), W64LIT(0x800000008000000a), W64LIT(0x8000000080008081), + W64LIT(0x8000000000008080), W64LIT(0x0000000080000001), W64LIT(0x8000000080008008) +}; + +ANONYMOUS_NAMESPACE_END + +NAMESPACE_BEGIN(CryptoPP) + +void KeccakF1600(word64 *state) +{ + { + word64 Aba, Abe, Abi, Abo, Abu; + word64 Aga, Age, Agi, Ago, Agu; + word64 Aka, Ake, Aki, Ako, Aku; + word64 Ama, Ame, Ami, Amo, Amu; + word64 Asa, Ase, Asi, Aso, Asu; + word64 BCa, BCe, BCi, BCo, BCu; + word64 Da, De, Di, Do, Du; + word64 Eba, Ebe, Ebi, Ebo, Ebu; + word64 Ega, Ege, Egi, Ego, Egu; + word64 Eka, Eke, Eki, Eko, Eku; + word64 Ema, Eme, Emi, Emo, Emu; + word64 Esa, Ese, Esi, Eso, Esu; + + //copyFromState(A, state) + typedef BlockGetAndPut Block; + Block::Get(state)(Aba)(Abe)(Abi)(Abo)(Abu)(Aga)(Age)(Agi)(Ago)(Agu)(Aka)(Ake)(Aki)(Ako)(Aku)(Ama)(Ame)(Ami)(Amo)(Amu)(Asa)(Ase)(Asi)(Aso)(Asu); + + for( unsigned int round = 0; round < 24; round += 2 ) + { + // prepareTheta + BCa = Aba^Aga^Aka^Ama^Asa; + BCe = Abe^Age^Ake^Ame^Ase; + BCi = Abi^Agi^Aki^Ami^Asi; + BCo = Abo^Ago^Ako^Amo^Aso; + BCu = Abu^Agu^Aku^Amu^Asu; + + //thetaRhoPiChiIotaPrepareTheta(round , A, E) + Da = BCu^rotlConstant<1>(BCe); + De = BCa^rotlConstant<1>(BCi); + Di = BCe^rotlConstant<1>(BCo); + Do = BCi^rotlConstant<1>(BCu); + Du = BCo^rotlConstant<1>(BCa); + + Aba ^= Da; + BCa = Aba; + Age ^= De; + BCe = rotlConstant<44>(Age); + Aki ^= Di; + BCi = rotlConstant<43>(Aki); + Amo ^= Do; + BCo = rotlConstant<21>(Amo); + Asu ^= Du; + BCu = rotlConstant<14>(Asu); + Eba = BCa ^((~BCe)& BCi ); + Eba ^= (word64)KeccakF_RoundConstants[round]; + Ebe = BCe ^((~BCi)& BCo ); + Ebi = BCi ^((~BCo)& BCu ); + Ebo = BCo ^((~BCu)& BCa ); + Ebu = BCu ^((~BCa)& BCe ); + + Abo ^= Do; + BCa = rotlConstant<28>(Abo); + Agu ^= Du; + BCe = rotlConstant<20>(Agu); + Aka ^= Da; + BCi = rotlConstant<3>(Aka); + Ame ^= De; + BCo = rotlConstant<45>(Ame); + Asi ^= Di; + BCu = rotlConstant<61>(Asi); + Ega = BCa ^((~BCe)& BCi ); + Ege = BCe ^((~BCi)& BCo ); + Egi = BCi ^((~BCo)& BCu ); + Ego = BCo ^((~BCu)& BCa ); + Egu = BCu ^((~BCa)& BCe ); + + Abe ^= De; + BCa = rotlConstant<1>(Abe); + Agi ^= Di; + BCe = rotlConstant<6>(Agi); + Ako ^= Do; + BCi = rotlConstant<25>(Ako); + Amu ^= Du; + BCo = rotlConstant<8>(Amu); + Asa ^= Da; + BCu = rotlConstant<18>(Asa); + Eka = BCa ^((~BCe)& BCi ); + Eke = BCe ^((~BCi)& BCo ); + Eki = BCi ^((~BCo)& BCu ); + Eko = BCo ^((~BCu)& BCa ); + Eku = BCu ^((~BCa)& BCe ); + + Abu ^= Du; + BCa = rotlConstant<27>(Abu); + Aga ^= Da; + BCe = rotlConstant<36>(Aga); + Ake ^= De; + BCi = rotlConstant<10>(Ake); + Ami ^= Di; + BCo = rotlConstant<15>(Ami); + Aso ^= Do; + BCu = rotlConstant<56>(Aso); + Ema = BCa ^((~BCe)& BCi ); + Eme = BCe ^((~BCi)& BCo ); + Emi = BCi ^((~BCo)& BCu ); + Emo = BCo ^((~BCu)& BCa ); + Emu = BCu ^((~BCa)& BCe ); + + Abi ^= Di; + BCa = rotlConstant<62>(Abi); + Ago ^= Do; + BCe = rotlConstant<55>(Ago); + Aku ^= Du; + BCi = rotlConstant<39>(Aku); + Ama ^= Da; + BCo = rotlConstant<41>(Ama); + Ase ^= De; + BCu = rotlConstant<2>(Ase); + Esa = BCa ^((~BCe)& BCi ); + Ese = BCe ^((~BCi)& BCo ); + Esi = BCi ^((~BCo)& BCu ); + Eso = BCo ^((~BCu)& BCa ); + Esu = BCu ^((~BCa)& BCe ); + + // prepareTheta + BCa = Eba^Ega^Eka^Ema^Esa; + BCe = Ebe^Ege^Eke^Eme^Ese; + BCi = Ebi^Egi^Eki^Emi^Esi; + BCo = Ebo^Ego^Eko^Emo^Eso; + BCu = Ebu^Egu^Eku^Emu^Esu; + + //thetaRhoPiChiIotaPrepareTheta(round+1, E, A) + Da = BCu^rotlConstant<1>(BCe); + De = BCa^rotlConstant<1>(BCi); + Di = BCe^rotlConstant<1>(BCo); + Do = BCi^rotlConstant<1>(BCu); + Du = BCo^rotlConstant<1>(BCa); + + Eba ^= Da; + BCa = Eba; + Ege ^= De; + BCe = rotlConstant<44>(Ege); + Eki ^= Di; + BCi = rotlConstant<43>(Eki); + Emo ^= Do; + BCo = rotlConstant<21>(Emo); + Esu ^= Du; + BCu = rotlConstant<14>(Esu); + Aba = BCa ^((~BCe)& BCi ); + Aba ^= (word64)KeccakF_RoundConstants[round+1]; + Abe = BCe ^((~BCi)& BCo ); + Abi = BCi ^((~BCo)& BCu ); + Abo = BCo ^((~BCu)& BCa ); + Abu = BCu ^((~BCa)& BCe ); + + Ebo ^= Do; + BCa = rotlConstant<28>(Ebo); + Egu ^= Du; + BCe = rotlConstant<20>(Egu); + Eka ^= Da; + BCi = rotlConstant<3>(Eka); + Eme ^= De; + BCo = rotlConstant<45>(Eme); + Esi ^= Di; + BCu = rotlConstant<61>(Esi); + Aga = BCa ^((~BCe)& BCi ); + Age = BCe ^((~BCi)& BCo ); + Agi = BCi ^((~BCo)& BCu ); + Ago = BCo ^((~BCu)& BCa ); + Agu = BCu ^((~BCa)& BCe ); + + Ebe ^= De; + BCa = rotlConstant<1>(Ebe); + Egi ^= Di; + BCe = rotlConstant<6>(Egi); + Eko ^= Do; + BCi = rotlConstant<25>(Eko); + Emu ^= Du; + BCo = rotlConstant<8>(Emu); + Esa ^= Da; + BCu = rotlConstant<18>(Esa); + Aka = BCa ^((~BCe)& BCi ); + Ake = BCe ^((~BCi)& BCo ); + Aki = BCi ^((~BCo)& BCu ); + Ako = BCo ^((~BCu)& BCa ); + Aku = BCu ^((~BCa)& BCe ); + + Ebu ^= Du; + BCa = rotlConstant<27>(Ebu); + Ega ^= Da; + BCe = rotlConstant<36>(Ega); + Eke ^= De; + BCi = rotlConstant<10>(Eke); + Emi ^= Di; + BCo = rotlConstant<15>(Emi); + Eso ^= Do; + BCu = rotlConstant<56>(Eso); + Ama = BCa ^((~BCe)& BCi ); + Ame = BCe ^((~BCi)& BCo ); + Ami = BCi ^((~BCo)& BCu ); + Amo = BCo ^((~BCu)& BCa ); + Amu = BCu ^((~BCa)& BCe ); + + Ebi ^= Di; + BCa = rotlConstant<62>(Ebi); + Ego ^= Do; + BCe = rotlConstant<55>(Ego); + Eku ^= Du; + BCi = rotlConstant<39>(Eku); + Ema ^= Da; + BCo = rotlConstant<41>(Ema); + Ese ^= De; + BCu = rotlConstant<2>(Ese); + Asa = BCa ^((~BCe)& BCi ); + Ase = BCe ^((~BCi)& BCo ); + Asi = BCi ^((~BCo)& BCu ); + Aso = BCo ^((~BCu)& BCa ); + Asu = BCu ^((~BCa)& BCe ); + } + + //copyToState(state, A) + Block::Put(NULLPTR, state)(Aba)(Abe)(Abi)(Abo)(Abu)(Aga)(Age)(Agi)(Ago)(Agu)(Aka)(Ake)(Aki)(Ako)(Aku)(Ama)(Ame)(Ami)(Amo)(Amu)(Asa)(Ase)(Asi)(Aso)(Asu); + } +} + +NAMESPACE_END diff --git a/keccakc.h b/keccakc.h new file mode 100644 index 00000000..ed186593 --- /dev/null +++ b/keccakc.h @@ -0,0 +1,13 @@ +// keccakc.h - Keccak core functions shared between SHA3 and Keccak. +// written and placed in the public domain by JW. + +#ifndef CRYPTOPP_KECCAK_CORE +#define CRYPTOPP_KECCAK_CORE + +NAMESPACE_BEGIN(CryptoPP) + +void KeccakF1600(word64 *state); + +NAMESPACE_END + +#endif // CRYPTOPP_KECCAK_CORE diff --git a/sha3.cpp b/sha3.cpp index 51e01117..0a4ba893 100644 --- a/sha3.cpp +++ b/sha3.cpp @@ -1,13 +1,16 @@ -// sha3.cpp - modified by Wei Dai from Ronny Van Keer's public domain Keccak-simple.c -// all modifications here are placed in the public domain by Wei Dai +// sha3.cpp - modified by Wei Dai from Ronny Van Keer's public domain +// Keccak-simple.c. All modifications here are placed in the +// public domain by Wei Dai. +// Keccack core function moved to keccakc.cpp in AUG 2018 +// by Jeffrey Walton. Separating the core file allows both +// SHA3 and Keccack to share the core implementation. /* The Keccak sponge function, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gilles Van Assche. For more information, feedback or questions, please refer to our website: http://keccak.noekeon.org/ -Implementation by Ronny Van Keer, -hereby denoted as "the implementer". +Implementation by Ronny Van Keer, hereby denoted as "the implementer". To the extent possible under law, the implementer has waived all copyright and related or neighboring rights to the source code in this file. @@ -16,239 +19,10 @@ http://creativecommons.org/publicdomain/zero/1.0/ #include "pch.h" #include "sha3.h" +#include "keccakc.h" NAMESPACE_BEGIN(CryptoPP) -static const word64 KeccakF_RoundConstants[24] = -{ - W64LIT(0x0000000000000001), W64LIT(0x0000000000008082), W64LIT(0x800000000000808a), - W64LIT(0x8000000080008000), W64LIT(0x000000000000808b), W64LIT(0x0000000080000001), - W64LIT(0x8000000080008081), W64LIT(0x8000000000008009), W64LIT(0x000000000000008a), - W64LIT(0x0000000000000088), W64LIT(0x0000000080008009), W64LIT(0x000000008000000a), - W64LIT(0x000000008000808b), W64LIT(0x800000000000008b), W64LIT(0x8000000000008089), - W64LIT(0x8000000000008003), W64LIT(0x8000000000008002), W64LIT(0x8000000000000080), - W64LIT(0x000000000000800a), W64LIT(0x800000008000000a), W64LIT(0x8000000080008081), - W64LIT(0x8000000000008080), W64LIT(0x0000000080000001), W64LIT(0x8000000080008008) -}; - -static void KeccakF1600(word64 *state) -{ - { - word64 Aba, Abe, Abi, Abo, Abu; - word64 Aga, Age, Agi, Ago, Agu; - word64 Aka, Ake, Aki, Ako, Aku; - word64 Ama, Ame, Ami, Amo, Amu; - word64 Asa, Ase, Asi, Aso, Asu; - word64 BCa, BCe, BCi, BCo, BCu; - word64 Da, De, Di, Do, Du; - word64 Eba, Ebe, Ebi, Ebo, Ebu; - word64 Ega, Ege, Egi, Ego, Egu; - word64 Eka, Eke, Eki, Eko, Eku; - word64 Ema, Eme, Emi, Emo, Emu; - word64 Esa, Ese, Esi, Eso, Esu; - - //copyFromState(A, state) - typedef BlockGetAndPut Block; - Block::Get(state)(Aba)(Abe)(Abi)(Abo)(Abu)(Aga)(Age)(Agi)(Ago)(Agu)(Aka)(Ake)(Aki)(Ako)(Aku)(Ama)(Ame)(Ami)(Amo)(Amu)(Asa)(Ase)(Asi)(Aso)(Asu); - - for( unsigned int round = 0; round < 24; round += 2 ) - { - // prepareTheta - BCa = Aba^Aga^Aka^Ama^Asa; - BCe = Abe^Age^Ake^Ame^Ase; - BCi = Abi^Agi^Aki^Ami^Asi; - BCo = Abo^Ago^Ako^Amo^Aso; - BCu = Abu^Agu^Aku^Amu^Asu; - - //thetaRhoPiChiIotaPrepareTheta(round , A, E) - Da = BCu^rotlConstant<1>(BCe); - De = BCa^rotlConstant<1>(BCi); - Di = BCe^rotlConstant<1>(BCo); - Do = BCi^rotlConstant<1>(BCu); - Du = BCo^rotlConstant<1>(BCa); - - Aba ^= Da; - BCa = Aba; - Age ^= De; - BCe = rotlConstant<44>(Age); - Aki ^= Di; - BCi = rotlConstant<43>(Aki); - Amo ^= Do; - BCo = rotlConstant<21>(Amo); - Asu ^= Du; - BCu = rotlConstant<14>(Asu); - Eba = BCa ^((~BCe)& BCi ); - Eba ^= (word64)KeccakF_RoundConstants[round]; - Ebe = BCe ^((~BCi)& BCo ); - Ebi = BCi ^((~BCo)& BCu ); - Ebo = BCo ^((~BCu)& BCa ); - Ebu = BCu ^((~BCa)& BCe ); - - Abo ^= Do; - BCa = rotlConstant<28>(Abo); - Agu ^= Du; - BCe = rotlConstant<20>(Agu); - Aka ^= Da; - BCi = rotlConstant<3>(Aka); - Ame ^= De; - BCo = rotlConstant<45>(Ame); - Asi ^= Di; - BCu = rotlConstant<61>(Asi); - Ega = BCa ^((~BCe)& BCi ); - Ege = BCe ^((~BCi)& BCo ); - Egi = BCi ^((~BCo)& BCu ); - Ego = BCo ^((~BCu)& BCa ); - Egu = BCu ^((~BCa)& BCe ); - - Abe ^= De; - BCa = rotlConstant<1>(Abe); - Agi ^= Di; - BCe = rotlConstant<6>(Agi); - Ako ^= Do; - BCi = rotlConstant<25>(Ako); - Amu ^= Du; - BCo = rotlConstant<8>(Amu); - Asa ^= Da; - BCu = rotlConstant<18>(Asa); - Eka = BCa ^((~BCe)& BCi ); - Eke = BCe ^((~BCi)& BCo ); - Eki = BCi ^((~BCo)& BCu ); - Eko = BCo ^((~BCu)& BCa ); - Eku = BCu ^((~BCa)& BCe ); - - Abu ^= Du; - BCa = rotlConstant<27>(Abu); - Aga ^= Da; - BCe = rotlConstant<36>(Aga); - Ake ^= De; - BCi = rotlConstant<10>(Ake); - Ami ^= Di; - BCo = rotlConstant<15>(Ami); - Aso ^= Do; - BCu = rotlConstant<56>(Aso); - Ema = BCa ^((~BCe)& BCi ); - Eme = BCe ^((~BCi)& BCo ); - Emi = BCi ^((~BCo)& BCu ); - Emo = BCo ^((~BCu)& BCa ); - Emu = BCu ^((~BCa)& BCe ); - - Abi ^= Di; - BCa = rotlConstant<62>(Abi); - Ago ^= Do; - BCe = rotlConstant<55>(Ago); - Aku ^= Du; - BCi = rotlConstant<39>(Aku); - Ama ^= Da; - BCo = rotlConstant<41>(Ama); - Ase ^= De; - BCu = rotlConstant<2>(Ase); - Esa = BCa ^((~BCe)& BCi ); - Ese = BCe ^((~BCi)& BCo ); - Esi = BCi ^((~BCo)& BCu ); - Eso = BCo ^((~BCu)& BCa ); - Esu = BCu ^((~BCa)& BCe ); - - // prepareTheta - BCa = Eba^Ega^Eka^Ema^Esa; - BCe = Ebe^Ege^Eke^Eme^Ese; - BCi = Ebi^Egi^Eki^Emi^Esi; - BCo = Ebo^Ego^Eko^Emo^Eso; - BCu = Ebu^Egu^Eku^Emu^Esu; - - //thetaRhoPiChiIotaPrepareTheta(round+1, E, A) - Da = BCu^rotlConstant<1>(BCe); - De = BCa^rotlConstant<1>(BCi); - Di = BCe^rotlConstant<1>(BCo); - Do = BCi^rotlConstant<1>(BCu); - Du = BCo^rotlConstant<1>(BCa); - - Eba ^= Da; - BCa = Eba; - Ege ^= De; - BCe = rotlConstant<44>(Ege); - Eki ^= Di; - BCi = rotlConstant<43>(Eki); - Emo ^= Do; - BCo = rotlConstant<21>(Emo); - Esu ^= Du; - BCu = rotlConstant<14>(Esu); - Aba = BCa ^((~BCe)& BCi ); - Aba ^= (word64)KeccakF_RoundConstants[round+1]; - Abe = BCe ^((~BCi)& BCo ); - Abi = BCi ^((~BCo)& BCu ); - Abo = BCo ^((~BCu)& BCa ); - Abu = BCu ^((~BCa)& BCe ); - - Ebo ^= Do; - BCa = rotlConstant<28>(Ebo); - Egu ^= Du; - BCe = rotlConstant<20>(Egu); - Eka ^= Da; - BCi = rotlConstant<3>(Eka); - Eme ^= De; - BCo = rotlConstant<45>(Eme); - Esi ^= Di; - BCu = rotlConstant<61>(Esi); - Aga = BCa ^((~BCe)& BCi ); - Age = BCe ^((~BCi)& BCo ); - Agi = BCi ^((~BCo)& BCu ); - Ago = BCo ^((~BCu)& BCa ); - Agu = BCu ^((~BCa)& BCe ); - - Ebe ^= De; - BCa = rotlConstant<1>(Ebe); - Egi ^= Di; - BCe = rotlConstant<6>(Egi); - Eko ^= Do; - BCi = rotlConstant<25>(Eko); - Emu ^= Du; - BCo = rotlConstant<8>(Emu); - Esa ^= Da; - BCu = rotlConstant<18>(Esa); - Aka = BCa ^((~BCe)& BCi ); - Ake = BCe ^((~BCi)& BCo ); - Aki = BCi ^((~BCo)& BCu ); - Ako = BCo ^((~BCu)& BCa ); - Aku = BCu ^((~BCa)& BCe ); - - Ebu ^= Du; - BCa = rotlConstant<27>(Ebu); - Ega ^= Da; - BCe = rotlConstant<36>(Ega); - Eke ^= De; - BCi = rotlConstant<10>(Eke); - Emi ^= Di; - BCo = rotlConstant<15>(Emi); - Eso ^= Do; - BCu = rotlConstant<56>(Eso); - Ama = BCa ^((~BCe)& BCi ); - Ame = BCe ^((~BCi)& BCo ); - Ami = BCi ^((~BCo)& BCu ); - Amo = BCo ^((~BCu)& BCa ); - Amu = BCu ^((~BCa)& BCe ); - - Ebi ^= Di; - BCa = rotlConstant<62>(Ebi); - Ego ^= Do; - BCe = rotlConstant<55>(Ego); - Eku ^= Du; - BCi = rotlConstant<39>(Eku); - Ema ^= Da; - BCo = rotlConstant<41>(Ema); - Ese ^= De; - BCu = rotlConstant<2>(Ese); - Asa = BCa ^((~BCe)& BCi ); - Ase = BCe ^((~BCi)& BCo ); - Asi = BCi ^((~BCo)& BCu ); - Aso = BCo ^((~BCu)& BCa ); - Asu = BCu ^((~BCa)& BCe ); - } - - //copyToState(state, A) - Block::Put(NULLPTR, state)(Aba)(Abe)(Abi)(Abo)(Abu)(Aga)(Age)(Agi)(Ago)(Agu)(Aka)(Ake)(Aki)(Ako)(Aku)(Ama)(Ame)(Ami)(Amo)(Amu)(Asa)(Ase)(Asi)(Aso)(Asu); - } -} - void SHA3::Update(const byte *input, size_t length) { CRYPTOPP_ASSERT(!(input == NULLPTR && length != 0));