From df1c94a38a97119198aa3ae92e82ab9e46d4e9b5 Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Sat, 23 Apr 2016 18:47:23 -0400 Subject: [PATCH] Initial cut-in of CRYPTOPP_USE_FIPS_202_SHA3 macro --- config.h | 4 ++++ config.recommend | 4 ++++ sha3.cpp | 6 ++++++ 3 files changed, 14 insertions(+) diff --git a/config.h b/config.h index 4e2eb68c..7630b936 100644 --- a/config.h +++ b/config.h @@ -43,6 +43,10 @@ // # define CRYPTOPP_NO_UNALIGNED_DATA_ACCESS #endif +// Define this to choose the FIPS 202 version of SHA3, and not the original version of SHA3. NIST selected Keccak as SHA3 +// in January 2013. SHA3 was finalized in FIPS 202 in August 2015, and it was a modified version of the original selection. +// #define CRYPTOPP_USE_FIPS_202_SHA3 + // ***************** Less Important Settings *************** // Library version diff --git a/config.recommend b/config.recommend index 0189f4e3..6bcc52d5 100644 --- a/config.recommend +++ b/config.recommend @@ -43,6 +43,10 @@ # define CRYPTOPP_NO_UNALIGNED_DATA_ACCESS #endif +// Define this to choose the FIPS 202 version of SHA3, and not the original version of SHA3. NIST selected Keccak as SHA3 +// in January 2013. SHA3 was finalized in FIPS 202 in August 2015, and it was a modified version of the original selection. +#define CRYPTOPP_USE_FIPS_202_SHA3 + // ***************** Less Important Settings *************** // Library version diff --git a/sha3.cpp b/sha3.cpp index f66ef494..c94bec39 100644 --- a/sha3.cpp +++ b/sha3.cpp @@ -280,7 +280,13 @@ void SHA3::Restart() void SHA3::TruncatedFinal(byte *hash, size_t size) { ThrowIfInvalidTruncatedSize(size); + +#if defined(CRYPTOPP_USE_FIPS_202_SHA3) m_state.BytePtr()[m_counter] ^= 0x06; +#else + m_state.BytePtr()[m_counter] ^= 1; +#endif + m_state.BytePtr()[r()-1] ^= 0x80; KeccakF1600(m_state); memcpy(hash, m_state, size);