40 #ifndef KECCAKF_ROUNDS
41 #define KECCAKF_ROUNDS 24
45 #define ROTL64(x, y) (((x) << (y)) | ((x) >> (64 - (y))))
54 void XrdOucSHA3::sha3_keccakf(uint64_t st[25])
57 const uint64_t keccakf_rndc[24] = {
58 0x0000000000000001, 0x0000000000008082, 0x800000000000808a,
59 0x8000000080008000, 0x000000000000808b, 0x0000000080000001,
60 0x8000000080008081, 0x8000000000008009, 0x000000000000008a,
61 0x0000000000000088, 0x0000000080008009, 0x000000008000000a,
62 0x000000008000808b, 0x800000000000008b, 0x8000000000008089,
63 0x8000000000008003, 0x8000000000008002, 0x8000000000000080,
64 0x000000000000800a, 0x800000008000000a, 0x8000000080008081,
65 0x8000000000008080, 0x0000000080000001, 0x8000000080008008
67 const int keccakf_rotc[24] = {
68 1, 3, 6, 10, 15, 21, 28, 36, 45, 55, 2, 14,
69 27, 41, 56, 8, 25, 43, 62, 18, 39, 61, 20, 44
71 const int keccakf_piln[24] = {
72 10, 7, 11, 17, 18, 3, 5, 16, 8, 21, 24, 4,
73 15, 23, 19, 13, 12, 2, 20, 14, 22, 9, 6, 1
80 #if __BYTE_ORDER__ != __ORDER_LITTLE_ENDIAN__
84 for (i = 0; i < 25; i++) {
85 v = (uint8_t *) &st[i];
86 st[i] = ((uint64_t) v[0]) | (((uint64_t) v[1]) << 8) |
87 (((uint64_t) v[2]) << 16) | (((uint64_t) v[3]) << 24) |
88 (((uint64_t) v[4]) << 32) | (((uint64_t) v[5]) << 40) |
89 (((uint64_t) v[6]) << 48) | (((uint64_t) v[7]) << 56);
97 for (i = 0; i < 5; i++)
98 bc[i] = st[i] ^ st[i + 5] ^ st[i + 10] ^ st[i + 15] ^ st[i + 20];
100 for (i = 0; i < 5; i++) {
101 t = bc[(i + 4) % 5] ^
ROTL64(bc[(i + 1) % 5], 1);
102 for (j = 0; j < 25; j += 5)
108 for (i = 0; i < 24; i++) {
111 st[j] =
ROTL64(t, keccakf_rotc[i]);
116 for (j = 0; j < 25; j += 5) {
117 for (i = 0; i < 5; i++)
119 for (i = 0; i < 5; i++)
120 st[j + i] ^= (~bc[(i + 1) % 5]) & bc[(i + 2) % 5];
124 st[0] ^= keccakf_rndc[r];
127 #if __BYTE_ORDER__ != __ORDER_LITTLE_ENDIAN__
129 for (i = 0; i < 25; i++) {
130 v = (uint8_t *) &st[i];
133 v[1] = (t >> 8) & 0xFF;
134 v[2] = (t >> 16) & 0xFF;
135 v[3] = (t >> 24) & 0xFF;
136 v[4] = (t >> 32) & 0xFF;
137 v[5] = (t >> 40) & 0xFF;
138 v[6] = (t >> 48) & 0xFF;
139 v[7] = (t >> 56) & 0xFF;
172 for (i = 0; i < 25; i++)
174 c->
mdlen = (
int)mdlen;
175 c->
rsiz = 200 - 2 * (int)mdlen;
192 for (i = 0; i < len; i++) {
193 c->
st.b[j++] ^= ((
const uint8_t *) data)[i];
195 sha3_keccakf(c->
st.q);
212 c->
st.b[c->
pt] ^= 0x06;
213 c->
st.b[c->
rsiz - 1] ^= 0x80;
214 sha3_keccakf(c->
st.q);
216 for (i = 0; i < c->
mdlen; i++) {
217 ((uint8_t *) md)[i] = c->
st.b[i];
229 c->
st.b[c->
pt] ^= 0x1F;
230 c->
st.b[c->
rsiz - 1] ^= 0x80;
231 sha3_keccakf(c->
st.q);
250 for (i = 0; i < len; i++) {
252 sha3_keccakf(c->
st.q);
255 ((uint8_t *) out)[i] = c->
st.b[j++];
union XrdOucSHA3::sha3_ctx_t::@120 st
static void Update(sha3_ctx_t *c, const void *data, size_t len)
int xof
these don't overflow
MDLen
SHA3 digest lengths (bits to bytes).
static void * Calc(const void *in, size_t inlen, void *md, MDLen mdlen)
static void SHAKE_Out(sha3_ctx_t *c, void *out, size_t len)
static void Init(sha3_ctx_t *c, MDLen mdlen)
static void Final(sha3_ctx_t *c, void *md)
SHA3 state context used by all methods (OpenSSL - like interface)