Add abstract state duplication for SHA256 incremental hashing API
This commit is contained in:
parent
4f19ea25d0
commit
6461896475
@ -4,6 +4,7 @@
|
|||||||
|
|
||||||
#include <stddef.h>
|
#include <stddef.h>
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
#include "sha2.h"
|
#include "sha2.h"
|
||||||
|
|
||||||
@ -528,6 +529,10 @@ void sha512_inc_init(sha512ctx *state) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void sha256_inc_dupe_state(sha256ctx *stateout, const sha256ctx *statein) {
|
||||||
|
memcpy(stateout, statein, sizeof(sha256ctx));
|
||||||
|
}
|
||||||
|
|
||||||
void sha256_inc_blocks(sha256ctx *state, const uint8_t *in, size_t inblocks) {
|
void sha256_inc_blocks(sha256ctx *state, const uint8_t *in, size_t inblocks) {
|
||||||
uint64_t bytes = load_bigendian_64(state->ctx + 32);
|
uint64_t bytes = load_bigendian_64(state->ctx + 32);
|
||||||
|
|
||||||
|
@ -30,6 +30,7 @@ void sha224_inc_finalize(uint8_t *out, sha224ctx *state, const uint8_t *in, size
|
|||||||
void sha224(uint8_t *out, const uint8_t *in, size_t inlen);
|
void sha224(uint8_t *out, const uint8_t *in, size_t inlen);
|
||||||
|
|
||||||
void sha256_inc_init(sha256ctx *state);
|
void sha256_inc_init(sha256ctx *state);
|
||||||
|
void sha256_inc_dupe_state(sha256ctx *stateout, const sha256ctx *statein);
|
||||||
void sha256_inc_blocks(sha256ctx *state, const uint8_t *in, size_t inblocks);
|
void sha256_inc_blocks(sha256ctx *state, const uint8_t *in, size_t inblocks);
|
||||||
void sha256_inc_finalize(uint8_t *out, sha256ctx *state, const uint8_t *in, size_t inlen);
|
void sha256_inc_finalize(uint8_t *out, sha256ctx *state, const uint8_t *in, size_t inlen);
|
||||||
void sha256(uint8_t *out, const uint8_t *in, size_t inlen);
|
void sha256(uint8_t *out, const uint8_t *in, size_t inlen);
|
||||||
|
@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash(
|
|||||||
PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
|
PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
|
||||||
|
|
||||||
/* Retrieve precomputed state containing pub_seed */
|
/* Retrieve precomputed state containing pub_seed */
|
||||||
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx));
|
sha256_inc_dupe_state(&sha2_state, hash_state_seeded);
|
||||||
|
|
||||||
for (i = 0; i < inblocks * SPX_N; i++) {
|
for (i = 0; i < inblocks * SPX_N; i++) {
|
||||||
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];
|
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];
|
||||||
|
@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash(
|
|||||||
(void)pub_seed; /* Suppress an 'unused parameter' warning. */
|
(void)pub_seed; /* Suppress an 'unused parameter' warning. */
|
||||||
|
|
||||||
/* Retrieve precomputed state containing pub_seed */
|
/* Retrieve precomputed state containing pub_seed */
|
||||||
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx));
|
sha256_inc_dupe_state(&sha2_state, hash_state_seeded);
|
||||||
|
|
||||||
PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_compress_address(buf, addr);
|
PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_compress_address(buf, addr);
|
||||||
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);
|
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);
|
||||||
|
@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash(
|
|||||||
PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
|
PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
|
||||||
|
|
||||||
/* Retrieve precomputed state containing pub_seed */
|
/* Retrieve precomputed state containing pub_seed */
|
||||||
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx));
|
sha256_inc_dupe_state(&sha2_state, hash_state_seeded);
|
||||||
|
|
||||||
for (i = 0; i < inblocks * SPX_N; i++) {
|
for (i = 0; i < inblocks * SPX_N; i++) {
|
||||||
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];
|
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];
|
||||||
|
@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash(
|
|||||||
(void)pub_seed; /* Suppress an 'unused parameter' warning. */
|
(void)pub_seed; /* Suppress an 'unused parameter' warning. */
|
||||||
|
|
||||||
/* Retrieve precomputed state containing pub_seed */
|
/* Retrieve precomputed state containing pub_seed */
|
||||||
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx));
|
sha256_inc_dupe_state(&sha2_state, hash_state_seeded);
|
||||||
|
|
||||||
PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_compress_address(buf, addr);
|
PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_compress_address(buf, addr);
|
||||||
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);
|
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);
|
||||||
|
@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash(
|
|||||||
PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
|
PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
|
||||||
|
|
||||||
/* Retrieve precomputed state containing pub_seed */
|
/* Retrieve precomputed state containing pub_seed */
|
||||||
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx));
|
sha256_inc_dupe_state(&sha2_state, hash_state_seeded);
|
||||||
|
|
||||||
for (i = 0; i < inblocks * SPX_N; i++) {
|
for (i = 0; i < inblocks * SPX_N; i++) {
|
||||||
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];
|
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];
|
||||||
|
@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash(
|
|||||||
(void)pub_seed; /* Suppress an 'unused parameter' warning. */
|
(void)pub_seed; /* Suppress an 'unused parameter' warning. */
|
||||||
|
|
||||||
/* Retrieve precomputed state containing pub_seed */
|
/* Retrieve precomputed state containing pub_seed */
|
||||||
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx));
|
sha256_inc_dupe_state(&sha2_state, hash_state_seeded);
|
||||||
|
|
||||||
PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_compress_address(buf, addr);
|
PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_compress_address(buf, addr);
|
||||||
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);
|
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);
|
||||||
|
@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash(
|
|||||||
PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
|
PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
|
||||||
|
|
||||||
/* Retrieve precomputed state containing pub_seed */
|
/* Retrieve precomputed state containing pub_seed */
|
||||||
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx));
|
sha256_inc_dupe_state(&sha2_state, hash_state_seeded);
|
||||||
|
|
||||||
for (i = 0; i < inblocks * SPX_N; i++) {
|
for (i = 0; i < inblocks * SPX_N; i++) {
|
||||||
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];
|
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];
|
||||||
|
@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash(
|
|||||||
(void)pub_seed; /* Suppress an 'unused parameter' warning. */
|
(void)pub_seed; /* Suppress an 'unused parameter' warning. */
|
||||||
|
|
||||||
/* Retrieve precomputed state containing pub_seed */
|
/* Retrieve precomputed state containing pub_seed */
|
||||||
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx));
|
sha256_inc_dupe_state(&sha2_state, hash_state_seeded);
|
||||||
|
|
||||||
PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_compress_address(buf, addr);
|
PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_compress_address(buf, addr);
|
||||||
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);
|
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);
|
||||||
|
@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash(
|
|||||||
PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
|
PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
|
||||||
|
|
||||||
/* Retrieve precomputed state containing pub_seed */
|
/* Retrieve precomputed state containing pub_seed */
|
||||||
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx));
|
sha256_inc_dupe_state(&sha2_state, hash_state_seeded);
|
||||||
|
|
||||||
for (i = 0; i < inblocks * SPX_N; i++) {
|
for (i = 0; i < inblocks * SPX_N; i++) {
|
||||||
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];
|
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];
|
||||||
|
@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash(
|
|||||||
(void)pub_seed; /* Suppress an 'unused parameter' warning. */
|
(void)pub_seed; /* Suppress an 'unused parameter' warning. */
|
||||||
|
|
||||||
/* Retrieve precomputed state containing pub_seed */
|
/* Retrieve precomputed state containing pub_seed */
|
||||||
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx));
|
sha256_inc_dupe_state(&sha2_state, hash_state_seeded);
|
||||||
|
|
||||||
PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_compress_address(buf, addr);
|
PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_compress_address(buf, addr);
|
||||||
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);
|
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);
|
||||||
|
@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash(
|
|||||||
PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
|
PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
|
||||||
|
|
||||||
/* Retrieve precomputed state containing pub_seed */
|
/* Retrieve precomputed state containing pub_seed */
|
||||||
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx));
|
sha256_inc_dupe_state(&sha2_state, hash_state_seeded);
|
||||||
|
|
||||||
for (i = 0; i < inblocks * SPX_N; i++) {
|
for (i = 0; i < inblocks * SPX_N; i++) {
|
||||||
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];
|
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];
|
||||||
|
@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash(
|
|||||||
(void)pub_seed; /* Suppress an 'unused parameter' warning. */
|
(void)pub_seed; /* Suppress an 'unused parameter' warning. */
|
||||||
|
|
||||||
/* Retrieve precomputed state containing pub_seed */
|
/* Retrieve precomputed state containing pub_seed */
|
||||||
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx));
|
sha256_inc_dupe_state(&sha2_state, hash_state_seeded);
|
||||||
|
|
||||||
PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_compress_address(buf, addr);
|
PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_compress_address(buf, addr);
|
||||||
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);
|
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);
|
||||||
|
Loading…
Reference in New Issue
Block a user