From 692fba119c424503cb4c5975b74ad47b31f39033 Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Mon, 20 May 2019 10:38:31 +0200 Subject: [PATCH] Port SPHINCS+-SHAKE256 to fips202 ctx structs --- .../clean/hash_shake256.c | 28 +++++++++---------- .../clean/hash_shake256.c | 28 +++++++++---------- .../clean/hash_shake256.c | 28 +++++++++---------- .../clean/hash_shake256.c | 28 +++++++++---------- .../clean/hash_shake256.c | 28 +++++++++---------- .../clean/hash_shake256.c | 28 +++++++++---------- .../clean/hash_shake256.c | 28 +++++++++---------- .../clean/hash_shake256.c | 28 +++++++++---------- .../clean/hash_shake256.c | 28 +++++++++---------- .../clean/hash_shake256.c | 28 +++++++++---------- .../clean/hash_shake256.c | 28 +++++++++---------- .../clean/hash_shake256.c | 28 +++++++++---------- 12 files changed, 168 insertions(+), 168 deletions(-) diff --git a/crypto_sign/sphincs-shake256-128f-robust/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-128f-robust/clean/hash_shake256.c index 9603b8c8..d3b7ac7d 100644 --- a/crypto_sign/sphincs-shake256-128f-robust/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-128f-robust/clean/hash_shake256.c @@ -37,14 +37,14 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen) { - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, sk_prf, SPX_N); - shake256_inc_absorb(s_inc, optrand, SPX_N); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(R, SPX_N, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, sk_prf, SPX_N); + shake256_inc_absorb(&state, optrand, SPX_N); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(R, SPX_N, &state); } /** @@ -64,14 +64,14 @@ void PQCLEAN_SPHINCSSHAKE256128FROBUST_CLEAN_hash_message( unsigned char buf[SPX_DGST_BYTES]; unsigned char *bufp = buf; - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, R, SPX_N); - shake256_inc_absorb(s_inc, pk, SPX_PK_BYTES); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(buf, SPX_DGST_BYTES, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, R, SPX_N); + shake256_inc_absorb(&state, pk, SPX_PK_BYTES); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(buf, SPX_DGST_BYTES, &state); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-128f-simple/clean/hash_shake256.c index 68103a41..bd6894ca 100644 --- a/crypto_sign/sphincs-shake256-128f-simple/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-128f-simple/clean/hash_shake256.c @@ -37,14 +37,14 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen) { - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, sk_prf, SPX_N); - shake256_inc_absorb(s_inc, optrand, SPX_N); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(R, SPX_N, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, sk_prf, SPX_N); + shake256_inc_absorb(&state, optrand, SPX_N); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(R, SPX_N, &state); } /** @@ -64,14 +64,14 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_hash_message( unsigned char buf[SPX_DGST_BYTES]; unsigned char *bufp = buf; - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, R, SPX_N); - shake256_inc_absorb(s_inc, pk, SPX_PK_BYTES); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(buf, SPX_DGST_BYTES, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, R, SPX_N); + shake256_inc_absorb(&state, pk, SPX_PK_BYTES); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(buf, SPX_DGST_BYTES, &state); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-shake256-128s-robust/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-128s-robust/clean/hash_shake256.c index f636a41f..a897adf6 100644 --- a/crypto_sign/sphincs-shake256-128s-robust/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-128s-robust/clean/hash_shake256.c @@ -37,14 +37,14 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen) { - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, sk_prf, SPX_N); - shake256_inc_absorb(s_inc, optrand, SPX_N); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(R, SPX_N, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, sk_prf, SPX_N); + shake256_inc_absorb(&state, optrand, SPX_N); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(R, SPX_N, &state); } /** @@ -64,14 +64,14 @@ void PQCLEAN_SPHINCSSHAKE256128SROBUST_CLEAN_hash_message( unsigned char buf[SPX_DGST_BYTES]; unsigned char *bufp = buf; - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, R, SPX_N); - shake256_inc_absorb(s_inc, pk, SPX_PK_BYTES); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(buf, SPX_DGST_BYTES, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, R, SPX_N); + shake256_inc_absorb(&state, pk, SPX_PK_BYTES); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(buf, SPX_DGST_BYTES, &state); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-shake256-128s-simple/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-128s-simple/clean/hash_shake256.c index 2408a3e0..74d4ffeb 100644 --- a/crypto_sign/sphincs-shake256-128s-simple/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-128s-simple/clean/hash_shake256.c @@ -37,14 +37,14 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen) { - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, sk_prf, SPX_N); - shake256_inc_absorb(s_inc, optrand, SPX_N); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(R, SPX_N, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, sk_prf, SPX_N); + shake256_inc_absorb(&state, optrand, SPX_N); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(R, SPX_N, &state); } /** @@ -64,14 +64,14 @@ void PQCLEAN_SPHINCSSHAKE256128SSIMPLE_CLEAN_hash_message( unsigned char buf[SPX_DGST_BYTES]; unsigned char *bufp = buf; - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, R, SPX_N); - shake256_inc_absorb(s_inc, pk, SPX_PK_BYTES); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(buf, SPX_DGST_BYTES, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, R, SPX_N); + shake256_inc_absorb(&state, pk, SPX_PK_BYTES); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(buf, SPX_DGST_BYTES, &state); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-shake256-192f-robust/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-192f-robust/clean/hash_shake256.c index 6e5b7b07..49c8ae7b 100644 --- a/crypto_sign/sphincs-shake256-192f-robust/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-192f-robust/clean/hash_shake256.c @@ -37,14 +37,14 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen) { - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, sk_prf, SPX_N); - shake256_inc_absorb(s_inc, optrand, SPX_N); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(R, SPX_N, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, sk_prf, SPX_N); + shake256_inc_absorb(&state, optrand, SPX_N); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(R, SPX_N, &state); } /** @@ -64,14 +64,14 @@ void PQCLEAN_SPHINCSSHAKE256192FROBUST_CLEAN_hash_message( unsigned char buf[SPX_DGST_BYTES]; unsigned char *bufp = buf; - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, R, SPX_N); - shake256_inc_absorb(s_inc, pk, SPX_PK_BYTES); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(buf, SPX_DGST_BYTES, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, R, SPX_N); + shake256_inc_absorb(&state, pk, SPX_PK_BYTES); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(buf, SPX_DGST_BYTES, &state); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-shake256-192f-simple/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-192f-simple/clean/hash_shake256.c index d970155e..82e4430e 100644 --- a/crypto_sign/sphincs-shake256-192f-simple/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-192f-simple/clean/hash_shake256.c @@ -37,14 +37,14 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen) { - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, sk_prf, SPX_N); - shake256_inc_absorb(s_inc, optrand, SPX_N); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(R, SPX_N, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, sk_prf, SPX_N); + shake256_inc_absorb(&state, optrand, SPX_N); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(R, SPX_N, &state); } /** @@ -64,14 +64,14 @@ void PQCLEAN_SPHINCSSHAKE256192FSIMPLE_CLEAN_hash_message( unsigned char buf[SPX_DGST_BYTES]; unsigned char *bufp = buf; - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, R, SPX_N); - shake256_inc_absorb(s_inc, pk, SPX_PK_BYTES); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(buf, SPX_DGST_BYTES, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, R, SPX_N); + shake256_inc_absorb(&state, pk, SPX_PK_BYTES); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(buf, SPX_DGST_BYTES, &state); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-shake256-192s-robust/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-192s-robust/clean/hash_shake256.c index 6b4e0656..0181d11e 100644 --- a/crypto_sign/sphincs-shake256-192s-robust/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-192s-robust/clean/hash_shake256.c @@ -37,14 +37,14 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen) { - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, sk_prf, SPX_N); - shake256_inc_absorb(s_inc, optrand, SPX_N); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(R, SPX_N, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, sk_prf, SPX_N); + shake256_inc_absorb(&state, optrand, SPX_N); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(R, SPX_N, &state); } /** @@ -64,14 +64,14 @@ void PQCLEAN_SPHINCSSHAKE256192SROBUST_CLEAN_hash_message( unsigned char buf[SPX_DGST_BYTES]; unsigned char *bufp = buf; - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, R, SPX_N); - shake256_inc_absorb(s_inc, pk, SPX_PK_BYTES); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(buf, SPX_DGST_BYTES, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, R, SPX_N); + shake256_inc_absorb(&state, pk, SPX_PK_BYTES); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(buf, SPX_DGST_BYTES, &state); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-shake256-192s-simple/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-192s-simple/clean/hash_shake256.c index 5c79d478..7129db40 100644 --- a/crypto_sign/sphincs-shake256-192s-simple/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-192s-simple/clean/hash_shake256.c @@ -37,14 +37,14 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen) { - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, sk_prf, SPX_N); - shake256_inc_absorb(s_inc, optrand, SPX_N); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(R, SPX_N, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, sk_prf, SPX_N); + shake256_inc_absorb(&state, optrand, SPX_N); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(R, SPX_N, &state); } /** @@ -64,14 +64,14 @@ void PQCLEAN_SPHINCSSHAKE256192SSIMPLE_CLEAN_hash_message( unsigned char buf[SPX_DGST_BYTES]; unsigned char *bufp = buf; - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, R, SPX_N); - shake256_inc_absorb(s_inc, pk, SPX_PK_BYTES); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(buf, SPX_DGST_BYTES, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, R, SPX_N); + shake256_inc_absorb(&state, pk, SPX_PK_BYTES); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(buf, SPX_DGST_BYTES, &state); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-shake256-256f-robust/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-256f-robust/clean/hash_shake256.c index 308338b4..8fbf5cbf 100644 --- a/crypto_sign/sphincs-shake256-256f-robust/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-256f-robust/clean/hash_shake256.c @@ -37,14 +37,14 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen) { - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, sk_prf, SPX_N); - shake256_inc_absorb(s_inc, optrand, SPX_N); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(R, SPX_N, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, sk_prf, SPX_N); + shake256_inc_absorb(&state, optrand, SPX_N); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(R, SPX_N, &state); } /** @@ -64,14 +64,14 @@ void PQCLEAN_SPHINCSSHAKE256256FROBUST_CLEAN_hash_message( unsigned char buf[SPX_DGST_BYTES]; unsigned char *bufp = buf; - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, R, SPX_N); - shake256_inc_absorb(s_inc, pk, SPX_PK_BYTES); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(buf, SPX_DGST_BYTES, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, R, SPX_N); + shake256_inc_absorb(&state, pk, SPX_PK_BYTES); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(buf, SPX_DGST_BYTES, &state); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-shake256-256f-simple/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-256f-simple/clean/hash_shake256.c index db8875d7..9a1306e9 100644 --- a/crypto_sign/sphincs-shake256-256f-simple/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-256f-simple/clean/hash_shake256.c @@ -37,14 +37,14 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen) { - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, sk_prf, SPX_N); - shake256_inc_absorb(s_inc, optrand, SPX_N); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(R, SPX_N, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, sk_prf, SPX_N); + shake256_inc_absorb(&state, optrand, SPX_N); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(R, SPX_N, &state); } /** @@ -64,14 +64,14 @@ void PQCLEAN_SPHINCSSHAKE256256FSIMPLE_CLEAN_hash_message( unsigned char buf[SPX_DGST_BYTES]; unsigned char *bufp = buf; - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, R, SPX_N); - shake256_inc_absorb(s_inc, pk, SPX_PK_BYTES); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(buf, SPX_DGST_BYTES, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, R, SPX_N); + shake256_inc_absorb(&state, pk, SPX_PK_BYTES); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(buf, SPX_DGST_BYTES, &state); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-shake256-256s-robust/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-256s-robust/clean/hash_shake256.c index 41146c98..5aeb3db4 100644 --- a/crypto_sign/sphincs-shake256-256s-robust/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-256s-robust/clean/hash_shake256.c @@ -37,14 +37,14 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen) { - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, sk_prf, SPX_N); - shake256_inc_absorb(s_inc, optrand, SPX_N); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(R, SPX_N, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, sk_prf, SPX_N); + shake256_inc_absorb(&state, optrand, SPX_N); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(R, SPX_N, &state); } /** @@ -64,14 +64,14 @@ void PQCLEAN_SPHINCSSHAKE256256SROBUST_CLEAN_hash_message( unsigned char buf[SPX_DGST_BYTES]; unsigned char *bufp = buf; - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, R, SPX_N); - shake256_inc_absorb(s_inc, pk, SPX_PK_BYTES); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(buf, SPX_DGST_BYTES, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, R, SPX_N); + shake256_inc_absorb(&state, pk, SPX_PK_BYTES); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(buf, SPX_DGST_BYTES, &state); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES; diff --git a/crypto_sign/sphincs-shake256-256s-simple/clean/hash_shake256.c b/crypto_sign/sphincs-shake256-256s-simple/clean/hash_shake256.c index a0982585..acc211fb 100644 --- a/crypto_sign/sphincs-shake256-256s-simple/clean/hash_shake256.c +++ b/crypto_sign/sphincs-shake256-256s-simple/clean/hash_shake256.c @@ -37,14 +37,14 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_gen_message_random( unsigned char *R, const unsigned char *sk_prf, const unsigned char *optrand, const unsigned char *m, size_t mlen) { - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, sk_prf, SPX_N); - shake256_inc_absorb(s_inc, optrand, SPX_N); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(R, SPX_N, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, sk_prf, SPX_N); + shake256_inc_absorb(&state, optrand, SPX_N); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(R, SPX_N, &state); } /** @@ -64,14 +64,14 @@ void PQCLEAN_SPHINCSSHAKE256256SSIMPLE_CLEAN_hash_message( unsigned char buf[SPX_DGST_BYTES]; unsigned char *bufp = buf; - uint64_t s_inc[26]; + shake256incctx state; - shake256_inc_init(s_inc); - shake256_inc_absorb(s_inc, R, SPX_N); - shake256_inc_absorb(s_inc, pk, SPX_PK_BYTES); - shake256_inc_absorb(s_inc, m, mlen); - shake256_inc_finalize(s_inc); - shake256_inc_squeeze(buf, SPX_DGST_BYTES, s_inc); + shake256_inc_init(&state); + shake256_inc_absorb(&state, R, SPX_N); + shake256_inc_absorb(&state, pk, SPX_PK_BYTES); + shake256_inc_absorb(&state, m, mlen); + shake256_inc_finalize(&state); + shake256_inc_squeeze(buf, SPX_DGST_BYTES, &state); memcpy(digest, bufp, SPX_FORS_MSG_BYTES); bufp += SPX_FORS_MSG_BYTES;