1
1
mirror of https://github.com/henrydcase/pqc.git synced 2024-11-22 15:39:07 +00:00

Merge pull request #207 from PQClean/sphincs-abstract-state-dupe

Add abstract state duplication for SHA256 incremental hashing API
This commit is contained in:
Douglas Stebila 2019-07-30 21:48:30 -04:00 committed by GitHub
commit 83c974e45b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
14 changed files with 33 additions and 12 deletions

View File

@ -4,6 +4,7 @@
#include <stddef.h> #include <stddef.h>
#include <stdint.h> #include <stdint.h>
#include <string.h>
#include "sha2.h" #include "sha2.h"
@ -528,6 +529,22 @@ void sha512_inc_init(sha512ctx *state) {
} }
} }
void sha224_inc_clone_state(sha224ctx *stateout, const sha224ctx *statein) {
memcpy(stateout, statein, sizeof(sha224ctx));
}
void sha256_inc_clone_state(sha256ctx *stateout, const sha256ctx *statein) {
memcpy(stateout, statein, sizeof(sha256ctx));
}
void sha384_inc_clone_state(sha384ctx *stateout, const sha384ctx *statein) {
memcpy(stateout, statein, sizeof(sha384ctx));
}
void sha512_inc_clone_state(sha512ctx *stateout, const sha512ctx *statein) {
memcpy(stateout, statein, sizeof(sha512ctx));
}
void sha256_inc_blocks(sha256ctx *state, const uint8_t *in, size_t inblocks) { void sha256_inc_blocks(sha256ctx *state, const uint8_t *in, size_t inblocks) {
uint64_t bytes = load_bigendian_64(state->ctx + 32); uint64_t bytes = load_bigendian_64(state->ctx + 32);

View File

@ -25,21 +25,25 @@ typedef struct {
} sha512ctx; } sha512ctx;
void sha224_inc_init(sha224ctx *state); void sha224_inc_init(sha224ctx *state);
void sha224_inc_clone_state(sha224ctx *stateout, const sha224ctx *statein);
void sha224_inc_blocks(sha224ctx *state, const uint8_t *in, size_t inblocks); void sha224_inc_blocks(sha224ctx *state, const uint8_t *in, size_t inblocks);
void sha224_inc_finalize(uint8_t *out, sha224ctx *state, const uint8_t *in, size_t inlen); void sha224_inc_finalize(uint8_t *out, sha224ctx *state, const uint8_t *in, size_t inlen);
void sha224(uint8_t *out, const uint8_t *in, size_t inlen); void sha224(uint8_t *out, const uint8_t *in, size_t inlen);
void sha256_inc_init(sha256ctx *state); void sha256_inc_init(sha256ctx *state);
void sha256_inc_clone_state(sha256ctx *stateout, const sha256ctx *statein);
void sha256_inc_blocks(sha256ctx *state, const uint8_t *in, size_t inblocks); void sha256_inc_blocks(sha256ctx *state, const uint8_t *in, size_t inblocks);
void sha256_inc_finalize(uint8_t *out, sha256ctx *state, const uint8_t *in, size_t inlen); void sha256_inc_finalize(uint8_t *out, sha256ctx *state, const uint8_t *in, size_t inlen);
void sha256(uint8_t *out, const uint8_t *in, size_t inlen); void sha256(uint8_t *out, const uint8_t *in, size_t inlen);
void sha384_inc_init(sha384ctx *state); void sha384_inc_init(sha384ctx *state);
void sha384_inc_clone_state(sha384ctx *stateout, const sha384ctx *statein);
void sha384_inc_blocks(sha384ctx *state, const uint8_t *in, size_t inblocks); void sha384_inc_blocks(sha384ctx *state, const uint8_t *in, size_t inblocks);
void sha384_inc_finalize(uint8_t *out, sha384ctx *state, const uint8_t *in, size_t inlen); void sha384_inc_finalize(uint8_t *out, sha384ctx *state, const uint8_t *in, size_t inlen);
void sha384(uint8_t *out, const uint8_t *in, size_t inlen); void sha384(uint8_t *out, const uint8_t *in, size_t inlen);
void sha512_inc_init(sha512ctx *state); void sha512_inc_init(sha512ctx *state);
void sha512_inc_clone_state(sha512ctx *stateout, const sha512ctx *statein);
void sha512_inc_blocks(sha512ctx *state, const uint8_t *in, size_t inblocks); void sha512_inc_blocks(sha512ctx *state, const uint8_t *in, size_t inblocks);
void sha512_inc_finalize(uint8_t *out, sha512ctx *state, const uint8_t *in, size_t inlen); void sha512_inc_finalize(uint8_t *out, sha512ctx *state, const uint8_t *in, size_t inlen);
void sha512(uint8_t *out, const uint8_t *in, size_t inlen); void sha512(uint8_t *out, const uint8_t *in, size_t inlen);

View File

@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash(
PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES); PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
/* Retrieve precomputed state containing pub_seed */ /* Retrieve precomputed state containing pub_seed */
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); sha256_inc_clone_state(&sha2_state, hash_state_seeded);
for (i = 0; i < inblocks * SPX_N; i++) { for (i = 0; i < inblocks * SPX_N; i++) {
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i]; buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];

View File

@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_thash(
(void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */
/* Retrieve precomputed state containing pub_seed */ /* Retrieve precomputed state containing pub_seed */
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); sha256_inc_clone_state(&sha2_state, hash_state_seeded);
PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_compress_address(buf, addr); PQCLEAN_SPHINCSSHA256128FSIMPLE_CLEAN_compress_address(buf, addr);
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N); memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);

View File

@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash(
PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES); PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
/* Retrieve precomputed state containing pub_seed */ /* Retrieve precomputed state containing pub_seed */
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); sha256_inc_clone_state(&sha2_state, hash_state_seeded);
for (i = 0; i < inblocks * SPX_N; i++) { for (i = 0; i < inblocks * SPX_N; i++) {
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i]; buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];

View File

@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_thash(
(void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */
/* Retrieve precomputed state containing pub_seed */ /* Retrieve precomputed state containing pub_seed */
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); sha256_inc_clone_state(&sha2_state, hash_state_seeded);
PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_compress_address(buf, addr); PQCLEAN_SPHINCSSHA256128SSIMPLE_CLEAN_compress_address(buf, addr);
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N); memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);

View File

@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash(
PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES); PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
/* Retrieve precomputed state containing pub_seed */ /* Retrieve precomputed state containing pub_seed */
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); sha256_inc_clone_state(&sha2_state, hash_state_seeded);
for (i = 0; i < inblocks * SPX_N; i++) { for (i = 0; i < inblocks * SPX_N; i++) {
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i]; buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];

View File

@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_thash(
(void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */
/* Retrieve precomputed state containing pub_seed */ /* Retrieve precomputed state containing pub_seed */
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); sha256_inc_clone_state(&sha2_state, hash_state_seeded);
PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_compress_address(buf, addr); PQCLEAN_SPHINCSSHA256192FSIMPLE_CLEAN_compress_address(buf, addr);
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N); memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);

View File

@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash(
PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES); PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
/* Retrieve precomputed state containing pub_seed */ /* Retrieve precomputed state containing pub_seed */
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); sha256_inc_clone_state(&sha2_state, hash_state_seeded);
for (i = 0; i < inblocks * SPX_N; i++) { for (i = 0; i < inblocks * SPX_N; i++) {
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i]; buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];

View File

@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_thash(
(void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */
/* Retrieve precomputed state containing pub_seed */ /* Retrieve precomputed state containing pub_seed */
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); sha256_inc_clone_state(&sha2_state, hash_state_seeded);
PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_compress_address(buf, addr); PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_compress_address(buf, addr);
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N); memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);

View File

@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash(
PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES); PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
/* Retrieve precomputed state containing pub_seed */ /* Retrieve precomputed state containing pub_seed */
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); sha256_inc_clone_state(&sha2_state, hash_state_seeded);
for (i = 0; i < inblocks * SPX_N; i++) { for (i = 0; i < inblocks * SPX_N; i++) {
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i]; buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];

View File

@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_thash(
(void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */
/* Retrieve precomputed state containing pub_seed */ /* Retrieve precomputed state containing pub_seed */
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); sha256_inc_clone_state(&sha2_state, hash_state_seeded);
PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_compress_address(buf, addr); PQCLEAN_SPHINCSSHA256256FSIMPLE_CLEAN_compress_address(buf, addr);
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N); memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);

View File

@ -28,7 +28,7 @@ static void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash(
PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES); PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
/* Retrieve precomputed state containing pub_seed */ /* Retrieve precomputed state containing pub_seed */
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); sha256_inc_clone_state(&sha2_state, hash_state_seeded);
for (i = 0; i < inblocks * SPX_N; i++) { for (i = 0; i < inblocks * SPX_N; i++) {
buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i]; buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];

View File

@ -23,7 +23,7 @@ static void PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_thash(
(void)pub_seed; /* Suppress an 'unused parameter' warning. */ (void)pub_seed; /* Suppress an 'unused parameter' warning. */
/* Retrieve precomputed state containing pub_seed */ /* Retrieve precomputed state containing pub_seed */
memcpy(&sha2_state, hash_state_seeded, sizeof(sha256ctx)); sha256_inc_clone_state(&sha2_state, hash_state_seeded);
PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_compress_address(buf, addr); PQCLEAN_SPHINCSSHA256256SSIMPLE_CLEAN_compress_address(buf, addr);
memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N); memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);