diff options
author | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2015-10-25 20:34:50 +0200 |
---|---|---|
committer | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2015-10-31 20:21:48 +0200 |
commit | c0b9eee2d93a13930244f9ce0c14ed6b4aeb6c29 (patch) | |
tree | e915cb99b1e0cf5807e4512b7920fd113b4f6fb3 /cipher/hash-common.c | |
parent | 28de6f9e16e386018e81a9cdaee596be7616ccab (diff) | |
download | libgcrypt-c0b9eee2d93a13930244f9ce0c14ed6b4aeb6c29.tar.gz |
Keccak: Add SHAKE Extendable-Output Functions
* src/hash-common.c (_gcry_hash_selftest_check_one): Add handling for
XOFs.
* src/keccak.c (keccak_ops_t): Rename 'extract_inplace' to 'extract'
and add 'pos' argument.
(KECCAK_CONTEXT): Add 'suffix'.
(keccak_extract_inplace64): Rename to...
(keccak_extract64): ...this; Add handling for 'pos' argument.
(keccak_extract_inplace32bi): Rename to...
(keccak_extract32bi): ...this; Add handling for 'pos' argument.
(keccak_extract_inplace64): Rename to...
(keccak_extract64): ...this; Add handling for 'pos' argument.
(keccak_extract_inplace32bi_bmi2): Rename to...
(keccak_extract32bi_bmi2): ...this; Add handling for 'pos' argument.
(keccak_init): Setup 'suffix'; add SHAKE128 & SHAKE256.
(shake128_init, shake256_init): New.
(keccak_final): Do not initial permute for SHAKE output; use correct
suffix for SHAKE.
(keccak_extract): New.
(keccak_selftests_keccak): Add SHAKE128 & SHAKE256 test-vectors.
(run_selftests): Add SHAKE128 & SHAKE256.
(shake128_asn, oid_spec_shake128, shake256_asn, oid_spec_shake256)
(_gcry_digest_spec_shake128, _gcry_digest_spec_shake256): New.
* cipher/md.c (digest_list): Add SHAKE128 & SHAKE256.
* doc/gcrypt.texi: Ditto.
* src/cipher.h (_gcry_digest_spec_shake128)
(_gcry_digest_spec_shake256): New.
* src/gcrypt.h.in (GCRY_MD_SHAKE128, GCRY_MD_SHAKE256): New.
* tests/basic.c (check_one_md): Add XOF check; Add 'elen' argument.
(check_one_md_multi): Skip if algo is XOF.
(check_digests): Add SHAKE128 & SHAKE256 test vectors.
* tests/bench-slope.c (kdf_bench_one): Skip XOFs.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Diffstat (limited to 'cipher/hash-common.c')
-rw-r--r-- | cipher/hash-common.c | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/cipher/hash-common.c b/cipher/hash-common.c index 6743f09b..a750d644 100644 --- a/cipher/hash-common.c +++ b/cipher/hash-common.c @@ -49,8 +49,12 @@ _gcry_hash_selftest_check_one (int algo, gcry_error_t err = 0; gcry_md_hd_t hd; unsigned char *digest; + char aaa[1000]; + int xof = 0; - if (_gcry_md_get_algo_dlen (algo) != expectlen) + if (_gcry_md_get_algo_dlen (algo) == 0) + xof = 1; + else if (_gcry_md_get_algo_dlen (algo) != expectlen) return "digest size does not match expected size"; err = _gcry_md_open (&hd, algo, 0); @@ -65,7 +69,6 @@ _gcry_hash_selftest_check_one (int algo, case 1: /* Hash one million times an "a". */ { - char aaa[1000]; int i; /* Write in odd size chunks so that we test the buffering. */ @@ -81,10 +84,23 @@ _gcry_hash_selftest_check_one (int algo, if (!result) { - digest = _gcry_md_read (hd, algo); - - if ( memcmp (digest, expect, expectlen) ) - result = "digest mismatch"; + if (!xof) + { + digest = _gcry_md_read (hd, algo); + + if ( memcmp (digest, expect, expectlen) ) + result = "digest mismatch"; + } + else + { + gcry_assert(expectlen <= sizeof(aaa)); + + err = _gcry_md_extract (hd, algo, aaa, expectlen); + if (err) + result = "error extracting output from XOF"; + else if ( memcmp (aaa, expect, expectlen) ) + result = "digest mismatch"; + } } _gcry_md_close (hd); |