2013-03-07 14:56:48 +00:00
|
|
|
/*
|
|
|
|
|
* This file is a part of Pcompress, a chunked parallel multi-
|
|
|
|
|
* algorithm lossless compression and decompression program.
|
|
|
|
|
*
|
|
|
|
|
* Copyright (C) 2012-2013 Moinak Ghosh. All rights reserved.
|
|
|
|
|
* Use is subject to license terms.
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
* version 3 of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
|
* License along with this program.
|
|
|
|
|
* If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
*
|
|
|
|
|
* moinakg@belenix.org, http://moinakg.wordpress.com/
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
|
2012-12-08 08:49:01 +00:00
|
|
|
/*
|
|
|
|
|
The Keccak sponge function, designed by Guido Bertoni, Joan Daemen,
|
|
|
|
|
Michaël Peeters and Gilles Van Assche. For more information, feedback or
|
|
|
|
|
questions, please refer to our website: http://keccak.noekeon.org/
|
|
|
|
|
|
|
|
|
|
Implementation by the designers,
|
|
|
|
|
hereby denoted as "the implementer".
|
|
|
|
|
|
|
|
|
|
To the extent possible under law, the implementer has waived all copyright
|
|
|
|
|
and related or neighboring rights to the source code in this file.
|
|
|
|
|
http://creativecommons.org/publicdomain/zero/1.0/
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include "KeccakDuplex.h"
|
|
|
|
|
#include "KeccakF-1600-interface.h"
|
|
|
|
|
#ifdef KeccakReference
|
|
|
|
|
#include "displayIntermediateValues.h"
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
int InitDuplex(duplexState *state, unsigned int rate, unsigned int capacity)
|
|
|
|
|
{
|
|
|
|
|
if (rate+capacity != 1600)
|
|
|
|
|
return 1;
|
|
|
|
|
if ((rate <= 0) || (rate > 1600))
|
|
|
|
|
return 1;
|
|
|
|
|
KeccakInitialize();
|
|
|
|
|
state->rate = rate;
|
|
|
|
|
state->capacity = capacity;
|
|
|
|
|
state->rho_max = rate-2;
|
|
|
|
|
KeccakInitializeState(state->state);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int Duplexing(duplexState *state, const unsigned char *in, unsigned int inBitLen, unsigned char *out, unsigned int outBitLen)
|
|
|
|
|
{
|
|
|
|
|
ALIGN unsigned char block[KeccakPermutationSizeInBytes];
|
|
|
|
|
|
|
|
|
|
if (inBitLen > state->rho_max)
|
|
|
|
|
return 1;
|
|
|
|
|
if ((inBitLen % 8) != 0) {
|
|
|
|
|
unsigned char mask = ~((1 << (inBitLen % 8)) - 1);
|
|
|
|
|
if ((in[inBitLen/8] & mask) != 0)
|
|
|
|
|
return 1; // The bits of the last incomplete byte must be aligned on the LSB
|
|
|
|
|
}
|
|
|
|
|
if (outBitLen > state->rate)
|
|
|
|
|
return 1; // The output length must not be greater than the rate
|
|
|
|
|
|
|
|
|
|
memcpy(block, in, (inBitLen+7)/8);
|
|
|
|
|
memset(block+(inBitLen+7)/8, 0, ((state->rate+63)/64)*8 - (inBitLen+7)/8);
|
|
|
|
|
|
|
|
|
|
block[inBitLen/8] |= 1 << (inBitLen%8);
|
|
|
|
|
block[(state->rate-1)/8] |= 1 << ((state->rate-1) % 8);
|
|
|
|
|
|
|
|
|
|
#ifdef KeccakReference
|
|
|
|
|
displayBytes(1, "Block to be absorbed (after padding)", block, (state->rate+7)/8);
|
|
|
|
|
#endif
|
|
|
|
|
KeccakAbsorb(state->state, block, (state->rate+63)/64);
|
|
|
|
|
|
|
|
|
|
KeccakExtract(state->state, block, (state->rate+63)/64);
|
|
|
|
|
memcpy(out, block, (outBitLen+7)/8);
|
|
|
|
|
if ((outBitLen % 8) != 0) {
|
|
|
|
|
unsigned char mask = (1 << (outBitLen % 8)) - 1;
|
|
|
|
|
out[outBitLen/8] &= mask;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
