You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
261 lines
8.2 KiB
261 lines
8.2 KiB
// keccakc.cpp - Keccak core functions shared between SHA3 and Keccak. |
|
// written and placed in the public domain by JW. |
|
|
|
/* |
|
The Keccak sponge function, designed by Guido Bertoni, Joan Daemen, |
|
Michael Peeters and Gilles Van Assche. For more information, feedback or |
|
questions, please refer to our website: http://keccak.noekeon.org/ |
|
|
|
Implementation by Ronny Van Keer, hereby denoted as "the implementer". |
|
|
|
To the extent possible under law, the implementer has waived all copyright |
|
and related or neighboring rights to the source code in this file. |
|
http://creativecommons.org/publicdomain/zero/1.0/ |
|
*/ |
|
|
|
#include "pch.h" |
|
#include "keccak.h" |
|
|
|
NAMESPACE_BEGIN(CryptoPP) |
|
|
|
// The Keccak core function |
|
extern void KeccakF1600(word64 *state); |
|
// The F1600 round constants |
|
extern const word64 KeccakF1600Constants[24]; |
|
|
|
NAMESPACE_END |
|
|
|
NAMESPACE_BEGIN(CryptoPP) |
|
|
|
CRYPTOPP_ALIGN_DATA(8) |
|
const word64 KeccakF1600Constants[24] = |
|
{ |
|
W64LIT(0x0000000000000001), W64LIT(0x0000000000008082), |
|
W64LIT(0x800000000000808a), W64LIT(0x8000000080008000), |
|
W64LIT(0x000000000000808b), W64LIT(0x0000000080000001), |
|
W64LIT(0x8000000080008081), W64LIT(0x8000000000008009), |
|
W64LIT(0x000000000000008a), W64LIT(0x0000000000000088), |
|
W64LIT(0x0000000080008009), W64LIT(0x000000008000000a), |
|
W64LIT(0x000000008000808b), W64LIT(0x800000000000008b), |
|
W64LIT(0x8000000000008089), W64LIT(0x8000000000008003), |
|
W64LIT(0x8000000000008002), W64LIT(0x8000000000000080), |
|
W64LIT(0x000000000000800a), W64LIT(0x800000008000000a), |
|
W64LIT(0x8000000080008081), W64LIT(0x8000000000008080), |
|
W64LIT(0x0000000080000001), W64LIT(0x8000000080008008) |
|
}; |
|
|
|
void KeccakF1600(word64 *state) |
|
{ |
|
word64 Aba, Abe, Abi, Abo, Abu; |
|
word64 Aga, Age, Agi, Ago, Agu; |
|
word64 Aka, Ake, Aki, Ako, Aku; |
|
word64 Ama, Ame, Ami, Amo, Amu; |
|
word64 Asa, Ase, Asi, Aso, Asu; |
|
word64 BCa, BCe, BCi, BCo, BCu; |
|
word64 Da, De, Di, Do, Du; |
|
word64 Eba, Ebe, Ebi, Ebo, Ebu; |
|
word64 Ega, Ege, Egi, Ego, Egu; |
|
word64 Eka, Eke, Eki, Eko, Eku; |
|
word64 Ema, Eme, Emi, Emo, Emu; |
|
word64 Esa, Ese, Esi, Eso, Esu; |
|
|
|
typedef BlockGetAndPut<word64, LittleEndian, true, true> Block; |
|
Block::Get(state)(Aba)(Abe)(Abi)(Abo)(Abu)(Aga)(Age)(Agi)(Ago)(Agu)(Aka)(Ake)(Aki)(Ako)(Aku)(Ama)(Ame)(Ami)(Amo)(Amu)(Asa)(Ase)(Asi)(Aso)(Asu); |
|
|
|
for( unsigned int round = 0; round < 24; round += 2 ) |
|
{ |
|
// prepareTheta |
|
BCa = Aba^Aga^Aka^Ama^Asa; |
|
BCe = Abe^Age^Ake^Ame^Ase; |
|
BCi = Abi^Agi^Aki^Ami^Asi; |
|
BCo = Abo^Ago^Ako^Amo^Aso; |
|
BCu = Abu^Agu^Aku^Amu^Asu; |
|
|
|
//thetaRhoPiChiIotaPrepareTheta(round , A, E) |
|
Da = BCu^rotlConstant<1>(BCe); |
|
De = BCa^rotlConstant<1>(BCi); |
|
Di = BCe^rotlConstant<1>(BCo); |
|
Do = BCi^rotlConstant<1>(BCu); |
|
Du = BCo^rotlConstant<1>(BCa); |
|
|
|
Aba ^= Da; |
|
BCa = Aba; |
|
Age ^= De; |
|
BCe = rotlConstant<44>(Age); |
|
Aki ^= Di; |
|
BCi = rotlConstant<43>(Aki); |
|
Amo ^= Do; |
|
BCo = rotlConstant<21>(Amo); |
|
Asu ^= Du; |
|
BCu = rotlConstant<14>(Asu); |
|
Eba = BCa ^((~BCe)& BCi ); |
|
Eba ^= KeccakF1600Constants[round]; |
|
Ebe = BCe ^((~BCi)& BCo ); |
|
Ebi = BCi ^((~BCo)& BCu ); |
|
Ebo = BCo ^((~BCu)& BCa ); |
|
Ebu = BCu ^((~BCa)& BCe ); |
|
|
|
Abo ^= Do; |
|
BCa = rotlConstant<28>(Abo); |
|
Agu ^= Du; |
|
BCe = rotlConstant<20>(Agu); |
|
Aka ^= Da; |
|
BCi = rotlConstant<3>(Aka); |
|
Ame ^= De; |
|
BCo = rotlConstant<45>(Ame); |
|
Asi ^= Di; |
|
BCu = rotlConstant<61>(Asi); |
|
Ega = BCa ^((~BCe)& BCi ); |
|
Ege = BCe ^((~BCi)& BCo ); |
|
Egi = BCi ^((~BCo)& BCu ); |
|
Ego = BCo ^((~BCu)& BCa ); |
|
Egu = BCu ^((~BCa)& BCe ); |
|
|
|
Abe ^= De; |
|
BCa = rotlConstant<1>(Abe); |
|
Agi ^= Di; |
|
BCe = rotlConstant<6>(Agi); |
|
Ako ^= Do; |
|
BCi = rotlConstant<25>(Ako); |
|
Amu ^= Du; |
|
BCo = rotlConstant<8>(Amu); |
|
Asa ^= Da; |
|
BCu = rotlConstant<18>(Asa); |
|
Eka = BCa ^((~BCe)& BCi ); |
|
Eke = BCe ^((~BCi)& BCo ); |
|
Eki = BCi ^((~BCo)& BCu ); |
|
Eko = BCo ^((~BCu)& BCa ); |
|
Eku = BCu ^((~BCa)& BCe ); |
|
|
|
Abu ^= Du; |
|
BCa = rotlConstant<27>(Abu); |
|
Aga ^= Da; |
|
BCe = rotlConstant<36>(Aga); |
|
Ake ^= De; |
|
BCi = rotlConstant<10>(Ake); |
|
Ami ^= Di; |
|
BCo = rotlConstant<15>(Ami); |
|
Aso ^= Do; |
|
BCu = rotlConstant<56>(Aso); |
|
Ema = BCa ^((~BCe)& BCi ); |
|
Eme = BCe ^((~BCi)& BCo ); |
|
Emi = BCi ^((~BCo)& BCu ); |
|
Emo = BCo ^((~BCu)& BCa ); |
|
Emu = BCu ^((~BCa)& BCe ); |
|
|
|
Abi ^= Di; |
|
BCa = rotlConstant<62>(Abi); |
|
Ago ^= Do; |
|
BCe = rotlConstant<55>(Ago); |
|
Aku ^= Du; |
|
BCi = rotlConstant<39>(Aku); |
|
Ama ^= Da; |
|
BCo = rotlConstant<41>(Ama); |
|
Ase ^= De; |
|
BCu = rotlConstant<2>(Ase); |
|
Esa = BCa ^((~BCe)& BCi ); |
|
Ese = BCe ^((~BCi)& BCo ); |
|
Esi = BCi ^((~BCo)& BCu ); |
|
Eso = BCo ^((~BCu)& BCa ); |
|
Esu = BCu ^((~BCa)& BCe ); |
|
|
|
// prepareTheta |
|
BCa = Eba^Ega^Eka^Ema^Esa; |
|
BCe = Ebe^Ege^Eke^Eme^Ese; |
|
BCi = Ebi^Egi^Eki^Emi^Esi; |
|
BCo = Ebo^Ego^Eko^Emo^Eso; |
|
BCu = Ebu^Egu^Eku^Emu^Esu; |
|
|
|
//thetaRhoPiChiIotaPrepareTheta(round+1, E, A) |
|
Da = BCu^rotlConstant<1>(BCe); |
|
De = BCa^rotlConstant<1>(BCi); |
|
Di = BCe^rotlConstant<1>(BCo); |
|
Do = BCi^rotlConstant<1>(BCu); |
|
Du = BCo^rotlConstant<1>(BCa); |
|
|
|
Eba ^= Da; |
|
BCa = Eba; |
|
Ege ^= De; |
|
BCe = rotlConstant<44>(Ege); |
|
Eki ^= Di; |
|
BCi = rotlConstant<43>(Eki); |
|
Emo ^= Do; |
|
BCo = rotlConstant<21>(Emo); |
|
Esu ^= Du; |
|
BCu = rotlConstant<14>(Esu); |
|
Aba = BCa ^((~BCe)& BCi ); |
|
Aba ^= KeccakF1600Constants[round+1]; |
|
Abe = BCe ^((~BCi)& BCo ); |
|
Abi = BCi ^((~BCo)& BCu ); |
|
Abo = BCo ^((~BCu)& BCa ); |
|
Abu = BCu ^((~BCa)& BCe ); |
|
|
|
Ebo ^= Do; |
|
BCa = rotlConstant<28>(Ebo); |
|
Egu ^= Du; |
|
BCe = rotlConstant<20>(Egu); |
|
Eka ^= Da; |
|
BCi = rotlConstant<3>(Eka); |
|
Eme ^= De; |
|
BCo = rotlConstant<45>(Eme); |
|
Esi ^= Di; |
|
BCu = rotlConstant<61>(Esi); |
|
Aga = BCa ^((~BCe)& BCi ); |
|
Age = BCe ^((~BCi)& BCo ); |
|
Agi = BCi ^((~BCo)& BCu ); |
|
Ago = BCo ^((~BCu)& BCa ); |
|
Agu = BCu ^((~BCa)& BCe ); |
|
|
|
Ebe ^= De; |
|
BCa = rotlConstant<1>(Ebe); |
|
Egi ^= Di; |
|
BCe = rotlConstant<6>(Egi); |
|
Eko ^= Do; |
|
BCi = rotlConstant<25>(Eko); |
|
Emu ^= Du; |
|
BCo = rotlConstant<8>(Emu); |
|
Esa ^= Da; |
|
BCu = rotlConstant<18>(Esa); |
|
Aka = BCa ^((~BCe)& BCi ); |
|
Ake = BCe ^((~BCi)& BCo ); |
|
Aki = BCi ^((~BCo)& BCu ); |
|
Ako = BCo ^((~BCu)& BCa ); |
|
Aku = BCu ^((~BCa)& BCe ); |
|
|
|
Ebu ^= Du; |
|
BCa = rotlConstant<27>(Ebu); |
|
Ega ^= Da; |
|
BCe = rotlConstant<36>(Ega); |
|
Eke ^= De; |
|
BCi = rotlConstant<10>(Eke); |
|
Emi ^= Di; |
|
BCo = rotlConstant<15>(Emi); |
|
Eso ^= Do; |
|
BCu = rotlConstant<56>(Eso); |
|
Ama = BCa ^((~BCe)& BCi ); |
|
Ame = BCe ^((~BCi)& BCo ); |
|
Ami = BCi ^((~BCo)& BCu ); |
|
Amo = BCo ^((~BCu)& BCa ); |
|
Amu = BCu ^((~BCa)& BCe ); |
|
|
|
Ebi ^= Di; |
|
BCa = rotlConstant<62>(Ebi); |
|
Ego ^= Do; |
|
BCe = rotlConstant<55>(Ego); |
|
Eku ^= Du; |
|
BCi = rotlConstant<39>(Eku); |
|
Ema ^= Da; |
|
BCo = rotlConstant<41>(Ema); |
|
Ese ^= De; |
|
BCu = rotlConstant<2>(Ese); |
|
Asa = BCa ^((~BCe)& BCi ); |
|
Ase = BCe ^((~BCi)& BCo ); |
|
Asi = BCi ^((~BCo)& BCu ); |
|
Aso = BCo ^((~BCu)& BCa ); |
|
Asu = BCu ^((~BCa)& BCe ); |
|
} |
|
|
|
Block::Put(NULLPTR, state)(Aba)(Abe)(Abi)(Abo)(Abu)(Aga)(Age)(Agi)(Ago)(Agu)(Aka)(Ake)(Aki)(Ako)(Aku)(Ama)(Ame)(Ami)(Amo)(Amu)(Asa)(Ase)(Asi)(Aso)(Asu); |
|
} |
|
|
|
NAMESPACE_END
|
|
|