/*
* Copyright (C) 2006-2009 Vincent Hanquez <vincent@snarc.org>
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef CRYPTONITE_DECAF_SHAKE_H
#define CRYPTONITE_DECAF_SHAKE_H
#include "cryptonite_sha3.h"
#include <decaf/common.h>
#define CHUNK_SIZE_32 0x80000000
typedef struct sha3_shake256_ctx
{
struct sha3_ctx sc[1];
uint8_t filler[136]; // 200 - 2*(256/8)
}
cryptonite_decaf_shake256_ctx_t[1];
static inline void cryptonite_decaf_shake256_init(cryptonite_decaf_shake256_ctx_t ctx)
{
cryptonite_sha3_init(ctx -> sc, 256);
}
static inline void cryptonite_decaf_shake256_update(cryptonite_decaf_shake256_ctx_t ctx, const uint8_t *in, size_t inlen)
{
#if __SIZE_MAX__ > UINT32_MAX
// split data over 4 GB in 2-GB chunks
while (inlen > UINT32_MAX) {
cryptonite_sha3_update(ctx -> sc, in, CHUNK_SIZE_32);
inlen -= CHUNK_SIZE_32;
in += CHUNK_SIZE_32;
}
#endif
cryptonite_sha3_update(ctx -> sc, in, (uint32_t) inlen);
}
static inline void cryptonite_decaf_shake256_output(cryptonite_decaf_shake256_ctx_t ctx, uint8_t *out, size_t outlen) {
#if __SIZE_MAX__ > UINT32_MAX
// split data over 4 GB in 2-GB chunks
while (outlen > UINT32_MAX) {
cryptonite_sha3_output(ctx -> sc, out, CHUNK_SIZE_32);
outlen -= CHUNK_SIZE_32;
out += CHUNK_SIZE_32;
}
#endif
cryptonite_sha3_output(ctx -> sc, out, (uint32_t) outlen);
}
static inline void cryptonite_decaf_shake256_final(cryptonite_decaf_shake256_ctx_t ctx, uint8_t *out, size_t outlen)
{
cryptonite_sha3_finalize_shake(ctx -> sc);
cryptonite_decaf_shake256_output(ctx, out, outlen);
cryptonite_decaf_shake256_init(ctx);
}
static inline void cryptonite_decaf_shake256_destroy(cryptonite_decaf_shake256_ctx_t ctx)
{
cryptonite_decaf_bzero(ctx, sizeof(*ctx));
}
static inline void cryptonite_decaf_shake256_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen)
{
cryptonite_decaf_shake256_ctx_t ctx;
cryptonite_decaf_shake256_init(ctx);
cryptonite_decaf_shake256_update(ctx, in, inlen);
cryptonite_sha3_finalize_shake(ctx -> sc);
cryptonite_decaf_shake256_output(ctx, out, outlen);
cryptonite_decaf_shake256_destroy(ctx);
}
#endif