Commit f8c32ba5 authored by Michael Hamburg's avatar Michael Hamburg

knock out some TODOs

parent d5017536
......@@ -122,11 +122,11 @@ void
decaf_255_sign_shake (
decaf_255_signature_t sig,
const decaf_255_private_key_t priv,
const keccak_sponge_t shake
const shake256_ctx_t shake
) NONNULL3 API_VIS;
/**
* @brief Sign a message from its SHAKE context.
* @brief Sign a message.
*
* @param [out] sig The signature.
* @param [in] priv Your private key.
......@@ -152,7 +152,7 @@ decaf_bool_t
decaf_255_verify_shake (
const decaf_255_signature_t sig,
const decaf_255_public_key_t pub,
const keccak_sponge_t shake
const shake256_ctx_t shake
) NONNULL3 API_VIS WARN_UNUSED;
/**
......
......@@ -26,7 +26,6 @@
#define NONNULL3 __attribute__((nonnull(1,2,3)))
/** @endcond */
/* TODO: different containing structs for each primitive? */
#ifndef INTERNAL_SPONGE_STRUCT
/** Sponge container object for the various primitives. */
typedef struct keccak_sponge_s {
......@@ -119,40 +118,48 @@ void sponge_hash (
/** @cond internal */
#define DECSHAKE(n) \
extern const struct kparams_s SHAKE##n##_params_s API_VIS; \
static inline void NONNULL1 shake##n##_init(keccak_sponge_t sponge) { \
typedef struct shake##n##_ctx_s { keccak_sponge_t s; } shake##n##_ctx_t[1]; \
static inline void NONNULL1 shake##n##_init(shake##n##_ctx_t sponge) { \
sponge_init(sponge->s, &SHAKE##n##_params_s); \
} \
static inline void NONNULL1 shake##n##_gen_init(keccak_sponge_t sponge) { \
sponge_init(sponge, &SHAKE##n##_params_s); \
} \
static inline void NONNULL2 shake##n##_update(keccak_sponge_t sponge, const uint8_t *in, size_t inlen ) { \
sha3_update(sponge, in, inlen); \
static inline void NONNULL2 shake##n##_update(shake##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \
sha3_update(sponge->s, in, inlen); \
} \
static inline void NONNULL2 shake##n##_final(keccak_sponge_t sponge, uint8_t *out, size_t outlen ) { \
sha3_output(sponge, out, outlen); \
sponge_init(sponge, &SHAKE##n##_params_s); \
static inline void NONNULL2 shake##n##_final(shake##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \
sha3_output(sponge->s, out, outlen); \
sponge_init(sponge->s, &SHAKE##n##_params_s); \
} \
static inline void NONNULL13 shake##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \
sponge_hash(in,inlen,out,outlen,&SHAKE##n##_params_s); \
} \
static inline void NONNULL1 shake##n##_destroy( keccak_sponge_t sponge ) { \
sponge_destroy(sponge); \
static inline void NONNULL1 shake##n##_destroy( shake##n##_ctx_t sponge ) { \
sponge_destroy(sponge->s); \
}
#define DECSHA3(n) \
extern const struct kparams_s SHA3_##n##_params_s API_VIS; \
static inline void NONNULL1 sha3_##n##_init(keccak_sponge_t sponge) { \
typedef struct sha3_##n##_ctx_s { keccak_sponge_t s; } sha3_##n##_ctx_t[1]; \
static inline void NONNULL1 sha3_##n##_init(sha3_##n##_ctx_t sponge) { \
sponge_init(sponge->s, &SHA3_##n##_params_s); \
} \
static inline void NONNULL1 sha3_##n##_gen_init(keccak_sponge_t sponge) { \
sponge_init(sponge, &SHA3_##n##_params_s); \
} \
static inline void NONNULL2 sha3_##n##_update(keccak_sponge_t sponge, const uint8_t *in, size_t inlen ) { \
sha3_update(sponge, in, inlen); \
static inline void NONNULL2 sha3_##n##_update(sha3_##n##_ctx_t sponge, const uint8_t *in, size_t inlen ) { \
sha3_update(sponge->s, in, inlen); \
} \
static inline void NONNULL2 sha3_##n##_final(keccak_sponge_t sponge, uint8_t *out, size_t outlen ) { \
sha3_output(sponge, out, outlen); \
sponge_init(sponge, &SHA3_##n##_params_s); \
static inline void NONNULL2 sha3_##n##_final(sha3_##n##_ctx_t sponge, uint8_t *out, size_t outlen ) { \
sha3_output(sponge->s, out, outlen); \
sponge_init(sponge->s, &SHA3_##n##_params_s); \
} \
static inline void NONNULL13 sha3_##n##_hash(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { \
sponge_hash(in,inlen,out,outlen,&SHA3_##n##_params_s); \
} \
static inline void NONNULL1 sha3_##n##_destroy( keccak_sponge_t sponge ) { \
sponge_destroy(sponge); \
static inline void NONNULL1 sha3_##n##_destroy(sha3_##n##_ctx_t sponge) { \
sponge_destroy(sponge->s); \
}
/** @endcond */
......@@ -253,7 +260,6 @@ extern const struct kparams_s STROBE_256 API_VIS;
extern const struct kparams_s STROBE_KEYED_128 API_VIS;
extern const struct kparams_s STROBE_KEYED_256 API_VIS;
/** TODO: remove this restriction?? */
#define STROBE_MAX_AUTH_BYTES 255
/** TODO: check "more" flags? */
......
......@@ -81,7 +81,6 @@ const decaf_448_point_t decaf_448_point_base = {{
struct decaf_448_precomputed_s { decaf_448_point_t p[1]; };
/* FIXME: restore */
const struct decaf_448_precomputed_s *decaf_448_precomputed_base =
(const struct decaf_448_precomputed_s *)decaf_448_point_base;
......
......@@ -21,7 +21,7 @@ void decaf_255_derive_private_key (
uint8_t encoded_scalar[DECAF_255_SCALAR_OVERKILL_BYTES];
decaf_255_point_t pub;
keccak_sponge_t sponge;
shake256_ctx_t sponge;
shake256_init(sponge);
shake256_update(sponge, proto, sizeof(decaf_255_symmetric_key_t));
shake256_update(sponge, (const unsigned char *)magic, strlen(magic));
......@@ -77,7 +77,7 @@ decaf_255_shared_secret (
}
less >>= 8;
keccak_sponge_t sponge;
shake256_ctx_t sponge;
shake256_init(sponge);
/* update the lesser */
......@@ -117,7 +117,7 @@ void
decaf_255_sign_shake (
decaf_255_signature_t sig,
const decaf_255_private_key_t priv,
const keccak_sponge_t shake
const shake256_ctx_t shake
) {
const char *magic = "decaf_255_sign_shake";
......@@ -126,7 +126,7 @@ decaf_255_sign_shake (
decaf_255_scalar_t nonce, challenge;
/* Derive nonce */
keccak_sponge_t ctx;
shake256_ctx_t ctx;
memcpy(ctx, shake, sizeof(ctx));
shake256_update(ctx, priv->sym, sizeof(priv->sym));
shake256_update(ctx, (const unsigned char *)magic, strlen(magic));
......@@ -163,7 +163,7 @@ decaf_bool_t
decaf_255_verify_shake (
const decaf_255_signature_t sig,
const decaf_255_public_key_t pub,
const keccak_sponge_t shake
const shake256_ctx_t shake
) {
decaf_bool_t ret;
......@@ -172,7 +172,7 @@ decaf_255_verify_shake (
decaf_255_scalar_t challenge, response;
/* Derive challenge */
keccak_sponge_t ctx;
shake256_ctx_t ctx;
memcpy(ctx, shake, sizeof(ctx));
shake256_update(ctx, pub, sizeof(decaf_255_public_key_t));
shake256_update(ctx, sig, DECAF_255_SER_BYTES);
......@@ -201,7 +201,7 @@ decaf_255_sign (
const unsigned char *message,
size_t message_len
) {
keccak_sponge_t ctx;
shake256_ctx_t ctx;
shake256_init(ctx);
shake256_update(ctx, message, message_len);
decaf_255_sign_shake(sig, priv, ctx);
......@@ -215,7 +215,7 @@ decaf_255_verify (
const unsigned char *message,
size_t message_len
) {
keccak_sponge_t ctx;
shake256_ctx_t ctx;
shake256_init(ctx);
shake256_update(ctx, message, message_len);
decaf_bool_t ret = decaf_255_verify_shake(sig, pub, ctx);
......
......@@ -151,7 +151,8 @@ int main(int argc, char **argv) {
}
scalar_print("sc_r2", smadj);
API_NS(scalar_sub)(smadj,API_NS(scalar_zero),API_NS(scalar_one)); /* HACK */
API_NS(scalar_sub)(smadj,API_NS(scalar_zero),API_NS(scalar_one)); /* get p-1 */
unsigned long long w = 1, plo = smadj->limb[0]+1;
#if DECAF_WORD_BITS == 32
......
......@@ -618,7 +618,7 @@ p448_mulw (
vo[1] += vmovn_u64(accum);
}
/* TODO: vectorize? */
/* PERF: vectorize? */
void
p448_strong_reduce (
p448_t *a
......
......@@ -7,10 +7,6 @@
#include <stdint.h>
/* TODO: non x86-64 versions of these.
* FUTURE: autogenerate
*/
static __inline__ __uint128_t widemul(const uint64_t *a, const uint64_t *b) {
#ifndef __BMI2__
uint64_t c,d;
......
......@@ -669,11 +669,13 @@ decaf_bool_t strobe_prng (
size_t len,
uint8_t more
) {
/* FIXME: length?? */
unsigned char control[] = { PRNG };
unsigned char control[9] = { PRNG };
int i;
for (i=0; i<8; i++) control[i+1] = len>>(8*i);
decaf_bool_t ret = strobe_control_word(sponge, control, sizeof(control), more);
strobe_duplex(sponge, out, NULL, len);
// /** TODO: orly? */
// TODO: forget as follows? this breaks "more"
// unsigned char control2[] = { 0, STROBE_FORGET_BYTES, TAGFORGET };
// ret &= strobe_control_word(sponge, control2, sizeof(control2));
// strobe_forget(sponge, STROBE_FORGET_BYTES);
......@@ -681,7 +683,6 @@ decaf_bool_t strobe_prng (
return ret;
}
/* TODO: remove reliance on decaf? */
decaf_bool_t strobe_verify_auth (
keccak_sponge_t sponge,
const unsigned char *in,
......@@ -720,4 +721,4 @@ decaf_bool_t strobe_respec (
return ret;
}
/* TODO: Keyak instances, etc */
/* FUTURE: Keyak instances, etc */
......@@ -20,28 +20,28 @@ int main(int argc, char **argv) {
unsigned char buf[1024];
unsigned int outlen = 512;
shake256_init(sponge);
shake256_gen_init(sponge);
/* Sloppy. Real utility would parse --algo, --size ... */
if (argc > 1) {
if (!strcmp(argv[1], "shake256") || !strcmp(argv[1], "SHAKE256")) {
outlen = 512;
shake256_init(sponge);
shake256_gen_init(sponge);
} else if (!strcmp(argv[1], "shake128") || !strcmp(argv[1], "SHAKE128")) {
outlen = 512;
shake128_init(sponge);
shake128_gen_init(sponge);
} else if (!strcmp(argv[1], "sha3-224") || !strcmp(argv[1], "SHA3-224")) {
outlen = 224/8;
sha3_224_init(sponge);
sha3_224_gen_init(sponge);
} else if (!strcmp(argv[1], "sha3-256") || !strcmp(argv[1], "SHA3-256")) {
outlen = 256/8;
sha3_256_init(sponge);
sha3_256_gen_init(sponge);
} else if (!strcmp(argv[1], "sha3-384") || !strcmp(argv[1], "SHA3-384")) {
outlen = 384/8;
sha3_384_init(sponge);
sha3_384_gen_init(sponge);
} else if (!strcmp(argv[1], "sha3-512") || !strcmp(argv[1], "SHA3-512")) {
outlen = 512/8;
sha3_512_init(sponge);
sha3_512_gen_init(sponge);
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment