xref: /freebsd/crypto/libecc/include/libecc/hash/shake256.h (revision f0865ec9906d5a18fa2a3b61381f22ce16e606ad) 
1 /*
2  *  Copyright (C) 2021 - This file is part of libecc project
3  *
4  *  Authors:
5  *      Ryad BENADJILA <ryadbenadjila@gmail.com>
6  *      Arnaud EBALARD <arnaud.ebalard@ssi.gouv.fr>
7  *
8  *  This software is licensed under a dual BSD and GPL v2 license.
9  *  See LICENSE file at the root folder of the project.
10  */
11 #include <libecc/lib_ecc_config.h>
12 #ifdef WITH_HASH_SHAKE256
13 
14 #ifndef __SHAKE256_H__
15 #define __SHAKE256_H__
16 
17 #include <libecc/words/words.h>
18 #include <libecc/utils/utils.h>
19 #include <libecc/hash/shake.h>
20 
21 /* NOTE: this is an instantiation of SHAKE256 with
22  * maximum size of 114 bytes, specifically suited for EdDSA Ed448
23  * signature scheme.
24  */
25 #define SHAKE256_BLOCK_SIZE   136
26 #define SHAKE256_DIGEST_SIZE  114
27 #define SHAKE256_DIGEST_SIZE_BITS  912
28 
29 /* Compute max hash digest and block sizes */
30 #ifndef MAX_DIGEST_SIZE
31 #define MAX_DIGEST_SIZE	0
32 #endif
33 #if (MAX_DIGEST_SIZE < SHAKE256_DIGEST_SIZE)
34 #undef MAX_DIGEST_SIZE
35 #define MAX_DIGEST_SIZE SHAKE256_DIGEST_SIZE
36 #endif
37 
38 #ifndef MAX_DIGEST_SIZE_BITS
39 #define MAX_DIGEST_SIZE_BITS    0
40 #endif
41 #if (MAX_DIGEST_SIZE_BITS < SHAKE256_DIGEST_SIZE_BITS)
42 #undef MAX_DIGEST_SIZE_BITS
43 #define MAX_DIGEST_SIZE_BITS SHAKE256_DIGEST_SIZE_BITS
44 #endif
45 
46 #ifndef MAX_BLOCK_SIZE
47 #define MAX_BLOCK_SIZE  0
48 #endif
49 #if (MAX_BLOCK_SIZE < SHAKE256_BLOCK_SIZE)
50 #undef MAX_BLOCK_SIZE
51 #define MAX_BLOCK_SIZE SHAKE256_BLOCK_SIZE
52 #endif
53 
54 #define SHAKE256_HASH_MAGIC ((word_t)(0x4326763238134567ULL))
55 #define SHAKE256_HASH_CHECK_INITIALIZED(A, ret, err) \
56         MUST_HAVE((((void *)(A)) != NULL) && ((A)->magic == SHAKE256_HASH_MAGIC), ret, err)
57 
58 typedef shake_context shake256_context;
59 
60 ATTRIBUTE_WARN_UNUSED_RET int shake256_init(shake256_context *ctx);
61 ATTRIBUTE_WARN_UNUSED_RET int shake256_update(shake256_context *ctx, const u8 *input, u32 ilen);
62 ATTRIBUTE_WARN_UNUSED_RET int shake256_final(shake256_context *ctx, u8 output[SHAKE256_DIGEST_SIZE]);
63 ATTRIBUTE_WARN_UNUSED_RET int shake256_scattered(const u8 **inputs, const u32 *ilens,
64 			u8 output[SHAKE256_DIGEST_SIZE]);
65 ATTRIBUTE_WARN_UNUSED_RET int shake256(const u8 *input, u32 ilen, u8 output[SHAKE256_DIGEST_SIZE]);
66 
67 #endif /* __SHAKE256_H__ */
68 #endif /* WITH_HASH_SHAKE256 */
69