forked from Mirkic7/mdcct
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmshabal256.h
163 lines (152 loc) · 6.26 KB
/
mshabal256.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
/*
* A parallel implementation of Shabal, for platforms with SSE2.
*
* This is the header file for an implementation of the Shabal family
* of hash functions, designed for maximum parallel speed. It processes
* up to four instances of Shabal in parallel, using the SSE2 unit.
* Total bandwidth appear to be up to twice that of a plain 32-bit
* Shabal implementation.
*
* A computation uses a mshabal256_context structure. That structure is
* supposed to be allocated and released by the caller, e.g. as a
* local or global variable, or on the heap. The structure contents
* are initialized with mshabal256_init(). Once the structure has been
* initialized, data is input as chunks, with the mshabal256() functions.
* Chunks for the four parallel instances are provided simultaneously
* and must have the same length. It is allowed not to use some of the
* instances; the corresponding parameters in mshabal256() are then NULL.
* However, using NULL as a chunk for one of the instances effectively
* deactivates that instance; this cannot be used to "skip" a chunk
* for one instance.
*
* The computation is finalized with mshabal256_close(). Some extra message
* bits (0 to 7) can be input. The outputs of the four parallel instances
* are written in the provided buffers. There again, NULL can be
* provided as parameter is the output of one of the instances is not
* needed.
*
* A mshabal256_context instance is self-contained and holds no pointer.
* Thus, it can be cloned (e.g. with memcpy()) or moved (as long as
* proper alignment is maintained). This implementation uses no state
* variable beyond the context instance; this, it is thread-safe and
* reentrant.
*
* The Shabal specification defines Shabal with output sizes of 192,
* 224, 256, 384 and 512 bits. This code accepts all those sizes, as
* well as any output size which is multiple of 32, between 32 and
* 512 (inclusive).
*
* Parameters are not validated. Thus, undefined behaviour occurs if
* any of the "shall" or "must" clauses in this documentation is
* violated.
*
*
* (c) 2010 SAPHIR project. This software is provided 'as-is', without
* any epxress or implied warranty. In no event will the authors be held
* liable for any damages arising from the use of this software.
*
* Permission is granted to anyone to use this software for any purpose,
* including commercial applications, and to alter it and redistribute it
* freely, subject to no restriction.
*
* Technical remarks and questions can be addressed to:
* <thomas.pornin@cryptolog.com>
*/
#ifndef MSHABAL256_H__
#define MSHABAL256_H__
#include <limits.h>
#ifdef __cplusplus
extern "C" {
#endif
/*
* We need an integer type with width 32-bit or more (preferably, with
* a width of exactly 32 bits).
*/
#if defined __STDC__ && __STDC_VERSION__ >= 199901L
#include <stdint.h>
#ifdef UINT32_MAX
typedef uint32_t mshabal256_u32;
#else
typedef uint_fast32_t mshabal256_u32;
#endif
#else
#if ((UINT_MAX >> 11) >> 11) >= 0x3FF
typedef unsigned int mshabal256_u32;
#else
typedef unsigned long mshabal256_u32;
#endif
#endif
#define MSHABAL256_FACTOR 2
/*
* The context structure for a Shabal computation. Contents are
* private. Such a structure should be allocated and released by
* the caller, in any memory area.
*/
typedef struct {
unsigned char buf0[64];
unsigned char buf1[64];
unsigned char buf2[64];
unsigned char buf3[64];
unsigned char buf4[64];
unsigned char buf5[64];
unsigned char buf6[64];
unsigned char buf7[64];
size_t ptr;
mshabal256_u32 state[(12 + 16 + 16) * 4 * MSHABAL256_FACTOR];
mshabal256_u32 Whigh, Wlow;
unsigned out_size;
} mshabal256_context;
/*
* Initialize a context structure. The output size must be a multiple
* of 32, between 32 and 512 (inclusive). The output size is expressed
* in bits.
*/
void mshabal256_init(mshabal256_context *sc, unsigned out_size);
/*
* Process some more data bytes; four chunks of data, pointed to by
* data0, data1, data2 and data3, are processed. The four chunks have
* the same length of "len" bytes. For efficiency, it is best if data is
* processed by medium-sized chunks, e.g. a few kilobytes at a time.
*
* The "len" data bytes shall all be accessible. If "len" is zero, this
* this function does nothing and ignores the data* arguments.
* Otherwise, if one of the data* argument is NULL, then the
* corresponding instance is deactivated (the final value obtained from
* that instance is undefined).
*/
void mshabal256(mshabal256_context *sc,
const void *data0, const void *data1, const void *data2, const void *data3,
const void *data4, const void *data5, const void *data6, const void *data7,
size_t len);
/*
* Terminate the Shabal computation incarnated by the provided context
* structure. "n" shall be a value between 0 and 7 (inclusive): this is
* the number of extra bits to extract from ub0, ub1, ub2 and ub3, and
* append at the end of the input message for each of the four parallel
* instances. Bits in "ub*" are taken in big-endian format: first bit is
* the one of numerical value 128, second bit has numerical value 64,
* and so on. Other bits in "ub*" are ignored. For most applications,
* input messages will consist in sequence of bytes, and the "ub*" and
* "n" parameters will be zero.
*
* The Shabal output for each of the parallel instances is written out
* in the areas pointed to by, respectively, dst0, dst1, dst2 and dst3.
* These areas shall be wide enough to accomodate the result (result
* size was specified as parameter to mshabal256_init()). It is acceptable
* to use NULL for any of those pointers, if the result from the
* corresponding instance is not needed.
*
* After this call, the context structure is invalid. The caller shall
* release it, or reinitialize it with mshabal256_init(). The mshabal256_close()
* function does NOT imply a hidden call to mshabal256_init().
*/
void mshabal256_close(mshabal256_context *sc,
unsigned ub0, unsigned ub1, unsigned ub2, unsigned ub3,
unsigned ub4, unsigned ub5, unsigned ub6, unsigned ub7,
unsigned n,
void *dst0, void *dst1, void *dst2, void *dst3,
void *dst4, void *dst5, void *dst6, void *dst7);
#ifdef __cplusplus
}
#endif
#endif