diff options
Diffstat (limited to 'lib/liboqs/src/sig/sphincs/pqclean_sphincs-sha256-192s-simple_clean/sha256.c')
-rw-r--r-- | lib/liboqs/src/sig/sphincs/pqclean_sphincs-sha256-192s-simple_clean/sha256.c | 71 |
1 files changed, 0 insertions, 71 deletions
diff --git a/lib/liboqs/src/sig/sphincs/pqclean_sphincs-sha256-192s-simple_clean/sha256.c b/lib/liboqs/src/sig/sphincs/pqclean_sphincs-sha256-192s-simple_clean/sha256.c deleted file mode 100644 index 7ffadf35a..000000000 --- a/lib/liboqs/src/sig/sphincs/pqclean_sphincs-sha256-192s-simple_clean/sha256.c +++ /dev/null @@ -1,71 +0,0 @@ -/* Based on the public domain implementation in - * crypto_hash/sha512/ref/ from http://bench.cr.yp.to/supercop.html - * by D. J. Bernstein */ - -#include <stddef.h> -#include <stdint.h> -#include <string.h> - -#include "sha2.h" -#include "sha256.h" -#include "utils.h" - -/* - * Compresses an address to a 22-byte sequence. - * This reduces the number of required SHA256 compression calls, as the last - * block of input is padded with at least 65 bits. - */ -void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_compress_address(unsigned char *out, const uint32_t addr[8]) { - PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_ull_to_bytes(out, 1, addr[0]); /* drop 3 bytes of the layer field */ - PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_ull_to_bytes(out + 1, 4, addr[2]); /* drop the highest tree address word */ - PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_ull_to_bytes(out + 5, 4, addr[3]); - PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_ull_to_bytes(out + 9, 1, addr[4]); /* drop 3 bytes of the type field */ - PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_ull_to_bytes(out + 10, 4, addr[5]); - PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_ull_to_bytes(out + 14, 4, addr[6]); - PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_ull_to_bytes(out + 18, 4, addr[7]); -} - -/** - * Requires 'input_plus_four_bytes' to have 'inlen' + 4 bytes, so that the last - * four bytes can be used for the counter. Typically 'input' is merely a seed. - * Outputs outlen number of bytes - */ -void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_mgf1( - unsigned char *out, unsigned long outlen, - unsigned char *input_plus_four_bytes, unsigned long inlen) { - unsigned char outbuf[PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_SHA256_OUTPUT_BYTES]; - unsigned long i; - - /* While we can fit in at least another full block of SHA256 output.. */ - for (i = 0; (i + 1)*PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_SHA256_OUTPUT_BYTES <= outlen; i++) { - PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_ull_to_bytes(input_plus_four_bytes + inlen, 4, i); - sha256(out, input_plus_four_bytes, inlen + 4); - out += PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_SHA256_OUTPUT_BYTES; - } - /* Until we cannot anymore, and we fill the remainder. */ - if (outlen > i * PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_SHA256_OUTPUT_BYTES) { - PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_ull_to_bytes(input_plus_four_bytes + inlen, 4, i); - sha256(outbuf, input_plus_four_bytes, inlen + 4); - memcpy(out, outbuf, outlen - i * PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_SHA256_OUTPUT_BYTES); - } -} - - -/** - * Absorb the constant pub_seed using one round of the compression function - * This initializes hash_state_seeded, which can then be reused in thash - **/ -void PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_seed_state(sha256ctx *hash_state_seeded, const unsigned char *pub_seed) { - uint8_t block[PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_SHA256_BLOCK_BYTES]; - size_t i; - - for (i = 0; i < PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_N; ++i) { - block[i] = pub_seed[i]; - } - for (i = PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_N; i < PQCLEAN_SPHINCSSHA256192SSIMPLE_CLEAN_SHA256_BLOCK_BYTES; ++i) { - block[i] = 0; - } - - sha256_inc_init(hash_state_seeded); - sha256_inc_blocks(hash_state_seeded, block, 1); -} |