Botan  2.1.0
Crypto and TLS for C++11
shake.cpp
Go to the documentation of this file.
1 /*
2 * SHAKE-128/256 as a hash
3 * (C) 2016 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #include <botan/shake.h>
9 #include <botan/sha3.h>
10 #include <botan/parsing.h>
11 #include <botan/exceptn.h>
12 
13 namespace Botan {
14 
15 SHAKE_128::SHAKE_128(size_t output_bits) :
16  m_output_bits(output_bits), m_S(25), m_S_pos(0)
17  {
18  if(output_bits % 8 != 0)
19  throw Invalid_Argument("SHAKE_128: Invalid output length " +
20  std::to_string(output_bits));
21  }
22 
23 std::string SHAKE_128::name() const
24  {
25  return "SHAKE-128(" + std::to_string(m_output_bits) + ")";
26  }
27 
29  {
30  return new SHAKE_128(m_output_bits);
31  }
32 
34  {
35  zeroise(m_S);
36  m_S_pos = 0;
37  }
38 
39 void SHAKE_128::add_data(const uint8_t input[], size_t length)
40  {
41  m_S_pos = SHA_3::absorb(SHAKE_128_BITRATE, m_S, m_S_pos, input, length);
42  }
43 
44 void SHAKE_128::final_result(uint8_t output[])
45  {
46  std::vector<uint8_t> padding(SHAKE_128_BITRATE / 8 - m_S_pos);
47 
48  padding[0] = 0x1F;
49  padding[padding.size()-1] |= 0x80;
50 
51  add_data(padding.data(), padding.size());
52 
53  SHA_3::expand(SHAKE_128_BITRATE, m_S, output, output_length());
54 
55  clear();
56  }
57 
58 SHAKE_256::SHAKE_256(size_t output_bits) :
59  m_output_bits(output_bits), m_S(25), m_S_pos(0)
60  {
61  if(output_bits % 8 != 0)
62  throw Invalid_Argument("SHAKE_256: Invalid output length " +
63  std::to_string(output_bits));
64  }
65 
66 std::string SHAKE_256::name() const
67  {
68  return "SHAKE-256(" + std::to_string(m_output_bits) + ")";
69  }
70 
72  {
73  return new SHAKE_256(m_output_bits);
74  }
75 
77  {
78  zeroise(m_S);
79  m_S_pos = 0;
80  }
81 
82 void SHAKE_256::add_data(const uint8_t input[], size_t length)
83  {
84  m_S_pos = SHA_3::absorb(SHAKE_256_BITRATE, m_S, m_S_pos, input, length);
85  }
86 
87 void SHAKE_256::final_result(uint8_t output[])
88  {
89  std::vector<uint8_t> padding(SHAKE_256_BITRATE / 8 - m_S_pos);
90 
91  padding[0] = 0x1F;
92  padding[padding.size()-1] |= 0x80;
93 
94  add_data(padding.data(), padding.size());
95 
96  SHA_3::expand(SHAKE_256_BITRATE, m_S, output, output_length());
97 
98  clear();
99  }
100 
101 }
std::string name() const override
Definition: shake.cpp:66
SHAKE_256(size_t output_bits)
Definition: shake.cpp:58
static void expand(size_t bitrate, secure_vector< uint64_t > &S, uint8_t output[], size_t output_length)
Definition: sha3.cpp:176
HashFunction * clone() const override
Definition: shake.cpp:71
void clear() override
Definition: shake.cpp:33
SHAKE_128(size_t output_bits)
Definition: shake.cpp:15
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:47
static size_t absorb(size_t bitrate, secure_vector< uint64_t > &S, size_t S_pos, const uint8_t input[], size_t length)
Definition: sha3.cpp:129
size_t output_length() const override
Definition: shake.h:31
std::string name() const override
Definition: shake.cpp:23
void clear() override
Definition: shake.cpp:76
Definition: alg_id.cpp:13
size_t output_length() const override
Definition: shake.h:62
HashFunction * clone() const override
Definition: shake.cpp:28
void zeroise(std::vector< T, Alloc > &vec)
Definition: secmem.h:211