/* Generated by Frama-C */ typedef unsigned long size_t; typedef long __off_t; typedef long __off64_t; struct _IO_FILE; typedef struct _IO_FILE FILE; typedef void _IO_lock_t; struct _IO_marker { struct _IO_marker *_next ; struct _IO_FILE *_sbuf ; int _pos ; }; struct _IO_FILE { int _flags ; char *_IO_read_ptr ; char *_IO_read_end ; char *_IO_read_base ; char *_IO_write_base ; char *_IO_write_ptr ; char *_IO_write_end ; char *_IO_buf_base ; char *_IO_buf_end ; char *_IO_save_base ; char *_IO_backup_base ; char *_IO_save_end ; struct _IO_marker *_markers ; struct _IO_FILE *_chain ; int _fileno ; int _flags2 ; __off_t _old_offset ; unsigned short _cur_column ; signed char _vtable_offset ; char _shortbuf[1] ; _IO_lock_t *_lock ; __off64_t _offset ; void *__pad1 ; void *__pad2 ; void *__pad3 ; void *__pad4 ; size_t __pad5 ; int _mode ; char _unused2[((unsigned long)15 * sizeof(int) - (unsigned long)4 * sizeof(void *)) - sizeof(size_t)] ; }; enum __anonenum_25 { _ISupper = (1 << 0) << 8, _ISlower = (1 << 1) << 8, _ISalpha = (1 << 2) << 8, _ISdigit = (1 << 3) << 8, _ISxdigit = (1 << 4) << 8, _ISspace = (1 << 5) << 8, _ISprint = (1 << 6) << 8, _ISgraph = (1 << 7) << 8, _ISblank = (1 << 8) >> 8, _IScntrl = (1 << 9) >> 8, _ISpunct = (1 << 10) >> 8, _ISalnum = (1 << 11) >> 8 }; struct duplexStateStruct { unsigned char __attribute__((__aligned__(32))) state[1600 / 8] ; unsigned int rate ; unsigned int capacity ; unsigned int rho_max ; } __attribute__((__aligned__(32))); typedef struct duplexStateStruct duplexState; struct spongeStateStruct { unsigned char __attribute__((__aligned__(32))) state[1600 / 8] ; unsigned char __attribute__((__aligned__(32))) dataQueue[1536 / 8] ; unsigned int rate ; unsigned int capacity ; unsigned int bitsInQueue ; unsigned int fixedOutputLength ; int squeezing ; unsigned int bitsAvailableForSqueezing ; } __attribute__((__aligned__(32))); typedef struct spongeStateStruct spongeState; typedef unsigned char BitSequence; typedef unsigned long long DataLength; enum __anonenum_HashReturn_26 { SUCCESS = 0, FAIL = 1, BAD_HASHLEN = 2 }; typedef enum __anonenum_HashReturn_26 HashReturn; typedef spongeState hashState; enum __anonenum_STATUS_CODES_27 { KAT_SUCCESS = 0, KAT_FILE_OPEN_ERROR = 1, KAT_HEADER_ERROR = 2, KAT_DATA_ERROR = 3, KAT_HASH_ERROR = 4 }; typedef enum __anonenum_STATUS_CODES_27 STATUS_CODES; typedef unsigned char UINT8; typedef unsigned long long UINT64; extern int fclose(FILE *__stream); extern FILE *fopen(char const * __restrict __filename, char const * __restrict __modes); extern int fprintf(FILE * __restrict __stream, char const * __restrict __format , ...); extern int printf(char const * __restrict __format , ...); extern __attribute__((__nothrow__)) int sprintf(char * __restrict __s, char const * __restrict __format , ...); extern int fscanf(FILE * __restrict __stream, char const * __restrict __format , ...) __asm__("__isoc99_fscanf"); extern int fgetc(FILE *__stream); extern __attribute__((__nothrow__)) void *memcpy(void * __restrict __dest, void const * __restrict __src, size_t __n) __attribute__(( __nonnull__(1,2), __leaf__)); extern __attribute__((__nothrow__)) void *memset(void *__s, int __c, size_t __n) __attribute__(( __nonnull__(1), __leaf__)); extern __attribute__((__nothrow__)) int strncmp(char const *__s1, char const *__s2, size_t __n) __attribute__(( __pure__, __nonnull__(1,2), __leaf__)); extern __attribute__((__nothrow__)) size_t strlen(char const *__s) __attribute__(( __pure__, __nonnull__(1), __leaf__)); extern __attribute__((__nothrow__)) unsigned short const **__ctype_b_loc( void) __attribute__((__leaf__, __const__)); int InitDuplex(duplexState *state, unsigned int rate, unsigned int capacity); int Duplexing(duplexState *state, unsigned char const *in, unsigned int inBitLen, unsigned char *out, unsigned int outBitLen); int InitSponge(spongeState *state, unsigned int rate, unsigned int capacity); int Absorb(spongeState *state, unsigned char const *data, unsigned long long databitlen); int Squeeze(spongeState *state, unsigned char *output, unsigned long long outputLength); HashReturn Init(hashState *state, int hashbitlen); HashReturn Update(hashState *state, BitSequence const *data, DataLength databitlen); HashReturn Final(hashState *state, BitSequence *hashval); HashReturn Hash(int hashbitlen, BitSequence const *data, DataLength databitlen, BitSequence *hashval); STATUS_CODES genShortMsg(int hashbitlen); STATUS_CODES genLongMsg(int hashbitlen); STATUS_CODES genExtremelyLongMsg(int hashbitlen); STATUS_CODES genMonteCarlo(int hashbitlen); STATUS_CODES genMonteCarloSqueezing(int hashbitlen); STATUS_CODES genShortMsgSponge(unsigned int rate, unsigned int capacity, int outputLength, char const *fileName); STATUS_CODES genDuplexKAT(unsigned int rate, unsigned int capacity, char const *fileName); int FindMarker(FILE *infile, char const *marker); int ReadHex(FILE *infile, BitSequence *A, int Length, char *str); void fprintBstr(FILE *fp, char *S, BitSequence *A, int L); STATUS_CODES genKAT_main(void) { STATUS_CODES __retres; int i; int ret_val; int bitlens[4]; STATUS_CODES tmp; STATUS_CODES tmp_0; STATUS_CODES tmp_1; bitlens[0] = 224; bitlens[1] = 256; bitlens[2] = 384; bitlens[3] = 512; { /*undefined sequence*/ tmp = genShortMsgSponge((unsigned int)1024,(unsigned int)576,4096, "ShortMsgKAT_0.txt"); ret_val = (int)tmp; } if (ret_val != KAT_SUCCESS) { __retres = (enum __anonenum_STATUS_CODES_27)ret_val; goto return_label; } { /*undefined sequence*/ tmp_0 = genLongMsg(0); ret_val = (int)tmp_0; } if (ret_val != KAT_SUCCESS) { __retres = (enum __anonenum_STATUS_CODES_27)ret_val; goto return_label; } { /*undefined sequence*/ tmp_1 = genMonteCarloSqueezing(0); ret_val = (int)tmp_1; } if (ret_val != KAT_SUCCESS) { __retres = (enum __anonenum_STATUS_CODES_27)ret_val; goto return_label; } i = 0; while (i < 4) { { STATUS_CODES tmp_2; STATUS_CODES tmp_3; STATUS_CODES tmp_4; { /*undefined sequence*/ tmp_2 = genShortMsg(bitlens[i]); ret_val = (int)tmp_2; } if (ret_val != KAT_SUCCESS) { __retres = (enum __anonenum_STATUS_CODES_27)ret_val; goto return_label; } { /*undefined sequence*/ tmp_3 = genLongMsg(bitlens[i]); ret_val = (int)tmp_3; } if (ret_val != KAT_SUCCESS) { __retres = (enum __anonenum_STATUS_CODES_27)ret_val; goto return_label; } { /*undefined sequence*/ tmp_4 = genMonteCarlo(bitlens[i]); ret_val = (int)tmp_4; } if (ret_val != KAT_SUCCESS) { __retres = (enum __anonenum_STATUS_CODES_27)ret_val; goto return_label; } } i ++; } genShortMsgSponge((unsigned int)1344,(unsigned int)256,4096, "ShortMsgKAT_r1344c256.txt"); genDuplexKAT((unsigned int)1026,(unsigned int)574, "DuplexKAT_r1026c574.txt"); genDuplexKAT((unsigned int)1027,(unsigned int)573, "DuplexKAT_r1027c573.txt"); __retres = KAT_SUCCESS; return_label: /* internal */ return __retres; } STATUS_CODES genShortMsg(int hashbitlen) { STATUS_CODES __retres; char fn[32]; char line[128]; int msglen; int msgbytelen; int done; BitSequence Msg[256]; BitSequence MD[64]; FILE *fp_in; FILE *fp_out; int tmp; int tmp_0; fp_in = fopen("ShortMsgKAT.txt","r"); if (fp_in == (void *)0) { printf("Couldn\'t open for read\n"); __retres = KAT_FILE_OPEN_ERROR; goto return_label; } sprintf(fn,"ShortMsgKAT_%d.txt",hashbitlen); fp_out = fopen((char const *)(fn),"w"); if (fp_out == (void *)0) { printf("Couldn\'t open <%s> for write\n",fn); __retres = KAT_FILE_OPEN_ERROR; goto return_label; } fprintf(fp_out,"# %s\n",fn); tmp = FindMarker(fp_in,"# Algorithm Name:"); if (tmp) { fscanf(fp_in,"%[^\n]\n",line); fprintf(fp_out,"# Algorithm Name:%s\n",line); } else { printf("genShortMsg: Couldn\'t read Algorithm Name\n"); __retres = KAT_HEADER_ERROR; goto return_label; } tmp_0 = FindMarker(fp_in,"# Principal Submitter:"); if (tmp_0) { fscanf(fp_in,"%[^\n]\n",line); fprintf(fp_out,"# Principal Submitter:%s\n",line); } else { printf("genShortMsg: Couldn\'t read Principal Submitter\n"); __retres = KAT_HEADER_ERROR; goto return_label; } done = 0; while (1) { { int tmp_1; int tmp_2; tmp_1 = FindMarker(fp_in,"Len = "); if (tmp_1) fscanf(fp_in,"%d",& msglen); else { done = 1; break; } msgbytelen = (msglen + 7) / 8; tmp_2 = ReadHex(fp_in,Msg,msgbytelen,(char *)"Msg = "); if (! tmp_2) { printf("ERROR: unable to read \'Msg\' from \n"); __retres = KAT_DATA_ERROR; goto return_label; } Hash(hashbitlen,(BitSequence const *)(Msg),(unsigned long long)msglen, MD); fprintf(fp_out,"\nLen = %d\n",msglen); fprintBstr(fp_out,(char *)"Msg = ",Msg,msgbytelen); fprintBstr(fp_out,(char *)"MD = ",MD,hashbitlen / 8); } if (! (! done)) break; } printf("finished ShortMsgKAT for <%d>\n",hashbitlen); fclose(fp_in); fclose(fp_out); __retres = KAT_SUCCESS; return_label: /* internal */ return __retres; } STATUS_CODES genShortMsgSponge(unsigned int rate, unsigned int capacity, int outputLength, char const *fileName) { STATUS_CODES __retres; char line[128]; int msglen; int msgbytelen; int done; BitSequence Msg[256]; BitSequence Squeezed[4096 / 8]; spongeState state; FILE *fp_in; FILE *fp_out; int tmp; int tmp_0; if (outputLength > 4096) { printf("Requested output length too long.\n"); __retres = KAT_HASH_ERROR; goto return_label; } fp_in = fopen("ShortMsgKAT.txt","r"); if (fp_in == (void *)0) { printf("Couldn\'t open for read\n"); __retres = KAT_FILE_OPEN_ERROR; goto return_label; } fp_out = fopen(fileName,"w"); if (fp_out == (void *)0) { printf("Couldn\'t open <%s> for write\n",fileName); __retres = KAT_FILE_OPEN_ERROR; goto return_label; } fprintf(fp_out,"# %s\n",fileName); tmp = FindMarker(fp_in,"# Algorithm Name:"); if (tmp) { fscanf(fp_in,"%[^\n]\n",line); fprintf(fp_out,"# Algorithm Name:%s\n",line); } else { printf("genShortMsg: Couldn\'t read Algorithm Name\n"); __retres = KAT_HEADER_ERROR; goto return_label; } tmp_0 = FindMarker(fp_in,"# Principal Submitter:"); if (tmp_0) { fscanf(fp_in,"%[^\n]\n",line); fprintf(fp_out,"# Principal Submitter:%s\n",line); } else { printf("genShortMsg: Couldn\'t read Principal Submitter\n"); __retres = KAT_HEADER_ERROR; goto return_label; } done = 0; while (1) { { int tmp_1; int tmp_2; tmp_1 = FindMarker(fp_in,"Len = "); if (tmp_1) fscanf(fp_in,"%d",& msglen); else { done = 1; break; } msgbytelen = (msglen + 7) / 8; tmp_2 = ReadHex(fp_in,Msg,msgbytelen,(char *)"Msg = "); if (! tmp_2) { printf("ERROR: unable to read \'Msg\' from \n"); __retres = KAT_DATA_ERROR; goto return_label; } fprintf(fp_out,"\nLen = %d\n",msglen); fprintBstr(fp_out,(char *)"Msg = ",Msg,msgbytelen); InitSponge(& state,rate,capacity); if (msglen % 8 != 0) Msg[msgbytelen - 1] = (unsigned char)((int)Msg[ msgbytelen - 1] >> ( 8 - msglen % 8)); Absorb(& state,(unsigned char const *)(Msg),(unsigned long long)msglen); Squeeze(& state,Squeezed,(unsigned long long)outputLength); fprintBstr(fp_out,(char *)"Squeezed = ",Squeezed,4096 / 8); } if (! (! done)) break; } printf("finished ShortMsgKAT for <%s>\n",fileName); fclose(fp_in); fclose(fp_out); __retres = KAT_SUCCESS; return_label: /* internal */ return __retres; } STATUS_CODES genLongMsg(int hashbitlen) { STATUS_CODES __retres; char fn[32]; char line[128]; int msglen; int msgbytelen; int done; BitSequence Msg[4288]; BitSequence MD[64]; BitSequence Squeezed[4096 / 8]; hashState state; FILE *fp_in; FILE *fp_out; int tmp; int tmp_0; fp_in = fopen("LongMsgKAT.txt","r"); if (fp_in == (void *)0) { printf("Couldn\'t open for read\n"); __retres = KAT_FILE_OPEN_ERROR; goto return_label; } sprintf(fn,"LongMsgKAT_%d.txt",hashbitlen); fp_out = fopen((char const *)(fn),"w"); if (fp_out == (void *)0) { printf("Couldn\'t open <%s> for write\n",fn); __retres = KAT_FILE_OPEN_ERROR; goto return_label; } fprintf(fp_out,"# %s\n",fn); tmp = FindMarker(fp_in,"# Algorithm Name:"); if (tmp) { fscanf(fp_in,"%[^\n]\n",line); fprintf(fp_out,"# Algorithm Name:%s\n",line); } else { printf("genLongMsg: Couldn\'t read Algorithm Name\n"); __retres = KAT_HEADER_ERROR; goto return_label; } tmp_0 = FindMarker(fp_in,"# Principal Submitter:"); if (tmp_0) { fscanf(fp_in,"%[^\n]\n",line); fprintf(fp_out,"# Principal Submitter:%s\n\n",line); } else { printf("genLongMsg: Couldn\'t read Principal Submitter\n"); __retres = KAT_HEADER_ERROR; goto return_label; } done = 0; while (1) { { int tmp_1; int tmp_2; tmp_1 = FindMarker(fp_in,"Len = "); if (tmp_1) fscanf(fp_in,"%d",& msglen); else break; msgbytelen = (msglen + 7) / 8; tmp_2 = ReadHex(fp_in,Msg,msgbytelen,(char *)"Msg = "); if (! tmp_2) { printf("ERROR: unable to read \'Msg\' from \n"); __retres = KAT_DATA_ERROR; goto return_label; } if (hashbitlen > 0) Hash(hashbitlen,(BitSequence const *)(Msg), (unsigned long long)msglen,MD); else { Init(& state,hashbitlen); Update(& state,(BitSequence const *)(Msg),(unsigned long long)msglen); Final(& state,(BitSequence *)0); Squeeze(& state,Squeezed,(unsigned long long)4096); } fprintf(fp_out,"Len = %d\n",msglen); fprintBstr(fp_out,(char *)"Msg = ",Msg,msgbytelen); if (hashbitlen > 0) fprintBstr(fp_out,(char *)"MD = ",MD, hashbitlen / 8); else fprintBstr(fp_out,(char *)"Squeezed = ",Squeezed,4096 / 8); } if (! (! done)) break; } printf("finished LongMsgKAT for <%d>\n",hashbitlen); fclose(fp_in); fclose(fp_out); __retres = KAT_SUCCESS; return_label: /* internal */ return __retres; } STATUS_CODES genExtremelyLongMsg(int hashbitlen) { STATUS_CODES __retres; char fn[32]; char line[128]; BitSequence Text[65]; BitSequence MD[64]; BitSequence Squeezed[4096 / 8]; int i; int repeat; FILE *fp_in; FILE *fp_out; hashState state; HashReturn retval; int tmp; int tmp_0; int tmp_1; int tmp_2; fp_in = fopen("ExtremelyLongMsgKAT.txt","r"); if (fp_in == (void *)0) { printf("Couldn\'t open for read\n"); __retres = KAT_FILE_OPEN_ERROR; goto return_label; } sprintf(fn,"ExtremelyLongMsgKAT_%d.txt",hashbitlen); fp_out = fopen((char const *)(fn),"w"); if (fp_out == (void *)0) { printf("Couldn\'t open <%s> for write\n",fn); __retres = KAT_FILE_OPEN_ERROR; goto return_label; } fprintf(fp_out,"# %s\n",fn); tmp = FindMarker(fp_in,"# Algorithm Name:"); if (tmp) { fscanf(fp_in,"%[^\n]\n",line); fprintf(fp_out,"# Algorithm Name:%s\n",line); } else { printf("genExtremelyLongMsg: Couldn\'t read Algorithm Name\n"); __retres = KAT_HEADER_ERROR; goto return_label; } tmp_0 = FindMarker(fp_in,"# Principal Submitter:"); if (tmp_0) { fscanf(fp_in,"%[^\n]\n",line); fprintf(fp_out,"# Principal Submitter:%s\n\n",line); } else { printf("genExtremelyLongMsg: Couldn\'t read Principal Submitter\n"); __retres = KAT_HEADER_ERROR; goto return_label; } tmp_1 = FindMarker(fp_in,"Repeat = "); if (tmp_1) fscanf(fp_in,"%d",& repeat); else { printf("ERROR: unable to read \'Repeat\' from \n"); __retres = KAT_DATA_ERROR; goto return_label; } tmp_2 = FindMarker(fp_in,"Text = "); if (tmp_2) fscanf(fp_in,"%s",Text); else { printf("ERROR: unable to read \'Text\' from \n"); __retres = KAT_DATA_ERROR; goto return_label; } retval = Init(& state,hashbitlen); if (retval != (unsigned int)KAT_SUCCESS) { printf("Init returned <%d> in genExtremelyLongMsg\n",retval); __retres = KAT_HASH_ERROR; goto return_label; } i = 0; while (i < repeat) { retval = Update(& state,(BitSequence const *)(Text), (unsigned long long)512); if (retval != (unsigned int)KAT_SUCCESS) { printf("Update returned <%d> in genExtremelyLongMsg\n",retval); __retres = KAT_HASH_ERROR; goto return_label; } i ++; } retval = Final(& state,MD); if (retval != (unsigned int)KAT_SUCCESS) { printf("Final returned <%d> in genExtremelyLongMsg\n",retval); __retres = KAT_HASH_ERROR; goto return_label; } if (hashbitlen == 0) Squeeze(& state,Squeezed,(unsigned long long)4096); fprintf(fp_out,"Repeat = %d\n",repeat); fprintf(fp_out,"Text = %s\n",Text); if (hashbitlen > 0) fprintBstr(fp_out,(char *)"MD = ",MD,hashbitlen / 8); else fprintBstr(fp_out,(char *)"Squeezed = ",Squeezed,4096 / 8); printf("finished ExtremelyLongMsgKAT for <%d>\n",hashbitlen); fclose(fp_in); fclose(fp_out); __retres = KAT_SUCCESS; return_label: /* internal */ return __retres; } STATUS_CODES genMonteCarlo(int hashbitlen) { STATUS_CODES __retres; char fn[32]; char line[128]; BitSequence Seed[128]; BitSequence Msg[128]; BitSequence MD[64]; BitSequence Temp[128]; int i; int j; int bytelen; FILE *fp_in; FILE *fp_out; int tmp; int tmp_0; int tmp_1; fp_in = fopen("MonteCarlo.txt","r"); if (fp_in == (void *)0) { printf("Couldn\'t open for read\n"); __retres = KAT_FILE_OPEN_ERROR; goto return_label; } sprintf(fn,"MonteCarlo_%d.txt",hashbitlen); fp_out = fopen((char const *)(fn),"w"); if (fp_out == (void *)0) { printf("Couldn\'t open <%s> for write\n",fn); __retres = KAT_FILE_OPEN_ERROR; goto return_label; } fprintf(fp_out,"# %s\n",fn); tmp = FindMarker(fp_in,"# Algorithm Name:"); if (tmp) { fscanf(fp_in,"%[^\n]\n",line); fprintf(fp_out,"# Algorithm Name:%s\n",line); } else { printf("genMonteCarlo: Couldn\'t read Algorithm Name\n"); __retres = KAT_HEADER_ERROR; goto return_label; } tmp_0 = FindMarker(fp_in,"# Principal Submitter:"); if (tmp_0) { fscanf(fp_in,"%[^\n]\n",line); fprintf(fp_out,"# Principal Submitter:%s\n\n",line); } else { printf("genMonteCarlo: Couldn\'t read Principal Submitter\n"); __retres = KAT_HEADER_ERROR; goto return_label; } tmp_1 = ReadHex(fp_in,Seed,128,(char *)"Seed = "); if (! tmp_1) { printf("ERROR: unable to read \'Seed\' from \n"); __retres = KAT_DATA_ERROR; goto return_label; } bytelen = hashbitlen / 8; memcpy((void *)(Msg),(void const *)(Seed),(unsigned long)128); fprintBstr(fp_out,(char *)"Seed = ",Seed,128); j = 0; while (j < 100) { i = 0; while (i < 1000) { Hash(hashbitlen,(BitSequence const *)(Msg),(unsigned long long)1024,MD); memcpy((void *)(Temp),(void const *)(Msg), (unsigned long)(128 - bytelen)); memcpy((void *)(Msg),(void const *)(MD),(unsigned long)bytelen); memcpy((void *)(& Msg[bytelen]),(void const *)(Temp), (unsigned long)(128 - bytelen)); i ++; } fprintf(fp_out,"\nj = %d\n",j); fprintBstr(fp_out,(char *)"MD = ",MD,bytelen); j ++; } printf("finished MonteCarloKAT for <%d>\n",hashbitlen); fclose(fp_in); fclose(fp_out); __retres = KAT_SUCCESS; return_label: /* internal */ return __retres; } STATUS_CODES genMonteCarloSqueezing(int hashbitlen) { STATUS_CODES __retres; char fn[32]; char line[128]; BitSequence Seed[128]; BitSequence MD[64]; int i; int j; int bytelen; FILE *fp_in; FILE *fp_out; hashState state; HashReturn retval; int tmp; int tmp_0; int tmp_1; fp_in = fopen("MonteCarlo.txt","r"); if (fp_in == (void *)0) { printf("Couldn\'t open for read\n"); __retres = KAT_FILE_OPEN_ERROR; goto return_label; } sprintf(fn,"MonteCarlo_%d.txt",hashbitlen); fp_out = fopen((char const *)(fn),"w"); if (fp_out == (void *)0) { printf("Couldn\'t open <%s> for write\n",fn); __retres = KAT_FILE_OPEN_ERROR; goto return_label; } fprintf(fp_out,"# %s\n",fn); tmp = FindMarker(fp_in,"# Algorithm Name:"); if (tmp) { fscanf(fp_in,"%[^\n]\n",line); fprintf(fp_out,"# Algorithm Name:%s\n",line); } else { printf("genMonteCarlo: Couldn\'t read Algorithm Name\n"); __retres = KAT_HEADER_ERROR; goto return_label; } tmp_0 = FindMarker(fp_in,"# Principal Submitter:"); if (tmp_0) { fscanf(fp_in,"%[^\n]\n",line); fprintf(fp_out,"# Principal Submitter:%s\n\n",line); } else { printf("genMonteCarlo: Couldn\'t read Principal Submitter\n"); __retres = KAT_HEADER_ERROR; goto return_label; } tmp_1 = ReadHex(fp_in,Seed,128,(char *)"Seed = "); if (! tmp_1) { printf("ERROR: unable to read \'Seed\' from \n"); __retres = KAT_DATA_ERROR; goto return_label; } fprintBstr(fp_out,(char *)"Seed = ",Seed,128); retval = Init(& state,hashbitlen); if (retval != (unsigned int)KAT_SUCCESS) { printf("Init returned <%d> in genMonteCarloSqueezing\n",retval); __retres = KAT_HASH_ERROR; goto return_label; } retval = Update(& state,(BitSequence const *)(Seed), (unsigned long long)(128 * 8)); if (retval != (unsigned int)KAT_SUCCESS) { printf("Update returned <%d> in genMonteCarloSqueezing\n",retval); __retres = KAT_HASH_ERROR; goto return_label; } retval = Final(& state,(BitSequence *)0); if (retval != (unsigned int)KAT_SUCCESS) { printf("Final returned <%d> in genMonteCarloSqueezing\n",retval); __retres = KAT_HASH_ERROR; goto return_label; } bytelen = 64; j = 0; while (j < 100) { i = 0; while (i < 1000) { { int tmp_2; { /*undefined sequence*/ tmp_2 = Squeeze(& state,MD,(unsigned long long)(bytelen * 8)); retval = (enum __anonenum_HashReturn_26)tmp_2; } if (retval != (unsigned int)KAT_SUCCESS) { printf("Squeeze returned <%d> in genMonteCarloSqueezing\n",retval); __retres = KAT_HASH_ERROR; goto return_label; } } i ++; } fprintf(fp_out,"\nj = %d\n",j); fprintBstr(fp_out,(char *)"MD = ",MD,bytelen); j ++; } printf("finished MonteCarloKAT for <%d>\n",hashbitlen); fclose(fp_in); fclose(fp_out); __retres = KAT_SUCCESS; return_label: /* internal */ return __retres; } STATUS_CODES genDuplexKAT(unsigned int rate, unsigned int capacity, char const *fileName) { STATUS_CODES __retres; int inLen; int inByteLen; int outLen; int outByteLen; int done; BitSequence in[256]; BitSequence out[256]; FILE *fp_in; FILE *fp_out; duplexState state; fp_in = fopen("DuplexKAT.txt","r"); if (fp_in == (void *)0) { printf("Couldn\'t open for read\n"); __retres = KAT_FILE_OPEN_ERROR; goto return_label; } fp_out = fopen(fileName,"w"); if (fp_out == (void *)0) { printf("Couldn\'t open <%s> for write\n",fileName); __retres = KAT_FILE_OPEN_ERROR; goto return_label; } fprintf(fp_out,"# %s\n",fileName); fprintf(fp_out, "# Algorithm: Duplex[f=Keccak-f[1600], pad=pad10*1, r=%d, c=%d, \317\201max=%d]\n", rate,capacity,rate - (unsigned int)2); InitDuplex(& state,rate,capacity); done = 0; outLen = (int)rate; outByteLen = (outLen + 7) / 8; while (1) { { int tmp; int tmp_0; tmp = FindMarker(fp_in,"InLen = "); if (tmp) fscanf(fp_in,"%d",& inLen); else { done = 1; break; } inByteLen = (inLen + 7) / 8; tmp_0 = ReadHex(fp_in,in,inByteLen,(char *)"In = "); if (! tmp_0) { printf("ERROR: unable to read \'In\' from \n"); __retres = KAT_DATA_ERROR; goto return_label; } if ((unsigned int)inLen <= rate - (unsigned int)2) { fprintf(fp_out,"\nInLen = %d\n",inLen); fprintBstr(fp_out,(char *)"In = ",in,inByteLen); Duplexing(& state,(unsigned char const *)(in),(unsigned int)inLen, out,(unsigned int)outLen); fprintf(fp_out,"OutLen = %d\n",outLen); fprintBstr(fp_out,(char *)"Out = ",out,outByteLen); } } if (! (! done)) break; } printf("finished DuplexKAT for <%s>\n",fileName); fclose(fp_in); fclose(fp_out); __retres = KAT_SUCCESS; return_label: /* internal */ return __retres; } int FindMarker(FILE *infile, char const *marker) { int __retres; char line[50]; int i; int len; size_t tmp; { /*undefined sequence*/ tmp = strlen(marker); len = (int)tmp; } if (len > 50 - 1) len = 50 - 1; i = 0; while (i < len) { int tmp_1; char tmp_0; { /*undefined sequence*/ tmp_1 = fgetc(infile); tmp_0 = (char)tmp_1; } line[i] = tmp_0; if ((int)tmp_0 == -1) { __retres = 0; goto return_label; } i ++; } line[len] = (char)'\000'; while (1) { { int tmp_2; int tmp_4; char tmp_3; tmp_2 = strncmp((char const *)(line),marker,(unsigned long)len); if (! tmp_2) { __retres = 1; goto return_label; } i = 0; while (i < len - 1) { line[i] = line[i + 1]; i ++; } { /*undefined sequence*/ tmp_4 = fgetc(infile); tmp_3 = (char)tmp_4; } line[len - 1] = tmp_3; if ((int)tmp_3 == -1) { __retres = 0; goto return_label; } line[len] = (char)'\000'; } } __retres = 0; return_label: /* internal */ return __retres; } int ReadHex(FILE *infile, BitSequence *A, int Length, char *str) { int __retres; int i; int ch; int started; BitSequence ich; int tmp_0; if (Length == 0) { *(A + 0) = (unsigned char)0x00; __retres = 1; goto return_label; } memset((void *)A,0x00,(unsigned long)Length); started = 0; tmp_0 = FindMarker(infile,(char const *)str); if (tmp_0) while (1) { ch = fgetc(infile); if (! (ch != -1)) break; { unsigned short const **tmp; { /*undefined sequence*/ tmp = __ctype_b_loc(); ; } if (! ((int)*(*tmp + ch) & (int)((unsigned short)_ISxdigit))) if (! started) if (ch == '\n') break; else continue; else break; started = 1; if (ch >= '0') { if (ch <= '9') ich = (unsigned char)(ch - '0'); else goto _LAND_0; } else { _LAND_0: /* internal */ ; if (ch >= 'A') { if (ch <= 'F') ich = (unsigned char)((ch - 'A') + 10); else goto _LAND; } else { _LAND: /* internal */ ; if (ch >= 'a') if (ch <= 'f') ich = (unsigned char)((ch - 'a') + 10); } } i = 0; while (i < Length - 1) { *(A + i) = (unsigned char)(((int)*(A + i) << 4) | ((int)*(A + ( i + 1)) >> 4)); i ++; } *(A + (Length - 1)) = (unsigned char)(((int)*(A + (Length - 1)) << 4) | (int)ich); } } else { __retres = 0; goto return_label; } __retres = 1; return_label: /* internal */ return __retres; } void fprintBstr(FILE *fp, char *S, BitSequence *A, int L) { int i; fprintf(fp,"%s",S); i = 0; while (i < L) { fprintf(fp,"%02X",*(A + i)); i ++; } if (L == 0) fprintf(fp,"00"); fprintf(fp,"\n"); return; } void KeccakInitialize(void); void KeccakInitializeState(unsigned char *state); void KeccakAbsorb(unsigned char *state, unsigned char const *data, unsigned int laneCount); void KeccakExtract(unsigned char const *state, unsigned char *data, unsigned int laneCount); int InitDuplex(duplexState *state, unsigned int rate, unsigned int capacity) { int __retres; if (rate + capacity != (unsigned int)1600) { __retres = 1; goto return_label; } if (rate <= (unsigned int)0) { __retres = 1; goto return_label; } else if (rate > (unsigned int)1600) { __retres = 1; goto return_label; } KeccakInitialize(); state->rate = rate; state->capacity = capacity; state->rho_max = rate - (unsigned int)2; KeccakInitializeState((unsigned char *)(state->state)); __retres = 0; return_label: /* internal */ return __retres; } int Duplexing(duplexState *state, unsigned char const *in, unsigned int inBitLen, unsigned char *out, unsigned int outBitLen) { int __retres; unsigned char __attribute__((__aligned__(32))) block[1600 / 8]; if (inBitLen > state->rho_max) { __retres = 1; goto return_label; } if (inBitLen % (unsigned int)8 != (unsigned int)0) { unsigned char mask; mask = (unsigned char)(~ ((1 << inBitLen % (unsigned int)8) - 1)); if (((int)*(in + inBitLen / (unsigned int)8) & (int)mask) != 0) { __retres = 1; goto return_label; } } if (outBitLen > state->rate) { __retres = 1; goto return_label; } memcpy((void *)(block),(void const *)in, (unsigned long)((inBitLen + (unsigned int)7) / (unsigned int)8)); memset((void *)(& block[(inBitLen + (unsigned int)7) / (unsigned int)8]),0, (unsigned long)(((state->rate + (unsigned int)63) / (unsigned int)64) * (unsigned int)8 - (inBitLen + (unsigned int)7) / (unsigned int)8)); block[inBitLen / (unsigned int)8] = (unsigned char __attribute__((__aligned__(32))))( (int __attribute__((__aligned__(32))))block[inBitLen / (unsigned int)8] | (int __attribute__(( __aligned__(32))))(1 << inBitLen % (unsigned int)8)); block[(state->rate - (unsigned int)1) / (unsigned int)8] = (unsigned char __attribute__(( __aligned__(32))))((int __attribute__((__aligned__(32))))block[(state->rate - (unsigned int)1) / (unsigned int)8] | (int __attribute__(( __aligned__(32))))(1 << (state->rate - (unsigned int)1) % (unsigned int)8)); KeccakAbsorb((unsigned char *)(state->state), (unsigned char const *)(block), (state->rate + (unsigned int)63) / (unsigned int)64); KeccakExtract((unsigned char const *)(state->state), (unsigned char *)(block), (state->rate + (unsigned int)63) / (unsigned int)64); memcpy((void *)out,(void const *)(block), (unsigned long)((outBitLen + (unsigned int)7) / (unsigned int)8)); if (outBitLen % (unsigned int)8 != (unsigned int)0) { unsigned char mask_0; mask_0 = (unsigned char)((1 << outBitLen % (unsigned int)8) - 1); *(out + outBitLen / (unsigned int)8) = (unsigned char)((int)*(out + outBitLen / (unsigned int)8) & (int)mask_0); } __retres = 0; return_label: /* internal */ return __retres; } HashReturn Init(hashState *state, int hashbitlen) { HashReturn __retres; switch (hashbitlen) { case 0: InitSponge(state,(unsigned int)1024,(unsigned int)576); break; case 224: InitSponge(state,(unsigned int)1152,(unsigned int)448); break; case 256: InitSponge(state,(unsigned int)1088,(unsigned int)512); break; case 384: InitSponge(state,(unsigned int)832,(unsigned int)768); break; case 512: InitSponge(state,(unsigned int)576,(unsigned int)1024); break; default: ; __retres = BAD_HASHLEN; goto return_label; } state->fixedOutputLength = (unsigned int)hashbitlen; __retres = SUCCESS; return_label: /* internal */ return __retres; } HashReturn Update(hashState *state, BitSequence const *data, DataLength databitlen) { HashReturn __retres; if (databitlen % (unsigned long long)8 == (unsigned long long)0) { int tmp; tmp = Absorb(state,data,databitlen); __retres = (enum __anonenum_HashReturn_26)tmp; goto return_label; } else { HashReturn ret; int tmp_0; tmp_0 = Absorb(state,data, databitlen - databitlen % (unsigned long long)8); ret = (enum __anonenum_HashReturn_26)tmp_0; if (ret == (unsigned int)SUCCESS) { unsigned char lastByte; int tmp_1; lastByte = (unsigned char)((int)*(data + databitlen / (DataLength)8) >> ( (unsigned long long)8 - databitlen % (unsigned long long)8)); tmp_1 = Absorb(state,(unsigned char const *)(& lastByte), databitlen % (unsigned long long)8); __retres = (enum __anonenum_HashReturn_26)tmp_1; goto return_label; } else { __retres = ret; goto return_label; } } return_label: /* internal */ return __retres; } HashReturn Final(hashState *state, BitSequence *hashval) { HashReturn __retres; int tmp; tmp = Squeeze(state,hashval,(unsigned long long)state->fixedOutputLength); __retres = (enum __anonenum_HashReturn_26)tmp; return __retres; } HashReturn Hash(int hashbitlen, BitSequence const *data, DataLength databitlen, BitSequence *hashval) { HashReturn __retres; hashState state; HashReturn result; if (hashbitlen != 224) if (hashbitlen != 256) if (hashbitlen != 384) if (hashbitlen != 512) { __retres = BAD_HASHLEN; goto return_label; } result = Init(& state,hashbitlen); if (result != (unsigned int)SUCCESS) { __retres = result; goto return_label; } result = Update(& state,data,databitlen); if (result != (unsigned int)SUCCESS) { __retres = result; goto return_label; } result = Final(& state,hashval); __retres = result; return_label: /* internal */ return __retres; } void KeccakPermutation(unsigned char *state); void KeccakAbsorb576bits(unsigned char *state, unsigned char const *data); void KeccakAbsorb832bits(unsigned char *state, unsigned char const *data); void KeccakAbsorb1024bits(unsigned char *state, unsigned char const *data); void KeccakAbsorb1088bits(unsigned char *state, unsigned char const *data); void KeccakAbsorb1152bits(unsigned char *state, unsigned char const *data); void KeccakAbsorb1344bits(unsigned char *state, unsigned char const *data); void KeccakExtract1024bits(unsigned char const *state, unsigned char *data); int InitSponge(spongeState *state, unsigned int rate, unsigned int capacity) { int __retres; if (rate + capacity != (unsigned int)1600) { __retres = 1; goto return_label; } if (rate <= (unsigned int)0) { __retres = 1; goto return_label; } else if (rate >= (unsigned int)1600) { __retres = 1; goto return_label; } else if (rate % (unsigned int)64 != (unsigned int)0) { __retres = 1; goto return_label; } KeccakInitialize(); state->rate = rate; state->capacity = capacity; state->fixedOutputLength = (unsigned int)0; KeccakInitializeState((unsigned char *)(state->state)); memset((void *)(state->dataQueue),0,(unsigned long)(1536 / 8)); state->bitsInQueue = (unsigned int)0; state->squeezing = 0; state->bitsAvailableForSqueezing = (unsigned int)0; __retres = 0; return_label: /* internal */ return __retres; } void AbsorbQueue(spongeState *state) { if (state->rate == (unsigned int)576) KeccakAbsorb576bits((unsigned char *)(state->state), (unsigned char const *)(state->dataQueue)); else if (state->rate == (unsigned int)832) KeccakAbsorb832bits((unsigned char *)(state->state), (unsigned char const *)(state->dataQueue)); else if (state->rate == (unsigned int)1024) KeccakAbsorb1024bits((unsigned char *)(state->state), (unsigned char const *)(state->dataQueue)); else if (state->rate == (unsigned int)1088) KeccakAbsorb1088bits((unsigned char *)(state->state), (unsigned char const *)(state->dataQueue)); else if (state->rate == (unsigned int)1152) KeccakAbsorb1152bits ((unsigned char *)(state->state), (unsigned char const *)(state->dataQueue)); else if (state->rate == (unsigned int)1344) KeccakAbsorb1344bits ((unsigned char *)(state->state), (unsigned char const *)(state->dataQueue)); else KeccakAbsorb((unsigned char *)(state->state), (unsigned char const *)(state->dataQueue), state->rate / (unsigned int)64); state->bitsInQueue = (unsigned int)0; return; } int Absorb(spongeState *state, unsigned char const *data, unsigned long long databitlen) { int __retres; unsigned long long i; unsigned long long j; unsigned long long wholeBlocks; unsigned int partialBlock; unsigned int partialByte; unsigned char const *curData; if (state->bitsInQueue % (unsigned int)8 != (unsigned int)0) { __retres = 1; goto return_label; } if (state->squeezing) { __retres = 1; goto return_label; } i = (unsigned long long)0; while (i < databitlen) if (state->bitsInQueue == (unsigned int)0) { if (databitlen >= (unsigned long long)state->rate) { if (i <= databitlen - (unsigned long long)state->rate) { wholeBlocks = (databitlen - i) / (unsigned long long)state->rate; curData = data + i / (unsigned long long)8; if (state->rate == (unsigned int)576) { j = (unsigned long long)0; while (j < wholeBlocks) { KeccakAbsorb576bits((unsigned char *)(state->state),curData); j ++; curData += 576 / 8; } } else if (state->rate == (unsigned int)832) { j = (unsigned long long)0; while (j < wholeBlocks) { KeccakAbsorb832bits((unsigned char *)(state->state),curData); j ++; curData += 832 / 8; } } else if (state->rate == (unsigned int)1024) { j = (unsigned long long)0; while (j < wholeBlocks) { KeccakAbsorb1024bits((unsigned char *)(state->state), curData); j ++; curData += 1024 / 8; } } else if (state->rate == (unsigned int)1088) { j = (unsigned long long)0; while (j < wholeBlocks) { KeccakAbsorb1088bits((unsigned char *)(state->state), curData); j ++; curData += 1088 / 8; } } else if (state->rate == (unsigned int)1152) { j = (unsigned long long)0; while (j < wholeBlocks) { KeccakAbsorb1152bits((unsigned char *)(state->state), curData); j ++; curData += 1152 / 8; } } else if (state->rate == (unsigned int)1344) { j = (unsigned long long)0; while (j < wholeBlocks) { KeccakAbsorb1344bits((unsigned char *)(state->state), curData); j ++; curData += 1344 / 8; } } else { j = (unsigned long long)0; while (j < wholeBlocks) { KeccakAbsorb((unsigned char *)(state->state),curData, state->rate / (unsigned int)64); j ++; curData += state->rate / (unsigned int)8; } } i += wholeBlocks * (unsigned long long)state->rate; } else goto _LAND_0; } else goto _LAND_0; } else { _LAND_0: /* internal */ partialBlock = (unsigned int)(databitlen - i); if (partialBlock + state->bitsInQueue > state->rate) partialBlock = state->rate - state->bitsInQueue; partialByte = partialBlock % (unsigned int)8; partialBlock -= partialByte; memcpy((void *)(& state->dataQueue[state->bitsInQueue / (unsigned int)8]), (void const *)(data + i / (unsigned long long)8), (unsigned long)(partialBlock / (unsigned int)8)); state->bitsInQueue += partialBlock; i += (unsigned long long)partialBlock; if (state->bitsInQueue == state->rate) AbsorbQueue(state); if (partialByte > (unsigned int)0) { unsigned char mask; mask = (unsigned char)((1 << partialByte) - 1); state->dataQueue[state->bitsInQueue / (unsigned int)8] = (unsigned char __attribute__(( __aligned__(32))))((int)*(data + i / (unsigned long long)8) & (int)mask); state->bitsInQueue += partialByte; i += (unsigned long long)partialByte; } } __retres = 0; return_label: /* internal */ return __retres; } void PadAndSwitchToSqueezingPhase(spongeState *state) { if (state->bitsInQueue + (unsigned int)1 == state->rate) { state->dataQueue[state->bitsInQueue / (unsigned int)8] = (unsigned char __attribute__(( __aligned__(32))))((int __attribute__((__aligned__(32))))state->dataQueue[ state->bitsInQueue / (unsigned int)8] | (int __attribute__(( __aligned__(32))))(1 << state->bitsInQueue % (unsigned int)8)); AbsorbQueue(state); memset((void *)(state->dataQueue),0, (unsigned long)(state->rate / (unsigned int)8)); } else { memset((void *)(& state->dataQueue[(state->bitsInQueue + (unsigned int)7) / (unsigned int)8]), 0, (unsigned long)(state->rate / (unsigned int)8 - (state->bitsInQueue + (unsigned int)7) / (unsigned int)8)); state->dataQueue[state->bitsInQueue / (unsigned int)8] = (unsigned char __attribute__(( __aligned__(32))))((int __attribute__((__aligned__(32))))state->dataQueue[ state->bitsInQueue / (unsigned int)8] | (int __attribute__(( __aligned__(32))))(1 << state->bitsInQueue % (unsigned int)8)); } state->dataQueue[(state->rate - (unsigned int)1) / (unsigned int)8] = (unsigned char __attribute__(( __aligned__(32))))((int __attribute__((__aligned__(32))))state->dataQueue[ (state->rate - (unsigned int)1) / (unsigned int)8] | (int __attribute__(( __aligned__(32))))(1 << (state->rate - (unsigned int)1) % (unsigned int)8)); AbsorbQueue(state); if (state->rate == (unsigned int)1024) { KeccakExtract1024bits((unsigned char const *)(state->state), (unsigned char *)(state->dataQueue)); state->bitsAvailableForSqueezing = (unsigned int)1024; } else { KeccakExtract((unsigned char const *)(state->state), (unsigned char *)(state->dataQueue), state->rate / (unsigned int)64); state->bitsAvailableForSqueezing = state->rate; } state->squeezing = 1; return; } int Squeeze(spongeState *state, unsigned char *output, unsigned long long outputLength) { int __retres; unsigned long long i; unsigned int partialBlock; if (! state->squeezing) PadAndSwitchToSqueezingPhase(state); if (outputLength % (unsigned long long)8 != (unsigned long long)0) { __retres = 1; goto return_label; } i = (unsigned long long)0; while (i < outputLength) { if (state->bitsAvailableForSqueezing == (unsigned int)0) { KeccakPermutation((unsigned char *)(state->state)); if (state->rate == (unsigned int)1024) { KeccakExtract1024bits((unsigned char const *)(state->state), (unsigned char *)(state->dataQueue)); state->bitsAvailableForSqueezing = (unsigned int)1024; } else { KeccakExtract((unsigned char const *)(state->state), (unsigned char *)(state->dataQueue), state->rate / (unsigned int)64); state->bitsAvailableForSqueezing = state->rate; } } partialBlock = state->bitsAvailableForSqueezing; if ((unsigned long long)partialBlock > outputLength - i) partialBlock = (unsigned int)( outputLength - i); memcpy((void *)(output + i / (unsigned long long)8), (void const *)(& state->dataQueue[(state->rate - state->bitsAvailableForSqueezing) / (unsigned int)8]), (unsigned long)(partialBlock / (unsigned int)8)); state->bitsAvailableForSqueezing -= partialBlock; i += (unsigned long long)partialBlock; } __retres = 0; return_label: /* internal */ return __retres; } void displaySetIntermediateValueFile(FILE *f); void displaySetLevel(int level); void displayBytes(int level, char const *text, unsigned char const *bytes, unsigned int size); void displayBits(int level, char const *text, unsigned char const *data, unsigned int size, int MSBfirst); void displayStateAsBytes(int level, char const *text, unsigned char const *state); void displayStateAs32bitWords(int level, char const *text, unsigned int const *state); void displayStateAs64bitWords(int level, char const *text, unsigned long long const *state); void displayRoundNumber(int level, unsigned int i); void displayText(int level, char const *text); FILE *intermediateValueFile = (FILE *)0; int displayLevel = 0; void displaySetIntermediateValueFile(FILE *f) { intermediateValueFile = f; return; } void displaySetLevel(int level) { displayLevel = level; return; } void displayBytes(int level, char const *text, unsigned char const *bytes, unsigned int size) { unsigned int i; if (intermediateValueFile) if (level <= displayLevel) { fprintf(intermediateValueFile,"%s:\n",text); i = (unsigned int)0; while (i < size) { fprintf(intermediateValueFile,"%02X ",*(bytes + i)); i ++; } fprintf(intermediateValueFile,"\n"); fprintf(intermediateValueFile,"\n"); } return; } void displayBits(int level, char const *text, unsigned char const *data, unsigned int size, int MSBfirst) { unsigned int i; unsigned int iByte; unsigned int iBit; if (intermediateValueFile) if (level <= displayLevel) { fprintf(intermediateValueFile,"%s:\n",text); i = (unsigned int)0; while (i < size) { iByte = i / (unsigned int)8; iBit = i % (unsigned int)8; if (MSBfirst) fprintf(intermediateValueFile,"%d ", (((int)*(data + iByte) << iBit) & 0x80) != 0); else fprintf(intermediateValueFile,"%d ", (((int)*(data + iByte) >> iBit) & 0x01) != 0); i ++; } fprintf(intermediateValueFile,"\n"); fprintf(intermediateValueFile,"\n"); } return; } void displayStateAsBytes(int level, char const *text, unsigned char const *state) { displayBytes(level,text,state,(unsigned int)(1600 / 8)); return; } void displayStateAs32bitWords(int level, char const *text, unsigned int const *state) { unsigned int i; if (intermediateValueFile) if (level <= displayLevel) { fprintf(intermediateValueFile,"%s:\n",text); i = (unsigned int)0; while (i < (unsigned int)(1600 / 64)) { fprintf(intermediateValueFile,"%08X:%08X", *(state + ((unsigned int)2 * i + (unsigned int)0)), *(state + ((unsigned int)2 * i + (unsigned int)1))); if (i % (unsigned int)5 == (unsigned int)4) fprintf(intermediateValueFile, "\n"); else fprintf(intermediateValueFile," "); i ++; } } return; } void displayStateAs64bitWords(int level, char const *text, unsigned long long const *state) { unsigned int i; if (intermediateValueFile) if (level <= displayLevel) { fprintf(intermediateValueFile,"%s:\n",text); i = (unsigned int)0; while (i < (unsigned int)(1600 / 64)) { fprintf(intermediateValueFile,"%08X", (unsigned int)(*(state + i) >> 32)); fprintf(intermediateValueFile,"%08X", (unsigned int)(*(state + i) & 0xFFFFFFFFULL)); if (i % (unsigned int)5 == (unsigned int)4) fprintf(intermediateValueFile, "\n"); else fprintf(intermediateValueFile," "); i ++; } } return; } void displayRoundNumber(int level, unsigned int i) { if (intermediateValueFile) if (level <= displayLevel) { fprintf(intermediateValueFile,"\n"); fprintf(intermediateValueFile,"--- Round %d ---\n",i); fprintf(intermediateValueFile,"\n"); } return; } void displayText(int level, char const *text) { if (intermediateValueFile) if (level <= displayLevel) { fprintf(intermediateValueFile,text); fprintf(intermediateValueFile,"\n"); fprintf(intermediateValueFile,"\n"); } return; } UINT64 KeccakRoundConstants[24]; unsigned int KeccakRhoOffsets[25]; void KeccakPermutationOnWords(UINT64 *state); void theta(UINT64 *A); void rho(UINT64 *A); void pi(UINT64 *A); void chi(UINT64 *A); void iota(UINT64 *A, unsigned int indexRound); void fromBytesToWords(UINT64 *stateAsWords, unsigned char const *state) { unsigned int i; unsigned int j; i = (unsigned int)0; while (i < (unsigned int)(1600 / 64)) { *(stateAsWords + i) = (unsigned long long)0; j = (unsigned int)0; while (j < (unsigned int)(64 / 8)) { *(stateAsWords + i) |= (unsigned long long)*(state + (i * (unsigned int)( 64 / 8) + j)) << (unsigned int)8 * j; j ++; } i ++; } return; } void fromWordsToBytes(unsigned char *state, UINT64 const *stateAsWords) { unsigned int i; unsigned int j; i = (unsigned int)0; while (i < (unsigned int)(1600 / 64)) { j = (unsigned int)0; while (j < (unsigned int)(64 / 8)) { *(state + (i * (unsigned int)(64 / 8) + j)) = (unsigned char)(( *( stateAsWords + i) >> (unsigned int)8 * j) & (unsigned long long)0xFF); j ++; } i ++; } return; } void KeccakPermutation(unsigned char *state) { displayStateAsBytes(1,"Input of permutation",(unsigned char const *)state); KeccakPermutationOnWords((UINT64 *)state); displayStateAsBytes(1,"State after permutation", (unsigned char const *)state); return; } void KeccakPermutationAfterXor(unsigned char *state, unsigned char const *data, unsigned int dataLengthInBytes) { unsigned int i; i = (unsigned int)0; while (i < dataLengthInBytes) { *(state + i) = (unsigned char)((int)*(state + i) ^ (int)*(data + i)); i ++; } KeccakPermutation(state); return; } void KeccakPermutationOnWords(UINT64 *state) { unsigned int i; displayStateAs64bitWords(3,"Same, with lanes as 64-bit words", (unsigned long long const *)state); i = (unsigned int)0; while (i < (unsigned int)24) { displayRoundNumber(3,i); theta(state); displayStateAs64bitWords(3,"After theta", (unsigned long long const *)state); rho(state); displayStateAs64bitWords(3,"After rho",(unsigned long long const *)state); pi(state); displayStateAs64bitWords(3,"After pi",(unsigned long long const *)state); chi(state); displayStateAs64bitWords(3,"After chi",(unsigned long long const *)state); iota(state,i); displayStateAs64bitWords(3,"After iota", (unsigned long long const *)state); i ++; } return; } void theta(UINT64 *A) { unsigned int x; unsigned int y; UINT64 C[5]; UINT64 D[5]; x = (unsigned int)0; while (x < (unsigned int)5) { C[x] = (unsigned long long)0; y = (unsigned int)0; while (y < (unsigned int)5) { C[x] ^= *(A + (x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5))); y ++; } x ++; } x = (unsigned int)0; while (x < (unsigned int)5) { unsigned long long tmp; { /*undefined sequence*/ if (1 != 0) tmp = (C[(x + (unsigned int)1) % (unsigned int)5] << 1) ^ ( C[(x + (unsigned int)1) % (unsigned int)5] >> ( 64 - 1)); else tmp = C[(x + (unsigned int)1) % (unsigned int)5]; D[x] = tmp ^ C[(x + (unsigned int)4) % (unsigned int)5]; } x ++; } x = (unsigned int)0; while (x < (unsigned int)5) { y = (unsigned int)0; while (y < (unsigned int)5) { *(A + (x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5))) ^= D[x]; y ++; } x ++; } return; } void rho(UINT64 *A) { unsigned int x; unsigned int y; x = (unsigned int)0; while (x < (unsigned int)5) { y = (unsigned int)0; while (y < (unsigned int)5) { if (KeccakRhoOffsets[x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5)] != (unsigned int)0) *(A + (x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5))) = (*(A + (x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5))) << KeccakRhoOffsets[ x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5)]) ^ ( *(A + (x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5))) >> ( (unsigned int)64 - KeccakRhoOffsets[x % (unsigned int)5 + (unsigned int)5 * ( y % (unsigned int)5)])); else *(A + (x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5))) = *( A + (x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5))); y ++; } x ++; } return; } void pi(UINT64 *A) { unsigned int x; unsigned int y; UINT64 tempA[25]; x = (unsigned int)0; while (x < (unsigned int)5) { y = (unsigned int)0; while (y < (unsigned int)5) { tempA[x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5)] = *( A + (x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5))); y ++; } x ++; } x = (unsigned int)0; while (x < (unsigned int)5) { y = (unsigned int)0; while (y < (unsigned int)5) { *(A + (((unsigned int)0 * x + (unsigned int)1 * y) % (unsigned int)5 + (unsigned int)5 * (((unsigned int)2 * x + (unsigned int)3 * y) % (unsigned int)5))) = tempA[ x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5)]; y ++; } x ++; } return; } void chi(UINT64 *A) { unsigned int x; unsigned int y; UINT64 C[5]; y = (unsigned int)0; while (y < (unsigned int)5) { x = (unsigned int)0; while (x < (unsigned int)5) { C[x] = *(A + (x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5))) ^ ( ~ *(A + ((x + (unsigned int)1) % (unsigned int)5 + (unsigned int)5 * ( y % (unsigned int)5))) & *( A + ((x + (unsigned int)2) % (unsigned int)5 + (unsigned int)5 * ( y % (unsigned int)5)))); x ++; } x = (unsigned int)0; while (x < (unsigned int)5) { *(A + (x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5))) = C[x]; x ++; } y ++; } return; } void iota(UINT64 *A, unsigned int indexRound) { *(A + (0 % 5 + 5 * (0 % 5))) ^= KeccakRoundConstants[indexRound]; return; } int LFSR86540(UINT8 *LFSR) { int result; result = ((int)*LFSR & 0x01) != 0; if (((int)*LFSR & 0x80) != 0) *LFSR = (unsigned char)(((int)*LFSR << 1) ^ 0x71); else *LFSR = (unsigned char)((int)*LFSR << 1); return result; } void KeccakInitializeRoundConstants(void) { UINT8 LFSRstate; unsigned int i; unsigned int j; unsigned int bitPosition; LFSRstate = (unsigned char)0x01; i = (unsigned int)0; while (i < (unsigned int)24) { KeccakRoundConstants[i] = (unsigned long long)0; j = (unsigned int)0; while (j < (unsigned int)7) { { int tmp; bitPosition = (unsigned int)((1 << j) - 1); tmp = LFSR86540(& LFSRstate); if (tmp) KeccakRoundConstants[i] ^= (unsigned long long)1 << bitPosition; } j ++; } i ++; } return; } void KeccakInitializeRhoOffsets(void) { unsigned int x; unsigned int y; unsigned int t; unsigned int newX; unsigned int newY; KeccakRhoOffsets[0 % 5 + 5 * (0 % 5)] = (unsigned int)0; x = (unsigned int)1; y = (unsigned int)0; t = (unsigned int)0; while (t < (unsigned int)24) { KeccakRhoOffsets[x % (unsigned int)5 + (unsigned int)5 * (y % (unsigned int)5)] = (((t + (unsigned int)1) * (t + (unsigned int)2)) / (unsigned int)2) % (unsigned int)64; newX = ((unsigned int)0 * x + (unsigned int)1 * y) % (unsigned int)5; newY = ((unsigned int)2 * x + (unsigned int)3 * y) % (unsigned int)5; x = newX; y = newY; t ++; } return; } void KeccakInitialize(void) { KeccakInitializeRoundConstants(); KeccakInitializeRhoOffsets(); return; } void displayRoundConstants(FILE *f) { unsigned int i; i = (unsigned int)0; while (i < (unsigned int)24) { fprintf(f,"RC[%02i][0][0] = ",i); fprintf(f,"%08X",(unsigned int)(KeccakRoundConstants[i] >> 32)); fprintf(f,"%08X",(unsigned int)(KeccakRoundConstants[i] & 0xFFFFFFFFULL)); fprintf(f,"\n"); i ++; } fprintf(f,"\n"); return; } void displayRhoOffsets(FILE *f) { unsigned int x; unsigned int y; y = (unsigned int)0; while (y < (unsigned int)5) { x = (unsigned int)0; while (x < (unsigned int)5) { fprintf(f,"RhoOffset[%i][%i] = ",x,y); fprintf(f,"%2i", KeccakRhoOffsets[x % (unsigned int)5 + (unsigned int)5 * ( y % (unsigned int)5)]); fprintf(f,"\n"); x ++; } y ++; } fprintf(f,"\n"); return; } void KeccakInitializeState(unsigned char *state) { memset((void *)state,0,(unsigned long)(1600 / 8)); return; } void KeccakAbsorb576bits(unsigned char *state, unsigned char const *data) { KeccakPermutationAfterXor(state,data,(unsigned int)72); return; } void KeccakAbsorb832bits(unsigned char *state, unsigned char const *data) { KeccakPermutationAfterXor(state,data,(unsigned int)104); return; } void KeccakAbsorb1024bits(unsigned char *state, unsigned char const *data) { KeccakPermutationAfterXor(state,data,(unsigned int)128); return; } void KeccakAbsorb1088bits(unsigned char *state, unsigned char const *data) { KeccakPermutationAfterXor(state,data,(unsigned int)136); return; } void KeccakAbsorb1152bits(unsigned char *state, unsigned char const *data) { KeccakPermutationAfterXor(state,data,(unsigned int)144); return; } void KeccakAbsorb1344bits(unsigned char *state, unsigned char const *data) { KeccakPermutationAfterXor(state,data,(unsigned int)168); return; } void KeccakAbsorb(unsigned char *state, unsigned char const *data, unsigned int laneCount) { KeccakPermutationAfterXor(state,data,laneCount * (unsigned int)8); return; } void KeccakExtract1024bits(unsigned char const *state, unsigned char *data) { memcpy((void *)data,(void const *)state,(unsigned long)128); return; } void KeccakExtract(unsigned char const *state, unsigned char *data, unsigned int laneCount) { memcpy((void *)data,(void const *)state, (unsigned long)(laneCount * (unsigned int)8)); return; }