Fix libkeccak_degeneralise_spec and add missing error: LIBKECCAK_GENERALISED_SPEC_ERROR_STATE_BITRATE_CAPACITY_INCONSISTENCY

Signed-off-by: Mattias Andrée <maandree@kth.se>

3 files changed, 29 insertions, 19 deletions

diff --git a/libkeccak.h b/libkeccak.h
index 1244aec..932c5de 100644
--- a/libkeccak.h
+++ b/libkeccak.h
@@ -160,6 +160,14 @@
  */
 #define LIBKECCAK_GENERALISED_SPEC_ERROR_OUTPUT_NONPOSITIVE 11
 
+/**
+ * Invalid `struct libkeccak_generalised_spec.state_size`,
+ * `struct libkeccak_generalised_spec.bitrate`, and
+ * `struct libkeccak_generalised_spec.capacity`:
+ * `.bitrate + .capacity != .state_size`
+ */
+#define LIBKECCAK_GENERALISED_SPEC_ERROR_STATE_BITRATE_CAPACITY_INCONSISTENCY 12
+
 
 /**
  * Data structure that describes the parameters
@@ -313,7 +321,7 @@ libkeccak_spec_rawshake(struct libkeccak_spec *spec, long int x, long int d)
 }
 
 /**
- * Fill in a `struct libkeccak_spec` for a SHAKEx hashing
+< * Fill in a `struct libkeccak_spec` for a SHAKEx hashing
  * 
  * @param  spec:struct libkeccak_spec *  The specifications datastructure to fill in
  * @param  x:long                        The value of x in `SHAKEx`, half the capacity
diff --git a/libkeccak_degeneralise_spec.3 b/libkeccak_degeneralise_spec.3
index bed40c4..b4819b3 100644
--- a/libkeccak_degeneralise_spec.3
+++ b/libkeccak_degeneralise_spec.3
@@ -84,6 +84,10 @@ modulus 8, that is, it was not in whole bytes.
 .TP
 .B LIBKECCAK_GENERALISED_SPEC_ERROR_OUTPUT_NONPOSITIVE
 The specified output size was non-positive.
+.TP
+.B LIBKECCAK_GENERALISED_SPEC_ERROR_STATE_BITRATE_CAPACITY_INCONSISTENCY
+The sum of the bitrate and the capacity does not equal
+the state size (25 times the word size).
 .PP
 Note that there may be more than one error. Only the first
 detected is returned.
diff --git a/libkeccak_degeneralise_spec.c b/libkeccak_degeneralise_spec.c
index 7fc51aa..99c8e00 100644
--- a/libkeccak_degeneralise_spec.c
+++ b/libkeccak_degeneralise_spec.c
@@ -81,29 +81,27 @@ libkeccak_degeneralise_spec(struct libkeccak_generalised_spec *restrict spec, st
 	}
 
 
-	if (!have_bitrate && !have_capacity && !have_output) {
-		state_size = deft(state_size, 1600L);
-		output = ((state_size << 5) / 100L + 7L) & ~0x07L;
-		bitrate = output << 1;
-		capacity = state_size - bitrate;
-		output = output >= 8 ? output : 8;
-	} else if (!have_bitrate && !have_capacity) {
-		bitrate = 1024;
-		capacity = 1600 - 1024;
-		state_size = deft(state_size, bitrate + capacity);
-	} else if (!have_bitrate) {
+	if (have_bitrate + have_capacity == 2) {
+		if (!have_state_size) {
+			state_size = bitrate + capacity;
+			output = deft(output, capacity * 2L <= 8 ? 8 : capacity * 2L);
+		} else if (state_size != bitrate + capacity) {
+			return LIBKECCAK_GENERALISED_SPEC_ERROR_STATE_BITRATE_CAPACITY_INCONSISTENCY;
+		}
+	} else if (have_bitrate + have_capacity == 1) {
 		state_size = deft(state_size, 1600L);
-		bitrate = state_size - capacity;
-		output = deft(output, capacity == 8 ? 8 : (capacity << 1));
-	} else if (!have_capacity) {
+		bitrate = deft(bitrate, state_size - capacity);
+		capacity = deft(capacity, state_size - bitrate);
+		output = deft(output, capacity * 2L <= 8 ? 8 : capacity * 2L);
+	} else {
 		state_size = deft(state_size, 1600L);
+		output = deft(output, (state_size * 32L / 100L + 7L) & ~7L);
+		bitrate = 2L * output;
 		capacity = state_size - bitrate;
-		output = deft(output, capacity == 8 ? 8 : (capacity << 1));
-	} else {
-		state_size = deft(state_size, bitrate + capacity);
-		output = deft(output, capacity == 8 ? 8 : (capacity << 1));
+		output = deft(output, bitrate / 2L <= 8 ? 8 : bitrate / 2L);
 	}
 
+
 	spec->capacity   = output_spec->capacity = capacity;
 	spec->bitrate    = output_spec->bitrate  = bitrate;
 	spec->output     = output_spec->output   = output;