diff options
author | Mattias Andrée <maandree@operamail.com> | 2014-11-07 17:30:42 +0100 |
---|---|---|
committer | Mattias Andrée <maandree@operamail.com> | 2014-11-07 17:30:42 +0100 |
commit | b571be216d047daac09618942b0ae3380e24e63c (patch) | |
tree | 66161ecbc270ceb77f43928bee5665794ae78322 | |
parent | check that word size is a multiple of 8 (diff) | |
download | libkeccak-b571be216d047daac09618942b0ae3380e24e63c.tar.gz libkeccak-b571be216d047daac09618942b0ae3380e24e63c.tar.bz2 libkeccak-b571be216d047daac09618942b0ae3380e24e63c.tar.xz |
something seems to be wrong in libkeccak_f_round (not libkeccak_f_round64), but I have not figured out what
Signed-off-by: Mattias Andrée <maandree@operamail.com>
-rw-r--r-- | Makefile | 4 | ||||
-rw-r--r-- | src/libkeccak/digest.c | 10 | ||||
-rw-r--r-- | src/libkeccak/state.c | 2 | ||||
-rw-r--r-- | src/test.c | 36 |
4 files changed, 43 insertions, 9 deletions
@@ -97,7 +97,7 @@ obj/benchmark.o: src/benchmark.c src/libkeccak/*.h src/libkeccak.h .PHONY: check -check: bin/test +check: bin/test bin/libkeccak.so @test $$(sha256sum LICENSE | cut -d ' ' -f 1) = \ 57c8ff33c9c0cfc3ef00e650a1cc910d7ee479a8bc509f6c9209a7c2a11399d6 || \ ( echo 'The file LICENSE is incorrect, test will fail!' ; false ) @@ -108,7 +108,7 @@ check: bin/test .PHONY: run-benchmark -run-benchmark: bin/benchmark +run-benchmark: bin/benchmark bin/libkeccak.so for i in $$(seq 7) ; do env LD_LIBRARY_PATH=bin bin/benchmark ; done | median diff --git a/src/libkeccak/digest.c b/src/libkeccak/digest.c index cd18138..fa2aa8a 100644 --- a/src/libkeccak/digest.c +++ b/src/libkeccak/digest.c @@ -76,7 +76,7 @@ static const uint_fast64_t RC[] = * @param wmod:int_fast64_t `state->wmod` * @return :int_fast64_t The value rotated */ -#define rotate(x, n, w, wmod) ((((x) >> (w - ((n) % w))) + ((x) << ((n) % w))) & wmod) +#define rotate(x, n, w, wmod) ((((x) >> ((w) - ((n) % (w)))) + ((x) << ((n) % (w)))) & (wmod)) /** @@ -106,11 +106,12 @@ void libkeccak_f_round(register libkeccak_state_t* restrict state, register int_ int_fast64_t wmod = state->wmod; long w = state->w; - /* θ step (step 1 and 2 of 3). */ + /* θ step (step 1 of 3). */ #define X(N) C[N] = A[N * 5] ^ A[N * 5 + 1] ^ A[N * 5 + 2] ^ A[N * 5 + 3] ^ A[N * 5 + 4]; LIST_5 #undef X + /* θ step (step 2 of 3). */ da = C[4] ^ rotate64(C[1], 1); dd = C[2] ^ rotate64(C[4], 1); db = C[0] ^ rotate64(C[2], 1); @@ -151,11 +152,12 @@ void libkeccak_f_round64(register libkeccak_state_t* restrict state, register in int_fast64_t C[5]; int_fast64_t da, db, dc, dd, de; - /* θ step (step 1 and 2 of 3). */ + /* θ step (step 1 of 3). */ #define X(N) C[N] = A[N * 5] ^ A[N * 5 + 1] ^ A[N * 5 + 2] ^ A[N * 5 + 3] ^ A[N * 5 + 4]; LIST_5 #undef X + /* θ step (step 2 of 3). */ da = C[4] ^ rotate64(C[1], 1); dd = C[2] ^ rotate64(C[4], 1); db = C[0] ^ rotate64(C[2], 1); @@ -197,7 +199,7 @@ void libkeccak_f(register libkeccak_state_t* restrict state) libkeccak_f_round64(state, (int_fast64_t)(RC[i])); else for (; i < nr; i++) - libkeccak_f_round(state, (int_fast64_t)(RC[i]) & wmod); + libkeccak_f_round(state, (int_fast64_t)(RC[i] & wmod)); /* XXX Should the state hold its own masked copy of RC? */ } diff --git a/src/libkeccak/state.c b/src/libkeccak/state.c index 168d379..da545d9 100644 --- a/src/libkeccak/state.c +++ b/src/libkeccak/state.c @@ -42,7 +42,7 @@ int libkeccak_state_initialise(libkeccak_state_t* restrict state, const libkecca if (x & 0x0CL) state->l |= 2, x >>= 2; if (x & 0x02L) state->l |= 1; state->nr = 12 + (state->l << 1); - state->wmod = (state->w == 64) ? ~0LL : ((1LL << state->w) - 1); + state->wmod = (state->w == 64) ? ~0LL : (int_fast64_t)((1ULL << state->w) - 1); for (x = 0; x < 25; x++) state->S[x] = 0; state->mptr = 0; @@ -16,7 +16,6 @@ * You should have received a copy of the GNU Affero General Public License * along with this library. If not, see <http://www.gnu.org/licenses/>. */ -/* TODO we need to test other state sizes */ #include <libkeccak.h> #include <stdio.h> @@ -200,6 +199,10 @@ static int test_digest(void) (printf(" Testing SHAKE-"#semicapacity"(%s, %i): ", #message, output), \ libkeccak_spec_shake(&spec, semicapacity, output), \ test_digest_case(&spec, LIBKECCAK_SHAKE_SUFFIX, message, 0, answer)) +#define keccak_g(b, c, o, message) \ + (printf(" Testing Keccak[%i,%i,%i](%s): ", b, c, o, #message), \ + spec.bitrate = b, spec.capacity = c, spec.output = o, \ + test_digest_case(&spec, "", message, 0, answer)) libkeccak_spec_t spec; @@ -234,7 +237,7 @@ static int test_digest(void) answer = "0eab42de4c3ceb9235fc91acffe746b29c29a8c366b7c60e4e67c466f36a4304" "c00fa9caf9d87976ba469bcbe06713b435f091ef2769fb160cdab33d3670680e"; if (keccak(512, "")) return -1; - + answer = "22c8017ac8bcf65f59d1b7e92c9d4c6739d25e34ce5cb608b24ff096"; if (sha3(224, "withdrew hypothesis snakebird qmc2")) return -1; @@ -287,9 +290,38 @@ static int test_digest(void) if (shake(256, 128, "")) return -1; + answer = "65070cdd6f91c0aadcfc470895a2606c828bce7ce3fa723418c9013de9225351"; + if (keccak_g(1024, 1600 - 1024, 256, "capitol's kvistfri broadly raping")) return -1; + + answer = "e6f86ebc15b962f73f36f36fc8a84c3ae84b1c1023bfd4c5f1829389135aecc3"; + if (keccak_g(512, 1600 - 512, 256, "capitol's kvistfri broadly raping")) return -1; + + answer = "420b97fc88962c87ec2adaa8f48d74d9ff4ea7ae7d691f9c33b8713ca1d3d573"; + if (keccak_g(256, 1600 - 256, 256, "capitol's kvistfri broadly raping")) return -1; + + answer = "524790afbe4706d938b6f753e14104f556890e2a415e211b0564d60499db0333"; + if (keccak_g(512, 800 - 512, 256, "capitol's kvistfri broadly raping")) return -1; + + answer = "04a6b4ad08b3018eefba0fb756272d949ac0f71c26f836d31dd13b28b884aa0f"; + if (keccak_g(256, 800 - 256, 256, "capitol's kvistfri broadly raping")) return -1; + + answer = "d56f547791225e54460e6274ed31e57b7085820c11d65f1f322a16a3352c85ed"; + if (keccak_g(256, 400 - 256, 256, "capitol's kvistfri broadly raping")) return -1; + + answer = "ceec066a57b9b31a5a0661df7bafec4183a26d0ed81e50bc958471f84fa347a7"; + if (keccak_g(128, 400 - 128, 256, "capitol's kvistfri broadly raping")) return -1; + + answer = "b18f679c7105a72a993f70fa5adb3f17ef7ccffaffb4dc0f6fed74aa2f565194"; + if (keccak_g(128, 200 - 128, 256, "capitol's kvistfri broadly raping")) return -1; + + answer = "9b845c1ecc2b1b3a48ba42ef29ccc4b348da8ab15074a870d8e799ca33c15e4b"; + if (keccak_g(64, 200 - 64, 256, "capitol's kvistfri broadly raping")) return -1; + + printf("\n"); return 0; +#undef keccak_g #undef shake #undef rawshake_bits #undef rawshake |