include/cryptopp/keccak.h

0001 // keccak.h - originally written and placed in the public domain by Wei Dai

0002
0003 /// \file keccak.h

0004 /// \brief Classes for Keccak message digests

0005 /// \details The Crypto++ Keccak implementation uses F1600 with XOF d=0x01.

0006 ///   FIPS 202 conformance (XOF d=0x06) is available in SHA3 classes.

0007 /// \details Keccak will likely change in the future to accommodate extensibility of the

0008 ///   round function and the XOF functions.

0009 /// \sa <a href="http://en.wikipedia.org/wiki/Keccak">Keccak</a>

0010 /// \since Crypto++ 5.6.4

0011
0012 #ifndef CRYPTOPP_KECCAK_H
0013 #define CRYPTOPP_KECCAK_H
0014
0015 #include "cryptlib.h"
0016 #include "secblock.h"
0017
0018 NAMESPACE_BEGIN(CryptoPP)
0019
0020 /// \brief Keccak message digest base class

0021 /// \details The Crypto++ Keccak implementation uses F1600 with XOF d=0x01.

0022 ///   FIPS 202 conformance (XOF d=0x06) is available in SHA3 classes.

0023 /// \details Keccak is the base class for Keccak_224, Keccak_256, Keccak_384 and Keccak_512.

0024 ///   Library users should instantiate a derived class, and only use Keccak

0025 ///   as a base class reference or pointer.

0026 /// \details Keccak will likely change in the future to accommodate extensibility of the

0027 ///   round function and the XOF functions.

0028 /// \details Perform the following to specify a different digest size. The class will use F1600,

0029 ///   XOF d=0x01, and a new value for <tt>r()</tt> (which will be <tt>200-2*24 = 152</tt>).

0030 ///   <pre>  Keccack_192 : public Keccack

0031 ///   {

0032 ///     public:

0033 ///       CRYPTOPP_CONSTANT(DIGESTSIZE = 24);

0034 ///       Keccack_192() : Keccack(DIGESTSIZE) {}

0035 ///   };

0036 ///   </pre>

0037 ///

0038 /// \sa SHA3, Keccak_224, Keccak_256, Keccak_384 and Keccak_512.

0039 /// \since Crypto++ 5.6.4

0040 class Keccak : public HashTransformation
0041 {
0042 protected:
0043     /// \brief Construct a Keccak

0044     /// \param digestSize the digest size, in bytes

0045     /// \details Keccak is the base class for Keccak_224, Keccak_256, Keccak_384 and Keccak_512.

0046     ///   Library users should instantiate a derived class, and only use Keccak

0047     ///   as a base class reference or pointer.

0048     /// \details This constructor was moved to protected at Crypto++ 8.1

0049     ///   because users were attempting to create Keccak objects with it.

0050     /// \since Crypto++ 5.6.4

0051     Keccak(unsigned int digestSize) : m_digestSize(digestSize) {Restart();}
0052
0053 public:
0054     unsigned int DigestSize() const {return m_digestSize;}
0055     unsigned int OptimalDataAlignment() const {return GetAlignmentOf<word64>();}
0056
0057     void Update(const byte *input, size_t length);
0058     void Restart();
0059     void TruncatedFinal(byte *hash, size_t size);
0060
0061 protected:
0062     inline unsigned int r() const {return BlockSize();}
0063
0064     FixedSizeSecBlock<word64, 25> m_state;
0065     unsigned int m_digestSize, m_counter;
0066 };
0067
0068 /// \brief Keccak message digest template

0069 /// \tparam T_DigestSize the size of the digest, in bytes

0070 /// \since Crypto++ 6.0

0071 template<unsigned int T_DigestSize>
0072 class Keccak_Final : public Keccak
0073 {
0074 public:
0075     CRYPTOPP_CONSTANT(DIGESTSIZE = T_DigestSize);
0076     CRYPTOPP_CONSTANT(BLOCKSIZE = 200 - 2 * DIGESTSIZE);
0077     static std::string StaticAlgorithmName()
0078         { return "Keccak-" + IntToString(DIGESTSIZE * 8); }
0079
0080     /// \brief Construct a Keccak-X message digest

0081     Keccak_Final() : Keccak(DIGESTSIZE) {}
0082
0083     /// \brief Provides the block size of the compression function

0084     /// \return block size of the compression function, in bytes

0085     /// \details BlockSize() will return 0 if the hash is not block based

0086     ///   or does not have an equivalent block size. For example, Keccak

0087     ///   and SHA-3 do not have a block size, but they do have an equivalent

0088     ///   block size called rate expressed as <tt>r</tt>.

0089     unsigned int BlockSize() const { return BLOCKSIZE; }
0090
0091     std::string AlgorithmName() const { return StaticAlgorithmName(); }
0092
0093 private:
0094 #if !defined(__BORLANDC__)
0095     // ensure there was no underflow in the math

0096     CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200);
0097 #endif
0098 };
0099
0100 /// \brief Keccak-224 message digest

0101 /// \since Crypto++ 5.6.4

0102 DOCUMENTED_TYPEDEF(Keccak_Final<28>, Keccak_224);
0103
0104 /// \brief Keccak-256 message digest

0105 /// \since Crypto++ 5.6.4

0106 DOCUMENTED_TYPEDEF(Keccak_Final<32>, Keccak_256);
0107
0108 /// \brief Keccak-384 message digest

0109 /// \since Crypto++ 5.6.4

0110 DOCUMENTED_TYPEDEF(Keccak_Final<48>, Keccak_384);
0111
0112 /// \brief Keccak-512 message digest

0113 /// \since Crypto++ 5.6.4

0114 DOCUMENTED_TYPEDEF(Keccak_Final<64>, Keccak_512);
0115
0116 NAMESPACE_END
0117
0118 #endif