/src/openssl/crypto/sha/sha3.c

Source (jump to first uncovered line)
/*
 * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <string.h>
#include "internal/sha3.h"

void SHA3_squeeze(uint64_t A[5][5], unsigned char *out, size_t len, size_t r);

void sha3_reset(KECCAK1600_CTX *ctx)
{
    memset(ctx->A, 0, sizeof(ctx->A));
    ctx->bufsz = 0;
}

int sha3_init(KECCAK1600_CTX *ctx, unsigned char pad, size_t bitlen)
{
    size_t bsz = SHA3_BLOCKSIZE(bitlen);

    if (bsz <= sizeof(ctx->buf)) {
        sha3_reset(ctx);
        ctx->block_size = bsz;
        ctx->md_size = bitlen / 8;
        ctx->pad = pad;
        return 1;
    }

    return 0;
}

int keccak_kmac_init(KECCAK1600_CTX *ctx, unsigned char pad, size_t bitlen)
{
    int ret = sha3_init(ctx, pad, bitlen);

    if (ret)
        ctx->md_size *= 2;
    return ret;
}

int sha3_update(KECCAK1600_CTX *ctx, const void *_inp, size_t len)
{
    const unsigned char *inp = _inp;
    size_t bsz = ctx->block_size;
    size_t num, rem;

    if (len == 0)
        return 1;

    if ((num = ctx->bufsz) != 0) {      /* process intermediate buffer? */
        rem = bsz - num;

        if (len < rem) {
            memcpy(ctx->buf + num, inp, len);
            ctx->bufsz += len;
            return 1;
        }
        /*
         * We have enough data to fill or overflow the intermediate
         * buffer. So we append |rem| bytes and process the block,
         * leaving the rest for later processing...
         */
        memcpy(ctx->buf + num, inp, rem);
        inp += rem, len -= rem;
        (void)SHA3_absorb(ctx->A, ctx->buf, bsz, bsz);
        ctx->bufsz = 0;
        /* ctx->buf is processed, ctx->num is guaranteed to be zero */
    }

    if (len >= bsz)
        rem = SHA3_absorb(ctx->A, inp, len, bsz);
    else
        rem = len;

    if (rem) {
        memcpy(ctx->buf, inp + len - rem, rem);
        ctx->bufsz = rem;
    }

    return 1;
}

int sha3_final(unsigned char *md, KECCAK1600_CTX *ctx)
{
    size_t bsz = ctx->block_size;
    size_t num = ctx->bufsz;

    if (ctx->md_size == 0)
        return 1;

    /*
     * Pad the data with 10*1. Note that |num| can be |bsz - 1|
     * in which case both byte operations below are performed on
     * same byte...
     */
    memset(ctx->buf + num, 0, bsz - num);
    ctx->buf[num] = ctx->pad;
    ctx->buf[bsz - 1] |= 0x80;

    (void)SHA3_absorb(ctx->A, ctx->buf, bsz, bsz);

    SHA3_squeeze(ctx->A, md, ctx->md_size, bsz);

    return 1;
}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <string.h>
11		#include "internal/sha3.h"
12
13		void SHA3_squeeze(uint64_t A[5][5], unsigned char *out, size_t len, size_t r);
14
15		void sha3_reset(KECCAK1600_CTX *ctx)
16	0	{
17	0	memset(ctx->A, 0, sizeof(ctx->A));
18	0	ctx->bufsz = 0;
19	0	}
20
21		int sha3_init(KECCAK1600_CTX *ctx, unsigned char pad, size_t bitlen)
22	0	{
23	0	size_t bsz = SHA3_BLOCKSIZE(bitlen);
24
25	0	if (bsz <= sizeof(ctx->buf)) {
26	0	sha3_reset(ctx);
27	0	ctx->block_size = bsz;
28	0	ctx->md_size = bitlen / 8;
29	0	ctx->pad = pad;
30	0	return 1;
31	0	}
32
33	0	return 0;
34	0	}
35
36		int keccak_kmac_init(KECCAK1600_CTX *ctx, unsigned char pad, size_t bitlen)
37	0	{
38	0	int ret = sha3_init(ctx, pad, bitlen);
39
40	0	if (ret)
41	0	ctx->md_size *= 2;
42	0	return ret;
43	0	}
44
45		int sha3_update(KECCAK1600_CTX ctx, const void _inp, size_t len)
46	0	{
47	0	const unsigned char *inp = _inp;
48	0	size_t bsz = ctx->block_size;
49	0	size_t num, rem;
50
51	0	if (len == 0)
52	0	return 1;
53
54	0	if ((num = ctx->bufsz) != 0) { /* process intermediate buffer? */
55	0	rem = bsz - num;
56
57	0	if (len < rem) {
58	0	memcpy(ctx->buf + num, inp, len);
59	0	ctx->bufsz += len;
60	0	return 1;
61	0	}
62		/*
63		* We have enough data to fill or overflow the intermediate
64		* buffer. So we append \|rem\| bytes and process the block,
65		* leaving the rest for later processing...
66		*/
67	0	memcpy(ctx->buf + num, inp, rem);
68	0	inp += rem, len -= rem;
69	0	(void)SHA3_absorb(ctx->A, ctx->buf, bsz, bsz);
70	0	ctx->bufsz = 0;
71		/* ctx->buf is processed, ctx->num is guaranteed to be zero */
72	0	}
73
74	0	if (len >= bsz)
75	0	rem = SHA3_absorb(ctx->A, inp, len, bsz);
76	0	else
77	0	rem = len;
78
79	0	if (rem) {
80	0	memcpy(ctx->buf, inp + len - rem, rem);
81	0	ctx->bufsz = rem;
82	0	}
83
84	0	return 1;
85	0	}
86
87		int sha3_final(unsigned char md, KECCAK1600_CTX ctx)
88	0	{
89	0	size_t bsz = ctx->block_size;
90	0	size_t num = ctx->bufsz;
91
92	0	if (ctx->md_size == 0)
93	0	return 1;
94
95		/*
96		* Pad the data with 10*1. Note that \|num\| can be \|bsz - 1\|
97		* in which case both byte operations below are performed on
98		* same byte...
99		*/
100	0	memset(ctx->buf + num, 0, bsz - num);
101	0	ctx->buf[num] = ctx->pad;
102	0	ctx->buf[bsz - 1] \|= 0x80;
103
104	0	(void)SHA3_absorb(ctx->A, ctx->buf, bsz, bsz);
105
106	0	SHA3_squeeze(ctx->A, md, ctx->md_size, bsz);
107
108	0	return 1;
109	0	}

Coverage Report

Created: 2024-05-15 07:14