Coverage Report

Created: 2024-11-21 07:03

/src/SymCrypt/lib/cshake_pattern.c
Line
Count
Source (jump to first uncovered line)
1
//
2
// cshake_pattern.c
3
//
4
// Copyright (c) Microsoft Corporation. Licensed under the MIT license.
5
//
6
7
8
//
9
// This source file implements cSHAKE128 and cSHAKE256
10
//
11
// See the symcrypt.h file for documentation on what the various functions do.
12
//
13
14
15
//
16
// SymCryptCShake
17
//
18
VOID
19
SYMCRYPT_CALL
20
SYMCRYPT_Xxx(
21
    _In_reads_( cbFunctionNameString )  PCBYTE  pbFunctionNameString,
22
                                        SIZE_T  cbFunctionNameString,
23
    _In_reads_( cbCustomizationString ) PCBYTE  pbCustomizationString,
24
                                        SIZE_T  cbCustomizationString,
25
    _In_reads_( cbData )                PCBYTE  pbData,
26
                                        SIZE_T  cbData,
27
    _Out_writes_( cbResult )            PBYTE   pbResult,
28
                                        SIZE_T  cbResult)
29
0
{
30
0
    SYMCRYPT_XXX_STATE state;
31
32
0
    SYMCRYPT_XxxInit(&state, 
33
0
                    pbFunctionNameString, cbFunctionNameString, 
34
0
                    pbCustomizationString, cbCustomizationString);
35
36
0
    SYMCRYPT_XxxAppend(&state, pbData, cbData);
37
0
    SYMCRYPT_XxxExtract(&state, pbResult, cbResult, TRUE);
38
0
}
Unexecuted instantiation: SymCryptCShake128
Unexecuted instantiation: SymCryptCShake256
39
40
41
//
42
// SymCryptCShakeInit
43
//
44
VOID
45
SYMCRYPT_CALL
46
SYMCRYPT_XxxInit(
47
    _Out_                               PSYMCRYPT_XXX_STATE pState,
48
    _In_reads_( cbFunctionNameString )  PCBYTE              pbFunctionNameString,
49
                                        SIZE_T              cbFunctionNameString,
50
    _In_reads_( cbCustomizationString ) PCBYTE              pbCustomizationString,
51
                                        SIZE_T              cbCustomizationString)
52
0
{
53
0
    C_ASSERT( sizeof(SYMCRYPT_XXX_STATE) == sizeof(SYMCRYPT_SHAKEXXX_STATE) );
54
55
0
    SYMCRYPT_SHAKEXXX_INIT( (SYMCRYPT_SHAKEXXX_STATE*)pState );
56
57
    // Perform cSHAKE processing of input strings when any of the input strings is non-empty
58
0
    if (cbFunctionNameString != 0 || cbCustomizationString != 0)
59
0
    {
60
        // cSHAKE and SHAKE have different paddings. pState->paddingValue
61
        // is set to SYMCRYPT_SHAKE_PADDING_VALUE in the SHAKE initialization above.
62
        // We update the padding value here because at least one of the input strings
63
        // is non-empty and cSHAKE will not default to SHAKE.
64
0
        pState->ks.paddingValue = SYMCRYPT_CSHAKE_PADDING_VALUE;
65
66
0
        SymCryptCShakeEncodeInputStrings(&pState->ks,
67
0
                                        pbFunctionNameString, cbFunctionNameString,
68
0
                                        pbCustomizationString, cbCustomizationString);
69
0
    }
70
71
0
    SYMCRYPT_SET_MAGIC(pState);
72
0
}
Unexecuted instantiation: SymCryptCShake128Init
Unexecuted instantiation: SymCryptCShake256Init
73
74
//
75
// SymCryptCShakeAppend
76
//
77
VOID
78
SYMCRYPT_CALL
79
SYMCRYPT_XxxAppend(
80
    _Inout_                 PSYMCRYPT_XXX_STATE pState,
81
    _In_reads_( cbData )    PCBYTE              pbData,
82
                            SIZE_T              cbData )
83
0
{
84
    // Fixing of the padding value
85
    // 
86
    // SymCryptKeccakAppend will reset the state, switch to absorb mode,
87
    // and append data to the empty state if the state was in squeeze mode 
88
    // when Append is called. This behavior is equivalent to initializing 
89
    // cSHAKE with empty input strings, which makes cSHAKE a SHAKE instance.
90
    //
91
    // cSHAKE and SHAKE have different paddings, so we have to update the 
92
    // padding value in case it was cSHAKE padding before.
93
0
    if (pState->ks.squeezeMode)
94
0
    {
95
0
        pState->ks.paddingValue = SYMCRYPT_SHAKE_PADDING_VALUE;
96
0
    }
97
98
0
    SymCryptKeccakAppend(&pState->ks, pbData, cbData);
99
0
}
Unexecuted instantiation: SymCryptCShake128Append
Unexecuted instantiation: SymCryptCShake256Append
100
101
//
102
// SymCryptCShakeExtract
103
//
104
VOID
105
SYMCRYPT_CALL
106
SYMCRYPT_XxxExtract(
107
    _Inout_                 PSYMCRYPT_XXX_STATE pState,
108
    _Out_writes_(cbResult)  PBYTE               pbResult,
109
                            SIZE_T              cbResult,
110
                            BOOLEAN             bWipe)
111
0
{
112
0
    SymCryptKeccakExtract(&pState->ks, pbResult, cbResult, bWipe);
113
114
0
    if (bWipe)
115
0
    {
116
        // If the state was wiped, set the state as if cSHAKE was initialized 
117
        // with empty strings, which is equivalent to empty SHAKE state.
118
        // We have no way to store the Function Name string and Customization 
119
        // string information to go back to the initial cSHAKE state.
120
0
        pState->ks.paddingValue = SYMCRYPT_SHAKE_PADDING_VALUE;
121
0
    }
122
0
}
Unexecuted instantiation: SymCryptCShake128Extract
Unexecuted instantiation: SymCryptCShake256Extract
123
124
//
125
// SymCryptCShakeResult
126
//
127
VOID
128
SYMCRYPT_CALL
129
SYMCRYPT_XxxResult(
130
    _Inout_                                         PSYMCRYPT_XXX_STATE pState,
131
    _Out_writes_( SYMCRYPT_CSHAKEXXX_RESULT_SIZE )  PBYTE               pbResult)
132
0
{
133
0
    SymCryptKeccakExtract(&pState->ks, pbResult, SYMCRYPT_CSHAKEXXX_RESULT_SIZE, TRUE);
134
135
    // Revert to cSHAKE initialized with empty strings state, i.e., empty SHAKE state
136
0
    pState->ks.paddingValue = SYMCRYPT_SHAKE_PADDING_VALUE;
137
0
}
Unexecuted instantiation: SymCryptCShake128Result
Unexecuted instantiation: SymCryptCShake256Result
138
139
//
140
// SymCryptCShakeStateCopy
141
//
142
VOID
143
SYMCRYPT_CALL
144
SYMCRYPT_XxxStateCopy(_In_ const SYMCRYPT_XXX_STATE* pSrc, _Out_ SYMCRYPT_XXX_STATE* pDst)
145
0
{
146
0
    SYMCRYPT_CHECK_MAGIC(pSrc);
147
0
    *pDst = *pSrc;
148
0
    SYMCRYPT_SET_MAGIC(pDst);
149
0
}
Unexecuted instantiation: SymCryptCShake128StateCopy
Unexecuted instantiation: SymCryptCShake256StateCopy