Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.11/site-packages/ecdsa/_sha3.py: 9%
Shortcuts on this page
r m x toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1"""
2Implementation of the SHAKE-256 algorithm for Ed448
3"""
5try:
6 import hashlib
8 hashlib.new("shake256").digest(64)
10 def shake_256(msg, outlen):
11 return hashlib.new("shake256", msg).digest(outlen)
13except (TypeError, ValueError):
15 from ._compat import bytes_to_int, int_to_bytes
17 # From little endian.
18 def _from_le(s):
19 return bytes_to_int(s, byteorder="little")
21 # Rotate a word x by b places to the left.
22 def _rol(x, b):
23 return ((x << b) | (x >> (64 - b))) & (2**64 - 1)
25 # Do the SHA-3 state transform on state s.
26 def _sha3_transform(s):
27 ROTATIONS = [
28 0,
29 1,
30 62,
31 28,
32 27,
33 36,
34 44,
35 6,
36 55,
37 20,
38 3,
39 10,
40 43,
41 25,
42 39,
43 41,
44 45,
45 15,
46 21,
47 8,
48 18,
49 2,
50 61,
51 56,
52 14,
53 ]
54 PERMUTATION = [
55 1,
56 6,
57 9,
58 22,
59 14,
60 20,
61 2,
62 12,
63 13,
64 19,
65 23,
66 15,
67 4,
68 24,
69 21,
70 8,
71 16,
72 5,
73 3,
74 18,
75 17,
76 11,
77 7,
78 10,
79 ]
80 RC = [
81 0x0000000000000001,
82 0x0000000000008082,
83 0x800000000000808A,
84 0x8000000080008000,
85 0x000000000000808B,
86 0x0000000080000001,
87 0x8000000080008081,
88 0x8000000000008009,
89 0x000000000000008A,
90 0x0000000000000088,
91 0x0000000080008009,
92 0x000000008000000A,
93 0x000000008000808B,
94 0x800000000000008B,
95 0x8000000000008089,
96 0x8000000000008003,
97 0x8000000000008002,
98 0x8000000000000080,
99 0x000000000000800A,
100 0x800000008000000A,
101 0x8000000080008081,
102 0x8000000000008080,
103 0x0000000080000001,
104 0x8000000080008008,
105 ]
107 for rnd in range(0, 24):
108 # AddColumnParity (Theta)
109 c = [0] * 5
110 d = [0] * 5
111 for i in range(0, 25):
112 c[i % 5] ^= s[i]
113 for i in range(0, 5):
114 d[i] = c[(i + 4) % 5] ^ _rol(c[(i + 1) % 5], 1)
115 for i in range(0, 25):
116 s[i] ^= d[i % 5]
117 # RotateWords (Rho)
118 for i in range(0, 25):
119 s[i] = _rol(s[i], ROTATIONS[i])
120 # PermuteWords (Pi)
121 t = s[PERMUTATION[0]]
122 for i in range(0, len(PERMUTATION) - 1):
123 s[PERMUTATION[i]] = s[PERMUTATION[i + 1]]
124 s[PERMUTATION[-1]] = t
125 # NonlinearMixRows (Chi)
126 for i in range(0, 25, 5):
127 t = [
128 s[i],
129 s[i + 1],
130 s[i + 2],
131 s[i + 3],
132 s[i + 4],
133 s[i],
134 s[i + 1],
135 ]
136 for j in range(0, 5):
137 s[i + j] = t[j] ^ ((~t[j + 1]) & (t[j + 2]))
138 # AddRoundConstant (Iota)
139 s[0] ^= RC[rnd]
141 # Reinterpret octet array b to word array and XOR it to state s.
142 def _reinterpret_to_words_and_xor(s, b):
143 for j in range(0, len(b) // 8):
144 s[j] ^= _from_le(b[8 * j : 8 * j + 8])
146 # Reinterpret word array w to octet array and return it.
147 def _reinterpret_to_octets(w):
148 mp = bytearray()
149 for j in range(0, len(w)):
150 mp += int_to_bytes(w[j], 8, byteorder="little")
151 return mp
153 def _sha3_raw(msg, r_w, o_p, e_b):
154 """Semi-generic SHA-3 implementation"""
155 r_b = 8 * r_w
156 s = [0] * 25
157 # Handle whole blocks.
158 idx = 0
159 blocks = len(msg) // r_b
160 for i in range(0, blocks):
161 _reinterpret_to_words_and_xor(s, msg[idx : idx + r_b])
162 idx += r_b
163 _sha3_transform(s)
164 # Handle last block padding.
165 m = bytearray(msg[idx:])
166 m.append(o_p)
167 while len(m) < r_b:
168 m.append(0)
169 m[len(m) - 1] |= 128
170 # Handle padded last block.
171 _reinterpret_to_words_and_xor(s, m)
172 _sha3_transform(s)
173 # Output.
174 out = bytearray()
175 while len(out) < e_b:
176 out += _reinterpret_to_octets(s[:r_w])
177 _sha3_transform(s)
178 return out[:e_b]
180 def shake_256(msg, outlen):
181 return _sha3_raw(msg, 17, 31, outlen)