ascon-suite/ascon-kmaca_8c_source.html

 /*

  * Copyright (C) 2023 Southern Storm Software, Pty Ltd.

  *

  * Permission is hereby granted, free of charge, to any person obtaining a

  * copy of this software and associated documentation files (the "Software"),

  * to deal in the Software without restriction, including without limitation

  * the rights to use, copy, modify, merge, publish, distribute, sublicense,

  * and/or sell copies of the Software, and to permit persons to whom the

  * Software is furnished to do so, subject to the following conditions:

  *

  * The above copyright notice and this permission notice shall be included

  * in all copies or substantial portions of the Software.

  *

  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS

  * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,

  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER

  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING

  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER

  * DEALINGS IN THE SOFTWARE.

  */


 #include <ascon/kmac.h>

 #include <ascon/utility.h>

 #include "hash/ascon-xof-internal.h"

 #include "core/ascon-util-snp.h"

 #include <string.h>


 static void ascon_kmaca_init_precomputed(ascon_xofa_state_t *state)

 {

 #if defined(ASCON_BACKEND_SLICED64)

     static uint64_t const iv[5] = {

         0x47d45e034222e472ULL, 0xed0da2bb5580c30aULL,

         0xedceed89ce04c765ULL, 0xffe052a5533eaa30ULL,

         0xc8be4956f967f91aULL

     };

     memcpy(state->state.S, iv, sizeof(iv));

 #elif defined(ASCON_BACKEND_SLICED32)

     static uint32_t const iv[10] = {

         0xbee180ac, 0x183115c5, 0xb305f090, 0xe2df0893,

         0xbab1a2bb, 0xebeab094, 0xf8c3d604, 0xfc1c17f4,

         0x869edbd4, 0xaf21e5e3

     };

     memcpy(state->state.W, iv, sizeof(iv));

 #else

     static uint8_t const iv[40] = {

         0x47, 0xd4, 0x5e, 0x03, 0x42, 0x22, 0xe4, 0x72,

         0xed, 0x0d, 0xa2, 0xbb, 0x55, 0x80, 0xc3, 0x0a,

         0xed, 0xce, 0xed, 0x89, 0xce, 0x04, 0xc7, 0x65,

         0xff, 0xe0, 0x52, 0xa5, 0x53, 0x3e, 0xaa, 0x30,

         0xc8, 0xbe, 0x49, 0x56, 0xf9, 0x67, 0xf9, 0x1a

     };

 #if defined(ASCON_BACKEND_DIRECT_XOR)

     memcpy(state->state.B, iv, sizeof(iv));

 #else

     ascon_init(&(state->state));

     ascon_overwrite_bytes(&(state->state), iv, sizeof(iv));

     ascon_release(&(state->state));

 #endif

 #endif

     state->count = 0;

     state->mode = 0;

 }


 void ascon_kmaca

     (const unsigned char *key, size_t keylen,

      const unsigned char *in, size_t inlen,

      const unsigned char *custom, size_t customlen,

      unsigned char *out, size_t outlen)

 {

     ascon_kmaca_state_t state;

     ascon_kmaca_init(&state, key, keylen, custom, customlen, outlen);

     ascon_xofa_absorb(&(state.xof), in, inlen);

     ascon_xofa_squeeze(&(state.xof), out, outlen);

     ascon_kmaca_free(&state);

 }


 void ascon_kmaca_init

     (ascon_kmaca_state_t *state, const unsigned char *key, size_t keylen,

      const unsigned char *custom, size_t customlen, size_t outlen)

 {

     if (outlen == ASCON_KMACA_SIZE) {

         ascon_kmaca_init_precomputed(&(state->xof));

         ascon_xofa_absorb_custom(&(state->xof), custom, customlen);

     } else {

         ascon_xofa_init_custom(&(state->xof), "KMAC", custom, customlen, outlen);

     }

     ascon_xofa_absorb(&(state->xof), key, keylen);

 }


 void ascon_kmaca_reinit

     (ascon_kmaca_state_t *state, const unsigned char *key, size_t keylen,

      const unsigned char *custom, size_t customlen, size_t outlen)

 {

     ascon_kmaca_free(state);

     ascon_kmaca_init(state, key, keylen, custom, customlen, outlen);

 }


 void ascon_kmaca_free(ascon_kmaca_state_t *state)

 {

     if (state)

         ascon_xofa_free(&(state->xof));

 }


 void ascon_kmaca_absorb

     (ascon_kmaca_state_t *state, const unsigned char *in, size_t inlen)

 {

     ascon_xofa_absorb(&(state->xof), in, inlen);

 }


 void ascon_kmaca_squeeze

     (ascon_kmaca_state_t *state, unsigned char *out, size_t outlen)

 {

     ascon_xofa_squeeze(&(state->xof), out, outlen);

 }

ascon_kmaca_absorb
void ascon_kmaca_absorb(ascon_kmaca_state_t *state, const unsigned char *in, size_t inlen)
Absorbs more input data into an incremental ASCON-KMACA state.
Definition: ascon-kmaca.c:111

ascon_kmaca_init
void ascon_kmaca_init(ascon_kmaca_state_t *state, const unsigned char *key, size_t keylen, const unsigned char *custom, size_t customlen, size_t outlen)
Initializes an incremental KMAC state using ASCON-XOFA.
Definition: ascon-kmaca.c:84

ascon_kmaca
void ascon_kmaca(const unsigned char *key, size_t keylen, const unsigned char *in, size_t inlen, const unsigned char *custom, size_t customlen, unsigned char *out, size_t outlen)
Computes a KMAC value using ASCON-XOFA.
Definition: ascon-kmaca.c:71

ascon_kmaca_free
void ascon_kmaca_free(ascon_kmaca_state_t *state)
Frees the ASCON-KMACA state and destroys any sensitive material.
Definition: ascon-kmaca.c:104

ascon_kmaca_squeeze
void ascon_kmaca_squeeze(ascon_kmaca_state_t *state, unsigned char *out, size_t outlen)
Squeezes output data from an incremental ASCON-KMACA state.
Definition: ascon-kmaca.c:117

ascon_kmaca_reinit
void ascon_kmaca_reinit(ascon_kmaca_state_t *state, const unsigned char *key, size_t keylen, const unsigned char *custom, size_t customlen, size_t outlen)
Re-initializes an incremental KMAC state using ASCON-XOFA.
Definition: ascon-kmaca.c:97

ascon-util-snp.h

ascon-xof-internal.h

ascon_xofa_absorb_custom
void ascon_xofa_absorb_custom(ascon_xofa_state_t *state, const unsigned char *custom, size_t customlen)
Absorbs a customization string into an ASCON-XOFA state.
Definition: ascon-xofa.c:130

kmac.h
Keyed Message Authentication Code (KMAC) based on ASCON-XOF.

ASCON_KMACA_SIZE
#define ASCON_KMACA_SIZE
Default size of the output for ASCON-KMACA.
Definition: kmac.h:58

ascon_release
void ascon_release(ascon_state_t *state)
Temporarily releases access to any shared hardware resources that a permutation state was using.
Definition: ascon-sliced32.c:261

ascon_overwrite_bytes
void ascon_overwrite_bytes(ascon_state_t *state, const uint8_t *data, unsigned offset, unsigned size)
Overwrites existing bytes in the ASCON state.
Definition: ascon-sliced32.c:85

ascon_init
void ascon_init(ascon_state_t *state)
Initializes the words of the ASCON permutation state to zero.
Definition: ascon-sliced32.c:32

state
ascon_state_t state
[snippet_key]
Definition: snippets.c:2

ascon_kmaca_state_t
State information for the ASCON-KMACA incremental mode.
Definition: kmac.h:73

ascon_xofa_state_t
State information for ASCON-XOFA incremental mode.
Definition: xof.h:72

ascon_state_t::W
uint32_t W[10]
Definition: permutation.h:65

ascon_state_t::S
uint64_t S[5]
Definition: permutation.h:64

ascon_state_t::B
uint8_t B[40]
Definition: permutation.h:66

utility.h
System utilities of use to applications that use ASCON.

ascon_xofa_squeeze
void ascon_xofa_squeeze(ascon_xofa_state_t *state, unsigned char *out, size_t outlen)
Squeezes output data from an ASCON-XOFA state.
Definition: ascon-xofa.c:277

ascon_xofa_absorb
void ascon_xofa_absorb(ascon_xofa_state_t *state, const unsigned char *in, size_t inlen)
Absorbs more input data into an ASCON-XOFA state.
Definition: ascon-xofa.c:227

ascon_xofa_init_custom
void ascon_xofa_init_custom(ascon_xofa_state_t *state, const char *function_name, const unsigned char *custom, size_t customlen, size_t outlen)
Initializes the state for an incremental ASCON-XOFA operation, with a named function,...
Definition: ascon-xofa.c:144

ascon_xofa_free
void ascon_xofa_free(ascon_xofa_state_t *state)
Frees the ASCON-XOFA state and destroys any sensitive material.
Definition: ascon-xofa.c:216