ASCON Suite
ascon-sliced32.c
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2022 Southern Storm Software, Pty Ltd.
3  *
4  * Permission is hereby granted, free of charge, to any person obtaining a
5  * copy of this software and associated documentation files (the "Software"),
6  * to deal in the Software without restriction, including without limitation
7  * the rights to use, copy, modify, merge, publish, distribute, sublicense,
8  * and/or sell copies of the Software, and to permit persons to whom the
9  * Software is furnished to do so, subject to the following conditions:
10  *
11  * The above copyright notice and this permission notice shall be included
12  * in all copies or substantial portions of the Software.
13  *
14  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15  * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
19  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
20  * DEALINGS IN THE SOFTWARE.
21  */
22 
23 /* SnP helper functions for backends that use the "sliced32" method */
24 
25 #include "ascon-sliced32.h"
26 #include "ascon-util.h"
27 #include "ascon-util-snp.h"
28 #include <ascon/utility.h>
29 
30 #if defined(ASCON_BACKEND_SLICED32)
31 
32 void ascon_init(ascon_state_t *state)
33 {
34  state->S[0] = 0;
35  state->S[1] = 0;
36  state->S[2] = 0;
37  state->S[3] = 0;
38  state->S[4] = 0;
39  ascon_backend_init(state);
40 }
41 
42 void ascon_free(ascon_state_t *state)
43 {
44  if (state) {
45  ascon_backend_free(state);
46  ascon_clean(state, sizeof(ascon_state_t));
47  }
48 }
49 
50 void ascon_add_bytes
51  (ascon_state_t *state, const uint8_t *data, unsigned offset, unsigned size)
52 {
53  uint64_t value;
54  unsigned posn, shift, ofs, len;
55  ofs = offset & 7U;
56  if (ofs != 0U) {
57  shift = (7U - ofs) * 8U;
58  len = 8U - ofs;
59  value = 0;
60  for (posn = 0; posn < len && posn < size; ++posn, shift -= 8U) {
61  value |= ((uint64_t)(data[posn])) << shift;
62  }
63  ascon_absorb_word64(state, value, offset / 8U);
64  data += posn;
65  offset += posn;
66  size -= posn;
67  }
68  while (size >= 8U) {
69  ascon_absorb_sliced(state, data, offset / 8U);
70  data += 8;
71  offset += 8;
72  size -= 8;
73  }
74  if (size > 0U) {
75  shift = 56U;
76  value = 0;
77  for (posn = 0; posn < size; ++posn, shift -= 8U) {
78  value |= ((uint64_t)(data[posn])) << shift;
79  }
80  ascon_absorb_word64(state, value, offset / 8U);
81  }
82 }
83 
84 void ascon_overwrite_bytes
85  (ascon_state_t *state, const uint8_t *data, unsigned offset, unsigned size)
86 {
87  uint64_t value;
88  unsigned posn, shift, ofs, len;
89  ofs = offset & 7U;
90  if (ofs != 0U) {
91  ascon_squeeze_word64(state, value, offset / 8U);
92  ofs = offset & 7U;
93  shift = (7U - ofs) * 8U;
94  len = 8U - ofs;
95  for (posn = 0; posn < len && posn < size; ++posn, shift -= 8U) {
96  value &= ~(((uint64_t)0xFFU) << shift);
97  value |= ((uint64_t)(data[posn])) << shift;
98  }
99  ascon_set_word64(state, value, offset / 8U);
100  data += posn;
101  offset += posn;
102  size -= posn;
103  }
104  while (size >= 8U) {
105  ascon_set_sliced(state, data, offset / 8U);
106  data += 8;
107  offset += 8;
108  size -= 8;
109  }
110  if (size > 0U) {
111  ascon_squeeze_word64(state, value, offset / 8U);
112  shift = 56U;
113  for (posn = 0; posn < size; ++posn, shift -= 8U) {
114  value &= ~(((uint64_t)0xFFU) << shift);
115  value |= ((uint64_t)(data[posn])) << shift;
116  }
117  ascon_set_word64(state, value, offset / 8U);
118  }
119 }
120 
121 void ascon_overwrite_with_zeroes
122  (ascon_state_t *state, unsigned offset, unsigned size)
123 {
124  uint64_t value;
125  unsigned posn, ofs;
126  ofs = offset & 7U;
127  if (ofs != 0U) {
128  ascon_squeeze_word64(state, value, offset / 8U);
129  posn = 8U - ofs;
130  if (posn > size)
131  posn = size;
132  value = (value & (~((uint64_t)0)) << ((8U - ofs) * 8)) |
133  (value & ((((uint64_t)1) << ((8U - ofs - posn) * 8)) - 1U));
134  ascon_set_word64(state, value, offset / 8U);
135  offset += posn;
136  size -= posn;
137  }
138  while (size >= 8U) {
139  state->S[offset / 8U] = 0;
140  offset += 8;
141  size -= 8;
142  }
143  if (size > 0U) {
144  ascon_squeeze_word64(state, value, offset / 8U);
145  value &= (~((uint64_t)0)) >> (size * 8);
146  ascon_set_word64(state, value, offset / 8U);
147  }
148 }
149 
150 void ascon_extract_bytes
151  (const ascon_state_t *state, uint8_t *data, unsigned offset, unsigned size)
152 {
153  uint64_t value;
154  unsigned posn, shift, ofs, len;
155  ofs = offset & 7U;
156  if (ofs != 0U) {
157  ascon_squeeze_word64(state, value, offset / 8U);
158  shift = (7U - ofs) * 8U;
159  len = 8U - ofs;
160  for (posn = 0; posn < len && posn < size; ++posn, shift -= 8U) {
161  data[posn] = (uint8_t)(value >> shift);
162  }
163  data += posn;
164  offset += posn;
165  size -= posn;
166  }
167  while (size >= 8U) {
168  ascon_squeeze_sliced(state, data, offset / 8U);
169  data += 8;
170  offset += 8;
171  size -= 8;
172  }
173  if (size > 0U) {
174  ascon_squeeze_word64(state, value, offset / 8U);
175  shift = 56U;
176  for (posn = 0; posn < size; ++posn, shift -= 8U) {
177  data[posn] = (uint8_t)(value >> shift);
178  }
179  }
180 }
181 
182 void ascon_extract_and_add_bytes
183  (const ascon_state_t *state, const uint8_t *input, uint8_t *output,
184  unsigned offset, unsigned size)
185 {
186  uint64_t value;
187  unsigned posn, shift, ofs, len;
188  ofs = offset & 7U;
189  if (ofs != 0U) {
190  ascon_squeeze_word64(state, value, offset / 8U);
191  shift = (7U - ofs) * 8U;
192  len = 8U - ofs;
193  for (posn = 0; posn < len && posn < size; ++posn, shift -= 8U) {
194  output[posn] = input[posn] ^ (uint8_t)(value >> shift);
195  }
196  output += posn;
197  input += posn;
198  offset += posn;
199  size -= posn;
200  }
201  while (size >= 8U) {
202  ascon_decrypt_sliced_no_insert(state, output, input, offset / 8U);
203  output += 8;
204  input += 8;
205  offset += 8;
206  size -= 8;
207  }
208  if (size > 0U) {
209  ascon_squeeze_word64(state, value, offset / 8U);
210  shift = 56U;
211  for (posn = 0; posn < size; ++posn, shift -= 8U) {
212  output[posn] = input[posn] ^ (uint8_t)(value >> shift);
213  }
214  }
215 }
216 
217 void ascon_extract_and_overwrite_bytes
218  (ascon_state_t *state, const uint8_t *input, uint8_t *output,
219  unsigned offset, unsigned size)
220 {
221  uint64_t value;
222  unsigned posn, shift, ofs, len;
223  uint8_t in;
224  ofs = offset & 7U;
225  if (ofs != 0U) {
226  ascon_squeeze_word64(state, value, offset / 8U);
227  shift = (7U - ofs) * 8U;
228  len = 8U - ofs;
229  for (posn = 0; posn < len && posn < size; ++posn, shift -= 8U) {
230  in = input[posn];
231  output[posn] = in ^ (uint8_t)(value >> shift);
232  value &= ~(((uint64_t)0xFFU) << shift);
233  value |= ((uint64_t)in) << shift;
234  }
235  ascon_set_word64(state, value, offset / 8U);
236  output += posn;
237  input += posn;
238  offset += posn;
239  size -= posn;
240  }
241  while (size >= 8U) {
242  ascon_decrypt_sliced(state, output, input, offset / 8U);
243  output += 8;
244  input += 8;
245  offset += 8;
246  size -= 8;
247  }
248  if (size > 0U) {
249  ascon_squeeze_word64(state, value, offset / 8U);
250  shift = 56U;
251  for (posn = 0; posn < size; ++posn, shift -= 8U) {
252  in = input[posn];
253  output[posn] = in ^ (uint8_t)(value >> shift);
254  value &= ~(((uint64_t)0xFFU) << shift);
255  value |= ((uint64_t)in) << shift;
256  }
257  ascon_set_word64(state, value, offset / 8U);
258  }
259 }
260 
261 void ascon_release(ascon_state_t *state)
262 {
263  /* Not needed in this implementation */
264  (void)state;
265 }
266 
267 void ascon_acquire(ascon_state_t *state)
268 {
269  /* Not needed in this implementation */
270  (void)state;
271 }
272 
273 void ascon_copy(ascon_state_t *dest, const ascon_state_t *src)
274 {
275  memcpy(dest->W, src->W, sizeof(dest->W));
276 }
277 
278 #endif /* ASCON_BACKEND_SLICED32 */
ascon_overwrite_with_zeroes
void ascon_overwrite_with_zeroes(ascon_state_t *state, unsigned offset, unsigned size)
Overwrites a part of the ASCON state with zeroes.
Definition: ascon-sliced32.c:122
ascon_free
void ascon_free(ascon_state_t *state)
Frees an ASCON permutation state and attempts to destroy any sensitive material.
Definition: ascon-sliced32.c:42
ascon_release
void ascon_release(ascon_state_t *state)
Temporarily releases access to any shared hardware resources that a permutation state was using.
Definition: ascon-sliced32.c:261
ascon_overwrite_bytes
void ascon_overwrite_bytes(ascon_state_t *state, const uint8_t *data, unsigned offset, unsigned size)
Overwrites existing bytes in the ASCON state.
Definition: ascon-sliced32.c:85
ascon_copy
void ascon_copy(ascon_state_t *dest, const ascon_state_t *src)
Copies the entire ASCON permutation state from a source to a destination.
Definition: ascon-sliced32.c:273
ascon_extract_bytes
void ascon_extract_bytes(const ascon_state_t *state, uint8_t *data, unsigned offset, unsigned size)
Extracts bytes from the ASCON state.
Definition: ascon-sliced32.c:151
ascon_extract_and_overwrite_bytes
void ascon_extract_and_overwrite_bytes(ascon_state_t *state, const uint8_t *input, uint8_t *output, unsigned offset, unsigned size)
Extracts bytes from the ASCON state and XOR's them with input bytes to produce output bytes....
Definition: ascon-sliced32.c:218
ascon_add_bytes
void ascon_add_bytes(ascon_state_t *state, const uint8_t *data, unsigned offset, unsigned size)
Adds bytes to the ASCON state by XOR'ing them with existing bytes.
Definition: ascon-sliced32.c:51
ascon_extract_and_add_bytes
void ascon_extract_and_add_bytes(const ascon_state_t *state, const uint8_t *input, uint8_t *output, unsigned offset, unsigned size)
Extracts bytes from the ASCON state and XOR's them with input bytes to produce output bytes.
Definition: ascon-sliced32.c:183
ascon_acquire
void ascon_acquire(ascon_state_t *state)
Re-acquires access to any shared hardware resources that a permutation state was using.
Definition: ascon-sliced32.c:267
ascon_init
void ascon_init(ascon_state_t *state)
Initializes the words of the ASCON permutation state to zero.
Definition: ascon-sliced32.c:32
ascon_decrypt_sliced_no_insert
#define ascon_decrypt_sliced_no_insert(state, m, c, offset)
Decrypts data using the ASCON state in sliced form but do not insert the ciphertext back into the sta...
Definition: ascon-sliced32.h:292
ascon_set_word64
#define ascon_set_word64(state, value, offset)
Definition: ascon-sliced32.h:95
ascon_squeeze_word64
#define ascon_squeeze_word64(state, value, offset)
Squeezes a 64-bit from the ASCON state in sliced form.
Definition: ascon-sliced32.h:212
ascon_set_sliced
#define ascon_set_sliced(state, data, offset)
Sets data into the ASCON state in sliced form.
Definition: ascon-sliced32.h:76
ascon_decrypt_sliced
#define ascon_decrypt_sliced(state, m, c, offset)
Decrypts data using the ASCON state in sliced form.
Definition: ascon-sliced32.h:262
ascon_absorb_word64
#define ascon_absorb_word64(state, value, offset)
Absorbs data into the ASCON state in sliced form.
Definition: ascon-sliced32.h:133
ascon_squeeze_sliced
#define ascon_squeeze_sliced(state, data, offset)
Squeezes data from the ASCON state in sliced form.
Definition: ascon-sliced32.h:190
ascon_absorb_sliced
#define ascon_absorb_sliced(state, data, offset)
Absorbs data into the ASCON state in sliced form.
Definition: ascon-sliced32.h:114
ascon_backend_free
#define ascon_backend_free(state)
Definition: ascon-util-snp.h:260
ascon_backend_init
#define ascon_backend_init(state)
Definition: ascon-util-snp.h:248
state
ascon_state_t state
[snippet_key]
Definition: snippets.c:2
data
unsigned char data[8]
[snippet_key]
Definition: snippets.c:14
ascon_state_t
Structure of the internal state of the ASCON permutation.
Definition: permutation.h:63
ascon_state_t::W
uint32_t W[10]
Definition: permutation.h:65
ascon_state_t::S
uint64_t S[5]
Definition: permutation.h:64
utility.h
System utilities of use to applications that use ASCON.
ascon_clean
void ascon_clean(void *buf, unsigned size)
Cleans a buffer that contains sensitive material.
Definition: ascon-clean.c:38
Generated on Sun Mar 19 2023 13:56:57 for ASCON Suite by doxygen 1.9.1