Internal implementation of DrySPONGE for the DryGASCON cipher.
More...
#include "drygascon.h"
#include "drygascon128_arm_selector.h"
#include "internal-util.h"
Go to the source code of this file.
|
| void | gascon128_core_round (gascon128_state_t *state, uint8_t round) |
| | Permutes the GASCON-128 state using one iteration of CoreRound. More...
|
| |
| void | gascon256_core_round (gascon256_state_t *state, uint8_t round) |
| | Permutes the GASCON-256 state using one iteration of CoreRound. More...
|
| |
| void | drysponge128_g (drysponge128_state_t *state) |
| | Performs the DrySPONGE128 G function which runs the core rounds and squeezes data out of the GASGON-128 state. More...
|
| |
| void | drysponge256_g (drysponge256_state_t *state) |
| | Performs the DrySPONGE256 G function which runs the core rounds and squeezes data out of the GASGON-256 state. More...
|
| |
| void | drysponge128_g_core (drysponge128_state_t *state) |
| | Performs the DrySPONGE128 G function which runs the core rounds but does not squeeze out any output. More...
|
| |
| void | drysponge256_g_core (drysponge256_state_t *state) |
| | Performs the DrySPONGE256 G function which runs the core rounds but does not squeeze out any output. More...
|
| |
| void | drysponge256_f_absorb (drysponge256_state_t *state, const unsigned char *input, unsigned len) |
| | Performs the absorption phase of the DrySPONGE256 F function. More...
|
| |
| void | drygascon128_f_wrap (drysponge128_state_t *state, const unsigned char *input, unsigned len) |
| | Wrapper that combines the DrySPONGE128 F and G functions. More...
|
| |
| int | drysponge128_safe_alignement (const drysponge128_state_t *state) |
| | Determine if state alignement is safe vs timing attacks. More...
|
| |
| void | drysponge128_setup (drysponge128_state_t *state, const unsigned char *key, unsigned int keysize, const unsigned char *nonce, int final_block) |
| | Set up a DrySPONGE128 state to begin encryption or decryption. More...
|
| |
| void | drysponge256_setup (drysponge256_state_t *state, const unsigned char *key, const unsigned char *nonce, int final_block) |
| | Set up a DrySPONGE256 state to begin encryption or decryption. More...
|
| |
Internal implementation of DrySPONGE for the DryGASCON cipher.
References: https://github.com/sebastien-riou/DryGASCON
| void drygascon128_f_wrap |
( |
drysponge128_state_t * |
state, |
|
|
const unsigned char * |
input, |
|
|
unsigned |
len |
|
) |
| |
Wrapper that combines the DrySPONGE128 F and G functions.
- Parameters
-
| state | The DrySPONGE128 state. |
| input | The block of input data to incorporate into the state. |
| len | The length of the input block, which must be less than or equal to DRYSPONGE128_RATE. Smaller input blocks will be padded. |
| void drysponge128_g |
( |
drysponge128_state_t * |
state | ) |
|
Performs the DrySPONGE128 G function which runs the core rounds and squeezes data out of the GASGON-128 state.
- Parameters
-
| state | The DrySPONGE128 state. |
The data that is squeezed out will be in state->r on exit.
| void drysponge128_g_core |
( |
drysponge128_state_t * |
state | ) |
|
Performs the DrySPONGE128 G function which runs the core rounds but does not squeeze out any output.
- Parameters
-
| state | The DrySPONGE128 state. |
| int drysponge128_safe_alignement |
( |
const drysponge128_state_t * |
state | ) |
|
Determine if state alignement is safe vs timing attacks.
- Parameters
-
| state | Points to the state to check. |
- Returns
- Non-zero if alignement is safe.
We expect this to be completly optimized out by compiler if the alignement is enforced at build time
| void drysponge128_setup |
( |
drysponge128_state_t * |
state, |
|
|
const unsigned char * |
key, |
|
|
unsigned int |
keysize, |
|
|
const unsigned char * |
nonce, |
|
|
int |
final_block |
|
) |
| |
Set up a DrySPONGE128 state to begin encryption or decryption.
- Parameters
-
| state | The DrySPONGE128 state. |
| key | Points to the bytes of the key. |
| keysize | Number of bytes in the key. |
| nonce | Points to the 16 bytes of the nonce. |
| final_block | Non-zero if after key setup there will be no more blocks. |
| void drysponge256_f_absorb |
( |
drysponge256_state_t * |
state, |
|
|
const unsigned char * |
input, |
|
|
unsigned |
len |
|
) |
| |
Performs the absorption phase of the DrySPONGE256 F function.
- Parameters
-
| state | The DrySPONGE256 state. |
| input | The block of input data to incorporate into the state. |
| len | The length of the input block, which must be less than or equal to DRYSPONGE256_RATE. Smaller input blocks will be padded. |
This function must be followed by a call to drysponge256_g() or drysponge256_g_core() to perform the full F operation.
Performs the DrySPONGE256 G function which runs the core rounds and squeezes data out of the GASGON-256 state.
- Parameters
-
| state | The DrySPONGE256 state. |
The data that is squeezed out will be in state->r on exit.
Performs the DrySPONGE256 G function which runs the core rounds but does not squeeze out any output.
- Parameters
-
| state | The DrySPONGE256 state. |
| void drysponge256_setup |
( |
drysponge256_state_t * |
state, |
|
|
const unsigned char * |
key, |
|
|
const unsigned char * |
nonce, |
|
|
int |
final_block |
|
) |
| |
Set up a DrySPONGE256 state to begin encryption or decryption.
- Parameters
-
| state | The DrySPONGE256 state. |
| key | Points to the 32 bytes of the key. |
| nonce | Points to the 16 bytes of the nonce. |
| final_block | Non-zero if after key setup there will be no more blocks. |
Permutes the GASCON-128 state using one iteration of CoreRound.
- Parameters
-
| state | The GASCON-128 state to be permuted. |
| round | The round number. |
The input and output state will be in little-endian byte order.
Permutes the GASCON-256 state using one iteration of CoreRound.
- Parameters
-
| state | The GASCON-256 state to be permuted. |
| round | The round number. |
The input and output state will be in little-endian byte order.
1.8.6
