Crypto++  8.8
Free C++ class library of cryptographic schemes
keccak_core.cpp
1 // keccakc.cpp - Keccak core functions shared between SHA3 and Keccak.
2 // written and placed in the public domain by JW.
3 
4 /*
5 The Keccak sponge function, designed by Guido Bertoni, Joan Daemen,
6 Michael Peeters and Gilles Van Assche. For more information, feedback or
7 questions, please refer to our website: http://keccak.noekeon.org/
8 
9 Implementation by Ronny Van Keer, hereby denoted as "the implementer".
10 
11 To the extent possible under law, the implementer has waived all copyright
12 and related or neighboring rights to the source code in this file.
13 http://creativecommons.org/publicdomain/zero/1.0/
14 */
15 
16 #include "pch.h"
17 #include "keccak.h"
18 
19 NAMESPACE_BEGIN(CryptoPP)
20 
21 // The Keccak core function
22 extern void KeccakF1600(word64 *state);
23 // The F1600 round constants
24 extern const word64 KeccakF1600Constants[24];
25 
26 NAMESPACE_END
27 
28 NAMESPACE_BEGIN(CryptoPP)
29 
30 CRYPTOPP_ALIGN_DATA(8)
31 const word64 KeccakF1600Constants[24] =
32 {
33  W64LIT(0x0000000000000001), W64LIT(0x0000000000008082),
34  W64LIT(0x800000000000808a), W64LIT(0x8000000080008000),
35  W64LIT(0x000000000000808b), W64LIT(0x0000000080000001),
36  W64LIT(0x8000000080008081), W64LIT(0x8000000000008009),
37  W64LIT(0x000000000000008a), W64LIT(0x0000000000000088),
38  W64LIT(0x0000000080008009), W64LIT(0x000000008000000a),
39  W64LIT(0x000000008000808b), W64LIT(0x800000000000008b),
40  W64LIT(0x8000000000008089), W64LIT(0x8000000000008003),
41  W64LIT(0x8000000000008002), W64LIT(0x8000000000000080),
42  W64LIT(0x000000000000800a), W64LIT(0x800000008000000a),
43  W64LIT(0x8000000080008081), W64LIT(0x8000000000008080),
44  W64LIT(0x0000000080000001), W64LIT(0x8000000080008008)
45 };
46 
47 void KeccakF1600(word64 *state)
48 {
49  word64 Aba, Abe, Abi, Abo, Abu;
50  word64 Aga, Age, Agi, Ago, Agu;
51  word64 Aka, Ake, Aki, Ako, Aku;
52  word64 Ama, Ame, Ami, Amo, Amu;
53  word64 Asa, Ase, Asi, Aso, Asu;
54  word64 BCa, BCe, BCi, BCo, BCu;
55  word64 Da, De, Di, Do, Du;
56  word64 Eba, Ebe, Ebi, Ebo, Ebu;
57  word64 Ega, Ege, Egi, Ego, Egu;
58  word64 Eka, Eke, Eki, Eko, Eku;
59  word64 Ema, Eme, Emi, Emo, Emu;
60  word64 Esa, Ese, Esi, Eso, Esu;
61 
62  typedef BlockGetAndPut<word64, LittleEndian, true, true> Block;
63  Block::Get(state)(Aba)(Abe)(Abi)(Abo)(Abu)(Aga)(Age)(Agi)(Ago)(Agu)(Aka)(Ake)(Aki)(Ako)(Aku)(Ama)(Ame)(Ami)(Amo)(Amu)(Asa)(Ase)(Asi)(Aso)(Asu);
64 
65  for( unsigned int round = 0; round < 24; round += 2 )
66  {
67  // prepareTheta
68  BCa = Aba^Aga^Aka^Ama^Asa;
69  BCe = Abe^Age^Ake^Ame^Ase;
70  BCi = Abi^Agi^Aki^Ami^Asi;
71  BCo = Abo^Ago^Ako^Amo^Aso;
72  BCu = Abu^Agu^Aku^Amu^Asu;
73 
74  //thetaRhoPiChiIotaPrepareTheta(round , A, E)
75  Da = BCu^rotlConstant<1>(BCe);
76  De = BCa^rotlConstant<1>(BCi);
77  Di = BCe^rotlConstant<1>(BCo);
78  Do = BCi^rotlConstant<1>(BCu);
79  Du = BCo^rotlConstant<1>(BCa);
80 
81  Aba ^= Da;
82  BCa = Aba;
83  Age ^= De;
84  BCe = rotlConstant<44>(Age);
85  Aki ^= Di;
86  BCi = rotlConstant<43>(Aki);
87  Amo ^= Do;
88  BCo = rotlConstant<21>(Amo);
89  Asu ^= Du;
90  BCu = rotlConstant<14>(Asu);
91  Eba = BCa ^((~BCe)& BCi );
92  Eba ^= KeccakF1600Constants[round];
93  Ebe = BCe ^((~BCi)& BCo );
94  Ebi = BCi ^((~BCo)& BCu );
95  Ebo = BCo ^((~BCu)& BCa );
96  Ebu = BCu ^((~BCa)& BCe );
97 
98  Abo ^= Do;
99  BCa = rotlConstant<28>(Abo);
100  Agu ^= Du;
101  BCe = rotlConstant<20>(Agu);
102  Aka ^= Da;
103  BCi = rotlConstant<3>(Aka);
104  Ame ^= De;
105  BCo = rotlConstant<45>(Ame);
106  Asi ^= Di;
107  BCu = rotlConstant<61>(Asi);
108  Ega = BCa ^((~BCe)& BCi );
109  Ege = BCe ^((~BCi)& BCo );
110  Egi = BCi ^((~BCo)& BCu );
111  Ego = BCo ^((~BCu)& BCa );
112  Egu = BCu ^((~BCa)& BCe );
113 
114  Abe ^= De;
115  BCa = rotlConstant<1>(Abe);
116  Agi ^= Di;
117  BCe = rotlConstant<6>(Agi);
118  Ako ^= Do;
119  BCi = rotlConstant<25>(Ako);
120  Amu ^= Du;
121  BCo = rotlConstant<8>(Amu);
122  Asa ^= Da;
123  BCu = rotlConstant<18>(Asa);
124  Eka = BCa ^((~BCe)& BCi );
125  Eke = BCe ^((~BCi)& BCo );
126  Eki = BCi ^((~BCo)& BCu );
127  Eko = BCo ^((~BCu)& BCa );
128  Eku = BCu ^((~BCa)& BCe );
129 
130  Abu ^= Du;
131  BCa = rotlConstant<27>(Abu);
132  Aga ^= Da;
133  BCe = rotlConstant<36>(Aga);
134  Ake ^= De;
135  BCi = rotlConstant<10>(Ake);
136  Ami ^= Di;
137  BCo = rotlConstant<15>(Ami);
138  Aso ^= Do;
139  BCu = rotlConstant<56>(Aso);
140  Ema = BCa ^((~BCe)& BCi );
141  Eme = BCe ^((~BCi)& BCo );
142  Emi = BCi ^((~BCo)& BCu );
143  Emo = BCo ^((~BCu)& BCa );
144  Emu = BCu ^((~BCa)& BCe );
145 
146  Abi ^= Di;
147  BCa = rotlConstant<62>(Abi);
148  Ago ^= Do;
149  BCe = rotlConstant<55>(Ago);
150  Aku ^= Du;
151  BCi = rotlConstant<39>(Aku);
152  Ama ^= Da;
153  BCo = rotlConstant<41>(Ama);
154  Ase ^= De;
155  BCu = rotlConstant<2>(Ase);
156  Esa = BCa ^((~BCe)& BCi );
157  Ese = BCe ^((~BCi)& BCo );
158  Esi = BCi ^((~BCo)& BCu );
159  Eso = BCo ^((~BCu)& BCa );
160  Esu = BCu ^((~BCa)& BCe );
161 
162  // prepareTheta
163  BCa = Eba^Ega^Eka^Ema^Esa;
164  BCe = Ebe^Ege^Eke^Eme^Ese;
165  BCi = Ebi^Egi^Eki^Emi^Esi;
166  BCo = Ebo^Ego^Eko^Emo^Eso;
167  BCu = Ebu^Egu^Eku^Emu^Esu;
168 
169  //thetaRhoPiChiIotaPrepareTheta(round+1, E, A)
170  Da = BCu^rotlConstant<1>(BCe);
171  De = BCa^rotlConstant<1>(BCi);
172  Di = BCe^rotlConstant<1>(BCo);
173  Do = BCi^rotlConstant<1>(BCu);
174  Du = BCo^rotlConstant<1>(BCa);
175 
176  Eba ^= Da;
177  BCa = Eba;
178  Ege ^= De;
179  BCe = rotlConstant<44>(Ege);
180  Eki ^= Di;
181  BCi = rotlConstant<43>(Eki);
182  Emo ^= Do;
183  BCo = rotlConstant<21>(Emo);
184  Esu ^= Du;
185  BCu = rotlConstant<14>(Esu);
186  Aba = BCa ^((~BCe)& BCi );
187  Aba ^= KeccakF1600Constants[round+1];
188  Abe = BCe ^((~BCi)& BCo );
189  Abi = BCi ^((~BCo)& BCu );
190  Abo = BCo ^((~BCu)& BCa );
191  Abu = BCu ^((~BCa)& BCe );
192 
193  Ebo ^= Do;
194  BCa = rotlConstant<28>(Ebo);
195  Egu ^= Du;
196  BCe = rotlConstant<20>(Egu);
197  Eka ^= Da;
198  BCi = rotlConstant<3>(Eka);
199  Eme ^= De;
200  BCo = rotlConstant<45>(Eme);
201  Esi ^= Di;
202  BCu = rotlConstant<61>(Esi);
203  Aga = BCa ^((~BCe)& BCi );
204  Age = BCe ^((~BCi)& BCo );
205  Agi = BCi ^((~BCo)& BCu );
206  Ago = BCo ^((~BCu)& BCa );
207  Agu = BCu ^((~BCa)& BCe );
208 
209  Ebe ^= De;
210  BCa = rotlConstant<1>(Ebe);
211  Egi ^= Di;
212  BCe = rotlConstant<6>(Egi);
213  Eko ^= Do;
214  BCi = rotlConstant<25>(Eko);
215  Emu ^= Du;
216  BCo = rotlConstant<8>(Emu);
217  Esa ^= Da;
218  BCu = rotlConstant<18>(Esa);
219  Aka = BCa ^((~BCe)& BCi );
220  Ake = BCe ^((~BCi)& BCo );
221  Aki = BCi ^((~BCo)& BCu );
222  Ako = BCo ^((~BCu)& BCa );
223  Aku = BCu ^((~BCa)& BCe );
224 
225  Ebu ^= Du;
226  BCa = rotlConstant<27>(Ebu);
227  Ega ^= Da;
228  BCe = rotlConstant<36>(Ega);
229  Eke ^= De;
230  BCi = rotlConstant<10>(Eke);
231  Emi ^= Di;
232  BCo = rotlConstant<15>(Emi);
233  Eso ^= Do;
234  BCu = rotlConstant<56>(Eso);
235  Ama = BCa ^((~BCe)& BCi );
236  Ame = BCe ^((~BCi)& BCo );
237  Ami = BCi ^((~BCo)& BCu );
238  Amo = BCo ^((~BCu)& BCa );
239  Amu = BCu ^((~BCa)& BCe );
240 
241  Ebi ^= Di;
242  BCa = rotlConstant<62>(Ebi);
243  Ego ^= Do;
244  BCe = rotlConstant<55>(Ego);
245  Eku ^= Du;
246  BCi = rotlConstant<39>(Eku);
247  Ema ^= Da;
248  BCo = rotlConstant<41>(Ema);
249  Ese ^= De;
250  BCu = rotlConstant<2>(Ese);
251  Asa = BCa ^((~BCe)& BCi );
252  Ase = BCe ^((~BCi)& BCo );
253  Asi = BCi ^((~BCo)& BCu );
254  Aso = BCo ^((~BCu)& BCa );
255  Asu = BCu ^((~BCa)& BCe );
256  }
257 
258  Block::Put(NULLPTR, state)(Aba)(Abe)(Abi)(Abo)(Abu)(Aga)(Age)(Agi)(Ago)(Agu)(Aka)(Ake)(Aki)(Ako)(Aku)(Ama)(Ame)(Ami)(Amo)(Amu)(Asa)(Ase)(Asi)(Aso)(Asu);
259 }
260 
261 NAMESPACE_END
PutBlock
Access a block of memory.
Definition: misc.h:3016
W64LIT
#define W64LIT(x)
Declare an unsigned word64.
Definition: config_int.h:129
word64
unsigned long long word64
64-bit unsigned datatype
Definition: config_int.h:101
keccak.h
Classes for Keccak message digests.
CryptoPP
Crypto++ library namespace.
pch.h
Precompiled header file.
BlockGetAndPut
Access a block of memory.
Definition: misc.h:3053
Generated on Mon Jun 26 2023 03:35:19 for Crypto++ by doxygen 1.9.1