6052601502

Committed 01 Sep 2023 03:07AM UTC coverage: 91.704% (-0.004%) from 91.708%

Build # 6052601502

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #3673 from falko-strenzke/refact-sha3

Refactoring SHA3: based on new permutation keccak-fips

Run Details

78576 of 85684 relevant lines covered (91.7%)

8473544.9 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

98.18

/src/lib/stream/shake_cipher/shake_cipher.cpp

/*
 * SHAKE-128 and SHAKE-256
 * (C) 2016 Jack Lloyd
 *     2022 René Meusel, Michael Boric - Rohde & Schwarz Cybersecurity
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 */

#include <botan/internal/shake_cipher.h>

#include <botan/exceptn.h>

namespace Botan {

SHAKE_Cipher::SHAKE_Cipher(size_t keccak_capacity) :
      m_keccak(keccak_capacity, 0xF, 4),
      m_has_keying_material(false),
      m_keystream_buffer(buffer_size()),
      m_bytes_generated(0) {}

void SHAKE_Cipher::set_iv_bytes(const uint8_t /*iv*/[], size_t length) {
   /*
   * This could be supported in some way (say, by treating iv as
   * a prefix or suffix of the key).
   */
   if(length != 0) {
      throw Invalid_IV_Length(name(), length);
   }
}

void SHAKE_Cipher::seek(uint64_t /*offset*/) {
   throw Not_Implemented("SHAKE_Cipher::seek");
}

void SHAKE_Cipher::clear() {
   m_keccak.clear();
   m_has_keying_material = false;
   zeroise(m_keystream_buffer);
   m_bytes_generated = 0;
}

void SHAKE_Cipher::cipher_bytes(const uint8_t in[], uint8_t out[], size_t length) {
   assert_key_material_set();

   const auto block_size = m_keystream_buffer.size();

   auto cipher_some = [&](size_t bytes) {
      if(bytes > 0) {
         BOTAN_ASSERT_NOMSG(bytes <= block_size);
         BOTAN_ASSERT_NOMSG(bytes <= length);
         generate_keystream_internal(std::span(m_keystream_buffer).first(bytes));
         xor_buf(out, m_keystream_buffer.data(), in, bytes);
         out += bytes;
         in += bytes;
         length -= bytes;
      }
   };

   // Bring us back into alignment with the XOF's underlying blocks
   if(length > block_size) {
      const auto bytes_to_alignment = block_size - m_bytes_generated % block_size;
      cipher_some(bytes_to_alignment);
   }

   // Consume the XOF's output stream block-wise as long as we can
   while(length >= block_size) {
      cipher_some(block_size);
   }

   // Process remaining data, potentially causing misalignment
   cipher_some(length);
}

void SHAKE_Cipher::generate_keystream(uint8_t out[], size_t length) {
   assert_key_material_set();
   generate_keystream_internal({out, length});
}

void SHAKE_Cipher::generate_keystream_internal(std::span<uint8_t> out) {
   m_keccak.squeeze(out);
   m_bytes_generated += out.size();
}

void SHAKE_Cipher::key_schedule(const uint8_t key[], size_t length) {
   clear();
   m_keccak.absorb({key, length});
   m_keccak.finish();
   m_has_keying_material = true;
}

Key_Length_Specification SHAKE_Cipher::key_spec() const {
   return Key_Length_Specification(1, 160);
}

SHAKE_128_Cipher::SHAKE_128_Cipher() : SHAKE_Cipher(256) {}

SHAKE_256_Cipher::SHAKE_256_Cipher() : SHAKE_Cipher(512) {}

}  // namespace Botan

1	/*
2	* SHAKE-128 and SHAKE-256
3	* (C) 2016 Jack Lloyd
4	* 2022 René Meusel, Michael Boric - Rohde & Schwarz Cybersecurity
5	*
6	* Botan is released under the Simplified BSD License (see license.txt)
7	*/
8
9	#include <botan/internal/shake_cipher.h>
10
11	#include <botan/exceptn.h>
12
13	namespace Botan {
14
15	SHAKE_Cipher::SHAKE_Cipher(size_t keccak_capacity) :	99,725✔
16	m_keccak(keccak_capacity, 0xF, 4),	99,725✔
17	m_has_keying_material(false),	99,725✔
18	m_keystream_buffer(buffer_size()),	99,725✔
19	m_bytes_generated(0) {}	199,450✔
20
21	void SHAKE_Cipher::set_iv_bytes(const uint8_t /iv/[], size_t length) {	6,870✔
22	/*
23	* This could be supported in some way (say, by treating iv as
24	* a prefix or suffix of the key).
25	*/
26	if(length != 0) {	6,870✔
27	throw Invalid_IV_Length(name(), length);	4,580✔
28	}
29	}	4,580✔
30
31	void SHAKE_Cipher::seek(uint64_t /offset/) {	2,290✔
32	throw Not_Implemented("SHAKE_Cipher::seek");	2,290✔
33	}
34
35	void SHAKE_Cipher::clear() {	112,347✔
36	m_keccak.clear();	112,347✔
37	m_has_keying_material = false;	112,347✔
38	zeroise(m_keystream_buffer);	112,347✔
39	m_bytes_generated = 0;	112,347✔
40	}	112,347✔
41
42	void SHAKE_Cipher::cipher_bytes(const uint8_t in[], uint8_t out[], size_t length) {	9,160✔
43	assert_key_material_set();	9,160✔
44
45	const auto block_size = m_keystream_buffer.size();	4,580✔
46
47	auto cipher_some = [&](size_t bytes) {	9,252✔
48	if(bytes > 0) {	4,672✔
49	BOTAN_ASSERT_NOMSG(bytes <= block_size);	4,654✔
50	BOTAN_ASSERT_NOMSG(bytes <= length);	4,654✔
51	generate_keystream_internal(std::span(m_keystream_buffer).first(bytes));	4,654✔
52	xor_buf(out, m_keystream_buffer.data(), in, bytes);	4,654✔
53	out += bytes;	4,654✔
54	in += bytes;	4,654✔
55	length -= bytes;	4,654✔
56	}
57	};	9,252✔
58
59	// Bring us back into alignment with the XOF's underlying blocks
60	if(length > block_size) {	4,580✔
61	const auto bytes_to_alignment = block_size - m_bytes_generated % block_size;	74✔
62	cipher_some(bytes_to_alignment);	74✔
63	}
64
65	// Consume the XOF's output stream block-wise as long as we can
66	while(length >= block_size) {	4,598✔
67	cipher_some(block_size);	18✔
68	}
69
70	// Process remaining data, potentially causing misalignment
71	cipher_some(length);	4,580✔
72	}	4,580✔
73
74	void SHAKE_Cipher::generate_keystream(uint8_t out[], size_t length) {	124,432✔
75	assert_key_material_set();	124,432✔
76	generate_keystream_internal({out, length});	124,432✔
77	}	124,432✔
78
79	void SHAKE_Cipher::generate_keystream_internal(std::span<uint8_t> out) {	129,086✔
80	m_keccak.squeeze(out);	129,086✔
81	m_bytes_generated += out.size();	4,654✔
82	}	×
83
84	void SHAKE_Cipher::key_schedule(const uint8_t key[], size_t length) {	110,057✔
85	clear();	110,057✔
86	m_keccak.absorb({key, length});	110,057✔
87	m_keccak.finish();	110,057✔
88	m_has_keying_material = true;	110,057✔
89	}	110,057✔
90
91	Key_Length_Specification SHAKE_Cipher::key_spec() const {	114,637✔
92	return Key_Length_Specification(1, 160);	114,637✔
93	}
94
95	SHAKE_128_Cipher::SHAKE_128_Cipher() : SHAKE_Cipher(256) {}	73,414✔
96
97	SHAKE_256_Cipher::SHAKE_256_Cipher() : SHAKE_Cipher(512) {}	26,311✔
98
99	} // namespace Botan

randombit / botan / 6052601502

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous