Leancrypto 0.12.0
Post-Quantum Cryptographic Library
Loading...
Searching...
No Matches
lc_cshake_crypt.h
Go to the documentation of this file.
1/*
2 * Copyright (C) 2022 - 2024, Stephan Mueller <smueller@chronox.de>
3 *
4 * License: see LICENSE file in root directory
5 *
6 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
7 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
8 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ALL OF
9 * WHICH ARE HEREBY DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE
10 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
11 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
12 * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
13 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
14 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
15 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
16 * USE OF THIS SOFTWARE, EVEN IF NOT ADVISED OF THE POSSIBILITY OF SUCH
17 * DAMAGE.
18 */
19
20#ifndef LC_CSHAKE_CRYPT_H
21#define LC_CSHAKE_CRYPT_H
22
23#include "lc_aead.h"
24#include "lc_memory_support.h"
25
26/*
27 * This is the CSHAKE crypt cipher operation using the CSHAKE output as
28 * keystream
29 */
30#include "lc_cshake.h"
31#include "lc_memset_secure.h"
32
33#ifdef __cplusplus
34extern "C" {
35#endif
36
38struct lc_cc_cryptor {
39 struct lc_hash_ctx cshake;
40 struct lc_cshake_ctx auth_ctx;
41 size_t keystream_ptr;
42 uint8_t *keystream;
43};
44
45/*
46 * The block size of the algorithm for generating the key stream. It must be
47 * a multiple of the cSHAKE block size.
48 */
49#define LC_CC_KEYSTREAM_BLOCK LC_SHA3_256_SIZE_BLOCK
50
51#define LC_CSHAKE_CRYPT_ALIGNMENT LC_XOR_ALIGNMENT(LC_HASH_COMMON_ALIGNMENT)
52
53#define LC_ALIGN_CSHAKE_CRYPT_MASK(p) \
54 LC_ALIGN_PTR_8(p, LC_ALIGNMENT_MASK(LC_CSHAKE_CRYPT_ALIGNMENT))
55
56/*
57 * One block LC_CSHAKE_CRYPT_ALIGNMENT is required to ensure the
58 * ->keystream pointer is aligned
59 */
60#define LC_CC_STATE_SIZE(x) \
61 (LC_HASH_STATE_SIZE(x) + LC_CSHAKE_STATE_SIZE_REINIT(x) + \
62 LC_CC_KEYSTREAM_BLOCK + LC_CSHAKE_CRYPT_ALIGNMENT)
63#define LC_CC_CTX_SIZE(x) \
64 (sizeof(struct lc_aead) + sizeof(struct lc_cc_cryptor) + \
65 LC_CC_STATE_SIZE(x))
66
67/* CSHAKE-based AEAD-algorithm */
68extern const struct lc_aead *lc_cshake_aead;
69
70/* Ensure that ->keystream is aligned to XOR alignment requirement */
71#define _LC_CC_SET_CTX(name, hashname) \
72 _LC_HASH_SET_CTX((&name->cshake), hashname, name, \
73 (sizeof(struct lc_cc_cryptor))); \
74 _LC_CSHAKE_SET_CTX_REINIT((&name->auth_ctx), hashname, name, \
75 (sizeof(struct lc_cc_cryptor) + \
76 LC_HASH_STATE_SIZE(hashname))); \
77 name->keystream = LC_ALIGN_CSHAKE_CRYPT_MASK( \
78 (uint8_t *)((uint8_t *)name + \
79 (sizeof(struct lc_cc_cryptor) + \
80 LC_HASH_STATE_SIZE(hashname) + \
81 LC_CSHAKE_STATE_SIZE_REINIT(hashname))))
82
83#define LC_CC_SET_CTX(name, hashname) \
84 LC_AEAD_CTX(name, lc_cshake_aead); \
85 _LC_CC_SET_CTX(((struct lc_cc_cryptor *)name->aead_state), hashname)
87
99int lc_cc_alloc(const struct lc_hash *hash, struct lc_aead_ctx **ctx);
100
110#define LC_CC_CTX_ON_STACK(name, hash) \
111 _Pragma("GCC diagnostic push") \
112 _Pragma("GCC diagnostic ignored \"-Wvla\"") _Pragma( \
113 "GCC diagnostic ignored \"-Wdeclaration-after-statement\"") \
114 LC_ALIGNED_BUFFER(name##_ctx_buf, \
115 LC_CC_CTX_SIZE(hash), \
116 LC_CSHAKE_CRYPT_ALIGNMENT); \
117 struct lc_aead_ctx *name = (struct lc_aead_ctx *)name##_ctx_buf; \
118 LC_CC_SET_CTX(name, hash); \
119 _Pragma("GCC diagnostic pop")
120/* invocation of lc_cc_zero_free(name); not needed */
121
122#ifdef __cplusplus
123}
124#endif
125
126#endif /* LC_CSHAKE_CRYPT_H */
lc_hash
void lc_hash(const struct lc_hash *hash, const uint8_t *in, size_t inlen, uint8_t *digest)
Calculate message digest - one-shot.
lc_aead.h
lc_cshake.h
lc_cc_alloc
int lc_cc_alloc(const struct lc_hash *hash, struct lc_aead_ctx **ctx)
Allocate cSHAKE cryptor context on heap.
lc_memory_support.h
lc_memset_secure.h
Generated by doxygen 1.11.0