v

- 1E1EAA78ECCAFFA4235EC739A63D20EE3F399BDD94386915B44CE58212032988CE67481EB2E558C846DFCDCDD8748BDA6E276D20512B487F5A3B86C44C946A40
+ 9356ACB04F2091A9A611331387E055BCB8E58E7B28AE7FE4E0562486C802598AD3F24BBC20F05E539A3DB6274E75CD02F5A31DAC5BB2499F3CF2BF094994DDC0
eucrypt/smg_keccak/smg_keccak.ads
(30 . 10)(30 . 45)
175 
176   type Round_Constants is array(Round_Index) of ZWord;  --magic keccak constants
177 
178   -- rate can be chosen by caller at each call, between 1 and width of state
179   -- higher rate means sponge "eats" more bits at a time but has fewer bits in 
180   --   the "secret" part of the state (i.e. lower capacity)
181   subtype Keccak_Rate is Positive range 1..Width;  -- capacity = width - rate
182 
183   type Bit is mod 2;
184   type Bitstream is array( Natural range <> ) of Bit; -- any length; message
185   subtype Bitword is Bitstream( 0..Z_Length - 1 ); -- bits of one state "word"
186 
187   -- type conversions
188   function BitsToWord( Bits: in Bitword ) return ZWord;
189   function WordToBits( Word: in ZWord ) return Bitword;
190 
191   -- public function, the sponge itself
192   -- Keccak sponge structure using Keccak_Function, Pad and a given bitrate;
193   -- Input - the stream of bits to hash (the message)
194   -- Block_Len - the bitrate to use; this is effectively the block length 
195   --             for splitting Input AND squeezing output between scrambles 
196   -- Output - a bitstream of desired size for holding output
197   procedure Sponge(Input      : in Bitstream;
198                    Block_Len  : in Keccak_Rate;
199                    Output     : out Bitstream);
200 
201 private
202   -- these are internals of the keccak implementation, not meant to be directly 
203   --  accessed/used
204 
205   -- this will squeeze Block'Length bits out of state S
206   -- NO scramble of state in here!
207   -- NB: make SURE that Block'Length is the correct bitrate for this sponge
208   -- in particular, Block'Length should be a correct bitrate aka LESS than Width 
209   procedure SqueezeBlock( Block: out Bitstream; S: in State);
210 
211   -- This absorbs into sponge the given block, modifying the state accordingly
212   -- NO scramble of state in here so make sure the whole Block fits in state!
213   -- NB: make SURE that Block'Length is *the correct bitrate* for this sponge
214   -- in particular, Block'Length should be a correct bitrate aka LESS than Width 
215   procedure AbsorbBlock( Block: in Bitstream; S: in out State );
216 
217   --Keccak magic numbers
218   RC : constant Round_Constants :=
219     (
(74 . 15)(109 . 15)
221                         return ZWord;
222   pragma Import(Intrinsic, Shift_Right); 
223 
224   --Keccak permutations 
225   --Keccak transformations of the internal state
226   function Theta ( Input       : in State) return State;
227   function Rho   ( Input       : in State) return State;
228   function Pi    ( Input       : in State) return State;
229   function Chi   ( Input       : in State) return State;
230   function Iota  ( Round_Const : in ZWord; Input : in State) return State;
231 
232   --Keccak full function with block width currently 1600 (Width constant above)
233   --this simply applies *all* keccak permutations in the correct order and using 
234   --Keccak function with block width currently 1600 (Width constant above)
235   --this simply applies *all* keccak transformations in the correct order, using
236   -- the keccak magic numbers (round constants) as per keccak reference
237   function Keccak_Function(Input: in State) return State;
238