tree checksum vpatch file split hunks
all signers: diana_coman
antecedents: eucrypt_ch7_keccak_sponge
press order:
| eucrypt_genesis | diana_coman |
| eucrypt_ch6_keccak_permutations | diana_coman |
| eucrypt_ch7_keccak_sponge | diana_coman |
| eucrypt_ch9_keccak_endianness | diana_coman |
patch:
(1 . 4)(1 . 5)- 9356ACB04F2091A9A611331387E055BCB8E58E7B28AE7FE4E0562486C802598AD3F24BBC20F05E539A3DB6274E75CD02F5A31DAC5BB2499F3CF2BF094994DDC0
5 -- S.MG, 2018
6 with System; use System; -- for Bit_Order
7
8 package body SMG_Keccak is
9
(64 . 34)(65 . 58)
11 end Sponge;
12
13 -- convert from a bitstream of ZWord size to an actual ZWord number
14 -- first bit of bitstream will be most significant bit of ZWord
15 function BitsToWord( Bits: in Bitword ) return ZWord is
16 W: ZWord;
17 P: Natural;
18 function BitsToWord( BWord: in Bitword ) return ZWord is
19 W : ZWord;
20 Bits: Bitword;
21 begin
22 -- just copy octets if machine is little endian
23 -- flip octets if machine is big endian
24 if Default_Bit_Order = Low_Order_First then
25 Bits := BWord;
26 else
27 Bits := FlipOctets( BWord );
28 end if;
29 -- actual bits to word conversion
30 W := 0;
31 P := 0;
32 -- LSB bit order (inside octet) as per Keccak spec
33 for I in reverse Bitword'Range loop
34 W := W + ZWord( Bits(I) ) * ( 2**P );
35 P := P + 1;
36 W := Shift_Left( W, 1 ) + ZWord( Bits( I ) );
37 end loop;
38 return W;
39 end BitsToWord;
40
41 -- convert from a ZWord (lane of state) to a bitstream of ZWord size
42 -- most significant bit of ZWord will be left most bit of bitstream
43 function WordToBits( Word: in ZWord ) return Bitword is
44 Bits: Bitword := (others => 0);
45 W: ZWord;
46 begin
47 W := Word;
48 for I in reverse Bitword'Range loop
49 for I in Bitword'Range loop
50 Bits( I ) := Bit( W mod 2 );
51 W := W / 2;
52 W := Shift_Right( W, 1 );
53 end loop;
54
55 -- flip octets if machine is big endian
56 if Default_Bit_Order = High_Order_First then
57 Bits := FlipOctets( Bits );
58 end if;
59
60 return Bits;
61 end WordToBits;
62
63 -- flip given octets (i.e. groups of 8 bits)
64 function FlipOctets( BWord : in Bitword ) return Bitword is
65 Bits : Bitword;
66 begin
67 -- copy groups of 8 octets changing their order in the array
68 -- i.e. 1st octet in BWord becomes last octet in Bits and so on
69 for I in 0 .. ( Bitword'Length / 8 - 1 ) loop
70 Bits ( Bits'First + I * 8 .. Bits'First + I * 8 + 7 ) :=
71 BWord( BWord'Last - I * 8 - 7 .. BWord'Last - I * 8);
72 end loop;
73 return Bits;
74 end FlipOctets;
75
76 -- helper procedures for sponge absorb/squeeze
77
78 -- NO scramble here, this will absorb ALL given block, make sure it fits!
(40 . 8)(40 . 11)- B91E0448A3D5EC419C7E47701E8A3BFC53082601B860AC093EDD13606C093D1C6F112F514A8A90C0825713B45B5C273145D67D90D291631D6AAF940300DF9386
83 subtype Bitword is Bitstream( 0..Z_Length - 1 ); -- bits of one state "word"
84
85 -- type conversions
86 function BitsToWord( Bits: in Bitword ) return ZWord;
87 function WordToBits( Word: in ZWord ) return Bitword;
88 function BitsToWord( BWord : in Bitword ) return ZWord;
89 function WordToBits( Word : in ZWord ) return Bitword;
90
91 -- flip input octets (i.e. groups of 8 bits)
92 function FlipOctets( BWord : in Bitword ) return Bitword;
93
94 -- public function, the sponge itself
95 -- Keccak sponge structure using Keccak_Function, Pad and a given bitrate;
(109 . 6)(112 . 11)
97 return ZWord;
98 pragma Import(Intrinsic, Shift_Right);
99
100 function Shift_Left( Value : ZWord;
101 Amount : Natural)
102 return ZWord;
103 pragma Import(Intrinsic, Shift_Left);
104
105 --Keccak transformations of the internal state
106 function Theta ( Input : in State) return State;
107 function Rho ( Input : in State) return State;
(164 . 7)(164 . 7)
112 expected: ZWord;
113 obtained: ZWord;
114 begin
115 expected := 16#E7DDE140798F25F1#;
116 expected := 16#8FA4F19E0287BBE7#;
117 bits := (1,1,1,0, 0,1,1,1, 1,1,0,1, 1,1,0,1, 1,1,1,0, 0,0,0,1, 0,1,0,0,
118 0,0,0,0, 0,1,1,1, 1,0,0,1, 1,0,0,0, 1,1,1,1, 0,0,1,0, 0,1,0,1,
119 1,1,1,1, 0,0,0,1);
(196 . 32)(196 . 77)
121 end if;
122 end test_bits_to_word_conversion;
123
124 procedure test_flip is
125 B: constant Bitword := (1, 0, 1, 1, 1, 1, 0, 0,
126 1, 1, 1, 0, 0, 0, 0, 1,
127 0, 1, 1, 0, 0, 0, 1, 0,
128 1, 1, 1, 1, 1, 1, 1, 1,
129 1, 1, 0, 1, 1, 0, 0, 1,
130 0, 0, 0, 0, 0, 0, 0, 0,
131 0, 0, 1, 1, 0, 0, 0, 1,
132 0, 0, 0, 1, 1, 0, 0, 0);
133 Expected: Bitword := (0, 0, 0, 1, 1, 0, 0, 0,
134 0, 0, 1, 1, 0, 0, 0, 1,
135 0, 0, 0, 0, 0, 0, 0, 0,
136 1, 1, 0, 1, 1, 0, 0, 1,
137 1, 1, 1, 1, 1, 1, 1, 1,
138 0, 1, 1, 0, 0, 0, 1, 0,
139 1, 1, 1, 0, 0, 0, 0, 1,
140 1, 0, 1, 1, 1, 1, 0, 0);
141 Output : Bitword;
142 begin
143 Output := FlipOctets( B );
144 if Output /= Expected then
145 Put_Line( "FAILED: flip octets" );
146 Put_Line( "Expected: " );
147 for I of Expected loop
148 Put(Bit'Image(I));
149 end loop;
150 new_line(1);
151 Put_Line( "Output: " );
152 for I of Output loop
153 Put(Bit'Image(I));
154 end loop;
155 new_line(1);
156 else
157 Put_Line( "PASSED: flip octets" );
158 end if;
159 end test_flip;
160
161 procedure test_sponge is
162 Bitrate : constant Keccak_Rate := 1344;
163 Input : Bitstream(1..5) := (1, 1, 0, 0, 1);
164 Output : Bitstream(1..Bitrate*2);
165 Hex : array(0..15) of Character := ("0123456789ABCDEF");
166 HexString : String(1..Bitrate/2);
167 C : Natural;
168 ExpHex : String(1..Bitrate/2);
169 HexPos : Natural;
170 Error : Natural;
171 Pos : Natural;
172 ExpHex : constant String :=
173 "CB7FFB7CE7572A06C537858A0090FC2888C3C6BA9A3ADAB4"&
174 "FE7C9AB4EFE7A1E619B834C843A5A79E23F3F7E314AA597D"&
175 "9DAD376E8413A005984D00CF954F62F59EF30B050C99EA64"&
176 "E958335DAE684195D439B6E6DFD0E402518B5E7A227C48CF"&
177 "239CEA1C391241D7605733A9F4B8F3FFBE74EE45A40730ED"&
178 "1E2FDEFCCA941F518708CBB5B6D5A69C30263267B97D7B29"&
179 "AC87043880AE43033B1017EFB75C33248E2962892CE69DA8"&
180 "BAF1DF4C0902B16C64A1ADD42FF458C94C4D3B0B32711BBA"&
181 "22104989982543D1EF1661AFAF2573687D588C81113ED7FA"&
182 "F7DDF912021FC03D0E98ACC0200A9F7A0E9629DBA33BA0A3"&
183 "C03CCA5A7D3560A6DB589422AC64882EF14A62AD9807B353"&
184 "8DEE1548194DBD456F92B568CE76827F41E0FB3C7F25F3A4"&
185 "C707AD825B289730FEBDFD22A3E742C6FB7125DE0E38B130"&
186 "F3059450CA6185156A7EEE2AB7C8E4709956DC6D5E9F99D5"&
187 "0A19473EA7D737AC934815D68C0710235483DB8551FD8756"&
188 "45692B4E5E16BB9B1142AE300F5F69F43F0091D534F372E1"&
189 "FFC2E522E71003E4D27EF6ACCD36B2756FB5FF02DBF0C96B"&
190 "CAE68E7D6427810582F87051590F6FB65D7B948A9C9D6C93"&
191 "AF4562367A0AD79109D6F3087C775FE6D60D66B74F8D29FB"&
192 "4BA80D0168693A748812EA0CD3CA23854CC84D4E716F4C1A"&
193 "A3B340B1DED2F304DFDBACC1D792C8AC9A1426913E3F67DB"&
194 "790FD5CFB77DAA29";
195 Output : Bitstream( 1 .. ExpHex'Length * 4 );
196 HexString : String( 1 .. ExpHex'Length );
197 begin
198 ExpHex := "B57B7DAED6330F79BA5783C5D45EABFFA1461FAC6CEA09BD"&
199 "AAC114F17E23E5B349EECBC907E07FA36ECF8374079811E8"&
200 "5E49243D04182C389E68C733BE698468423DB9891D3A7B10"&
201 "320E0356AB4AB916F68C0EA20365A1D4DBA48218CA89CBB8"&
202 "6D08A34E04544D4100FFE9CB138EADC2D3FC0E8CC2BC15A7"&
203 "5B950776970BFC310F33BF609630D73CAD918CF54657589E"&
204 "42CF7CBF20DE677D2AB7E49389F6F6C3B3FE2992905325CE"&
205 "60931C1515043595ADC1619CB7E034EF52BDC485D03B7FDD"&
206 "7345E849FFB4C4426195C8D88C1E7BF9ADA41B92E006C3DA"&
207 "F1ED0FD63ADD9408A3FC815F727457692727637687C1F79D"&
208 "837DE20798E64C878181C02DF56A533F684459E8A03C8EF6"&
209 "234854531110E6CD9BDEFEA85E35C802B1ACDDF29C9332E2"&
210 "53C0FA72F3ED1ABA274838CFE6EF8BD572E89E1C2135F6A7"&
211 "5BC5D6EA4F85C9A757E68E561A56AC0FC19F1F086C43272F";
212
213 Put_Line("---sponge test---");
214 Sponge(Input, Bitrate, Output);
215 Put_Line("Input is:");
(239 . 12)(284 . 13)
217 Error := 0;
218 for I in 1..Output'Length/4 loop
219 Pos := Output'First + (I-1)*4;
220 C := Natural( Output( Pos ) ) * 8 +
221 Natural( Output( Pos + 1 ) ) * 4 +
222 Natural( Output( Pos + 2 ) ) * 2 +
223 Natural( Output( Pos + 3 ) );
224 Hexstring(I) := Hex(C);
225 if Hexstring(I) /= ExpHex(I) then
226 C := Natural( Output( Pos ) ) +
227 Natural( Output( Pos + 1 ) ) * 2 +
228 Natural( Output( Pos + 2 ) ) * 4 +
229 Natural( Output( Pos + 3 ) ) * 8;
230 HexPos := I + 2 * ( I mod 2 ) - 1;
231 Hexstring(HexPos) := Hex( C );
232 if Hexstring(HexPos) /= ExpHex(HexPos) then
233 Error := Error + 1;
234 end if;
235 end loop;
(305 . 4)(351 . 7)
237 -- test Sponge construction
238 test_sponge;
239
240 -- test flipping octets
241 test_flip;
242
243 end SMG_Keccak.Test;