From b3740816ebaac71e8ddbc1bef040c210554ea62d Mon Sep 17 00:00:00 2001 From: lloyd Date: Sat, 11 Dec 2010 16:03:03 +0000 Subject: XOR the input directly into the state. Only slightly faster (about 5% on motoko), but does also reduce memory overhead. Perhaps doing the XOR by hand and then doing aligned 64-bit XORs where possible would be beneficial here. --- src/hash/keccak/keccak.cpp | 33 ++++++++++++++++----------------- src/hash/keccak/keccak.h | 8 ++++++-- 2 files changed, 22 insertions(+), 19 deletions(-) (limited to 'src/hash') diff --git a/src/hash/keccak/keccak.cpp b/src/hash/keccak/keccak.cpp index 6ae92c69c..d26f574b0 100644 --- a/src/hash/keccak/keccak.cpp +++ b/src/hash/keccak/keccak.cpp @@ -10,6 +10,7 @@ #include #include #include +#include namespace Botan { @@ -105,8 +106,7 @@ Keccak_1600::Keccak_1600(size_t output_bits) : bitrate(1600 - 2*output_bits), diversifier(output_bits / 8), S(25), - buffer(bitrate / 8), - buf_pos(0) + S_pos(0) { // We only support the parameters for the SHA-3 proposal @@ -129,8 +129,7 @@ HashFunction* Keccak_1600::clone() const void Keccak_1600::clear() { zeroise(S); - zeroise(buffer); - buf_pos = 0; + S_pos = 0; } void Keccak_1600::add_data(const byte input[], size_t length) @@ -140,21 +139,19 @@ void Keccak_1600::add_data(const byte input[], size_t length) while(length) { - const size_t consumed = std::min(length, buffer.size() - buf_pos); - copy_mem(&buffer[buf_pos], input, consumed); + const size_t consumed = std::min(length, bitrate / 8 - S_pos); + xor_buf(reinterpret_cast(&S[0]) + S_pos, + input, + consumed); input += consumed; length -= consumed; - buf_pos += consumed; + S_pos += consumed; - if(buf_pos == buffer.size()) + if(S_pos == bitrate / 8) { - for(size_t i = 0; i != buffer.size() / 8; ++i) - S[i] ^= load_le(&buffer[0], i); - keccak_f_1600(&S[0]); - - buf_pos = 0; + S_pos = 0; } } } @@ -165,15 +162,17 @@ void Keccak_1600::final_result(byte output[]) add_data(padding, sizeof(padding)); - if(buf_pos) - for(size_t i = buf_pos; i != buffer.size(); ++i) - update(0x00); + if(S_pos) + { + keccak_f_1600(&S[0]); + S_pos = 0; + } /* * We never have to run the permutation again because we only support * limited output lengths */ - for(size_t i = 0; i != output_length(); ++i) + for(size_t i = 0; i != output_bits/8; ++i) output[i] = get_byte(7 - (i % 8), S[i/8]); } diff --git a/src/hash/keccak/keccak.h b/src/hash/keccak/keccak.h index 62269c9a1..1c6ec3122 100644 --- a/src/hash/keccak/keccak.h +++ b/src/hash/keccak/keccak.h @@ -20,6 +20,11 @@ namespace Botan { class BOTAN_DLL Keccak_1600 : public HashFunction { public: + + /** + * @param output_bits the size of the hash output; must be one of + * 224, 256, 384, or 512 + */ Keccak_1600(size_t output_bits = 512); size_t hash_block_size() const { return bitrate / 8; } @@ -35,8 +40,7 @@ class BOTAN_DLL Keccak_1600 : public HashFunction size_t output_bits, bitrate; byte diversifier; SecureVector S; - SecureVector buffer; - size_t buf_pos; + size_t S_pos; }; } -- cgit v1.2.3