Skip to content

Commit

Permalink
Merge pull request #124 from formosa-crypto/feature/crypto_hash_sct
Browse files Browse the repository at this point in the history
crypto_hash implementations: Checking for S-CT
  • Loading branch information
tfaoliveira-sb authored Jun 27, 2024
2 parents 3a6c9b4 + 11385db commit 8a2adc7
Show file tree
Hide file tree
Showing 45 changed files with 702 additions and 85 deletions.
6 changes: 2 additions & 4 deletions src/common/keccak/common/fips202_DIRTY.jinc
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
param int KECCAK_ROUNDS=24;

from Jade require "common/keccak/keccak1600/amd64/avx2/keccak1600.jinc"
from Jade require "common/keccak/keccak1600/amd64/avx2/keccakf1600.jinc"
from Jade require "common/keccak/keccak1600/amd64/avx2/keccak1600_nomsf.jinc"
from Jade require "common/keccak/keccak1600/amd64/avx2/keccakf1600_nomsf.jinc"
require "fips202_params.jinc"

#[returnaddress="stack"]
Expand Down
119 changes: 85 additions & 34 deletions src/common/keccak/keccak1600/amd64/avx2/keccak1600.jinc
Original file line number Diff line number Diff line change
Expand Up @@ -33,23 +33,32 @@ inline fn __add_full_block_avx2(
stack u64[28] s_state,
reg ptr u64[25] a_jagged_p,
reg u64 in inlen,
reg u64 rate
) -> reg u256[7], stack u64[28], reg u64, reg u64
reg u64 rate,
#msf reg u64 ms
) -> reg u256[7], stack u64[28], reg u64, reg u64, #msf reg u64
{

inline int i;
reg u64 j l t rate8;
reg bool loop_condition;

rate8 = rate;
rate8 >>= 3;
j = 0;
while ( j < rate8 )
while { loop_condition = ( j < rate8 ); } ( loop_condition )
{
ms = #update_msf(loop_condition, ms);

t = [in + 8*j];

l = a_jagged_p[(int) j];
l = #protect(l, ms);

s_state[(int) l] = t;
j += 1;

}
ms = #update_msf(!loop_condition, ms);

//TODO: check & change to #VPBROADCAST_4u64
t = s_state[0];
Expand All @@ -63,7 +72,7 @@ inline fn __add_full_block_avx2(
in += rate;
inlen -= rate;

return state, s_state, in, inlen;
return state, s_state, in, inlen, ms;
}


Expand All @@ -74,42 +83,56 @@ inline fn __add_final_block_avx2(
reg ptr u64[25] a_jagged_p,
reg u64 in inlen,
reg u8 trail_byte,
reg u64 rate
) -> reg u256[7]
reg u64 rate,
#msf reg u64 ms
) -> reg u256[7], #msf reg u64
{
inline int i;
reg u64 j l t inlen8;
reg u8 c;
reg bool loop_condition;

s_state = __init_s_state_avx2();

inlen8 = inlen;
inlen8 >>= 3;
j = 0;
while ( j < inlen8 )

while { loop_condition = (j < inlen8); } ( loop_condition )
{
ms = #update_msf(loop_condition, ms);

t = [in + 8*j];
l = a_jagged_p[(int) j];
l = #protect(l, ms);

s_state[(int) l] = t;
j += 1;
}
ms = #update_msf(!loop_condition, ms);

l = a_jagged_p[(int) j];
l = #protect(l, ms);

l <<= 3;
j <<= 3;

while ( j < inlen )
while { loop_condition = ( j < inlen ); } ( loop_condition )
{
ms = #update_msf(loop_condition, ms);
c = (u8)[in + j];
s_state[u8 (int) l] = c;
j += 1;
l += 1;
}
ms = #update_msf(!loop_condition, ms);

s_state[u8 (int) l] = trail_byte;

// j = (rate-1) >> 3;
j = rate; j -= 1; j >>= 3;
l = a_jagged_p[(int) j];
l = #protect(l, ms);
l <<= 3;
// l += ((rate-1) & 0x7)
j = rate; j -= 1; j &= 0x7;
Expand All @@ -125,7 +148,7 @@ inline fn __add_final_block_avx2(
for i = 0 to 7
{ state[i] ^= s_state[u256 i]; }

return state;
return state, ms;
}


Expand All @@ -134,30 +157,37 @@ inline fn __xtr_full_block_avx2(
reg u256[7] state,
reg ptr u64[25] a_jagged_p,
reg u64 out,
reg u64 len
) -> reg u64
reg u64 len,
#msf reg u64 ms
) -> reg u64, #msf reg u64
{
inline int i;
stack u64[28] s_state;
reg u64 j l t len8;
reg bool loop_condition;

for i = 0 to 7
{ s_state[u256 i] = state[i]; }

len8 = len;
len8 >>= 3;
j = 0;
while ( j < len8 )
while { loop_condition = ( j < len8 ); } ( loop_condition )
{
ms = #update_msf(loop_condition, ms);

l = a_jagged_p[(int) j];
l = #protect(l, ms);

t = s_state[(int) l];
[out + 8*j] = t;
j += 1;
}
ms = #update_msf(!loop_condition, ms);

out += len;

return out;
return out, ms;
}


Expand All @@ -166,27 +196,38 @@ inline fn __xtr_bytes_avx2(
reg u256[7] state,
reg ptr u64[25] a_jagged_p,
reg u64 out,
reg u64 len
reg u64 len,
#msf reg u64 ms
) -> reg u64
{
inline int i;
stack u64[28] s_state;
reg u64 j l t len8;
reg u8 c;
reg bool loop_condition;

for i = 0 to 7
{ s_state[u256 i] = state[i]; }

len8 = len;
len8 >>= 3;
j = 0;
while ( j < len8 )
{ l = a_jagged_p[(int) j];
while { loop_condition = ( j < len8 ); } ( loop_condition )
{
ms = #update_msf(loop_condition, ms);

l = a_jagged_p[(int) j];
l = #protect(l, ms);

t = s_state[(int) l];
[out + 8*j] = t;
j += 1;
}
ms = #update_msf(!loop_condition, ms);

l = a_jagged_p[(int)j];
l = #protect(l, ms);

j <<= 3;
l <<= 3;

Expand All @@ -208,65 +249,75 @@ inline fn __absorb_avx2(
reg u256[7] state,
reg u64 in inlen,
reg u8 trail_byte,
reg u64 rate
) -> reg u256[7]
reg u64 rate,
#msf reg u64 ms
) -> reg u256[7], #msf reg u64
{
stack u64[28] s_state;
reg ptr u64[25] a_jagged_p;
reg bool loop_condition;

a_jagged_p = KECCAK_A_JAGGED;
s_state = __init_s_state_avx2();

// intermediate blocks
while ( inlen >= rate )
while { loop_condition = (inlen >= rate); } (loop_condition)
{
state, s_state, in, inlen = __add_full_block_avx2(state, s_state, a_jagged_p, in, inlen, rate);
state = __keccakf1600_avx2(state);
ms = #update_msf(loop_condition, ms);

state, s_state, in, inlen, ms = __add_full_block_avx2(state, s_state, a_jagged_p, in, inlen, rate, ms);

state, ms = __keccakf1600_avx2(state, ms);
}
ms = #update_msf(!loop_condition, ms);

// final block
state = __add_final_block_avx2(state, s_state, a_jagged_p, in, inlen, trail_byte, rate);
state, ms = __add_final_block_avx2(state, s_state, a_jagged_p, in, inlen, trail_byte, rate, ms);

return state;
return state, ms;
}


inline fn __squeeze_avx2(reg u256[7] state, reg u64 out outlen rate)
inline fn __squeeze_avx2(reg u256[7] state, reg u64 out outlen rate, #msf reg u64 ms)
{
reg ptr u64[25] a_jagged_p;
reg bool loop_condition;

a_jagged_p = KECCAK_A_JAGGED;

// intermediate blocks
while ( outlen > rate )
while { loop_condition = (outlen > rate); } ( loop_condition )
{
state = __keccakf1600_avx2(state);
out = __xtr_full_block_avx2(state, a_jagged_p, out, rate);
ms = #update_msf(loop_condition, ms);

state, ms = __keccakf1600_avx2(state, ms);
out, ms = __xtr_full_block_avx2(state, a_jagged_p, out, rate, ms);
outlen -= rate;
}
ms = #update_msf(!loop_condition, ms);

state = __keccakf1600_avx2(state);
out = __xtr_bytes_avx2(state, a_jagged_p, out, outlen);
state, ms = __keccakf1600_avx2(state, ms);
out = __xtr_bytes_avx2(state, a_jagged_p, out, outlen, ms);
}


inline fn __keccak1600_avx2(reg u64 out outlen in inlen, reg u8 trail_byte, reg u64 rate)
inline fn __keccak1600_avx2(reg u64 out outlen in inlen, reg u8 trail_byte, reg u64 rate, #msf reg u64 ms)
{
reg u256[7] state;

state = __keccak_init_avx2();

// absorb
state = __absorb_avx2(state, in, inlen, trail_byte, rate);
state, ms = __absorb_avx2(state, in, inlen, trail_byte, rate, ms);

// squeeze
__squeeze_avx2(state, out, outlen, rate);
__squeeze_avx2(state, out, outlen, rate, ms);
}


fn _keccak1600_avx2(reg u64 out outlen in inlen, reg u8 trail_byte, reg u64 rate)
fn _keccak1600_avx2(reg u64 out outlen in inlen, reg u8 trail_byte, reg u64 rate, #msf reg u64 ms)
{
__keccak1600_avx2(out, outlen, in, inlen, trail_byte, rate);
__keccak1600_avx2(out, outlen, in, inlen, trail_byte, rate, ms);
}


Loading

0 comments on commit 8a2adc7

Please sign in to comment.