From: Niels Möller <nisse@lysator.liu.se>
Date: Sun, 31 Mar 2024 05:43:05 +0000 (+0200)
Subject: Merge branch 'sha3-shake-updates'
X-Git-Tag: nettle_3.10rc1~19
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3ef49f207b350756b9998cdc2911044380f7504a;p=thirdparty%2Fnettle.git

Merge branch 'sha3-shake-updates'
---

3ef49f207b350756b9998cdc2911044380f7504a
diff --cc ChangeLog
index c623daec,d7e89abf..4b5679d6
--- a/ChangeLog
+++ b/ChangeLog
@@@ -1,26 -1,34 +1,57 @@@
 +2024-03-29  Niels Möller  <nisse@lysator.liu.se>
 +
 +	* bswap-internal.h (nettle_bswap32_n): New inline function.
 +	(bswap32_n_if_le): New macro, to reduce code duplication.
 +	* blowfish-bcrypt.c (bswap32_if_le_n): Deleted, usage replaced
 +	with shared bswap32_n_if_le.
 +	* umac-set-key.c (bswap32_if_le_n): Likewise.
 +
 +2024-03-28  Niels Möller  <nisse@lysator.liu.se>
 +
 +	* sha512-224-meta.c (nettle_sha512_224): Change name to
 +	"sha512_224", with underscore rather than dash.
 +	* sha512-256-meta.c (nettle_sha512_256): Analogous change.
 +	* nettle-meta-hashes.c (_nettle_hashes): Add nettle_sha512_224 and
 +	nettle_sha512_256.
 +	* testsuite/meta-hash-test.c: Update test.
 +
 +2024-03-24  Niels Möller  <nisse@lysator.liu.se>
 +
 +	* testsuite/gcm-test.c (test_main): Add a test case that triggers
 +	32-bit counter wraparound for gcm_aes256, and a larger 719 byte
 +	message.
 +
+ 2024-03-28  Niels Möller  <nisse@lysator.liu.se>
+ 
+ 	From Daiki Ueno:
+ 	* shake128.c (sha3_128_init, sha3_128_update, sha3_128_shake)
+ 	(sha3_128_shake_output): New file, new functions.
+ 	* testsuite/shake128-test.c: New testcases.
+ 	* Makefile.in (nettle_SOURCES): Add shake128.c.
+ 	* testsuite/Makefile.in (TS_NETTLE_SOURCES): Add shake128-test.c.
+ 
+ 2024-03-24  Niels Möller  <nisse@lysator.liu.se>
+ 
+ 	* sha3-shake.c (_nettle_sha3_shake, _nettle_sha3_shake_output):
+ 	New file, new functions. Generalizations of sha3_256_shake and
+ 	sha3_256_shake_output, respectively.
+ 	(_nettle_sha3_shake_output): Use one's complement of index,
+ 	instead of just setting high bit.
+ 
+ 	* shake256.c (sha3_256_shake, sha3_256_shake_output): Implement in
+ 	terms of calls to the new functions.
+ 	* Makefile.in (nettle_SOURCES): Add sha3-shake.c.
+ 
+ 	* sha3.c (_nettle_sha3_update): Use MD_FILL_OR_RETURN_INDEX.
+ 	(sha3_xor_block): New function, taken out from sha3_absorb.
+ 	(_nettle_sha3_pad): Call sha3_xor_block, not sha3_absorb.
+ 	* sha3-internal.h (_sha3_pad_shake): By above change, no longer
+ 	implies sha3_permute.
+ 	(_sha3_pad_hash): Update, to still include a
+ 	call to sha3_permute.
+ 	* shake256.c (sha3_256_shake, sha3_256_shake_output): Update to
+ 	call sha3_permute before generating output.
+ 
  2024-03-20  Niels Möller  <nisse@lysator.liu.se>
  
  	* testsuite/gcm-test.c (test_main): Add a test case that triggers