Software APIs
thash_shake_simple.c
1 // Copyright lowRISC contributors (OpenTitan project).
2 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
3 // SPDX-License-Identifier: Apache-2.0
4 //
5 // Derived from code in the SPHINCS+ reference implementation (CC0 license):
6 // https://github.com/sphincs/sphincsplus/blob/ed15dd78658f63288c7492c00260d86154b84637/ref/thash_shake_simple.h
7 
8 #include "sw/device/lib/base/memory.h"
9 #include "sw/device/silicon_creator/lib/drivers/kmac.h"
10 #include "sw/device/silicon_creator/lib/sigverify/sphincsplus/params.h"
11 #include "sw/device/silicon_creator/lib/sigverify/sphincsplus/thash.h"
12 
13 rom_error_t thash(const uint32_t *in, size_t inblocks, const spx_ctx_t *ctx,
14  const spx_addr_t *addr, uint32_t *out) {
15  // Uses the "simple" thash construction (Construction 7 in the SPHINCS+
16  // paper): H(pk_seed, addr, in).
17  HARDENED_RETURN_IF_ERROR(kmac_shake256_start());
18  kmac_shake256_absorb_words(ctx->pub_seed, kSpxNWords);
19  kmac_shake256_absorb_words(addr->addr, ARRAYSIZE(addr->addr));
20  kmac_shake256_absorb_words(in, inblocks * kSpxNWords);
21  kmac_shake256_squeeze_start();
22  return kmac_shake256_squeeze_end(out, kSpxNWords);
23 }
Return to OpenTitan Documentation