mirrors/zig
1
0
Fork 0
mirror of https://codeberg.org/ziglang/zig.git synced 2025-12-06 05:44:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add std.crypto.hash.sha3.{KT128,KT256} - RFC 9861. (#25593)

Browse source 
KangarooTwelve is a family of two fast and secure extendable-output
functions (XOFs): KT128 and KT256. These functions generalize
traditional hash functions by allowing arbitrary output lengths.

KangarooTwelve was designed by SHA-3 authors. It aims to deliver
higher performance than the SHA-3 and SHAKE functions defined in
FIPS 202, while preserving their flexibility and core security
principles.

On high-end platforms, it can take advantage of parallelism,
whether through multiple CPU cores or SIMD instructions.

As modern SHA-3 constructions, KT128 and KT256 can serve as
general-purpose hash functions and can be used, for example, in
key-derivation, and with arbitrarily large inputs.

RFC9861: https://datatracker.ietf.org/doc/rfc9861/
This commit is contained in:
Frank Denis 2025-11-26 12:07:09 +01:00
parent e23af9d31d
commit 9ede8ee135
3 changed files with 1658 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/std/crypto/benchmark.zig
View file

@ -30,6 +30,7 @@ const hashes = [_]Crypto{
Crypto{ .ty = crypto.hash.sha3.Shake256, .name = "shake-256" },
Crypto{ .ty = crypto.hash.sha3.TurboShake128(null), .name = "turboshake-128" },
Crypto{ .ty = crypto.hash.sha3.TurboShake256(null), .name = "turboshake-256" },
Crypto{ .ty = crypto.hash.sha3.KT128, .name = "kt128" },
Crypto{ .ty = crypto.hash.blake2.Blake2s256, .name = "blake2s" },
Crypto{ .ty = crypto.hash.blake2.Blake2b512, .name = "blake2b" },
Crypto{ .ty = crypto.hash.Blake3, .name = "blake3" },
@ -37,6 +38,7 @@ const hashes = [_]Crypto{
const parallel_hashes = [_]Crypto{
Crypto{ .ty = crypto.hash.Blake3, .name = "blake3-parallel" },
Crypto{ .ty = crypto.hash.sha3.KT128, .name = "kt128-parallel" },
};
const block_size: usize = 8 * 8192;

1647
lib/std/crypto/kangarootwelve.zig Normal file
View file

File diff suppressed because it is too large Load diff

9
lib/std/crypto/sha3.zig
View file

@ -4,6 +4,8 @@ const assert = std.debug.assert;
const math = std.math;
const mem = std.mem;
const kangarootwelve = @import("kangarootwelve.zig");
const KeccakState = std.crypto.core.keccak.State;
pub const Sha3_224 = Keccak(1600, 224, 0x06, 24);
@ -26,6 +28,9 @@ pub const KMac256 = KMac(256);
pub const TupleHash128 = TupleHash(128);
pub const TupleHash256 = TupleHash(256);
pub const KT128 = kangarootwelve.KT128;
pub const KT256 = kangarootwelve.KT256;
/// TurboSHAKE128 is a XOF (a secure hash function with a variable output length), with a 128 bit security level.
/// It is based on the same permutation as SHA3 and SHAKE128, but which much higher performance.
/// The delimiter is 0x1f by default, but can be changed for context-separation.
@ -481,6 +486,10 @@ pub const NistLengthEncoding = enum {
const htest = @import("test.zig");
test {
_ = kangarootwelve;
}
test "sha3-224 single" {
try htest.assertEqualHash(Sha3_224, "6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7", "");
try htest.assertEqualHash(Sha3_224, "e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf", "abc");