Skip to main content

SHAKE

bouncycastle_sha3

Struct SHAKE 

Source 
pub struct SHAKE<PARAMS: SHAKEParams> { /* private fields */ }
Expand description

Note: FIPS 202 section 7 states:

“SHAKE128 and SHAKE256 are approved XOFs, whose approved uses will be specified in NIST Special Publications. Although some of those uses may overlap with the uses of approved hash functions, the XOFs are not approved as hash functions, due to the property that is discussed in Sec. A.2.”

Section A.2 describes how SHAKE does not internally diversify its output based on the requested length. For example, the first 32 bytes of SHAKE128(“message”, 64) and SHAKE128(“message”, 128), will be identical and equal to SHAKE128(“message”, 32). Proper hash functions don’t do this, and NIST is concerned that this could lead to application vulnerabilities.

As such, even though SHAKE is physically capable of acting as a hash function, and in fact is secure as such if the provided message includes the requested length, SHAKE does not implement the Hash trait.

Implementations§

Source§

impl<PARAMS: SHAKEParams> SHAKE<PARAMS>

Source

pub fn new() -> Self

Trait Implementations§

Source§

impl<PARAMS: SHAKEParams> Algorithm for SHAKE<PARAMS>

Source§

const ALG_NAME: &'static str = PARAMS::ALG_NAME

Source§

const MAX_SECURITY_STRENGTH: SecurityStrength = PARAMS::MAX_SECURITY_STRENGTH

Source§

impl<PARAMS: Clone + SHAKEParams> Clone for SHAKE<PARAMS>

Source§

fn clone(&self) -> SHAKE<PARAMS>

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<PARAMS: SHAKEParams> Default for SHAKE<PARAMS>

Source§

fn default() -> Self

Returns the “default value” for a type. Read more
Source§

impl<PARAMS: SHAKEParams> KDF for SHAKE<PARAMS>

Source§

fn derive_key( self, key: &impl KeyMaterial, additional_input: &[u8], ) -> Result<Box<dyn KeyMaterial>, KDFError>

Returns a KeyMaterialInternal. For the KDF to be considered “fully-seeded” and be capable of outputting full-entropy KeyMaterials, it requires full-entropy input that is at least 2x the bit size (ie 256 bits for SHAKE128, and 512 bits for SHAKE256). Returns a 32 byte key for SHAKE128 and a 64 byte key for SHAKE256. To produce longer keys, use KDF::derive_key_out. To produce shorter keys, either use KDF::derive_key_out or truncate this result down with KeyMaterialInternal::truncate.

Source§

fn derive_key_from_multiple( self, keys: &[&impl KeyMaterial], additional_input: &[u8], ) -> Result<Box<dyn KeyMaterial>, KDFError>

Always returns a full KeyMaterialInternal; ie that fills the internal buffer of the appropriately-sized key material for the underlying cryptographic hash function. This can be truncated down with KeyMaterialInternal::truncate. Returns a 32 byte key for SHAKE128 and a 64 byte key for SHAKE256. To produce longer keys, use KDF::derive_key_out. To produce shorter keys, either use KDF::derive_key_out or truncate this result down with KeyMaterialInternal::truncate.

Source§

fn derive_key_out( self, key: &impl KeyMaterial, additional_input: &[u8], output_key: &mut impl KeyMaterial, ) -> Result<usize, KDFError>

Same as KDF::derive_key, but fills the provided output KeyMaterialInternal. Read more
Source§

fn derive_key_from_multiple_out( self, keys: &[&impl KeyMaterial], additional_input: &[u8], output_key: &mut impl KeyMaterial, ) -> Result<usize, KDFError>

Same as KDF::derive_key, but fills the provided output KeyMaterialInternal. Read more
Source§

fn max_security_strength(&self) -> SecurityStrength

Returns the maximum security strength that this KDF is capable of supporting, based on the underlying primitives.
Source§

impl<PARAMS: SHAKEParams> XOF for SHAKE<PARAMS>

Source§

fn absorb_last_partial_byte( &mut self, partial_byte: u8, num_partial_bits: usize, ) -> Result<(), HashError>

Switches to squeezing.

Source§

fn squeeze(&mut self, num_bytes: usize) -> Result<Vec<u8>, HashError>

Is infallible.

Source§

fn squeeze_out(&mut self, output: &mut [u8]) -> Result<usize, HashError>

Is infallible.

Source§

fn squeeze_partial_byte_final_out( self, num_bits: usize, output: &mut u8, ) -> Result<(), HashError>

Result is the number of bits squezed into output.

Source§

fn hash_xof(self, data: &[u8], result_len: usize) -> Vec<u8>

A static one-shot API that digests the input data and produces result_len bytes of output.
Source§

fn hash_xof_out(self, data: &[u8], output: &mut [u8]) -> usize

A static one-shot API that digests the input data and produces result_len bytes of output. Fills the provided output slice.
Source§

fn absorb(&mut self, data: &[u8]) -> Result<(), HashError>

Source§

fn squeeze_partial_byte_final(self, num_bits: usize) -> Result<u8, HashError>

Squeezes a partial byte from the XOF. Output will be in the top num_bits bits of the returned u8 (ie Big Endian). This is a final call and consumes self.
Source§

fn max_security_strength(&self) -> SecurityStrength

Returns the maximum security strength that this KDF is capable of supporting, based on the underlying primitives.

Auto Trait Implementations§

§

impl<PARAMS> Freeze for SHAKE<PARAMS>

§

impl<PARAMS> RefUnwindSafe for SHAKE<PARAMS>
where PARAMS: RefUnwindSafe,

§

impl<PARAMS> Send for SHAKE<PARAMS>
where PARAMS: Send,

§

impl<PARAMS> Sync for SHAKE<PARAMS>
where PARAMS: Sync,

§

impl<PARAMS> Unpin for SHAKE<PARAMS>
where PARAMS: Unpin,

§

impl<PARAMS> UnwindSafe for SHAKE<PARAMS>
where PARAMS: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.