Rename sha256 to sha2 and shake256 to shake

.github/workflows/test-ref.yml

@@ -10,8 +10,8 @@ jobs:
     strategy:
       matrix:
         hash:
-          - sha256
-          - shake256
+          - sha2
+          - shake
           - haraka
         size:
           - 128

.github/workflows/test-sha2-avx2.yml

@@ -0,0 +1,33 @@
+name: Tests for sha2-avx2 implementation
+
+on:
+  - push
+  - pull_request
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        size:
+          - 128
+          - 192
+          - 256
+        option:
+          - s
+          - f
+        thash:
+          - simple
+          - robust
+    steps:
+      - uses: actions/checkout@v1
+      - name: Run make
+        run: |
+          make -C sha2-avx2 THASH=${{ matrix.thash }} clean
+          make -C sha2-avx2 THASH=${{ matrix.thash }} PARAMS=sphincs-sha2-${{ matrix.size }}${{ matrix.option }} tests
+          make -C sha2-avx2 THASH=${{ matrix.thash }} PARAMS=sphincs-sha2-${{ matrix.size }}${{ matrix.option }} test
+          make -C sha2-avx2 THASH=${{ matrix.thash }} PARAMS=sphincs-sha2-${{ matrix.size }}${{ matrix.option }} PQCgenKAT_sign
+      - name: Run PQCgenKAT_sign
+        run: python3 vectors.py sphincs-sha2-${{ matrix.size }}${{ matrix.option }}-${{ matrix.thash }} sha2-avx2
+
+#  vim: set ft=yaml ts=2 sw=2 et :

.github/workflows/test-shake-avx2.yml

@@ -0,0 +1,33 @@
+name: Tests for shake-avx2 implementation
+
+on:
+  - push
+  - pull_request
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        size:
+          - 128
+          - 192
+          - 256
+        option:
+          - s
+          - f
+        thash:
+          - simple
+          - robust
+    steps:
+      - uses: actions/checkout@v1
+      - name: Run make
+        run: |
+          make -C shake-avx2 THASH=${{ matrix.thash }} clean
+          make -C shake-avx2 THASH=${{ matrix.thash }} PARAMS=sphincs-shake-${{ matrix.size }}${{ matrix.option }} tests
+          make -C shake-avx2 THASH=${{ matrix.thash }} PARAMS=sphincs-shake-${{ matrix.size }}${{ matrix.option }} test
+          make -C shake-avx2 THASH=${{ matrix.thash }} PARAMS=sphincs-shake-${{ matrix.size }}${{ matrix.option }} PQCgenKAT_sign
+      - name: Run PQCgenKAT_sign
+        run: python3 vectors.py sphincs-shake-${{ matrix.size }}${{ matrix.option }}-${{ matrix.thash }} shake-avx2
+
+#  vim: set ft=yaml ts=2 sw=2 et :

README.md

@@ -9,7 +9,7 @@ This repository contains the software that accompanies the [SPHINCS+ submission]
 
 ### Parameters
 
-The [SPHINCS+ specification](https://sphincs.org/data/sphincs+-specification.pdf) proposed a set of 36 named instances, specifying hash functions and concrete parameters for the security level, tree dimensions, WOTS+ and FORS. This reference implementation allows for more flexibility, as parameters can be specified in a `params.h` file. The proposed parameter sets have been predefined in `ref/params/params-*.h`, and the hash function can be varied by linking with the different implementations of `hash.h`, i.e., `hash_haraka.c`, `hash_sha256.c` and `hash_shake256.c`, as well as different implementations of `thash.h`, i.e., `*_robust.c` and `*_simple.c`. This is demonstrated in the `Makefile`. See the table below for a summary of the parameter sets. These parameters target the NIST security categories 1, 3 and 5; for each category, there is a parameter set geared towards either small signatures or fast signature generation.
+The [SPHINCS+ specification](https://sphincs.org/data/sphincs+-specification.pdf) proposed a set of 36 named instances, specifying hash functions and concrete parameters for the security level, tree dimensions, WOTS+ and FORS. This reference implementation allows for more flexibility, as parameters can be specified in a `params.h` file. The proposed parameter sets have been predefined in `ref/params/params-*.h`, and the hash function can be varied by linking with the different implementations of `hash.h`, i.e., `hash_haraka.c`, `hash_sha2.c` and `hash_shake.c`, as well as different implementations of `thash.h`, i.e., `*_robust.c` and `*_simple.c`. This is demonstrated in the `Makefile`. See the table below for a summary of the parameter sets. These parameters target the NIST security categories 1, 3 and 5; for each category, there is a parameter set geared towards either small signatures or fast signature generation.
 
 |               | n  | h  | d  | log(t) | k  |  w  | bit security | pk bytes | sk bytes | sig bytes |
 | :------------ | -: | -: | -: | -----: | -: | --: | -----------: | -------: | -------: | --------: |

SHA256SUMS

@@ -10,27 +10,27 @@ a838509fa6ec49ade2638efc35d9e29fdb56bd9b843d5e1f48210a2cab218332 sphincs-haraka-
 e1e3258be6b4467bcea81392363f657a58278a5b99fe240f29e388b0fe72f5da sphincs-haraka-256f-simple
 b5c5cc535f03789c25c018c009615ac62ba5b64188e4db5e3ede5513e3704dcc sphincs-haraka-256s-robust
 9428a566a2c2ee03665fc0eb2dbf208deb1b28716dc8c2d5e7c036a9f83d31da sphincs-haraka-256s-simple
-b6c82007bbce794f9fd67de708cd4d959319c744b918ddb28795fd491b713aa9 sphincs-sha256-128f-robust
-708f6ab77f8026361e975f7be7b9b5d1cd8aca56e4a3604c85ef3f9fe6618549 sphincs-sha256-128f-simple
-f4c2f31082fc8ad15419edc4f24c34a83d909f75eb37ea5ffe53df0fb5ef5306 sphincs-sha256-128s-robust
-65942fac8e225fde77dd277d297e68c94c2e25a2a4089f88be4b56fa92b18a84 sphincs-sha256-128s-simple
-b8e617db2099e617dfc372ff732eead88872aea791e2fe82628568d75dd03c78 sphincs-sha256-192f-robust
-84b1a342683bcad658efb6c65f7367c6b30623e74e3a24c2238d19eaf74722ab sphincs-sha256-192f-simple
-50c4b94dc788446077b48af1d8fa0170dc2114b4cb72a19f1d8c7628f9dadfd6 sphincs-sha256-192s-robust
-13efa67b9297afa051b9b30e2686266350c8b4000caa49aa432516e2a86d0b68 sphincs-sha256-192s-simple
-dc3330f8f19c816f45ee9a1127bf2b8a8c900e05df9a964bb760f0adf8f9b1b3 sphincs-sha256-256f-robust
-46e286dc1a20012789c1bf4793a8eb2043dd0c11df729fa36d9f96b0aeffdac6 sphincs-sha256-256f-simple
-1f42b407e1e351861ba23e520b1974f399e349fcb66c614d727a38fb4e646634 sphincs-sha256-256s-robust
-c816ca365a667e4d6564a95ac576bc9d7be0de7e66eff93e6f05dd4f134a183f sphincs-sha256-256s-simple
-4be71430814589ce7c861030c7cdce0aa73f75885b693b41fdb7c34d8f32fa79 sphincs-shake256-128f-robust
-5167df2ce46f33b76ccf0688f7769217d91878bd7d9b431080a3032eba51da10 sphincs-shake256-128f-simple
-fbe6c99d6ccc42fc9af5babbac532f28288d4164b182515dffeb1cd47f351d12 sphincs-shake256-128s-robust
-e7d5caee1941be99b6dfe46a95fc4535a34792f429e61d1cdc7fd3bbafe9ff02 sphincs-shake256-128s-simple
-243d0e25de08fea547b0beae5f778a48bd55e56066435f9cdb9afc60a722699e sphincs-shake256-192f-robust
-f204fd1cd5dce187441d104ae7159b64322b6a4afae708d48dc9966fe418ec4e sphincs-shake256-192f-simple
-cb13eaa2b1c074f53c87f1025e6bb1b356ad8de3bea9388b90a058a6460766bb sphincs-shake256-192s-robust
-4cc01c4a562d738ac54f5abfead35ecc4f46a1e2531fa12b4bc2819f4560c351 sphincs-shake256-192s-simple
-5a736aeba47f8d84e3ca47126715affcb4ce6cef13e3c9f6af220827973aa383 sphincs-shake256-256f-robust
-127f7ab83c740344546fe30777b221e8cb39f30fc4242d07d7608dc31a9835d4 sphincs-shake256-256f-simple
-4d2ca7d10f2206c3cb9a26c6b00a0361601a1fe2dddf102fbfd6d3dac0be10fe sphincs-shake256-256s-robust
-4ce4552e2e9b009a9016eb6dbcbefae3da2de151d61e2f392d4b9517eaeab91d sphincs-shake256-256s-simple
+b6c82007bbce794f9fd67de708cd4d959319c744b918ddb28795fd491b713aa9 sphincs-sha2-128f-robust
+708f6ab77f8026361e975f7be7b9b5d1cd8aca56e4a3604c85ef3f9fe6618549 sphincs-sha2-128f-simple
+f4c2f31082fc8ad15419edc4f24c34a83d909f75eb37ea5ffe53df0fb5ef5306 sphincs-sha2-128s-robust
+65942fac8e225fde77dd277d297e68c94c2e25a2a4089f88be4b56fa92b18a84 sphincs-sha2-128s-simple
+b8e617db2099e617dfc372ff732eead88872aea791e2fe82628568d75dd03c78 sphincs-sha2-192f-robust
+84b1a342683bcad658efb6c65f7367c6b30623e74e3a24c2238d19eaf74722ab sphincs-sha2-192f-simple
+50c4b94dc788446077b48af1d8fa0170dc2114b4cb72a19f1d8c7628f9dadfd6 sphincs-sha2-192s-robust
+13efa67b9297afa051b9b30e2686266350c8b4000caa49aa432516e2a86d0b68 sphincs-sha2-192s-simple
+dc3330f8f19c816f45ee9a1127bf2b8a8c900e05df9a964bb760f0adf8f9b1b3 sphincs-sha2-256f-robust
+46e286dc1a20012789c1bf4793a8eb2043dd0c11df729fa36d9f96b0aeffdac6 sphincs-sha2-256f-simple
+1f42b407e1e351861ba23e520b1974f399e349fcb66c614d727a38fb4e646634 sphincs-sha2-256s-robust
+c816ca365a667e4d6564a95ac576bc9d7be0de7e66eff93e6f05dd4f134a183f sphincs-sha2-256s-simple
+4be71430814589ce7c861030c7cdce0aa73f75885b693b41fdb7c34d8f32fa79 sphincs-shake-128f-robust
+5167df2ce46f33b76ccf0688f7769217d91878bd7d9b431080a3032eba51da10 sphincs-shake-128f-simple
+fbe6c99d6ccc42fc9af5babbac532f28288d4164b182515dffeb1cd47f351d12 sphincs-shake-128s-robust
+e7d5caee1941be99b6dfe46a95fc4535a34792f429e61d1cdc7fd3bbafe9ff02 sphincs-shake-128s-simple
+243d0e25de08fea547b0beae5f778a48bd55e56066435f9cdb9afc60a722699e sphincs-shake-192f-robust
+f204fd1cd5dce187441d104ae7159b64322b6a4afae708d48dc9966fe418ec4e sphincs-shake-192f-simple
+cb13eaa2b1c074f53c87f1025e6bb1b356ad8de3bea9388b90a058a6460766bb sphincs-shake-192s-robust
+4cc01c4a562d738ac54f5abfead35ecc4f46a1e2531fa12b4bc2819f4560c351 sphincs-shake-192s-simple
+5a736aeba47f8d84e3ca47126715affcb4ce6cef13e3c9f6af220827973aa383 sphincs-shake-256f-robust
+127f7ab83c740344546fe30777b221e8cb39f30fc4242d07d7608dc31a9835d4 sphincs-shake-256f-simple
+4d2ca7d10f2206c3cb9a26c6b00a0361601a1fe2dddf102fbfd6d3dac0be10fe sphincs-shake-256s-robust
+4ce4552e2e9b009a9016eb6dbcbefae3da2de151d61e2f392d4b9517eaeab91d sphincs-shake-256s-simple

benchmark.py

@@ -6,10 +6,10 @@
 from subprocess import DEVNULL, run
 
 implementations = [
-                   ('ref', ['shake256', 'sha256', 'haraka']),
+                   ('ref', ['shake', 'sha2', 'haraka']),
                    ('haraka-aesni', ['haraka']),
-                   ('shake256-avx2', ['shake256']),
-                   ('sha256-avx2', ['sha256']),
+                   ('shake-avx2', ['shake']),
+                   ('sha2-avx2', ['sha2']),
                    ]
 
 options = ["f", "s"]

haraka-aesni/fors.c

@@ -1 +1 @@
-../shake256-avx2/fors.c
+../shake-avx2/fors.c

haraka-aesni/hashx4.h

@@ -1 +1 @@
-../shake256-avx2/hashx4.h
+../shake-avx2/hashx4.h

haraka-aesni/merkle.c

@@ -1 +1 @@
-../shake256-avx2/merkle.c
+../shake-avx2/merkle.c

haraka-aesni/thashx4.h

@@ -1 +1 @@
-../shake256-avx2/thashx4.h
+../shake-avx2/thashx4.h

haraka-aesni/utilsx4.c

@@ -1 +1 @@
-../shake256-avx2/utilsx4.c
+../shake-avx2/utilsx4.c

haraka-aesni/utilsx4.h

@@ -1 +1 @@
-../shake256-avx2/utilsx4.h
+../shake-avx2/utilsx4.h

haraka-aesni/wots.c

@@ -1 +1 @@
-../shake256-avx2/wots.c
+../shake-avx2/wots.c

haraka-aesni/wotsx4.h

@@ -1 +1 @@
-../shake256-avx2/wotsx4.h
+../shake-avx2/wotsx4.h

ref/Makefile

@@ -7,17 +7,17 @@ CFLAGS=-Wall -Wextra -Wpedantic -O3 -std=c99 -DPARAMS=$(PARAMS) $(EXTRA_CFLAGS)
 SOURCES =          address.c randombytes.c merkle.c wots.c wotsx1.c utils.c utilsx1.c fors.c sign.c
 HEADERS = params.h address.h randombytes.h merkle.h wots.h wotsx1.h utils.h utilsx1.h fors.h api.h  hash.h thash.h
 
-ifneq (,$(findstring shake256,$(PARAMS)))
-	SOURCES += fips202.c hash_shake256.c thash_shake256_$(THASH).c
+ifneq (,$(findstring shake,$(PARAMS)))
+	SOURCES += fips202.c hash_shake.c thash_shake_$(THASH).c
 	HEADERS += fips202.h
 endif
 ifneq (,$(findstring haraka,$(PARAMS)))
 	SOURCES += haraka.c hash_haraka.c thash_haraka_$(THASH).c
 	HEADERS += haraka.h
 endif
-ifneq (,$(findstring sha256,$(PARAMS)))
-	SOURCES += sha256.c hash_sha256.c thash_sha256_$(THASH).c
-	HEADERS += sha256.h
+ifneq (,$(findstring sha2,$(PARAMS)))
+	SOURCES += sha2.c hash_sha2.c thash_sha2_$(THASH).c
+	HEADERS += sha2.h
 endif
 
 DET_SOURCES = $(SOURCES:randombytes.%=rng.%)

ref/context.h

@@ -9,7 +9,7 @@ typedef struct {
     uint8_t pub_seed[SPX_N];
     uint8_t sk_seed[SPX_N];
 
-#ifdef SPX_SHA256
+#ifdef SPX_SHA2
     // sha256 state that absorbed pub_seed
     uint8_t state_seeded[40];
 

ref/hash_sha256.c → ref/hash_sha2.c

@@ -5,7 +5,7 @@
 #include "utils.h"
 #include "params.h"
 #include "hash.h"
-#include "sha256.h"
+#include "sha2.h"
 
 #if SPX_N >= 24
 #define SPX_SHAX_OUTPUT_BYTES SPX_SHA512_OUTPUT_BYTES

ref/params/params-sphincs-sha256-128f.h → ref/params/params-sphincs-sha2-128f.h

@@ -78,6 +78,6 @@
 #define SPX_PK_BYTES (2 * SPX_N)
 #define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
 
-#include "../sha256_offsets.h"
+#include "../sha2_offsets.h"
 
 #endif

ref/params/params-sphincs-sha256-128s.h → ref/params/params-sphincs-sha2-128s.h

@@ -78,6 +78,6 @@
 #define SPX_PK_BYTES (2 * SPX_N)
 #define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
 
-#include "../sha256_offsets.h"
+#include "../sha2_offsets.h"
 
 #endif

ref/params/params-sphincs-sha256-192f.h → ref/params/params-sphincs-sha2-192f.h

@@ -78,6 +78,6 @@
 #define SPX_PK_BYTES (2 * SPX_N)
 #define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
 
-#include "../sha256_offsets.h"
+#include "../sha2_offsets.h"
 
 #endif

ref/params/params-sphincs-sha256-192s.h → ref/params/params-sphincs-sha2-192s.h

@@ -78,6 +78,6 @@
 #define SPX_PK_BYTES (2 * SPX_N)
 #define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
 
-#include "../sha256_offsets.h"
+#include "../sha2_offsets.h"
 
 #endif

ref/params/params-sphincs-sha256-256f.h → ref/params/params-sphincs-sha2-256f.h

@@ -78,6 +78,6 @@
 #define SPX_PK_BYTES (2 * SPX_N)
 #define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
 
-#include "../sha256_offsets.h"
+#include "../sha2_offsets.h"
 
 #endif

ref/params/params-sphincs-sha256-256s.h → ref/params/params-sphincs-sha2-256s.h

@@ -78,6 +78,6 @@
 #define SPX_PK_BYTES (2 * SPX_N)
 #define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
 
-#include "../sha256_offsets.h"
+#include "../sha2_offsets.h"
 
 #endif

ref/params/params-sphincs-shake256-128f.h → ref/params/params-sphincs-shake-128f.h

@@ -73,6 +73,6 @@
 #define SPX_PK_BYTES (2 * SPX_N)
 #define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
 
-#include "../shake256_offsets.h"
+#include "../shake_offsets.h"
 
 #endif

ref/params/params-sphincs-shake256-128s.h → ref/params/params-sphincs-shake-128s.h

@@ -73,6 +73,6 @@
 #define SPX_PK_BYTES (2 * SPX_N)
 #define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
 
-#include "../shake256_offsets.h"
+#include "../shake_offsets.h"
 
 #endif

ref/params/params-sphincs-shake256-192f.h → ref/params/params-sphincs-shake-192f.h

@@ -73,6 +73,6 @@
 #define SPX_PK_BYTES (2 * SPX_N)
 #define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
 
-#include "../shake256_offsets.h"
+#include "../shake_offsets.h"
 
 #endif

ref/params/params-sphincs-shake256-192s.h → ref/params/params-sphincs-shake-192s.h

@@ -73,6 +73,6 @@
 #define SPX_PK_BYTES (2 * SPX_N)
 #define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
 
-#include "../shake256_offsets.h"
+#include "../shake_offsets.h"
 
 #endif

ref/params/params-sphincs-shake256-256f.h → ref/params/params-sphincs-shake-256f.h

@@ -73,6 +73,6 @@
 #define SPX_PK_BYTES (2 * SPX_N)
 #define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
 
-#include "../shake256_offsets.h"
+#include "../shake_offsets.h"
 
 #endif

ref/params/params-sphincs-shake256-256s.h → ref/params/params-sphincs-shake-256s.h

@@ -73,6 +73,6 @@
 #define SPX_PK_BYTES (2 * SPX_N)
 #define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
 
-#include "../shake256_offsets.h"
+#include "../shake_offsets.h"
 
 #endif