Niels Möller nisse@lysator.liu.se writes:
Niels Möller nisse@lysator.liu.se writes:
I'll try to clean up and post or commit some of my changes, I'm sorry that will cause some conflicts.
I've pushed my changes to a branch sha3-shake-updates, does that look reasonable to you? If so, I think the next steps are
Yes, that looks good to me, except _nettle_sha3_shake has a copy-and-paste error where SHA3_256_BLOCK_SIZE is hard-coded.
- Decide what should be renamed sha3_shake256_*
I guess we can live with the existing interface. For SHAKE128, we could only provide sha3_128_init, sha3_128_update, and sha3_128_shake{,_output}, without sha3_128_digest.
- Implement shake128.
I've extracted it from the ML-KEM merge request and put it here: https://git.lysator.liu.se/nettle/nettle/-/merge_requests/63
Not sending via email as it includes a huge test vector.
- Update docs.
I can do that once we settle the interface.
Regards,