Merge pull request #26005 from jedisct1/kt128r

Add std.crypto.hash.sha3.{KT128,KT256} - RFC 9861. (#25593)
std.Progress: Terminate progress escape codes with ST not BEL
2025-12-06 06:13:07 +00:00 · 2025-11-26 17:24:13 +01:00 · 2025-11-26 14:16:08 +01:00 · 2025-11-26 11:30:03 +01:00 · 2025-11-26 10:08:09 +01:00 · 2025-11-26 10:08:09 +01:00
5 changed files with 2212 additions and 7 deletions
--- a/lib/std/Progress.zig
+++ b/lib/std/Progress.zig
@ -698,13 +698,13 @@ const save = "\x1b7";
 const restore = "\x1b8";
 const finish_sync = "\x1b[?2026l";

-const progress_remove = "\x1b]9;4;0\x07";
-const @"progress_normal {d}" = "\x1b]9;4;1;{d}\x07";
-const @"progress_error {d}" = "\x1b]9;4;2;{d}\x07";
-const progress_pulsing = "\x1b]9;4;3\x07";
-const progress_pulsing_error = "\x1b]9;4;2\x07";
-const progress_normal_100 = "\x1b]9;4;1;100\x07";
-const progress_error_100 = "\x1b]9;4;2;100\x07";
+const progress_remove = "\x1b]9;4;0\x1b\\";
+const @"progress_normal {d}" = "\x1b]9;4;1;{d}\x1b\\";
+const @"progress_error {d}" = "\x1b]9;4;2;{d}\x1b\\";
+const progress_pulsing = "\x1b]9;4;3\x1b\\";
+const progress_pulsing_error = "\x1b]9;4;2\x1b\\";
+const progress_normal_100 = "\x1b]9;4;1;100\x1b\\";
+const progress_error_100 = "\x1b]9;4;2;100\x1b\\";

 const TreeSymbol = enum {
    /// ├─
--- a/lib/std/crypto/benchmark.zig
+++ b/lib/std/crypto/benchmark.zig
@ -30,6 +30,7 @@ const hashes = [_]Crypto{
    Crypto{ .ty = crypto.hash.sha3.Shake256, .name = "shake-256" },
    Crypto{ .ty = crypto.hash.sha3.TurboShake128(null), .name = "turboshake-128" },
    Crypto{ .ty = crypto.hash.sha3.TurboShake256(null), .name = "turboshake-256" },
+    Crypto{ .ty = crypto.hash.sha3.KT128, .name = "kt128" },
    Crypto{ .ty = crypto.hash.blake2.Blake2s256, .name = "blake2s" },
    Crypto{ .ty = crypto.hash.blake2.Blake2b512, .name = "blake2b" },
    Crypto{ .ty = crypto.hash.Blake3, .name = "blake3" },
@ -37,6 +38,7 @@ const hashes = [_]Crypto{

 const parallel_hashes = [_]Crypto{
    Crypto{ .ty = crypto.hash.Blake3, .name = "blake3-parallel" },
+    Crypto{ .ty = crypto.hash.sha3.KT128, .name = "kt128-parallel" },
 };

 const block_size: usize = 8 * 8192;
--- a/lib/std/crypto/kangarootwelve.zig
+++ b/lib/std/crypto/kangarootwelve.zig
--- a/lib/std/crypto/sha3.zig
+++ b/lib/std/crypto/sha3.zig
@ -4,6 +4,8 @@ const assert = std.debug.assert;
 const math = std.math;
 const mem = std.mem;

+const kangarootwelve = @import("kangarootwelve.zig");
+
 const KeccakState = std.crypto.core.keccak.State;

 pub const Sha3_224 = Keccak(1600, 224, 0x06, 24);
@ -26,6 +28,9 @@ pub const KMac256 = KMac(256);
 pub const TupleHash128 = TupleHash(128);
 pub const TupleHash256 = TupleHash(256);

+pub const KT128 = kangarootwelve.KT128;
+pub const KT256 = kangarootwelve.KT256;
+
 /// TurboSHAKE128 is a XOF (a secure hash function with a variable output length), with a 128 bit security level.
 /// It is based on the same permutation as SHA3 and SHAKE128, but which much higher performance.
 /// The delimiter is 0x1f by default, but can be changed for context-separation.
@ -481,6 +486,10 @@ pub const NistLengthEncoding = enum {

 const htest = @import("test.zig");

+test {
+    _ = kangarootwelve;
+}
+
 test "sha3-224 single" {
    try htest.assertEqualHash(Sha3_224, "6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7", "");
    try htest.assertEqualHash(Sha3_224, "e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf", "abc");
--- a/lib/std/elf.zig
+++ b/lib/std/elf.zig
@ -768,6 +768,21 @@ pub const Header = struct {
        };
    }

+    pub fn iterateDynamicSectionBuffer(
+        h: *const Header,
+        buf: []const u8,
+        offset: u64,
+        size: u64,
+    ) DynamicSectionBufferIterator {
+        return .{
+            .is_64 = h.is_64,
+            .endian = h.endian,
+            .offset = offset,
+            .end_offset = offset + size,
+            .buf = buf,
+        };
+    }
+
    pub const ReadError = Io.Reader.Error || error{
        InvalidElfMagic,
        InvalidElfVersion,
@ -963,6 +978,23 @@ pub const DynamicSectionIterator = struct {
    }
 };

+pub const DynamicSectionBufferIterator = struct {
+    is_64: bool,
+    endian: Endian,
+    offset: u64,
+    end_offset: u64,
+
+    buf: []const u8,
+
+    pub fn next(it: *DynamicSectionBufferIterator) !?Elf64_Dyn {
+        if (it.offset >= it.end_offset) return null;
+        const size: u64 = if (it.is_64) @sizeOf(Elf64_Dyn) else @sizeOf(Elf32_Dyn);
+        defer it.offset += size;
+        var reader: std.Io.Reader = .fixed(it.buf[it.offset..]);
+        return try takeDynamicSection(&reader, it.is_64, it.endian);
+    }
+};
+
 pub fn takeDynamicSection(reader: *Io.Reader, is_64: bool, endian: Endian) !Elf64_Dyn {
    if (is_64) {
        const dyn = try reader.takeStruct(Elf64_Dyn, endian);
Author	SHA1	Message	Date
Alex Rønne Petersen	2e328beaa5	Merge pull request #26005 from jedisct1/kt128r Add std.crypto.hash.sha3.{KT128,KT256} - RFC 9861. (#25593)	2025-11-26 17:24:13 +01:00
Jay Petacat	b6e1a100b8	std.Progress: Terminate progress escape codes with `ST` not `BEL` `ST` is the "string terminator" and what is actually prescribed in the standard for escape codes. Use of `BEL` as a terminator is apparently a historical oddity that persists for compatibility. Unfortunately, not all terminals support using `BEL`, including Ubuntu's new default terminal, Ptyxis. Using `ST` should make it work in more terminals. Further reading: - https://en.wikipedia.org/wiki/ANSI_escape_code#Operating_System_Command_sequences - https://ecma-international.org/wp-content/uploads/ECMA-48_5th_edition_june_1991.pdf	2025-11-26 14:16:08 +01:00
Giuseppe Cesarano	0b5b35c696	std.elf implemented DynamicSectionBufferIterator	2025-11-26 11:30:03 +01:00
Frank Denis	846082fdf2	std.crypto.kt128: add support for threads Allow KT128 and KT256 to use multiple threads to quickly process very large inputs.	2025-11-26 10:08:09 +01:00
Frank Denis	9ede8ee135	Add std.crypto.hash.sha3.{KT128,KT256} - RFC 9861. (#25593 ) KangarooTwelve is a family of two fast and secure extendable-output functions (XOFs): KT128 and KT256. These functions generalize traditional hash functions by allowing arbitrary output lengths. KangarooTwelve was designed by SHA-3 authors. It aims to deliver higher performance than the SHA-3 and SHAKE functions defined in FIPS 202, while preserving their flexibility and core security principles. On high-end platforms, it can take advantage of parallelism, whether through multiple CPU cores or SIMD instructions. As modern SHA-3 constructions, KT128 and KT256 can serve as general-purpose hash functions and can be used, for example, in key-derivation, and with arbitrarily large inputs. RFC9861: https://datatracker.ietf.org/doc/rfc9861/	2025-11-26 10:08:09 +01:00