Can't use shake256 as Keccak without casting

[sublimator]

import { Keccak, shake256 } from '@noble/hashes/sha3'

import { PrngFn } from './types'

export function shakePrng(seed: Uint8Array): PrngFn {
  const prng = shake256.create({}) as Keccak
  prng.update(seed)
  return prng.xof.bind(prng)
}

Also a bit strange requiring empty object for the options

[paulmillr]

yeah

also you should probably be using:

import {keccakprg} from '@noble/hashes/sha3-addons';

[paulmillr]

For shakes, dkLen is usually needed.

[sublimator]

I was copying some Go code (privacy pass) which it has to match (which it did)

I did stumble upon the PRG class (after the fact) but I wasn't sure it would produce the same result.

Will check it out.

For some reason the default dkLen seemed to work.

[sublimator]

Ok, so I can't use keccakprg (for this particular purpose anyway) because the KeccakPRG class overrides the finish() method to be a noop, so while I could tinker with the suffix/outputLen post construction(capacity=510) (they are public members) they wouldn't be used anyway.

Was recreating this functionality here: https://github.com/privacypass/challenge-bypass-server/blob/605bfa137c7ef8b3fc2bc94aceb9c77f593079bf/crypto/batch.go#L81C10-L98

[paulmillr]

Yeah, if you're trying to copy something, makes sense to not use prg.

BTW, keccakprg is official PRG from Keccak team.

[sublimator]

// https://keccak.team/files/CSF-0.1.pdf // + https://github.com/XKCP/XKCP/tree/master/lib/high/Keccak/PRG

BTW, keccakprg is official PRG from Keccak team.

Yeah! :)

I'm starting to realize the old version of PP was very prototypical with very strange nesting of base64 encoded json structures.

[paulmillr]

7c33eae