Support Pre-NIST Keccak256 Digest

[heri16]

Is there support for LegacyKeccak256 as implemented by Ethereum?

Golang stdlib has it: https://pkg.go.dev/golang.org/x/crypto/sha3#NewLegacyKeccak256

If no, what would be a good PR to make it work?

https://github.com/potatosalad/erlang-libdecaf/blob/ef040752a02e32d90aa0639a5e9a02406b8d634c/c_deps/ed448goldilocks/src/include/keccak_internal.h#L27-L29

https://github.com/potatosalad/erlang-libdecaf/blob/ef040752a02e32d90aa0639a5e9a02406b8d634c/c_deps/ed448goldilocks/src/shake.c#L213-L215

Defined here: https://github.com/potatosalad/erlang-libdecaf/blob/ef040752a02e32d90aa0639a5e9a02406b8d634c/c_deps/ed448goldilocks/src/public_include/decaf/shake.h#L272

https://github.com/potatosalad/erlang-libdecaf/blob/ef040752a02e32d90aa0639a5e9a02406b8d634c/c_deps/ed448goldilocks/src/shake.c#L236

[heri16]

The Minor Difference: https://ethereum.stackexchange.com/a/554 (Slight difference in the padding)

SHA3 visualized: https://codesigningstore.com/hash-algorithm-comparison

We can see it's just changing the pad from 0x06 to 0x01:

• Elixir

  • https://github.com/dominicletz/exsha3/blob/17b964f4f46e87964fd34371fcd0a061aca5077f/lib/ex_sha3.ex#L224
  • https://github.com/dominicletz/exsha3/blob/17b964f4f46e87964fd34371fcd0a061aca5077f/lib/ex_sha3.ex#L234

• Go

  • https://cs.opensource.google/go/x/crypto/+/05595931:sha3/hashes.go;l=32
  • https://cs.opensource.google/go/x/crypto/+/05595931:sha3/hashes.go;l=59

rate_pad is the same at 0x80.

[heri16]

Available in OpenSSL

https://github.com/openssl/openssl/issues/13033#issuecomment-925456698

https://github.com/openssl/openssl/commit/524f12611040de64cda13dd148ad1b8ca559c730

List of supported algo: https://www.openssl.org/docs/manmaster/man7/EVP_MD-KECCAK.html

[ukazap]

Kindly review #15 which addresses this issue.

[potatosalad]

@heri16 This is supported now in libdecaf 2.1.0, see this section of the README for example usage.