md: Add cSHAKE digest algorithm and the implementation.
* src/gcrypt.h.in (gcry_ctl_cmds): Add GCRYCTL_MD_CUSTOMIZE. (gcry_md_algos): Add GCRY_MD_CSHAKE128 and GCRY_MD_CSHAKE256. (struct gcry_cshake_customization): New. * cipher/keccak.c (CSHAKE_DELIMITED_SUFFIX): New. (keccak_init): Support GCRY_MD_CSHAKE128 and GCRY_MD_CSHAKE256. (selftests_keccak): Likewise. (cshake_input_n, cshake_input_s, _gcry_cshake_customize): New. (cshake128_init, cshake256_init, cshake_hash_buffers): New. (_gcry_cshake128_hash_buffers, _gcry_cshake256_hash_buffers): New. (_gcry_digest_spec_cshake128, _gcry_digest_spec_cshake256): New. * cipher/md.c (digest_list): Add cSHAKE md_specs. (digest_list_algo301): Likewise. (md_customize): New. (_gcry_md_ctl): Support GCRYCTL_MD_CUSTOMIZE. * src/cipher.h (_gcry_cshake_customize): New. (_gcry_digest_spec_cshake128, _gcry_digest_spec_cshake256): New. * src/fips.c (_gcry_fips_indicator_md): Support GCRY_MD_CSHAKE128 and GCRY_MD_CSHAKE256. * tests/basic.c (check_one_md): Support GCRY_MD_CSHAKE128 and GCRY_MD_CSHAKE256 as xof. (check_one_md_multi): Exclude GCRY_MD_CSHAKE128 and GCRY_MD_CSHAKE256 as xof. * tests/bench-slope.c (hash_bench, kdf_bench): Exclude GCRY_MD_CSHAKE128 and GCRY_MD_CSHAKE256. * tests/benchmark.c (md_bench): Exclude GCRY_MD_CSHAKE128 and GCRY_MD_CSHAKE256.
- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>