xref: /freebsd/contrib/unbound/util/siphash.c (revision 4f8f43b06ed07e96a250855488cc531799d5b78f) 
1 /*
2    SipHash reference C implementation
3 
4    Copyright (c) 2012-2016 Jean-Philippe Aumasson
5    <jeanphilippe.aumasson@gmail.com>
6    Copyright (c) 2012-2014 Daniel J. Bernstein <djb@cr.yp.to>
7 
8    To the extent possible under law, the author(s) have dedicated all copyright
9    and related and neighboring rights to this software to the public domain
10    worldwide. This software is distributed without any warranty.
11 
12    You should have received a copy of the CC0 Public Domain Dedication along
13    with
14    this software. If not, see
15    <http://creativecommons.org/publicdomain/zero/1.0/>.
16  */
17 /**
18  * Edited slightly for integration in Unbound. Edits are noted with 'EDIT'.
19  */
20 /** EDIT
21  * \#include <assert.h>
22  * \#include <stdint.h>
23  * \#include <stdio.h>
24  * \#include <string.h>
25  * Replaced the above includes with Unbound's config.h
26  */
27 #include "config.h"
28 
29 /* default: SipHash-2-4 */
30 #define cROUNDS 2
31 #define dROUNDS 4
32 
33 #define ROTL(x, b) (uint64_t)(((x) << (b)) | ((x) >> (64 - (b))))
34 
35 #define U32TO8_LE(p, v)                                                        \
36     (p)[0] = (uint8_t)((v));                                                   \
37     (p)[1] = (uint8_t)((v) >> 8);                                              \
38     (p)[2] = (uint8_t)((v) >> 16);                                             \
39     (p)[3] = (uint8_t)((v) >> 24);
40 
41 #define U64TO8_LE(p, v)                                                        \
42     U32TO8_LE((p), (uint32_t)((v)));                                           \
43     U32TO8_LE((p) + 4, (uint32_t)((v) >> 32));
44 
45 #define U8TO64_LE(p)                                                           \
46     (((uint64_t)((p)[0])) | ((uint64_t)((p)[1]) << 8) |                        \
47      ((uint64_t)((p)[2]) << 16) | ((uint64_t)((p)[3]) << 24) |                 \
48      ((uint64_t)((p)[4]) << 32) | ((uint64_t)((p)[5]) << 40) |                 \
49      ((uint64_t)((p)[6]) << 48) | ((uint64_t)((p)[7]) << 56))
50 
51 #define SIPROUND                                                               \
52     do {                                                                       \
53         v0 += v1;                                                              \
54         v1 = ROTL(v1, 13);                                                     \
55         v1 ^= v0;                                                              \
56         v0 = ROTL(v0, 32);                                                     \
57         v2 += v3;                                                              \
58         v3 = ROTL(v3, 16);                                                     \
59         v3 ^= v2;                                                              \
60         v0 += v3;                                                              \
61         v3 = ROTL(v3, 21);                                                     \
62         v3 ^= v0;                                                              \
63         v2 += v1;                                                              \
64         v1 = ROTL(v1, 17);                                                     \
65         v1 ^= v2;                                                              \
66         v2 = ROTL(v2, 32);                                                     \
67     } while (0)
68 
69 #ifdef DEBUG
70 #define TRACE                                                                  \
71     do {                                                                       \
72         printf("(%3d) v0 %08x %08x\n", (int)inlen, (uint32_t)(v0 >> 32),       \
73                (uint32_t)v0);                                                  \
74         printf("(%3d) v1 %08x %08x\n", (int)inlen, (uint32_t)(v1 >> 32),       \
75                (uint32_t)v1);                                                  \
76         printf("(%3d) v2 %08x %08x\n", (int)inlen, (uint32_t)(v2 >> 32),       \
77                (uint32_t)v2);                                                  \
78         printf("(%3d) v3 %08x %08x\n", (int)inlen, (uint32_t)(v3 >> 32),       \
79                (uint32_t)v3);                                                  \
80     } while (0)
81 #else
82 #define TRACE
83 #endif
84 
85 int siphash(const uint8_t *in, const size_t inlen, const uint8_t *k,
86             uint8_t *out, const size_t outlen) {
87 
88     uint64_t v0 = 0x736f6d6570736575ULL;
89     uint64_t v1 = 0x646f72616e646f6dULL;
90     uint64_t v2 = 0x6c7967656e657261ULL;
91     uint64_t v3 = 0x7465646279746573ULL;
92     uint64_t k0 = U8TO64_LE(k);
93     uint64_t k1 = U8TO64_LE(k + 8);
94     uint64_t m;
95     int i;
96     const uint8_t *end = in + inlen - (inlen % sizeof(uint64_t));
97     const int left = inlen & 7;
98     uint64_t b = ((uint64_t)inlen) << 56;
99     /** EDIT
100      * The following assert moved here from the top for C90 compliance.
101      */
102     assert((outlen == 8) || (outlen == 16));
103     v3 ^= k1;
104     v2 ^= k0;
105     v1 ^= k1;
106     v0 ^= k0;
107 
108     if (outlen == 16)
109         v1 ^= 0xee;
110 
111     for (; in != end; in += 8) {
112         m = U8TO64_LE(in);
113         v3 ^= m;
114 
115         TRACE;
116         for (i = 0; i < cROUNDS; ++i)
117             SIPROUND;
118 
119         v0 ^= m;
120     }
121 
122     switch (left) {
123     case 7:
124         b |= ((uint64_t)in[6]) << 48;
125         /** EDIT annotate case statement fallthrough for gcc */
126         /* fallthrough */
127     case 6:
128         b |= ((uint64_t)in[5]) << 40;
129         /** EDIT annotate case statement fallthrough for gcc */
130         /* fallthrough */
131     case 5:
132         b |= ((uint64_t)in[4]) << 32;
133         /** EDIT annotate case statement fallthrough for gcc */
134         /* fallthrough */
135     case 4:
136         b |= ((uint64_t)in[3]) << 24;
137         /** EDIT annotate case statement fallthrough for gcc */
138         /* fallthrough */
139     case 3:
140         b |= ((uint64_t)in[2]) << 16;
141         /** EDIT annotate case statement fallthrough for gcc */
142         /* fallthrough */
143     case 2:
144         b |= ((uint64_t)in[1]) << 8;
145         /** EDIT annotate case statement fallthrough for gcc */
146         /* fallthrough */
147     case 1:
148         b |= ((uint64_t)in[0]);
149         break;
150     case 0:
151         break;
152     }
153 
154     v3 ^= b;
155 
156     TRACE;
157     for (i = 0; i < cROUNDS; ++i)
158         SIPROUND;
159 
160     v0 ^= b;
161 
162     if (outlen == 16)
163         v2 ^= 0xee;
164     else
165         v2 ^= 0xff;
166 
167     TRACE;
168     for (i = 0; i < dROUNDS; ++i)
169         SIPROUND;
170 
171     b = v0 ^ v1 ^ v2 ^ v3;
172     U64TO8_LE(out, b);
173 
174     if (outlen == 8)
175         return 0;
176 
177     v1 ^= 0xdd;
178 
179     TRACE;
180     for (i = 0; i < dROUNDS; ++i)
181         SIPROUND;
182 
183     b = v0 ^ v1 ^ v2 ^ v3;
184     U64TO8_LE(out + 8, b);
185 
186     return 0;
187 }
188