xref: /freebsd/contrib/unbound/util/siphash.c (revision 7937bfbc0ca53fe7cdd0d54414f9296e273a518e) 
1 /*
2    SipHash reference C implementation
3 
4    Copyright (c) 2012-2016 Jean-Philippe Aumasson
5    <jeanphilippe.aumasson@gmail.com>
6    Copyright (c) 2012-2014 Daniel J. Bernstein <djb@cr.yp.to>
7 
8    To the extent possible under law, the author(s) have dedicated all copyright
9    and related and neighboring rights to this software to the public domain
10    worldwide. This software is distributed without any warranty.
11 
12    You should have received a copy of the CC0 Public Domain Dedication along
13    with
14    this software. If not, see
15    <http://creativecommons.org/publicdomain/zero/1.0/>.
16  */
17 /**
18  * Edited slightly for integration in Unbound. Edits are noted with 'EDIT'.
19  */
20 /** EDIT
21  * \#include <assert.h>
22  * \#include <stdint.h>
23  * \#include <stdio.h>
24  * \#include <string.h>
25  * Replaced the above includes with Unbound's config.h
26  */
27 #include "config.h"
28 
29 /** EDIT
30   * prevent warning from -Wmissing-prototypes
31   */
32 #include "util/siphash.h"
33 
34 /* default: SipHash-2-4 */
35 #define cROUNDS 2
36 #define dROUNDS 4
37 
38 #define ROTL(x, b) (uint64_t)(((x) << (b)) | ((x) >> (64 - (b))))
39 
40 #define U32TO8_LE(p, v)                                                        \
41     (p)[0] = (uint8_t)((v));                                                   \
42     (p)[1] = (uint8_t)((v) >> 8);                                              \
43     (p)[2] = (uint8_t)((v) >> 16);                                             \
44     (p)[3] = (uint8_t)((v) >> 24);
45 
46 #define U64TO8_LE(p, v)                                                        \
47     U32TO8_LE((p), (uint32_t)((v)));                                           \
48     U32TO8_LE((p) + 4, (uint32_t)((v) >> 32));
49 
50 #define U8TO64_LE(p)                                                           \
51     (((uint64_t)((p)[0])) | ((uint64_t)((p)[1]) << 8) |                        \
52      ((uint64_t)((p)[2]) << 16) | ((uint64_t)((p)[3]) << 24) |                 \
53      ((uint64_t)((p)[4]) << 32) | ((uint64_t)((p)[5]) << 40) |                 \
54      ((uint64_t)((p)[6]) << 48) | ((uint64_t)((p)[7]) << 56))
55 
56 #define SIPROUND                                                               \
57     do {                                                                       \
58         v0 += v1;                                                              \
59         v1 = ROTL(v1, 13);                                                     \
60         v1 ^= v0;                                                              \
61         v0 = ROTL(v0, 32);                                                     \
62         v2 += v3;                                                              \
63         v3 = ROTL(v3, 16);                                                     \
64         v3 ^= v2;                                                              \
65         v0 += v3;                                                              \
66         v3 = ROTL(v3, 21);                                                     \
67         v3 ^= v0;                                                              \
68         v2 += v1;                                                              \
69         v1 = ROTL(v1, 17);                                                     \
70         v1 ^= v2;                                                              \
71         v2 = ROTL(v2, 32);                                                     \
72     } while (0)
73 
74 #ifdef DEBUG
75 #define TRACE                                                                  \
76     do {                                                                       \
77         printf("(%3d) v0 %08x %08x\n", (int)inlen, (uint32_t)(v0 >> 32),       \
78                (uint32_t)v0);                                                  \
79         printf("(%3d) v1 %08x %08x\n", (int)inlen, (uint32_t)(v1 >> 32),       \
80                (uint32_t)v1);                                                  \
81         printf("(%3d) v2 %08x %08x\n", (int)inlen, (uint32_t)(v2 >> 32),       \
82                (uint32_t)v2);                                                  \
83         printf("(%3d) v3 %08x %08x\n", (int)inlen, (uint32_t)(v3 >> 32),       \
84                (uint32_t)v3);                                                  \
85     } while (0)
86 #else
87 #define TRACE
88 #endif
89 
90 int siphash(const uint8_t *in, const size_t inlen, const uint8_t *k,
91             uint8_t *out, const size_t outlen) {
92 
93     uint64_t v0 = 0x736f6d6570736575ULL;
94     uint64_t v1 = 0x646f72616e646f6dULL;
95     uint64_t v2 = 0x6c7967656e657261ULL;
96     uint64_t v3 = 0x7465646279746573ULL;
97     uint64_t k0 = U8TO64_LE(k);
98     uint64_t k1 = U8TO64_LE(k + 8);
99     uint64_t m;
100     int i;
101     const uint8_t *end = in + inlen - (inlen % sizeof(uint64_t));
102     const int left = inlen & 7;
103     uint64_t b = ((uint64_t)inlen) << 56;
104     /** EDIT
105      * The following assert moved here from the top for C90 compliance.
106      */
107     assert((outlen == 8) || (outlen == 16));
108     v3 ^= k1;
109     v2 ^= k0;
110     v1 ^= k1;
111     v0 ^= k0;
112 
113     if (outlen == 16)
114         v1 ^= 0xee;
115 
116     for (; in != end; in += 8) {
117         m = U8TO64_LE(in);
118         v3 ^= m;
119 
120         TRACE;
121         for (i = 0; i < cROUNDS; ++i)
122             SIPROUND;
123 
124         v0 ^= m;
125     }
126 
127     switch (left) {
128     case 7:
129         b |= ((uint64_t)in[6]) << 48;
130         /** EDIT annotate case statement fallthrough for gcc */
131 	ATTR_FALLTHROUGH
132         /* fallthrough */
133     case 6:
134         b |= ((uint64_t)in[5]) << 40;
135         /** EDIT annotate case statement fallthrough for gcc */
136 	ATTR_FALLTHROUGH
137         /* fallthrough */
138     case 5:
139         b |= ((uint64_t)in[4]) << 32;
140         /** EDIT annotate case statement fallthrough for gcc */
141 	ATTR_FALLTHROUGH
142         /* fallthrough */
143     case 4:
144         b |= ((uint64_t)in[3]) << 24;
145         /** EDIT annotate case statement fallthrough for gcc */
146 	ATTR_FALLTHROUGH
147         /* fallthrough */
148     case 3:
149         b |= ((uint64_t)in[2]) << 16;
150         /** EDIT annotate case statement fallthrough for gcc */
151 	ATTR_FALLTHROUGH
152         /* fallthrough */
153     case 2:
154         b |= ((uint64_t)in[1]) << 8;
155         /** EDIT annotate case statement fallthrough for gcc */
156 	ATTR_FALLTHROUGH
157         /* fallthrough */
158     case 1:
159         b |= ((uint64_t)in[0]);
160         break;
161     case 0:
162         break;
163     }
164 
165     v3 ^= b;
166 
167     TRACE;
168     for (i = 0; i < cROUNDS; ++i)
169         SIPROUND;
170 
171     v0 ^= b;
172 
173     if (outlen == 16)
174         v2 ^= 0xee;
175     else
176         v2 ^= 0xff;
177 
178     TRACE;
179     for (i = 0; i < dROUNDS; ++i)
180         SIPROUND;
181 
182     b = v0 ^ v1 ^ v2 ^ v3;
183     U64TO8_LE(out, b);
184 
185     if (outlen == 8)
186         return 0;
187 
188     v1 ^= 0xdd;
189 
190     TRACE;
191     for (i = 0; i < dROUNDS; ++i)
192         SIPROUND;
193 
194     b = v0 ^ v1 ^ v2 ^ v3;
195     U64TO8_LE(out + 8, b);
196 
197     return 0;
198 }
199