Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <stdlib.h>
- /*
- #include "crypto_auth.h"
- #include "crypto_uint64.h"
- #include "crypto_uint32.h"
- #include "crypto_uint8.h"
- typedef crypto_uint64 u64;
- typedef crypto_uint32 u32;
- typedef crypto_uint8 u8;
- */
- #include <stdio.h>
- #include <stdint.h>
- #define SIPHASH_ROUNDS 2
- #define SIPHASH_FINALROUNDS 4
- typedef uint8_t u8;
- typedef uint32_t u32;
- typedef uint64_t u64;
- #define rotl64(x, c) ( ((x) << (c)) ^ ((x) >> (64-(c))) )
- static u64 siphash(const u8 key[16], const unsigned char *m, const u64 n)
- {
- u64 v0, v1, v2, v3;
- u64 k0, k1;
- u64 mi, mask, len;
- size_t i, k;
- k0 = *((u64*)(key + 0));
- k1 = *((u64*)(key + 8));
- v0 = k0 ^ 0x736f6d6570736575ULL;
- v1 = k1 ^ 0x646f72616e646f6dULL;
- v2 = k0 ^ 0x6c7967656e657261ULL;
- v3 = k1 ^ 0x7465646279746573ULL;
- #define HALF_ROUND(a,b,c,d,s,t) \
- do \
- { \
- a += b; c += d; \
- b = rotl64(b, s); d = rotl64(d, t); \
- b ^= a; d ^= c; \
- } while(0)
- #define COMPRESS(v0,v1,v2,v3) \
- do \
- { \
- HALF_ROUND(v0,v1,v2,v3,13,16); \
- v0 = rotl64(v0,32); \
- HALF_ROUND(v2,v1,v0,v3,17,21); \
- v2 = rotl64(v2, 32); \
- } while(0)
- for(i = 0; i < (n-n%8); i += 8)
- {
- mi = *((u64*)(m + i));
- v3 ^= mi;
- for(k = 0; k < SIPHASH_ROUNDS; ++k) COMPRESS(v0,v1,v2,v3);
- v0 ^= mi;
- }
- //mi = *((u64*)(m + i));
- //len = (n&0xff) << 56;
- //mask = n%8 == 0 ? 0 : 0xffffffffffffffffULL >> (8*(8-n%8));
- //mi = (mi&mask) ^ len;
- u8 *p = m + i;
- mi = (n&0xff) << 56;
- switch(n%8)
- {
- case 7: mi |= ( ( u64 )p[ 6] ) << 48;
- case 6: mi |= ( ( u64 )p[ 5] ) << 40;
- case 5: mi |= ( ( u64 )p[ 4] ) << 32;
- case 4: mi |= ( ( u64 )p[ 3] ) << 24;
- case 3: mi |= ( ( u64 )p[ 2] ) << 16;
- case 2: mi |= ( ( u64 )p[ 1] ) << 8;
- case 1: mi |= ( ( u64 )p[ 0] ); break;
- case 0: break;
- }
- v3 ^= mi;
- for(k = 0; k < SIPHASH_ROUNDS; ++k) COMPRESS(v0,v1,v2,v3);
- v0 ^= mi;
- v2 ^= 0xff;
- for(k = 0; k < SIPHASH_FINALROUNDS; ++k) COMPRESS(v0,v1,v2,v3);
- #undef COMPRESS
- #undef HALF_ROUND
- return (v0 ^ v1) ^ (v2 ^ v3);
- }
- int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
- {
- int i;
- union
- {
- u8 bytes[8];
- u64 gpr;
- } hash;
- hash.gpr = siphash(k, in, inlen);
- for(i=0; i < 8; ++i) out[i] = hash.bytes[i];
- return 0;
- }
- static int crypto_verify_8(const unsigned char *x,const unsigned char *y)
- {
- unsigned int differentbits = 0;
- #define F(i) differentbits |= x[i] ^ y[i];
- F(0)
- F(1)
- F(2)
- F(3)
- F(4)
- F(5)
- F(6)
- F(7)
- return (1 & ((differentbits - 1) >> 8)) - 1;
- }
- int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
- {
- u8 correct[8];
- crypto_auth(correct,in,inlen,k);
- return crypto_verify_8(h,correct);
- }
- /*
- SipHash-2-4 output with
- k = 00 01 02 ...
- and
- in = (empty string)
- in = 00 (1 byte)
- in = 00 01 (2 bytes)
- in = 00 01 02 (3 bytes)
- ...
- in = 00 01 02 ... 3e (63 bytes)
- */
- u8 vectors[64][8] =
- {
- { 0x31, 0x0e, 0x0e, 0xdd, 0x47, 0xdb, 0x6f, 0x72, },
- { 0xfd, 0x67, 0xdc, 0x93, 0xc5, 0x39, 0xf8, 0x74, },
- { 0x5a, 0x4f, 0xa9, 0xd9, 0x09, 0x80, 0x6c, 0x0d, },
- { 0x2d, 0x7e, 0xfb, 0xd7, 0x96, 0x66, 0x67, 0x85, },
- { 0xb7, 0x87, 0x71, 0x27, 0xe0, 0x94, 0x27, 0xcf, },
- { 0x8d, 0xa6, 0x99, 0xcd, 0x64, 0x55, 0x76, 0x18, },
- { 0xce, 0xe3, 0xfe, 0x58, 0x6e, 0x46, 0xc9, 0xcb, },
- { 0x37, 0xd1, 0x01, 0x8b, 0xf5, 0x00, 0x02, 0xab, },
- { 0x62, 0x24, 0x93, 0x9a, 0x79, 0xf5, 0xf5, 0x93, },
- { 0xb0, 0xe4, 0xa9, 0x0b, 0xdf, 0x82, 0x00, 0x9e, },
- { 0xf3, 0xb9, 0xdd, 0x94, 0xc5, 0xbb, 0x5d, 0x7a, },
- { 0xa7, 0xad, 0x6b, 0x22, 0x46, 0x2f, 0xb3, 0xf4, },
- { 0xfb, 0xe5, 0x0e, 0x86, 0xbc, 0x8f, 0x1e, 0x75, },
- { 0x90, 0x3d, 0x84, 0xc0, 0x27, 0x56, 0xea, 0x14, },
- { 0xee, 0xf2, 0x7a, 0x8e, 0x90, 0xca, 0x23, 0xf7, },
- { 0xe5, 0x45, 0xbe, 0x49, 0x61, 0xca, 0x29, 0xa1, },
- { 0xdb, 0x9b, 0xc2, 0x57, 0x7f, 0xcc, 0x2a, 0x3f, },
- { 0x94, 0x47, 0xbe, 0x2c, 0xf5, 0xe9, 0x9a, 0x69, },
- { 0x9c, 0xd3, 0x8d, 0x96, 0xf0, 0xb3, 0xc1, 0x4b, },
- { 0xbd, 0x61, 0x79, 0xa7, 0x1d, 0xc9, 0x6d, 0xbb, },
- { 0x98, 0xee, 0xa2, 0x1a, 0xf2, 0x5c, 0xd6, 0xbe, },
- { 0xc7, 0x67, 0x3b, 0x2e, 0xb0, 0xcb, 0xf2, 0xd0, },
- { 0x88, 0x3e, 0xa3, 0xe3, 0x95, 0x67, 0x53, 0x93, },
- { 0xc8, 0xce, 0x5c, 0xcd, 0x8c, 0x03, 0x0c, 0xa8, },
- { 0x94, 0xaf, 0x49, 0xf6, 0xc6, 0x50, 0xad, 0xb8, },
- { 0xea, 0xb8, 0x85, 0x8a, 0xde, 0x92, 0xe1, 0xbc, },
- { 0xf3, 0x15, 0xbb, 0x5b, 0xb8, 0x35, 0xd8, 0x17, },
- { 0xad, 0xcf, 0x6b, 0x07, 0x63, 0x61, 0x2e, 0x2f, },
- { 0xa5, 0xc9, 0x1d, 0xa7, 0xac, 0xaa, 0x4d, 0xde, },
- { 0x71, 0x65, 0x95, 0x87, 0x66, 0x50, 0xa2, 0xa6, },
- { 0x28, 0xef, 0x49, 0x5c, 0x53, 0xa3, 0x87, 0xad, },
- { 0x42, 0xc3, 0x41, 0xd8, 0xfa, 0x92, 0xd8, 0x32, },
- { 0xce, 0x7c, 0xf2, 0x72, 0x2f, 0x51, 0x27, 0x71, },
- { 0xe3, 0x78, 0x59, 0xf9, 0x46, 0x23, 0xf3, 0xa7, },
- { 0x38, 0x12, 0x05, 0xbb, 0x1a, 0xb0, 0xe0, 0x12, },
- { 0xae, 0x97, 0xa1, 0x0f, 0xd4, 0x34, 0xe0, 0x15, },
- { 0xb4, 0xa3, 0x15, 0x08, 0xbe, 0xff, 0x4d, 0x31, },
- { 0x81, 0x39, 0x62, 0x29, 0xf0, 0x90, 0x79, 0x02, },
- { 0x4d, 0x0c, 0xf4, 0x9e, 0xe5, 0xd4, 0xdc, 0xca, },
- { 0x5c, 0x73, 0x33, 0x6a, 0x76, 0xd8, 0xbf, 0x9a, },
- { 0xd0, 0xa7, 0x04, 0x53, 0x6b, 0xa9, 0x3e, 0x0e, },
- { 0x92, 0x59, 0x58, 0xfc, 0xd6, 0x42, 0x0c, 0xad, },
- { 0xa9, 0x15, 0xc2, 0x9b, 0xc8, 0x06, 0x73, 0x18, },
- { 0x95, 0x2b, 0x79, 0xf3, 0xbc, 0x0a, 0xa6, 0xd4, },
- { 0xf2, 0x1d, 0xf2, 0xe4, 0x1d, 0x45, 0x35, 0xf9, },
- { 0x87, 0x57, 0x75, 0x19, 0x04, 0x8f, 0x53, 0xa9, },
- { 0x10, 0xa5, 0x6c, 0xf5, 0xdf, 0xcd, 0x9a, 0xdb, },
- { 0xeb, 0x75, 0x09, 0x5c, 0xcd, 0x98, 0x6c, 0xd0, },
- { 0x51, 0xa9, 0xcb, 0x9e, 0xcb, 0xa3, 0x12, 0xe6, },
- { 0x96, 0xaf, 0xad, 0xfc, 0x2c, 0xe6, 0x66, 0xc7, },
- { 0x72, 0xfe, 0x52, 0x97, 0x5a, 0x43, 0x64, 0xee, },
- { 0x5a, 0x16, 0x45, 0xb2, 0x76, 0xd5, 0x92, 0xa1, },
- { 0xb2, 0x74, 0xcb, 0x8e, 0xbf, 0x87, 0x87, 0x0a, },
- { 0x6f, 0x9b, 0xb4, 0x20, 0x3d, 0xe7, 0xb3, 0x81, },
- { 0xea, 0xec, 0xb2, 0xa3, 0x0b, 0x22, 0xa8, 0x7f, },
- { 0x99, 0x24, 0xa4, 0x3c, 0xc1, 0x31, 0x57, 0x24, },
- { 0xbd, 0x83, 0x8d, 0x3a, 0xaf, 0xbf, 0x8d, 0xb7, },
- { 0x0b, 0x1a, 0x2a, 0x32, 0x65, 0xd5, 0x1a, 0xea, },
- { 0x13, 0x50, 0x79, 0xa3, 0x23, 0x1c, 0xe6, 0x60, },
- { 0x93, 0x2b, 0x28, 0x46, 0xe4, 0xd7, 0x06, 0x66, },
- { 0xe1, 0x91, 0x5f, 0x5c, 0xb1, 0xec, 0xa4, 0x6c, },
- { 0xf3, 0x25, 0x96, 0x5c, 0xa1, 0x6d, 0x62, 0x9f, },
- { 0x57, 0x5f, 0xf2, 0x8e, 0x60, 0x38, 0x1b, 0xe5, },
- { 0x72, 0x45, 0x06, 0xeb, 0x4c, 0x32, 0x8a, 0x95, }
- };
- int test_vectors()
- {
- #define MAXLEN 64
- u8 in[MAXLEN], out[8], k[16];
- int i;
- int ok = 1;
- for( i = 0; i < 16; ++i ) k[i] = i;
- for( i = 0; i < MAXLEN; ++i )
- {
- in[i] = i;
- crypto_auth( out, in, i, k );
- if ( memcmp( out, vectors[i], 8 ) )
- {
- printf( "test vector failed for %d bytes\n", i );
- ok = 0;
- }
- }
- return ok;
- }
- int main()
- {
- u64 hash;
- u8 k[16];
- u8 in2[16];
- int i;
- char *in;
- for( i = 0; i < 16; ++i ) k[i] = i;
- in = malloc(16);
- for( i = 0; i < 16; ++i ) in[i] = i;
- for( i = 0; i < 16; ++i ) in2[i] = i;
- hash = siphash(k, in, 16);
- free(in);
- printf("%llu\n", hash);
- hash = siphash(k, in2, 16);
- printf("%llu\n", hash);
- if ( test_vectors() ) printf( "test vectors ok\n" );
- return 0;
- }
Add Comment
Please, Sign In to add comment