modernc.org/ccgo/v3@v3.16.14/lib/testdata/CompCert-3.6/test/c/siphash24.c (about)

     1  /*
     2     SipHash reference C implementation
     3  
     4     Written in 2012 by 
     5     Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com>
     6     Daniel J. Bernstein <djb@cr.yp.to>
     7  
     8     To the extent possible under law, the author(s) have dedicated all copyright
     9     and related and neighboring rights to this software to the public domain
    10     worldwide. This software is distributed without any warranty.
    11  
    12     You should have received a copy of the CC0 Public Domain Dedication along with
    13     this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
    14  */
    15  
    16  #include <stdio.h>
    17  #include <string.h>
    18  typedef unsigned long long u64;
    19  typedef unsigned long u32;
    20  typedef unsigned char u8;
    21  
    22  #define ROTL(x,b) (u64)( ((x) << (b)) | ( (x) >> (64 - (b))) )
    23  
    24  #define U32TO8_LE(p, v)         \
    25      (p)[0] = (u8)((v)      ); (p)[1] = (u8)((v) >>  8); \
    26      (p)[2] = (u8)((v) >> 16); (p)[3] = (u8)((v) >> 24);
    27  
    28  #define U64TO8_LE(p, v)         \
    29    U32TO8_LE((p),     (u32)((v)      ));   \
    30    U32TO8_LE((p) + 4, (u32)((v) >> 32));
    31  
    32  #define U8TO64_LE(p) \
    33    (((u64)((p)[0])      ) | \
    34     ((u64)((p)[1]) <<  8) | \
    35     ((u64)((p)[2]) << 16) | \
    36     ((u64)((p)[3]) << 24) | \
    37     ((u64)((p)[4]) << 32) | \
    38     ((u64)((p)[5]) << 40) | \
    39     ((u64)((p)[6]) << 48) | \
    40     ((u64)((p)[7]) << 56))
    41  
    42  #define SIPROUND            \
    43    do {              \
    44      v0 += v1; v1=ROTL(v1,13); v1 ^= v0; v0=ROTL(v0,32); \
    45      v2 += v3; v3=ROTL(v3,16); v3 ^= v2;     \
    46      v0 += v3; v3=ROTL(v3,21); v3 ^= v0;     \
    47      v2 += v1; v1=ROTL(v1,17); v1 ^= v2; v2=ROTL(v2,32); \
    48    } while(0)
    49  
    50  /* SipHash-2-4 */
    51  int crypto_auth( unsigned char *out, const unsigned char *in, unsigned long long inlen, const unsigned char *k )
    52  {
    53    /* "somepseudorandomlygeneratedbytes" */
    54    u64 v0 = 0x736f6d6570736575ULL;
    55    u64 v1 = 0x646f72616e646f6dULL;
    56    u64 v2 = 0x6c7967656e657261ULL;
    57    u64 v3 = 0x7465646279746573ULL;
    58    u64 b;
    59    u64 k0 = U8TO64_LE( k );
    60    u64 k1 = U8TO64_LE( k + 8 );
    61    u64 m;
    62    const u8 *end = in + inlen - ( inlen % sizeof( u64 ) );
    63    const int left = inlen & 7;
    64    b = ( ( u64 )inlen ) << 56;
    65    v3 ^= k1;
    66    v2 ^= k0;
    67    v1 ^= k1;
    68    v0 ^= k0;
    69  
    70    for ( ; in != end; in += 8 )
    71    {
    72      m = U8TO64_LE( in );
    73  #ifdef DEBUG
    74      printf( "(%3d) v0 %08x %08x\n", ( int )inlen, ( u32 )( v0 >> 32 ), ( u32 )v0 );
    75      printf( "(%3d) v1 %08x %08x\n", ( int )inlen, ( u32 )( v1 >> 32 ), ( u32 )v1 );
    76      printf( "(%3d) v2 %08x %08x\n", ( int )inlen, ( u32 )( v2 >> 32 ), ( u32 )v2 );
    77      printf( "(%3d) v3 %08x %08x\n", ( int )inlen, ( u32 )( v3 >> 32 ), ( u32 )v3 );
    78      printf( "(%3d) compress %08x %08x\n", ( int )inlen, ( u32 )( m >> 32 ), ( u32 )m );
    79  #endif
    80      v3 ^= m;
    81      SIPROUND;
    82      SIPROUND;
    83      v0 ^= m;
    84    }
    85  
    86    switch( left )
    87    {
    88    case 7: b |= ( ( u64 )in[ 6] )  << 48;
    89  
    90    case 6: b |= ( ( u64 )in[ 5] )  << 40;
    91  
    92    case 5: b |= ( ( u64 )in[ 4] )  << 32;
    93  
    94    case 4: b |= ( ( u64 )in[ 3] )  << 24;
    95  
    96    case 3: b |= ( ( u64 )in[ 2] )  << 16;
    97  
    98    case 2: b |= ( ( u64 )in[ 1] )  <<  8;
    99  
   100    case 1: b |= ( ( u64 )in[ 0] ); break;
   101  
   102    case 0: break;
   103    }
   104  
   105  #ifdef DEBUG
   106    printf( "(%3d) v0 %08x %08x\n", ( int )inlen, ( u32 )( v0 >> 32 ), ( u32 )v0 );
   107    printf( "(%3d) v1 %08x %08x\n", ( int )inlen, ( u32 )( v1 >> 32 ), ( u32 )v1 );
   108    printf( "(%3d) v2 %08x %08x\n", ( int )inlen, ( u32 )( v2 >> 32 ), ( u32 )v2 );
   109    printf( "(%3d) v3 %08x %08x\n", ( int )inlen, ( u32 )( v3 >> 32 ), ( u32 )v3 );
   110    printf( "(%3d) padding   %08x %08x\n", ( int )inlen, ( u32 )( b >> 32 ), ( u32 )b );
   111  #endif
   112    v3 ^= b;
   113    SIPROUND;
   114    SIPROUND;
   115    v0 ^= b;
   116  #ifdef DEBUG
   117    printf( "(%3d) v0 %08x %08x\n", ( int )inlen, ( u32 )( v0 >> 32 ), ( u32 )v0 );
   118    printf( "(%3d) v1 %08x %08x\n", ( int )inlen, ( u32 )( v1 >> 32 ), ( u32 )v1 );
   119    printf( "(%3d) v2 %08x %08x\n", ( int )inlen, ( u32 )( v2 >> 32 ), ( u32 )v2 );
   120    printf( "(%3d) v3 %08x %08x\n", ( int )inlen, ( u32 )( v3 >> 32 ), ( u32 )v3 );
   121  #endif
   122    v2 ^= 0xff;
   123    SIPROUND;
   124    SIPROUND;
   125    SIPROUND;
   126    SIPROUND;
   127    b = v0 ^ v1 ^ v2  ^ v3;
   128    U64TO8_LE( out, b );
   129    return 0;
   130  }
   131  
   132  /*
   133     SipHash-2-4 output with
   134     k = 00 01 02 ...
   135     and
   136     in = (empty string)
   137     in = 00 (1 byte)
   138     in = 00 01 (2 bytes)
   139     in = 00 01 02 (3 bytes)
   140     ...
   141     in = 00 01 02 ... 3e (63 bytes)
   142  */
   143  u8 vectors[64][8] =
   144  {
   145    { 0x31, 0x0e, 0x0e, 0xdd, 0x47, 0xdb, 0x6f, 0x72, },
   146    { 0xfd, 0x67, 0xdc, 0x93, 0xc5, 0x39, 0xf8, 0x74, },
   147    { 0x5a, 0x4f, 0xa9, 0xd9, 0x09, 0x80, 0x6c, 0x0d, },
   148    { 0x2d, 0x7e, 0xfb, 0xd7, 0x96, 0x66, 0x67, 0x85, },
   149    { 0xb7, 0x87, 0x71, 0x27, 0xe0, 0x94, 0x27, 0xcf, },
   150    { 0x8d, 0xa6, 0x99, 0xcd, 0x64, 0x55, 0x76, 0x18, },
   151    { 0xce, 0xe3, 0xfe, 0x58, 0x6e, 0x46, 0xc9, 0xcb, },
   152    { 0x37, 0xd1, 0x01, 0x8b, 0xf5, 0x00, 0x02, 0xab, },
   153    { 0x62, 0x24, 0x93, 0x9a, 0x79, 0xf5, 0xf5, 0x93, },
   154    { 0xb0, 0xe4, 0xa9, 0x0b, 0xdf, 0x82, 0x00, 0x9e, },
   155    { 0xf3, 0xb9, 0xdd, 0x94, 0xc5, 0xbb, 0x5d, 0x7a, },
   156    { 0xa7, 0xad, 0x6b, 0x22, 0x46, 0x2f, 0xb3, 0xf4, },
   157    { 0xfb, 0xe5, 0x0e, 0x86, 0xbc, 0x8f, 0x1e, 0x75, },
   158    { 0x90, 0x3d, 0x84, 0xc0, 0x27, 0x56, 0xea, 0x14, },
   159    { 0xee, 0xf2, 0x7a, 0x8e, 0x90, 0xca, 0x23, 0xf7, },
   160    { 0xe5, 0x45, 0xbe, 0x49, 0x61, 0xca, 0x29, 0xa1, },
   161    { 0xdb, 0x9b, 0xc2, 0x57, 0x7f, 0xcc, 0x2a, 0x3f, },
   162    { 0x94, 0x47, 0xbe, 0x2c, 0xf5, 0xe9, 0x9a, 0x69, },
   163    { 0x9c, 0xd3, 0x8d, 0x96, 0xf0, 0xb3, 0xc1, 0x4b, },
   164    { 0xbd, 0x61, 0x79, 0xa7, 0x1d, 0xc9, 0x6d, 0xbb, },
   165    { 0x98, 0xee, 0xa2, 0x1a, 0xf2, 0x5c, 0xd6, 0xbe, },
   166    { 0xc7, 0x67, 0x3b, 0x2e, 0xb0, 0xcb, 0xf2, 0xd0, },
   167    { 0x88, 0x3e, 0xa3, 0xe3, 0x95, 0x67, 0x53, 0x93, },
   168    { 0xc8, 0xce, 0x5c, 0xcd, 0x8c, 0x03, 0x0c, 0xa8, },
   169    { 0x94, 0xaf, 0x49, 0xf6, 0xc6, 0x50, 0xad, 0xb8, },
   170    { 0xea, 0xb8, 0x85, 0x8a, 0xde, 0x92, 0xe1, 0xbc, },
   171    { 0xf3, 0x15, 0xbb, 0x5b, 0xb8, 0x35, 0xd8, 0x17, },
   172    { 0xad, 0xcf, 0x6b, 0x07, 0x63, 0x61, 0x2e, 0x2f, },
   173    { 0xa5, 0xc9, 0x1d, 0xa7, 0xac, 0xaa, 0x4d, 0xde, },
   174    { 0x71, 0x65, 0x95, 0x87, 0x66, 0x50, 0xa2, 0xa6, },
   175    { 0x28, 0xef, 0x49, 0x5c, 0x53, 0xa3, 0x87, 0xad, },
   176    { 0x42, 0xc3, 0x41, 0xd8, 0xfa, 0x92, 0xd8, 0x32, },
   177    { 0xce, 0x7c, 0xf2, 0x72, 0x2f, 0x51, 0x27, 0x71, },
   178    { 0xe3, 0x78, 0x59, 0xf9, 0x46, 0x23, 0xf3, 0xa7, },
   179    { 0x38, 0x12, 0x05, 0xbb, 0x1a, 0xb0, 0xe0, 0x12, },
   180    { 0xae, 0x97, 0xa1, 0x0f, 0xd4, 0x34, 0xe0, 0x15, },
   181    { 0xb4, 0xa3, 0x15, 0x08, 0xbe, 0xff, 0x4d, 0x31, },
   182    { 0x81, 0x39, 0x62, 0x29, 0xf0, 0x90, 0x79, 0x02, },
   183    { 0x4d, 0x0c, 0xf4, 0x9e, 0xe5, 0xd4, 0xdc, 0xca, },
   184    { 0x5c, 0x73, 0x33, 0x6a, 0x76, 0xd8, 0xbf, 0x9a, },
   185    { 0xd0, 0xa7, 0x04, 0x53, 0x6b, 0xa9, 0x3e, 0x0e, },
   186    { 0x92, 0x59, 0x58, 0xfc, 0xd6, 0x42, 0x0c, 0xad, },
   187    { 0xa9, 0x15, 0xc2, 0x9b, 0xc8, 0x06, 0x73, 0x18, },
   188    { 0x95, 0x2b, 0x79, 0xf3, 0xbc, 0x0a, 0xa6, 0xd4, },
   189    { 0xf2, 0x1d, 0xf2, 0xe4, 0x1d, 0x45, 0x35, 0xf9, },
   190    { 0x87, 0x57, 0x75, 0x19, 0x04, 0x8f, 0x53, 0xa9, },
   191    { 0x10, 0xa5, 0x6c, 0xf5, 0xdf, 0xcd, 0x9a, 0xdb, },
   192    { 0xeb, 0x75, 0x09, 0x5c, 0xcd, 0x98, 0x6c, 0xd0, },
   193    { 0x51, 0xa9, 0xcb, 0x9e, 0xcb, 0xa3, 0x12, 0xe6, },
   194    { 0x96, 0xaf, 0xad, 0xfc, 0x2c, 0xe6, 0x66, 0xc7, },
   195    { 0x72, 0xfe, 0x52, 0x97, 0x5a, 0x43, 0x64, 0xee, },
   196    { 0x5a, 0x16, 0x45, 0xb2, 0x76, 0xd5, 0x92, 0xa1, },
   197    { 0xb2, 0x74, 0xcb, 0x8e, 0xbf, 0x87, 0x87, 0x0a, },
   198    { 0x6f, 0x9b, 0xb4, 0x20, 0x3d, 0xe7, 0xb3, 0x81, },
   199    { 0xea, 0xec, 0xb2, 0xa3, 0x0b, 0x22, 0xa8, 0x7f, },
   200    { 0x99, 0x24, 0xa4, 0x3c, 0xc1, 0x31, 0x57, 0x24, },
   201    { 0xbd, 0x83, 0x8d, 0x3a, 0xaf, 0xbf, 0x8d, 0xb7, },
   202    { 0x0b, 0x1a, 0x2a, 0x32, 0x65, 0xd5, 0x1a, 0xea, },
   203    { 0x13, 0x50, 0x79, 0xa3, 0x23, 0x1c, 0xe6, 0x60, },
   204    { 0x93, 0x2b, 0x28, 0x46, 0xe4, 0xd7, 0x06, 0x66, },
   205    { 0xe1, 0x91, 0x5f, 0x5c, 0xb1, 0xec, 0xa4, 0x6c, },
   206    { 0xf3, 0x25, 0x96, 0x5c, 0xa1, 0x6d, 0x62, 0x9f, },
   207    { 0x57, 0x5f, 0xf2, 0x8e, 0x60, 0x38, 0x1b, 0xe5, },
   208    { 0x72, 0x45, 0x06, 0xeb, 0x4c, 0x32, 0x8a, 0x95, }
   209  };
   210  
   211  
   212  int test_vectors()
   213  {
   214  #define MAXLEN 64
   215    u8 in[MAXLEN], out[8], k[16];
   216    int i;
   217    int ok = 1;
   218  
   219    for( i = 0; i < 16; ++i ) k[i] = i;
   220  
   221    for( i = 0; i < MAXLEN; ++i )
   222    {
   223      in[i] = i;
   224      crypto_auth( out, in, i, k );
   225  
   226      if ( memcmp( out, vectors[i], 8 ) )
   227      {
   228        printf( "test vector failed for %d bytes\n", i );
   229        ok = 0;
   230      }
   231    }
   232  
   233    return ok;
   234  }
   235  
   236  u8 testdata[100] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 12, 34, 56, 78, 90 };
   237  
   238  int speed_test(void)
   239  {
   240    u8 out[8], k[16];
   241    int i;
   242  
   243    for(i = 0; i < 16; ++i ) k[i] = i;
   244    for(i = 0; i < 1000000; i++) {
   245      testdata[99] = (u8) i;
   246      crypto_auth(out, testdata, 100, k);
   247    }
   248    return out[0];
   249  }
   250  
   251  int main()
   252  {
   253    if ( test_vectors() ) printf( "test vectors ok\n" );
   254    (void) speed_test();
   255    return 0;
   256  }