1 #include "crypto_shorthash_siphash24.h" 2 #include "private/common.h" 3 #include "shorthash_siphash_ref.h" 4 5 int 6 crypto_shorthash_siphashx24(unsigned char *out, const unsigned char *in, 7 unsigned long long inlen, const unsigned char *k) 8 { 9 uint64_t v0 = 0x736f6d6570736575ULL; 10 uint64_t v1 = 0x646f72616e646f83ULL; 11 uint64_t v2 = 0x6c7967656e657261ULL; 12 uint64_t v3 = 0x7465646279746573ULL; 13 uint64_t b; 14 uint64_t k0 = LOAD64_LE(k); 15 uint64_t k1 = LOAD64_LE(k + 8); 16 uint64_t m; 17 const uint8_t *end = in + inlen - (inlen % sizeof(uint64_t)); 18 const int left = inlen & 7; 19 20 b = ((uint64_t) inlen) << 56; 21 v3 ^= k1; 22 v2 ^= k0; 23 v1 ^= k1; 24 v0 ^= k0; 25 for (; in != end; in += 8) { 26 m = LOAD64_LE(in); 27 v3 ^= m; 28 SIPROUND; 29 SIPROUND; 30 v0 ^= m; 31 } 32 switch (left) { 33 case 7: 34 b |= ((uint64_t) in[6]) << 48; 35 /* FALLTHRU */ 36 case 6: 37 b |= ((uint64_t) in[5]) << 40; 38 /* FALLTHRU */ 39 case 5: 40 b |= ((uint64_t) in[4]) << 32; 41 /* FALLTHRU */ 42 case 4: 43 b |= ((uint64_t) in[3]) << 24; 44 /* FALLTHRU */ 45 case 3: 46 b |= ((uint64_t) in[2]) << 16; 47 /* FALLTHRU */ 48 case 2: 49 b |= ((uint64_t) in[1]) << 8; 50 /* FALLTHRU */ 51 case 1: 52 b |= ((uint64_t) in[0]); 53 break; 54 case 0: 55 break; 56 } 57 v3 ^= b; 58 SIPROUND; 59 SIPROUND; 60 v0 ^= b; 61 v2 ^= 0xee; 62 SIPROUND; 63 SIPROUND; 64 SIPROUND; 65 SIPROUND; 66 b = v0 ^ v1 ^ v2 ^ v3; 67 STORE64_LE(out, b); 68 v1 ^= 0xdd; 69 SIPROUND; 70 SIPROUND; 71 SIPROUND; 72 SIPROUND; 73 b = v0 ^ v1 ^ v2 ^ v3; 74 STORE64_LE(out + 8, b); 75 76 return 0; 77 } 78