]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
a245d90a TG |
2 | /*** |
3 | This file is part of systemd. | |
4 | ||
5 | Copyright 2015 Tom Gundersen | |
a245d90a TG |
6 | ***/ |
7 | ||
a245d90a | 8 | #include "siphash24.h" |
cf0fbc49 | 9 | #include "util.h" |
a245d90a TG |
10 | |
11 | #define ITERATIONS 10000000ULL | |
12 | ||
56e3d0cf | 13 | static void do_test(const uint8_t *in, size_t len, const uint8_t *key) { |
1283d704 | 14 | struct siphash state = {}; |
56e3d0cf | 15 | uint64_t out; |
0cb3c286 | 16 | unsigned i, j; |
a245d90a | 17 | |
933f9cae | 18 | out = siphash24(in, len, key); |
81d313a6 | 19 | assert_se(out == 0xa129ca6149be45e5); |
1283d704 TG |
20 | |
21 | /* verify the internal state as given in the above paper */ | |
0cb3c286 | 22 | siphash24_init(&state, key); |
1283d704 TG |
23 | assert_se(state.v0 == 0x7469686173716475); |
24 | assert_se(state.v1 == 0x6b617f6d656e6665); | |
25 | assert_se(state.v2 == 0x6b7f62616d677361); | |
26 | assert_se(state.v3 == 0x7b6b696e727e6c7b); | |
69b98e71 | 27 | siphash24_compress(in, len, &state); |
1283d704 TG |
28 | assert_se(state.v0 == 0x4a017198de0a59e0); |
29 | assert_se(state.v1 == 0x0d52f6f62a4f59a4); | |
30 | assert_se(state.v2 == 0x634cb3577b01fd3d); | |
31 | assert_se(state.v3 == 0xa5224d6f55c7d9c8); | |
933f9cae | 32 | out = siphash24_finalize(&state); |
81d313a6 | 33 | assert_se(out == 0xa129ca6149be45e5); |
1283d704 TG |
34 | assert_se(state.v0 == 0xf6bcd53893fecff1); |
35 | assert_se(state.v1 == 0x54b9964c7ea0d937); | |
36 | assert_se(state.v2 == 0x1b38329c099bb55a); | |
37 | assert_se(state.v3 == 0x1814bb89ad7be679); | |
38 | ||
39 | /* verify that decomposing the input in three chunks gives the | |
40 | same result */ | |
69b98e71 MP |
41 | for (i = 0; i < len; i++) { |
42 | for (j = i; j < len; j++) { | |
0cb3c286 | 43 | siphash24_init(&state, key); |
1283d704 TG |
44 | siphash24_compress(in, i, &state); |
45 | siphash24_compress(&in[i], j - i, &state); | |
69b98e71 | 46 | siphash24_compress(&in[j], len - j, &state); |
933f9cae | 47 | out = siphash24_finalize(&state); |
81d313a6 | 48 | assert_se(out == 0xa129ca6149be45e5); |
1283d704 TG |
49 | } |
50 | } | |
56e3d0cf ZJS |
51 | } |
52 | ||
53 | static void test_short_hashes(void) { | |
54 | const uint8_t one[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, | |
55 | 0x09, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16 }; | |
56 | const uint8_t key[16] = { 0x22, 0x24, 0x41, 0x22, 0x55, 0x77, 0x88, 0x07, | |
57 | 0x23, 0x09, 0x23, 0x14, 0x0c, 0x33, 0x0e, 0x0f}; | |
58 | uint8_t two[sizeof one] = {}; | |
59 | ||
60 | struct siphash state1 = {}, state2 = {}; | |
61 | unsigned i, j; | |
62 | ||
63 | siphash24_init(&state1, key); | |
64 | siphash24_init(&state2, key); | |
65 | ||
66 | /* hashing 1, 2, 3, 4, 5, ..., 16 bytes, with the byte after the buffer different */ | |
67 | for (i = 1; i <= sizeof one; i++) { | |
68 | siphash24_compress(one, i, &state1); | |
69 | ||
70 | two[i-1] = one[i-1]; | |
71 | siphash24_compress(two, i, &state2); | |
72 | ||
73 | assert_se(memcmp(&state1, &state2, sizeof state1) == 0); | |
74 | } | |
75 | ||
76 | /* hashing n and 1, n and 2, n and 3, ..., n-1 and 1, n-2 and 2, ... */ | |
77 | for (i = sizeof one; i > 0; i--) { | |
78 | zero(two); | |
79 | ||
80 | for (j = 1; j <= sizeof one; j++) { | |
81 | siphash24_compress(one, i, &state1); | |
82 | siphash24_compress(one, j, &state1); | |
83 | ||
84 | siphash24_compress(one, i, &state2); | |
85 | two[j-1] = one[j-1]; | |
86 | siphash24_compress(two, j, &state2); | |
87 | ||
88 | assert_se(memcmp(&state1, &state2, sizeof state1) == 0); | |
89 | } | |
90 | } | |
69b98e71 MP |
91 | } |
92 | ||
93 | /* see https://131002.net/siphash/siphash.pdf, Appendix A */ | |
94 | int main(int argc, char *argv[]) { | |
95 | const uint8_t in[15] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | |
96 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e }; | |
97 | const uint8_t key[16] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | |
98 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}; | |
99 | uint8_t in_buf[20]; | |
100 | ||
101 | /* Test with same input but different alignments. */ | |
102 | memcpy(in_buf, in, sizeof(in)); | |
103 | do_test(in_buf, sizeof(in), key); | |
104 | memcpy(in_buf + 1, in, sizeof(in)); | |
105 | do_test(in_buf + 1, sizeof(in), key); | |
106 | memcpy(in_buf + 2, in, sizeof(in)); | |
107 | do_test(in_buf + 2, sizeof(in), key); | |
108 | memcpy(in_buf + 4, in, sizeof(in)); | |
109 | do_test(in_buf + 4, sizeof(in), key); | |
56e3d0cf ZJS |
110 | |
111 | test_short_hashes(); | |
a245d90a | 112 | } |