diff options
Diffstat (limited to 'src/libcryptobox/blake2/ref.c')
| -rw-r--r-- | src/libcryptobox/blake2/ref.c | 185 |
1 files changed, 0 insertions, 185 deletions
diff --git a/src/libcryptobox/blake2/ref.c b/src/libcryptobox/blake2/ref.c deleted file mode 100644 index ed6f395fc..000000000 --- a/src/libcryptobox/blake2/ref.c +++ /dev/null @@ -1,185 +0,0 @@ -/* - * Copyright (c) 2015, Vsevolod Stakhov - * Copyright (c) 2015, Andrew Moon - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY AUTHOR ''AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL AUTHOR BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND - * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "config.h" -#include "blake2.h" -#include "blake2-internal.h" - -typedef uint64_t blake2b_uint64; - -static const unsigned char blake2b_sigma[12][16] = { - {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15}, - {14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3}, - {11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4}, - {7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8}, - {9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13}, - {2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9}, - {12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11}, - {13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10}, - {6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5}, - {10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0}, - {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15}, - {14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3} -}; - -static blake2b_uint64 -ROTR64 (blake2b_uint64 x, int k) -{ - return ((x >> k) | (x << (64 - k))); -} - -static blake2b_uint64 -U8TO64 (const unsigned char *p) -{ - return - ((blake2b_uint64) p[0]) | - ((blake2b_uint64) p[1] << 8) | - ((blake2b_uint64) p[2] << 16) | - ((blake2b_uint64) p[3] << 24) | - ((blake2b_uint64) p[4] << 32) | - ((blake2b_uint64) p[5] << 40) | - ((blake2b_uint64) p[6] << 48) | - ((blake2b_uint64) p[7] << 56); -} - -static void -U64TO8 (unsigned char *p, blake2b_uint64 v) -{ - p[0] = (v) & 0xff; - p[1] = (v >> 8) & 0xff; - p[2] = (v >> 16) & 0xff; - p[3] = (v >> 24) & 0xff; - p[4] = (v >> 32) & 0xff; - p[5] = (v >> 40) & 0xff; - p[6] = (v >> 48) & 0xff; - p[7] = (v >> 56) & 0xff; -} - -void -blake2b_blocks_ref (blake2b_state_internal *S, - const unsigned char *in, - size_t bytes, - size_t stride) -{ - const blake2b_uint64 f0 = U8TO64 (&S->f[0]); - const blake2b_uint64 f1 = U8TO64 (&S->f[8]); - - const blake2b_uint64 w8 = 0x6a09e667f3bcc908ull; - const blake2b_uint64 w9 = 0xbb67ae8584caa73bull; - const blake2b_uint64 w10 = 0x3c6ef372fe94f82bull; - const blake2b_uint64 w11 = 0xa54ff53a5f1d36f1ull; - const blake2b_uint64 w12 = 0x510e527fade682d1ull; - const blake2b_uint64 w13 = 0x9b05688c2b3e6c1full; - const blake2b_uint64 w14 = 0x1f83d9abfb41bd6bull ^f0; - const blake2b_uint64 w15 = 0x5be0cd19137e2179ull ^f1; - - const size_t inc = (bytes >= 128) ? 128 : bytes; - - blake2b_uint64 t0 = U8TO64 (&S->t[0]); - blake2b_uint64 t1 = U8TO64 (&S->t[8]); - - blake2b_uint64 h[8]; - blake2b_uint64 v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15; - unsigned char buffer[128]; - - size_t i; - - if (f0) { - memset (buffer, 0, sizeof (buffer)); - memcpy (buffer, in, bytes); - in = buffer; - } - - for (i = 0; i < 8; i++) - h[i] = U8TO64 (&S->h[i * 8]); - - while (1) { - blake2b_uint64 m[16]; - - t0 += inc; - if (t0 < inc) - t1 += 1; - - for (i = 0; i < 16; i++) - m[i] = U8TO64 (in + (i * 8)); - - v0 = h[0]; - v1 = h[1]; - v2 = h[2]; - v3 = h[3]; - v4 = h[4]; - v5 = h[5]; - v6 = h[6]; - v7 = h[7]; - v8 = w8; - v9 = w9; - v10 = w10; - v11 = w11; - v12 = w12 ^ t0; - v13 = w13 ^ t1; - v14 = w14; - v15 = w15; - -#define G(r, x, a, b, c, d) \ - a += b + m[blake2b_sigma[r][2*x+0]]; \ - d = ROTR64(d ^ a, 32); \ - c += d; \ - b = ROTR64(b ^ c, 24); \ - a += b + m[blake2b_sigma[r][2*x+1]]; \ - d = ROTR64(d ^ a, 16); \ - c += d; \ - b = ROTR64(b ^ c, 63); - - for (i = 0; i < 12; i++) { - G(i, 0, v0, v4, v8, v12); - G(i, 1, v1, v5, v9, v13); - G(i, 2, v2, v6, v10, v14); - G(i, 3, v3, v7, v11, v15); - G(i, 4, v0, v5, v10, v15); - G(i, 5, v1, v6, v11, v12); - G(i, 6, v2, v7, v8, v13); - G(i, 7, v3, v4, v9, v14); - } - - h[0] ^= (v0 ^ v8); - h[1] ^= (v1 ^ v9); - h[2] ^= (v2 ^ v10); - h[3] ^= (v3 ^ v11); - h[4] ^= (v4 ^ v12); - h[5] ^= (v5 ^ v13); - h[6] ^= (v6 ^ v14); - h[7] ^= (v7 ^ v15); - - if (bytes <= 128) - break; - in += stride; - bytes -= 128; - } - - for (i = 0; i < 8; i++) - U64TO8 (&S->h[i * 8], h[i]); - U64TO8 (&S->t[0], t0); - U64TO8 (&S->t[8], t1); -} |