aboutsummaryrefslogtreecommitdiff
path: root/sys/crypto/siphash/siphash.c
Commit message (Collapse)AuthorAgeFilesLines
* siphash: allow zero values for final & len in SipBuf()Mark O'Donovan2024-07-291-5/+10
| | | | | | | | | | Currently the assert checks for XOR of final and len. This assert fails when running the unit tests in siphash_test.c. We need to allow the case where both values are zero. Signed-off-by: Mark O'Donovan <shiftee@posteo.net> Reviewed by: imp, cperciva Pull Request: https://github.com/freebsd/freebsd-src/pull/1324
* sys: Automated cleanup of cdefs and other formattingWarner Losh2023-11-271-1/+0
| | | | | | | | | | | | | | | | Apply the following automated changes to try to eliminate no-longer-needed sys/cdefs.h includes as well as now-empty blank lines in a row. Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/ Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/ Remove /\n+#if.*\n#endif.*\n+/ Remove /^#if.*\n#endif.*\n/ Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/ Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/ Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/ Sponsored by: Netflix
* sys: Remove $FreeBSD$: one-line .c patternWarner Losh2023-08-161-2/+0
| | | | Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
* crypto routines: Hint minimum buffer sizes to the compilerConrad Meyer2016-05-261-4/+4
| | | | | | | | | | | | | | Use the C99 'static' keyword to hint to the compiler IVs and output digest sizes. The keyword informs the compiler of the minimum valid size for a given array. Obviously not every pointer can be validated (i.e., the compiler can produce false negative but not false positive reports). No functional change. No ABI change. Sponsored by: EMC / Isilon Storage Division Notes: svn path=/head/; revision=300773
* Fix const propagation issues to make GCC happy.Andre Oppermann2013-07-111-3/+4
| | | | | | | Submitted by: Michael Butler <imb@protected-networks.net> Notes: svn path=/head/; revision=253214
* SipHash is a cryptographically strong pseudo-random function (a.k.a. keyedAndre Oppermann2013-07-111-0/+241
hash function) optimized for speed on short messages returning a 64bit hash/ digest value. SipHash is simpler and much faster than other secure MACs and competitive in speed with popular non-cryptographic hash functions. It uses a 128-bit key without the hidden cost of a key expansion step. SipHash iterates a simple round function consisting of four additions, four xors, and six rotations, interleaved with xors of message blocks for a pre-defined number of compression and finalization rounds. The absence of secret load/store addresses or secret branch conditions avoid timing attacks. No state is shared between messages. Hashing is deterministic and doesn't use nonces. It is not susceptible to length extension attacks. Target applications include network traffic authentication, message authentication (MAC) and hash-tables protection against hash-flooding denial-of-service attacks. The number of update/finalization rounds is defined during initialization: SipHash24_Init() for the fast and reasonable strong version. SipHash48_Init() for the strong version (half as fast). SipHash usage is similar to other hash functions: struct SIPHASH_CTX ctx; char *k = "16bytes long key" char *s = "string"; uint64_t h = 0; SipHash24_Init(&ctx); SipHash_SetKey(&ctx, k); SipHash_Update(&ctx, s, strlen(s)); SipHash_Final(&h, &ctx); /* or */ h = SipHash_End(&ctx); /* or */ h = SipHash24(&ctx, k, s, strlen(s)); It was designed by Jean-Philippe Aumasson and Daniel J. Bernstein and is described in the paper "SipHash: a fast short-input PRF", 2012.09.18: https://131002.net/siphash/siphash.pdf Permanent ID: b9a943a805fbfc6fde808af9fc0ecdfa Implemented by: andre (based on the paper) Reviewed by: cperciva Notes: svn path=/head/; revision=253208
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-06 08:17:14 +0000