From 30b716d220331fe3d1e4110b097b728af58b394a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Thu, 29 Aug 2019 13:59:52 +0200 Subject: [PATCH] Add OpenSSL based isc_siphash24() implementation This commits adds an OpenSSL based isc_siphash24() implementation, which is preferred when available. The siphash_test has been modified to test both implementation with a trick that renames the isc_siphash24() to openssl_ or native_ prefixed name and includes the ../siphash.c two times (when the OpenSSL implementation is available). --- lib/isc/siphash.c | 52 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/lib/isc/siphash.c b/lib/isc/siphash.c index 6319333c54..23fff75192 100644 --- a/lib/isc/siphash.c +++ b/lib/isc/siphash.c @@ -17,6 +17,57 @@ #include #include +#if HAVE_OPENSSL_SIPHASH +#include + +void +isc_siphash24(const uint8_t *k, + const uint8_t *in, const size_t inlen, + uint8_t *out) +{ + REQUIRE(k != NULL); + REQUIRE(out != NULL); + size_t outlen = 8; + EVP_PKEY_CTX *pctx = NULL; + + EVP_MD_CTX *mctx = EVP_MD_CTX_new(); + EVP_PKEY *key = EVP_PKEY_new_raw_private_key(EVP_PKEY_SIPHASH, NULL, + k, 16); + RUNTIME_CHECK(mctx != NULL); + RUNTIME_CHECK(key != NULL); + + RUNTIME_CHECK(EVP_DigestSignInit(mctx, &pctx, NULL, NULL, key) == 1); + RUNTIME_CHECK(EVP_PKEY_CTX_ctrl(pctx, EVP_PKEY_SIPHASH, + EVP_PKEY_OP_SIGNCTX, + EVP_PKEY_CTRL_SET_DIGEST_SIZE, outlen, + NULL) == 1); + RUNTIME_CHECK(EVP_DigestSignUpdate(mctx, in, inlen) == 1); + RUNTIME_CHECK(EVP_DigestSignFinal(mctx, out, &outlen) == 1); + + ENSURE(outlen == 8); + + EVP_PKEY_free(key); + EVP_MD_CTX_free(mctx); +} + +#else /* HAVE_OPENSSL_SIPHASH */ + +/* + * The fallback implementation is based on SipHash reference C implementation by + * + * Copyright (c) 2012-2016 Jean-Philippe Aumasson + * Copyright (c) 2012-2014 Daniel J. Bernstein + * + * To the extent possible under law, the author(s) have dedicated all copyright + * and related and neighboring rights to this software to the public domain + * worldwide. This software is distributed without any warranty. You should + * have received a copy of the CC0 Public Domain Dedication along with this + * software. If not, see . + */ + +#define cROUNDS 2 +#define dROUNDS 4 + /* * The implementation is based on SipHash reference C implementation by * @@ -147,3 +198,4 @@ isc_siphash24(const uint8_t *k, U64TO8_LE(out, b); } +#endif /* HAVE_OPENSSL_SIPHASH */