mirror of
https://github.com/isc-projects/bind9.git
synced 2026-05-27 12:13:20 -04:00
6175577210
SipHash-2-4 was designed as a conservative PRF/MAC with extra rounds against future attacks. For hash tables, where outputs are never exposed, SipHash-1-3 provides sufficient collision resistance with fewer rounds. As the SipHash author noted: "I would be very surprised if SipHash-1-3 introduced weaknesses for hash tables." DNS cookies continue to use SipHash-2-4 since cookie values are sent on the wire and must resist online attacks.
98 lines
2.3 KiB
C
98 lines
2.3 KiB
C
/*
|
|
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
*
|
|
* SPDX-License-Identifier: MPL-2.0
|
|
*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
|
|
*
|
|
* See the COPYRIGHT file distributed with this work for additional
|
|
* information regarding copyright ownership.
|
|
*/
|
|
|
|
#include <inttypes.h>
|
|
#include <stdbool.h>
|
|
#include <stddef.h>
|
|
|
|
#include <isc/ascii.h>
|
|
#include <isc/hash.h> /* IWYU pragma: keep */
|
|
#include <isc/random.h>
|
|
#include <isc/result.h>
|
|
#include <isc/siphash.h>
|
|
#include <isc/string.h>
|
|
#include <isc/types.h>
|
|
#include <isc/util.h>
|
|
|
|
static uint8_t isc_hash_key[16];
|
|
|
|
void
|
|
isc__hash_initialize(void) {
|
|
/*
|
|
* Set a constant key to help in problem reproduction should
|
|
* fuzzing find a crash or a hang.
|
|
*/
|
|
uint8_t key[16] = { 1 };
|
|
#if !FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
|
|
isc_random_buf(key, sizeof(key));
|
|
#endif /* if FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION */
|
|
STATIC_ASSERT(sizeof(key) >= sizeof(isc_hash_key),
|
|
"sizeof(key) < sizeof(isc_hash_key)");
|
|
memmove(isc_hash_key, key, sizeof(isc_hash_key));
|
|
}
|
|
|
|
const void *
|
|
isc_hash_get_initializer(void) {
|
|
return isc_hash_key;
|
|
}
|
|
|
|
void
|
|
isc_hash_set_initializer(const void *initializer) {
|
|
REQUIRE(initializer != NULL);
|
|
|
|
memmove(isc_hash_key, initializer, sizeof(isc_hash_key));
|
|
}
|
|
|
|
void
|
|
isc_hash32_init(isc_hash32_t *restrict state) {
|
|
isc_halfsiphash13_init(state, isc_hash_key);
|
|
}
|
|
|
|
void
|
|
isc_hash32_hash(isc_hash32_t *restrict state, const void *data,
|
|
const size_t length, const bool case_sensitive) {
|
|
REQUIRE(length == 0 || data != NULL);
|
|
|
|
isc_halfsiphash13_hash(state, data, length, case_sensitive);
|
|
}
|
|
|
|
uint32_t
|
|
isc_hash32_finalize(isc_hash32_t *restrict state) {
|
|
uint32_t hval;
|
|
|
|
isc_halfsiphash13_finalize(state, (uint8_t *)&hval);
|
|
|
|
return hval;
|
|
}
|
|
|
|
void
|
|
isc_hash64_init(isc_hash64_t *restrict state) {
|
|
isc_siphash13_init(state, isc_hash_key);
|
|
}
|
|
|
|
void
|
|
isc_hash64_hash(isc_hash64_t *restrict state, const void *data,
|
|
const size_t length, const bool case_sensitive) {
|
|
REQUIRE(length == 0 || data != NULL);
|
|
|
|
isc_siphash13_hash(state, data, length, case_sensitive);
|
|
}
|
|
|
|
uint64_t
|
|
isc_hash64_finalize(isc_hash64_t *restrict state) {
|
|
uint64_t hval;
|
|
|
|
isc_siphash13_finalize(state, (uint8_t *)&hval);
|
|
|
|
return hval;
|
|
}
|