26#ifndef CRYPTOPP_SIPHASH_H
27#define CRYPTOPP_SIPHASH_H
38template <
bool T_128bit>
42 CRYPTOPP_STATIC_CONSTEXPR
const char* StaticAlgorithmName() {
return "SipHash";}
43 CRYPTOPP_CONSTANT(DIGESTSIZE = (T_128bit ? 16 : 8));
50template <
unsigned int C,
unsigned int D,
bool T_128bit>
54 static std::string StaticAlgorithmName() {
58 virtual ~SipHash_Base() {}
60 SipHash_Base() : m_idx(0) {}
63 {
return SipHash_Info<T_128bit>::DIGESTSIZE;}
81 virtual void Update(
const byte *input,
size_t length);
86 virtual void UncheckedSetKey(
const byte *key,
unsigned int length,
const NameValuePairs ¶ms);
87 virtual void Restart();
89 inline void SIPROUND()
141template <
unsigned int C=2,
unsigned int D=4,
bool T_128bit=false>
142class SipHash :
public SipHash_Base<C, D, T_128bit>
152 {this->ThrowIfInvalidKeyLength(length);
156template <
unsigned int C,
unsigned int D,
bool T_128bit>
164 size_t head =
STDMIN(
size_t(8U-m_idx), length);
165 std::memcpy(m_acc+m_idx, input, head);
166 m_idx += head; input += head; length -= head;
172 for (
unsigned int i = 0; i < C; ++i)
186 for (
unsigned int i = 0; i < C; ++i)
197 size_t tail = length % 8;
200 std::memcpy(m_acc+m_idx, input, tail);
205template <
unsigned int C,
unsigned int D,
bool T_128bit>
210 ThrowIfInvalidTruncatedSize(digestSize);
213 m_b[0] += m_idx; m_b[0] <<= 56U;
217 m_b[0] |= ((
word64)m_acc[6]) << 48;
220 m_b[0] |= ((
word64)m_acc[5]) << 40;
223 m_b[0] |= ((
word64)m_acc[4]) << 32;
226 m_b[0] |= ((
word64)m_acc[3]) << 24;
229 m_b[0] |= ((
word64)m_acc[2]) << 16;
232 m_b[0] |= ((
word64)m_acc[1]) << 8;
235 m_b[0] |= ((
word64)m_acc[0]);
243 for (
unsigned int i=0; i<C; i++)
253 for (
unsigned int i=0; i<D; i++)
256 m_b[0] = m_v[0] ^ m_v[1] ^ m_v[2] ^ m_v[3];
262 for (
unsigned int i = 0; i<D; ++i)
265 m_b[1] = m_v[0] ^ m_v[1] ^ m_v[2] ^ m_v[3];
269 memcpy_s(digest, digestSize, m_b.begin(),
STDMIN(digestSize, (
size_t)SipHash_Info<T_128bit>::DIGESTSIZE));
273template <
unsigned int C,
unsigned int D,
bool T_128bit>
274void SipHash_Base<C,D,T_128bit>::UncheckedSetKey(
const byte *key,
unsigned int length,
const NameValuePairs ¶ms)
276 CRYPTOPP_UNUSED(params);
290template <
unsigned int C,
unsigned int D,
bool T_128bit>
291void SipHash_Base<C,D,T_128bit>::Restart ()
293 m_v[0] =
W64LIT(0x736f6d6570736575);
294 m_v[1] =
W64LIT(0x646f72616e646f6d);
295 m_v[2] =
W64LIT(0x6c7967656e657261);
296 m_v[3] =
W64LIT(0x7465646279746573);
Inherited by keyed algorithms with fixed key length.
static const int MIN_KEYLENGTH
static const int DEFAULT_KEYLENGTH
static const int MAX_KEYLENGTH
Fixed size stack-based SecBlock.
Interface for message authentication codes.
Interface for retrieving values given their names.
IV_Requirement
Secure IVs requirements as enumerated values.
@ NOT_RESYNCHRONIZABLE
The object does not use an IV.
virtual IV_Requirement IVRequirement() const
Minimal requirement for secure IVs.
virtual void TruncatedFinal(byte *digest, size_t digestSize)
Computes the hash of the current message.
virtual unsigned int IVSize() const
Returns length of the IV accepted by this object.
virtual size_t MinKeyLength() const
Returns smallest valid key length.
virtual unsigned int OptimalBlockSize() const
Provides the input block size most efficient for this hash.
virtual void Update(const byte *input, size_t length)
Updates a hash with additional input.
virtual unsigned int DigestSize() const
Provides the digest size of the hash.
virtual size_t DefaultKeyLength() const
Returns default key length.
virtual size_t MaxKeyLength() const
Returns largest valid key length.
virtual size_t GetValidKeyLength(size_t keylength) const
Returns a valid key length for the algorithm.
virtual unsigned int OptimalDataAlignment() const
Provides input and output data alignment for optimal performance.
SipHash message authentication code information.
SipHash(const byte *key, unsigned int length)
Create a SipHash.
SipHash()
Create a SipHash.
#define W64LIT(x)
Declare an unsigned word64.
unsigned long long word64
64-bit unsigned datatype
Abstract base classes that provide a uniform interface to this library.
const NameValuePairs & g_nullNameValuePairs
An empty set of name-value pairs.
@ LITTLE_ENDIAN_ORDER
byte order is little-endian
Utility functions for the Crypto++ library.
T rotlConstant(T x)
Performs a left rotate.
T GetWord(bool assumeAligned, ByteOrder order, const byte *block)
Access a block of memory.
void memcpy_s(void *dest, size_t sizeInBytes, const void *src, size_t count)
Bounds checking replacement for memcpy()
const T & STDMIN(const T &a, const T &b)
Replacement function for std::min.
std::string IntToString(T value, unsigned int base=10)
Converts a value to a string.
T ConditionalByteReverse(ByteOrder order, T value)
Reverses bytes in a value depending upon endianness.
unsigned int GetAlignmentOf()
Returns the minimum alignment requirements of a type.
Crypto++ library namespace.
Classes and functions for secure memory allocations.
Classes and functions for implementing secret key algorithms.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.