Provide apr_siphash*() functions family.

git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1763672 13f79535-47bb-0310-9956-ffa450edef68

CHANGES

@@ -1,6 +1,8 @@
                                                      -*- coding: utf-8 -*-
 Changes for APR 2.0.0
 
+  *) apr_siphash: Implement keyed hash function SipHash.  [Yann Ylavic]
+
   *) apr_atomic: change the API of apr_atomic_casptr() apr_atomic_xchgptr()
      functions to take a volatile pointer to void instead of pointer to
      volatile void.  [Yann Ylavic]

CMakeLists.txt

@@ -195,6 +195,7 @@ SET(APR_PUBLIC_HEADERS_STATIC
   include/apr_sha1.h
   include/apr_shm.h
   include/apr_signal.h
+  include/apr_siphash.h
   include/apr_skiplist.h
   include/apr_strings.h
   include/apr_strmatch.h
@@ -241,6 +242,7 @@ SET(APR_SOURCES
   crypto/apr_md5.c
   crypto/apr_passwd.c
   crypto/apr_sha1.c
+  crypto/apr_siphash.c
   crypto/crypt_blowfish.c
   crypto/getuuid.c
   crypto/uuid.c

NWGNUmakefile

@@ -324,6 +324,7 @@ FILES_lib_objs = \
 	$(OBJDIR)/apr_reslist.o \
 	$(OBJDIR)/apr_rmm.o \
 	$(OBJDIR)/apr_sha1.o \
+	$(OBJDIR)/apr_siphash.o \
  	$(OBJDIR)/apr_skiplist.o \
 	$(OBJDIR)/apr_snprintf.o \
 	$(OBJDIR)/apr_strings.o \

build.conf

@@ -15,6 +15,7 @@ paths =
   crypto/apr_md5.c
   crypto/apr_passwd.c
   crypto/apr_sha1.c
+  crypto/apr_siphash.c
   crypto/getuuid.c
   crypto/uuid.c
   crypto/crypt_blowfish.c

crypto/apr_siphash.c

@@ -0,0 +1,196 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * SipHash (C reference implementation, APR-ized), originating from:
+ *      https://131002.net/siphash/siphash24.c.
+ */
+
+#include "apr_siphash.h"
+
+#define ROTL64(x, n) (((x) << (n)) | ((x) >> (64 - (n))))
+
+#define U8TO64_LE(p) \
+    (((apr_uint64_t)((p)[0])      ) | \
+     ((apr_uint64_t)((p)[1]) <<  8) | \
+     ((apr_uint64_t)((p)[2]) << 16) | \
+     ((apr_uint64_t)((p)[3]) << 24) | \
+     ((apr_uint64_t)((p)[4]) << 32) | \
+     ((apr_uint64_t)((p)[5]) << 40) | \
+     ((apr_uint64_t)((p)[6]) << 48) | \
+     ((apr_uint64_t)((p)[7]) << 56))
+
+#define U64TO8_LE(p, v) \
+do { \
+    (p)[0] = (unsigned char)((v)      ); \
+    (p)[1] = (unsigned char)((v) >>  8); \
+    (p)[2] = (unsigned char)((v) >> 16); \
+    (p)[3] = (unsigned char)((v) >> 24); \
+    (p)[4] = (unsigned char)((v) >> 32); \
+    (p)[5] = (unsigned char)((v) >> 40); \
+    (p)[6] = (unsigned char)((v) >> 48); \
+    (p)[7] = (unsigned char)((v) >> 56); \
+} while (0)
+
+#define SIPROUND() \
+do { \
+    v0 += v1; v1=ROTL64(v1,13); v1 ^= v0; v0=ROTL64(v0,32); \
+    v2 += v3; v3=ROTL64(v3,16); v3 ^= v2; \
+    v0 += v3; v3=ROTL64(v3,21); v3 ^= v0; \
+    v2 += v1; v1=ROTL64(v1,17); v1 ^= v2; v2=ROTL64(v2,32); \
+} while(0)
+
+#define SIPHASH(r, s, n, k) \
+do { \
+    const unsigned char *ptr, *end; \
+    apr_uint64_t v0, v1, v2, v3, m; \
+    apr_uint64_t k0, k1; \
+    unsigned int rem; \
+    \
+    k0 = U8TO64_LE(k + 0); \
+    k1 = U8TO64_LE(k + 8); \
+    v3 = k1 ^ (apr_uint64_t)0x7465646279746573ULL; \
+    v2 = k0 ^ (apr_uint64_t)0x6c7967656e657261ULL; \
+    v1 = k1 ^ (apr_uint64_t)0x646f72616e646f6dULL; \
+    v0 = k0 ^ (apr_uint64_t)0x736f6d6570736575ULL; \
+    \
+    rem = (unsigned int)(n & 0x7); \
+    for (ptr = s, end = ptr + n - rem; ptr < end; ptr += 8) { \
+        m = U8TO64_LE(ptr); \
+        v3 ^= m; \
+        cROUNDS \
+        v0 ^= m; \
+    } \
+    m = (apr_uint64_t)(n & 0xff) << 56; \
+    switch (rem) { \
+        case 7: m |= (apr_uint64_t)ptr[6] << 48; \
+        case 6: m |= (apr_uint64_t)ptr[5] << 40; \
+        case 5: m |= (apr_uint64_t)ptr[4] << 32; \
+        case 4: m |= (apr_uint64_t)ptr[3] << 24; \
+        case 3: m |= (apr_uint64_t)ptr[2] << 16; \
+        case 2: m |= (apr_uint64_t)ptr[1] << 8; \
+        case 1: m |= (apr_uint64_t)ptr[0]; \
+        case 0: break; \
+    } \
+    v3 ^= m; \
+    cROUNDS \
+    v0 ^= m; \
+    \
+    v2 ^= 0xff; \
+    dROUNDS \
+    \
+    r = v0 ^ v1 ^ v2 ^ v3; \
+} while (0)
+
+APR_DECLARE(apr_uint64_t) apr_siphash(const void *src, apr_size_t len,
+                              const unsigned char key[APR_SIPHASH_KSIZE],
+                                      unsigned int c, unsigned int d)
+{
+    apr_uint64_t h;
+    unsigned int i;
+
+#undef  cROUNDS
+#define cROUNDS \
+        for (i = 0; i < c; ++i) { \
+            SIPROUND(); \
+        }
+
+#undef  dROUNDS
+#define dROUNDS \
+        for (i = 0; i < d; ++i) { \
+            SIPROUND(); \
+        }
+
+    SIPHASH(h, src, len, key);
+    return h;
+}
+
+APR_DECLARE(void) apr_siphash_auth(unsigned char out[APR_SIPHASH_DSIZE],
+                                   const void *src, apr_size_t len,
+                             const unsigned char key[APR_SIPHASH_KSIZE],
+                                   unsigned int c, unsigned int d)
+{
+    apr_uint64_t h;
+    h = apr_siphash(src, len, key, c, d);
+    U64TO8_LE(out, h);
+}
+
+APR_DECLARE(apr_uint64_t) apr_siphash24(const void *src, apr_size_t len,
+                               const unsigned char key[APR_SIPHASH_KSIZE])
+{
+    apr_uint64_t h;
+
+#undef  cROUNDS
+#define cROUNDS \
+        SIPROUND(); \
+        SIPROUND();
+
+#undef  dROUNDS
+#define dROUNDS \
+        SIPROUND(); \
+        SIPROUND(); \
+        SIPROUND(); \
+        SIPROUND();
+
+    SIPHASH(h, src, len, key);
+    return h;
+}
+
+APR_DECLARE(void) apr_siphash24_auth(unsigned char out[APR_SIPHASH_DSIZE],
+                                     const void *src, apr_size_t len,
+                               const unsigned char key[APR_SIPHASH_KSIZE])
+{
+    apr_uint64_t h;
+    h = apr_siphash24(src, len, key);
+    U64TO8_LE(out, h);
+}
+
+APR_DECLARE(apr_uint64_t) apr_siphash48(const void *src, apr_size_t len,
+                               const unsigned char key[APR_SIPHASH_KSIZE])
+{
+    apr_uint64_t h;
+
+#undef  cROUNDS
+#define cROUNDS \
+        SIPROUND(); \
+        SIPROUND(); \
+        SIPROUND(); \
+        SIPROUND();
+
+#undef  dROUNDS
+#define dROUNDS \
+        SIPROUND(); \
+        SIPROUND(); \
+        SIPROUND(); \
+        SIPROUND(); \
+        SIPROUND(); \
+        SIPROUND(); \
+        SIPROUND(); \
+        SIPROUND();
+
+    SIPHASH(h, src, len, key);
+    return h;
+}
+
+APR_DECLARE(void) apr_siphash48_auth(unsigned char out[APR_SIPHASH_DSIZE],
+                                     const void *src, apr_size_t len,
+                               const unsigned char key[APR_SIPHASH_KSIZE])
+{
+    apr_uint64_t h;
+    h = apr_siphash48(src, len, key);
+    U64TO8_LE(out, h);
+}
+

include/apr_siphash.h

@@ -0,0 +1,147 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+   SipHash reference C implementation
+   Copyright (c) 2012-2014 Jean-Philippe Aumasson
+   <[email protected]>
+   Copyright (c) 2012-2014 Daniel J. Bernstein <[email protected]>
+   To the extent possible under law, the author(s) have dedicated all copyright
+   and related and neighboring rights to this software to the public domain
+   worldwide. This software is distributed without any warranty.
+   You should have received a copy of the CC0 Public Domain Dedication along
+   with this software. If not, see
+   <http://creativecommons.org/publicdomain/zero/1.0/>.
+ */
+
+#ifndef APR_SIPHASH_H
+#define APR_SIPHASH_H
+
+#include "apr.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @file apr_siphash.h
+ * @brief APR-UTIL siphash library
+ *        "SipHash-c-d is a family of pseudorandom functions (a.k.a. keyed
+ *        hash functions) optimized for speed on short messages", designed by
+ *        Jean-Philippe Aumasson and Daniel J. Bernstein. It generates a 64bit
+ *        hash (or MAC) from the message and a 128bit key.
+ *        See http://cr.yp.to/siphash/siphash-20120620.pdf for the details,
+ *        c is the number of compression rounds, d the number of finalization
+ *        rounds; we also define fast implementations for c = 2 with d = 4 (aka
+ *        siphash-2-4), and c = 4 with d = 8 (aka siphash-4-8), as recommended
+ *        parameters per the authors.
+ */
+
+/** size of the siphash digest */
+#define APR_SIPHASH_DSIZE 8
+
+/** size of the siphash key */
+#define APR_SIPHASH_KSIZE 16
+
+
+/**
+ * @brief Computes SipHash-c-d, producing a 64bit (APR_SIPHASH_DSIZE) hash
+ * from a message and a 128bit (APR_SIPHASH_KSIZE) secret key.
+ * @param src The message
+ * @param len The length of the message
+ * @param key The secret key
+ * @param c   The number of compression rounds
+ * @param d   The number of finalization rounds
+ * @return The hash value as a 64bit unsigned integer
+ */
+APR_DECLARE(apr_uint64_t) apr_siphash(const void *src, apr_size_t len,
+                              const unsigned char key[APR_SIPHASH_KSIZE],
+                                      unsigned int c, unsigned int d);
+
+/**
+ * @brief Computes SipHash-c-d, producing a 64bit (APR_SIPHASH_DSIZE) hash
+ * from a message and a 128bit (APR_SIPHASH_KSIZE) secret key, into a possibly
+ * unaligned buffer (using the little endian representation as defined by the
+ * authors for interoperabilty) usable as a MAC.
+ * @param out The output buffer (or MAC)
+ * @param src The message
+ * @param len The length of the message
+ * @param key The secret key
+ * @param c   The number of compression rounds
+ * @param d   The number of finalization rounds
+ * @return The hash value as a 64bit unsigned integer
+ */
+APR_DECLARE(void) apr_siphash_auth(unsigned char out[APR_SIPHASH_DSIZE],
+                                   const void *src, apr_size_t len,
+                             const unsigned char key[APR_SIPHASH_KSIZE],
+                                   unsigned int c, unsigned int d);
+
+/**
+ * @brief Computes SipHash-2-4, producing a 64bit (APR_SIPHASH_DSIZE) hash
+ * from a message and a 128bit (APR_SIPHASH_KSIZE) secret key.
+ * @param src The message to hash
+ * @param len The length of the message
+ * @param key The secret key
+ * @return The hash value as a 64bit unsigned integer
+ */
+APR_DECLARE(apr_uint64_t) apr_siphash24(const void *src, apr_size_t len,
+                               const unsigned char key[APR_SIPHASH_KSIZE]);
+
+/**
+ * @brief Computes SipHash-2-4, producing a 64bit (APR_SIPHASH_DSIZE) hash
+ * from a message and a 128bit (APR_SIPHASH_KSIZE) secret key, into a possibly
+ * unaligned buffer (using the little endian representation as defined by the
+ * authors for interoperabilty) usable as a MAC.
+ * @param out The output buffer (or MAC)
+ * @param src The message
+ * @param len The length of the message
+ * @param key The secret key
+ * @return The hash value as a 64bit unsigned integer
+ */
+APR_DECLARE(void) apr_siphash24_auth(unsigned char out[APR_SIPHASH_DSIZE],
+                                     const void *src, apr_size_t len,
+                               const unsigned char key[APR_SIPHASH_KSIZE]);
+
+/**
+ * @brief Computes SipHash-4-8, producing a 64bit (APR_SIPHASH_DSIZE) hash
+ * from a message and a 128bit (APR_SIPHASH_KSIZE) secret key.
+ * @param src The message
+ * @param len The length of the message
+ * @param key The secret key
+ * @return The hash value as a 64bit unsigned integer
+ */
+APR_DECLARE(apr_uint64_t) apr_siphash48(const void *src, apr_size_t len,
+                               const unsigned char key[APR_SIPHASH_KSIZE]);
+
+/**
+ * @brief Computes SipHash-4-8, producing a 64bit (APR_SIPHASH_DSIZE) hash
+ * from a message and a 128bit (APR_SIPHASH_KSIZE) secret key, into a possibly
+ * unaligned buffer (using the little endian representation as defined by the
+ * authors for interoperabilty) usable as a MAC.
+ * @param out The output buffer (or MAC)
+ * @param src The message
+ * @param len The length of the message
+ * @param key The secret key
+ * @return The hash value as a 64bit unsigned integer
+ */
+APR_DECLARE(void) apr_siphash48_auth(unsigned char out[APR_SIPHASH_DSIZE],
+                                     const void *src, apr_size_t len,
+                               const unsigned char key[APR_SIPHASH_KSIZE]);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif  /* APR_SIPHASH_H */