diff options
| author | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2017-01-20 06:01:23 +0000 |
|---|---|---|
| committer | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2017-01-20 06:01:23 +0000 |
| commit | 8dad908c6ca6e7ceb9d909e7a0dce244d05374f1 (patch) | |
| tree | 8e11bfd8fef3f67d53e54c76d6c74899930918b8 /siphash.c | |
| parent | 51665dbfd6642b18130ea23a84f7dc2f98453b29 (diff) | |
| download | ruby-8dad908c6ca6e7ceb9d909e7a0dce244d05374f1.tar.gz | |
switch SipHash from SipHash24 to SipHash13 variant
SipHash13 is secure enough to be used in hash-tables,
and SipHash's author confirms that.
Rust already considered switch to SipHash13:
https://github.com/rust-lang/rust/issues/29754#issue-116174313
Jean-Philippe Aumasson confirmation:
https://github.com/rust-lang/rust/issues/29754#issuecomment-156073946
Merged pull request:
https://github.com/rust-lang/rust/pull/33940
From: Sokolov Yura aka funny_falcon <funny.falcon@gmail.com>
Date: Thu, 8 Dec 2016 20:31:29 +0300
Signed-off-by: Urabe, Shyouhei <shyouhei@ruby-lang.org>
Fixes: [Feature #13017]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57382 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'siphash.c')
| -rw-r--r-- | siphash.c | 12 |
1 files changed, 5 insertions, 7 deletions
@@ -386,16 +386,15 @@ sip_hash_dump(sip_hash *h) } #endif /* SIP_HASH_STREAMING */ -#define SIP_2_ROUND(m, v0, v1, v2, v3) \ +#define SIP_ROUND(m, v0, v1, v2, v3) \ do { \ XOR64_TO((v3), (m)); \ SIP_COMPRESS(v0, v1, v2, v3); \ - SIP_COMPRESS(v0, v1, v2, v3); \ XOR64_TO((v0), (m)); \ } while (0) uint64_t -sip_hash24(const uint8_t key[16], const uint8_t *data, size_t len) +sip_hash13(const uint8_t key[16], const uint8_t *data, size_t len) { uint64_t k0, k1; uint64_t v0, v1, v2, v3; @@ -415,13 +414,13 @@ sip_hash24(const uint8_t key[16], const uint8_t *data, size_t len) uint64_t *data64 = (uint64_t *)data; while (data64 != (uint64_t *) end) { m = *data64++; - SIP_2_ROUND(m, v0, v1, v2, v3); + SIP_ROUND(m, v0, v1, v2, v3); } } #else for (; data != end; data += sizeof(uint64_t)) { m = U8TO64_LE(data); - SIP_2_ROUND(m, v0, v1, v2, v3); + SIP_ROUND(m, v0, v1, v2, v3); } #endif @@ -468,14 +467,13 @@ sip_hash24(const uint8_t key[16], const uint8_t *data, size_t len) break; } - SIP_2_ROUND(last, v0, v1, v2, v3); + SIP_ROUND(last, v0, v1, v2, v3); XOR64_INT(v2, 0xff); SIP_COMPRESS(v0, v1, v2, v3); SIP_COMPRESS(v0, v1, v2, v3); SIP_COMPRESS(v0, v1, v2, v3); - SIP_COMPRESS(v0, v1, v2, v3); XOR64_TO(v0, v1); XOR64_TO(v0, v2); |