--- /dev/null
+/* -*-c-*-
+ *
+ * $Id: tiger-base.h,v 1.1 2000/07/15 10:02:43 mdw Exp $
+ *
+ * Common definitions for the Tiger hash function
+ *
+ * (c) 2000 Straylight/Edgeware
+ */
+
+/*----- Licensing notice --------------------------------------------------*
+ *
+ * This file is part of Catacomb.
+ *
+ * Catacomb is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Library General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * Catacomb is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Library General Public
+ * License along with Catacomb; if not, write to the Free
+ * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+ * MA 02111-1307, USA.
+ */
+
+/*----- Revision history --------------------------------------------------*
+ *
+ * $Log: tiger-base.h,v $
+ * Revision 1.1 2000/07/15 10:02:43 mdw
+ * Anderson and Biham's Tiger hash function added.
+ *
+ */
+
+#ifndef CATACOMB_TIGER_BASE_H
+#define CATACOMB_TIGER_BASE_H
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/*----- Header files ------------------------------------------------------*/
+
+#include <mLib/bits.h>
+
+/*----- Macros provided ---------------------------------------------------*/
+
+/* --- The guts of a single round --- */
+
+#define TIGER_ROUND(a, b, c, x, n, op) do { \
+ kludge64 _t; \
+ XOR64(c, c, x); \
+ _t = s[0][U8(LO64(c) >> 0)]; \
+ XOR64(_t, _t, s[1][U8(LO64(c) >> 16)]); \
+ XOR64(_t, _t, s[2][U8(HI64(c) >> 0)]); \
+ XOR64(_t, _t, s[3][U8(HI64(c) >> 16)]); \
+ SUB64(a, a, _t); \
+ _t = s[3][U8(LO64(c) >> 8)]; \
+ XOR64(_t, _t, s[2][U8(LO64(c) >> 24)]); \
+ XOR64(_t, _t, s[1][U8(HI64(c) >> 8)]); \
+ XOR64(_t, _t, s[0][U8(HI64(c) >> 24)]); \
+ ADD64(b, b, _t); \
+ LSL64_(_t, b, n); \
+ op##64(b, _t, b); \
+} while (0)
+
+/* --- One pass over the buffer --- */
+
+#define TIGER_PASS(a, b, c, x, n, op) do { \
+ TIGER_ROUND(a, b, c, x[0], n, op); \
+ TIGER_ROUND(b, c, a, x[1], n, op); \
+ TIGER_ROUND(c, a, b, x[2], n, op); \
+ TIGER_ROUND(a, b, c, x[3], n, op); \
+ TIGER_ROUND(b, c, a, x[4], n, op); \
+ TIGER_ROUND(c, a, b, x[5], n, op); \
+ TIGER_ROUND(a, b, c, x[6], n, op); \
+ TIGER_ROUND(b, c, a, x[7], n, op); \
+} while (0)
+
+/* --- A step in the `key schedule' --- */
+
+#define TIGER_KSTEP(a, b, c, d, op, n) do { \
+ kludge64 _u; \
+ XOR64(b, b, a); \
+ ADD64(c, c, b); \
+ CPL64(_u, b); op##64_(_u, _u, n); XOR64(_u, _u, c); SUB64(d, d, _u); \
+} while (0)
+
+/* --- The `key schedule' -- mangle the buffer --- */
+
+#define TIGER_KSCHED(x) do { \
+ kludge64 _t; \
+ \
+ SET64(_t, 0xa5a5a5a5, 0xa5a5a5a5); \
+ XOR64(_t, _t, x[7]); SUB64(x[0], x[0], _t); \
+ TIGER_KSTEP(x[0], x[1], x[2], x[3], LSL, 19); \
+ TIGER_KSTEP(x[3], x[4], x[5], x[6], LSR, 23); \
+ TIGER_KSTEP(x[6], x[7], x[0], x[1], LSL, 19); \
+ TIGER_KSTEP(x[1], x[2], x[3], x[4], LSR, 23); \
+ XOR64(x[5], x[5], x[4]); \
+ ADD64(x[6], x[6], x[5]); \
+ SET64(_t, 0x01234567, 0x89abcdef); \
+ XOR64(_t, _t, x[6]); SUB64(x[7], x[7], _t); \
+} while (0)
+
+/* --- The Tiger compression function --- */
+
+#define TIGER_CORE(a, b, c, x) do { \
+ kludge64 _a, _b, _c; \
+ _a = a, _b = b, _c = c; \
+ TIGER_PASS(_a, _b, _c, x, 2, ADD); \
+ TIGER_KSCHED(x); \
+ TIGER_PASS(_c, _a, _b, x, 3, SUB); \
+ TIGER_KSCHED(x); \
+ TIGER_PASS(_b, _c, _a, x, 3, ADD); \
+ XOR64(a, _a, a); SUB64(b, _b, b); ADD64(c, _c, c); \
+} while (0)
+
+/*----- That's all, folks -------------------------------------------------*/
+
+#ifdef __cplusplus
+ }
+#endif
+
+#endif
--- /dev/null
+/* -*-c-*-
+ *
+ * $Id: tiger-mktab.c,v 1.1 2000/07/15 10:02:43 mdw Exp $
+ *
+ * Generate S-boxes for the Tiger hash function
+ *
+ * (c) 2000 Straylight/Edgeware
+ */
+
+/*----- Licensing notice --------------------------------------------------*
+ *
+ * This file is part of Catacomb.
+ *
+ * Catacomb is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Library General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * Catacomb is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Library General Public
+ * License along with Catacomb; if not, write to the Free
+ * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+ * MA 02111-1307, USA.
+ */
+
+/*----- Revision history --------------------------------------------------*
+ *
+ * $Log: tiger-mktab.c,v $
+ * Revision 1.1 2000/07/15 10:02:43 mdw
+ * Anderson and Biham's Tiger hash function added.
+ *
+ */
+
+/*----- Header files ------------------------------------------------------*/
+
+#include <mLib/bits.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "tiger-base.h"
+
+/*----- Data structures ---------------------------------------------------*/
+
+/*----- Static variables --------------------------------------------------*/
+
+static kludge64 s[4][256];
+
+/*----- Main code ---------------------------------------------------------*/
+
+/* --- The basic Tiger compression function --- */
+
+static void tiger(kludge64 *x, kludge64 *ss)
+{
+ TIGER_CORE(ss[0], ss[1], ss[2], x);
+}
+
+/* --- The S-box generator --- */
+
+void gen(const char *buf, unsigned passes)
+{
+ kludge64 x[8], ss[3];
+ unsigned i, j, k, b;
+ unsigned q, n;
+ uint32 t;
+ const char *p;
+
+ for (i = 0; i < 256; i++) {
+ for (j = 0; j < 4; j++) {
+ uint32 z = 0x01010101 * i;
+ SET64(s[j][i], z, z);
+ }
+ }
+
+ SET64(ss[0], 0x01234567, 0x89abcdef);
+ SET64(ss[1], 0xfedcba98, 0x76543210);
+ SET64(ss[2], 0xf096a5b4, 0xc3b2e187);
+
+ q = 2;
+ for (i = 0; i < passes; i++) {
+ for (j = 0; j < 256; j++) {
+ for (k = 0; k < 4; k++) {
+ q++;
+ if (q == 3) {
+ q = 0;
+ for (p = buf, n = 0; n < 8; n++, p += 8)
+ LOAD64_L_(x[n], p);
+ tiger(x, ss);
+ }
+ for (b = 0; b < 32; b += 8) {
+ n = U8(LO64(ss[q]) >> b);
+ t = (LO64(s[k][j]) ^ LO64(s[k][n])) & (0xff << b);
+ SET64(s[k][j], HI64(s[k][j]), LO64(s[k][j]) ^ t);
+ SET64(s[k][n], HI64(s[k][n]), LO64(s[k][n]) ^ t);
+ }
+ for (b = 0; b < 32; b += 8) {
+ n = U8(HI64(ss[q]) >> b);
+ t = (HI64(s[k][j]) ^ HI64(s[k][n])) & (0xff << b);
+ SET64(s[k][j], HI64(s[k][j]) ^ t, LO64(s[k][j]));
+ SET64(s[k][n], HI64(s[k][n]) ^ t, LO64(s[k][n]));
+ }
+ }
+ }
+ }
+}
+
+int main(void)
+{
+ unsigned i, j;
+
+ gen("Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham", 5);
+
+ fputs("\
+/* -*-c-*-\n\
+ *\n\
+ * S-boxes for Tiger [generated]\n\
+ */\n\
+\n\
+#ifndef CATACOMB_TIGER_TAB_H\n\
+#define CATACOMB_TIGER_TAB_H\n\
+\n\
+#define TIGER_S { \\\n\
+ { ", stdout);
+
+ for (i = 0; i < 4; i++) {
+ for (j = 0; j < 256; j++) {
+#ifdef HAVE_UINT64
+ printf("{ 0x%016llxull }", s[i][j]);
+#else
+ printf("{ 0x%08lx, 0x%08lx }",
+ (unsigned long)s[i][j].hi, (unsigned long)s[i][j].lo);
+#endif
+ if (j == 255) {
+ if (i == 3)
+ fputs(" } \\\n}\n", stdout);
+ else
+ fputs(" }, \\\n\
+ \\\n\
+ { ", stdout);
+ } else if (j % 2 == 1)
+ fputs(", \\\n ", stdout);
+ else
+ fputs(", ", stdout);
+ }
+ }
+
+ fputs("\n#endif\n", stdout);
+
+ if (fclose(stdout)) {
+ fprintf(stderr, "error writing data\n");
+ exit(EXIT_FAILURE);
+ }
+
+ return (0);
+}
+
+/*----- That's all, folks -------------------------------------------------*/
--- /dev/null
+/* -*-c-*-
+ *
+ * $Id: tiger.c,v 1.1 2000/07/15 10:02:43 mdw Exp $
+ *
+ * The Tiger hash function
+ *
+ * (c) 2000 Straylight/Edgeware
+ */
+
+/*----- Licensing notice --------------------------------------------------*
+ *
+ * This file is part of Catacomb.
+ *
+ * Catacomb is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Library General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * Catacomb is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Library General Public
+ * License along with Catacomb; if not, write to the Free
+ * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+ * MA 02111-1307, USA.
+ */
+
+/*----- Revision history --------------------------------------------------*
+ *
+ * $Log: tiger.c,v $
+ * Revision 1.1 2000/07/15 10:02:43 mdw
+ * Anderson and Biham's Tiger hash function added.
+ *
+ */
+
+/*----- Header files ------------------------------------------------------*/
+
+#include <mLib/bits.h>
+
+#include "ghash-def.h"
+#include "hash.h"
+#include "tiger.h"
+#include "tiger-tab.h"
+#include "tiger-base.h"
+
+/*----- S-boxes -----------------------------------------------------------*/
+
+static const kludge64 s[4][256] = TIGER_S;
+
+/*----- Main code ---------------------------------------------------------*/
+
+/* --- @tiger_compress@ --- *
+ *
+ * Arguments: @tiger_ctx *ctx@ = pointer to context block
+ * @const void *sbuf@ = pointer to buffer of appropriate size
+ *
+ * Returns: ---
+ *
+ * Use: Tiger compression function.
+ */
+
+void tiger_compress(tiger_ctx *ctx, const void *sbuf)
+{
+ kludge64 x[8];
+ int i;
+ const octet *p;
+ for (i = 0, p = sbuf; i < 8; i++, p += 8)
+ LOAD64_L_(x[i], p);
+ TIGER_CORE(ctx->a, ctx->b, ctx->c, x);
+}
+
+/* --- @tiger_init@ --- *
+ *
+ * Arguments: @tiger_ctx *ctx@ = pointer to context block to initialize
+ *
+ * Returns: ---
+ *
+ * Use: Initializes a context block ready for hashing.
+ */
+
+void tiger_init(tiger_ctx *ctx)
+{
+ SET64(ctx->a, 0x01234567, 0x89abcdef);
+ SET64(ctx->b, 0xfedcba98, 0x76543210);
+ SET64(ctx->c, 0xf096a5b4, 0xc3b2e187);
+ ctx->off = 0;
+ ctx->nl = ctx->nh = 0;
+}
+
+/* --- @tiger_set@ --- *
+ *
+ * Arguments: @tiger_ctx *ctx@ = pointer to context block
+ * @const void *buf@ = pointer to state buffer
+ * @unsigned long count@ = current count of bytes processed
+ *
+ * Returns: ---
+ *
+ * Use: Initializes a context block from a given state. This is
+ * useful in cases where the initial hash state is meant to be
+ * secret, e.g., for NMAC and HMAC support.
+ */
+
+void tiger_set(tiger_ctx *ctx, const void *buf, unsigned long count)
+{
+ const octet *p = buf;
+ LOAD64_L_(ctx->a, p + 0);
+ LOAD64_L_(ctx->b, p + 8);
+ LOAD64_L_(ctx->c, p + 16);
+ ctx->off = 0;
+ ctx->nl = U32(count);
+ ctx->nh = U32(((count & ~MASK32) >> 16) >> 16);
+}
+
+/* --- @tiger_hash@ --- *
+ *
+ * Arguments: @tiger_ctx *ctx@ = pointer to context block
+ * @const void *buf@ = buffer of data to hash
+ * @size_t sz@ = size of buffer to hash
+ *
+ * Returns: ---
+ *
+ * Use: Hashes a buffer of data. The buffer may be of any size and
+ * alignment.
+ */
+
+void tiger_hash(tiger_ctx *ctx, const void *buf, size_t sz)
+{
+ HASH_BUFFER(TIGER, tiger, ctx, buf, sz);
+}
+
+/* --- @tiger_done@ --- *
+ *
+ * Arguments: @tiger_ctx *ctx@ = pointer to context block
+ * @void *hash@ = pointer to output buffer
+ *
+ * Returns: ---
+ *
+ * Use: Returns the hash of the data read so far.
+ */
+
+void tiger_done(tiger_ctx *ctx, void *hash)
+{
+ octet *p = hash;
+ HASH_PAD(TIGER, tiger, ctx, 0x01u, 0, 8);
+ STORE32_L(ctx->buf + TIGER_BUFSZ - 8, ctx->nl << 3);
+ STORE32_L(ctx->buf + TIGER_BUFSZ - 4, (ctx->nl >> 29) | (ctx->nh << 3));
+ tiger_compress(ctx, ctx->buf);
+ STORE64_L_(p + 0, ctx->a);
+ STORE64_L_(p + 8, ctx->b);
+ STORE64_L_(p + 16, ctx->c);
+}
+
+/* --- @tiger_state@ --- *
+ *
+ * Arguments: @tiger_ctx *ctx@ = pointer to context
+ * @void *state@ = pointer to buffer for current state
+ *
+ * Returns: Number of bytes written to the hash function so far.
+ *
+ * Use: Returns the current state of the hash function such that
+ * it can be passed to @tiger_set@.
+ */
+
+unsigned long tiger_state(tiger_ctx *ctx, void *state)
+{
+ octet *p = state;
+ STORE64_L_(p + 0, ctx->a);
+ STORE64_L_(p + 8, ctx->b);
+ STORE64_L_(p + 16, ctx->c);
+ return (ctx->nl | ((ctx->nh << 16) << 16));
+}
+
+/* --- Generic interface --- */
+
+GHASH_DEF(TIGER, tiger)
+
+/* --- Test code --- */
+
+HASH_TEST(TIGER, tiger)
+
+/*----- That's all, folks -------------------------------------------------*/
--- /dev/null
+/* -*-c-*-
+ *
+ * $Id: tiger.h,v 1.1 2000/07/15 10:02:43 mdw Exp $
+ *
+ * The Tiger hash function
+ *
+ * (c) 2000 Straylight/Edgeware
+ */
+
+/*----- Licensing notice --------------------------------------------------*
+ *
+ * This file is part of Catacomb.
+ *
+ * Catacomb is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Library General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * Catacomb is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Library General Public
+ * License along with Catacomb; if not, write to the Free
+ * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+ * MA 02111-1307, USA.
+ */
+
+/*----- Revision history --------------------------------------------------*
+ *
+ * $Log: tiger.h,v $
+ * Revision 1.1 2000/07/15 10:02:43 mdw
+ * Anderson and Biham's Tiger hash function added.
+ *
+ */
+
+/*----- Notes on the Tiger hash function ----------------------------------*
+ *
+ * Tiger was designed by Eli Biham and Ross Anderson to be an efficient and
+ * secure hash function which worked well on 64-bit processors. This
+ * implementation should work everywhere, but it'll be faster if real 64-bit
+ * arithmetic is available.
+ *
+ * I don't know of any really good analysis of Tiger.
+ */
+
+#ifndef CATACOMB_TIGER_H
+#define CATACOMB_TIGER_H
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/*----- Header files ------------------------------------------------------*/
+
+#include <mLib/bits.h>
+
+#ifndef CATACOMB_GHASH_H
+# include "ghash.h"
+#endif
+
+/*----- Magic numbers -----------------------------------------------------*/
+
+#define TIGER_BUFSZ 64
+#define TIGER_HASHSZ 24
+
+/*----- Data structures ---------------------------------------------------*/
+
+typedef struct tiger_ctx {
+ kludge64 a, b, c; /* Chaining variables */
+ uint32 nl, nh; /* Byte count so far */
+ unsigned off; /* Offset into buffer */
+ octet buf[TIGER_BUFSZ]; /* Accumulation buffer */
+} tiger_ctx;
+
+/*----- Functions provided ------------------------------------------------*/
+
+/* --- @tiger_compress@ --- *
+ *
+ * Arguments: @tiger_ctx *ctx@ = pointer to context block
+ * @const void *sbuf@ = pointer to buffer of appropriate size
+ *
+ * Returns: ---
+ *
+ * Use: Tiger compression function.
+ */
+
+extern void tiger_compress(tiger_ctx */*ctx*/, const void */*sbuf*/);
+
+/* --- @tiger_init@ --- *
+ *
+ * Arguments: @tiger_ctx *ctx@ = pointer to context block to initialize
+ *
+ * Returns: ---
+ *
+ * Use: Initializes a context block ready for hashing.
+ */
+
+extern void tiger_init(tiger_ctx */*ctx*/);
+
+/* --- @tiger_set@ --- *
+ *
+ * Arguments: @tiger_ctx *ctx@ = pointer to context block
+ * @const void *buf@ = pointer to state buffer
+ * @unsigned long count@ = current count of bytes processed
+ *
+ * Returns: ---
+ *
+ * Use: Initializes a context block from a given state. This is
+ * useful in cases where the initial hash state is meant to be
+ * secret, e.g., for NMAC and HMAC support.
+ */
+
+extern void tiger_set(tiger_ctx */*ctx*/, const void */*buf*/,
+ unsigned long /*count*/);
+
+/* --- @tiger_hash@ --- *
+ *
+ * Arguments: @tiger_ctx *ctx@ = pointer to context block
+ * @const void *buf@ = buffer of data to hash
+ * @size_t sz@ = size of buffer to hash
+ *
+ * Returns: ---
+ *
+ * Use: Hashes a buffer of data. The buffer may be of any size and
+ * alignment.
+ */
+
+extern void tiger_hash(tiger_ctx */*ctx*/, const void */*buf*/, size_t /*sz*/);
+
+/* --- @tiger_done@ --- *
+ *
+ * Arguments: @tiger_ctx *ctx@ = pointer to context block
+ * @void *hash@ = pointer to output buffer
+ *
+ * Returns: ---
+ *
+ * Use: Returns the hash of the data read so far.
+ */
+
+extern void tiger_done(tiger_ctx */*ctx*/, void */*hash*/);
+
+/* --- @tiger_state@ --- *
+ *
+ * Arguments: @tiger_ctx *ctx@ = pointer to context
+ * @void *state@ = pointer to buffer for current state
+ *
+ * Returns: Number of bytes written to the hash function so far.
+ *
+ * Use: Returns the current state of the hash function such that
+ * it can be passed to @tiger_set@.
+ */
+
+extern unsigned long tiger_state(tiger_ctx */*ctx*/, void */*state*/);
+
+/*----- Generic hash interface --------------------------------------------*/
+
+extern const gchash tiger;
+
+/*----- That's all, folks -------------------------------------------------*/
+
+#ifdef __cplusplus
+ }
+#endif
+
+#endif