From eeccf7a8e367658a05c437b9aee14026a1706535 Mon Sep 17 00:00:00 2001 From: mdw Date: Sat, 15 Jul 2000 10:02:43 +0000 Subject: [PATCH] Anderson and Biham's Tiger hash function added. --- tiger-base.h | 128 ++++++++++++++++++++++++++++++++++++++++ tiger-mktab.c | 161 +++++++++++++++++++++++++++++++++++++++++++++++++++ tiger.c | 183 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ tiger.h | 167 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 639 insertions(+) create mode 100644 tiger-base.h create mode 100644 tiger-mktab.c create mode 100644 tiger.c create mode 100644 tiger.h diff --git a/tiger-base.h b/tiger-base.h new file mode 100644 index 0000000..affd4dc --- /dev/null +++ b/tiger-base.h @@ -0,0 +1,128 @@ +/* -*-c-*- + * + * $Id: tiger-base.h,v 1.1 2000/07/15 10:02:43 mdw Exp $ + * + * Common definitions for the Tiger hash function + * + * (c) 2000 Straylight/Edgeware + */ + +/*----- Licensing notice --------------------------------------------------* + * + * This file is part of Catacomb. + * + * Catacomb is free software; you can redistribute it and/or modify + * it under the terms of the GNU Library General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or (at your option) any later version. + * + * Catacomb is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with Catacomb; if not, write to the Free + * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +/*----- Revision history --------------------------------------------------* + * + * $Log: tiger-base.h,v $ + * Revision 1.1 2000/07/15 10:02:43 mdw + * Anderson and Biham's Tiger hash function added. + * + */ + +#ifndef CATACOMB_TIGER_BASE_H +#define CATACOMB_TIGER_BASE_H + +#ifdef __cplusplus + extern "C" { +#endif + +/*----- Header files ------------------------------------------------------*/ + +#include + +/*----- Macros provided ---------------------------------------------------*/ + +/* --- The guts of a single round --- */ + +#define TIGER_ROUND(a, b, c, x, n, op) do { \ + kludge64 _t; \ + XOR64(c, c, x); \ + _t = s[0][U8(LO64(c) >> 0)]; \ + XOR64(_t, _t, s[1][U8(LO64(c) >> 16)]); \ + XOR64(_t, _t, s[2][U8(HI64(c) >> 0)]); \ + XOR64(_t, _t, s[3][U8(HI64(c) >> 16)]); \ + SUB64(a, a, _t); \ + _t = s[3][U8(LO64(c) >> 8)]; \ + XOR64(_t, _t, s[2][U8(LO64(c) >> 24)]); \ + XOR64(_t, _t, s[1][U8(HI64(c) >> 8)]); \ + XOR64(_t, _t, s[0][U8(HI64(c) >> 24)]); \ + ADD64(b, b, _t); \ + LSL64_(_t, b, n); \ + op##64(b, _t, b); \ +} while (0) + +/* --- One pass over the buffer --- */ + +#define TIGER_PASS(a, b, c, x, n, op) do { \ + TIGER_ROUND(a, b, c, x[0], n, op); \ + TIGER_ROUND(b, c, a, x[1], n, op); \ + TIGER_ROUND(c, a, b, x[2], n, op); \ + TIGER_ROUND(a, b, c, x[3], n, op); \ + TIGER_ROUND(b, c, a, x[4], n, op); \ + TIGER_ROUND(c, a, b, x[5], n, op); \ + TIGER_ROUND(a, b, c, x[6], n, op); \ + TIGER_ROUND(b, c, a, x[7], n, op); \ +} while (0) + +/* --- A step in the `key schedule' --- */ + +#define TIGER_KSTEP(a, b, c, d, op, n) do { \ + kludge64 _u; \ + XOR64(b, b, a); \ + ADD64(c, c, b); \ + CPL64(_u, b); op##64_(_u, _u, n); XOR64(_u, _u, c); SUB64(d, d, _u); \ +} while (0) + +/* --- The `key schedule' -- mangle the buffer --- */ + +#define TIGER_KSCHED(x) do { \ + kludge64 _t; \ + \ + SET64(_t, 0xa5a5a5a5, 0xa5a5a5a5); \ + XOR64(_t, _t, x[7]); SUB64(x[0], x[0], _t); \ + TIGER_KSTEP(x[0], x[1], x[2], x[3], LSL, 19); \ + TIGER_KSTEP(x[3], x[4], x[5], x[6], LSR, 23); \ + TIGER_KSTEP(x[6], x[7], x[0], x[1], LSL, 19); \ + TIGER_KSTEP(x[1], x[2], x[3], x[4], LSR, 23); \ + XOR64(x[5], x[5], x[4]); \ + ADD64(x[6], x[6], x[5]); \ + SET64(_t, 0x01234567, 0x89abcdef); \ + XOR64(_t, _t, x[6]); SUB64(x[7], x[7], _t); \ +} while (0) + +/* --- The Tiger compression function --- */ + +#define TIGER_CORE(a, b, c, x) do { \ + kludge64 _a, _b, _c; \ + _a = a, _b = b, _c = c; \ + TIGER_PASS(_a, _b, _c, x, 2, ADD); \ + TIGER_KSCHED(x); \ + TIGER_PASS(_c, _a, _b, x, 3, SUB); \ + TIGER_KSCHED(x); \ + TIGER_PASS(_b, _c, _a, x, 3, ADD); \ + XOR64(a, _a, a); SUB64(b, _b, b); ADD64(c, _c, c); \ +} while (0) + +/*----- That's all, folks -------------------------------------------------*/ + +#ifdef __cplusplus + } +#endif + +#endif diff --git a/tiger-mktab.c b/tiger-mktab.c new file mode 100644 index 0000000..c7b27e5 --- /dev/null +++ b/tiger-mktab.c @@ -0,0 +1,161 @@ +/* -*-c-*- + * + * $Id: tiger-mktab.c,v 1.1 2000/07/15 10:02:43 mdw Exp $ + * + * Generate S-boxes for the Tiger hash function + * + * (c) 2000 Straylight/Edgeware + */ + +/*----- Licensing notice --------------------------------------------------* + * + * This file is part of Catacomb. + * + * Catacomb is free software; you can redistribute it and/or modify + * it under the terms of the GNU Library General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or (at your option) any later version. + * + * Catacomb is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with Catacomb; if not, write to the Free + * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +/*----- Revision history --------------------------------------------------* + * + * $Log: tiger-mktab.c,v $ + * Revision 1.1 2000/07/15 10:02:43 mdw + * Anderson and Biham's Tiger hash function added. + * + */ + +/*----- Header files ------------------------------------------------------*/ + +#include + +#include +#include + +#include "tiger-base.h" + +/*----- Data structures ---------------------------------------------------*/ + +/*----- Static variables --------------------------------------------------*/ + +static kludge64 s[4][256]; + +/*----- Main code ---------------------------------------------------------*/ + +/* --- The basic Tiger compression function --- */ + +static void tiger(kludge64 *x, kludge64 *ss) +{ + TIGER_CORE(ss[0], ss[1], ss[2], x); +} + +/* --- The S-box generator --- */ + +void gen(const char *buf, unsigned passes) +{ + kludge64 x[8], ss[3]; + unsigned i, j, k, b; + unsigned q, n; + uint32 t; + const char *p; + + for (i = 0; i < 256; i++) { + for (j = 0; j < 4; j++) { + uint32 z = 0x01010101 * i; + SET64(s[j][i], z, z); + } + } + + SET64(ss[0], 0x01234567, 0x89abcdef); + SET64(ss[1], 0xfedcba98, 0x76543210); + SET64(ss[2], 0xf096a5b4, 0xc3b2e187); + + q = 2; + for (i = 0; i < passes; i++) { + for (j = 0; j < 256; j++) { + for (k = 0; k < 4; k++) { + q++; + if (q == 3) { + q = 0; + for (p = buf, n = 0; n < 8; n++, p += 8) + LOAD64_L_(x[n], p); + tiger(x, ss); + } + for (b = 0; b < 32; b += 8) { + n = U8(LO64(ss[q]) >> b); + t = (LO64(s[k][j]) ^ LO64(s[k][n])) & (0xff << b); + SET64(s[k][j], HI64(s[k][j]), LO64(s[k][j]) ^ t); + SET64(s[k][n], HI64(s[k][n]), LO64(s[k][n]) ^ t); + } + for (b = 0; b < 32; b += 8) { + n = U8(HI64(ss[q]) >> b); + t = (HI64(s[k][j]) ^ HI64(s[k][n])) & (0xff << b); + SET64(s[k][j], HI64(s[k][j]) ^ t, LO64(s[k][j])); + SET64(s[k][n], HI64(s[k][n]) ^ t, LO64(s[k][n])); + } + } + } + } +} + +int main(void) +{ + unsigned i, j; + + gen("Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham", 5); + + fputs("\ +/* -*-c-*-\n\ + *\n\ + * S-boxes for Tiger [generated]\n\ + */\n\ +\n\ +#ifndef CATACOMB_TIGER_TAB_H\n\ +#define CATACOMB_TIGER_TAB_H\n\ +\n\ +#define TIGER_S { \\\n\ + { ", stdout); + + for (i = 0; i < 4; i++) { + for (j = 0; j < 256; j++) { +#ifdef HAVE_UINT64 + printf("{ 0x%016llxull }", s[i][j]); +#else + printf("{ 0x%08lx, 0x%08lx }", + (unsigned long)s[i][j].hi, (unsigned long)s[i][j].lo); +#endif + if (j == 255) { + if (i == 3) + fputs(" } \\\n}\n", stdout); + else + fputs(" }, \\\n\ + \\\n\ + { ", stdout); + } else if (j % 2 == 1) + fputs(", \\\n ", stdout); + else + fputs(", ", stdout); + } + } + + fputs("\n#endif\n", stdout); + + if (fclose(stdout)) { + fprintf(stderr, "error writing data\n"); + exit(EXIT_FAILURE); + } + + return (0); +} + +/*----- That's all, folks -------------------------------------------------*/ diff --git a/tiger.c b/tiger.c new file mode 100644 index 0000000..fb75937 --- /dev/null +++ b/tiger.c @@ -0,0 +1,183 @@ +/* -*-c-*- + * + * $Id: tiger.c,v 1.1 2000/07/15 10:02:43 mdw Exp $ + * + * The Tiger hash function + * + * (c) 2000 Straylight/Edgeware + */ + +/*----- Licensing notice --------------------------------------------------* + * + * This file is part of Catacomb. + * + * Catacomb is free software; you can redistribute it and/or modify + * it under the terms of the GNU Library General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or (at your option) any later version. + * + * Catacomb is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with Catacomb; if not, write to the Free + * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +/*----- Revision history --------------------------------------------------* + * + * $Log: tiger.c,v $ + * Revision 1.1 2000/07/15 10:02:43 mdw + * Anderson and Biham's Tiger hash function added. + * + */ + +/*----- Header files ------------------------------------------------------*/ + +#include + +#include "ghash-def.h" +#include "hash.h" +#include "tiger.h" +#include "tiger-tab.h" +#include "tiger-base.h" + +/*----- S-boxes -----------------------------------------------------------*/ + +static const kludge64 s[4][256] = TIGER_S; + +/*----- Main code ---------------------------------------------------------*/ + +/* --- @tiger_compress@ --- * + * + * Arguments: @tiger_ctx *ctx@ = pointer to context block + * @const void *sbuf@ = pointer to buffer of appropriate size + * + * Returns: --- + * + * Use: Tiger compression function. + */ + +void tiger_compress(tiger_ctx *ctx, const void *sbuf) +{ + kludge64 x[8]; + int i; + const octet *p; + for (i = 0, p = sbuf; i < 8; i++, p += 8) + LOAD64_L_(x[i], p); + TIGER_CORE(ctx->a, ctx->b, ctx->c, x); +} + +/* --- @tiger_init@ --- * + * + * Arguments: @tiger_ctx *ctx@ = pointer to context block to initialize + * + * Returns: --- + * + * Use: Initializes a context block ready for hashing. + */ + +void tiger_init(tiger_ctx *ctx) +{ + SET64(ctx->a, 0x01234567, 0x89abcdef); + SET64(ctx->b, 0xfedcba98, 0x76543210); + SET64(ctx->c, 0xf096a5b4, 0xc3b2e187); + ctx->off = 0; + ctx->nl = ctx->nh = 0; +} + +/* --- @tiger_set@ --- * + * + * Arguments: @tiger_ctx *ctx@ = pointer to context block + * @const void *buf@ = pointer to state buffer + * @unsigned long count@ = current count of bytes processed + * + * Returns: --- + * + * Use: Initializes a context block from a given state. This is + * useful in cases where the initial hash state is meant to be + * secret, e.g., for NMAC and HMAC support. + */ + +void tiger_set(tiger_ctx *ctx, const void *buf, unsigned long count) +{ + const octet *p = buf; + LOAD64_L_(ctx->a, p + 0); + LOAD64_L_(ctx->b, p + 8); + LOAD64_L_(ctx->c, p + 16); + ctx->off = 0; + ctx->nl = U32(count); + ctx->nh = U32(((count & ~MASK32) >> 16) >> 16); +} + +/* --- @tiger_hash@ --- * + * + * Arguments: @tiger_ctx *ctx@ = pointer to context block + * @const void *buf@ = buffer of data to hash + * @size_t sz@ = size of buffer to hash + * + * Returns: --- + * + * Use: Hashes a buffer of data. The buffer may be of any size and + * alignment. + */ + +void tiger_hash(tiger_ctx *ctx, const void *buf, size_t sz) +{ + HASH_BUFFER(TIGER, tiger, ctx, buf, sz); +} + +/* --- @tiger_done@ --- * + * + * Arguments: @tiger_ctx *ctx@ = pointer to context block + * @void *hash@ = pointer to output buffer + * + * Returns: --- + * + * Use: Returns the hash of the data read so far. + */ + +void tiger_done(tiger_ctx *ctx, void *hash) +{ + octet *p = hash; + HASH_PAD(TIGER, tiger, ctx, 0x01u, 0, 8); + STORE32_L(ctx->buf + TIGER_BUFSZ - 8, ctx->nl << 3); + STORE32_L(ctx->buf + TIGER_BUFSZ - 4, (ctx->nl >> 29) | (ctx->nh << 3)); + tiger_compress(ctx, ctx->buf); + STORE64_L_(p + 0, ctx->a); + STORE64_L_(p + 8, ctx->b); + STORE64_L_(p + 16, ctx->c); +} + +/* --- @tiger_state@ --- * + * + * Arguments: @tiger_ctx *ctx@ = pointer to context + * @void *state@ = pointer to buffer for current state + * + * Returns: Number of bytes written to the hash function so far. + * + * Use: Returns the current state of the hash function such that + * it can be passed to @tiger_set@. + */ + +unsigned long tiger_state(tiger_ctx *ctx, void *state) +{ + octet *p = state; + STORE64_L_(p + 0, ctx->a); + STORE64_L_(p + 8, ctx->b); + STORE64_L_(p + 16, ctx->c); + return (ctx->nl | ((ctx->nh << 16) << 16)); +} + +/* --- Generic interface --- */ + +GHASH_DEF(TIGER, tiger) + +/* --- Test code --- */ + +HASH_TEST(TIGER, tiger) + +/*----- That's all, folks -------------------------------------------------*/ diff --git a/tiger.h b/tiger.h new file mode 100644 index 0000000..e1011a0 --- /dev/null +++ b/tiger.h @@ -0,0 +1,167 @@ +/* -*-c-*- + * + * $Id: tiger.h,v 1.1 2000/07/15 10:02:43 mdw Exp $ + * + * The Tiger hash function + * + * (c) 2000 Straylight/Edgeware + */ + +/*----- Licensing notice --------------------------------------------------* + * + * This file is part of Catacomb. + * + * Catacomb is free software; you can redistribute it and/or modify + * it under the terms of the GNU Library General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or (at your option) any later version. + * + * Catacomb is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with Catacomb; if not, write to the Free + * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +/*----- Revision history --------------------------------------------------* + * + * $Log: tiger.h,v $ + * Revision 1.1 2000/07/15 10:02:43 mdw + * Anderson and Biham's Tiger hash function added. + * + */ + +/*----- Notes on the Tiger hash function ----------------------------------* + * + * Tiger was designed by Eli Biham and Ross Anderson to be an efficient and + * secure hash function which worked well on 64-bit processors. This + * implementation should work everywhere, but it'll be faster if real 64-bit + * arithmetic is available. + * + * I don't know of any really good analysis of Tiger. + */ + +#ifndef CATACOMB_TIGER_H +#define CATACOMB_TIGER_H + +#ifdef __cplusplus + extern "C" { +#endif + +/*----- Header files ------------------------------------------------------*/ + +#include + +#ifndef CATACOMB_GHASH_H +# include "ghash.h" +#endif + +/*----- Magic numbers -----------------------------------------------------*/ + +#define TIGER_BUFSZ 64 +#define TIGER_HASHSZ 24 + +/*----- Data structures ---------------------------------------------------*/ + +typedef struct tiger_ctx { + kludge64 a, b, c; /* Chaining variables */ + uint32 nl, nh; /* Byte count so far */ + unsigned off; /* Offset into buffer */ + octet buf[TIGER_BUFSZ]; /* Accumulation buffer */ +} tiger_ctx; + +/*----- Functions provided ------------------------------------------------*/ + +/* --- @tiger_compress@ --- * + * + * Arguments: @tiger_ctx *ctx@ = pointer to context block + * @const void *sbuf@ = pointer to buffer of appropriate size + * + * Returns: --- + * + * Use: Tiger compression function. + */ + +extern void tiger_compress(tiger_ctx */*ctx*/, const void */*sbuf*/); + +/* --- @tiger_init@ --- * + * + * Arguments: @tiger_ctx *ctx@ = pointer to context block to initialize + * + * Returns: --- + * + * Use: Initializes a context block ready for hashing. + */ + +extern void tiger_init(tiger_ctx */*ctx*/); + +/* --- @tiger_set@ --- * + * + * Arguments: @tiger_ctx *ctx@ = pointer to context block + * @const void *buf@ = pointer to state buffer + * @unsigned long count@ = current count of bytes processed + * + * Returns: --- + * + * Use: Initializes a context block from a given state. This is + * useful in cases where the initial hash state is meant to be + * secret, e.g., for NMAC and HMAC support. + */ + +extern void tiger_set(tiger_ctx */*ctx*/, const void */*buf*/, + unsigned long /*count*/); + +/* --- @tiger_hash@ --- * + * + * Arguments: @tiger_ctx *ctx@ = pointer to context block + * @const void *buf@ = buffer of data to hash + * @size_t sz@ = size of buffer to hash + * + * Returns: --- + * + * Use: Hashes a buffer of data. The buffer may be of any size and + * alignment. + */ + +extern void tiger_hash(tiger_ctx */*ctx*/, const void */*buf*/, size_t /*sz*/); + +/* --- @tiger_done@ --- * + * + * Arguments: @tiger_ctx *ctx@ = pointer to context block + * @void *hash@ = pointer to output buffer + * + * Returns: --- + * + * Use: Returns the hash of the data read so far. + */ + +extern void tiger_done(tiger_ctx */*ctx*/, void */*hash*/); + +/* --- @tiger_state@ --- * + * + * Arguments: @tiger_ctx *ctx@ = pointer to context + * @void *state@ = pointer to buffer for current state + * + * Returns: Number of bytes written to the hash function so far. + * + * Use: Returns the current state of the hash function such that + * it can be passed to @tiger_set@. + */ + +extern unsigned long tiger_state(tiger_ctx */*ctx*/, void */*state*/); + +/*----- Generic hash interface --------------------------------------------*/ + +extern const gchash tiger; + +/*----- That's all, folks -------------------------------------------------*/ + +#ifdef __cplusplus + } +#endif + +#endif -- 2.11.0