1 /*
2    BLAKE2 reference source code package - reference C implementations
3 
4    Copyright 2012, Samuel Neves <sneves@dei.uc.pt>.  You may use this under the
5    terms of the CC0, the OpenSSL Licence, or the Apache Public License 2.0, at
6    your option.  The terms of these licenses can be found at:
7 
8    - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0
9    - OpenSSL license   : https://www.openssl.org/source/license.html
10    - Apache 2.0        : https://www.apache.org/licenses/LICENSE-2.0
11 
12    More information about the BLAKE2 hash function can be found at
13    https://blake2.net.
14 */
15 #ifndef BLAKE2_IMPL_H
16 #define BLAKE2_IMPL_H
17 
18 #ifndef WORDS_BIGENDIAN
19 # define NATIVE_LITTLE_ENDIAN 1
20 #endif
21 
22 #include <stdint.h>
23 #include <string.h>
24 
25 #if !defined(__cplusplus) && (!defined(__STDC_VERSION__) || __STDC_VERSION__ < 199901L)
26   #if   defined(_MSC_VER)
27     #define BLAKE2_INLINE __inline
28   #elif defined(__GNUC__)
29     #define BLAKE2_INLINE __inline__
30   #else
31     #define BLAKE2_INLINE
32   #endif
33 #else
34   #define BLAKE2_INLINE inline
35 #endif
36 
load32(const void * src)37 static BLAKE2_INLINE uint32_t load32( const void *src )
38 {
39 #if defined(NATIVE_LITTLE_ENDIAN)
40   uint32_t w;
41   memcpy(&w, src, sizeof w);
42   return w;
43 #else
44   const uint8_t *p = ( const uint8_t * )src;
45   return (( uint32_t )( p[0] ) <<  0) |
46          (( uint32_t )( p[1] ) <<  8) |
47          (( uint32_t )( p[2] ) << 16) |
48          (( uint32_t )( p[3] ) << 24) ;
49 #endif
50 }
51 
load64(const void * src)52 static BLAKE2_INLINE uint64_t load64( const void *src )
53 {
54 #if defined(NATIVE_LITTLE_ENDIAN)
55   uint64_t w;
56   memcpy(&w, src, sizeof w);
57   return w;
58 #else
59   const uint8_t *p = ( const uint8_t * )src;
60   return (( uint64_t )( p[0] ) <<  0) |
61          (( uint64_t )( p[1] ) <<  8) |
62          (( uint64_t )( p[2] ) << 16) |
63          (( uint64_t )( p[3] ) << 24) |
64          (( uint64_t )( p[4] ) << 32) |
65          (( uint64_t )( p[5] ) << 40) |
66          (( uint64_t )( p[6] ) << 48) |
67          (( uint64_t )( p[7] ) << 56) ;
68 #endif
69 }
70 
load16(const void * src)71 static BLAKE2_INLINE uint16_t load16( const void *src )
72 {
73 #if defined(NATIVE_LITTLE_ENDIAN)
74   uint16_t w;
75   memcpy(&w, src, sizeof w);
76   return w;
77 #else
78   const uint8_t *p = ( const uint8_t * )src;
79   return ( uint16_t )((( uint32_t )( p[0] ) <<  0) |
80                       (( uint32_t )( p[1] ) <<  8));
81 #endif
82 }
83 
store16(void * dst,uint16_t w)84 static BLAKE2_INLINE void store16( void *dst, uint16_t w )
85 {
86 #if defined(NATIVE_LITTLE_ENDIAN)
87   memcpy(dst, &w, sizeof w);
88 #else
89   uint8_t *p = ( uint8_t * )dst;
90   *p++ = ( uint8_t )w; w >>= 8;
91   *p++ = ( uint8_t )w;
92 #endif
93 }
94 
store32(void * dst,uint32_t w)95 static BLAKE2_INLINE void store32( void *dst, uint32_t w )
96 {
97 #if defined(NATIVE_LITTLE_ENDIAN)
98   memcpy(dst, &w, sizeof w);
99 #else
100   uint8_t *p = ( uint8_t * )dst;
101   p[0] = (uint8_t)(w >>  0);
102   p[1] = (uint8_t)(w >>  8);
103   p[2] = (uint8_t)(w >> 16);
104   p[3] = (uint8_t)(w >> 24);
105 #endif
106 }
107 
store64(void * dst,uint64_t w)108 static BLAKE2_INLINE void store64( void *dst, uint64_t w )
109 {
110 #if defined(NATIVE_LITTLE_ENDIAN)
111   memcpy(dst, &w, sizeof w);
112 #else
113   uint8_t *p = ( uint8_t * )dst;
114   p[0] = (uint8_t)(w >>  0);
115   p[1] = (uint8_t)(w >>  8);
116   p[2] = (uint8_t)(w >> 16);
117   p[3] = (uint8_t)(w >> 24);
118   p[4] = (uint8_t)(w >> 32);
119   p[5] = (uint8_t)(w >> 40);
120   p[6] = (uint8_t)(w >> 48);
121   p[7] = (uint8_t)(w >> 56);
122 #endif
123 }
124 
load48(const void * src)125 static BLAKE2_INLINE uint64_t load48( const void *src )
126 {
127   const uint8_t *p = ( const uint8_t * )src;
128   return (( uint64_t )( p[0] ) <<  0) |
129          (( uint64_t )( p[1] ) <<  8) |
130          (( uint64_t )( p[2] ) << 16) |
131          (( uint64_t )( p[3] ) << 24) |
132          (( uint64_t )( p[4] ) << 32) |
133          (( uint64_t )( p[5] ) << 40) ;
134 }
135 
store48(void * dst,uint64_t w)136 static BLAKE2_INLINE void store48( void *dst, uint64_t w )
137 {
138   uint8_t *p = ( uint8_t * )dst;
139   p[0] = (uint8_t)(w >>  0);
140   p[1] = (uint8_t)(w >>  8);
141   p[2] = (uint8_t)(w >> 16);
142   p[3] = (uint8_t)(w >> 24);
143   p[4] = (uint8_t)(w >> 32);
144   p[5] = (uint8_t)(w >> 40);
145 }
146 
rotr32(const uint32_t w,const unsigned c)147 static BLAKE2_INLINE uint32_t rotr32( const uint32_t w, const unsigned c )
148 {
149   return ( w >> c ) | ( w << ( 32 - c ) );
150 }
151 
rotr64(const uint64_t w,const unsigned c)152 static BLAKE2_INLINE uint64_t rotr64( const uint64_t w, const unsigned c )
153 {
154   return ( w >> c ) | ( w << ( 64 - c ) );
155 }
156 
157 /* prevents compiler optimizing out memset() */
secure_zero_memory(void * v,size_t n)158 static BLAKE2_INLINE void secure_zero_memory(void *v, size_t n)
159 {
160   static void *(*const volatile memset_v)(void *, int, size_t) = &memset;
161   memset_v(v, 0, n);
162 }
163 
164 #endif
165