Added NaCl crypto library.

This commit is contained in:
irungentoo 2013-07-02 09:53:34 -04:00
parent 8928c817df
commit e2967396ac
490 changed files with 97801 additions and 0 deletions

56
nacl/MACROS Normal file
View File

@ -0,0 +1,56 @@
crypto_verify
crypto_verify_BYTES
crypto_core
crypto_core_OUTPUTBYTES
crypto_core_INPUTBYTES
crypto_core_KEYBYTES
crypto_core_CONSTBYTES
crypto_hashblocks
crypto_hashblocks_STATEBYTES
crypto_hashblocks_BLOCKBYTES
crypto_hash
crypto_hash_BYTES
crypto_stream
crypto_stream_xor
crypto_stream_beforenm
crypto_stream_afternm
crypto_stream_xor_afternm
crypto_stream_KEYBYTES
crypto_stream_NONCEBYTES
crypto_stream_BEFORENMBYTES
crypto_onetimeauth
crypto_onetimeauth_verify
crypto_onetimeauth_BYTES
crypto_onetimeauth_KEYBYTES
crypto_auth
crypto_auth_verify
crypto_auth_BYTES
crypto_auth_KEYBYTES
crypto_secretbox
crypto_secretbox_open
crypto_secretbox_KEYBYTES
crypto_secretbox_NONCEBYTES
crypto_secretbox_ZEROBYTES
crypto_secretbox_BOXZEROBYTES
crypto_scalarmult
crypto_scalarmult_base
crypto_scalarmult_BYTES
crypto_scalarmult_SCALARBYTES
crypto_box
crypto_box_open
crypto_box_keypair
crypto_box_beforenm
crypto_box_afternm
crypto_box_open_afternm
crypto_box_PUBLICKEYBYTES
crypto_box_SECRETKEYBYTES
crypto_box_BEFORENMBYTES
crypto_box_NONCEBYTES
crypto_box_ZEROBYTES
crypto_box_BOXZEROBYTES
crypto_sign
crypto_sign_open
crypto_sign_keypair
crypto_sign_BYTES
crypto_sign_PUBLICKEYBYTES
crypto_sign_SECRETKEYBYTES

11
nacl/OPERATIONS Normal file
View File

@ -0,0 +1,11 @@
crypto_verify
crypto_core
crypto_hashblocks
crypto_hash
crypto_stream
crypto_onetimeauth
crypto_auth
crypto_secretbox
crypto_scalarmult
crypto_box
crypto_sign

26
nacl/PROTOTYPES.c Normal file
View File

@ -0,0 +1,26 @@
extern int crypto_verify(const unsigned char *,const unsigned char *);
extern int crypto_core(unsigned char *,const unsigned char *,const unsigned char *,const unsigned char *);
extern int crypto_hashblocks(unsigned char *,const unsigned char *,unsigned long long);
extern int crypto_hash(unsigned char *,const unsigned char *,unsigned long long);
extern int crypto_stream(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
extern int crypto_stream_xor(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
extern int crypto_stream_beforenm(unsigned char *,const unsigned char *);
extern int crypto_stream_afternm(unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
extern int crypto_stream_xor_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
extern int crypto_onetimeauth(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *);
extern int crypto_onetimeauth_verify(const unsigned char *,const unsigned char *,unsigned long long,const unsigned char *);
extern int crypto_auth(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *);
extern int crypto_auth_verify(const unsigned char *,const unsigned char *,unsigned long long,const unsigned char *);
extern int crypto_secretbox(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
extern int crypto_secretbox_open(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
extern int crypto_scalarmult(unsigned char *,const unsigned char *,const unsigned char *);
extern int crypto_scalarmult_base(unsigned char *,const unsigned char *);
extern int crypto_box(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *,const unsigned char *);
extern int crypto_box_open(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *,const unsigned char *);
extern int crypto_box_keypair(unsigned char *,unsigned char *);
extern int crypto_box_beforenm(unsigned char *,const unsigned char *,const unsigned char *);
extern int crypto_box_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
extern int crypto_box_open_afternm(unsigned char *,const unsigned char *,unsigned long long,const unsigned char *,const unsigned char *);
extern int crypto_sign(unsigned char *,unsigned long long *,const unsigned char *,unsigned long long,const unsigned char *);
extern int crypto_sign_open(unsigned char *,unsigned long long *,const unsigned char *,unsigned long long,const unsigned char *);
extern int crypto_sign_keypair(unsigned char *,unsigned char *);

17
nacl/PROTOTYPES.cpp Normal file
View File

@ -0,0 +1,17 @@
extern std::string crypto_auth(const std::string &,const std::string &);
extern void crypto_auth_verify(const std::string &,const std::string &,const std::string &);
extern std::string crypto_box(const std::string &,const std::string &,const std::string &,const std::string &);
extern std::string crypto_box_open(const std::string &,const std::string &,const std::string &,const std::string &);
extern std::string crypto_box_keypair(std::string *);
extern std::string crypto_hash(const std::string &);
extern std::string crypto_onetimeauth(const std::string &,const std::string &);
extern void crypto_onetimeauth_verify(const std::string &,const std::string &,const std::string &);
extern std::string crypto_scalarmult(const std::string &,const std::string &);
extern std::string crypto_scalarmult_base(const std::string &);
extern std::string crypto_secretbox(const std::string &,const std::string &,const std::string &);
extern std::string crypto_secretbox_open(const std::string &,const std::string &,const std::string &);
extern std::string crypto_stream(size_t,const std::string &,const std::string &);
extern std::string crypto_stream_xor(const std::string &,const std::string &,const std::string &);
extern std::string crypto_sign(const std::string &,const std::string &);
extern std::string crypto_sign_open(const std::string &,const std::string &);
extern std::string crypto_sign_keypair(std::string *);

View File

@ -0,0 +1,64 @@
/*
commandline/nacl-sha256.c version 20080713
D. J. Bernstein
Public domain.
*/
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/mman.h>
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include "crypto_hash_sha256.h"
unsigned char *input;
unsigned long long inputalloc;
unsigned long long inputlen;
unsigned char h[crypto_hash_sha256_BYTES];
void h_print(void)
{
int i;
for (i = 0;i < crypto_hash_sha256_BYTES;++i) printf("%02x",255 & (int) h[i]);
printf("\n");
}
int main()
{
struct stat st;
int ch;
if (fstat(0,&st) == 0) {
input = mmap(0,st.st_size,PROT_READ,MAP_SHARED,0,0);
if (input != MAP_FAILED) {
crypto_hash_sha256(h,input,st.st_size);
h_print();
return 0;
}
}
input = 0;
inputalloc = 0;
inputlen = 0;
while ((ch = getchar()) != EOF) {
if (inputlen >= inputalloc) {
void *newinput;
while (inputlen >= inputalloc)
inputalloc = inputalloc * 2 + 1;
if (posix_memalign(&newinput,16,inputalloc) != 0) return 111;
memcpy(newinput,input,inputlen);
free(input);
input = newinput;
}
input[inputlen++] = ch;
}
crypto_hash_sha256(h,input,inputlen);
h_print();
return 0;
}

View File

@ -0,0 +1,64 @@
/*
commandline/nacl-sha512.c version 20080713
D. J. Bernstein
Public domain.
*/
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/mman.h>
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include "crypto_hash_sha512.h"
unsigned char *input;
unsigned long long inputalloc;
unsigned long long inputlen;
unsigned char h[crypto_hash_sha512_BYTES];
void h_print(void)
{
int i;
for (i = 0;i < crypto_hash_sha512_BYTES;++i) printf("%02x",255 & (int) h[i]);
printf("\n");
}
int main()
{
struct stat st;
int ch;
if (fstat(0,&st) == 0) {
input = mmap(0,st.st_size,PROT_READ,MAP_SHARED,0,0);
if (input != MAP_FAILED) {
crypto_hash_sha512(h,input,st.st_size);
h_print();
return 0;
}
}
input = 0;
inputalloc = 0;
inputlen = 0;
while ((ch = getchar()) != EOF) {
if (inputlen >= inputalloc) {
void *newinput;
while (inputlen >= inputalloc)
inputalloc = inputalloc * 2 + 1;
if (posix_memalign(&newinput,16,inputalloc) != 0) return 111;
memcpy(newinput,input,inputlen);
free(input);
input = newinput;
}
input[inputlen++] = ch;
}
crypto_hash_sha512(h,input,inputlen);
h_print();
return 0;
}

80
nacl/cpucycles/alpha.c Normal file
View File

@ -0,0 +1,80 @@
/*
cpucycles/alpha.c version 20060316
D. J. Bernstein
Public domain.
*/
#include <time.h>
#include <unistd.h>
#include <sys/time.h>
static long long tod(void)
{
struct timeval t;
gettimeofday(&t,(struct timezone *) 0);
return t.tv_sec * (long long) 1000000 + t.tv_usec;
}
static long long rpcc(void)
{
unsigned long long t;
asm volatile("rpcc %0" : "=r"(t));
return t & 0xffffffff;
}
static long long firstrpcc;
static long long firsttod;
static long long lastrpcc;
static long long lasttod;
static double mhz = 0;
static void init(void)
{
firstrpcc = rpcc();
firsttod = tod();
do {
lastrpcc = rpcc();
lasttod = tod();
} while (lasttod - firsttod < 10000);
lastrpcc -= firstrpcc; lastrpcc &= 0xffffffff;
lasttod -= firsttod;
mhz = (double) lastrpcc / (double) lasttod;
}
long long cpucycles_alpha(void)
{
double x;
long long y;
if (!mhz) init();
lastrpcc = rpcc();
lasttod = tod();
lastrpcc -= firstrpcc; lastrpcc &= 0xffffffff;
lasttod -= firsttod;
/* Number of cycles since firstrpcc is lastrpcc + 2^32 y for unknown y. */
/* Number of microseconds since firsttod is lasttod. */
x = (lasttod * mhz - lastrpcc) * 0.00000000023283064365386962890625;
y = x;
while (x > y + 0.5) y += 1;
while (x < y - 0.5) y -= 1;
y *= 4294967296ULL;
lastrpcc += y;
mhz = (double) lastrpcc / (double) lasttod;
return firstrpcc + lastrpcc;
}
long long cpucycles_alpha_persecond(void)
{
if (!mhz) init();
return 1000000.0 * mhz;
}

27
nacl/cpucycles/alpha.h Normal file
View File

@ -0,0 +1,27 @@
/*
cpucycles alpha.h version 20060318
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_alpha_h
#define CPUCYCLES_alpha_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_alpha(void);
extern long long cpucycles_alpha_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "alpha"
#define cpucycles cpucycles_alpha
#define cpucycles_persecond cpucycles_alpha_persecond
#endif
#endif

View File

@ -0,0 +1,16 @@
#include <stdio.h>
#include <sys/types.h>
#include "osfreq.c"
long long cpucycles_amd64cpuinfo(void)
{
unsigned long long result;
asm volatile(".byte 15;.byte 49;shlq $32,%%rdx;orq %%rdx,%%rax"
: "=a" (result) :: "%rdx");
return result;
}
long long cpucycles_amd64cpuinfo_persecond(void)
{
return osfreq();
}

View File

@ -0,0 +1,27 @@
/*
cpucycles amd64cpuinfo.h version 20100803
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_amd64cpuinfo_h
#define CPUCYCLES_amd64cpuinfo_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_amd64cpuinfo(void);
extern long long cpucycles_amd64cpuinfo_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "amd64cpuinfo"
#define cpucycles cpucycles_amd64cpuinfo
#define cpucycles_persecond cpucycles_amd64cpuinfo_persecond
#endif
#endif

View File

@ -0,0 +1,25 @@
#include <stdio.h>
#include <sys/types.h>
#include <sys/param.h>
#include <sys/sysctl.h>
long long cpucycles_amd64cpuspeed(void)
{
unsigned long long result;
asm volatile(".byte 15;.byte 49;shlq $32,%%rdx;orq %%rdx,%%rax"
: "=a" (result) :: "%rdx");
return result;
}
long long cpucycles_amd64cpuspeed_persecond(void)
{
int oid[2];
int val;
size_t size;
oid[0] = CTL_HW;
oid[1] = HW_CPUSPEED;
size = sizeof val;
if (sysctl(oid,2,&val,&size,0,0) == -1) return 0;
if (size != sizeof val) return 0;
return val * 1000000LL;
}

View File

@ -0,0 +1,27 @@
/*
cpucycles amd64cpuspeed.h version 20090716
Matthew Dempsky
Public domain.
*/
#ifndef CPUCYCLES_amd64cpuspeed_h
#define CPUCYCLES_amd64cpuspeed_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_amd64cpuspeed(void);
extern long long cpucycles_amd64cpuspeed_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "amd64cpuspeed"
#define cpucycles cpucycles_amd64cpuspeed
#define cpucycles_persecond cpucycles_amd64cpuspeed_persecond
#endif
#endif

View File

@ -0,0 +1,18 @@
#include <stdio.h>
#include <sys/types.h>
long long cpucycles_amd64tscfreq(void)
{
unsigned long long result;
asm volatile(".byte 15;.byte 49;shlq $32,%%rdx;orq %%rdx,%%rax"
: "=a" (result) :: "%rdx");
return result;
}
long long cpucycles_amd64tscfreq_persecond(void)
{
long result = 0;
size_t resultlen = sizeof(long);
sysctlbyname("machdep.tsc_freq",&result,&resultlen,0,0);
return result;
}

View File

@ -0,0 +1,27 @@
/*
cpucycles amd64tscfreq.h version 20060318
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_amd64tscfreq_h
#define CPUCYCLES_amd64tscfreq_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_amd64tscfreq(void);
extern long long cpucycles_amd64tscfreq_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "amd64tscfreq"
#define cpucycles cpucycles_amd64tscfreq
#define cpucycles_persecond cpucycles_amd64tscfreq_persecond
#endif
#endif

View File

@ -0,0 +1,83 @@
#include <time.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/time.h>
#include <sys/types.h>
#include <spu_mfcio.h>
static long myround(double u)
{
long result = u;
while (result + 0.5 < u) result += 1;
while (result - 0.5 > u) result -= 1;
return result;
}
static long long microseconds(void)
{
struct timeval t;
gettimeofday(&t,(struct timezone *) 0);
return t.tv_sec * (long long) 1000000 + t.tv_usec;
}
static long long timebase(void)
{
unsigned long long result;
result = -spu_read_decrementer();
return 0xffffffff & result;
}
static double cpufrequency = 0;
static long tbcycles = 0;
static double guesstbcycles(void)
{
long long tb0; long long us0;
long long tb1; long long us1;
tb0 = timebase();
us0 = microseconds();
do {
tb1 = timebase();
us1 = microseconds();
} while (us1 - us0 < 10000 || tb1 - tb0 < 1000);
if (tb1 <= tb0) return 0;
tb1 -= tb0;
us1 -= us0;
return (cpufrequency * 0.000001 * (double) us1) / (double) tb1;
}
static void init(void)
{
int loop;
double guess1;
double guess2;
spu_write_decrementer(0xffffffff);
cpufrequency = 3192000000.0;
for (loop = 0;loop < 100;++loop) {
guess1 = guesstbcycles();
guess2 = guesstbcycles();
tbcycles = myround(guess1);
if (guess1 - tbcycles > 0.1) continue;
if (tbcycles - guess1 > 0.1) continue;
if (guess2 - tbcycles > 0.1) continue;
if (tbcycles - guess2 > 0.1) continue;
return;
}
tbcycles = 0;
}
long long cpucycles_celllinux(void)
{
if (!tbcycles) init();
return timebase() * tbcycles;
}
long long cpucycles_celllinux_persecond(void)
{
if (!tbcycles) init();
return cpufrequency;
}

View File

@ -0,0 +1,27 @@
/*
cpucycles celllinux.h version 20081201
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_celllinux_h
#define CPUCYCLES_celllinux_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_celllinux(void);
extern long long cpucycles_celllinux_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "celllinux"
#define cpucycles cpucycles_celllinux
#define cpucycles_persecond cpucycles_celllinux_persecond
#endif
#endif

73
nacl/cpucycles/cortex.c Normal file
View File

@ -0,0 +1,73 @@
/*
cpucycles/cortex.c version 20101203
D. J. Bernstein
Public domain.
*/
#define SCALE 1
#include <time.h>
#include <unistd.h>
#include <sys/time.h>
static int enabled = 0;
static int prev[3];
static unsigned long long prevcycles = 0;
static int now[3];
static long long cyclespersec = 0;
static void readticks(unsigned int *result)
{
struct timeval t;
unsigned int cc;
if (!enabled) {
asm volatile("mcr p15, 0, %0, c9, c12, 0" :: "r"(17));
asm volatile("mcr p15, 0, %0, c9, c12, 1" :: "r"(0x8000000f));
asm volatile("mcr p15, 0, %0, c9, c12, 3" :: "r"(0x8000000f));
enabled = 1;
}
asm volatile("mrc p15, 0, %0, c9, c13, 0" : "=r"(cc));
gettimeofday(&t,(struct timezone *) 0);
result[0] = cc;
result[1] = t.tv_usec;
result[2] = t.tv_sec;
}
long long cpucycles_cortex(void)
{
unsigned long long delta4;
int deltan;
int deltas;
unsigned long long guesscycles;
readticks(now);
delta4 = (unsigned int) (now[0] - prev[0]); /* unsigned change in number of cycles mod 2^32 */
deltan = now[1] - prev[1]; /* signed change in number of nanoseconds mod 10^9 */
deltas = now[2] - prev[2]; /* signed change in number of seconds */
if ((deltas == 0 && deltan < 200000) || (deltas == 1 && deltan < -800000))
return (prevcycles + delta4) * SCALE;
prev[0] = now[0];
prev[1] = now[1];
prev[2] = now[2];
if ((deltas == 0 && deltan < 300000) || (deltas == 1 && deltan < -700000)) {
// actual number of cycles cannot have increased by 2^32 in <0.3ms
cyclespersec = 1000000 * (unsigned long long) delta4;
cyclespersec /= deltan + 1000000 * (long long) deltas;
} else {
guesscycles = deltas * cyclespersec;
guesscycles += (deltan * cyclespersec) / 1000000;
while (delta4 + 2147483648ULL < guesscycles) delta4 += 4294967296ULL;
/* XXX: could do longer-term extrapolation here */
}
prevcycles += delta4;
return prevcycles * SCALE;
}
long long cpucycles_cortex_persecond(void)
{
while (!cyclespersec) cpucycles_cortex();
return cyclespersec * SCALE;
}

27
nacl/cpucycles/cortex.h Normal file
View File

@ -0,0 +1,27 @@
/*
cpucycles cortex.h version 20100912
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_cortex_h
#define CPUCYCLES_cortex_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_cortex(void);
extern long long cpucycles_cortex_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "cortex"
#define cpucycles cpucycles_cortex
#define cpucycles_persecond cpucycles_cortex_persecond
#endif
#endif

62
nacl/cpucycles/dev4ns.c Normal file
View File

@ -0,0 +1,62 @@
#include <sys/types.h>
#include <fcntl.h>
#include <time.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/time.h>
static int fddev = -1;
static int prev[3];
static unsigned long long prevcycles = 0;
static int now[3];
static long long cyclespersec = 0;
static void readdev(unsigned int *result)
{
if (read(fddev,result,12) == 12) return;
result[0] = result[1] = result[2] = 0;
}
long long cpucycles_dev4ns(void)
{
unsigned long long delta4;
int deltan;
int deltas;
unsigned long long guesscycles;
if (fddev == -1) {
fddev = open("/dev/cpucycles4ns",O_RDONLY);
readdev(prev);
}
readdev(now);
delta4 = (unsigned int) (now[0] - prev[0]); /* unsigned change in number of cycles mod 2^32 */
deltan = now[1] - prev[1]; /* signed change in number of nanoseconds mod 10^9 */
deltas = now[2] - prev[2]; /* signed change in number of seconds */
if ((deltas == 0 && deltan < 200000000) || (deltas == 1 && deltan < -800000000))
return prevcycles + delta4;
prev[0] = now[0];
prev[1] = now[1];
prev[2] = now[2];
if ((deltas == 0 && deltan < 300000000) || (deltas == 1 && deltan < -700000000)) {
// actual number of cycles cannot have increased by 2^32 in <0.3ms
cyclespersec = 1000000000 * (unsigned long long) delta4;
cyclespersec /= deltan + 1000000000 * (long long) deltas;
} else {
guesscycles = deltas * cyclespersec;
guesscycles += (deltan * cyclespersec) / 1000000000;
while (delta4 + 2147483648ULL < guesscycles) delta4 += 4294967296ULL;
/* XXX: could do longer-term extrapolation here */
}
prevcycles += delta4;
return prevcycles;
}
long long cpucycles_dev4ns_persecond(void)
{
while (!cyclespersec) cpucycles_dev4ns();
return cyclespersec;
}

27
nacl/cpucycles/dev4ns.h Normal file
View File

@ -0,0 +1,27 @@
/*
cpucycles dev4ns.h version 20100803
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_dev4ns_h
#define CPUCYCLES_dev4ns_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_dev4ns(void);
extern long long cpucycles_dev4ns_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "dev4ns"
#define cpucycles cpucycles_dev4ns
#define cpucycles_persecond cpucycles_dev4ns_persecond
#endif
#endif

105
nacl/cpucycles/do Executable file
View File

@ -0,0 +1,105 @@
#!/bin/sh -e
okabi | (
while read abi
do
rm -f cpucycles.o cpucycles.h
(
case "$abi" in
ppc*)
echo powerpccpuinfo
echo powerpcmacos
;;
amd64*)
echo amd64tscfreq
echo amd64cpuinfo
echo amd64cpuspeed
;;
x86*)
echo x86tscfreq
echo x86cpuinfo
echo x86cpuspeed
echo x86estimate
;;
cell*)
echo celllinux
;;
sparc*)
echo sparccpuinfo
echo sparc32cpuinfo
;;
mips*)
echo mips
;;
hppa*)
echo hppapstat
;;
alpha*)
echo alpha
;;
sgi*)
echo sgi
;;
arm*)
echo cortex
echo dev4ns
;;
esac
echo amd64tscfreq
echo amd64cpuinfo
echo amd64cpuspeed
echo x86tscfreq
echo x86cpuinfo
echo x86cpuspeed
echo x86estimate
echo ia64cpuinfo
echo powerpccpuinfo
echo powerpcmacos
echo celllinux
echo sparccpuinfo
echo sparc32cpuinfo
echo mips
echo hppapstat
echo alpha
echo sgi
echo cortex
echo dev4ns
echo monotoniccpuinfo
echo monotonic
echo gettimeofday
) | (
while read n
do
okc-$abi | (
while read c
do
echo "=== `date` === Trying $n.c with $c..." >&2
rm -f test cpucycles-impl.o cpucycles-impl.h cpucycles-impl.c
cp $n.c cpucycles-impl.c || continue
cp $n.h cpucycles-impl.h || continue
$c -c cpucycles-impl.c || continue
$c -o test test.c cpucycles-impl.o || continue
./test || continue
echo "=== `date` === Success. Using $n.c." >&2
mkdir -p lib/$abi
mv cpucycles-impl.o lib/$abi/cpucycles.o
mkdir -p include/$abi
mv cpucycles-impl.h include/$abi/cpucycles.h
exit 0
done
exit 111
) && exit 0
done
exit 111
) || (
echo ===== Giving up. >&2
rm -f test cpucycles-impl.o cpucycles-impl.h cpucycles-impl.c
exit 111
) || exit 0
done
exit 0
) || exit 111

View File

@ -0,0 +1,32 @@
#include <time.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/time.h>
#include <sys/types.h>
#include "osfreq.c"
static double cpufrequency = 0;
static void init(void)
{
cpufrequency = osfreq();
}
long long cpucycles_gettimeofday(void)
{
double result;
struct timeval t;
if (!cpufrequency) init();
gettimeofday(&t,(struct timezone *) 0);
result = t.tv_usec;
result *= 0.000001;
result += (double) t.tv_sec;
result *= cpufrequency;
return result;
}
long long cpucycles_gettimeofday_persecond(void)
{
if (!cpufrequency) init();
return cpufrequency;
}

View File

@ -0,0 +1,27 @@
/*
cpucycles gettimeofday.h version 20060318
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_gettimeofday_h
#define CPUCYCLES_gettimeofday_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_gettimeofday(void);
extern long long cpucycles_gettimeofday_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "gettimeofday"
#define cpucycles cpucycles_gettimeofday
#define cpucycles_persecond cpucycles_gettimeofday_persecond
#endif
#endif

View File

@ -0,0 +1,26 @@
#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/param.h>
#include <sys/pstat.h>
#include <machine/inline.h>
long long cpucycles_hppapstat(void)
{
register long long result;
_MFCTL(16,result);
return result;
}
long long cpucycles_hppapstat_persecond(void)
{
struct pst_processor pst;
union pstun pu;
double result;
pu.pst_processor = &pst;
if (pstat(PSTAT_PROCESSOR,pu,sizeof(pst),1,0) < 0) return 0;
result = pst.psp_iticksperclktick;
result *= (double) sysconf(_SC_CLK_TCK);
return result;
}

View File

@ -0,0 +1,27 @@
/*
cpucycles hppapstat.h version 20060319
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_hppapstat_h
#define CPUCYCLES_hppapstat_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_hppapstat(void);
extern long long cpucycles_hppapstat_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "hppapstat"
#define cpucycles cpucycles_hppapstat
#define cpucycles_persecond cpucycles_hppapstat_persecond
#endif
#endif

View File

@ -0,0 +1,15 @@
#include <stdio.h>
#include <sys/types.h>
#include "osfreq.c"
long long cpucycles_ia64cpuinfo(void)
{
long long result;
asm volatile("mov %0=ar.itc" : "=r"(result));
return result;
}
long long cpucycles_ia64cpuinfo_persecond(void)
{
return osfreq();
}

View File

@ -0,0 +1,27 @@
/*
cpucycles ia64cpuinfo.h version 20100803
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_ia64cpuinfo_h
#define CPUCYCLES_ia64cpuinfo_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_ia64cpuinfo(void);
extern long long cpucycles_ia64cpuinfo_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "ia64cpuinfo"
#define cpucycles cpucycles_ia64cpuinfo
#define cpucycles_persecond cpucycles_ia64cpuinfo_persecond
#endif
#endif

65
nacl/cpucycles/mips.c Normal file
View File

@ -0,0 +1,65 @@
/*
cpucycles/mips.c version 20100803
D. J. Bernstein
Public domain.
*/
#define SCALE 2
#include <time.h>
#include <unistd.h>
#include <sys/time.h>
static int prev[3];
static unsigned long long prevcycles = 0;
static int now[3];
static long long cyclespersec = 0;
static void readticks(unsigned int *result)
{
struct timeval t;
unsigned int cc;
asm volatile(".byte 59; .byte 16; .byte 2; .byte 124; move %0,$2" : "=r"(cc) : : "$2");
gettimeofday(&t,(struct timezone *) 0);
result[0] = cc;
result[1] = t.tv_usec;
result[2] = t.tv_sec;
}
long long cpucycles_mips(void)
{
unsigned long long delta4;
int deltan;
int deltas;
unsigned long long guesscycles;
readticks(now);
delta4 = (unsigned int) (now[0] - prev[0]); /* unsigned change in number of cycles mod 2^32 */
deltan = now[1] - prev[1]; /* signed change in number of nanoseconds mod 10^9 */
deltas = now[2] - prev[2]; /* signed change in number of seconds */
if ((deltas == 0 && deltan < 200000) || (deltas == 1 && deltan < -800000))
return (prevcycles + delta4) * SCALE;
prev[0] = now[0];
prev[1] = now[1];
prev[2] = now[2];
if ((deltas == 0 && deltan < 300000) || (deltas == 1 && deltan < -700000)) {
// actual number of cycles cannot have increased by 2^32 in <0.3ms
cyclespersec = 1000000 * (unsigned long long) delta4;
cyclespersec /= deltan + 1000000 * (long long) deltas;
} else {
guesscycles = deltas * cyclespersec;
guesscycles += (deltan * cyclespersec) / 1000000;
while (delta4 + 2147483648ULL < guesscycles) delta4 += 4294967296ULL;
/* XXX: could do longer-term extrapolation here */
}
prevcycles += delta4;
return prevcycles * SCALE;
}
long long cpucycles_mips_persecond(void)
{
while (!cyclespersec) cpucycles_mips();
return cyclespersec * SCALE;
}

27
nacl/cpucycles/mips.h Normal file
View File

@ -0,0 +1,27 @@
/*
cpucycles mips.h version 20100802
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_mips_h
#define CPUCYCLES_mips_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_mips(void);
extern long long cpucycles_mips_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "mips"
#define cpucycles cpucycles_mips
#define cpucycles_persecond cpucycles_mips_persecond
#endif
#endif

View File

@ -0,0 +1,34 @@
#include <time.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/sysctl.h>
static double cpufrequency = 0;
static void init(void)
{
long result = 0; size_t resultlen = sizeof(long);
sysctlbyname("machdep.tsc_freq",&result,&resultlen,0,0);
cpufrequency = result;
}
long long cpucycles_monotonic(void)
{
double result;
struct timespec t;
if (!cpufrequency) init();
clock_gettime(CLOCK_MONOTONIC,&t);
result = t.tv_nsec;
result *= 0.000000001;
result += (double) t.tv_sec;
result *= cpufrequency;
return result;
}
long long cpucycles_monotonic_persecond(void)
{
if (!cpufrequency) init();
return cpufrequency;
}

View File

@ -0,0 +1,27 @@
/*
cpucycles monotonic.h version 20100803
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_monotonic_h
#define CPUCYCLES_monotonic_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_monotonic(void);
extern long long cpucycles_monotonic_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "monotonic"
#define cpucycles cpucycles_monotonic
#define cpucycles_persecond cpucycles_monotonic_persecond
#endif
#endif

View File

@ -0,0 +1,33 @@
#include <time.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/sysctl.h>
#include "osfreq.c"
static double cpufrequency = 0;
static void init(void)
{
cpufrequency = osfreq();
}
long long cpucycles_monotoniccpuinfo(void)
{
double result;
struct timespec t;
if (!cpufrequency) init();
clock_gettime(CLOCK_MONOTONIC,&t);
result = t.tv_nsec;
result *= 0.000000001;
result += (double) t.tv_sec;
result *= cpufrequency;
return result;
}
long long cpucycles_monotoniccpuinfo_persecond(void)
{
if (!cpufrequency) init();
return cpufrequency;
}

View File

@ -0,0 +1,27 @@
/*
cpucycles monotoniccpuinfo.h version 20100804
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_monotoniccpuinfo_h
#define CPUCYCLES_monotoniccpuinfo_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_monotoniccpuinfo(void);
extern long long cpucycles_monotoniccpuinfo_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "monotoniccpuinfo"
#define cpucycles cpucycles_monotoniccpuinfo
#define cpucycles_persecond cpucycles_monotoniccpuinfo_persecond
#endif
#endif

65
nacl/cpucycles/osfreq.c Normal file
View File

@ -0,0 +1,65 @@
static double osfreq(void)
{
FILE *f;
double result;
int s;
f = fopen("/sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq", "r");
if (f) {
s = fscanf(f,"%lf",&result);
fclose(f);
if (s > 0) return 1000.0 * result;
}
f = fopen("/sys/devices/system/cpu/cpu0/clock_tick", "r");
if (f) {
s = fscanf(f,"%lf",&result);
fclose(f);
if (s > 0) return result;
}
f = fopen("/proc/cpuinfo","r");
if (f) {
for (;;) {
s = fscanf(f,"cpu MHz : %lf",&result);
if (s > 0) break;
if (s == 0) s = fscanf(f,"%*[^\n]\n");
if (s < 0) { result = 0; break; }
}
fclose(f);
if (result) return 1000000.0 * result;
}
f = fopen("/proc/cpuinfo","r");
if (f) {
for (;;) {
s = fscanf(f,"clock : %lf",&result);
if (s > 0) break;
if (s == 0) s = fscanf(f,"%*[^\n]\n");
if (s < 0) { result = 0; break; }
}
fclose(f);
if (result) return 1000000.0 * result;
}
f = popen("/usr/sbin/lsattr -E -l proc0 -a frequency 2>/dev/null","r");
if (f) {
s = fscanf(f,"frequency %lf",&result);
pclose(f);
if (s > 0) return result;
}
f = popen("/usr/sbin/psrinfo -v 2>/dev/null","r");
if (f) {
for (;;) {
s = fscanf(f," The %*s processor operates at %lf MHz",&result);
if (s > 0) break;
if (s == 0) s = fscanf(f,"%*[^\n]\n");
if (s < 0) { result = 0; break; }
}
pclose(f);
if (result) return 1000000.0 * result;
}
return 0;
}

View File

@ -0,0 +1,95 @@
#include <time.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/time.h>
#include <sys/types.h>
#include "osfreq.c"
static long myround(double u)
{
long result = u;
while (result + 0.5 < u) result += 1;
while (result - 0.5 > u) result -= 1;
return result;
}
static long long microseconds(void)
{
struct timeval t;
gettimeofday(&t,(struct timezone *) 0);
return t.tv_sec * (long long) 1000000 + t.tv_usec;
}
static int tbshift = 0;
static long long timebase(void)
{
unsigned long high;
unsigned long low;
unsigned long newhigh;
unsigned long long result;
asm volatile(
"7:mftbu %0;mftb %1;mftbu %2;cmpw %0,%2;bne 7b"
: "=r" (high), "=r" (low), "=r" (newhigh)
);
result = high;
result <<= 32;
result |= low;
return result >> tbshift;
}
static double cpufrequency = 0;
static long tbcycles = 0;
static double guesstbcycles(void)
{
long long tb0; long long us0;
long long tb1; long long us1;
tb0 = timebase();
us0 = microseconds();
do {
tb1 = timebase();
us1 = microseconds();
} while (us1 - us0 < 10000 || tb1 - tb0 < 1000);
if (tb1 <= tb0) return 0;
tb1 -= tb0;
us1 -= us0;
return (cpufrequency * 0.000001 * (double) us1) / (double) tb1;
}
static void init(void)
{
int loop;
double guess1;
double guess2;
cpufrequency = osfreq();
if (!cpufrequency) return;
for (tbshift = 0;tbshift < 10;++tbshift) {
for (loop = 0;loop < 100;++loop) {
guess1 = guesstbcycles();
guess2 = guesstbcycles();
tbcycles = myround(guess1);
if (guess1 - tbcycles > 0.1) continue;
if (tbcycles - guess1 > 0.1) continue;
if (guess2 - tbcycles > 0.1) continue;
if (tbcycles - guess2 > 0.1) continue;
return;
}
}
tbcycles = 0;
}
long long cpucycles_powerpccpuinfo(void)
{
if (!tbcycles) init();
return timebase() * tbcycles;
}
long long cpucycles_powerpccpuinfo_persecond(void)
{
if (!tbcycles) init();
return cpufrequency;
}

View File

@ -0,0 +1,27 @@
/*
cpucycles powerpccpuinfo.h version 20100803
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_powerpccpuinfo_h
#define CPUCYCLES_powerpccpuinfo_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_powerpccpuinfo(void);
extern long long cpucycles_powerpccpuinfo_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "powerpccpuinfo"
#define cpucycles cpucycles_powerpccpuinfo
#define cpucycles_persecond cpucycles_powerpccpuinfo_persecond
#endif
#endif

View File

@ -0,0 +1,42 @@
#include <sys/types.h>
#include <sys/sysctl.h>
#include <mach/mach_time.h>
#define timebase mach_absolute_time
static int cpumib[2] = { CTL_HW, HW_CPU_FREQ } ;
static int tbmib[2] = { CTL_HW, HW_TB_FREQ } ;
static long myround(double u)
{
long result = u;
while (result + 0.5 < u) result += 1;
while (result - 0.5 > u) result -= 1;
return result;
}
static long tbcycles = 0;
static void init(void)
{
unsigned int cpufrequency = 0; size_t cpufrequencylen = sizeof(unsigned int);
unsigned int tbfrequency = 0; size_t tbfrequencylen = sizeof(unsigned int);
sysctl(cpumib,2,&cpufrequency,&cpufrequencylen,0,0);
sysctl(tbmib,2,&tbfrequency,&tbfrequencylen,0,0);
if (tbfrequency > 0)
tbcycles = myround((double) (unsigned long long) cpufrequency
/ (double) (unsigned long long) tbfrequency);
}
long long cpucycles_powerpcmacos(void)
{
if (!tbcycles) init();
return timebase() * tbcycles;
}
long long cpucycles_powerpcmacos_persecond(void)
{
unsigned int result = 0; size_t resultlen = sizeof(unsigned int);
sysctl(cpumib,2,&result,&resultlen,0,0);
return (unsigned long long) result;
}

View File

@ -0,0 +1,27 @@
/*
cpucycles powerpcmacos.h version 20060319
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_powerpcmacos_h
#define CPUCYCLES_powerpcmacos_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_powerpcmacos(void);
extern long long cpucycles_powerpcmacos_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "powerpcmacos"
#define cpucycles cpucycles_powerpcmacos
#define cpucycles_persecond cpucycles_powerpcmacos_persecond
#endif
#endif

38
nacl/cpucycles/sgi.c Normal file
View File

@ -0,0 +1,38 @@
#include <time.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/sysctl.h>
static double cpufrequency = 0;
static void init(void)
{
FILE *f;
f = popen("hinv -c processor | awk '{if ($3==\"MHZ\") print $2*1000000}'","r");
if (!f) return;
if (fscanf(f,"%lf",&cpufrequency) < 1) cpufrequency = 0;
pclose(f);
if (!cpufrequency) return;
}
long long cpucycles_sgi(void)
{
double result;
struct timespec t;
if (!cpufrequency) init();
clock_gettime(CLOCK_SGI_CYCLE,&t);
result = t.tv_nsec;
result *= 0.000000001;
result += (double) t.tv_sec;
result *= cpufrequency;
return result;
}
long long cpucycles_sgi_persecond(void)
{
if (!cpufrequency) init();
return cpufrequency;
}

27
nacl/cpucycles/sgi.h Normal file
View File

@ -0,0 +1,27 @@
/*
cpucycles sgi.h version 20070916
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_sgi_h
#define CPUCYCLES_sgi_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_sgi(void);
extern long long cpucycles_sgi_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "sgi"
#define cpucycles cpucycles_sgi
#define cpucycles_persecond cpucycles_sgi_persecond
#endif
#endif

View File

@ -0,0 +1,16 @@
#include <stdio.h>
#include <sys/types.h>
#include "osfreq.c"
long long cpucycles_sparc32cpuinfo(void)
{
long long result;
asm volatile(".word 2202075136; .word 2570088480; srl %%g1,0,%L0; mov %%o4,%H0"
: "=r" (result) : : "g1","o4");
return result;
}
long long cpucycles_sparc32cpuinfo_persecond(void)
{
return osfreq();
}

View File

@ -0,0 +1,27 @@
/*
cpucycles sparc32cpuinfo.h version 20100804
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_sparc32cpuinfo_h
#define CPUCYCLES_sparc32cpuinfo_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_sparc32cpuinfo(void);
extern long long cpucycles_sparc32cpuinfo_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "sparc32cpuinfo"
#define cpucycles cpucycles_sparc32cpuinfo
#define cpucycles_persecond cpucycles_sparc32cpuinfo_persecond
#endif
#endif

View File

@ -0,0 +1,15 @@
#include <stdio.h>
#include <sys/types.h>
#include "osfreq.c"
long long cpucycles_sparccpuinfo(void)
{
long long result;
asm volatile("rd %%tick,%0" : "=r" (result));
return result;
}
long long cpucycles_sparccpuinfo_persecond(void)
{
return osfreq();
}

View File

@ -0,0 +1,27 @@
/*
cpucycles sparccpuinfo.h version 20100803
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_sparccpuinfo_h
#define CPUCYCLES_sparccpuinfo_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_sparccpuinfo(void);
extern long long cpucycles_sparccpuinfo_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "sparccpuinfo"
#define cpucycles cpucycles_sparccpuinfo
#define cpucycles_persecond cpucycles_sparccpuinfo_persecond
#endif
#endif

77
nacl/cpucycles/test.c Normal file
View File

@ -0,0 +1,77 @@
#include <time.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/time.h>
#include "cpucycles-impl.h"
static long long tod(void)
{
struct timeval t;
gettimeofday(&t,(struct timezone *) 0);
return t.tv_sec * (long long) 1000000 + t.tv_usec;
}
long long todstart;
long long todend;
long long cpustart;
long long cpuend;
long long cyclespersecond;
long long cyclespertod;
long long t[1001];
int main()
{
int j;
int i;
if (!cpucycles()) {
fprintf(stderr,"cpucycles() = %lld\n",cpucycles());
return 100;
}
for (i = 0;i <= 1000;++i) t[i] = cpucycles();
for (i = 0;i < 1000;++i) if (t[i] > t[i + 1]) {
fprintf(stderr,"t[%d] = %lld\n",i,t[i]);
fprintf(stderr,"t[%d] = %lld\n",i + 1,t[i + 1]);
fprintf(stderr,"cpucycles_persecond() = %lld\n",cpucycles_persecond());
return 100;
}
if (t[0] == t[1000]) {
fprintf(stderr,"t[%d] = %lld\n",0,t[0]);
fprintf(stderr,"t[%d] = %lld\n",1000,t[1000]);
fprintf(stderr,"cpucycles_persecond() = %lld\n",cpucycles_persecond());
return 100;
}
cyclespersecond = cpucycles_persecond();
if (cyclespersecond <= 0) {
fprintf(stderr,"cpucycles_persecond() = %lld\n",cyclespersecond);
return 100;
}
todstart = tod();
cpustart = cpucycles();
for (j = 0;j < 1000;++j) for (i = 0;i <= 1000;++i) t[i] = t[i] + i + j;
todend = tod();
cpuend = cpucycles();
todend -= todstart;
cpuend -= cpustart;
cyclespertod = (long long) (((double) cpuend) * 1000000.0 / (double) todend);
if (cyclespertod > 10 * cyclespersecond) {
fprintf(stderr,"cyclespertod = %lld, cyclespersecond = %lld\n",cyclespertod,cyclespersecond);
return 100;
}
for (i = 0;i <= 1000;++i) t[i] = cpucycles();
printf("%s",cpucycles_implementation);
printf(" %lld",cyclespersecond);
printf(" %lld",cyclespertod);
for (i = 0;i < 64;++i) printf(" %lld",t[i + 1] - t[i]);
printf("\n");
return 0;
}

View File

@ -0,0 +1,15 @@
#include <stdio.h>
#include <sys/types.h>
#include "osfreq.c"
long long cpucycles_x86cpuinfo(void)
{
long long result;
asm volatile(".byte 15;.byte 49" : "=A" (result));
return result;
}
long long cpucycles_x86cpuinfo_persecond(void)
{
return osfreq();
}

View File

@ -0,0 +1,27 @@
/*
cpucycles x86cpuinfo.h version 20100803
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_x86cpuinfo_h
#define CPUCYCLES_x86cpuinfo_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_x86cpuinfo(void);
extern long long cpucycles_x86cpuinfo_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "x86cpuinfo"
#define cpucycles cpucycles_x86cpuinfo
#define cpucycles_persecond cpucycles_x86cpuinfo_persecond
#endif
#endif

View File

@ -0,0 +1,24 @@
#include <stdio.h>
#include <sys/types.h>
#include <sys/param.h>
#include <sys/sysctl.h>
long long cpucycles_x86cpuspeed(void)
{
long long result;
asm volatile(".byte 15;.byte 49" : "=A" (result));
return result;
}
long long cpucycles_x86cpuspeed_persecond(void)
{
int oid[2];
int val;
size_t size;
oid[0] = CTL_HW;
oid[1] = HW_CPUSPEED;
size = sizeof val;
if (sysctl(oid,2,&val,&size,0,0) == -1) return 0;
if (size != sizeof val) return 0;
return val * 1000000LL;
}

View File

@ -0,0 +1,27 @@
/*
cpucycles x86cpuspeed.h version 20090716
Matthew Dempsky
Public domain.
*/
#ifndef CPUCYCLES_x86cpuspeed_h
#define CPUCYCLES_x86cpuspeed_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_x86cpuspeed(void);
extern long long cpucycles_x86cpuspeed_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "x86cpuspeed"
#define cpucycles cpucycles_x86cpuspeed
#define cpucycles_persecond cpucycles_x86cpuspeed_persecond
#endif
#endif

View File

@ -0,0 +1,59 @@
#include <time.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/sysctl.h>
long long cpucycles_x86estimate(void)
{
long long result;
asm volatile(".byte 15;.byte 49" : "=A" (result));
return result;
}
static long long microseconds(void)
{
struct timeval t;
gettimeofday(&t,(struct timezone *) 0);
return t.tv_sec * (long long) 1000000 + t.tv_usec;
}
static double guessfreq(void)
{
long long tb0; long long us0;
long long tb1; long long us1;
tb0 = cpucycles_x86estimate();
us0 = microseconds();
do {
tb1 = cpucycles_x86estimate();
us1 = microseconds();
} while (us1 - us0 < 10000 || tb1 - tb0 < 1000);
if (tb1 <= tb0) return 0;
tb1 -= tb0;
us1 -= us0;
return ((double) tb1) / (0.000001 * (double) us1);
}
static double cpufrequency = 0;
static void init(void)
{
double guess1;
double guess2;
int loop;
for (loop = 0;loop < 100;++loop) {
guess1 = guessfreq();
guess2 = guessfreq();
if (guess1 > 1.01 * guess2) continue;
if (guess2 > 1.01 * guess1) continue;
cpufrequency = 0.5 * (guess1 + guess2);
break;
}
}
long long cpucycles_x86estimate_persecond(void)
{
if (!cpufrequency) init();
return cpufrequency;
}

View File

@ -0,0 +1,27 @@
/*
cpucycles x86estimate.h version 20070121
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_x86estimate_h
#define CPUCYCLES_x86estimate_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_x86estimate(void);
extern long long cpucycles_x86estimate_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "x86estimate"
#define cpucycles cpucycles_x86estimate
#define cpucycles_persecond cpucycles_x86estimate_persecond
#endif
#endif

View File

@ -0,0 +1,17 @@
#include <sys/types.h>
#include <sys/sysctl.h>
long long cpucycles_x86tscfreq(void)
{
long long result;
asm volatile(".byte 15;.byte 49" : "=A" (result));
return result;
}
long long cpucycles_x86tscfreq_persecond(void)
{
long result = 0;
size_t resultlen = sizeof(long);
sysctlbyname("machdep.tsc_freq",&result,&resultlen,0,0);
return result;
}

View File

@ -0,0 +1,27 @@
/*
cpucycles x86tscfreq.h version 20060318
D. J. Bernstein
Public domain.
*/
#ifndef CPUCYCLES_x86tscfreq_h
#define CPUCYCLES_x86tscfreq_h
#ifdef __cplusplus
extern "C" {
#endif
extern long long cpucycles_x86tscfreq(void);
extern long long cpucycles_x86tscfreq_persecond(void);
#ifdef __cplusplus
}
#endif
#ifndef cpucycles_implementation
#define cpucycles_implementation "x86tscfreq"
#define cpucycles cpucycles_x86tscfreq
#define cpucycles_persecond cpucycles_x86tscfreq_persecond
#endif
#endif

16
nacl/cpuid/cbytes.c Normal file
View File

@ -0,0 +1,16 @@
#include <stdio.h>
int main()
{
char ch;
int loop = 0;
while (scanf("%c",&ch) == 1) {
printf("0x%02x,",255 & (int) ch);
if (++loop == 16) {
loop = 0;
printf("\n");
}
}
printf("0x00\n");
return 0;
}

41
nacl/cpuid/cpuid.c Normal file
View File

@ -0,0 +1,41 @@
#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
#include <unistd.h>
void nope()
{
exit(1);
}
int main()
{
unsigned long x[4];
unsigned long y[4];
int i;
int j;
char c;
signal(SIGILL,nope);
x[0] = 0;
x[1] = 0;
x[2] = 0;
x[3] = 0;
asm volatile(".byte 15;.byte 162" : "=a"(x[0]),"=b"(x[1]),"=c"(x[3]),"=d"(x[2]) : "0"(0) );
if (!x[0]) return 0;
asm volatile(".byte 15;.byte 162" : "=a"(y[0]),"=b"(y[1]),"=c"(y[2]),"=d"(y[3]) : "0"(1) );
for (i = 1;i < 4;++i)
for (j = 0;j < 4;++j) {
c = x[i] >> (8 * j);
if (c < 32) c = 32;
if (c > 126) c = 126;
putchar(c);
}
printf("-%08x-%08x\n",y[0],y[3]);
return 0;
}

37
nacl/cpuid/do Executable file
View File

@ -0,0 +1,37 @@
#!/bin/sh -e
mkdir include
(
echo x86
echo unknown
) | (
while read n
do
okabi | (
while read abi
do
okc-$abi | (
while read c
do
echo "=== `date` === Trying $n.c with $c..." >&2
rm -f cpuid.c
cp $n.c cpuid.c || continue
$c -o cpuid cpuid.c || continue
$c -o cbytes cbytes.c || continue
./cpuid > cpuid.out || continue
echo 'static const char cpuid[] = {' > cpuid.h || continue
./cbytes < cpuid.out >> cpuid.h || continue
echo '} ;' >> cpuid.h || continue
cp cpuid.h include/cpuid.h || continue
cat cpuid.out
exit 0
done
exit 111
) && exit 0
done
exit 111
) && exit 0
done
exit 111
)

7
nacl/cpuid/unknown.c Normal file
View File

@ -0,0 +1,7 @@
#include <stdio.h>
main()
{
printf("unknown CPU ID\n");
return 0;
}

41
nacl/cpuid/x86.c Normal file
View File

@ -0,0 +1,41 @@
#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
#include <unistd.h>
void nope()
{
exit(1);
}
int main()
{
unsigned long x[4];
unsigned long y[4];
int i;
int j;
char c;
signal(SIGILL,nope);
x[0] = 0;
x[1] = 0;
x[2] = 0;
x[3] = 0;
asm volatile(".byte 15;.byte 162" : "=a"(x[0]),"=b"(x[1]),"=c"(x[3]),"=d"(x[2]) : "0"(0) );
if (!x[0]) return 0;
asm volatile(".byte 15;.byte 162" : "=a"(y[0]),"=b"(y[1]),"=c"(y[2]),"=d"(y[3]) : "0"(1) );
for (i = 1;i < 4;++i)
for (j = 0;j < 4;++j) {
c = x[i] >> (8 * j);
if (c < 32) c = 32;
if (c > 126) c = 126;
putchar(c);
}
printf("-%08x-%08x\n",(unsigned int) y[0],(unsigned int) y[3]);
return 0;
}

View File

@ -0,0 +1 @@
3bd7abd4f4dce04396f2ac7cb1cff70607f692411c49a1563b037d31e1662632

View File

@ -0,0 +1,2 @@
#define CRYPTO_BYTES 32
#define CRYPTO_KEYBYTES 32

View File

@ -0,0 +1,83 @@
/*
* 20080913
* D. J. Bernstein
* Public domain.
* */
#include "crypto_hashblocks_sha256.h"
#include "crypto_auth.h"
#define blocks crypto_hashblocks_sha256
typedef unsigned int uint32;
static const char iv[32] = {
0x6a,0x09,0xe6,0x67,
0xbb,0x67,0xae,0x85,
0x3c,0x6e,0xf3,0x72,
0xa5,0x4f,0xf5,0x3a,
0x51,0x0e,0x52,0x7f,
0x9b,0x05,0x68,0x8c,
0x1f,0x83,0xd9,0xab,
0x5b,0xe0,0xcd,0x19,
} ;
int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
{
unsigned char h[32];
unsigned char padded[128];
int i;
unsigned long long bits = 512 + (inlen << 3);
for (i = 0;i < 32;++i) h[i] = iv[i];
for (i = 0;i < 32;++i) padded[i] = k[i] ^ 0x36;
for (i = 32;i < 64;++i) padded[i] = 0x36;
blocks(h,padded,64);
blocks(h,in,inlen);
in += inlen;
inlen &= 63;
in -= inlen;
for (i = 0;i < inlen;++i) padded[i] = in[i];
padded[inlen] = 0x80;
if (inlen < 56) {
for (i = inlen + 1;i < 56;++i) padded[i] = 0;
padded[56] = bits >> 56;
padded[57] = bits >> 48;
padded[58] = bits >> 40;
padded[59] = bits >> 32;
padded[60] = bits >> 24;
padded[61] = bits >> 16;
padded[62] = bits >> 8;
padded[63] = bits;
blocks(h,padded,64);
} else {
for (i = inlen + 1;i < 120;++i) padded[i] = 0;
padded[120] = bits >> 56;
padded[121] = bits >> 48;
padded[122] = bits >> 40;
padded[123] = bits >> 32;
padded[124] = bits >> 24;
padded[125] = bits >> 16;
padded[126] = bits >> 8;
padded[127] = bits;
blocks(h,padded,128);
}
for (i = 0;i < 32;++i) padded[i] = k[i] ^ 0x5c;
for (i = 32;i < 64;++i) padded[i] = 0x5c;
for (i = 0;i < 32;++i) padded[64 + i] = h[i];
for (i = 0;i < 32;++i) out[i] = iv[i];
for (i = 32;i < 64;++i) padded[64 + i] = 0;
padded[64 + 32] = 0x80;
padded[64 + 62] = 3;
blocks(out,padded,128);
return 0;
}

View File

@ -0,0 +1,9 @@
#include "crypto_verify_32.h"
#include "crypto_auth.h"
int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
{
unsigned char correct[32];
crypto_auth(correct,in,inlen,k);
return crypto_verify_32(h,correct);
}

View File

View File

@ -0,0 +1 @@
2f5e8a6a0cac012d8d001351d7d583e69f91390df46305c3608e0c2893491886

View File

@ -0,0 +1,2 @@
#define CRYPTO_BYTES 32
#define CRYPTO_KEYBYTES 32

View File

@ -0,0 +1,86 @@
/*
* 20080913
* D. J. Bernstein
* Public domain.
* */
#include "crypto_hashblocks_sha512.h"
#include "crypto_auth.h"
#define blocks crypto_hashblocks_sha512
typedef unsigned long long uint64;
static const unsigned char iv[64] = {
0x6a,0x09,0xe6,0x67,0xf3,0xbc,0xc9,0x08,
0xbb,0x67,0xae,0x85,0x84,0xca,0xa7,0x3b,
0x3c,0x6e,0xf3,0x72,0xfe,0x94,0xf8,0x2b,
0xa5,0x4f,0xf5,0x3a,0x5f,0x1d,0x36,0xf1,
0x51,0x0e,0x52,0x7f,0xad,0xe6,0x82,0xd1,
0x9b,0x05,0x68,0x8c,0x2b,0x3e,0x6c,0x1f,
0x1f,0x83,0xd9,0xab,0xfb,0x41,0xbd,0x6b,
0x5b,0xe0,0xcd,0x19,0x13,0x7e,0x21,0x79
} ;
int crypto_auth(unsigned char *out,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
{
unsigned char h[64];
unsigned char padded[256];
int i;
unsigned long long bytes = 128 + inlen;
for (i = 0;i < 64;++i) h[i] = iv[i];
for (i = 0;i < 32;++i) padded[i] = k[i] ^ 0x36;
for (i = 32;i < 128;++i) padded[i] = 0x36;
blocks(h,padded,128);
blocks(h,in,inlen);
in += inlen;
inlen &= 127;
in -= inlen;
for (i = 0;i < inlen;++i) padded[i] = in[i];
padded[inlen] = 0x80;
if (inlen < 112) {
for (i = inlen + 1;i < 119;++i) padded[i] = 0;
padded[119] = bytes >> 61;
padded[120] = bytes >> 53;
padded[121] = bytes >> 45;
padded[122] = bytes >> 37;
padded[123] = bytes >> 29;
padded[124] = bytes >> 21;
padded[125] = bytes >> 13;
padded[126] = bytes >> 5;
padded[127] = bytes << 3;
blocks(h,padded,128);
} else {
for (i = inlen + 1;i < 247;++i) padded[i] = 0;
padded[247] = bytes >> 61;
padded[248] = bytes >> 53;
padded[249] = bytes >> 45;
padded[250] = bytes >> 37;
padded[251] = bytes >> 29;
padded[252] = bytes >> 21;
padded[253] = bytes >> 13;
padded[254] = bytes >> 5;
padded[255] = bytes << 3;
blocks(h,padded,256);
}
for (i = 0;i < 32;++i) padded[i] = k[i] ^ 0x5c;
for (i = 32;i < 128;++i) padded[i] = 0x5c;
for (i = 0;i < 64;++i) padded[128 + i] = h[i];
for (i = 0;i < 64;++i) h[i] = iv[i];
for (i = 64;i < 128;++i) padded[128 + i] = 0;
padded[128 + 64] = 0x80;
padded[128 + 126] = 6;
blocks(h,padded,256);
for (i = 0;i < 32;++i) out[i] = h[i];
return 0;
}

View File

@ -0,0 +1,9 @@
#include "crypto_verify_32.h"
#include "crypto_auth.h"
int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k)
{
unsigned char correct[32];
crypto_auth(correct,in,inlen,k);
return crypto_verify_32(h,correct);
}

View File

View File

View File

@ -0,0 +1,69 @@
#include "crypto_auth.h"
#include "randombytes.h"
#include "cpucycles.h"
extern void printentry(long long,const char *,long long *,long long);
extern unsigned char *alignedcalloc(unsigned long long);
extern const char *primitiveimplementation;
extern const char *implementationversion;
extern const char *sizenames[];
extern const long long sizes[];
extern void allocate(void);
extern void measure(void);
const char *primitiveimplementation = crypto_auth_IMPLEMENTATION;
const char *implementationversion = crypto_auth_VERSION;
const char *sizenames[] = { "outputbytes", "keybytes", 0 };
const long long sizes[] = { crypto_auth_BYTES, crypto_auth_KEYBYTES };
#define MAXTEST_BYTES 4096
#ifdef SUPERCOP
#define MGAP 8192
#else
#define MGAP 8
#endif
static unsigned char *k;
static unsigned char *m;
static unsigned char *h;
void preallocate(void)
{
}
void allocate(void)
{
k = alignedcalloc(crypto_auth_KEYBYTES);
m = alignedcalloc(MAXTEST_BYTES);
h = alignedcalloc(crypto_auth_BYTES);
}
#define TIMINGS 15
static long long cycles[TIMINGS + 1];
void measure(void)
{
int i;
int loop;
int mlen;
for (loop = 0;loop < LOOPS;++loop) {
for (mlen = 0;mlen <= MAXTEST_BYTES;mlen += 1 + mlen / MGAP) {
randombytes(k,crypto_auth_KEYBYTES);
randombytes(m,mlen);
randombytes(h,crypto_auth_BYTES);
for (i = 0;i <= TIMINGS;++i) {
cycles[i] = cpucycles();
crypto_auth(h,m,mlen,k);
}
for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i];
printentry(mlen,"cycles",cycles,TIMINGS);
for (i = 0;i <= TIMINGS;++i) {
cycles[i] = cpucycles();
crypto_auth_verify(h,m,mlen,k);
}
for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i];
printentry(mlen,"verify_cycles",cycles,TIMINGS);
}
}
}

119
nacl/crypto_auth/try.c Normal file
View File

@ -0,0 +1,119 @@
/*
* crypto_auth/try.c version 20090118
* D. J. Bernstein
* Public domain.
*/
#include "crypto_hash_sha256.h"
#include "crypto_auth.h"
extern unsigned char *alignedcalloc(unsigned long long);
const char *primitiveimplementation = crypto_auth_IMPLEMENTATION;
#define MAXTEST_BYTES 10000
#define CHECKSUM_BYTES 4096
#define TUNE_BYTES 1536
static unsigned char *h;
static unsigned char *m;
static unsigned char *k;
static unsigned char *h2;
static unsigned char *m2;
static unsigned char *k2;
void preallocate(void)
{
}
void allocate(void)
{
h = alignedcalloc(crypto_auth_BYTES);
m = alignedcalloc(MAXTEST_BYTES);
k = alignedcalloc(crypto_auth_KEYBYTES);
h2 = alignedcalloc(crypto_auth_BYTES);
m2 = alignedcalloc(MAXTEST_BYTES + crypto_auth_BYTES);
k2 = alignedcalloc(crypto_auth_KEYBYTES + crypto_auth_BYTES);
}
void predoit(void)
{
}
void doit(void)
{
crypto_auth(h,m,TUNE_BYTES,k);
crypto_auth_verify(h,m,TUNE_BYTES,k);
}
char checksum[crypto_auth_BYTES * 2 + 1];
const char *checksum_compute(void)
{
long long i;
long long j;
for (i = 0;i < CHECKSUM_BYTES;++i) {
long long mlen = i;
long long klen = crypto_auth_KEYBYTES;
long long hlen = crypto_auth_BYTES;
for (j = -16;j < 0;++j) h[j] = random();
for (j = -16;j < 0;++j) k[j] = random();
for (j = -16;j < 0;++j) m[j] = random();
for (j = hlen;j < hlen + 16;++j) h[j] = random();
for (j = klen;j < klen + 16;++j) k[j] = random();
for (j = mlen;j < mlen + 16;++j) m[j] = random();
for (j = -16;j < hlen + 16;++j) h2[j] = h[j];
for (j = -16;j < klen + 16;++j) k2[j] = k[j];
for (j = -16;j < mlen + 16;++j) m2[j] = m[j];
if (crypto_auth(h,m,mlen,k) != 0) return "crypto_auth returns nonzero";
for (j = -16;j < klen + 16;++j) if (k[j] != k2[j]) return "crypto_auth overwrites k";
for (j = -16;j < mlen + 16;++j) if (m[j] != m2[j]) return "crypto_auth overwrites m";
for (j = -16;j < 0;++j) if (h[j] != h2[j]) return "crypto_auth writes before output";
for (j = hlen;j < hlen + 16;++j) if (h[j] != h2[j]) return "crypto_auth writes after output";
for (j = -16;j < 0;++j) h[j] = random();
for (j = -16;j < 0;++j) k[j] = random();
for (j = -16;j < 0;++j) m[j] = random();
for (j = hlen;j < hlen + 16;++j) h[j] = random();
for (j = klen;j < klen + 16;++j) k[j] = random();
for (j = mlen;j < mlen + 16;++j) m[j] = random();
for (j = -16;j < hlen + 16;++j) h2[j] = h[j];
for (j = -16;j < klen + 16;++j) k2[j] = k[j];
for (j = -16;j < mlen + 16;++j) m2[j] = m[j];
if (crypto_auth(m2,m2,mlen,k) != 0) return "crypto_auth returns nonzero";
for (j = 0;j < hlen;++j) if (m2[j] != h[j]) return "crypto_auth does not handle m overlap";
for (j = 0;j < hlen;++j) m2[j] = m[j];
if (crypto_auth(k2,m2,mlen,k2) != 0) return "crypto_auth returns nonzero";
for (j = 0;j < hlen;++j) if (k2[j] != h[j]) return "crypto_auth does not handle k overlap";
for (j = 0;j < hlen;++j) k2[j] = k[j];
if (crypto_auth_verify(h,m,mlen,k) != 0) return "crypto_auth_verify returns nonzero";
for (j = -16;j < hlen + 16;++j) if (h[j] != h2[j]) return "crypto_auth overwrites h";
for (j = -16;j < klen + 16;++j) if (k[j] != k2[j]) return "crypto_auth overwrites k";
for (j = -16;j < mlen + 16;++j) if (m[j] != m2[j]) return "crypto_auth overwrites m";
crypto_hash_sha256(h2,h,hlen);
for (j = 0;j < klen;++j) k[j] ^= h2[j % 32];
if (crypto_auth(h,m,mlen,k) != 0) return "crypto_auth returns nonzero";
if (crypto_auth_verify(h,m,mlen,k) != 0) return "crypto_auth_verify returns nonzero";
crypto_hash_sha256(h2,h,hlen);
for (j = 0;j < mlen;++j) m[j] ^= h2[j % 32];
m[mlen] = h2[0];
}
if (crypto_auth(h,m,CHECKSUM_BYTES,k) != 0) return "crypto_auth returns nonzero";
if (crypto_auth_verify(h,m,CHECKSUM_BYTES,k) != 0) return "crypto_auth_verify returns nonzero";
for (i = 0;i < crypto_auth_BYTES;++i) {
checksum[2 * i] = "0123456789abcdef"[15 & (h[i] >> 4)];
checksum[2 * i + 1] = "0123456789abcdef"[15 & h[i]];
}
checksum[2 * i] = 0;
return 0;
}

View File

@ -0,0 +1,11 @@
#include <string>
using std::string;
#include "crypto_auth.h"
string crypto_auth(const string &m,const string &k)
{
if (k.size() != crypto_auth_KEYBYTES) throw "incorrect key length";
unsigned char a[crypto_auth_BYTES];
crypto_auth(a,(const unsigned char *) m.c_str(),m.size(),(const unsigned char *) k.c_str());
return string((char *) a,crypto_auth_BYTES);
}

View File

@ -0,0 +1,14 @@
#include <string>
using std::string;
#include "crypto_auth.h"
void crypto_auth_verify(const string &a,const string &m,const string &k)
{
if (k.size() != crypto_auth_KEYBYTES) throw "incorrect key length";
if (a.size() != crypto_auth_BYTES) throw "incorrect authenticator length";
if (crypto_auth_verify(
(const unsigned char *) a.c_str(),
(const unsigned char *) m.c_str(),m.size(),
(const unsigned char *) k.c_str()) == 0) return;
throw "invalid authenticator";
}

View File

@ -0,0 +1 @@
5fac7400caabc14a99c5c0bc13fb1df5e468e870382a3a1c

View File

@ -0,0 +1,22 @@
#include "crypto_secretbox_xsalsa20poly1305.h"
#include "crypto_box.h"
int crypto_box_afternm(
unsigned char *c,
const unsigned char *m,unsigned long long mlen,
const unsigned char *n,
const unsigned char *k
)
{
return crypto_secretbox_xsalsa20poly1305(c,m,mlen,n,k);
}
int crypto_box_open_afternm(
unsigned char *m,
const unsigned char *c,unsigned long long clen,
const unsigned char *n,
const unsigned char *k
)
{
return crypto_secretbox_xsalsa20poly1305_open(m,c,clen,n,k);
}

View File

@ -0,0 +1,6 @@
#define CRYPTO_PUBLICKEYBYTES 32
#define CRYPTO_SECRETKEYBYTES 32
#define CRYPTO_BEFORENMBYTES 32
#define CRYPTO_NONCEBYTES 24
#define CRYPTO_ZEROBYTES 32
#define CRYPTO_BOXZEROBYTES 16

View File

@ -0,0 +1,17 @@
#include "crypto_core_hsalsa20.h"
#include "crypto_scalarmult_curve25519.h"
#include "crypto_box.h"
static const unsigned char sigma[16] = "expand 32-byte k";
static const unsigned char n[16] = {0};
int crypto_box_beforenm(
unsigned char *k,
const unsigned char *pk,
const unsigned char *sk
)
{
unsigned char s[32];
crypto_scalarmult_curve25519(s,sk,pk);
return crypto_core_hsalsa20(k,n,s,sigma);
}

View File

@ -0,0 +1,27 @@
#include "crypto_box.h"
int crypto_box(
unsigned char *c,
const unsigned char *m,unsigned long long mlen,
const unsigned char *n,
const unsigned char *pk,
const unsigned char *sk
)
{
unsigned char k[crypto_box_BEFORENMBYTES];
crypto_box_beforenm(k,pk,sk);
return crypto_box_afternm(c,m,mlen,n,k);
}
int crypto_box_open(
unsigned char *m,
const unsigned char *c,unsigned long long clen,
const unsigned char *n,
const unsigned char *pk,
const unsigned char *sk
)
{
unsigned char k[crypto_box_BEFORENMBYTES];
crypto_box_beforenm(k,pk,sk);
return crypto_box_open_afternm(m,c,clen,n,k);
}

View File

@ -0,0 +1,12 @@
#include "crypto_scalarmult_curve25519.h"
#include "crypto_box.h"
#include "randombytes.h"
int crypto_box_keypair(
unsigned char *pk,
unsigned char *sk
)
{
randombytes(sk,32);
return crypto_scalarmult_curve25519_base(pk,sk);
}

137
nacl/crypto_box/measure.c Normal file
View File

@ -0,0 +1,137 @@
#include <stdlib.h>
#include "randombytes.h"
#include "cpucycles.h"
#include "crypto_box.h"
extern void printentry(long long,const char *,long long *,long long);
extern unsigned char *alignedcalloc(unsigned long long);
extern const char *primitiveimplementation;
extern const char *implementationversion;
extern const char *sizenames[];
extern const long long sizes[];
extern void allocate(void);
extern void measure(void);
const char *primitiveimplementation = crypto_box_IMPLEMENTATION;
const char *implementationversion = crypto_box_VERSION;
const char *sizenames[] = { "publickeybytes", "secretkeybytes", "beforenmbytes", "noncebytes", "zerobytes", "boxzerobytes", 0 };
const long long sizes[] = { crypto_box_PUBLICKEYBYTES, crypto_box_SECRETKEYBYTES, crypto_box_BEFORENMBYTES, crypto_box_NONCEBYTES, crypto_box_ZEROBYTES, crypto_box_BOXZEROBYTES };
#define MAXTEST_BYTES 4096
static unsigned char *ska;
static unsigned char *pka;
static unsigned char *skb;
static unsigned char *pkb;
static unsigned char *n;
static unsigned char *m;
static unsigned char *c;
static unsigned char *sa;
static unsigned char *sb;
void preallocate(void)
{
}
void allocate(void)
{
ska = alignedcalloc(crypto_box_SECRETKEYBYTES);
pka = alignedcalloc(crypto_box_PUBLICKEYBYTES);
skb = alignedcalloc(crypto_box_SECRETKEYBYTES);
pkb = alignedcalloc(crypto_box_PUBLICKEYBYTES);
n = alignedcalloc(crypto_box_NONCEBYTES);
m = alignedcalloc(MAXTEST_BYTES + crypto_box_ZEROBYTES);
c = alignedcalloc(MAXTEST_BYTES + crypto_box_ZEROBYTES);
sa = alignedcalloc(crypto_box_BEFORENMBYTES);
sb = alignedcalloc(crypto_box_BEFORENMBYTES);
}
#define TIMINGS 15
static long long cycles[TIMINGS + 1];
void measure(void)
{
int i;
int loop;
int mlen;
for (loop = 0;loop < LOOPS;++loop) {
for (i = 0;i <= TIMINGS;++i) {
cycles[i] = cpucycles();
crypto_box_keypair(pka,ska);
}
for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i];
printentry(-1,"keypair_cycles",cycles,TIMINGS);
for (i = 0;i <= TIMINGS;++i) {
cycles[i] = cpucycles();
crypto_box_keypair(pkb,skb);
}
for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i];
printentry(-1,"keypair_cycles",cycles,TIMINGS);
for (i = 0;i <= TIMINGS;++i) {
cycles[i] = cpucycles();
crypto_box_beforenm(sa,pkb,ska);
}
for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i];
printentry(-1,"beforenm_cycles",cycles,TIMINGS);
for (i = 0;i <= TIMINGS;++i) {
cycles[i] = cpucycles();
crypto_box_beforenm(sb,pka,skb);
}
for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i];
printentry(-1,"beforenm_cycles",cycles,TIMINGS);
for (mlen = 0;mlen <= MAXTEST_BYTES;mlen += 1 + mlen / 8) {
randombytes(n,crypto_box_NONCEBYTES);
randombytes(m + crypto_box_ZEROBYTES,mlen);
randombytes(c,mlen + crypto_box_ZEROBYTES);
for (i = 0;i <= TIMINGS;++i) {
cycles[i] = cpucycles();
crypto_box(c,m,mlen + crypto_box_ZEROBYTES,n,pka,skb);
}
for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i];
printentry(mlen,"cycles",cycles,TIMINGS);
for (i = 0;i <= TIMINGS;++i) {
cycles[i] = cpucycles();
crypto_box_open(m,c,mlen + crypto_box_ZEROBYTES,n,pkb,ska);
}
for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i];
printentry(mlen,"open_cycles",cycles,TIMINGS);
++c[crypto_box_ZEROBYTES];
for (i = 0;i <= TIMINGS;++i) {
cycles[i] = cpucycles();
crypto_box_open(m,c,mlen + crypto_box_ZEROBYTES,n,pkb,ska);
}
for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i];
printentry(mlen,"forgery_open_cycles",cycles,TIMINGS);
for (i = 0;i <= TIMINGS;++i) {
cycles[i] = cpucycles();
crypto_box_afternm(c,m,mlen + crypto_box_ZEROBYTES,n,sb);
}
for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i];
printentry(mlen,"afternm_cycles",cycles,TIMINGS);
for (i = 0;i <= TIMINGS;++i) {
cycles[i] = cpucycles();
crypto_box_open_afternm(m,c,mlen + crypto_box_ZEROBYTES,n,sa);
}
for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i];
printentry(mlen,"open_afternm_cycles",cycles,TIMINGS);
++c[crypto_box_ZEROBYTES];
for (i = 0;i <= TIMINGS;++i) {
cycles[i] = cpucycles();
crypto_box_open_afternm(m,c,mlen + crypto_box_ZEROBYTES,n,sa);
}
for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i];
printentry(mlen,"forgery_open_afternm_cycles",cycles,TIMINGS);
}
}
}

195
nacl/crypto_box/try.c Normal file
View File

@ -0,0 +1,195 @@
/*
* crypto_box/try.c version 20090118
* D. J. Bernstein
* Public domain.
*/
#include "crypto_box.h"
extern unsigned char *alignedcalloc(unsigned long long);
const char *primitiveimplementation = crypto_box_IMPLEMENTATION;
#define MAXTEST_BYTES 10000
#define CHECKSUM_BYTES 4096
#define TUNE_BYTES 1536
static unsigned char *ska;
static unsigned char *pka;
static unsigned char *skb;
static unsigned char *pkb;
static unsigned char *s;
static unsigned char *n;
static unsigned char *m;
static unsigned char *c;
static unsigned char *t;
static unsigned char *ska2;
static unsigned char *pka2;
static unsigned char *skb2;
static unsigned char *pkb2;
static unsigned char *s2;
static unsigned char *n2;
static unsigned char *m2;
static unsigned char *c2;
static unsigned char *t2;
#define sklen crypto_box_SECRETKEYBYTES
#define pklen crypto_box_PUBLICKEYBYTES
#define nlen crypto_box_NONCEBYTES
#define slen crypto_box_BEFORENMBYTES
void preallocate(void)
{
}
void allocate(void)
{
ska = alignedcalloc(sklen);
pka = alignedcalloc(pklen);
skb = alignedcalloc(sklen);
pkb = alignedcalloc(pklen);
n = alignedcalloc(nlen);
m = alignedcalloc(MAXTEST_BYTES + crypto_box_ZEROBYTES);
c = alignedcalloc(MAXTEST_BYTES + crypto_box_ZEROBYTES);
t = alignedcalloc(MAXTEST_BYTES + crypto_box_ZEROBYTES);
s = alignedcalloc(slen);
ska2 = alignedcalloc(sklen);
pka2 = alignedcalloc(pklen);
skb2 = alignedcalloc(sklen);
pkb2 = alignedcalloc(pklen);
n2 = alignedcalloc(nlen);
m2 = alignedcalloc(MAXTEST_BYTES + crypto_box_ZEROBYTES);
c2 = alignedcalloc(MAXTEST_BYTES + crypto_box_ZEROBYTES);
t2 = alignedcalloc(MAXTEST_BYTES + crypto_box_ZEROBYTES);
s2 = alignedcalloc(slen);
}
void predoit(void)
{
}
void doit(void)
{
crypto_box(c,m,TUNE_BYTES + crypto_box_ZEROBYTES,n,pka,skb);
crypto_box_open(t,c,TUNE_BYTES + crypto_box_ZEROBYTES,n,pkb,ska);
}
char checksum[nlen * 2 + 1];
const char *checksum_compute(void)
{
long long i;
long long j;
if (crypto_box_keypair(pka,ska) != 0) return "crypto_box_keypair returns nonzero";
if (crypto_box_keypair(pkb,skb) != 0) return "crypto_box_keypair returns nonzero";
for (j = 0;j < crypto_box_ZEROBYTES;++j) m[j] = 0;
for (i = 0;i < CHECKSUM_BYTES;++i) {
long long mlen = i + crypto_box_ZEROBYTES;
long long tlen = i + crypto_box_ZEROBYTES;
long long clen = i + crypto_box_ZEROBYTES;
for (j = -16;j < 0;++j) ska[j] = random();
for (j = -16;j < 0;++j) skb[j] = random();
for (j = -16;j < 0;++j) pka[j] = random();
for (j = -16;j < 0;++j) pkb[j] = random();
for (j = -16;j < 0;++j) m[j] = random();
for (j = -16;j < 0;++j) n[j] = random();
for (j = sklen;j < sklen + 16;++j) ska[j] = random();
for (j = sklen;j < sklen + 16;++j) skb[j] = random();
for (j = pklen;j < pklen + 16;++j) pka[j] = random();
for (j = pklen;j < pklen + 16;++j) pkb[j] = random();
for (j = mlen;j < mlen + 16;++j) m[j] = random();
for (j = nlen;j < nlen + 16;++j) n[j] = random();
for (j = -16;j < sklen + 16;++j) ska2[j] = ska[j];
for (j = -16;j < sklen + 16;++j) skb2[j] = skb[j];
for (j = -16;j < pklen + 16;++j) pka2[j] = pka[j];
for (j = -16;j < pklen + 16;++j) pkb2[j] = pkb[j];
for (j = -16;j < mlen + 16;++j) m2[j] = m[j];
for (j = -16;j < nlen + 16;++j) n2[j] = n[j];
for (j = -16;j < clen + 16;++j) c2[j] = c[j] = random();
if (crypto_box(c,m,mlen,n,pkb,ska) != 0) return "crypto_box returns nonzero";
for (j = -16;j < mlen + 16;++j) if (m2[j] != m[j]) return "crypto_box overwrites m";
for (j = -16;j < nlen + 16;++j) if (n2[j] != n[j]) return "crypto_box overwrites n";
for (j = -16;j < 0;++j) if (c2[j] != c[j]) return "crypto_box writes before output";
for (j = clen;j < clen + 16;++j) if (c2[j] != c[j]) return "crypto_box writes after output";
for (j = 0;j < crypto_box_BOXZEROBYTES;++j)
if (c[j] != 0) return "crypto_box does not clear extra bytes";
for (j = -16;j < sklen + 16;++j) if (ska2[j] != ska[j]) return "crypto_box overwrites ska";
for (j = -16;j < sklen + 16;++j) if (skb2[j] != skb[j]) return "crypto_box overwrites skb";
for (j = -16;j < pklen + 16;++j) if (pka2[j] != pka[j]) return "crypto_box overwrites pka";
for (j = -16;j < pklen + 16;++j) if (pkb2[j] != pkb[j]) return "crypto_box overwrites pkb";
for (j = -16;j < 0;++j) c[j] = random();
for (j = clen;j < clen + 16;++j) c[j] = random();
for (j = -16;j < clen + 16;++j) c2[j] = c[j];
for (j = -16;j < tlen + 16;++j) t2[j] = t[j] = random();
if (crypto_box_open(t,c,clen,n,pka,skb) != 0) return "crypto_box_open returns nonzero";
for (j = -16;j < clen + 16;++j) if (c2[j] != c[j]) return "crypto_box_open overwrites c";
for (j = -16;j < nlen + 16;++j) if (n2[j] != n[j]) return "crypto_box_open overwrites n";
for (j = -16;j < 0;++j) if (t2[j] != t[j]) return "crypto_box_open writes before output";
for (j = tlen;j < tlen + 16;++j) if (t2[j] != t[j]) return "crypto_box_open writes after output";
for (j = 0;j < crypto_box_ZEROBYTES;++j)
if (t[j] != 0) return "crypto_box_open does not clear extra bytes";
for (j = -16;j < sklen + 16;++j) if (ska2[j] != ska[j]) return "crypto_box_open overwrites ska";
for (j = -16;j < sklen + 16;++j) if (skb2[j] != skb[j]) return "crypto_box_open overwrites skb";
for (j = -16;j < pklen + 16;++j) if (pka2[j] != pka[j]) return "crypto_box_open overwrites pka";
for (j = -16;j < pklen + 16;++j) if (pkb2[j] != pkb[j]) return "crypto_box_open overwrites pkb";
for (j = 0;j < mlen;++j) if (t[j] != m[j]) return "plaintext does not match";
for (j = -16;j < slen + 16;++j) s2[j] = s[j] = random();
if (crypto_box_beforenm(s,pkb,ska) != 0) return "crypto_box_beforenm returns nonzero";
for (j = -16;j < pklen + 16;++j) if (pka2[j] != pka[j]) return "crypto_box_open overwrites pk";
for (j = -16;j < sklen + 16;++j) if (skb2[j] != skb[j]) return "crypto_box_open overwrites sk";
for (j = -16;j < 0;++j) if (s2[j] != s[j]) return "crypto_box_beforenm writes before output";
for (j = slen;j < slen + 16;++j) if (s2[j] != s[j]) return "crypto_box_beforenm writes after output";
for (j = -16;j < slen + 16;++j) s2[j] = s[j];
for (j = -16;j < tlen + 16;++j) t2[j] = t[j] = random();
if (crypto_box_afternm(t,m,mlen,n,s) != 0) return "crypto_box_afternm returns nonzero";
for (j = -16;j < slen + 16;++j) if (s2[j] != s[j]) return "crypto_box_afternm overwrites s";
for (j = -16;j < mlen + 16;++j) if (m2[j] != m[j]) return "crypto_box_afternm overwrites m";
for (j = -16;j < nlen + 16;++j) if (n2[j] != n[j]) return "crypto_box_afternm overwrites n";
for (j = -16;j < 0;++j) if (t2[j] != t[j]) return "crypto_box_afternm writes before output";
for (j = tlen;j < tlen + 16;++j) if (t2[j] != t[j]) return "crypto_box_afternm writes after output";
for (j = 0;j < crypto_box_BOXZEROBYTES;++j)
if (t[j] != 0) return "crypto_box_afternm does not clear extra bytes";
for (j = 0;j < mlen;++j) if (t[j] != c[j]) return "crypto_box_afternm does not match crypto_box";
if (crypto_box_beforenm(s,pka,skb) != 0) return "crypto_box_beforenm returns nonzero";
for (j = -16;j < tlen + 16;++j) t2[j] = t[j] = random();
if (crypto_box_open_afternm(t,c,clen,n,s) != 0) return "crypto_box_open_afternm returns nonzero";
for (j = -16;j < slen + 16;++j) if (s2[j] != s[j]) return "crypto_box_open_afternm overwrites s";
for (j = -16;j < mlen + 16;++j) if (m2[j] != m[j]) return "crypto_box_open_afternm overwrites m";
for (j = -16;j < nlen + 16;++j) if (n2[j] != n[j]) return "crypto_box_open_afternm overwrites n";
for (j = -16;j < 0;++j) if (t2[j] != t[j]) return "crypto_box_open_afternm writes before output";
for (j = tlen;j < tlen + 16;++j) if (t2[j] != t[j]) return "crypto_box_open_afternm writes after output";
for (j = 0;j < crypto_box_ZEROBYTES;++j)
if (t[j] != 0) return "crypto_box_open_afternm does not clear extra bytes";
for (j = 0;j < mlen;++j) if (t[j] != m[j]) return "crypto_box_open_afternm does not match crypto_box_open";
for (j = 0;j < i;++j) n[j % nlen] ^= c[j + crypto_box_BOXZEROBYTES];
if (i == 0) m[crypto_box_ZEROBYTES] = 0;
m[i + crypto_box_ZEROBYTES] = m[crypto_box_ZEROBYTES];
for (j = 0;j < i;++j) m[j + crypto_box_ZEROBYTES] ^= c[j + crypto_box_BOXZEROBYTES];
}
for (i = 0;i < nlen;++i) {
checksum[2 * i] = "0123456789abcdef"[15 & (n[i] >> 4)];
checksum[2 * i + 1] = "0123456789abcdef"[15 & n[i]];
}
checksum[2 * i] = 0;
return 0;
}

View File

@ -0,0 +1,24 @@
#include <string>
using std::string;
#include "crypto_box.h"
string crypto_box(const string &m,const string &n,const string &pk,const string &sk)
{
if (pk.size() != crypto_box_PUBLICKEYBYTES) throw "incorrect public-key length";
if (sk.size() != crypto_box_SECRETKEYBYTES) throw "incorrect secret-key length";
if (n.size() != crypto_box_NONCEBYTES) throw "incorrect nonce length";
size_t mlen = m.size() + crypto_box_ZEROBYTES;
unsigned char mpad[mlen];
for (int i = 0;i < crypto_box_ZEROBYTES;++i) mpad[i] = 0;
for (int i = crypto_box_ZEROBYTES;i < mlen;++i) mpad[i] = m[i - crypto_box_ZEROBYTES];
unsigned char cpad[mlen];
crypto_box(cpad,mpad,mlen,
(const unsigned char *) n.c_str(),
(const unsigned char *) pk.c_str(),
(const unsigned char *) sk.c_str()
);
return string(
(char *) cpad + crypto_box_BOXZEROBYTES,
mlen - crypto_box_BOXZEROBYTES
);
}

View File

@ -0,0 +1,12 @@
#include <string>
using std::string;
#include "crypto_box.h"
string crypto_box_keypair(string *sk_string)
{
unsigned char pk[crypto_box_PUBLICKEYBYTES];
unsigned char sk[crypto_box_SECRETKEYBYTES];
crypto_box_keypair(pk,sk);
*sk_string = string((char *) sk,sizeof sk);
return string((char *) pk,sizeof pk);
}

View File

@ -0,0 +1,27 @@
#include <string>
using std::string;
#include "crypto_box.h"
string crypto_box_open(const string &c,const string &n,const string &pk,const string &sk)
{
if (pk.size() != crypto_box_PUBLICKEYBYTES) throw "incorrect public-key length";
if (sk.size() != crypto_box_SECRETKEYBYTES) throw "incorrect secret-key length";
if (n.size() != crypto_box_NONCEBYTES) throw "incorrect nonce length";
size_t clen = c.size() + crypto_box_BOXZEROBYTES;
unsigned char cpad[clen];
for (int i = 0;i < crypto_box_BOXZEROBYTES;++i) cpad[i] = 0;
for (int i = crypto_box_BOXZEROBYTES;i < clen;++i) cpad[i] = c[i - crypto_box_BOXZEROBYTES];
unsigned char mpad[clen];
if (crypto_box_open(mpad,cpad,clen,
(const unsigned char *) n.c_str(),
(const unsigned char *) pk.c_str(),
(const unsigned char *) sk.c_str()
) != 0)
throw "ciphertext fails verification";
if (clen < crypto_box_ZEROBYTES)
throw "ciphertext too short"; // should have been caught by _open
return string(
(char *) mpad + crypto_box_ZEROBYTES,
clen - crypto_box_ZEROBYTES
);
}

View File

@ -0,0 +1 @@
28ebe700b5878570702a68740aa131e6fa907e58a3f6915cd183c6db3f7afd7a

View File

@ -0,0 +1,4 @@
#define CRYPTO_OUTPUTBYTES 32
#define CRYPTO_INPUTBYTES 16
#define CRYPTO_KEYBYTES 32
#define CRYPTO_CONSTBYTES 16

View File

@ -0,0 +1,135 @@
/*
version 20080912
D. J. Bernstein
Public domain.
*/
#include "crypto_core.h"
#define ROUNDS 20
typedef unsigned int uint32;
static uint32 rotate(uint32 u,int c)
{
return (u << c) | (u >> (32 - c));
}
static uint32 load_littleendian(const unsigned char *x)
{
return
(uint32) (x[0]) \
| (((uint32) (x[1])) << 8) \
| (((uint32) (x[2])) << 16) \
| (((uint32) (x[3])) << 24)
;
}
static void store_littleendian(unsigned char *x,uint32 u)
{
x[0] = u; u >>= 8;
x[1] = u; u >>= 8;
x[2] = u; u >>= 8;
x[3] = u;
}
int crypto_core(
unsigned char *out,
const unsigned char *in,
const unsigned char *k,
const unsigned char *c
)
{
uint32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15;
uint32 j0, j1, j2, j3, j4, j5, j6, j7, j8, j9, j10, j11, j12, j13, j14, j15;
int i;
j0 = x0 = load_littleendian(c + 0);
j1 = x1 = load_littleendian(k + 0);
j2 = x2 = load_littleendian(k + 4);
j3 = x3 = load_littleendian(k + 8);
j4 = x4 = load_littleendian(k + 12);
j5 = x5 = load_littleendian(c + 4);
j6 = x6 = load_littleendian(in + 0);
j7 = x7 = load_littleendian(in + 4);
j8 = x8 = load_littleendian(in + 8);
j9 = x9 = load_littleendian(in + 12);
j10 = x10 = load_littleendian(c + 8);
j11 = x11 = load_littleendian(k + 16);
j12 = x12 = load_littleendian(k + 20);
j13 = x13 = load_littleendian(k + 24);
j14 = x14 = load_littleendian(k + 28);
j15 = x15 = load_littleendian(c + 12);
for (i = ROUNDS;i > 0;i -= 2) {
x4 ^= rotate( x0+x12, 7);
x8 ^= rotate( x4+ x0, 9);
x12 ^= rotate( x8+ x4,13);
x0 ^= rotate(x12+ x8,18);
x9 ^= rotate( x5+ x1, 7);
x13 ^= rotate( x9+ x5, 9);
x1 ^= rotate(x13+ x9,13);
x5 ^= rotate( x1+x13,18);
x14 ^= rotate(x10+ x6, 7);
x2 ^= rotate(x14+x10, 9);
x6 ^= rotate( x2+x14,13);
x10 ^= rotate( x6+ x2,18);
x3 ^= rotate(x15+x11, 7);
x7 ^= rotate( x3+x15, 9);
x11 ^= rotate( x7+ x3,13);
x15 ^= rotate(x11+ x7,18);
x1 ^= rotate( x0+ x3, 7);
x2 ^= rotate( x1+ x0, 9);
x3 ^= rotate( x2+ x1,13);
x0 ^= rotate( x3+ x2,18);
x6 ^= rotate( x5+ x4, 7);
x7 ^= rotate( x6+ x5, 9);
x4 ^= rotate( x7+ x6,13);
x5 ^= rotate( x4+ x7,18);
x11 ^= rotate(x10+ x9, 7);
x8 ^= rotate(x11+x10, 9);
x9 ^= rotate( x8+x11,13);
x10 ^= rotate( x9+ x8,18);
x12 ^= rotate(x15+x14, 7);
x13 ^= rotate(x12+x15, 9);
x14 ^= rotate(x13+x12,13);
x15 ^= rotate(x14+x13,18);
}
x0 += j0;
x1 += j1;
x2 += j2;
x3 += j3;
x4 += j4;
x5 += j5;
x6 += j6;
x7 += j7;
x8 += j8;
x9 += j9;
x10 += j10;
x11 += j11;
x12 += j12;
x13 += j13;
x14 += j14;
x15 += j15;
x0 -= load_littleendian(c + 0);
x5 -= load_littleendian(c + 4);
x10 -= load_littleendian(c + 8);
x15 -= load_littleendian(c + 12);
x6 -= load_littleendian(in + 0);
x7 -= load_littleendian(in + 4);
x8 -= load_littleendian(in + 8);
x9 -= load_littleendian(in + 12);
store_littleendian(out + 0,x0);
store_littleendian(out + 4,x5);
store_littleendian(out + 8,x10);
store_littleendian(out + 12,x15);
store_littleendian(out + 16,x6);
store_littleendian(out + 20,x7);
store_littleendian(out + 24,x8);
store_littleendian(out + 28,x9);
return 0;
}

View File

@ -0,0 +1 @@
Daniel J. Bernstein

View File

@ -0,0 +1,4 @@
#define CRYPTO_OUTPUTBYTES 32
#define CRYPTO_INPUTBYTES 16
#define CRYPTO_KEYBYTES 32
#define CRYPTO_CONSTBYTES 16

View File

@ -0,0 +1,108 @@
/*
version 20080912
D. J. Bernstein
Public domain.
*/
#include "crypto_core.h"
#define ROUNDS 20
typedef unsigned int uint32;
static uint32 rotate(uint32 u,int c)
{
return (u << c) | (u >> (32 - c));
}
static uint32 load_littleendian(const unsigned char *x)
{
return
(uint32) (x[0]) \
| (((uint32) (x[1])) << 8) \
| (((uint32) (x[2])) << 16) \
| (((uint32) (x[3])) << 24)
;
}
static void store_littleendian(unsigned char *x,uint32 u)
{
x[0] = u; u >>= 8;
x[1] = u; u >>= 8;
x[2] = u; u >>= 8;
x[3] = u;
}
int crypto_core(
unsigned char *out,
const unsigned char *in,
const unsigned char *k,
const unsigned char *c
)
{
uint32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15;
int i;
x0 = load_littleendian(c + 0);
x1 = load_littleendian(k + 0);
x2 = load_littleendian(k + 4);
x3 = load_littleendian(k + 8);
x4 = load_littleendian(k + 12);
x5 = load_littleendian(c + 4);
x6 = load_littleendian(in + 0);
x7 = load_littleendian(in + 4);
x8 = load_littleendian(in + 8);
x9 = load_littleendian(in + 12);
x10 = load_littleendian(c + 8);
x11 = load_littleendian(k + 16);
x12 = load_littleendian(k + 20);
x13 = load_littleendian(k + 24);
x14 = load_littleendian(k + 28);
x15 = load_littleendian(c + 12);
for (i = ROUNDS;i > 0;i -= 2) {
x4 ^= rotate( x0+x12, 7);
x8 ^= rotate( x4+ x0, 9);
x12 ^= rotate( x8+ x4,13);
x0 ^= rotate(x12+ x8,18);
x9 ^= rotate( x5+ x1, 7);
x13 ^= rotate( x9+ x5, 9);
x1 ^= rotate(x13+ x9,13);
x5 ^= rotate( x1+x13,18);
x14 ^= rotate(x10+ x6, 7);
x2 ^= rotate(x14+x10, 9);
x6 ^= rotate( x2+x14,13);
x10 ^= rotate( x6+ x2,18);
x3 ^= rotate(x15+x11, 7);
x7 ^= rotate( x3+x15, 9);
x11 ^= rotate( x7+ x3,13);
x15 ^= rotate(x11+ x7,18);
x1 ^= rotate( x0+ x3, 7);
x2 ^= rotate( x1+ x0, 9);
x3 ^= rotate( x2+ x1,13);
x0 ^= rotate( x3+ x2,18);
x6 ^= rotate( x5+ x4, 7);
x7 ^= rotate( x6+ x5, 9);
x4 ^= rotate( x7+ x6,13);
x5 ^= rotate( x4+ x7,18);
x11 ^= rotate(x10+ x9, 7);
x8 ^= rotate(x11+x10, 9);
x9 ^= rotate( x8+x11,13);
x10 ^= rotate( x9+ x8,18);
x12 ^= rotate(x15+x14, 7);
x13 ^= rotate(x12+x15, 9);
x14 ^= rotate(x13+x12,13);
x15 ^= rotate(x14+x13,18);
}
store_littleendian(out + 0,x0);
store_littleendian(out + 4,x5);
store_littleendian(out + 8,x10);
store_littleendian(out + 12,x15);
store_littleendian(out + 16,x6);
store_littleendian(out + 20,x7);
store_littleendian(out + 24,x8);
store_littleendian(out + 28,x9);
return 0;
}

View File

@ -0,0 +1 @@
Daniel J. Bernstein

View File

View File

@ -0,0 +1,18 @@
#include "crypto_core.h"
const char *primitiveimplementation = crypto_core_IMPLEMENTATION;
const char *implementationversion = crypto_core_VERSION;
const char *sizenames[] = { "outputbytes", "inputbytes", "keybytes", "constbytes", 0 };
const long long sizes[] = { crypto_core_OUTPUTBYTES, crypto_core_INPUTBYTES, crypto_core_KEYBYTES, crypto_core_CONSTBYTES };
void preallocate(void)
{
}
void allocate(void)
{
}
void measure(void)
{
}

View File

@ -0,0 +1 @@
9d1ee8d84b974e648507ffd93829376c5b4420751710e44f6593abd8769378011d85ecda51ceb8f43661d3c65ef5b57c4f5bf8df76c8202784c8df8def61e6a6

View File

@ -0,0 +1,4 @@
#define CRYPTO_OUTPUTBYTES 64
#define CRYPTO_INPUTBYTES 16
#define CRYPTO_KEYBYTES 32
#define CRYPTO_CONSTBYTES 16

View File

@ -0,0 +1,134 @@
/*
version 20080912
D. J. Bernstein
Public domain.
*/
#include "crypto_core.h"
#define ROUNDS 20
typedef unsigned int uint32;
static uint32 rotate(uint32 u,int c)
{
return (u << c) | (u >> (32 - c));
}
static uint32 load_littleendian(const unsigned char *x)
{
return
(uint32) (x[0]) \
| (((uint32) (x[1])) << 8) \
| (((uint32) (x[2])) << 16) \
| (((uint32) (x[3])) << 24)
;
}
static void store_littleendian(unsigned char *x,uint32 u)
{
x[0] = u; u >>= 8;
x[1] = u; u >>= 8;
x[2] = u; u >>= 8;
x[3] = u;
}
int crypto_core(
unsigned char *out,
const unsigned char *in,
const unsigned char *k,
const unsigned char *c
)
{
uint32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15;
uint32 j0, j1, j2, j3, j4, j5, j6, j7, j8, j9, j10, j11, j12, j13, j14, j15;
int i;
j0 = x0 = load_littleendian(c + 0);
j1 = x1 = load_littleendian(k + 0);
j2 = x2 = load_littleendian(k + 4);
j3 = x3 = load_littleendian(k + 8);
j4 = x4 = load_littleendian(k + 12);
j5 = x5 = load_littleendian(c + 4);
j6 = x6 = load_littleendian(in + 0);
j7 = x7 = load_littleendian(in + 4);
j8 = x8 = load_littleendian(in + 8);
j9 = x9 = load_littleendian(in + 12);
j10 = x10 = load_littleendian(c + 8);
j11 = x11 = load_littleendian(k + 16);
j12 = x12 = load_littleendian(k + 20);
j13 = x13 = load_littleendian(k + 24);
j14 = x14 = load_littleendian(k + 28);
j15 = x15 = load_littleendian(c + 12);
for (i = ROUNDS;i > 0;i -= 2) {
x4 ^= rotate( x0+x12, 7);
x8 ^= rotate( x4+ x0, 9);
x12 ^= rotate( x8+ x4,13);
x0 ^= rotate(x12+ x8,18);
x9 ^= rotate( x5+ x1, 7);
x13 ^= rotate( x9+ x5, 9);
x1 ^= rotate(x13+ x9,13);
x5 ^= rotate( x1+x13,18);
x14 ^= rotate(x10+ x6, 7);
x2 ^= rotate(x14+x10, 9);
x6 ^= rotate( x2+x14,13);
x10 ^= rotate( x6+ x2,18);
x3 ^= rotate(x15+x11, 7);
x7 ^= rotate( x3+x15, 9);
x11 ^= rotate( x7+ x3,13);
x15 ^= rotate(x11+ x7,18);
x1 ^= rotate( x0+ x3, 7);
x2 ^= rotate( x1+ x0, 9);
x3 ^= rotate( x2+ x1,13);
x0 ^= rotate( x3+ x2,18);
x6 ^= rotate( x5+ x4, 7);
x7 ^= rotate( x6+ x5, 9);
x4 ^= rotate( x7+ x6,13);
x5 ^= rotate( x4+ x7,18);
x11 ^= rotate(x10+ x9, 7);
x8 ^= rotate(x11+x10, 9);
x9 ^= rotate( x8+x11,13);
x10 ^= rotate( x9+ x8,18);
x12 ^= rotate(x15+x14, 7);
x13 ^= rotate(x12+x15, 9);
x14 ^= rotate(x13+x12,13);
x15 ^= rotate(x14+x13,18);
}
x0 += j0;
x1 += j1;
x2 += j2;
x3 += j3;
x4 += j4;
x5 += j5;
x6 += j6;
x7 += j7;
x8 += j8;
x9 += j9;
x10 += j10;
x11 += j11;
x12 += j12;
x13 += j13;
x14 += j14;
x15 += j15;
store_littleendian(out + 0,x0);
store_littleendian(out + 4,x1);
store_littleendian(out + 8,x2);
store_littleendian(out + 12,x3);
store_littleendian(out + 16,x4);
store_littleendian(out + 20,x5);
store_littleendian(out + 24,x6);
store_littleendian(out + 28,x7);
store_littleendian(out + 32,x8);
store_littleendian(out + 36,x9);
store_littleendian(out + 40,x10);
store_littleendian(out + 44,x11);
store_littleendian(out + 48,x12);
store_littleendian(out + 52,x13);
store_littleendian(out + 56,x14);
store_littleendian(out + 60,x15);
return 0;
}

View File

@ -0,0 +1 @@
Daniel J. Bernstein

View File

Some files were not shown because too many files have changed in this diff Show More