/Users/mcomp/contrib/bitcoin/src/crypto/siphash.cpp

Source (jump to first uncovered line)
// Copyright (c) 2016-present The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.

#include <crypto/siphash.h>

#include <bit>

#define SIPROUND do { \
    v0 += v1; v1 = std::rotl(v1, 13); v1 ^= v0; \
    v0 = std::rotl(v0, 32); \
    v2 += v3; v3 = std::rotl(v3, 16); v3 ^= v2; \
    v0 += v3; v3 = std::rotl(v3, 21); v3 ^= v0; \
    v2 += v1; v1 = std::rotl(v1, 17); v1 ^= v2; \
    v2 = std::rotl(v2, 32); \
} while (0)

CSipHasher::CSipHasher(uint64_t k0, uint64_t k1)
{
    v[0] = 0x736f6d6570736575ULL ^ k0;
    v[1] = 0x646f72616e646f6dULL ^ k1;
    v[2] = 0x6c7967656e657261ULL ^ k0;
    v[3] = 0x7465646279746573ULL ^ k1;
    count = 0;
    tmp = 0;
}

CSipHasher& CSipHasher::Write(uint64_t data)
{
    uint64_t v0 = v[0], v1 = v[1], v2 = v[2], v3 = v[3];

    assert(count % 8 == 0);

    v3 ^= data;
    SIPROUND;
    SIPROUND;
    v0 ^= data;

    v[0] = v0;
    v[1] = v1;
    v[2] = v2;
    v[3] = v3;

    count += 8;
    return *this;
}

CSipHasher& CSipHasher::Write(std::span<const unsigned char> data)
{
    uint64_t v0 = v[0], v1 = v[1], v2 = v[2], v3 = v[3];
    uint64_t t = tmp;
    uint8_t c = count;

    while (data.size() > 0) {
        t |= uint64_t{data.front()} << (8 * (c % 8));
        c++;
        if ((c & 7) == 0) {
            v3 ^= t;
            SIPROUND;
            SIPROUND;
            v0 ^= t;
            t = 0;
        }
        data = data.subspan(1);
    }

    v[0] = v0;
    v[1] = v1;
    v[2] = v2;
    v[3] = v3;
    count = c;
    tmp = t;

    return *this;
}

uint64_t CSipHasher::Finalize() const
{
    uint64_t v0 = v[0], v1 = v[1], v2 = v[2], v3 = v[3];

    uint64_t t = tmp | (((uint64_t)count) << 56);

    v3 ^= t;
    SIPROUND;
    SIPROUND;
    v0 ^= t;
    v2 ^= 0xFF;
    SIPROUND;
    SIPROUND;
    SIPROUND;
    SIPROUND;
    return v0 ^ v1 ^ v2 ^ v3;
}

uint64_t SipHashUint256(uint64_t k0, uint64_t k1, const uint256& val)
{
    /* Specialized implementation for efficiency */
    uint64_t d = val.GetUint64(0);

    uint64_t v0 = 0x736f6d6570736575ULL ^ k0;
    uint64_t v1 = 0x646f72616e646f6dULL ^ k1;
    uint64_t v2 = 0x6c7967656e657261ULL ^ k0;
    uint64_t v3 = 0x7465646279746573ULL ^ k1 ^ d;

    SIPROUND;
    SIPROUND;
    v0 ^= d;
    d = val.GetUint64(1);
    v3 ^= d;
    SIPROUND;
    SIPROUND;
    v0 ^= d;
    d = val.GetUint64(2);
    v3 ^= d;
    SIPROUND;
    SIPROUND;
    v0 ^= d;
    d = val.GetUint64(3);
    v3 ^= d;
    SIPROUND;
    SIPROUND;
    v0 ^= d;
    v3 ^= (uint64_t{4}) << 59;
    SIPROUND;
    SIPROUND;
    v0 ^= (uint64_t{4}) << 59;
    v2 ^= 0xFF;
    SIPROUND;
    SIPROUND;
    SIPROUND;
    SIPROUND;
    return v0 ^ v1 ^ v2 ^ v3;
}

uint64_t SipHashUint256Extra(uint64_t k0, uint64_t k1, const uint256& val, uint32_t extra)
{
    /* Specialized implementation for efficiency */
    uint64_t d = val.GetUint64(0);

    uint64_t v0 = 0x736f6d6570736575ULL ^ k0;
    uint64_t v1 = 0x646f72616e646f6dULL ^ k1;
    uint64_t v2 = 0x6c7967656e657261ULL ^ k0;
    uint64_t v3 = 0x7465646279746573ULL ^ k1 ^ d;

    SIPROUND;
    SIPROUND;
    v0 ^= d;
    d = val.GetUint64(1);
    v3 ^= d;
    SIPROUND;
    SIPROUND;
    v0 ^= d;
    d = val.GetUint64(2);
    v3 ^= d;
    SIPROUND;
    SIPROUND;
    v0 ^= d;
    d = val.GetUint64(3);
    v3 ^= d;
    SIPROUND;
    SIPROUND;
    v0 ^= d;
    d = ((uint64_t{36}) << 56) | extra;
    v3 ^= d;
    SIPROUND;
    SIPROUND;
    v0 ^= d;
    v2 ^= 0xFF;
    SIPROUND;
    SIPROUND;
    SIPROUND;
    SIPROUND;
    return v0 ^ v1 ^ v2 ^ v3;
}

Line	Count	Source (jump to first uncovered line)
1		// Copyright (c) 2016-present The Bitcoin Core developers
2		// Distributed under the MIT software license, see the accompanying
3		// file COPYING or http://www.opensource.org/licenses/mit-license.php.
4
5		#include <crypto/siphash.h>
6
7		#include <bit>
8
9	450k	#define SIPROUND do { \
10	450k	v0 += v1; v1 = std::rotl(v1, 13); v1 ^= v0; \
11	450k	v0 = std::rotl(v0, 32); \
12	450k	v2 += v3; v3 = std::rotl(v3, 16); v3 ^= v2; \
13	450k	v0 += v3; v3 = std::rotl(v3, 21); v3 ^= v0; \
14	450k	v2 += v1; v1 = std::rotl(v1, 17); v1 ^= v2; \
15	450k	v2 = std::rotl(v2, 32); \
16	450k	} while (0)
17
18		CSipHasher::CSipHasher(uint64_t k0, uint64_t k1)
19	0	{
20	0	v[0] = 0x736f6d6570736575ULL ^ k0;
21	0	v[1] = 0x646f72616e646f6dULL ^ k1;
22	0	v[2] = 0x6c7967656e657261ULL ^ k0;
23	0	v[3] = 0x7465646279746573ULL ^ k1;
24	0	count = 0;
25	0	tmp = 0;
26	0	}
27
28		CSipHasher& CSipHasher::Write(uint64_t data)
29	0	{
30	0	uint64_t v0 = v[0], v1 = v[1], v2 = v[2], v3 = v[3];
31
32	0	assert(count % 8 == 0);
33
34	0	v3 ^= data;
35	0	SIPROUND;
36	0	SIPROUND;
37	0	v0 ^= data;
38
39	0	v[0] = v0;
40	0	v[1] = v1;
41	0	v[2] = v2;
42	0	v[3] = v3;
43
44	0	count += 8;
45	0	return *this;
46	0	}
47
48		CSipHasher& CSipHasher::Write(std::span<const unsigned char> data)
49	0	{
50	0	uint64_t v0 = v[0], v1 = v[1], v2 = v[2], v3 = v[3];
51	0	uint64_t t = tmp;
52	0	uint8_t c = count;
53
54	0	while (data.size() > 0) {
55	0	t \|= uint64_t{data.front()} << (8 * (c % 8));
56	0	c++;
57	0	if ((c & 7) == 0) {
58	0	v3 ^= t;
59	0	SIPROUND;
60	0	SIPROUND;
61	0	v0 ^= t;
62	0	t = 0;
63	0	}
64	0	data = data.subspan(1);
65	0	}
66
67	0	v[0] = v0;
68	0	v[1] = v1;
69	0	v[2] = v2;
70	0	v[3] = v3;
71	0	count = c;
72	0	tmp = t;
73
74	0	return *this;
75	0	}
76
77		uint64_t CSipHasher::Finalize() const
78	0	{
79	0	uint64_t v0 = v[0], v1 = v[1], v2 = v[2], v3 = v[3];
80
81	0	uint64_t t = tmp \| (((uint64_t)count) << 56);
82
83	0	v3 ^= t;
84	0	SIPROUND;
85	0	SIPROUND;
86	0	v0 ^= t;
87	0	v2 ^= 0xFF;
88	0	SIPROUND;
89	0	SIPROUND;
90	0	SIPROUND;
91	0	SIPROUND;
92	0	return v0 ^ v1 ^ v2 ^ v3;
93	0	}
94
95		uint64_t SipHashUint256(uint64_t k0, uint64_t k1, const uint256& val)
96	32.1k	{
97		/* Specialized implementation for efficiency */
98	32.1k	uint64_t d = val.GetUint64(0);
99
100	32.1k	uint64_t v0 = 0x736f6d6570736575ULL ^ k0;
101	32.1k	uint64_t v1 = 0x646f72616e646f6dULL ^ k1;
102	32.1k	uint64_t v2 = 0x6c7967656e657261ULL ^ k0;
103	32.1k	uint64_t v3 = 0x7465646279746573ULL ^ k1 ^ d;
104
105	32.1k	SIPROUND;
106	32.1k	SIPROUND;
107	32.1k	v0 ^= d;
108	32.1k	d = val.GetUint64(1);
109	32.1k	v3 ^= d;
110	32.1k	SIPROUND;
111	32.1k	SIPROUND;
112	32.1k	v0 ^= d;
113	32.1k	d = val.GetUint64(2);
114	32.1k	v3 ^= d;
115	32.1k	SIPROUND;
116	32.1k	SIPROUND;
117	32.1k	v0 ^= d;
118	32.1k	d = val.GetUint64(3);
119	32.1k	v3 ^= d;
120	32.1k	SIPROUND;
121	32.1k	SIPROUND;
122	32.1k	v0 ^= d;
123	32.1k	v3 ^= (uint64_t{4}) << 59;
124	32.1k	SIPROUND;
125	32.1k	SIPROUND;
126	32.1k	v0 ^= (uint64_t{4}) << 59;
127	32.1k	v2 ^= 0xFF;
128	32.1k	SIPROUND;
129	32.1k	SIPROUND;
130	32.1k	SIPROUND;
131	32.1k	SIPROUND;
132	32.1k	return v0 ^ v1 ^ v2 ^ v3;
133	32.1k	}
134
135		uint64_t SipHashUint256Extra(uint64_t k0, uint64_t k1, const uint256& val, uint32_t extra)
136	0	{
137		/* Specialized implementation for efficiency */
138	0	uint64_t d = val.GetUint64(0);
139
140	0	uint64_t v0 = 0x736f6d6570736575ULL ^ k0;
141	0	uint64_t v1 = 0x646f72616e646f6dULL ^ k1;
142	0	uint64_t v2 = 0x6c7967656e657261ULL ^ k0;
143	0	uint64_t v3 = 0x7465646279746573ULL ^ k1 ^ d;
144
145	0	SIPROUND;
146	0	SIPROUND;
147	0	v0 ^= d;
148	0	d = val.GetUint64(1);
149	0	v3 ^= d;
150	0	SIPROUND;
151	0	SIPROUND;
152	0	v0 ^= d;
153	0	d = val.GetUint64(2);
154	0	v3 ^= d;
155	0	SIPROUND;
156	0	SIPROUND;
157	0	v0 ^= d;
158	0	d = val.GetUint64(3);
159	0	v3 ^= d;
160	0	SIPROUND;
161	0	SIPROUND;
162	0	v0 ^= d;
163	0	d = ((uint64_t{36}) << 56) \| extra;
164	0	v3 ^= d;
165	0	SIPROUND;
166	0	SIPROUND;
167	0	v0 ^= d;
168	0	v2 ^= 0xFF;
169	0	SIPROUND;
170	0	SIPROUND;
171	0	SIPROUND;
172	0	SIPROUND;
173	0	return v0 ^ v1 ^ v2 ^ v3;
174	0	}

Coverage Report

Created: 2025-04-14 16:24