Comparison of implementations of the function s20_hash (original, Petya Red, Petya Green)
| //original (from: https://github.com/alexwebr/salsa20/blob/master/salsa20.c#L59) | |
| static void s20_hash(uint8_t seq[static 64]) | |
| { | |
| int i; | |
| uint32_t x[16]; | |
| uint32_t z[16]; | |
| // Create two copies of the state in little-endian format | |
| // First copy is hashed together | |
| // Second copy is added to first, word-by-word | |
| for (i = 0; i < 16; ++i) | |
| x[i] = z[i] = s20_littleendian(seq + (4 * i)); | |
| for (i = 0; i < 10; ++i) | |
| s20_doubleround(z); | |
| for (i = 0; i < 16; ++i) { | |
| z[i] += x[i]; | |
| s20_rev_littleendian(seq + (4 * i), z[i]); | |
| } | |
| } | |
| //reconstructed: | |
| //Petya1 (red): | |
| //@8F7Ah | |
| static void s20_hash(uint8_t seq[static 64]) | |
| { | |
| int i; | |
| uint8_t x[32]; | |
| uint8_t z[32]; | |
| for (i = 0; i < 16; ++i) { | |
| z[i*2] = s20_littleendian(seq + (4 * i)); | |
| x[i*2] = s20_littleendian(seq + (4 * i)); | |
| } | |
| for (i = 0; i < 10; ++i) | |
| s20_doubleround(z); | |
| for (i = 0; i < 16; ++i) { | |
| z[i*2] += x[i*2]; | |
| s20_rev_littleendian(seq + (4 * i), (WORD)(z + i * 2)); | |
| } | |
| } | |
| //Petya2 (green): | |
| //@9862h | |
| static void s20_hash(uint8_t seq[static 64]) | |
| { | |
| int i; | |
| uint8_t i4; | |
| uint8_t x[64] | |
| uint8_t z[64]; | |
| for (i = 0; i < 16; ++i) { | |
| i4 = i*4; | |
| uint16_t ax = s20_littleendian(seq + (4 * i)); | |
| x[i4] = ax; | |
| x[i4+2] = (ax >> (sizeof(ax) * 8 - 1)) ? 0xFF : 0;; //sign bit extension | |
| ax = s20_littleendian(seq + (4 * i)); | |
| z[i4] = ax; | |
| z[i4+2] = (ax >> (sizeof(ax) * 8 - 1)) ? 0xFF : 0; //sign bit extension | |
| } | |
| for (i = 0; i < 10; ++i) | |
| s20_doubleround(z); | |
| for (i = 0; i < 16; ++i) { | |
| z[i*4] += x[i*4]; | |
| s20_rev_littleendian(seq + (4 * i), (DWORD)(z + i * 4)); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment