From: Nathan Wagner Date: Sun, 7 Jul 2019 00:00:33 +0000 (+0000) Subject: initial cleanup of unused parts of ltc X-Git-Url: https://pd.if.org/git/?p=zpackage;a=commitdiff_plain;h=094fa8c1bc2e27a560833c6a829b1d9b60de7034 initial cleanup of unused parts of ltc --- diff --git a/Makefile b/Makefile index 89ead07..ba2c95f 100644 --- a/Makefile +++ b/Makefile @@ -364,16 +364,9 @@ tfm.o: $(addprefix tomsfastmath/src/, $(TFMOBJ)) LTCOBJ= \ ciphers/aes/aes.o \ - ciphers/anubis.o \ ciphers/blowfish.o \ - ciphers/camellia.o \ ciphers/cast5.o \ ciphers/des.o \ - ciphers/kasumi.o \ - ciphers/khazad.o \ - ciphers/kseed.o \ - ciphers/multi2.o \ - ciphers/noekeon.o \ ciphers/rc2.o \ ciphers/rc5.o \ ciphers/rc6.o \ @@ -465,7 +458,6 @@ LTCOBJ= \ hashes/sha2/sha512_256.o \ hashes/sha3.o \ hashes/sha3_test.o \ - hashes/tiger.o \ hashes/whirl/whirl.o \ mac/blake2/blake2bmac.o \ mac/blake2/blake2bmac_file.o \ @@ -477,13 +469,6 @@ LTCOBJ= \ mac/blake2/blake2smac_memory.o \ mac/blake2/blake2smac_memory_multi.o \ mac/blake2/blake2smac_test.o \ - mac/f9/f9_done.o \ - mac/f9/f9_file.o \ - mac/f9/f9_init.o \ - mac/f9/f9_memory.o \ - mac/f9/f9_memory_multi.o \ - mac/f9/f9_process.o \ - mac/f9/f9_test.o \ mac/hmac/hmac_done.o \ mac/hmac/hmac_file.o \ mac/hmac/hmac_init.o \ @@ -718,13 +703,6 @@ LTCOBJ= \ pk/ecc/ltc_ecc_points.o \ pk/ecc/ltc_ecc_projective_add_point.o \ pk/ecc/ltc_ecc_projective_dbl_point.o \ - pk/katja/katja_decrypt_key.o \ - pk/katja/katja_encrypt_key.o \ - pk/katja/katja_export.o \ - pk/katja/katja_exptmod.o \ - pk/katja/katja_free.o \ - pk/katja/katja_import.o \ - pk/katja/katja_make_key.o \ pk/pkcs1/pkcs_1_i2osp.o \ pk/pkcs1/pkcs_1_mgf1.o \ pk/pkcs1/pkcs_1_oaep_decode.o \ @@ -753,7 +731,6 @@ LTCOBJ= \ prngs/rc4.o \ prngs/rng_get_bytes.o \ prngs/rng_make_prng.o \ - prngs/sober128.o \ prngs/sprng.o \ prngs/yarrow.o \ stream/chacha/chacha_crypt.o \ @@ -764,9 +741,7 @@ LTCOBJ= \ stream/chacha/chacha_setup.o \ stream/chacha/chacha_test.o \ stream/rc4/rc4_stream.o \ - stream/rc4/rc4_test.o \ - stream/sober128/sober128_stream.o \ - stream/sober128/sober128_test.o + stream/rc4/rc4_test.o libtomcrypt/%.o: CFLAGS+=-DTFM_DESC -Isrc/headers -Itomsfastmath/src/headers -DARGTYPE=4 -DLTC_NO_ASM -DTFM_NO_ASM -Ilibtomcrypt/src/headers -DLTC_SOURCE libtomcrypt/%.o: CFLAGS+=-DLTC_EASY -DLTC_GCM_MODE diff --git a/libtomcrypt/src/ciphers/anubis.c b/libtomcrypt/src/ciphers/anubis.c deleted file mode 100644 index a28c7e1..0000000 --- a/libtomcrypt/src/ciphers/anubis.c +++ /dev/null @@ -1,1558 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ - -/** - @file anubis.c - Anubis implementation derived from public domain source - Authors: Paulo S.L.M. Barreto and Vincent Rijmen. -*/ - -#include "tomcrypt.h" - -#ifdef LTC_ANUBIS - -const struct ltc_cipher_descriptor anubis_desc = { - "anubis", - 19, - 16, 40, 16, 12, - &anubis_setup, - &anubis_ecb_encrypt, - &anubis_ecb_decrypt, - &anubis_test, - &anubis_done, - &anubis_keysize, - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL -}; - -#define MIN_N 4 -#define MAX_N 10 -#define MIN_ROUNDS (8 + MIN_N) -#define MAX_ROUNDS (8 + MAX_N) -#define MIN_KEYSIZEB (4*MIN_N) -#define MAX_KEYSIZEB (4*MAX_N) -#define BLOCKSIZE 128 -#define BLOCKSIZEB (BLOCKSIZE/8) - - -/* - * Though Anubis is endianness-neutral, the encryption tables are listed - * in BIG-ENDIAN format, which is adopted throughout this implementation - * (but little-endian notation would be equally suitable if consistently - * employed). - */ -#if defined(LTC_ANUBIS_TWEAK) - -static const ulong32 T0[256] = { - 0xba69d2bbU, 0x54a84de5U, 0x2f5ebce2U, 0x74e8cd25U, - 0x53a651f7U, 0xd3bb6bd0U, 0xd2b96fd6U, 0x4d9a29b3U, - 0x50a05dfdU, 0xac458acfU, 0x8d070e09U, 0xbf63c6a5U, - 0x70e0dd3dU, 0x52a455f1U, 0x9a29527bU, 0x4c982db5U, - 0xeac98f46U, 0xd5b773c4U, 0x97336655U, 0xd1bf63dcU, - 0x3366ccaaU, 0x51a259fbU, 0x5bb671c7U, 0xa651a2f3U, - 0xdea15ffeU, 0x48903dadU, 0xa84d9ad7U, 0x992f5e71U, - 0xdbab4be0U, 0x3264c8acU, 0xb773e695U, 0xfce5d732U, - 0xe3dbab70U, 0x9e214263U, 0x913f7e41U, 0x9b2b567dU, - 0xe2d9af76U, 0xbb6bd6bdU, 0x4182199bU, 0x6edca579U, - 0xa557aef9U, 0xcb8b0b80U, 0x6bd6b167U, 0x95376e59U, - 0xa15fbee1U, 0xf3fbeb10U, 0xb17ffe81U, 0x0204080cU, - 0xcc851792U, 0xc49537a2U, 0x1d3a744eU, 0x14285078U, - 0xc39b2bb0U, 0x63c69157U, 0xdaa94fe6U, 0x5dba69d3U, - 0x5fbe61dfU, 0xdca557f2U, 0x7dfae913U, 0xcd871394U, - 0x7ffee11fU, 0x5ab475c1U, 0x6cd8ad75U, 0x5cb86dd5U, - 0xf7f3fb08U, 0x264c98d4U, 0xffe3db38U, 0xedc79354U, - 0xe8cd874aU, 0x9d274e69U, 0x6fdea17fU, 0x8e010203U, - 0x19326456U, 0xa05dbae7U, 0xf0fde71aU, 0x890f1e11U, - 0x0f1e3c22U, 0x070e1c12U, 0xaf4386c5U, 0xfbebcb20U, - 0x08102030U, 0x152a547eU, 0x0d1a342eU, 0x04081018U, - 0x01020406U, 0x64c88d45U, 0xdfa35bf8U, 0x76ecc529U, - 0x79f2f90bU, 0xdda753f4U, 0x3d7af48eU, 0x162c5874U, - 0x3f7efc82U, 0x376edcb2U, 0x6ddaa973U, 0x3870e090U, - 0xb96fdeb1U, 0x73e6d137U, 0xe9cf834cU, 0x356ad4beU, - 0x55aa49e3U, 0x71e2d93bU, 0x7bf6f107U, 0x8c050a0fU, - 0x72e4d531U, 0x880d1a17U, 0xf6f1ff0eU, 0x2a54a8fcU, - 0x3e7cf884U, 0x5ebc65d9U, 0x274e9cd2U, 0x468c0589U, - 0x0c183028U, 0x65ca8943U, 0x68d0bd6dU, 0x61c2995bU, - 0x03060c0aU, 0xc19f23bcU, 0x57ae41efU, 0xd6b17fceU, - 0xd9af43ecU, 0x58b07dcdU, 0xd8ad47eaU, 0x66cc8549U, - 0xd7b37bc8U, 0x3a74e89cU, 0xc88d078aU, 0x3c78f088U, - 0xfae9cf26U, 0x96316253U, 0xa753a6f5U, 0x982d5a77U, - 0xecc59752U, 0xb86ddab7U, 0xc7933ba8U, 0xae4182c3U, - 0x69d2b96bU, 0x4b9631a7U, 0xab4b96ddU, 0xa94f9ed1U, - 0x67ce814fU, 0x0a14283cU, 0x478e018fU, 0xf2f9ef16U, - 0xb577ee99U, 0x224488ccU, 0xe5d7b364U, 0xeec19f5eU, - 0xbe61c2a3U, 0x2b56acfaU, 0x811f3e21U, 0x1224486cU, - 0x831b362dU, 0x1b366c5aU, 0x0e1c3824U, 0x23468ccaU, - 0xf5f7f304U, 0x458a0983U, 0x214284c6U, 0xce811f9eU, - 0x499239abU, 0x2c58b0e8U, 0xf9efc32cU, 0xe6d1bf6eU, - 0xb671e293U, 0x2850a0f0U, 0x172e5c72U, 0x8219322bU, - 0x1a34685cU, 0x8b0b161dU, 0xfee1df3eU, 0x8a09121bU, - 0x09122436U, 0xc98f038cU, 0x87132635U, 0x4e9c25b9U, - 0xe1dfa37cU, 0x2e5cb8e4U, 0xe4d5b762U, 0xe0dda77aU, - 0xebcb8b40U, 0x903d7a47U, 0xa455aaffU, 0x1e3c7844U, - 0x85172e39U, 0x60c09d5dU, 0x00000000U, 0x254a94deU, - 0xf4f5f702U, 0xf1ffe31cU, 0x94356a5fU, 0x0b162c3aU, - 0xe7d3bb68U, 0x75eac923U, 0xefc39b58U, 0x3468d0b8U, - 0x3162c4a6U, 0xd4b577c2U, 0xd0bd67daU, 0x86112233U, - 0x7efce519U, 0xad478ec9U, 0xfde7d334U, 0x2952a4f6U, - 0x3060c0a0U, 0x3b76ec9aU, 0x9f234665U, 0xf8edc72aU, - 0xc6913faeU, 0x13264c6aU, 0x060c1814U, 0x050a141eU, - 0xc59733a4U, 0x11224466U, 0x77eec12fU, 0x7cf8ed15U, - 0x7af4f501U, 0x78f0fd0dU, 0x366cd8b4U, 0x1c387048U, - 0x3972e496U, 0x59b279cbU, 0x18306050U, 0x56ac45e9U, - 0xb37bf68dU, 0xb07dfa87U, 0x244890d8U, 0x204080c0U, - 0xb279f28bU, 0x9239724bU, 0xa35bb6edU, 0xc09d27baU, - 0x44880d85U, 0x62c49551U, 0x10204060U, 0xb475ea9fU, - 0x84152a3fU, 0x43861197U, 0x933b764dU, 0xc2992fb6U, - 0x4a9435a1U, 0xbd67cea9U, 0x8f030605U, 0x2d5ab4eeU, - 0xbc65caafU, 0x9c254a6fU, 0x6ad4b561U, 0x40801d9dU, - 0xcf831b98U, 0xa259b2ebU, 0x801d3a27U, 0x4f9e21bfU, - 0x1f3e7c42U, 0xca890f86U, 0xaa4992dbU, 0x42841591U, -}; - -static const ulong32 T1[256] = { - 0x69babbd2U, 0xa854e54dU, 0x5e2fe2bcU, 0xe87425cdU, - 0xa653f751U, 0xbbd3d06bU, 0xb9d2d66fU, 0x9a4db329U, - 0xa050fd5dU, 0x45accf8aU, 0x078d090eU, 0x63bfa5c6U, - 0xe0703dddU, 0xa452f155U, 0x299a7b52U, 0x984cb52dU, - 0xc9ea468fU, 0xb7d5c473U, 0x33975566U, 0xbfd1dc63U, - 0x6633aaccU, 0xa251fb59U, 0xb65bc771U, 0x51a6f3a2U, - 0xa1defe5fU, 0x9048ad3dU, 0x4da8d79aU, 0x2f99715eU, - 0xabdbe04bU, 0x6432acc8U, 0x73b795e6U, 0xe5fc32d7U, - 0xdbe370abU, 0x219e6342U, 0x3f91417eU, 0x2b9b7d56U, - 0xd9e276afU, 0x6bbbbdd6U, 0x82419b19U, 0xdc6e79a5U, - 0x57a5f9aeU, 0x8bcb800bU, 0xd66b67b1U, 0x3795596eU, - 0x5fa1e1beU, 0xfbf310ebU, 0x7fb181feU, 0x04020c08U, - 0x85cc9217U, 0x95c4a237U, 0x3a1d4e74U, 0x28147850U, - 0x9bc3b02bU, 0xc6635791U, 0xa9dae64fU, 0xba5dd369U, - 0xbe5fdf61U, 0xa5dcf257U, 0xfa7d13e9U, 0x87cd9413U, - 0xfe7f1fe1U, 0xb45ac175U, 0xd86c75adU, 0xb85cd56dU, - 0xf3f708fbU, 0x4c26d498U, 0xe3ff38dbU, 0xc7ed5493U, - 0xcde84a87U, 0x279d694eU, 0xde6f7fa1U, 0x018e0302U, - 0x32195664U, 0x5da0e7baU, 0xfdf01ae7U, 0x0f89111eU, - 0x1e0f223cU, 0x0e07121cU, 0x43afc586U, 0xebfb20cbU, - 0x10083020U, 0x2a157e54U, 0x1a0d2e34U, 0x08041810U, - 0x02010604U, 0xc864458dU, 0xa3dff85bU, 0xec7629c5U, - 0xf2790bf9U, 0xa7ddf453U, 0x7a3d8ef4U, 0x2c167458U, - 0x7e3f82fcU, 0x6e37b2dcU, 0xda6d73a9U, 0x703890e0U, - 0x6fb9b1deU, 0xe67337d1U, 0xcfe94c83U, 0x6a35bed4U, - 0xaa55e349U, 0xe2713bd9U, 0xf67b07f1U, 0x058c0f0aU, - 0xe47231d5U, 0x0d88171aU, 0xf1f60effU, 0x542afca8U, - 0x7c3e84f8U, 0xbc5ed965U, 0x4e27d29cU, 0x8c468905U, - 0x180c2830U, 0xca654389U, 0xd0686dbdU, 0xc2615b99U, - 0x06030a0cU, 0x9fc1bc23U, 0xae57ef41U, 0xb1d6ce7fU, - 0xafd9ec43U, 0xb058cd7dU, 0xadd8ea47U, 0xcc664985U, - 0xb3d7c87bU, 0x743a9ce8U, 0x8dc88a07U, 0x783c88f0U, - 0xe9fa26cfU, 0x31965362U, 0x53a7f5a6U, 0x2d98775aU, - 0xc5ec5297U, 0x6db8b7daU, 0x93c7a83bU, 0x41aec382U, - 0xd2696bb9U, 0x964ba731U, 0x4babdd96U, 0x4fa9d19eU, - 0xce674f81U, 0x140a3c28U, 0x8e478f01U, 0xf9f216efU, - 0x77b599eeU, 0x4422cc88U, 0xd7e564b3U, 0xc1ee5e9fU, - 0x61bea3c2U, 0x562bfaacU, 0x1f81213eU, 0x24126c48U, - 0x1b832d36U, 0x361b5a6cU, 0x1c0e2438U, 0x4623ca8cU, - 0xf7f504f3U, 0x8a458309U, 0x4221c684U, 0x81ce9e1fU, - 0x9249ab39U, 0x582ce8b0U, 0xeff92cc3U, 0xd1e66ebfU, - 0x71b693e2U, 0x5028f0a0U, 0x2e17725cU, 0x19822b32U, - 0x341a5c68U, 0x0b8b1d16U, 0xe1fe3edfU, 0x098a1b12U, - 0x12093624U, 0x8fc98c03U, 0x13873526U, 0x9c4eb925U, - 0xdfe17ca3U, 0x5c2ee4b8U, 0xd5e462b7U, 0xdde07aa7U, - 0xcbeb408bU, 0x3d90477aU, 0x55a4ffaaU, 0x3c1e4478U, - 0x1785392eU, 0xc0605d9dU, 0x00000000U, 0x4a25de94U, - 0xf5f402f7U, 0xfff11ce3U, 0x35945f6aU, 0x160b3a2cU, - 0xd3e768bbU, 0xea7523c9U, 0xc3ef589bU, 0x6834b8d0U, - 0x6231a6c4U, 0xb5d4c277U, 0xbdd0da67U, 0x11863322U, - 0xfc7e19e5U, 0x47adc98eU, 0xe7fd34d3U, 0x5229f6a4U, - 0x6030a0c0U, 0x763b9aecU, 0x239f6546U, 0xedf82ac7U, - 0x91c6ae3fU, 0x26136a4cU, 0x0c061418U, 0x0a051e14U, - 0x97c5a433U, 0x22116644U, 0xee772fc1U, 0xf87c15edU, - 0xf47a01f5U, 0xf0780dfdU, 0x6c36b4d8U, 0x381c4870U, - 0x723996e4U, 0xb259cb79U, 0x30185060U, 0xac56e945U, - 0x7bb38df6U, 0x7db087faU, 0x4824d890U, 0x4020c080U, - 0x79b28bf2U, 0x39924b72U, 0x5ba3edb6U, 0x9dc0ba27U, - 0x8844850dU, 0xc4625195U, 0x20106040U, 0x75b49feaU, - 0x15843f2aU, 0x86439711U, 0x3b934d76U, 0x99c2b62fU, - 0x944aa135U, 0x67bda9ceU, 0x038f0506U, 0x5a2deeb4U, - 0x65bcafcaU, 0x259c6f4aU, 0xd46a61b5U, 0x80409d1dU, - 0x83cf981bU, 0x59a2ebb2U, 0x1d80273aU, 0x9e4fbf21U, - 0x3e1f427cU, 0x89ca860fU, 0x49aadb92U, 0x84429115U, -}; - -static const ulong32 T2[256] = { - 0xd2bbba69U, 0x4de554a8U, 0xbce22f5eU, 0xcd2574e8U, - 0x51f753a6U, 0x6bd0d3bbU, 0x6fd6d2b9U, 0x29b34d9aU, - 0x5dfd50a0U, 0x8acfac45U, 0x0e098d07U, 0xc6a5bf63U, - 0xdd3d70e0U, 0x55f152a4U, 0x527b9a29U, 0x2db54c98U, - 0x8f46eac9U, 0x73c4d5b7U, 0x66559733U, 0x63dcd1bfU, - 0xccaa3366U, 0x59fb51a2U, 0x71c75bb6U, 0xa2f3a651U, - 0x5ffedea1U, 0x3dad4890U, 0x9ad7a84dU, 0x5e71992fU, - 0x4be0dbabU, 0xc8ac3264U, 0xe695b773U, 0xd732fce5U, - 0xab70e3dbU, 0x42639e21U, 0x7e41913fU, 0x567d9b2bU, - 0xaf76e2d9U, 0xd6bdbb6bU, 0x199b4182U, 0xa5796edcU, - 0xaef9a557U, 0x0b80cb8bU, 0xb1676bd6U, 0x6e599537U, - 0xbee1a15fU, 0xeb10f3fbU, 0xfe81b17fU, 0x080c0204U, - 0x1792cc85U, 0x37a2c495U, 0x744e1d3aU, 0x50781428U, - 0x2bb0c39bU, 0x915763c6U, 0x4fe6daa9U, 0x69d35dbaU, - 0x61df5fbeU, 0x57f2dca5U, 0xe9137dfaU, 0x1394cd87U, - 0xe11f7ffeU, 0x75c15ab4U, 0xad756cd8U, 0x6dd55cb8U, - 0xfb08f7f3U, 0x98d4264cU, 0xdb38ffe3U, 0x9354edc7U, - 0x874ae8cdU, 0x4e699d27U, 0xa17f6fdeU, 0x02038e01U, - 0x64561932U, 0xbae7a05dU, 0xe71af0fdU, 0x1e11890fU, - 0x3c220f1eU, 0x1c12070eU, 0x86c5af43U, 0xcb20fbebU, - 0x20300810U, 0x547e152aU, 0x342e0d1aU, 0x10180408U, - 0x04060102U, 0x8d4564c8U, 0x5bf8dfa3U, 0xc52976ecU, - 0xf90b79f2U, 0x53f4dda7U, 0xf48e3d7aU, 0x5874162cU, - 0xfc823f7eU, 0xdcb2376eU, 0xa9736ddaU, 0xe0903870U, - 0xdeb1b96fU, 0xd13773e6U, 0x834ce9cfU, 0xd4be356aU, - 0x49e355aaU, 0xd93b71e2U, 0xf1077bf6U, 0x0a0f8c05U, - 0xd53172e4U, 0x1a17880dU, 0xff0ef6f1U, 0xa8fc2a54U, - 0xf8843e7cU, 0x65d95ebcU, 0x9cd2274eU, 0x0589468cU, - 0x30280c18U, 0x894365caU, 0xbd6d68d0U, 0x995b61c2U, - 0x0c0a0306U, 0x23bcc19fU, 0x41ef57aeU, 0x7fced6b1U, - 0x43ecd9afU, 0x7dcd58b0U, 0x47ead8adU, 0x854966ccU, - 0x7bc8d7b3U, 0xe89c3a74U, 0x078ac88dU, 0xf0883c78U, - 0xcf26fae9U, 0x62539631U, 0xa6f5a753U, 0x5a77982dU, - 0x9752ecc5U, 0xdab7b86dU, 0x3ba8c793U, 0x82c3ae41U, - 0xb96b69d2U, 0x31a74b96U, 0x96ddab4bU, 0x9ed1a94fU, - 0x814f67ceU, 0x283c0a14U, 0x018f478eU, 0xef16f2f9U, - 0xee99b577U, 0x88cc2244U, 0xb364e5d7U, 0x9f5eeec1U, - 0xc2a3be61U, 0xacfa2b56U, 0x3e21811fU, 0x486c1224U, - 0x362d831bU, 0x6c5a1b36U, 0x38240e1cU, 0x8cca2346U, - 0xf304f5f7U, 0x0983458aU, 0x84c62142U, 0x1f9ece81U, - 0x39ab4992U, 0xb0e82c58U, 0xc32cf9efU, 0xbf6ee6d1U, - 0xe293b671U, 0xa0f02850U, 0x5c72172eU, 0x322b8219U, - 0x685c1a34U, 0x161d8b0bU, 0xdf3efee1U, 0x121b8a09U, - 0x24360912U, 0x038cc98fU, 0x26358713U, 0x25b94e9cU, - 0xa37ce1dfU, 0xb8e42e5cU, 0xb762e4d5U, 0xa77ae0ddU, - 0x8b40ebcbU, 0x7a47903dU, 0xaaffa455U, 0x78441e3cU, - 0x2e398517U, 0x9d5d60c0U, 0x00000000U, 0x94de254aU, - 0xf702f4f5U, 0xe31cf1ffU, 0x6a5f9435U, 0x2c3a0b16U, - 0xbb68e7d3U, 0xc92375eaU, 0x9b58efc3U, 0xd0b83468U, - 0xc4a63162U, 0x77c2d4b5U, 0x67dad0bdU, 0x22338611U, - 0xe5197efcU, 0x8ec9ad47U, 0xd334fde7U, 0xa4f62952U, - 0xc0a03060U, 0xec9a3b76U, 0x46659f23U, 0xc72af8edU, - 0x3faec691U, 0x4c6a1326U, 0x1814060cU, 0x141e050aU, - 0x33a4c597U, 0x44661122U, 0xc12f77eeU, 0xed157cf8U, - 0xf5017af4U, 0xfd0d78f0U, 0xd8b4366cU, 0x70481c38U, - 0xe4963972U, 0x79cb59b2U, 0x60501830U, 0x45e956acU, - 0xf68db37bU, 0xfa87b07dU, 0x90d82448U, 0x80c02040U, - 0xf28bb279U, 0x724b9239U, 0xb6eda35bU, 0x27bac09dU, - 0x0d854488U, 0x955162c4U, 0x40601020U, 0xea9fb475U, - 0x2a3f8415U, 0x11974386U, 0x764d933bU, 0x2fb6c299U, - 0x35a14a94U, 0xcea9bd67U, 0x06058f03U, 0xb4ee2d5aU, - 0xcaafbc65U, 0x4a6f9c25U, 0xb5616ad4U, 0x1d9d4080U, - 0x1b98cf83U, 0xb2eba259U, 0x3a27801dU, 0x21bf4f9eU, - 0x7c421f3eU, 0x0f86ca89U, 0x92dbaa49U, 0x15914284U, -}; - -static const ulong32 T3[256] = { - 0xbbd269baU, 0xe54da854U, 0xe2bc5e2fU, 0x25cde874U, - 0xf751a653U, 0xd06bbbd3U, 0xd66fb9d2U, 0xb3299a4dU, - 0xfd5da050U, 0xcf8a45acU, 0x090e078dU, 0xa5c663bfU, - 0x3ddde070U, 0xf155a452U, 0x7b52299aU, 0xb52d984cU, - 0x468fc9eaU, 0xc473b7d5U, 0x55663397U, 0xdc63bfd1U, - 0xaacc6633U, 0xfb59a251U, 0xc771b65bU, 0xf3a251a6U, - 0xfe5fa1deU, 0xad3d9048U, 0xd79a4da8U, 0x715e2f99U, - 0xe04babdbU, 0xacc86432U, 0x95e673b7U, 0x32d7e5fcU, - 0x70abdbe3U, 0x6342219eU, 0x417e3f91U, 0x7d562b9bU, - 0x76afd9e2U, 0xbdd66bbbU, 0x9b198241U, 0x79a5dc6eU, - 0xf9ae57a5U, 0x800b8bcbU, 0x67b1d66bU, 0x596e3795U, - 0xe1be5fa1U, 0x10ebfbf3U, 0x81fe7fb1U, 0x0c080402U, - 0x921785ccU, 0xa23795c4U, 0x4e743a1dU, 0x78502814U, - 0xb02b9bc3U, 0x5791c663U, 0xe64fa9daU, 0xd369ba5dU, - 0xdf61be5fU, 0xf257a5dcU, 0x13e9fa7dU, 0x941387cdU, - 0x1fe1fe7fU, 0xc175b45aU, 0x75add86cU, 0xd56db85cU, - 0x08fbf3f7U, 0xd4984c26U, 0x38dbe3ffU, 0x5493c7edU, - 0x4a87cde8U, 0x694e279dU, 0x7fa1de6fU, 0x0302018eU, - 0x56643219U, 0xe7ba5da0U, 0x1ae7fdf0U, 0x111e0f89U, - 0x223c1e0fU, 0x121c0e07U, 0xc58643afU, 0x20cbebfbU, - 0x30201008U, 0x7e542a15U, 0x2e341a0dU, 0x18100804U, - 0x06040201U, 0x458dc864U, 0xf85ba3dfU, 0x29c5ec76U, - 0x0bf9f279U, 0xf453a7ddU, 0x8ef47a3dU, 0x74582c16U, - 0x82fc7e3fU, 0xb2dc6e37U, 0x73a9da6dU, 0x90e07038U, - 0xb1de6fb9U, 0x37d1e673U, 0x4c83cfe9U, 0xbed46a35U, - 0xe349aa55U, 0x3bd9e271U, 0x07f1f67bU, 0x0f0a058cU, - 0x31d5e472U, 0x171a0d88U, 0x0efff1f6U, 0xfca8542aU, - 0x84f87c3eU, 0xd965bc5eU, 0xd29c4e27U, 0x89058c46U, - 0x2830180cU, 0x4389ca65U, 0x6dbdd068U, 0x5b99c261U, - 0x0a0c0603U, 0xbc239fc1U, 0xef41ae57U, 0xce7fb1d6U, - 0xec43afd9U, 0xcd7db058U, 0xea47add8U, 0x4985cc66U, - 0xc87bb3d7U, 0x9ce8743aU, 0x8a078dc8U, 0x88f0783cU, - 0x26cfe9faU, 0x53623196U, 0xf5a653a7U, 0x775a2d98U, - 0x5297c5ecU, 0xb7da6db8U, 0xa83b93c7U, 0xc38241aeU, - 0x6bb9d269U, 0xa731964bU, 0xdd964babU, 0xd19e4fa9U, - 0x4f81ce67U, 0x3c28140aU, 0x8f018e47U, 0x16eff9f2U, - 0x99ee77b5U, 0xcc884422U, 0x64b3d7e5U, 0x5e9fc1eeU, - 0xa3c261beU, 0xfaac562bU, 0x213e1f81U, 0x6c482412U, - 0x2d361b83U, 0x5a6c361bU, 0x24381c0eU, 0xca8c4623U, - 0x04f3f7f5U, 0x83098a45U, 0xc6844221U, 0x9e1f81ceU, - 0xab399249U, 0xe8b0582cU, 0x2cc3eff9U, 0x6ebfd1e6U, - 0x93e271b6U, 0xf0a05028U, 0x725c2e17U, 0x2b321982U, - 0x5c68341aU, 0x1d160b8bU, 0x3edfe1feU, 0x1b12098aU, - 0x36241209U, 0x8c038fc9U, 0x35261387U, 0xb9259c4eU, - 0x7ca3dfe1U, 0xe4b85c2eU, 0x62b7d5e4U, 0x7aa7dde0U, - 0x408bcbebU, 0x477a3d90U, 0xffaa55a4U, 0x44783c1eU, - 0x392e1785U, 0x5d9dc060U, 0x00000000U, 0xde944a25U, - 0x02f7f5f4U, 0x1ce3fff1U, 0x5f6a3594U, 0x3a2c160bU, - 0x68bbd3e7U, 0x23c9ea75U, 0x589bc3efU, 0xb8d06834U, - 0xa6c46231U, 0xc277b5d4U, 0xda67bdd0U, 0x33221186U, - 0x19e5fc7eU, 0xc98e47adU, 0x34d3e7fdU, 0xf6a45229U, - 0xa0c06030U, 0x9aec763bU, 0x6546239fU, 0x2ac7edf8U, - 0xae3f91c6U, 0x6a4c2613U, 0x14180c06U, 0x1e140a05U, - 0xa43397c5U, 0x66442211U, 0x2fc1ee77U, 0x15edf87cU, - 0x01f5f47aU, 0x0dfdf078U, 0xb4d86c36U, 0x4870381cU, - 0x96e47239U, 0xcb79b259U, 0x50603018U, 0xe945ac56U, - 0x8df67bb3U, 0x87fa7db0U, 0xd8904824U, 0xc0804020U, - 0x8bf279b2U, 0x4b723992U, 0xedb65ba3U, 0xba279dc0U, - 0x850d8844U, 0x5195c462U, 0x60402010U, 0x9fea75b4U, - 0x3f2a1584U, 0x97118643U, 0x4d763b93U, 0xb62f99c2U, - 0xa135944aU, 0xa9ce67bdU, 0x0506038fU, 0xeeb45a2dU, - 0xafca65bcU, 0x6f4a259cU, 0x61b5d46aU, 0x9d1d8040U, - 0x981b83cfU, 0xebb259a2U, 0x273a1d80U, 0xbf219e4fU, - 0x427c3e1fU, 0x860f89caU, 0xdb9249aaU, 0x91158442U, -}; - -static const ulong32 T4[256] = { - 0xbabababaU, 0x54545454U, 0x2f2f2f2fU, 0x74747474U, - 0x53535353U, 0xd3d3d3d3U, 0xd2d2d2d2U, 0x4d4d4d4dU, - 0x50505050U, 0xacacacacU, 0x8d8d8d8dU, 0xbfbfbfbfU, - 0x70707070U, 0x52525252U, 0x9a9a9a9aU, 0x4c4c4c4cU, - 0xeaeaeaeaU, 0xd5d5d5d5U, 0x97979797U, 0xd1d1d1d1U, - 0x33333333U, 0x51515151U, 0x5b5b5b5bU, 0xa6a6a6a6U, - 0xdedededeU, 0x48484848U, 0xa8a8a8a8U, 0x99999999U, - 0xdbdbdbdbU, 0x32323232U, 0xb7b7b7b7U, 0xfcfcfcfcU, - 0xe3e3e3e3U, 0x9e9e9e9eU, 0x91919191U, 0x9b9b9b9bU, - 0xe2e2e2e2U, 0xbbbbbbbbU, 0x41414141U, 0x6e6e6e6eU, - 0xa5a5a5a5U, 0xcbcbcbcbU, 0x6b6b6b6bU, 0x95959595U, - 0xa1a1a1a1U, 0xf3f3f3f3U, 0xb1b1b1b1U, 0x02020202U, - 0xccccccccU, 0xc4c4c4c4U, 0x1d1d1d1dU, 0x14141414U, - 0xc3c3c3c3U, 0x63636363U, 0xdadadadaU, 0x5d5d5d5dU, - 0x5f5f5f5fU, 0xdcdcdcdcU, 0x7d7d7d7dU, 0xcdcdcdcdU, - 0x7f7f7f7fU, 0x5a5a5a5aU, 0x6c6c6c6cU, 0x5c5c5c5cU, - 0xf7f7f7f7U, 0x26262626U, 0xffffffffU, 0xededededU, - 0xe8e8e8e8U, 0x9d9d9d9dU, 0x6f6f6f6fU, 0x8e8e8e8eU, - 0x19191919U, 0xa0a0a0a0U, 0xf0f0f0f0U, 0x89898989U, - 0x0f0f0f0fU, 0x07070707U, 0xafafafafU, 0xfbfbfbfbU, - 0x08080808U, 0x15151515U, 0x0d0d0d0dU, 0x04040404U, - 0x01010101U, 0x64646464U, 0xdfdfdfdfU, 0x76767676U, - 0x79797979U, 0xddddddddU, 0x3d3d3d3dU, 0x16161616U, - 0x3f3f3f3fU, 0x37373737U, 0x6d6d6d6dU, 0x38383838U, - 0xb9b9b9b9U, 0x73737373U, 0xe9e9e9e9U, 0x35353535U, - 0x55555555U, 0x71717171U, 0x7b7b7b7bU, 0x8c8c8c8cU, - 0x72727272U, 0x88888888U, 0xf6f6f6f6U, 0x2a2a2a2aU, - 0x3e3e3e3eU, 0x5e5e5e5eU, 0x27272727U, 0x46464646U, - 0x0c0c0c0cU, 0x65656565U, 0x68686868U, 0x61616161U, - 0x03030303U, 0xc1c1c1c1U, 0x57575757U, 0xd6d6d6d6U, - 0xd9d9d9d9U, 0x58585858U, 0xd8d8d8d8U, 0x66666666U, - 0xd7d7d7d7U, 0x3a3a3a3aU, 0xc8c8c8c8U, 0x3c3c3c3cU, - 0xfafafafaU, 0x96969696U, 0xa7a7a7a7U, 0x98989898U, - 0xececececU, 0xb8b8b8b8U, 0xc7c7c7c7U, 0xaeaeaeaeU, - 0x69696969U, 0x4b4b4b4bU, 0xababababU, 0xa9a9a9a9U, - 0x67676767U, 0x0a0a0a0aU, 0x47474747U, 0xf2f2f2f2U, - 0xb5b5b5b5U, 0x22222222U, 0xe5e5e5e5U, 0xeeeeeeeeU, - 0xbebebebeU, 0x2b2b2b2bU, 0x81818181U, 0x12121212U, - 0x83838383U, 0x1b1b1b1bU, 0x0e0e0e0eU, 0x23232323U, - 0xf5f5f5f5U, 0x45454545U, 0x21212121U, 0xcecececeU, - 0x49494949U, 0x2c2c2c2cU, 0xf9f9f9f9U, 0xe6e6e6e6U, - 0xb6b6b6b6U, 0x28282828U, 0x17171717U, 0x82828282U, - 0x1a1a1a1aU, 0x8b8b8b8bU, 0xfefefefeU, 0x8a8a8a8aU, - 0x09090909U, 0xc9c9c9c9U, 0x87878787U, 0x4e4e4e4eU, - 0xe1e1e1e1U, 0x2e2e2e2eU, 0xe4e4e4e4U, 0xe0e0e0e0U, - 0xebebebebU, 0x90909090U, 0xa4a4a4a4U, 0x1e1e1e1eU, - 0x85858585U, 0x60606060U, 0x00000000U, 0x25252525U, - 0xf4f4f4f4U, 0xf1f1f1f1U, 0x94949494U, 0x0b0b0b0bU, - 0xe7e7e7e7U, 0x75757575U, 0xefefefefU, 0x34343434U, - 0x31313131U, 0xd4d4d4d4U, 0xd0d0d0d0U, 0x86868686U, - 0x7e7e7e7eU, 0xadadadadU, 0xfdfdfdfdU, 0x29292929U, - 0x30303030U, 0x3b3b3b3bU, 0x9f9f9f9fU, 0xf8f8f8f8U, - 0xc6c6c6c6U, 0x13131313U, 0x06060606U, 0x05050505U, - 0xc5c5c5c5U, 0x11111111U, 0x77777777U, 0x7c7c7c7cU, - 0x7a7a7a7aU, 0x78787878U, 0x36363636U, 0x1c1c1c1cU, - 0x39393939U, 0x59595959U, 0x18181818U, 0x56565656U, - 0xb3b3b3b3U, 0xb0b0b0b0U, 0x24242424U, 0x20202020U, - 0xb2b2b2b2U, 0x92929292U, 0xa3a3a3a3U, 0xc0c0c0c0U, - 0x44444444U, 0x62626262U, 0x10101010U, 0xb4b4b4b4U, - 0x84848484U, 0x43434343U, 0x93939393U, 0xc2c2c2c2U, - 0x4a4a4a4aU, 0xbdbdbdbdU, 0x8f8f8f8fU, 0x2d2d2d2dU, - 0xbcbcbcbcU, 0x9c9c9c9cU, 0x6a6a6a6aU, 0x40404040U, - 0xcfcfcfcfU, 0xa2a2a2a2U, 0x80808080U, 0x4f4f4f4fU, - 0x1f1f1f1fU, 0xcacacacaU, 0xaaaaaaaaU, 0x42424242U, -}; - -static const ulong32 T5[256] = { - 0x00000000U, 0x01020608U, 0x02040c10U, 0x03060a18U, - 0x04081820U, 0x050a1e28U, 0x060c1430U, 0x070e1238U, - 0x08103040U, 0x09123648U, 0x0a143c50U, 0x0b163a58U, - 0x0c182860U, 0x0d1a2e68U, 0x0e1c2470U, 0x0f1e2278U, - 0x10206080U, 0x11226688U, 0x12246c90U, 0x13266a98U, - 0x142878a0U, 0x152a7ea8U, 0x162c74b0U, 0x172e72b8U, - 0x183050c0U, 0x193256c8U, 0x1a345cd0U, 0x1b365ad8U, - 0x1c3848e0U, 0x1d3a4ee8U, 0x1e3c44f0U, 0x1f3e42f8U, - 0x2040c01dU, 0x2142c615U, 0x2244cc0dU, 0x2346ca05U, - 0x2448d83dU, 0x254ade35U, 0x264cd42dU, 0x274ed225U, - 0x2850f05dU, 0x2952f655U, 0x2a54fc4dU, 0x2b56fa45U, - 0x2c58e87dU, 0x2d5aee75U, 0x2e5ce46dU, 0x2f5ee265U, - 0x3060a09dU, 0x3162a695U, 0x3264ac8dU, 0x3366aa85U, - 0x3468b8bdU, 0x356abeb5U, 0x366cb4adU, 0x376eb2a5U, - 0x387090ddU, 0x397296d5U, 0x3a749ccdU, 0x3b769ac5U, - 0x3c7888fdU, 0x3d7a8ef5U, 0x3e7c84edU, 0x3f7e82e5U, - 0x40809d3aU, 0x41829b32U, 0x4284912aU, 0x43869722U, - 0x4488851aU, 0x458a8312U, 0x468c890aU, 0x478e8f02U, - 0x4890ad7aU, 0x4992ab72U, 0x4a94a16aU, 0x4b96a762U, - 0x4c98b55aU, 0x4d9ab352U, 0x4e9cb94aU, 0x4f9ebf42U, - 0x50a0fdbaU, 0x51a2fbb2U, 0x52a4f1aaU, 0x53a6f7a2U, - 0x54a8e59aU, 0x55aae392U, 0x56ace98aU, 0x57aeef82U, - 0x58b0cdfaU, 0x59b2cbf2U, 0x5ab4c1eaU, 0x5bb6c7e2U, - 0x5cb8d5daU, 0x5dbad3d2U, 0x5ebcd9caU, 0x5fbedfc2U, - 0x60c05d27U, 0x61c25b2fU, 0x62c45137U, 0x63c6573fU, - 0x64c84507U, 0x65ca430fU, 0x66cc4917U, 0x67ce4f1fU, - 0x68d06d67U, 0x69d26b6fU, 0x6ad46177U, 0x6bd6677fU, - 0x6cd87547U, 0x6dda734fU, 0x6edc7957U, 0x6fde7f5fU, - 0x70e03da7U, 0x71e23bafU, 0x72e431b7U, 0x73e637bfU, - 0x74e82587U, 0x75ea238fU, 0x76ec2997U, 0x77ee2f9fU, - 0x78f00de7U, 0x79f20befU, 0x7af401f7U, 0x7bf607ffU, - 0x7cf815c7U, 0x7dfa13cfU, 0x7efc19d7U, 0x7ffe1fdfU, - 0x801d2774U, 0x811f217cU, 0x82192b64U, 0x831b2d6cU, - 0x84153f54U, 0x8517395cU, 0x86113344U, 0x8713354cU, - 0x880d1734U, 0x890f113cU, 0x8a091b24U, 0x8b0b1d2cU, - 0x8c050f14U, 0x8d07091cU, 0x8e010304U, 0x8f03050cU, - 0x903d47f4U, 0x913f41fcU, 0x92394be4U, 0x933b4decU, - 0x94355fd4U, 0x953759dcU, 0x963153c4U, 0x973355ccU, - 0x982d77b4U, 0x992f71bcU, 0x9a297ba4U, 0x9b2b7dacU, - 0x9c256f94U, 0x9d27699cU, 0x9e216384U, 0x9f23658cU, - 0xa05de769U, 0xa15fe161U, 0xa259eb79U, 0xa35bed71U, - 0xa455ff49U, 0xa557f941U, 0xa651f359U, 0xa753f551U, - 0xa84dd729U, 0xa94fd121U, 0xaa49db39U, 0xab4bdd31U, - 0xac45cf09U, 0xad47c901U, 0xae41c319U, 0xaf43c511U, - 0xb07d87e9U, 0xb17f81e1U, 0xb2798bf9U, 0xb37b8df1U, - 0xb4759fc9U, 0xb57799c1U, 0xb67193d9U, 0xb77395d1U, - 0xb86db7a9U, 0xb96fb1a1U, 0xba69bbb9U, 0xbb6bbdb1U, - 0xbc65af89U, 0xbd67a981U, 0xbe61a399U, 0xbf63a591U, - 0xc09dba4eU, 0xc19fbc46U, 0xc299b65eU, 0xc39bb056U, - 0xc495a26eU, 0xc597a466U, 0xc691ae7eU, 0xc793a876U, - 0xc88d8a0eU, 0xc98f8c06U, 0xca89861eU, 0xcb8b8016U, - 0xcc85922eU, 0xcd879426U, 0xce819e3eU, 0xcf839836U, - 0xd0bddaceU, 0xd1bfdcc6U, 0xd2b9d6deU, 0xd3bbd0d6U, - 0xd4b5c2eeU, 0xd5b7c4e6U, 0xd6b1cefeU, 0xd7b3c8f6U, - 0xd8adea8eU, 0xd9afec86U, 0xdaa9e69eU, 0xdbabe096U, - 0xdca5f2aeU, 0xdda7f4a6U, 0xdea1febeU, 0xdfa3f8b6U, - 0xe0dd7a53U, 0xe1df7c5bU, 0xe2d97643U, 0xe3db704bU, - 0xe4d56273U, 0xe5d7647bU, 0xe6d16e63U, 0xe7d3686bU, - 0xe8cd4a13U, 0xe9cf4c1bU, 0xeac94603U, 0xebcb400bU, - 0xecc55233U, 0xedc7543bU, 0xeec15e23U, 0xefc3582bU, - 0xf0fd1ad3U, 0xf1ff1cdbU, 0xf2f916c3U, 0xf3fb10cbU, - 0xf4f502f3U, 0xf5f704fbU, 0xf6f10ee3U, 0xf7f308ebU, - 0xf8ed2a93U, 0xf9ef2c9bU, 0xfae92683U, 0xfbeb208bU, - 0xfce532b3U, 0xfde734bbU, 0xfee13ea3U, 0xffe338abU, -}; - -/** - * The round constants. - */ -static const ulong32 rc[] = { - 0xba542f74U, 0x53d3d24dU, 0x50ac8dbfU, 0x70529a4cU, - 0xead597d1U, 0x33515ba6U, 0xde48a899U, 0xdb32b7fcU, - 0xe39e919bU, 0xe2bb416eU, 0xa5cb6b95U, 0xa1f3b102U, - 0xccc41d14U, 0xc363da5dU, 0x5fdc7dcdU, 0x7f5a6c5cU, - 0xf726ffedU, 0xe89d6f8eU, 0x19a0f089U, -}; - - - -#else - - -static const ulong32 T0[256] = { - 0xa753a6f5U, 0xd3bb6bd0U, 0xe6d1bf6eU, 0x71e2d93bU, - 0xd0bd67daU, 0xac458acfU, 0x4d9a29b3U, 0x79f2f90bU, - 0x3a74e89cU, 0xc98f038cU, 0x913f7e41U, 0xfce5d732U, - 0x1e3c7844U, 0x478e018fU, 0x54a84de5U, 0xbd67cea9U, - 0x8c050a0fU, 0xa557aef9U, 0x7af4f501U, 0xfbebcb20U, - 0x63c69157U, 0xb86ddab7U, 0xdda753f4U, 0xd4b577c2U, - 0xe5d7b364U, 0xb37bf68dU, 0xc59733a4U, 0xbe61c2a3U, - 0xa94f9ed1U, 0x880d1a17U, 0x0c183028U, 0xa259b2ebU, - 0x3972e496U, 0xdfa35bf8U, 0x2952a4f6U, 0xdaa94fe6U, - 0x2b56acfaU, 0xa84d9ad7U, 0xcb8b0b80U, 0x4c982db5U, - 0x4b9631a7U, 0x224488ccU, 0xaa4992dbU, 0x244890d8U, - 0x4182199bU, 0x70e0dd3dU, 0xa651a2f3U, 0xf9efc32cU, - 0x5ab475c1U, 0xe2d9af76U, 0xb07dfa87U, 0x366cd8b4U, - 0x7dfae913U, 0xe4d5b762U, 0x3366ccaaU, 0xffe3db38U, - 0x60c09d5dU, 0x204080c0U, 0x08102030U, 0x8b0b161dU, - 0x5ebc65d9U, 0xab4b96ddU, 0x7ffee11fU, 0x78f0fd0dU, - 0x7cf8ed15U, 0x2c58b0e8U, 0x57ae41efU, 0xd2b96fd6U, - 0xdca557f2U, 0x6ddaa973U, 0x7efce519U, 0x0d1a342eU, - 0x53a651f7U, 0x94356a5fU, 0xc39b2bb0U, 0x2850a0f0U, - 0x274e9cd2U, 0x060c1814U, 0x5fbe61dfU, 0xad478ec9U, - 0x67ce814fU, 0x5cb86dd5U, 0x55aa49e3U, 0x48903dadU, - 0x0e1c3824U, 0x52a455f1U, 0xeac98f46U, 0x42841591U, - 0x5bb671c7U, 0x5dba69d3U, 0x3060c0a0U, 0x58b07dcdU, - 0x51a259fbU, 0x59b279cbU, 0x3c78f088U, 0x4e9c25b9U, - 0x3870e090U, 0x8a09121bU, 0x72e4d531U, 0x14285078U, - 0xe7d3bb68U, 0xc6913faeU, 0xdea15ffeU, 0x50a05dfdU, - 0x8e010203U, 0x9239724bU, 0xd1bf63dcU, 0x77eec12fU, - 0x933b764dU, 0x458a0983U, 0x9a29527bU, 0xce811f9eU, - 0x2d5ab4eeU, 0x03060c0aU, 0x62c49551U, 0xb671e293U, - 0xb96fdeb1U, 0xbf63c6a5U, 0x96316253U, 0x6bd6b167U, - 0x3f7efc82U, 0x070e1c12U, 0x1224486cU, 0xae4182c3U, - 0x40801d9dU, 0x3468d0b8U, 0x468c0589U, 0x3e7cf884U, - 0xdbab4be0U, 0xcf831b98U, 0xecc59752U, 0xcc851792U, - 0xc19f23bcU, 0xa15fbee1U, 0xc09d27baU, 0xd6b17fceU, - 0x1d3a744eU, 0xf4f5f702U, 0x61c2995bU, 0x3b76ec9aU, - 0x10204060U, 0xd8ad47eaU, 0x68d0bd6dU, 0xa05dbae7U, - 0xb17ffe81U, 0x0a14283cU, 0x69d2b96bU, 0x6cd8ad75U, - 0x499239abU, 0xfae9cf26U, 0x76ecc529U, 0xc49537a2U, - 0x9e214263U, 0x9b2b567dU, 0x6edca579U, 0x992f5e71U, - 0xc2992fb6U, 0xb773e695U, 0x982d5a77U, 0xbc65caafU, - 0x8f030605U, 0x85172e39U, 0x1f3e7c42U, 0xb475ea9fU, - 0xf8edc72aU, 0x11224466U, 0x2e5cb8e4U, 0x00000000U, - 0x254a94deU, 0x1c387048U, 0x2a54a8fcU, 0x3d7af48eU, - 0x050a141eU, 0x4f9e21bfU, 0x7bf6f107U, 0xb279f28bU, - 0x3264c8acU, 0x903d7a47U, 0xaf4386c5U, 0x19326456U, - 0xa35bb6edU, 0xf7f3fb08U, 0x73e6d137U, 0x9d274e69U, - 0x152a547eU, 0x74e8cd25U, 0xeec19f5eU, 0xca890f86U, - 0x9f234665U, 0x0f1e3c22U, 0x1b366c5aU, 0x75eac923U, - 0x86112233U, 0x84152a3fU, 0x9c254a6fU, 0x4a9435a1U, - 0x97336655U, 0x1a34685cU, 0x65ca8943U, 0xf6f1ff0eU, - 0xedc79354U, 0x09122436U, 0xbb6bd6bdU, 0x264c98d4U, - 0x831b362dU, 0xebcb8b40U, 0x6fdea17fU, 0x811f3e21U, - 0x04081018U, 0x6ad4b561U, 0x43861197U, 0x01020406U, - 0x172e5c72U, 0xe1dfa37cU, 0x87132635U, 0xf5f7f304U, - 0x8d070e09U, 0xe3dbab70U, 0x23468ccaU, 0x801d3a27U, - 0x44880d85U, 0x162c5874U, 0x66cc8549U, 0x214284c6U, - 0xfee1df3eU, 0xd5b773c4U, 0x3162c4a6U, 0xd9af43ecU, - 0x356ad4beU, 0x18306050U, 0x0204080cU, 0x64c88d45U, - 0xf2f9ef16U, 0xf1ffe31cU, 0x56ac45e9U, 0xcd871394U, - 0x8219322bU, 0xc88d078aU, 0xba69d2bbU, 0xf0fde71aU, - 0xefc39b58U, 0xe9cf834cU, 0xe8cd874aU, 0xfde7d334U, - 0x890f1e11U, 0xd7b37bc8U, 0xc7933ba8U, 0xb577ee99U, - 0xa455aaffU, 0x2f5ebce2U, 0x95376e59U, 0x13264c6aU, - 0x0b162c3aU, 0xf3fbeb10U, 0xe0dda77aU, 0x376edcb2U, -}; - -static const ulong32 T1[256] = { - 0x53a7f5a6U, 0xbbd3d06bU, 0xd1e66ebfU, 0xe2713bd9U, - 0xbdd0da67U, 0x45accf8aU, 0x9a4db329U, 0xf2790bf9U, - 0x743a9ce8U, 0x8fc98c03U, 0x3f91417eU, 0xe5fc32d7U, - 0x3c1e4478U, 0x8e478f01U, 0xa854e54dU, 0x67bda9ceU, - 0x058c0f0aU, 0x57a5f9aeU, 0xf47a01f5U, 0xebfb20cbU, - 0xc6635791U, 0x6db8b7daU, 0xa7ddf453U, 0xb5d4c277U, - 0xd7e564b3U, 0x7bb38df6U, 0x97c5a433U, 0x61bea3c2U, - 0x4fa9d19eU, 0x0d88171aU, 0x180c2830U, 0x59a2ebb2U, - 0x723996e4U, 0xa3dff85bU, 0x5229f6a4U, 0xa9dae64fU, - 0x562bfaacU, 0x4da8d79aU, 0x8bcb800bU, 0x984cb52dU, - 0x964ba731U, 0x4422cc88U, 0x49aadb92U, 0x4824d890U, - 0x82419b19U, 0xe0703dddU, 0x51a6f3a2U, 0xeff92cc3U, - 0xb45ac175U, 0xd9e276afU, 0x7db087faU, 0x6c36b4d8U, - 0xfa7d13e9U, 0xd5e462b7U, 0x6633aaccU, 0xe3ff38dbU, - 0xc0605d9dU, 0x4020c080U, 0x10083020U, 0x0b8b1d16U, - 0xbc5ed965U, 0x4babdd96U, 0xfe7f1fe1U, 0xf0780dfdU, - 0xf87c15edU, 0x582ce8b0U, 0xae57ef41U, 0xb9d2d66fU, - 0xa5dcf257U, 0xda6d73a9U, 0xfc7e19e5U, 0x1a0d2e34U, - 0xa653f751U, 0x35945f6aU, 0x9bc3b02bU, 0x5028f0a0U, - 0x4e27d29cU, 0x0c061418U, 0xbe5fdf61U, 0x47adc98eU, - 0xce674f81U, 0xb85cd56dU, 0xaa55e349U, 0x9048ad3dU, - 0x1c0e2438U, 0xa452f155U, 0xc9ea468fU, 0x84429115U, - 0xb65bc771U, 0xba5dd369U, 0x6030a0c0U, 0xb058cd7dU, - 0xa251fb59U, 0xb259cb79U, 0x783c88f0U, 0x9c4eb925U, - 0x703890e0U, 0x098a1b12U, 0xe47231d5U, 0x28147850U, - 0xd3e768bbU, 0x91c6ae3fU, 0xa1defe5fU, 0xa050fd5dU, - 0x018e0302U, 0x39924b72U, 0xbfd1dc63U, 0xee772fc1U, - 0x3b934d76U, 0x8a458309U, 0x299a7b52U, 0x81ce9e1fU, - 0x5a2deeb4U, 0x06030a0cU, 0xc4625195U, 0x71b693e2U, - 0x6fb9b1deU, 0x63bfa5c6U, 0x31965362U, 0xd66b67b1U, - 0x7e3f82fcU, 0x0e07121cU, 0x24126c48U, 0x41aec382U, - 0x80409d1dU, 0x6834b8d0U, 0x8c468905U, 0x7c3e84f8U, - 0xabdbe04bU, 0x83cf981bU, 0xc5ec5297U, 0x85cc9217U, - 0x9fc1bc23U, 0x5fa1e1beU, 0x9dc0ba27U, 0xb1d6ce7fU, - 0x3a1d4e74U, 0xf5f402f7U, 0xc2615b99U, 0x763b9aecU, - 0x20106040U, 0xadd8ea47U, 0xd0686dbdU, 0x5da0e7baU, - 0x7fb181feU, 0x140a3c28U, 0xd2696bb9U, 0xd86c75adU, - 0x9249ab39U, 0xe9fa26cfU, 0xec7629c5U, 0x95c4a237U, - 0x219e6342U, 0x2b9b7d56U, 0xdc6e79a5U, 0x2f99715eU, - 0x99c2b62fU, 0x73b795e6U, 0x2d98775aU, 0x65bcafcaU, - 0x038f0506U, 0x1785392eU, 0x3e1f427cU, 0x75b49feaU, - 0xedf82ac7U, 0x22116644U, 0x5c2ee4b8U, 0x00000000U, - 0x4a25de94U, 0x381c4870U, 0x542afca8U, 0x7a3d8ef4U, - 0x0a051e14U, 0x9e4fbf21U, 0xf67b07f1U, 0x79b28bf2U, - 0x6432acc8U, 0x3d90477aU, 0x43afc586U, 0x32195664U, - 0x5ba3edb6U, 0xf3f708fbU, 0xe67337d1U, 0x279d694eU, - 0x2a157e54U, 0xe87425cdU, 0xc1ee5e9fU, 0x89ca860fU, - 0x239f6546U, 0x1e0f223cU, 0x361b5a6cU, 0xea7523c9U, - 0x11863322U, 0x15843f2aU, 0x259c6f4aU, 0x944aa135U, - 0x33975566U, 0x341a5c68U, 0xca654389U, 0xf1f60effU, - 0xc7ed5493U, 0x12093624U, 0x6bbbbdd6U, 0x4c26d498U, - 0x1b832d36U, 0xcbeb408bU, 0xde6f7fa1U, 0x1f81213eU, - 0x08041810U, 0xd46a61b5U, 0x86439711U, 0x02010604U, - 0x2e17725cU, 0xdfe17ca3U, 0x13873526U, 0xf7f504f3U, - 0x078d090eU, 0xdbe370abU, 0x4623ca8cU, 0x1d80273aU, - 0x8844850dU, 0x2c167458U, 0xcc664985U, 0x4221c684U, - 0xe1fe3edfU, 0xb7d5c473U, 0x6231a6c4U, 0xafd9ec43U, - 0x6a35bed4U, 0x30185060U, 0x04020c08U, 0xc864458dU, - 0xf9f216efU, 0xfff11ce3U, 0xac56e945U, 0x87cd9413U, - 0x19822b32U, 0x8dc88a07U, 0x69babbd2U, 0xfdf01ae7U, - 0xc3ef589bU, 0xcfe94c83U, 0xcde84a87U, 0xe7fd34d3U, - 0x0f89111eU, 0xb3d7c87bU, 0x93c7a83bU, 0x77b599eeU, - 0x55a4ffaaU, 0x5e2fe2bcU, 0x3795596eU, 0x26136a4cU, - 0x160b3a2cU, 0xfbf310ebU, 0xdde07aa7U, 0x6e37b2dcU, -}; - -static const ulong32 T2[256] = { - 0xa6f5a753U, 0x6bd0d3bbU, 0xbf6ee6d1U, 0xd93b71e2U, - 0x67dad0bdU, 0x8acfac45U, 0x29b34d9aU, 0xf90b79f2U, - 0xe89c3a74U, 0x038cc98fU, 0x7e41913fU, 0xd732fce5U, - 0x78441e3cU, 0x018f478eU, 0x4de554a8U, 0xcea9bd67U, - 0x0a0f8c05U, 0xaef9a557U, 0xf5017af4U, 0xcb20fbebU, - 0x915763c6U, 0xdab7b86dU, 0x53f4dda7U, 0x77c2d4b5U, - 0xb364e5d7U, 0xf68db37bU, 0x33a4c597U, 0xc2a3be61U, - 0x9ed1a94fU, 0x1a17880dU, 0x30280c18U, 0xb2eba259U, - 0xe4963972U, 0x5bf8dfa3U, 0xa4f62952U, 0x4fe6daa9U, - 0xacfa2b56U, 0x9ad7a84dU, 0x0b80cb8bU, 0x2db54c98U, - 0x31a74b96U, 0x88cc2244U, 0x92dbaa49U, 0x90d82448U, - 0x199b4182U, 0xdd3d70e0U, 0xa2f3a651U, 0xc32cf9efU, - 0x75c15ab4U, 0xaf76e2d9U, 0xfa87b07dU, 0xd8b4366cU, - 0xe9137dfaU, 0xb762e4d5U, 0xccaa3366U, 0xdb38ffe3U, - 0x9d5d60c0U, 0x80c02040U, 0x20300810U, 0x161d8b0bU, - 0x65d95ebcU, 0x96ddab4bU, 0xe11f7ffeU, 0xfd0d78f0U, - 0xed157cf8U, 0xb0e82c58U, 0x41ef57aeU, 0x6fd6d2b9U, - 0x57f2dca5U, 0xa9736ddaU, 0xe5197efcU, 0x342e0d1aU, - 0x51f753a6U, 0x6a5f9435U, 0x2bb0c39bU, 0xa0f02850U, - 0x9cd2274eU, 0x1814060cU, 0x61df5fbeU, 0x8ec9ad47U, - 0x814f67ceU, 0x6dd55cb8U, 0x49e355aaU, 0x3dad4890U, - 0x38240e1cU, 0x55f152a4U, 0x8f46eac9U, 0x15914284U, - 0x71c75bb6U, 0x69d35dbaU, 0xc0a03060U, 0x7dcd58b0U, - 0x59fb51a2U, 0x79cb59b2U, 0xf0883c78U, 0x25b94e9cU, - 0xe0903870U, 0x121b8a09U, 0xd53172e4U, 0x50781428U, - 0xbb68e7d3U, 0x3faec691U, 0x5ffedea1U, 0x5dfd50a0U, - 0x02038e01U, 0x724b9239U, 0x63dcd1bfU, 0xc12f77eeU, - 0x764d933bU, 0x0983458aU, 0x527b9a29U, 0x1f9ece81U, - 0xb4ee2d5aU, 0x0c0a0306U, 0x955162c4U, 0xe293b671U, - 0xdeb1b96fU, 0xc6a5bf63U, 0x62539631U, 0xb1676bd6U, - 0xfc823f7eU, 0x1c12070eU, 0x486c1224U, 0x82c3ae41U, - 0x1d9d4080U, 0xd0b83468U, 0x0589468cU, 0xf8843e7cU, - 0x4be0dbabU, 0x1b98cf83U, 0x9752ecc5U, 0x1792cc85U, - 0x23bcc19fU, 0xbee1a15fU, 0x27bac09dU, 0x7fced6b1U, - 0x744e1d3aU, 0xf702f4f5U, 0x995b61c2U, 0xec9a3b76U, - 0x40601020U, 0x47ead8adU, 0xbd6d68d0U, 0xbae7a05dU, - 0xfe81b17fU, 0x283c0a14U, 0xb96b69d2U, 0xad756cd8U, - 0x39ab4992U, 0xcf26fae9U, 0xc52976ecU, 0x37a2c495U, - 0x42639e21U, 0x567d9b2bU, 0xa5796edcU, 0x5e71992fU, - 0x2fb6c299U, 0xe695b773U, 0x5a77982dU, 0xcaafbc65U, - 0x06058f03U, 0x2e398517U, 0x7c421f3eU, 0xea9fb475U, - 0xc72af8edU, 0x44661122U, 0xb8e42e5cU, 0x00000000U, - 0x94de254aU, 0x70481c38U, 0xa8fc2a54U, 0xf48e3d7aU, - 0x141e050aU, 0x21bf4f9eU, 0xf1077bf6U, 0xf28bb279U, - 0xc8ac3264U, 0x7a47903dU, 0x86c5af43U, 0x64561932U, - 0xb6eda35bU, 0xfb08f7f3U, 0xd13773e6U, 0x4e699d27U, - 0x547e152aU, 0xcd2574e8U, 0x9f5eeec1U, 0x0f86ca89U, - 0x46659f23U, 0x3c220f1eU, 0x6c5a1b36U, 0xc92375eaU, - 0x22338611U, 0x2a3f8415U, 0x4a6f9c25U, 0x35a14a94U, - 0x66559733U, 0x685c1a34U, 0x894365caU, 0xff0ef6f1U, - 0x9354edc7U, 0x24360912U, 0xd6bdbb6bU, 0x98d4264cU, - 0x362d831bU, 0x8b40ebcbU, 0xa17f6fdeU, 0x3e21811fU, - 0x10180408U, 0xb5616ad4U, 0x11974386U, 0x04060102U, - 0x5c72172eU, 0xa37ce1dfU, 0x26358713U, 0xf304f5f7U, - 0x0e098d07U, 0xab70e3dbU, 0x8cca2346U, 0x3a27801dU, - 0x0d854488U, 0x5874162cU, 0x854966ccU, 0x84c62142U, - 0xdf3efee1U, 0x73c4d5b7U, 0xc4a63162U, 0x43ecd9afU, - 0xd4be356aU, 0x60501830U, 0x080c0204U, 0x8d4564c8U, - 0xef16f2f9U, 0xe31cf1ffU, 0x45e956acU, 0x1394cd87U, - 0x322b8219U, 0x078ac88dU, 0xd2bbba69U, 0xe71af0fdU, - 0x9b58efc3U, 0x834ce9cfU, 0x874ae8cdU, 0xd334fde7U, - 0x1e11890fU, 0x7bc8d7b3U, 0x3ba8c793U, 0xee99b577U, - 0xaaffa455U, 0xbce22f5eU, 0x6e599537U, 0x4c6a1326U, - 0x2c3a0b16U, 0xeb10f3fbU, 0xa77ae0ddU, 0xdcb2376eU, -}; - -static const ulong32 T3[256] = { - 0xf5a653a7U, 0xd06bbbd3U, 0x6ebfd1e6U, 0x3bd9e271U, - 0xda67bdd0U, 0xcf8a45acU, 0xb3299a4dU, 0x0bf9f279U, - 0x9ce8743aU, 0x8c038fc9U, 0x417e3f91U, 0x32d7e5fcU, - 0x44783c1eU, 0x8f018e47U, 0xe54da854U, 0xa9ce67bdU, - 0x0f0a058cU, 0xf9ae57a5U, 0x01f5f47aU, 0x20cbebfbU, - 0x5791c663U, 0xb7da6db8U, 0xf453a7ddU, 0xc277b5d4U, - 0x64b3d7e5U, 0x8df67bb3U, 0xa43397c5U, 0xa3c261beU, - 0xd19e4fa9U, 0x171a0d88U, 0x2830180cU, 0xebb259a2U, - 0x96e47239U, 0xf85ba3dfU, 0xf6a45229U, 0xe64fa9daU, - 0xfaac562bU, 0xd79a4da8U, 0x800b8bcbU, 0xb52d984cU, - 0xa731964bU, 0xcc884422U, 0xdb9249aaU, 0xd8904824U, - 0x9b198241U, 0x3ddde070U, 0xf3a251a6U, 0x2cc3eff9U, - 0xc175b45aU, 0x76afd9e2U, 0x87fa7db0U, 0xb4d86c36U, - 0x13e9fa7dU, 0x62b7d5e4U, 0xaacc6633U, 0x38dbe3ffU, - 0x5d9dc060U, 0xc0804020U, 0x30201008U, 0x1d160b8bU, - 0xd965bc5eU, 0xdd964babU, 0x1fe1fe7fU, 0x0dfdf078U, - 0x15edf87cU, 0xe8b0582cU, 0xef41ae57U, 0xd66fb9d2U, - 0xf257a5dcU, 0x73a9da6dU, 0x19e5fc7eU, 0x2e341a0dU, - 0xf751a653U, 0x5f6a3594U, 0xb02b9bc3U, 0xf0a05028U, - 0xd29c4e27U, 0x14180c06U, 0xdf61be5fU, 0xc98e47adU, - 0x4f81ce67U, 0xd56db85cU, 0xe349aa55U, 0xad3d9048U, - 0x24381c0eU, 0xf155a452U, 0x468fc9eaU, 0x91158442U, - 0xc771b65bU, 0xd369ba5dU, 0xa0c06030U, 0xcd7db058U, - 0xfb59a251U, 0xcb79b259U, 0x88f0783cU, 0xb9259c4eU, - 0x90e07038U, 0x1b12098aU, 0x31d5e472U, 0x78502814U, - 0x68bbd3e7U, 0xae3f91c6U, 0xfe5fa1deU, 0xfd5da050U, - 0x0302018eU, 0x4b723992U, 0xdc63bfd1U, 0x2fc1ee77U, - 0x4d763b93U, 0x83098a45U, 0x7b52299aU, 0x9e1f81ceU, - 0xeeb45a2dU, 0x0a0c0603U, 0x5195c462U, 0x93e271b6U, - 0xb1de6fb9U, 0xa5c663bfU, 0x53623196U, 0x67b1d66bU, - 0x82fc7e3fU, 0x121c0e07U, 0x6c482412U, 0xc38241aeU, - 0x9d1d8040U, 0xb8d06834U, 0x89058c46U, 0x84f87c3eU, - 0xe04babdbU, 0x981b83cfU, 0x5297c5ecU, 0x921785ccU, - 0xbc239fc1U, 0xe1be5fa1U, 0xba279dc0U, 0xce7fb1d6U, - 0x4e743a1dU, 0x02f7f5f4U, 0x5b99c261U, 0x9aec763bU, - 0x60402010U, 0xea47add8U, 0x6dbdd068U, 0xe7ba5da0U, - 0x81fe7fb1U, 0x3c28140aU, 0x6bb9d269U, 0x75add86cU, - 0xab399249U, 0x26cfe9faU, 0x29c5ec76U, 0xa23795c4U, - 0x6342219eU, 0x7d562b9bU, 0x79a5dc6eU, 0x715e2f99U, - 0xb62f99c2U, 0x95e673b7U, 0x775a2d98U, 0xafca65bcU, - 0x0506038fU, 0x392e1785U, 0x427c3e1fU, 0x9fea75b4U, - 0x2ac7edf8U, 0x66442211U, 0xe4b85c2eU, 0x00000000U, - 0xde944a25U, 0x4870381cU, 0xfca8542aU, 0x8ef47a3dU, - 0x1e140a05U, 0xbf219e4fU, 0x07f1f67bU, 0x8bf279b2U, - 0xacc86432U, 0x477a3d90U, 0xc58643afU, 0x56643219U, - 0xedb65ba3U, 0x08fbf3f7U, 0x37d1e673U, 0x694e279dU, - 0x7e542a15U, 0x25cde874U, 0x5e9fc1eeU, 0x860f89caU, - 0x6546239fU, 0x223c1e0fU, 0x5a6c361bU, 0x23c9ea75U, - 0x33221186U, 0x3f2a1584U, 0x6f4a259cU, 0xa135944aU, - 0x55663397U, 0x5c68341aU, 0x4389ca65U, 0x0efff1f6U, - 0x5493c7edU, 0x36241209U, 0xbdd66bbbU, 0xd4984c26U, - 0x2d361b83U, 0x408bcbebU, 0x7fa1de6fU, 0x213e1f81U, - 0x18100804U, 0x61b5d46aU, 0x97118643U, 0x06040201U, - 0x725c2e17U, 0x7ca3dfe1U, 0x35261387U, 0x04f3f7f5U, - 0x090e078dU, 0x70abdbe3U, 0xca8c4623U, 0x273a1d80U, - 0x850d8844U, 0x74582c16U, 0x4985cc66U, 0xc6844221U, - 0x3edfe1feU, 0xc473b7d5U, 0xa6c46231U, 0xec43afd9U, - 0xbed46a35U, 0x50603018U, 0x0c080402U, 0x458dc864U, - 0x16eff9f2U, 0x1ce3fff1U, 0xe945ac56U, 0x941387cdU, - 0x2b321982U, 0x8a078dc8U, 0xbbd269baU, 0x1ae7fdf0U, - 0x589bc3efU, 0x4c83cfe9U, 0x4a87cde8U, 0x34d3e7fdU, - 0x111e0f89U, 0xc87bb3d7U, 0xa83b93c7U, 0x99ee77b5U, - 0xffaa55a4U, 0xe2bc5e2fU, 0x596e3795U, 0x6a4c2613U, - 0x3a2c160bU, 0x10ebfbf3U, 0x7aa7dde0U, 0xb2dc6e37U, -}; - -static const ulong32 T4[256] = { - 0xa7a7a7a7U, 0xd3d3d3d3U, 0xe6e6e6e6U, 0x71717171U, - 0xd0d0d0d0U, 0xacacacacU, 0x4d4d4d4dU, 0x79797979U, - 0x3a3a3a3aU, 0xc9c9c9c9U, 0x91919191U, 0xfcfcfcfcU, - 0x1e1e1e1eU, 0x47474747U, 0x54545454U, 0xbdbdbdbdU, - 0x8c8c8c8cU, 0xa5a5a5a5U, 0x7a7a7a7aU, 0xfbfbfbfbU, - 0x63636363U, 0xb8b8b8b8U, 0xddddddddU, 0xd4d4d4d4U, - 0xe5e5e5e5U, 0xb3b3b3b3U, 0xc5c5c5c5U, 0xbebebebeU, - 0xa9a9a9a9U, 0x88888888U, 0x0c0c0c0cU, 0xa2a2a2a2U, - 0x39393939U, 0xdfdfdfdfU, 0x29292929U, 0xdadadadaU, - 0x2b2b2b2bU, 0xa8a8a8a8U, 0xcbcbcbcbU, 0x4c4c4c4cU, - 0x4b4b4b4bU, 0x22222222U, 0xaaaaaaaaU, 0x24242424U, - 0x41414141U, 0x70707070U, 0xa6a6a6a6U, 0xf9f9f9f9U, - 0x5a5a5a5aU, 0xe2e2e2e2U, 0xb0b0b0b0U, 0x36363636U, - 0x7d7d7d7dU, 0xe4e4e4e4U, 0x33333333U, 0xffffffffU, - 0x60606060U, 0x20202020U, 0x08080808U, 0x8b8b8b8bU, - 0x5e5e5e5eU, 0xababababU, 0x7f7f7f7fU, 0x78787878U, - 0x7c7c7c7cU, 0x2c2c2c2cU, 0x57575757U, 0xd2d2d2d2U, - 0xdcdcdcdcU, 0x6d6d6d6dU, 0x7e7e7e7eU, 0x0d0d0d0dU, - 0x53535353U, 0x94949494U, 0xc3c3c3c3U, 0x28282828U, - 0x27272727U, 0x06060606U, 0x5f5f5f5fU, 0xadadadadU, - 0x67676767U, 0x5c5c5c5cU, 0x55555555U, 0x48484848U, - 0x0e0e0e0eU, 0x52525252U, 0xeaeaeaeaU, 0x42424242U, - 0x5b5b5b5bU, 0x5d5d5d5dU, 0x30303030U, 0x58585858U, - 0x51515151U, 0x59595959U, 0x3c3c3c3cU, 0x4e4e4e4eU, - 0x38383838U, 0x8a8a8a8aU, 0x72727272U, 0x14141414U, - 0xe7e7e7e7U, 0xc6c6c6c6U, 0xdedededeU, 0x50505050U, - 0x8e8e8e8eU, 0x92929292U, 0xd1d1d1d1U, 0x77777777U, - 0x93939393U, 0x45454545U, 0x9a9a9a9aU, 0xcecececeU, - 0x2d2d2d2dU, 0x03030303U, 0x62626262U, 0xb6b6b6b6U, - 0xb9b9b9b9U, 0xbfbfbfbfU, 0x96969696U, 0x6b6b6b6bU, - 0x3f3f3f3fU, 0x07070707U, 0x12121212U, 0xaeaeaeaeU, - 0x40404040U, 0x34343434U, 0x46464646U, 0x3e3e3e3eU, - 0xdbdbdbdbU, 0xcfcfcfcfU, 0xececececU, 0xccccccccU, - 0xc1c1c1c1U, 0xa1a1a1a1U, 0xc0c0c0c0U, 0xd6d6d6d6U, - 0x1d1d1d1dU, 0xf4f4f4f4U, 0x61616161U, 0x3b3b3b3bU, - 0x10101010U, 0xd8d8d8d8U, 0x68686868U, 0xa0a0a0a0U, - 0xb1b1b1b1U, 0x0a0a0a0aU, 0x69696969U, 0x6c6c6c6cU, - 0x49494949U, 0xfafafafaU, 0x76767676U, 0xc4c4c4c4U, - 0x9e9e9e9eU, 0x9b9b9b9bU, 0x6e6e6e6eU, 0x99999999U, - 0xc2c2c2c2U, 0xb7b7b7b7U, 0x98989898U, 0xbcbcbcbcU, - 0x8f8f8f8fU, 0x85858585U, 0x1f1f1f1fU, 0xb4b4b4b4U, - 0xf8f8f8f8U, 0x11111111U, 0x2e2e2e2eU, 0x00000000U, - 0x25252525U, 0x1c1c1c1cU, 0x2a2a2a2aU, 0x3d3d3d3dU, - 0x05050505U, 0x4f4f4f4fU, 0x7b7b7b7bU, 0xb2b2b2b2U, - 0x32323232U, 0x90909090U, 0xafafafafU, 0x19191919U, - 0xa3a3a3a3U, 0xf7f7f7f7U, 0x73737373U, 0x9d9d9d9dU, - 0x15151515U, 0x74747474U, 0xeeeeeeeeU, 0xcacacacaU, - 0x9f9f9f9fU, 0x0f0f0f0fU, 0x1b1b1b1bU, 0x75757575U, - 0x86868686U, 0x84848484U, 0x9c9c9c9cU, 0x4a4a4a4aU, - 0x97979797U, 0x1a1a1a1aU, 0x65656565U, 0xf6f6f6f6U, - 0xededededU, 0x09090909U, 0xbbbbbbbbU, 0x26262626U, - 0x83838383U, 0xebebebebU, 0x6f6f6f6fU, 0x81818181U, - 0x04040404U, 0x6a6a6a6aU, 0x43434343U, 0x01010101U, - 0x17171717U, 0xe1e1e1e1U, 0x87878787U, 0xf5f5f5f5U, - 0x8d8d8d8dU, 0xe3e3e3e3U, 0x23232323U, 0x80808080U, - 0x44444444U, 0x16161616U, 0x66666666U, 0x21212121U, - 0xfefefefeU, 0xd5d5d5d5U, 0x31313131U, 0xd9d9d9d9U, - 0x35353535U, 0x18181818U, 0x02020202U, 0x64646464U, - 0xf2f2f2f2U, 0xf1f1f1f1U, 0x56565656U, 0xcdcdcdcdU, - 0x82828282U, 0xc8c8c8c8U, 0xbabababaU, 0xf0f0f0f0U, - 0xefefefefU, 0xe9e9e9e9U, 0xe8e8e8e8U, 0xfdfdfdfdU, - 0x89898989U, 0xd7d7d7d7U, 0xc7c7c7c7U, 0xb5b5b5b5U, - 0xa4a4a4a4U, 0x2f2f2f2fU, 0x95959595U, 0x13131313U, - 0x0b0b0b0bU, 0xf3f3f3f3U, 0xe0e0e0e0U, 0x37373737U, -}; - -static const ulong32 T5[256] = { - 0x00000000U, 0x01020608U, 0x02040c10U, 0x03060a18U, - 0x04081820U, 0x050a1e28U, 0x060c1430U, 0x070e1238U, - 0x08103040U, 0x09123648U, 0x0a143c50U, 0x0b163a58U, - 0x0c182860U, 0x0d1a2e68U, 0x0e1c2470U, 0x0f1e2278U, - 0x10206080U, 0x11226688U, 0x12246c90U, 0x13266a98U, - 0x142878a0U, 0x152a7ea8U, 0x162c74b0U, 0x172e72b8U, - 0x183050c0U, 0x193256c8U, 0x1a345cd0U, 0x1b365ad8U, - 0x1c3848e0U, 0x1d3a4ee8U, 0x1e3c44f0U, 0x1f3e42f8U, - 0x2040c01dU, 0x2142c615U, 0x2244cc0dU, 0x2346ca05U, - 0x2448d83dU, 0x254ade35U, 0x264cd42dU, 0x274ed225U, - 0x2850f05dU, 0x2952f655U, 0x2a54fc4dU, 0x2b56fa45U, - 0x2c58e87dU, 0x2d5aee75U, 0x2e5ce46dU, 0x2f5ee265U, - 0x3060a09dU, 0x3162a695U, 0x3264ac8dU, 0x3366aa85U, - 0x3468b8bdU, 0x356abeb5U, 0x366cb4adU, 0x376eb2a5U, - 0x387090ddU, 0x397296d5U, 0x3a749ccdU, 0x3b769ac5U, - 0x3c7888fdU, 0x3d7a8ef5U, 0x3e7c84edU, 0x3f7e82e5U, - 0x40809d3aU, 0x41829b32U, 0x4284912aU, 0x43869722U, - 0x4488851aU, 0x458a8312U, 0x468c890aU, 0x478e8f02U, - 0x4890ad7aU, 0x4992ab72U, 0x4a94a16aU, 0x4b96a762U, - 0x4c98b55aU, 0x4d9ab352U, 0x4e9cb94aU, 0x4f9ebf42U, - 0x50a0fdbaU, 0x51a2fbb2U, 0x52a4f1aaU, 0x53a6f7a2U, - 0x54a8e59aU, 0x55aae392U, 0x56ace98aU, 0x57aeef82U, - 0x58b0cdfaU, 0x59b2cbf2U, 0x5ab4c1eaU, 0x5bb6c7e2U, - 0x5cb8d5daU, 0x5dbad3d2U, 0x5ebcd9caU, 0x5fbedfc2U, - 0x60c05d27U, 0x61c25b2fU, 0x62c45137U, 0x63c6573fU, - 0x64c84507U, 0x65ca430fU, 0x66cc4917U, 0x67ce4f1fU, - 0x68d06d67U, 0x69d26b6fU, 0x6ad46177U, 0x6bd6677fU, - 0x6cd87547U, 0x6dda734fU, 0x6edc7957U, 0x6fde7f5fU, - 0x70e03da7U, 0x71e23bafU, 0x72e431b7U, 0x73e637bfU, - 0x74e82587U, 0x75ea238fU, 0x76ec2997U, 0x77ee2f9fU, - 0x78f00de7U, 0x79f20befU, 0x7af401f7U, 0x7bf607ffU, - 0x7cf815c7U, 0x7dfa13cfU, 0x7efc19d7U, 0x7ffe1fdfU, - 0x801d2774U, 0x811f217cU, 0x82192b64U, 0x831b2d6cU, - 0x84153f54U, 0x8517395cU, 0x86113344U, 0x8713354cU, - 0x880d1734U, 0x890f113cU, 0x8a091b24U, 0x8b0b1d2cU, - 0x8c050f14U, 0x8d07091cU, 0x8e010304U, 0x8f03050cU, - 0x903d47f4U, 0x913f41fcU, 0x92394be4U, 0x933b4decU, - 0x94355fd4U, 0x953759dcU, 0x963153c4U, 0x973355ccU, - 0x982d77b4U, 0x992f71bcU, 0x9a297ba4U, 0x9b2b7dacU, - 0x9c256f94U, 0x9d27699cU, 0x9e216384U, 0x9f23658cU, - 0xa05de769U, 0xa15fe161U, 0xa259eb79U, 0xa35bed71U, - 0xa455ff49U, 0xa557f941U, 0xa651f359U, 0xa753f551U, - 0xa84dd729U, 0xa94fd121U, 0xaa49db39U, 0xab4bdd31U, - 0xac45cf09U, 0xad47c901U, 0xae41c319U, 0xaf43c511U, - 0xb07d87e9U, 0xb17f81e1U, 0xb2798bf9U, 0xb37b8df1U, - 0xb4759fc9U, 0xb57799c1U, 0xb67193d9U, 0xb77395d1U, - 0xb86db7a9U, 0xb96fb1a1U, 0xba69bbb9U, 0xbb6bbdb1U, - 0xbc65af89U, 0xbd67a981U, 0xbe61a399U, 0xbf63a591U, - 0xc09dba4eU, 0xc19fbc46U, 0xc299b65eU, 0xc39bb056U, - 0xc495a26eU, 0xc597a466U, 0xc691ae7eU, 0xc793a876U, - 0xc88d8a0eU, 0xc98f8c06U, 0xca89861eU, 0xcb8b8016U, - 0xcc85922eU, 0xcd879426U, 0xce819e3eU, 0xcf839836U, - 0xd0bddaceU, 0xd1bfdcc6U, 0xd2b9d6deU, 0xd3bbd0d6U, - 0xd4b5c2eeU, 0xd5b7c4e6U, 0xd6b1cefeU, 0xd7b3c8f6U, - 0xd8adea8eU, 0xd9afec86U, 0xdaa9e69eU, 0xdbabe096U, - 0xdca5f2aeU, 0xdda7f4a6U, 0xdea1febeU, 0xdfa3f8b6U, - 0xe0dd7a53U, 0xe1df7c5bU, 0xe2d97643U, 0xe3db704bU, - 0xe4d56273U, 0xe5d7647bU, 0xe6d16e63U, 0xe7d3686bU, - 0xe8cd4a13U, 0xe9cf4c1bU, 0xeac94603U, 0xebcb400bU, - 0xecc55233U, 0xedc7543bU, 0xeec15e23U, 0xefc3582bU, - 0xf0fd1ad3U, 0xf1ff1cdbU, 0xf2f916c3U, 0xf3fb10cbU, - 0xf4f502f3U, 0xf5f704fbU, 0xf6f10ee3U, 0xf7f308ebU, - 0xf8ed2a93U, 0xf9ef2c9bU, 0xfae92683U, 0xfbeb208bU, - 0xfce532b3U, 0xfde734bbU, 0xfee13ea3U, 0xffe338abU, -}; - -/** - * The round constants. - */ -static const ulong32 rc[] = { - 0xa7d3e671U, 0xd0ac4d79U, 0x3ac991fcU, 0x1e4754bdU, - 0x8ca57afbU, 0x63b8ddd4U, 0xe5b3c5beU, 0xa9880ca2U, - 0x39df29daU, 0x2ba8cb4cU, 0x4b22aa24U, 0x4170a6f9U, - 0x5ae2b036U, 0x7de433ffU, 0x6020088bU, 0x5eab7f78U, - 0x7c2c57d2U, 0xdc6d7e0dU, 0x5394c328U, -}; - -#endif - - /** - Initialize the Anubis block cipher - @param key The symmetric key you wish to pass - @param keylen The key length in bytes - @param num_rounds The number of rounds desired (0 for default) - @param skey The key in as scheduled by this function. - @return CRYPT_OK if successful - */ -#ifdef LTC_CLEAN_STACK -static int _anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) -#else -int anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) -#endif -{ - int N, R, i, pos, r; - ulong32 kappa[MAX_N]; - ulong32 inter[MAX_N] = { 0 }; /* initialize as all zeroes */ - ulong32 v, K0, K1, K2, K3; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(skey != NULL); - - /* Valid sizes (in bytes) are 16, 20, 24, 28, 32, 36, and 40. */ - if ((keylen & 3) || (keylen < 16) || (keylen > 40)) { - return CRYPT_INVALID_KEYSIZE; - } - skey->anubis.keyBits = keylen*8; - - /* - * determine the N length parameter: - * (N.B. it is assumed that the key length is valid!) - */ - N = skey->anubis.keyBits >> 5; - - /* - * determine number of rounds from key size: - */ - skey->anubis.R = R = 8 + N; - - if (num_rounds != 0 && num_rounds != skey->anubis.R) { - return CRYPT_INVALID_ROUNDS; - } - - /* - * map cipher key to initial key state (mu): - */ - for (i = 0, pos = 0; i < N; i++, pos += 4) { - kappa[i] = - (((ulong32)key[pos ]) << 24) ^ - (((ulong32)key[pos + 1]) << 16) ^ - (((ulong32)key[pos + 2]) << 8) ^ - (((ulong32)key[pos + 3]) ); - } - - /* - * generate R + 1 round keys: - */ - for (r = 0; r <= R; r++) { - /* - * generate r-th round key K^r: - */ - K0 = T4[(kappa[N - 1] >> 24) & 0xff]; - K1 = T4[(kappa[N - 1] >> 16) & 0xff]; - K2 = T4[(kappa[N - 1] >> 8) & 0xff]; - K3 = T4[(kappa[N - 1] ) & 0xff]; - for (i = N - 2; i >= 0; i--) { - K0 = T4[(kappa[i] >> 24) & 0xff] ^ - (T5[(K0 >> 24) & 0xff] & 0xff000000U) ^ - (T5[(K0 >> 16) & 0xff] & 0x00ff0000U) ^ - (T5[(K0 >> 8) & 0xff] & 0x0000ff00U) ^ - (T5[(K0 ) & 0xff] & 0x000000ffU); - K1 = T4[(kappa[i] >> 16) & 0xff] ^ - (T5[(K1 >> 24) & 0xff] & 0xff000000U) ^ - (T5[(K1 >> 16) & 0xff] & 0x00ff0000U) ^ - (T5[(K1 >> 8) & 0xff] & 0x0000ff00U) ^ - (T5[(K1 ) & 0xff] & 0x000000ffU); - K2 = T4[(kappa[i] >> 8) & 0xff] ^ - (T5[(K2 >> 24) & 0xff] & 0xff000000U) ^ - (T5[(K2 >> 16) & 0xff] & 0x00ff0000U) ^ - (T5[(K2 >> 8) & 0xff] & 0x0000ff00U) ^ - (T5[(K2 ) & 0xff] & 0x000000ffU); - K3 = T4[(kappa[i] ) & 0xff] ^ - (T5[(K3 >> 24) & 0xff] & 0xff000000U) ^ - (T5[(K3 >> 16) & 0xff] & 0x00ff0000U) ^ - (T5[(K3 >> 8) & 0xff] & 0x0000ff00U) ^ - (T5[(K3 ) & 0xff] & 0x000000ffU); - } - /* - -- this is the code to use with the large U tables: - K0 = K1 = K2 = K3 = 0; - for (i = 0; i < N; i++) { - K0 ^= U[i][(kappa[i] >> 24) & 0xff]; - K1 ^= U[i][(kappa[i] >> 16) & 0xff]; - K2 ^= U[i][(kappa[i] >> 8) & 0xff]; - K3 ^= U[i][(kappa[i] ) & 0xff]; - } - */ - skey->anubis.roundKeyEnc[r][0] = K0; - skey->anubis.roundKeyEnc[r][1] = K1; - skey->anubis.roundKeyEnc[r][2] = K2; - skey->anubis.roundKeyEnc[r][3] = K3; - - /* - * compute kappa^{r+1} from kappa^r: - */ - if (r == R) { - break; - } - for (i = 0; i < N; i++) { - int j = i; - inter[i] = T0[(kappa[j--] >> 24) & 0xff]; if (j < 0) j = N - 1; - inter[i] ^= T1[(kappa[j--] >> 16) & 0xff]; if (j < 0) j = N - 1; - inter[i] ^= T2[(kappa[j--] >> 8) & 0xff]; if (j < 0) j = N - 1; - inter[i] ^= T3[(kappa[j ] ) & 0xff]; - } - kappa[0] = inter[0] ^ rc[r]; - for (i = 1; i < N; i++) { - kappa[i] = inter[i]; - } - } - - /* - * generate inverse key schedule: K'^0 = K^R, K'^R = K^0, K'^r = theta(K^{R-r}): - */ - for (i = 0; i < 4; i++) { - skey->anubis.roundKeyDec[0][i] = skey->anubis.roundKeyEnc[R][i]; - skey->anubis.roundKeyDec[R][i] = skey->anubis.roundKeyEnc[0][i]; - } - for (r = 1; r < R; r++) { - for (i = 0; i < 4; i++) { - v = skey->anubis.roundKeyEnc[R - r][i]; - skey->anubis.roundKeyDec[r][i] = - T0[T4[(v >> 24) & 0xff] & 0xff] ^ - T1[T4[(v >> 16) & 0xff] & 0xff] ^ - T2[T4[(v >> 8) & 0xff] & 0xff] ^ - T3[T4[(v ) & 0xff] & 0xff]; - } - } - - return CRYPT_OK; -} - -#ifdef LTC_CLEAN_STACK -int anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) -{ - int err; - err = _anubis_setup(key, keylen, num_rounds, skey); - burn_stack(sizeof(int) * 5 + sizeof(ulong32) * (MAX_N + MAX_N + 5)); - return err; -} -#endif - - -static void anubis_crypt(const unsigned char *plaintext, unsigned char *ciphertext, - ulong32 roundKey[18 + 1][4], int R) { - int i, pos, r; - ulong32 state[4]; - ulong32 inter[4]; - - /* - * map plaintext block to cipher state (mu) - * and add initial round key (sigma[K^0]): - */ - for (i = 0, pos = 0; i < 4; i++, pos += 4) { - state[i] = - (((ulong32)plaintext[pos ]) << 24) ^ - (((ulong32)plaintext[pos + 1]) << 16) ^ - (((ulong32)plaintext[pos + 2]) << 8) ^ - (((ulong32)plaintext[pos + 3]) ) ^ - roundKey[0][i]; - } - - /* - * R - 1 full rounds: - */ - for (r = 1; r < R; r++) { - inter[0] = - T0[(state[0] >> 24) & 0xff] ^ - T1[(state[1] >> 24) & 0xff] ^ - T2[(state[2] >> 24) & 0xff] ^ - T3[(state[3] >> 24) & 0xff] ^ - roundKey[r][0]; - inter[1] = - T0[(state[0] >> 16) & 0xff] ^ - T1[(state[1] >> 16) & 0xff] ^ - T2[(state[2] >> 16) & 0xff] ^ - T3[(state[3] >> 16) & 0xff] ^ - roundKey[r][1]; - inter[2] = - T0[(state[0] >> 8) & 0xff] ^ - T1[(state[1] >> 8) & 0xff] ^ - T2[(state[2] >> 8) & 0xff] ^ - T3[(state[3] >> 8) & 0xff] ^ - roundKey[r][2]; - inter[3] = - T0[(state[0] ) & 0xff] ^ - T1[(state[1] ) & 0xff] ^ - T2[(state[2] ) & 0xff] ^ - T3[(state[3] ) & 0xff] ^ - roundKey[r][3]; - state[0] = inter[0]; - state[1] = inter[1]; - state[2] = inter[2]; - state[3] = inter[3]; - } - - /* - * last round: - */ - inter[0] = - (T0[(state[0] >> 24) & 0xff] & 0xff000000U) ^ - (T1[(state[1] >> 24) & 0xff] & 0x00ff0000U) ^ - (T2[(state[2] >> 24) & 0xff] & 0x0000ff00U) ^ - (T3[(state[3] >> 24) & 0xff] & 0x000000ffU) ^ - roundKey[R][0]; - inter[1] = - (T0[(state[0] >> 16) & 0xff] & 0xff000000U) ^ - (T1[(state[1] >> 16) & 0xff] & 0x00ff0000U) ^ - (T2[(state[2] >> 16) & 0xff] & 0x0000ff00U) ^ - (T3[(state[3] >> 16) & 0xff] & 0x000000ffU) ^ - roundKey[R][1]; - inter[2] = - (T0[(state[0] >> 8) & 0xff] & 0xff000000U) ^ - (T1[(state[1] >> 8) & 0xff] & 0x00ff0000U) ^ - (T2[(state[2] >> 8) & 0xff] & 0x0000ff00U) ^ - (T3[(state[3] >> 8) & 0xff] & 0x000000ffU) ^ - roundKey[R][2]; - inter[3] = - (T0[(state[0] ) & 0xff] & 0xff000000U) ^ - (T1[(state[1] ) & 0xff] & 0x00ff0000U) ^ - (T2[(state[2] ) & 0xff] & 0x0000ff00U) ^ - (T3[(state[3] ) & 0xff] & 0x000000ffU) ^ - roundKey[R][3]; - - /* - * map cipher state to ciphertext block (mu^{-1}): - */ - for (i = 0, pos = 0; i < 4; i++, pos += 4) { - ulong32 w = inter[i]; - ciphertext[pos ] = (unsigned char)(w >> 24); - ciphertext[pos + 1] = (unsigned char)(w >> 16); - ciphertext[pos + 2] = (unsigned char)(w >> 8); - ciphertext[pos + 3] = (unsigned char)(w ); - } -} - -/** - Encrypts a block of text with Anubis - @param pt The input plaintext (16 bytes) - @param ct The output ciphertext (16 bytes) - @param skey The key as scheduled - @return CRYPT_OK if successful -*/ -int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -{ - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - LTC_ARGCHK(skey != NULL); - anubis_crypt(pt, ct, skey->anubis.roundKeyEnc, skey->anubis.R); - return CRYPT_OK; -} - -/** - Decrypts a block of text with Anubis - @param ct The input ciphertext (16 bytes) - @param pt The output plaintext (16 bytes) - @param skey The key as scheduled - @return CRYPT_OK if successful -*/ -int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -{ - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - LTC_ARGCHK(skey != NULL); - anubis_crypt(ct, pt, skey->anubis.roundKeyDec, skey->anubis.R); - return CRYPT_OK; -} - -/** - Performs a self-test of the Anubis block cipher - @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled -*/ -int anubis_test(void) -{ -#if !defined(LTC_TEST) - return CRYPT_NOP; -#else - static const struct test { - int keylen; - unsigned char pt[16], ct[16], key[40]; - } tests[] = { -#ifndef LTC_ANUBIS_TWEAK - /**** ORIGINAL LTC_ANUBIS ****/ - /* 128 bit keys */ -{ - 16, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xF0, 0x68, 0x60, 0xFC, 0x67, 0x30, 0xE8, 0x18, - 0xF1, 0x32, 0xC7, 0x8A, 0xF4, 0x13, 0x2A, 0xFE }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 16, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xA8, 0x66, 0x84, 0x80, 0x07, 0x74, 0x5C, 0x89, - 0xFC, 0x5E, 0xB5, 0xBA, 0xD4, 0xFE, 0x32, 0x6D }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -}, - - /* 160-bit keys */ -{ - 20, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xBD, 0x5E, 0x32, 0xBE, 0x51, 0x67, 0xA8, 0xE2, - 0x72, 0xD7, 0x95, 0x0F, 0x83, 0xC6, 0x8C, 0x31 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } -}, { - 20, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x4C, 0x1F, 0x86, 0x2E, 0x11, 0xEB, 0xCE, 0xEB, - 0xFE, 0xB9, 0x73, 0xC9, 0xDF, 0xEF, 0x7A, 0xDB }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01 } -}, - - /* 192-bit keys */ -{ - 24, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x17, 0xAC, 0x57, 0x44, 0x9D, 0x59, 0x61, 0x66, - 0xD0, 0xC7, 0x9E, 0x04, 0x7C, 0xC7, 0x58, 0xF0 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 24, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x71, 0x52, 0xB4, 0xEB, 0x1D, 0xAA, 0x36, 0xFD, - 0x57, 0x14, 0x5F, 0x57, 0x04, 0x9F, 0x70, 0x74 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -}, - - /* 224-bit keys */ -{ - 28, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xA2, 0xF0, 0xA6, 0xB9, 0x17, 0x93, 0x2A, 0x3B, - 0xEF, 0x08, 0xE8, 0x7A, 0x58, 0xD6, 0xF8, 0x53 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } -}, { - 28, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xF0, 0xCA, 0xFC, 0x78, 0x8B, 0x4B, 0x4E, 0x53, - 0x8B, 0xC4, 0x32, 0x6A, 0xF5, 0xB9, 0x1B, 0x5F }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01 } -}, - - /* 256-bit keys */ -{ - 32, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xE0, 0x86, 0xAC, 0x45, 0x6B, 0x3C, 0xE5, 0x13, - 0xED, 0xF5, 0xDF, 0xDD, 0xD6, 0x3B, 0x71, 0x93 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 32, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x50, 0x01, 0xB9, 0xF5, 0x21, 0xC1, 0xC1, 0x29, - 0x00, 0xD5, 0xEC, 0x98, 0x2B, 0x9E, 0xE8, 0x21 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -}, - - /* 288-bit keys */ -{ - 36, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xE8, 0xF4, 0xAF, 0x2B, 0x21, 0xA0, 0x87, 0x9B, - 0x41, 0x95, 0xB9, 0x71, 0x75, 0x79, 0x04, 0x7C }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } -}, { - 36, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xE6, 0xA6, 0xA5, 0xBC, 0x8B, 0x63, 0x6F, 0xE2, - 0xBD, 0xA7, 0xA7, 0x53, 0xAB, 0x40, 0x22, 0xE0 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01 } -}, - - /* 320-bit keys */ -{ - 40, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x17, 0x04, 0xD7, 0x2C, 0xC6, 0x85, 0x76, 0x02, - 0x4B, 0xCC, 0x39, 0x80, 0xD8, 0x22, 0xEA, 0xA4 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 40, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x7A, 0x41, 0xE6, 0x7D, 0x4F, 0xD8, 0x64, 0xF0, - 0x44, 0xA8, 0x3C, 0x73, 0x81, 0x7E, 0x53, 0xD8 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -} -#else - /**** Tweaked LTC_ANUBIS ****/ - /* 128 bit keys */ -{ - 16, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xB8, 0x35, 0xBD, 0xC3, 0x34, 0x82, 0x9D, 0x83, - 0x71, 0xBF, 0xA3, 0x71, 0xE4, 0xB3, 0xC4, 0xFD }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 16, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xE6, 0x14, 0x1E, 0xAF, 0xEB, 0xE0, 0x59, 0x3C, - 0x48, 0xE1, 0xCD, 0xF2, 0x1B, 0xBA, 0xA1, 0x89 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -}, - - /* 160-bit keys */ -{ - 20, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x97, 0x59, 0x79, 0x4B, 0x5C, 0xA0, 0x70, 0x73, - 0x24, 0xEF, 0xB3, 0x58, 0x67, 0xCA, 0xD4, 0xB3 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } -}, { - 20, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xB8, 0x0D, 0xFB, 0x9B, 0xE4, 0xA1, 0x58, 0x87, - 0xB3, 0x76, 0xD5, 0x02, 0x18, 0x95, 0xC1, 0x2E }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01 } -}, - - /* 192-bit keys */ -{ - 24, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x7D, 0x62, 0x3B, 0x52, 0xC7, 0x4C, 0x64, 0xD8, - 0xEB, 0xC7, 0x2D, 0x57, 0x97, 0x85, 0x43, 0x8F }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 24, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xB1, 0x0A, 0x59, 0xDD, 0x5D, 0x5D, 0x8D, 0x67, - 0xEC, 0xEE, 0x4A, 0xC4, 0xBE, 0x4F, 0xA8, 0x4F }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -}, - - /* 224-bit keys */ -{ - 28, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x68, 0x9E, 0x05, 0x94, 0x6A, 0x94, 0x43, 0x8F, - 0xE7, 0x8E, 0x37, 0x3D, 0x24, 0x97, 0x92, 0xF5 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } -}, { - 28, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xDD, 0xB7, 0xB0, 0xB4, 0xE9, 0xB4, 0x9B, 0x9C, - 0x38, 0x20, 0x25, 0x0B, 0x47, 0xC2, 0x1F, 0x89 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01 } -}, - - /* 256-bit keys */ -{ - 32, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x96, 0x00, 0xF0, 0x76, 0x91, 0x69, 0x29, 0x87, - 0xF5, 0xE5, 0x97, 0xDB, 0xDB, 0xAF, 0x1B, 0x0A }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 32, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x69, 0x9C, 0xAF, 0xDD, 0x94, 0xC7, 0xBC, 0x60, - 0x44, 0xFE, 0x02, 0x05, 0x8A, 0x6E, 0xEF, 0xBD }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -}, - - /* 288-bit keys */ -{ - 36, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x0F, 0xC7, 0xA2, 0xC0, 0x11, 0x17, 0xAC, 0x43, - 0x52, 0x5E, 0xDF, 0x6C, 0xF3, 0x96, 0x33, 0x6C }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } -}, { - 36, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xAD, 0x08, 0x4F, 0xED, 0x55, 0xA6, 0x94, 0x3E, - 0x7E, 0x5E, 0xED, 0x05, 0xA1, 0x9D, 0x41, 0xB4 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01 } -}, - - /* 320-bit keys */ -{ - 40, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xFE, 0xE2, 0x0E, 0x2A, 0x9D, 0xC5, 0x83, 0xBA, - 0xA3, 0xA6, 0xD6, 0xA6, 0xF2, 0xE8, 0x06, 0xA5 }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - 40, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x86, 0x3D, 0xCC, 0x4A, 0x60, 0x34, 0x9C, 0x28, - 0xA7, 0xDA, 0xA4, 0x3B, 0x0A, 0xD7, 0xFD, 0xC7 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -} -#endif -}; - int x, y; - unsigned char buf[2][16]; - symmetric_key skey; - - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { - anubis_setup(tests[x].key, tests[x].keylen, 0, &skey); - anubis_ecb_encrypt(tests[x].pt, buf[0], &skey); - anubis_ecb_decrypt(buf[0], buf[1], &skey); - if (compare_testvector(buf[0], 16, tests[x].ct, 16, "Anubis Encrypt", x) || - compare_testvector(buf[1], 16, tests[x].pt, 16, "Anubis Decrypt", x)) { - return CRYPT_FAIL_TESTVECTOR; - } - - for (y = 0; y < 1000; y++) anubis_ecb_encrypt(buf[0], buf[0], &skey); - for (y = 0; y < 1000; y++) anubis_ecb_decrypt(buf[0], buf[0], &skey); - if (compare_testvector(buf[0], 16, tests[x].ct, 16, "Anubis 1000", 1000)) { - return CRYPT_FAIL_TESTVECTOR; - } - - } - return CRYPT_OK; -#endif -} - -/** Terminate the context - @param skey The scheduled key -*/ -void anubis_done(symmetric_key *skey) -{ - LTC_UNUSED_PARAM(skey); -} - -/** - Gets suitable key size - @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable. - @return CRYPT_OK if the input key size is acceptable. -*/ -int anubis_keysize(int *keysize) -{ - LTC_ARGCHK(keysize != NULL); - if (*keysize >= 40) { - *keysize = 40; - } else if (*keysize >= 36) { - *keysize = 36; - } else if (*keysize >= 32) { - *keysize = 32; - } else if (*keysize >= 28) { - *keysize = 28; - } else if (*keysize >= 24) { - *keysize = 24; - } else if (*keysize >= 20) { - *keysize = 20; - } else if (*keysize >= 16) { - *keysize = 16; - } else { - return CRYPT_INVALID_KEYSIZE; - } - return CRYPT_OK; -} - -#endif - - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/ciphers/camellia.c b/libtomcrypt/src/ciphers/camellia.c deleted file mode 100644 index 0a75087..0000000 --- a/libtomcrypt/src/ciphers/camellia.c +++ /dev/null @@ -1,726 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ - -/** - @file camellia.c - Implementation by Tom St Denis of Elliptic Semiconductor -*/ - -#include "tomcrypt.h" - -#ifdef LTC_CAMELLIA - -const struct ltc_cipher_descriptor camellia_desc = { - "camellia", - 23, - 16, 32, 16, 18, - &camellia_setup, - &camellia_ecb_encrypt, - &camellia_ecb_decrypt, - &camellia_test, - &camellia_done, - &camellia_keysize, - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL -}; - -static const ulong32 SP1110[] = { -0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00, 0xb3b3b300, 0x27272700, 0xc0c0c000, 0xe5e5e500, -0xe4e4e400, 0x85858500, 0x57575700, 0x35353500, 0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100, -0x23232300, 0xefefef00, 0x6b6b6b00, 0x93939300, 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100, -0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00, 0x1d1d1d00, 0x65656500, 0x92929200, 0xbdbdbd00, -0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00, 0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00, -0x3e3e3e00, 0x30303000, 0xdcdcdc00, 0x5f5f5f00, 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00, -0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00, 0xd5d5d500, 0x47474700, 0x5d5d5d00, 0x3d3d3d00, -0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600, 0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00, -0x8b8b8b00, 0x0d0d0d00, 0x9a9a9a00, 0x66666600, 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00, -0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000, 0xf0f0f000, 0xb1b1b100, 0x84848400, 0x99999900, -0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200, 0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500, -0x6d6d6d00, 0xb7b7b700, 0xa9a9a900, 0x31313100, 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700, -0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100, 0xdedede00, 0x1b1b1b00, 0x11111100, 0x1c1c1c00, -0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600, 0x53535300, 0x18181800, 0xf2f2f200, 0x22222200, -0xfefefe00, 0x44444400, 0xcfcfcf00, 0xb2b2b200, 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100, -0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800, 0x60606000, 0xfcfcfc00, 0x69696900, 0x50505000, -0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00, 0xa1a1a100, 0x89898900, 0x62626200, 0x97979700, -0x54545400, 0x5b5b5b00, 0x1e1e1e00, 0x95959500, 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200, -0x10101000, 0xc4c4c400, 0x00000000, 0x48484800, 0xa3a3a300, 0xf7f7f700, 0x75757500, 0xdbdbdb00, -0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00, 0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400, -0x87878700, 0x5c5c5c00, 0x83838300, 0x02020200, 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300, -0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300, 0x9d9d9d00, 0x7f7f7f00, 0xbfbfbf00, 0xe2e2e200, -0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600, 0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00, -0x81818100, 0x96969600, 0x6f6f6f00, 0x4b4b4b00, 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00, -0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00, 0x9f9f9f00, 0x6e6e6e00, 0xbcbcbc00, 0x8e8e8e00, -0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600, 0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900, -0x78787800, 0x98989800, 0x06060600, 0x6a6a6a00, 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00, -0xd4d4d400, 0x25252500, 0xababab00, 0x42424200, 0x88888800, 0xa2a2a200, 0x8d8d8d00, 0xfafafa00, -0x72727200, 0x07070700, 0xb9b9b900, 0x55555500, 0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00, -0x36363600, 0x49494900, 0x2a2a2a00, 0x68686800, 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400, -0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00, 0xbbbbbb00, 0xc9c9c900, 0x43434300, 0xc1c1c100, -0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400, 0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00, -}; - -static const ulong32 SP0222[] = { -0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9, 0x00676767, 0x004e4e4e, 0x00818181, 0x00cbcbcb, -0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a, 0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282, -0x00464646, 0x00dfdfdf, 0x00d6d6d6, 0x00272727, 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242, -0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c, 0x003a3a3a, 0x00cacaca, 0x00252525, 0x007b7b7b, -0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f, 0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d, -0x007c7c7c, 0x00606060, 0x00b9b9b9, 0x00bebebe, 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434, -0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595, 0x00ababab, 0x008e8e8e, 0x00bababa, 0x007a7a7a, -0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad, 0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a, -0x00171717, 0x001a1a1a, 0x00353535, 0x00cccccc, 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a, -0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040, 0x00e1e1e1, 0x00636363, 0x00090909, 0x00333333, -0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585, 0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a, -0x00dadada, 0x006f6f6f, 0x00535353, 0x00626262, 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf, -0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2, 0x00bdbdbd, 0x00363636, 0x00222222, 0x00383838, -0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c, 0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444, -0x00fdfdfd, 0x00888888, 0x009f9f9f, 0x00656565, 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323, -0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151, 0x00c0c0c0, 0x00f9f9f9, 0x00d2d2d2, 0x00a0a0a0, -0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa, 0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f, -0x00a8a8a8, 0x00b6b6b6, 0x003c3c3c, 0x002b2b2b, 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5, -0x00202020, 0x00898989, 0x00000000, 0x00909090, 0x00474747, 0x00efefef, 0x00eaeaea, 0x00b7b7b7, -0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5, 0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929, -0x000f0f0f, 0x00b8b8b8, 0x00070707, 0x00040404, 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666, -0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7, 0x003b3b3b, 0x00fefefe, 0x007f7f7f, 0x00c5c5c5, -0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c, 0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676, -0x00030303, 0x002d2d2d, 0x00dedede, 0x00969696, 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c, -0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919, 0x003f3f3f, 0x00dcdcdc, 0x00797979, 0x001d1d1d, -0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d, 0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2, -0x00f0f0f0, 0x00313131, 0x000c0c0c, 0x00d4d4d4, 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575, -0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484, 0x00111111, 0x00454545, 0x001b1b1b, 0x00f5f5f5, -0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa, 0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414, -0x006c6c6c, 0x00929292, 0x00545454, 0x00d0d0d0, 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949, -0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6, 0x00777777, 0x00939393, 0x00868686, 0x00838383, -0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9, 0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d, -}; - -static const ulong32 SP3033[] = { -0x38003838, 0x41004141, 0x16001616, 0x76007676, 0xd900d9d9, 0x93009393, 0x60006060, 0xf200f2f2, -0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a, 0x75007575, 0x06000606, 0x57005757, 0xa000a0a0, -0x91009191, 0xf700f7f7, 0xb500b5b5, 0xc900c9c9, 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090, -0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727, 0x8e008e8e, 0xb200b2b2, 0x49004949, 0xde00dede, -0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7, 0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767, -0x1f001f1f, 0x18001818, 0x6e006e6e, 0xaf00afaf, 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d, -0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565, 0xea00eaea, 0xa300a3a3, 0xae00aeae, 0x9e009e9e, -0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b, 0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6, -0xc500c5c5, 0x86008686, 0x4d004d4d, 0x33003333, 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696, -0x3a003a3a, 0x09000909, 0x95009595, 0x10001010, 0x78007878, 0xd800d8d8, 0x42004242, 0xcc00cccc, -0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161, 0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282, -0xb600b6b6, 0xdb00dbdb, 0xd400d4d4, 0x98009898, 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb, -0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0, 0x6f006f6f, 0x8d008d8d, 0x88008888, 0x0e000e0e, -0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b, 0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111, -0x7f007f7f, 0x22002222, 0xe700e7e7, 0x59005959, 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8, -0x12001212, 0x04000404, 0x74007474, 0x54005454, 0x30003030, 0x7e007e7e, 0xb400b4b4, 0x28002828, -0x55005555, 0x68006868, 0x50005050, 0xbe00bebe, 0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb, -0x2a002a2a, 0xad00adad, 0x0f000f0f, 0xca00caca, 0x70007070, 0xff00ffff, 0x32003232, 0x69006969, -0x08000808, 0x62006262, 0x00000000, 0x24002424, 0xd100d1d1, 0xfb00fbfb, 0xba00baba, 0xed00eded, -0x45004545, 0x81008181, 0x73007373, 0x6d006d6d, 0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a, -0xc300c3c3, 0x2e002e2e, 0xc100c1c1, 0x01000101, 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999, -0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9, 0xce00cece, 0xbf00bfbf, 0xdf00dfdf, 0x71007171, -0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313, 0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d, -0xc000c0c0, 0x4b004b4b, 0xb700b7b7, 0xa500a5a5, 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717, -0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646, 0xcf00cfcf, 0x37003737, 0x5e005e5e, 0x47004747, -0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b, 0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac, -0x3c003c3c, 0x4c004c4c, 0x03000303, 0x35003535, 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d, -0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121, 0x44004444, 0x51005151, 0xc600c6c6, 0x7d007d7d, -0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa, 0x7c007c7c, 0x77007777, 0x56005656, 0x05000505, -0x1b001b1b, 0xa400a4a4, 0x15001515, 0x34003434, 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252, -0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd, 0xdd00dddd, 0xe400e4e4, 0xa100a1a1, 0xe000e0e0, -0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a, 0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f, -}; - -static const ulong32 SP4404[] = { -0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0, 0xe4e400e4, 0x57570057, 0xeaea00ea, 0xaeae00ae, -0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5, 0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092, -0x86860086, 0xafaf00af, 0x7c7c007c, 0x1f1f001f, 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b, -0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d, 0xd9d900d9, 0x5a5a005a, 0x51510051, 0x6c6c006c, -0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0, 0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084, -0xdfdf00df, 0xcbcb00cb, 0x34340034, 0x76760076, 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004, -0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011, 0x32320032, 0x9c9c009c, 0x53530053, 0xf2f200f2, -0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a, 0x24240024, 0xe8e800e8, 0x60600060, 0x69690069, -0xaaaa00aa, 0xa0a000a0, 0xa1a100a1, 0x62620062, 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064, -0x10100010, 0x00000000, 0xa3a300a3, 0x75750075, 0x8a8a008a, 0xe6e600e6, 0x09090009, 0xdddd00dd, -0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090, 0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf, -0x52520052, 0xd8d800d8, 0xc8c800c8, 0xc6c600c6, 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063, -0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc, 0x29290029, 0xf9f900f9, 0x2f2f002f, 0xb4b400b4, -0x78780078, 0x06060006, 0xe7e700e7, 0x71710071, 0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d, -0x72720072, 0xb9b900b9, 0xf8f800f8, 0xacac00ac, 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1, -0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043, 0x15150015, 0xadad00ad, 0x77770077, 0x80800080, -0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5, 0x85850085, 0x35350035, 0x0c0c000c, 0x41410041, -0xefef00ef, 0x93930093, 0x19190019, 0x21210021, 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd, -0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce, 0x30300030, 0x5f5f005f, 0xc5c500c5, 0x1a1a001a, -0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d, 0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d, -0x0d0d000d, 0x66660066, 0xcccc00cc, 0x2d2d002d, 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099, -0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005, 0xb7b700b7, 0x31310031, 0x17170017, 0xd7d700d7, -0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c, 0x0f0f000f, 0x16160016, 0x18180018, 0x22220022, -0x44440044, 0xb2b200b2, 0xb5b500b5, 0x91910091, 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050, -0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097, 0x5b5b005b, 0x95950095, 0xffff00ff, 0xd2d200d2, -0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db, 0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094, -0x5c5c005c, 0x02020002, 0x4a4a004a, 0x33330033, 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2, -0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b, 0x96960096, 0x4b4b004b, 0xbebe00be, 0x2e2e002e, -0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e, 0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059, -0x98980098, 0x6a6a006a, 0x46460046, 0xbaba00ba, 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa, -0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a, 0x49490049, 0x68680068, 0x38380038, 0xa4a400a4, -0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1, 0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e, -}; - -static const ulong64 key_sigma[] = { - CONST64(0xA09E667F3BCC908B), - CONST64(0xB67AE8584CAA73B2), - CONST64(0xC6EF372FE94F82BE), - CONST64(0x54FF53A5F1D36F1C), - CONST64(0x10E527FADE682D1D), - CONST64(0xB05688C2B3E6C1FD) -}; - -static ulong64 F(ulong64 x) -{ - ulong32 D, U; - -#define loc(i) ((8-i)*8) - - D = SP1110[(x >> loc(8)) & 0xFF] ^ SP0222[(x >> loc(5)) & 0xFF] ^ SP3033[(x >> loc(6)) & 0xFF] ^ SP4404[(x >> loc(7)) & 0xFF]; - U = SP1110[(x >> loc(1)) & 0xFF] ^ SP0222[(x >> loc(2)) & 0xFF] ^ SP3033[(x >> loc(3)) & 0xFF] ^ SP4404[(x >> loc(4)) & 0xFF]; - - D ^= U; - U = D ^ RORc(U, 8); - - return ((ulong64)U) | (((ulong64)D) << CONST64(32)); -} - -static void rot_128(unsigned char *in, unsigned count, unsigned char *out) -{ - unsigned x, w, b; - - w = count >> 3; - b = count & 7; - - for (x = 0; x < 16; x++) { - out[x] = (in[(x+w)&15] << b) | (in[(x+w+1)&15] >> (8 - b)); - } -} - -int camellia_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) -{ - unsigned char T[48], kA[16], kB[16], kR[16], kL[16]; - int x; - ulong64 A, B; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(skey != NULL); - - /* Valid sizes (in bytes) are 16, 24, 32 */ - if (keylen != 16 && keylen != 24 && keylen != 32) { - return CRYPT_INVALID_KEYSIZE; - } - - /* number of rounds */ - skey->camellia.R = (keylen == 16) ? 18 : 24; - - if (num_rounds != 0 && num_rounds != skey->camellia.R) { - return CRYPT_INVALID_ROUNDS; - } - - /* expand key */ - if (keylen == 16) { - for (x = 0; x < 16; x++) { - T[x] = key[x]; - T[x + 16] = 0; - } - } else if (keylen == 24) { - for (x = 0; x < 24; x++) { - T[x] = key[x]; - } - for (x = 24; x < 32; x++) { - T[x] = key[x-8] ^ 0xFF; - } - } else { - for (x = 0; x < 32; x++) { - T[x] = key[x]; - } - } - - for (x = 0; x < 16; x++) { - kL[x] = T[x]; - kR[x] = T[x + 16]; - } - - for (x = 32; x < 48; x++) { - T[x] = T[x - 32] ^ T[x - 16]; - } - - /* first two rounds */ - LOAD64H(A, T+32); LOAD64H(B, T+40); - B ^= F(A ^ key_sigma[0]); - A ^= F(B ^ key_sigma[1]); - STORE64H(A, T+32); STORE64H(B, T+40); - - /* xor kL in */ - for (x = 0; x < 16; x++) { T[x+32] ^= kL[x]; } - - /* next two rounds */ - LOAD64H(A, T+32); LOAD64H(B, T+40); - B ^= F(A ^ key_sigma[2]); - A ^= F(B ^ key_sigma[3]); - STORE64H(A, T+32); STORE64H(B, T+40); - - /* grab KA */ - for (x = 0; x < 16; x++) { kA[x] = T[x+32]; } - - /* xor kR in */ - for (x = 0; x < 16; x++) { T[x+32] ^= kR[x]; } - - if (keylen == 16) { - /* grab whitening keys kw1 and kw2 */ - LOAD64H(skey->camellia.kw[0], kL); - LOAD64H(skey->camellia.kw[1], kL+8); - - /* k1-k2 */ - LOAD64H(skey->camellia.k[0], kA); - LOAD64H(skey->camellia.k[1], kA+8); - - /* rotate kL by 15, k3/k4 */ - rot_128(kL, 15, T+32); - LOAD64H(skey->camellia.k[2], T+32); - LOAD64H(skey->camellia.k[3], T+40); - - /* rotate kA by 15, k5/k6 */ - rot_128(kA, 15, T+32); - LOAD64H(skey->camellia.k[4], T+32); - LOAD64H(skey->camellia.k[5], T+40); - - /* rotate kA by 30, kl1, kl2 */ - rot_128(kA, 30, T+32); - LOAD64H(skey->camellia.kl[0], T+32); - LOAD64H(skey->camellia.kl[1], T+40); - - /* rotate kL by 45, k7/k8 */ - rot_128(kL, 45, T+32); - LOAD64H(skey->camellia.k[6], T+32); - LOAD64H(skey->camellia.k[7], T+40); - - /* rotate kA by 45, k9/k10 */ - rot_128(kA, 45, T+32); - LOAD64H(skey->camellia.k[8], T+32); - rot_128(kL, 60, T+32); - LOAD64H(skey->camellia.k[9], T+40); - - /* rotate kA by 60, k11/k12 */ - rot_128(kA, 60, T+32); - LOAD64H(skey->camellia.k[10], T+32); - LOAD64H(skey->camellia.k[11], T+40); - - /* rotate kL by 77, kl3, kl4 */ - rot_128(kL, 77, T+32); - LOAD64H(skey->camellia.kl[2], T+32); - LOAD64H(skey->camellia.kl[3], T+40); - - /* rotate kL by 94, k13/k14 */ - rot_128(kL, 94, T+32); - LOAD64H(skey->camellia.k[12], T+32); - LOAD64H(skey->camellia.k[13], T+40); - - /* rotate kA by 94, k15/k16 */ - rot_128(kA, 94, T+32); - LOAD64H(skey->camellia.k[14], T+32); - LOAD64H(skey->camellia.k[15], T+40); - - /* rotate kL by 111, k17/k18 */ - rot_128(kL, 111, T+32); - LOAD64H(skey->camellia.k[16], T+32); - LOAD64H(skey->camellia.k[17], T+40); - - /* rotate kA by 111, kw3/kw4 */ - rot_128(kA, 111, T+32); - LOAD64H(skey->camellia.kw[2], T+32); - LOAD64H(skey->camellia.kw[3], T+40); - } else { - /* last two rounds */ - LOAD64H(A, T+32); LOAD64H(B, T+40); - B ^= F(A ^ key_sigma[4]); - A ^= F(B ^ key_sigma[5]); - STORE64H(A, T+32); STORE64H(B, T+40); - - /* grab kB */ - for (x = 0; x < 16; x++) { kB[x] = T[x+32]; } - - /* kw1/2 from kL*/ - LOAD64H(skey->camellia.kw[0], kL); - LOAD64H(skey->camellia.kw[1], kL+8); - - /* k1/k2 = kB */ - LOAD64H(skey->camellia.k[0], kB); - LOAD64H(skey->camellia.k[1], kB+8); - - /* k3/k4 = kR by 15 */ - rot_128(kR, 15, T+32); - LOAD64H(skey->camellia.k[2], T+32); - LOAD64H(skey->camellia.k[3], T+40); - - /* k5/k7 = kA by 15 */ - rot_128(kA, 15, T+32); - LOAD64H(skey->camellia.k[4], T+32); - LOAD64H(skey->camellia.k[5], T+40); - - /* kl1/2 = kR by 30 */ - rot_128(kR, 30, T+32); - LOAD64H(skey->camellia.kl[0], T+32); - LOAD64H(skey->camellia.kl[1], T+40); - - /* k7/k8 = kB by 30 */ - rot_128(kB, 30, T+32); - LOAD64H(skey->camellia.k[6], T+32); - LOAD64H(skey->camellia.k[7], T+40); - - /* k9/k10 = kL by 45 */ - rot_128(kL, 45, T+32); - LOAD64H(skey->camellia.k[8], T+32); - LOAD64H(skey->camellia.k[9], T+40); - - /* k11/k12 = kA by 45 */ - rot_128(kA, 45, T+32); - LOAD64H(skey->camellia.k[10], T+32); - LOAD64H(skey->camellia.k[11], T+40); - - /* kl3/4 = kL by 60 */ - rot_128(kL, 60, T+32); - LOAD64H(skey->camellia.kl[2], T+32); - LOAD64H(skey->camellia.kl[3], T+40); - - /* k13/k14 = kR by 60 */ - rot_128(kR, 60, T+32); - LOAD64H(skey->camellia.k[12], T+32); - LOAD64H(skey->camellia.k[13], T+40); - - /* k15/k16 = kB by 15 */ - rot_128(kB, 60, T+32); - LOAD64H(skey->camellia.k[14], T+32); - LOAD64H(skey->camellia.k[15], T+40); - - /* k17/k18 = kL by 77 */ - rot_128(kL, 77, T+32); - LOAD64H(skey->camellia.k[16], T+32); - LOAD64H(skey->camellia.k[17], T+40); - - /* kl5/6 = kA by 77 */ - rot_128(kA, 77, T+32); - LOAD64H(skey->camellia.kl[4], T+32); - LOAD64H(skey->camellia.kl[5], T+40); - - /* k19/k20 = kR by 94 */ - rot_128(kR, 94, T+32); - LOAD64H(skey->camellia.k[18], T+32); - LOAD64H(skey->camellia.k[19], T+40); - - /* k21/k22 = kA by 94 */ - rot_128(kA, 94, T+32); - LOAD64H(skey->camellia.k[20], T+32); - LOAD64H(skey->camellia.k[21], T+40); - - /* k23/k24 = kL by 111 */ - rot_128(kL, 111, T+32); - LOAD64H(skey->camellia.k[22], T+32); - LOAD64H(skey->camellia.k[23], T+40); - - /* kw2/kw3 = kB by 111 */ - rot_128(kB, 111, T+32); - LOAD64H(skey->camellia.kw[2], T+32); - LOAD64H(skey->camellia.kw[3], T+40); - } - - return CRYPT_OK; -} - -int camellia_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -{ - ulong64 L, R; - ulong32 a, b; - - LOAD64H(L, pt+0); LOAD64H(R, pt+8); - L ^= skey->camellia.kw[0]; - R ^= skey->camellia.kw[1]; - - /* first 6 rounds */ - R ^= F(L ^ skey->camellia.k[0]); - L ^= F(R ^ skey->camellia.k[1]); - R ^= F(L ^ skey->camellia.k[2]); - L ^= F(R ^ skey->camellia.k[3]); - R ^= F(L ^ skey->camellia.k[4]); - L ^= F(R ^ skey->camellia.k[5]); - - /* FL */ - a = (ulong32)(L >> 32); - b = (ulong32)(L & 0xFFFFFFFFUL); - b ^= ROL((a & (ulong32)(skey->camellia.kl[0] >> 32)), 1); - a ^= b | (skey->camellia.kl[0] & 0xFFFFFFFFU); - L = (((ulong64)a) << 32) | b; - - /* FL^-1 */ - a = (ulong32)(R >> 32); - b = (ulong32)(R & 0xFFFFFFFFUL); - a ^= b | (skey->camellia.kl[1] & 0xFFFFFFFFU); - b ^= ROL((a & (ulong32)(skey->camellia.kl[1] >> 32)), 1); - R = (((ulong64)a) << 32) | b; - - /* second 6 rounds */ - R ^= F(L ^ skey->camellia.k[6]); - L ^= F(R ^ skey->camellia.k[7]); - R ^= F(L ^ skey->camellia.k[8]); - L ^= F(R ^ skey->camellia.k[9]); - R ^= F(L ^ skey->camellia.k[10]); - L ^= F(R ^ skey->camellia.k[11]); - - /* FL */ - a = (ulong32)(L >> 32); - b = (ulong32)(L & 0xFFFFFFFFUL); - b ^= ROL((a & (ulong32)(skey->camellia.kl[2] >> 32)), 1); - a ^= b | (skey->camellia.kl[2] & 0xFFFFFFFFU); - L = (((ulong64)a) << 32) | b; - - /* FL^-1 */ - a = (ulong32)(R >> 32); - b = (ulong32)(R & 0xFFFFFFFFUL); - a ^= b | (skey->camellia.kl[3] & 0xFFFFFFFFU); - b ^= ROL((a & (ulong32)(skey->camellia.kl[3] >> 32)), 1); - R = (((ulong64)a) << 32) | b; - - /* third 6 rounds */ - R ^= F(L ^ skey->camellia.k[12]); - L ^= F(R ^ skey->camellia.k[13]); - R ^= F(L ^ skey->camellia.k[14]); - L ^= F(R ^ skey->camellia.k[15]); - R ^= F(L ^ skey->camellia.k[16]); - L ^= F(R ^ skey->camellia.k[17]); - - /* next FL */ - if (skey->camellia.R == 24) { - /* FL */ - a = (ulong32)(L >> 32); - b = (ulong32)(L & 0xFFFFFFFFUL); - b ^= ROL((a & (ulong32)(skey->camellia.kl[4] >> 32)), 1); - a ^= b | (skey->camellia.kl[4] & 0xFFFFFFFFU); - L = (((ulong64)a) << 32) | b; - - /* FL^-1 */ - a = (ulong32)(R >> 32); - b = (ulong32)(R & 0xFFFFFFFFUL); - a ^= b | (skey->camellia.kl[5] & 0xFFFFFFFFU); - b ^= ROL((a & (ulong32)(skey->camellia.kl[5] >> 32)), 1); - R = (((ulong64)a) << 32) | b; - - /* fourth 6 rounds */ - R ^= F(L ^ skey->camellia.k[18]); - L ^= F(R ^ skey->camellia.k[19]); - R ^= F(L ^ skey->camellia.k[20]); - L ^= F(R ^ skey->camellia.k[21]); - R ^= F(L ^ skey->camellia.k[22]); - L ^= F(R ^ skey->camellia.k[23]); - } - - L ^= skey->camellia.kw[3]; - R ^= skey->camellia.kw[2]; - - STORE64H(R, ct+0); STORE64H(L, ct+8); - - return CRYPT_OK; -} - -int camellia_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -{ - ulong64 L, R; - ulong32 a, b; - - LOAD64H(R, ct+0); LOAD64H(L, ct+8); - L ^= skey->camellia.kw[3]; - R ^= skey->camellia.kw[2]; - - /* next FL */ - if (skey->camellia.R == 24) { - /* fourth 6 rounds */ - L ^= F(R ^ skey->camellia.k[23]); - R ^= F(L ^ skey->camellia.k[22]); - L ^= F(R ^ skey->camellia.k[21]); - R ^= F(L ^ skey->camellia.k[20]); - L ^= F(R ^ skey->camellia.k[19]); - R ^= F(L ^ skey->camellia.k[18]); - - /* FL */ - a = (ulong32)(L >> 32); - b = (ulong32)(L & 0xFFFFFFFFUL); - a ^= b | (skey->camellia.kl[4] & 0xFFFFFFFFU); - b ^= ROL((a & (ulong32)(skey->camellia.kl[4] >> 32)), 1); - L = (((ulong64)a) << 32) | b; - - /* FL^-1 */ - a = (ulong32)(R >> 32); - b = (ulong32)(R & 0xFFFFFFFFUL); - b ^= ROL((a & (ulong32)(skey->camellia.kl[5] >> 32)), 1); - a ^= b | (skey->camellia.kl[5] & 0xFFFFFFFFU); - R = (((ulong64)a) << 32) | b; - - } - - /* third 6 rounds */ - L ^= F(R ^ skey->camellia.k[17]); - R ^= F(L ^ skey->camellia.k[16]); - L ^= F(R ^ skey->camellia.k[15]); - R ^= F(L ^ skey->camellia.k[14]); - L ^= F(R ^ skey->camellia.k[13]); - R ^= F(L ^ skey->camellia.k[12]); - - /* FL */ - a = (ulong32)(L >> 32); - b = (ulong32)(L & 0xFFFFFFFFUL); - a ^= b | (skey->camellia.kl[2] & 0xFFFFFFFFU); - b ^= ROL((a & (ulong32)(skey->camellia.kl[2] >> 32)), 1); - L = (((ulong64)a) << 32) | b; - - /* FL^-1 */ - a = (ulong32)(R >> 32); - b = (ulong32)(R & 0xFFFFFFFFUL); - b ^= ROL((a & (ulong32)(skey->camellia.kl[3] >> 32)), 1); - a ^= b | (skey->camellia.kl[3] & 0xFFFFFFFFU); - R = (((ulong64)a) << 32) | b; - - /* second 6 rounds */ - L ^= F(R ^ skey->camellia.k[11]); - R ^= F(L ^ skey->camellia.k[10]); - L ^= F(R ^ skey->camellia.k[9]); - R ^= F(L ^ skey->camellia.k[8]); - L ^= F(R ^ skey->camellia.k[7]); - R ^= F(L ^ skey->camellia.k[6]); - - /* FL */ - a = (ulong32)(L >> 32); - b = (ulong32)(L & 0xFFFFFFFFUL); - a ^= b | (skey->camellia.kl[0] & 0xFFFFFFFFU); - b ^= ROL((a & (ulong32)(skey->camellia.kl[0] >> 32)), 1); - L = (((ulong64)a) << 32) | b; - - /* FL^-1 */ - a = (ulong32)(R >> 32); - b = (ulong32)(R & 0xFFFFFFFFUL); - b ^= ROL((a & (ulong32)(skey->camellia.kl[1] >> 32)), 1); - a ^= b | (skey->camellia.kl[1] & 0xFFFFFFFFU); - R = (((ulong64)a) << 32) | b; - - /* first 6 rounds */ - L ^= F(R ^ skey->camellia.k[5]); - R ^= F(L ^ skey->camellia.k[4]); - L ^= F(R ^ skey->camellia.k[3]); - R ^= F(L ^ skey->camellia.k[2]); - L ^= F(R ^ skey->camellia.k[1]); - R ^= F(L ^ skey->camellia.k[0]); - - R ^= skey->camellia.kw[1]; - L ^= skey->camellia.kw[0]; - - STORE64H(R, pt+8); STORE64H(L, pt+0); - - return CRYPT_OK; -} - -int camellia_test(void) -{ - static const struct { - int keylen; - unsigned char key[32], pt[16], ct[16]; - } tests[] = { - -{ - 16, - { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, - 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, - { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, - 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, - { 0x67, 0x67, 0x31, 0x38, 0x54, 0x96, 0x69, 0x73, - 0x08, 0x57, 0x06, 0x56, 0x48, 0xea, 0xbe, 0x43 } -}, - -{ - 24, - { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, - 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, - 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 }, - { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, - 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, - { 0xb4, 0x99, 0x34, 0x01, 0xb3, 0xe9, 0x96, 0xf8, - 0x4e, 0xe5, 0xce, 0xe7, 0xd7, 0x9b, 0x09, 0xb9 } -}, - - -{ - 32, - { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, - 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, - 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, - 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }, - { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, - 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, - { 0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c, - 0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09 } -}, - -{ - 32, - { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, - 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, - 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, - 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 }, - { 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17, - 0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10 }, - { 0x79, 0x60, 0x10, 0x9F, 0xB6, 0xDC, 0x42, 0x94, - 0x7F, 0xCF, 0xE5, 0x9E, 0xA3, 0xC5, 0xEB, 0x6B } -} -}; - unsigned char buf[2][16]; - symmetric_key skey; - int err; - unsigned int x; - - for (x = 0; x < sizeof(tests)/sizeof(tests[0]); x++) { - zeromem(&skey, sizeof(skey)); - if ((err = camellia_setup(tests[x].key, tests[x].keylen, 0, &skey)) != CRYPT_OK) { - return err; - } - if ((err = camellia_ecb_encrypt(tests[x].pt, buf[0], &skey)) != CRYPT_OK) { - camellia_done(&skey); - return err; - } - if ((err = camellia_ecb_decrypt(tests[x].ct, buf[1], &skey)) != CRYPT_OK) { - camellia_done(&skey); - return err; - } - camellia_done(&skey); - if (compare_testvector(tests[x].ct, 16, buf[0], 16, "Camellia Encrypt", x) || - compare_testvector(tests[x].pt, 16, buf[1], 16, "Camellia Decrypt", x)) { - return CRYPT_FAIL_TESTVECTOR; - } - } - return CRYPT_OK; -} - -void camellia_done(symmetric_key *skey) -{ - LTC_UNUSED_PARAM(skey); -} - -int camellia_keysize(int *keysize) -{ - if (*keysize >= 32) { *keysize = 32; } - else if (*keysize >= 24) { *keysize = 24; } - else if (*keysize >= 16) { *keysize = 16; } - else return CRYPT_INVALID_KEYSIZE; - return CRYPT_OK; -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/ciphers/kasumi.c b/libtomcrypt/src/ciphers/kasumi.c deleted file mode 100644 index 7c2add5..0000000 --- a/libtomcrypt/src/ciphers/kasumi.c +++ /dev/null @@ -1,318 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ - -/** - @file kasumi.c - Implementation of the 3GPP Kasumi block cipher - Derived from the 3GPP standard source code -*/ - -#include "tomcrypt.h" - -#ifdef LTC_KASUMI - -typedef unsigned u16; - -#define ROL16(x, y) ((((x)<<(y)) | ((x)>>(16-(y)))) & 0xFFFF) - -const struct ltc_cipher_descriptor kasumi_desc = { - "kasumi", - 21, - 16, 16, 8, 8, - &kasumi_setup, - &kasumi_ecb_encrypt, - &kasumi_ecb_decrypt, - &kasumi_test, - &kasumi_done, - &kasumi_keysize, - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL -}; - -static u16 FI( u16 in, u16 subkey ) -{ - u16 nine, seven; - static const u16 S7[128] = { - 54, 50, 62, 56, 22, 34, 94, 96, 38, 6, 63, 93, 2, 18,123, 33, - 55,113, 39,114, 21, 67, 65, 12, 47, 73, 46, 27, 25,111,124, 81, - 53, 9,121, 79, 52, 60, 58, 48,101,127, 40,120,104, 70, 71, 43, - 20,122, 72, 61, 23,109, 13,100, 77, 1, 16, 7, 82, 10,105, 98, - 117,116, 76, 11, 89,106, 0,125,118, 99, 86, 69, 30, 57,126, 87, - 112, 51, 17, 5, 95, 14, 90, 84, 91, 8, 35,103, 32, 97, 28, 66, - 102, 31, 26, 45, 75, 4, 85, 92, 37, 74, 80, 49, 68, 29,115, 44, - 64,107,108, 24,110, 83, 36, 78, 42, 19, 15, 41, 88,119, 59, 3 }; - static const u16 S9[512] = { - 167,239,161,379,391,334, 9,338, 38,226, 48,358,452,385, 90,397, - 183,253,147,331,415,340, 51,362,306,500,262, 82,216,159,356,177, - 175,241,489, 37,206, 17, 0,333, 44,254,378, 58,143,220, 81,400, - 95, 3,315,245, 54,235,218,405,472,264,172,494,371,290,399, 76, - 165,197,395,121,257,480,423,212,240, 28,462,176,406,507,288,223, - 501,407,249,265, 89,186,221,428,164, 74,440,196,458,421,350,163, - 232,158,134,354, 13,250,491,142,191, 69,193,425,152,227,366,135, - 344,300,276,242,437,320,113,278, 11,243, 87,317, 36, 93,496, 27, - 487,446,482, 41, 68,156,457,131,326,403,339, 20, 39,115,442,124, - 475,384,508, 53,112,170,479,151,126,169, 73,268,279,321,168,364, - 363,292, 46,499,393,327,324, 24,456,267,157,460,488,426,309,229, - 439,506,208,271,349,401,434,236, 16,209,359, 52, 56,120,199,277, - 465,416,252,287,246, 6, 83,305,420,345,153,502, 65, 61,244,282, - 173,222,418, 67,386,368,261,101,476,291,195,430, 49, 79,166,330, - 280,383,373,128,382,408,155,495,367,388,274,107,459,417, 62,454, - 132,225,203,316,234, 14,301, 91,503,286,424,211,347,307,140,374, - 35,103,125,427, 19,214,453,146,498,314,444,230,256,329,198,285, - 50,116, 78,410, 10,205,510,171,231, 45,139,467, 29, 86,505, 32, - 72, 26,342,150,313,490,431,238,411,325,149,473, 40,119,174,355, - 185,233,389, 71,448,273,372, 55,110,178,322, 12,469,392,369,190, - 1,109,375,137,181, 88, 75,308,260,484, 98,272,370,275,412,111, - 336,318, 4,504,492,259,304, 77,337,435, 21,357,303,332,483, 18, - 47, 85, 25,497,474,289,100,269,296,478,270,106, 31,104,433, 84, - 414,486,394, 96, 99,154,511,148,413,361,409,255,162,215,302,201, - 266,351,343,144,441,365,108,298,251, 34,182,509,138,210,335,133, - 311,352,328,141,396,346,123,319,450,281,429,228,443,481, 92,404, - 485,422,248,297, 23,213,130,466, 22,217,283, 70,294,360,419,127, - 312,377, 7,468,194, 2,117,295,463,258,224,447,247,187, 80,398, - 284,353,105,390,299,471,470,184, 57,200,348, 63,204,188, 33,451, - 97, 30,310,219, 94,160,129,493, 64,179,263,102,189,207,114,402, - 438,477,387,122,192, 42,381, 5,145,118,180,449,293,323,136,380, - 43, 66, 60,455,341,445,202,432, 8,237, 15,376,436,464, 59,461}; - - /* The sixteen bit input is split into two unequal halves, * - * nine bits and seven bits - as is the subkey */ - - nine = (u16)(in>>7)&0x1FF; - seven = (u16)(in&0x7F); - - /* Now run the various operations */ - nine = (u16)(S9[nine] ^ seven); - seven = (u16)(S7[seven] ^ (nine & 0x7F)); - seven ^= (subkey>>9); - nine ^= (subkey&0x1FF); - nine = (u16)(S9[nine] ^ seven); - seven = (u16)(S7[seven] ^ (nine & 0x7F)); - return (u16)(seven<<9) + nine; -} - -static ulong32 FO( ulong32 in, int round_no, symmetric_key *key) -{ - u16 left, right; - - /* Split the input into two 16-bit words */ - left = (u16)(in>>16); - right = (u16) in&0xFFFF; - - /* Now apply the same basic transformation three times */ - left ^= key->kasumi.KOi1[round_no]; - left = FI( left, key->kasumi.KIi1[round_no] ); - left ^= right; - - right ^= key->kasumi.KOi2[round_no]; - right = FI( right, key->kasumi.KIi2[round_no] ); - right ^= left; - - left ^= key->kasumi.KOi3[round_no]; - left = FI( left, key->kasumi.KIi3[round_no] ); - left ^= right; - - return (((ulong32)right)<<16)+left; -} - -static ulong32 FL( ulong32 in, int round_no, symmetric_key *key ) -{ - u16 l, r, a, b; - /* split out the left and right halves */ - l = (u16)(in>>16); - r = (u16)(in)&0xFFFF; - /* do the FL() operations */ - a = (u16) (l & key->kasumi.KLi1[round_no]); - r ^= ROL16(a,1); - b = (u16)(r | key->kasumi.KLi2[round_no]); - l ^= ROL16(b,1); - /* put the two halves back together */ - - return (((ulong32)l)<<16) + r; -} - -int kasumi_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -{ - ulong32 left, right, temp; - int n; - - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - LTC_ARGCHK(skey != NULL); - - LOAD32H(left, pt); - LOAD32H(right, pt+4); - - for (n = 0; n <= 7; ) { - temp = FL(left, n, skey); - temp = FO(temp, n++, skey); - right ^= temp; - temp = FO(right, n, skey); - temp = FL(temp, n++, skey); - left ^= temp; - } - - STORE32H(left, ct); - STORE32H(right, ct+4); - - return CRYPT_OK; -} - -int kasumi_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -{ - ulong32 left, right, temp; - int n; - - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - LTC_ARGCHK(skey != NULL); - - LOAD32H(left, ct); - LOAD32H(right, ct+4); - - for (n = 7; n >= 0; ) { - temp = FO(right, n, skey); - temp = FL(temp, n--, skey); - left ^= temp; - temp = FL(left, n, skey); - temp = FO(temp, n--, skey); - right ^= temp; - } - - STORE32H(left, pt); - STORE32H(right, pt+4); - - return CRYPT_OK; -} - -int kasumi_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) -{ - static const u16 C[8] = { 0x0123,0x4567,0x89AB,0xCDEF, 0xFEDC,0xBA98,0x7654,0x3210 }; - u16 ukey[8], Kprime[8]; - int n; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(skey != NULL); - - if (keylen != 16) { - return CRYPT_INVALID_KEYSIZE; - } - - if (num_rounds != 0 && num_rounds != 8) { - return CRYPT_INVALID_ROUNDS; - } - - /* Start by ensuring the subkeys are endian correct on a 16-bit basis */ - for (n = 0; n < 8; n++ ) { - ukey[n] = (((u16)key[2*n]) << 8) | key[2*n+1]; - } - - /* Now build the K'[] keys */ - for (n = 0; n < 8; n++) { - Kprime[n] = ukey[n] ^ C[n]; - } - - /* Finally construct the various sub keys */ - for(n = 0; n < 8; n++) { - skey->kasumi.KLi1[n] = ROL16(ukey[n],1); - skey->kasumi.KLi2[n] = Kprime[(n+2)&0x7]; - skey->kasumi.KOi1[n] = ROL16(ukey[(n+1)&0x7],5); - skey->kasumi.KOi2[n] = ROL16(ukey[(n+5)&0x7],8); - skey->kasumi.KOi3[n] = ROL16(ukey[(n+6)&0x7],13); - skey->kasumi.KIi1[n] = Kprime[(n+4)&0x7]; - skey->kasumi.KIi2[n] = Kprime[(n+3)&0x7]; - skey->kasumi.KIi3[n] = Kprime[(n+7)&0x7]; - } - - return CRYPT_OK; -} - -void kasumi_done(symmetric_key *skey) -{ - LTC_UNUSED_PARAM(skey); -} - -int kasumi_keysize(int *keysize) -{ - LTC_ARGCHK(keysize != NULL); - if (*keysize >= 16) { - *keysize = 16; - return CRYPT_OK; - } else { - return CRYPT_INVALID_KEYSIZE; - } -} - -int kasumi_test(void) -{ -#ifndef LTC_TEST - return CRYPT_NOP; -#else - static const struct { - unsigned char key[16], pt[8], ct[8]; - } tests[] = { - -{ - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x4B, 0x58, 0xA7, 0x71, 0xAF, 0xC7, 0xE5, 0xE8 } -}, - -{ - { 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x7E, 0xEF, 0x11, 0x3C, 0x95, 0xBB, 0x5A, 0x77 } -}, - -{ - { 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x5F, 0x14, 0x06, 0x86, 0xD7, 0xAD, 0x5A, 0x39 }, -}, - -{ - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x2E, 0x14, 0x91, 0xCF, 0x70, 0xAA, 0x46, 0x5D } -}, - -{ - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0xB5, 0x45, 0x86, 0xF4, 0xAB, 0x9A, 0xE5, 0x46 } -}, - -}; - unsigned char buf[2][8]; - symmetric_key key; - int err, x; - - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { - if ((err = kasumi_setup(tests[x].key, 16, 0, &key)) != CRYPT_OK) { - return err; - } - if ((err = kasumi_ecb_encrypt(tests[x].pt, buf[0], &key)) != CRYPT_OK) { - return err; - } - if ((err = kasumi_ecb_decrypt(tests[x].ct, buf[1], &key)) != CRYPT_OK) { - return err; - } - if (compare_testvector(buf[1], 8, tests[x].pt, 8, "Kasumi Decrypt", x) || - compare_testvector(buf[0], 8, tests[x].ct, 8, "Kasumi Encrypt", x)) { - return CRYPT_FAIL_TESTVECTOR; - } - } - return CRYPT_OK; -#endif -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/ciphers/khazad.c b/libtomcrypt/src/ciphers/khazad.c deleted file mode 100644 index 4d1f2ce..0000000 --- a/libtomcrypt/src/ciphers/khazad.c +++ /dev/null @@ -1,855 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file khazad.c - Khazad implementation derived from public domain source - Authors: Paulo S.L.M. Barreto and Vincent Rijmen. -*/ - -#ifdef LTC_KHAZAD - -const struct ltc_cipher_descriptor khazad_desc = { - "khazad", - 18, - 16, 16, 8, 8, - &khazad_setup, - &khazad_ecb_encrypt, - &khazad_ecb_decrypt, - &khazad_test, - &khazad_done, - &khazad_keysize, - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL -}; - -#define R 8 -#define KEYSIZE 128 -#define KEYSIZEB (KEYSIZE/8) -#define BLOCKSIZE 64 -#define BLOCKSIZEB (BLOCKSIZE/8) - -static const ulong64 T0[256] = { - CONST64(0xbad3d268bbb96a01), CONST64(0x54fc4d19e59a66b1), CONST64(0x2f71bc93e26514cd), CONST64(0x749ccdb925871b51), - CONST64(0x53f55102f7a257a4), CONST64(0xd3686bb8d0d6be03), CONST64(0xd26b6fbdd6deb504), CONST64(0x4dd72964b35285fe), - CONST64(0x50f05d0dfdba4aad), CONST64(0xace98a26cf09e063), CONST64(0x8d8a0e83091c9684), CONST64(0xbfdcc679a5914d1a), - CONST64(0x7090ddad3da7374d), CONST64(0x52f65507f1aa5ca3), CONST64(0x9ab352c87ba417e1), CONST64(0x4cd42d61b55a8ef9), - CONST64(0xea238f65460320ac), CONST64(0xd56273a6c4e68411), CONST64(0x97a466f155cc68c2), CONST64(0xd16e63b2dcc6a80d), - CONST64(0x3355ccffaa85d099), CONST64(0x51f35908fbb241aa), CONST64(0x5bed712ac7e20f9c), CONST64(0xa6f7a204f359ae55), - CONST64(0xde7f5f81febec120), CONST64(0x48d83d75ad7aa2e5), CONST64(0xa8e59a32d729cc7f), CONST64(0x99b65ec771bc0ae8), - CONST64(0xdb704b90e096e63b), CONST64(0x3256c8faac8ddb9e), CONST64(0xb7c4e65195d11522), CONST64(0xfc19d72b32b3aace), - CONST64(0xe338ab48704b7393), CONST64(0x9ebf42dc63843bfd), CONST64(0x91ae7eef41fc52d0), CONST64(0x9bb056cd7dac1ce6), - CONST64(0xe23baf4d76437894), CONST64(0xbbd0d66dbdb16106), CONST64(0x41c319589b32f1da), CONST64(0x6eb2a5cb7957e517), - CONST64(0xa5f2ae0bf941b35c), CONST64(0xcb400bc08016564b), CONST64(0x6bbdb1da677fc20c), CONST64(0x95a26efb59dc7ecc), - CONST64(0xa1febe1fe1619f40), CONST64(0xf308eb1810cbc3e3), CONST64(0xb1cefe4f81e12f30), CONST64(0x0206080a0c10160e), - CONST64(0xcc4917db922e675e), CONST64(0xc45137f3a26e3f66), CONST64(0x1d2774694ee8cf53), CONST64(0x143c504478a09c6c), - CONST64(0xc3582be8b0560e73), CONST64(0x63a591f2573f9a34), CONST64(0xda734f95e69eed3c), CONST64(0x5de76934d3d2358e), - CONST64(0x5fe1613edfc22380), CONST64(0xdc79578bf2aed72e), CONST64(0x7d87e99413cf486e), CONST64(0xcd4a13de94266c59), - CONST64(0x7f81e19e1fdf5e60), CONST64(0x5aee752fc1ea049b), CONST64(0x6cb4adc17547f319), CONST64(0x5ce46d31d5da3e89), - CONST64(0xf704fb0c08ebefff), CONST64(0x266a98bed42d47f2), CONST64(0xff1cdb2438abb7c7), CONST64(0xed2a937e543b11b9), - CONST64(0xe825876f4a1336a2), CONST64(0x9dba4ed3699c26f4), CONST64(0x6fb1a1ce7f5fee10), CONST64(0x8e8f028c03048b8d), - CONST64(0x192b647d56c8e34f), CONST64(0xa0fdba1ae7699447), CONST64(0xf00de7171ad3deea), CONST64(0x89861e97113cba98), - CONST64(0x0f113c332278692d), CONST64(0x07091c1b12383115), CONST64(0xafec8629c511fd6a), CONST64(0xfb10cb30208b9bdb), - CONST64(0x0818202830405838), CONST64(0x153f54417ea8976b), CONST64(0x0d1734392e687f23), CONST64(0x040c101418202c1c), - CONST64(0x0103040506080b07), CONST64(0x64ac8de94507ab21), CONST64(0xdf7c5b84f8b6ca27), CONST64(0x769ac5b329970d5f), - CONST64(0x798bf9800bef6472), CONST64(0xdd7a538ef4a6dc29), CONST64(0x3d47f4c98ef5b2b3), CONST64(0x163a584e74b08a62), - CONST64(0x3f41fcc382e5a4bd), CONST64(0x3759dcebb2a5fc85), CONST64(0x6db7a9c4734ff81e), CONST64(0x3848e0d890dd95a8), - CONST64(0xb9d6de67b1a17708), CONST64(0x7395d1a237bf2a44), CONST64(0xe926836a4c1b3da5), CONST64(0x355fd4e1beb5ea8b), - CONST64(0x55ff491ce3926db6), CONST64(0x7193d9a83baf3c4a), CONST64(0x7b8df18a07ff727c), CONST64(0x8c890a860f149d83), - CONST64(0x7296d5a731b72143), CONST64(0x88851a921734b19f), CONST64(0xf607ff090ee3e4f8), CONST64(0x2a7ea882fc4d33d6), - CONST64(0x3e42f8c684edafba), CONST64(0x5ee2653bd9ca2887), CONST64(0x27699cbbd2254cf5), CONST64(0x46ca0543890ac0cf), - CONST64(0x0c14303c28607424), CONST64(0x65af89ec430fa026), CONST64(0x68b8bdd56d67df05), CONST64(0x61a399f85b2f8c3a), - CONST64(0x03050c0f0a181d09), CONST64(0xc15e23e2bc46187d), CONST64(0x57f94116ef827bb8), CONST64(0xd6677fa9cefe9918), - CONST64(0xd976439aec86f035), CONST64(0x58e87d25cdfa1295), CONST64(0xd875479fea8efb32), CONST64(0x66aa85e34917bd2f), - CONST64(0xd7647bacc8f6921f), CONST64(0x3a4ee8d29ccd83a6), CONST64(0xc84507cf8a0e4b42), CONST64(0x3c44f0cc88fdb9b4), - CONST64(0xfa13cf35268390dc), CONST64(0x96a762f453c463c5), CONST64(0xa7f4a601f551a552), CONST64(0x98b55ac277b401ef), - CONST64(0xec29977b52331abe), CONST64(0xb8d5da62b7a97c0f), CONST64(0xc7543bfca876226f), CONST64(0xaeef822cc319f66d), - CONST64(0x69bbb9d06b6fd402), CONST64(0x4bdd317aa762bfec), CONST64(0xabe0963ddd31d176), CONST64(0xa9e69e37d121c778), - CONST64(0x67a981e64f1fb628), CONST64(0x0a1e28223c504e36), CONST64(0x47c901468f02cbc8), CONST64(0xf20bef1d16c3c8e4), - CONST64(0xb5c2ee5b99c1032c), CONST64(0x226688aacc0d6bee), CONST64(0xe532b356647b4981), CONST64(0xee2f9f715e230cb0), - CONST64(0xbedfc27ca399461d), CONST64(0x2b7dac87fa4538d1), CONST64(0x819e3ebf217ce2a0), CONST64(0x1236485a6c90a67e), - CONST64(0x839836b52d6cf4ae), CONST64(0x1b2d6c775ad8f541), CONST64(0x0e1238362470622a), CONST64(0x23658cafca0560e9), - CONST64(0xf502f30604fbf9f1), CONST64(0x45cf094c8312ddc6), CONST64(0x216384a5c61576e7), CONST64(0xce4f1fd19e3e7150), - CONST64(0x49db3970ab72a9e2), CONST64(0x2c74b09ce87d09c4), CONST64(0xf916c33a2c9b8dd5), CONST64(0xe637bf596e635488), - CONST64(0xb6c7e25493d91e25), CONST64(0x2878a088f05d25d8), CONST64(0x17395c4b72b88165), CONST64(0x829b32b02b64ffa9), - CONST64(0x1a2e68725cd0fe46), CONST64(0x8b80169d1d2cac96), CONST64(0xfe1fdf213ea3bcc0), CONST64(0x8a8312981b24a791), - CONST64(0x091b242d3648533f), CONST64(0xc94603ca8c064045), CONST64(0x879426a1354cd8b2), CONST64(0x4ed2256bb94a98f7), - CONST64(0xe13ea3427c5b659d), CONST64(0x2e72b896e46d1fca), CONST64(0xe431b75362734286), CONST64(0xe03da7477a536e9a), - CONST64(0xeb208b60400b2bab), CONST64(0x90ad7aea47f459d7), CONST64(0xa4f1aa0eff49b85b), CONST64(0x1e22786644f0d25a), - CONST64(0x85922eab395ccebc), CONST64(0x60a09dfd5d27873d), CONST64(0x0000000000000000), CONST64(0x256f94b1de355afb), - CONST64(0xf401f70302f3f2f6), CONST64(0xf10ee3121cdbd5ed), CONST64(0x94a16afe5fd475cb), CONST64(0x0b1d2c273a584531), - CONST64(0xe734bb5c686b5f8f), CONST64(0x759fc9bc238f1056), CONST64(0xef2c9b74582b07b7), CONST64(0x345cd0e4b8bde18c), - CONST64(0x3153c4f5a695c697), CONST64(0xd46177a3c2ee8f16), CONST64(0xd06d67b7dacea30a), CONST64(0x869722a43344d3b5), - CONST64(0x7e82e59b19d75567), CONST64(0xadea8e23c901eb64), CONST64(0xfd1ad32e34bba1c9), CONST64(0x297ba48df6552edf), - CONST64(0x3050c0f0a09dcd90), CONST64(0x3b4decd79ac588a1), CONST64(0x9fbc46d9658c30fa), CONST64(0xf815c73f2a9386d2), - CONST64(0xc6573ff9ae7e2968), CONST64(0x13354c5f6a98ad79), CONST64(0x060a181e14303a12), CONST64(0x050f14111e28271b), - CONST64(0xc55233f6a4663461), CONST64(0x113344556688bb77), CONST64(0x7799c1b62f9f0658), CONST64(0x7c84ed9115c74369), - CONST64(0x7a8ef58f01f7797b), CONST64(0x7888fd850de76f75), CONST64(0x365ad8eeb4adf782), CONST64(0x1c24706c48e0c454), - CONST64(0x394be4dd96d59eaf), CONST64(0x59eb7920cbf21992), CONST64(0x1828607850c0e848), CONST64(0x56fa4513e98a70bf), - CONST64(0xb3c8f6458df1393e), CONST64(0xb0cdfa4a87e92437), CONST64(0x246c90b4d83d51fc), CONST64(0x206080a0c01d7de0), - CONST64(0xb2cbf2408bf93239), CONST64(0x92ab72e04be44fd9), CONST64(0xa3f8b615ed71894e), CONST64(0xc05d27e7ba4e137a), - CONST64(0x44cc0d49851ad6c1), CONST64(0x62a695f751379133), CONST64(0x103040506080b070), CONST64(0xb4c1ea5e9fc9082b), - CONST64(0x84912aae3f54c5bb), CONST64(0x43c511529722e7d4), CONST64(0x93a876e54dec44de), CONST64(0xc25b2fedb65e0574), - CONST64(0x4ade357fa16ab4eb), CONST64(0xbddace73a9815b14), CONST64(0x8f8c0689050c808a), CONST64(0x2d77b499ee7502c3), - CONST64(0xbcd9ca76af895013), CONST64(0x9cb94ad66f942df3), CONST64(0x6abeb5df6177c90b), CONST64(0x40c01d5d9d3afadd), - CONST64(0xcf4c1bd498367a57), CONST64(0xa2fbb210eb798249), CONST64(0x809d3aba2774e9a7), CONST64(0x4fd1216ebf4293f0), - CONST64(0x1f217c6342f8d95d), CONST64(0xca430fc5861e5d4c), CONST64(0xaae39238db39da71), CONST64(0x42c61557912aecd3), -}; - -static const ulong64 T1[256] = { - CONST64(0xd3ba68d2b9bb016a), CONST64(0xfc54194d9ae5b166), CONST64(0x712f93bc65e2cd14), CONST64(0x9c74b9cd8725511b), - CONST64(0xf5530251a2f7a457), CONST64(0x68d3b86bd6d003be), CONST64(0x6bd2bd6fded604b5), CONST64(0xd74d642952b3fe85), - CONST64(0xf0500d5dbafdad4a), CONST64(0xe9ac268a09cf63e0), CONST64(0x8a8d830e1c098496), CONST64(0xdcbf79c691a51a4d), - CONST64(0x9070addda73d4d37), CONST64(0xf6520755aaf1a35c), CONST64(0xb39ac852a47be117), CONST64(0xd44c612d5ab5f98e), - CONST64(0x23ea658f0346ac20), CONST64(0x62d5a673e6c41184), CONST64(0xa497f166cc55c268), CONST64(0x6ed1b263c6dc0da8), - CONST64(0x5533ffcc85aa99d0), CONST64(0xf3510859b2fbaa41), CONST64(0xed5b2a71e2c79c0f), CONST64(0xf7a604a259f355ae), - CONST64(0x7fde815fbefe20c1), CONST64(0xd848753d7aade5a2), CONST64(0xe5a8329a29d77fcc), CONST64(0xb699c75ebc71e80a), - CONST64(0x70db904b96e03be6), CONST64(0x5632fac88dac9edb), CONST64(0xc4b751e6d1952215), CONST64(0x19fc2bd7b332ceaa), - CONST64(0x38e348ab4b709373), CONST64(0xbf9edc428463fd3b), CONST64(0xae91ef7efc41d052), CONST64(0xb09bcd56ac7de61c), - CONST64(0x3be24daf43769478), CONST64(0xd0bb6dd6b1bd0661), CONST64(0xc3415819329bdaf1), CONST64(0xb26ecba5577917e5), - CONST64(0xf2a50bae41f95cb3), CONST64(0x40cbc00b16804b56), CONST64(0xbd6bdab17f670cc2), CONST64(0xa295fb6edc59cc7e), - CONST64(0xfea11fbe61e1409f), CONST64(0x08f318ebcb10e3c3), CONST64(0xceb14ffee181302f), CONST64(0x06020a08100c0e16), - CONST64(0x49ccdb172e925e67), CONST64(0x51c4f3376ea2663f), CONST64(0x271d6974e84e53cf), CONST64(0x3c144450a0786c9c), - CONST64(0x58c3e82b56b0730e), CONST64(0xa563f2913f57349a), CONST64(0x73da954f9ee63ced), CONST64(0xe75d3469d2d38e35), - CONST64(0xe15f3e61c2df8023), CONST64(0x79dc8b57aef22ed7), CONST64(0x877d94e9cf136e48), CONST64(0x4acdde132694596c), - CONST64(0x817f9ee1df1f605e), CONST64(0xee5a2f75eac19b04), CONST64(0xb46cc1ad477519f3), CONST64(0xe45c316ddad5893e), - CONST64(0x04f70cfbeb08ffef), CONST64(0x6a26be982dd4f247), CONST64(0x1cff24dbab38c7b7), CONST64(0x2aed7e933b54b911), - CONST64(0x25e86f87134aa236), CONST64(0xba9dd34e9c69f426), CONST64(0xb16fcea15f7f10ee), CONST64(0x8f8e8c0204038d8b), - CONST64(0x2b197d64c8564fe3), CONST64(0xfda01aba69e74794), CONST64(0x0df017e7d31aeade), CONST64(0x8689971e3c1198ba), - CONST64(0x110f333c78222d69), CONST64(0x09071b1c38121531), CONST64(0xecaf298611c56afd), CONST64(0x10fb30cb8b20db9b), - CONST64(0x1808282040303858), CONST64(0x3f154154a87e6b97), CONST64(0x170d3934682e237f), CONST64(0x0c04141020181c2c), - CONST64(0x030105040806070b), CONST64(0xac64e98d074521ab), CONST64(0x7cdf845bb6f827ca), CONST64(0x9a76b3c597295f0d), - CONST64(0x8b7980f9ef0b7264), CONST64(0x7add8e53a6f429dc), CONST64(0x473dc9f4f58eb3b2), CONST64(0x3a164e58b074628a), - CONST64(0x413fc3fce582bda4), CONST64(0x5937ebdca5b285fc), CONST64(0xb76dc4a94f731ef8), CONST64(0x4838d8e0dd90a895), - CONST64(0xd6b967dea1b10877), CONST64(0x9573a2d1bf37442a), CONST64(0x26e96a831b4ca53d), CONST64(0x5f35e1d4b5be8bea), - CONST64(0xff551c4992e3b66d), CONST64(0x9371a8d9af3b4a3c), CONST64(0x8d7b8af1ff077c72), CONST64(0x898c860a140f839d), - CONST64(0x9672a7d5b7314321), CONST64(0x8588921a34179fb1), CONST64(0x07f609ffe30ef8e4), CONST64(0x7e2a82a84dfcd633), - CONST64(0x423ec6f8ed84baaf), CONST64(0xe25e3b65cad98728), CONST64(0x6927bb9c25d2f54c), CONST64(0xca4643050a89cfc0), - CONST64(0x140c3c3060282474), CONST64(0xaf65ec890f4326a0), CONST64(0xb868d5bd676d05df), CONST64(0xa361f8992f5b3a8c), - CONST64(0x05030f0c180a091d), CONST64(0x5ec1e22346bc7d18), CONST64(0xf957164182efb87b), CONST64(0x67d6a97ffece1899), - CONST64(0x76d99a4386ec35f0), CONST64(0xe858257dfacd9512), CONST64(0x75d89f478eea32fb), CONST64(0xaa66e38517492fbd), - CONST64(0x64d7ac7bf6c81f92), CONST64(0x4e3ad2e8cd9ca683), CONST64(0x45c8cf070e8a424b), CONST64(0x443cccf0fd88b4b9), - CONST64(0x13fa35cf8326dc90), CONST64(0xa796f462c453c563), CONST64(0xf4a701a651f552a5), CONST64(0xb598c25ab477ef01), - CONST64(0x29ec7b973352be1a), CONST64(0xd5b862daa9b70f7c), CONST64(0x54c7fc3b76a86f22), CONST64(0xefae2c8219c36df6), - CONST64(0xbb69d0b96f6b02d4), CONST64(0xdd4b7a3162a7ecbf), CONST64(0xe0ab3d9631dd76d1), CONST64(0xe6a9379e21d178c7), - CONST64(0xa967e6811f4f28b6), CONST64(0x1e0a2228503c364e), CONST64(0xc9474601028fc8cb), CONST64(0x0bf21defc316e4c8), - CONST64(0xc2b55beec1992c03), CONST64(0x6622aa880dccee6b), CONST64(0x32e556b37b648149), CONST64(0x2fee719f235eb00c), - CONST64(0xdfbe7cc299a31d46), CONST64(0x7d2b87ac45fad138), CONST64(0x9e81bf3e7c21a0e2), CONST64(0x36125a48906c7ea6), - CONST64(0x9883b5366c2daef4), CONST64(0x2d1b776cd85a41f5), CONST64(0x120e363870242a62), CONST64(0x6523af8c05cae960), - CONST64(0x02f506f3fb04f1f9), CONST64(0xcf454c091283c6dd), CONST64(0x6321a58415c6e776), CONST64(0x4fced11f3e9e5071), - CONST64(0xdb49703972abe2a9), CONST64(0x742c9cb07de8c409), CONST64(0x16f93ac39b2cd58d), CONST64(0x37e659bf636e8854), - CONST64(0xc7b654e2d993251e), CONST64(0x782888a05df0d825), CONST64(0x39174b5cb8726581), CONST64(0x9b82b032642ba9ff), - CONST64(0x2e1a7268d05c46fe), CONST64(0x808b9d162c1d96ac), CONST64(0x1ffe21dfa33ec0bc), CONST64(0x838a9812241b91a7), - CONST64(0x1b092d2448363f53), CONST64(0x46c9ca03068c4540), CONST64(0x9487a1264c35b2d8), CONST64(0xd24e6b254ab9f798), - CONST64(0x3ee142a35b7c9d65), CONST64(0x722e96b86de4ca1f), CONST64(0x31e453b773628642), CONST64(0x3de047a7537a9a6e), - CONST64(0x20eb608b0b40ab2b), CONST64(0xad90ea7af447d759), CONST64(0xf1a40eaa49ff5bb8), CONST64(0x221e6678f0445ad2), - CONST64(0x9285ab2e5c39bcce), CONST64(0xa060fd9d275d3d87), CONST64(0x0000000000000000), CONST64(0x6f25b19435defb5a), - CONST64(0x01f403f7f302f6f2), CONST64(0x0ef112e3db1cedd5), CONST64(0xa194fe6ad45fcb75), CONST64(0x1d0b272c583a3145), - CONST64(0x34e75cbb6b688f5f), CONST64(0x9f75bcc98f235610), CONST64(0x2cef749b2b58b707), CONST64(0x5c34e4d0bdb88ce1), - CONST64(0x5331f5c495a697c6), CONST64(0x61d4a377eec2168f), CONST64(0x6dd0b767ceda0aa3), CONST64(0x9786a4224433b5d3), - CONST64(0x827e9be5d7196755), CONST64(0xeaad238e01c964eb), CONST64(0x1afd2ed3bb34c9a1), CONST64(0x7b298da455f6df2e), - CONST64(0x5030f0c09da090cd), CONST64(0x4d3bd7ecc59aa188), CONST64(0xbc9fd9468c65fa30), CONST64(0x15f83fc7932ad286), - CONST64(0x57c6f93f7eae6829), CONST64(0x35135f4c986a79ad), CONST64(0x0a061e183014123a), CONST64(0x0f051114281e1b27), - CONST64(0x52c5f63366a46134), CONST64(0x33115544886677bb), CONST64(0x9977b6c19f2f5806), CONST64(0x847c91edc7156943), - CONST64(0x8e7a8ff5f7017b79), CONST64(0x887885fde70d756f), CONST64(0x5a36eed8adb482f7), CONST64(0x241c6c70e04854c4), - CONST64(0x4b39dde4d596af9e), CONST64(0xeb592079f2cb9219), CONST64(0x28187860c05048e8), CONST64(0xfa5613458ae9bf70), - CONST64(0xc8b345f6f18d3e39), CONST64(0xcdb04afae9873724), CONST64(0x6c24b4903dd8fc51), CONST64(0x6020a0801dc0e07d), - CONST64(0xcbb240f2f98b3932), CONST64(0xab92e072e44bd94f), CONST64(0xf8a315b671ed4e89), CONST64(0x5dc0e7274eba7a13), - CONST64(0xcc44490d1a85c1d6), CONST64(0xa662f79537513391), CONST64(0x30105040806070b0), CONST64(0xc1b45eeac99f2b08), - CONST64(0x9184ae2a543fbbc5), CONST64(0xc54352112297d4e7), CONST64(0xa893e576ec4dde44), CONST64(0x5bc2ed2f5eb67405), - CONST64(0xde4a7f356aa1ebb4), CONST64(0xdabd73ce81a9145b), CONST64(0x8c8f89060c058a80), CONST64(0x772d99b475eec302), - CONST64(0xd9bc76ca89af1350), CONST64(0xb99cd64a946ff32d), CONST64(0xbe6adfb577610bc9), CONST64(0xc0405d1d3a9dddfa), - CONST64(0x4ccfd41b3698577a), CONST64(0xfba210b279eb4982), CONST64(0x9d80ba3a7427a7e9), CONST64(0xd14f6e2142bff093), - CONST64(0x211f637cf8425dd9), CONST64(0x43cac50f1e864c5d), CONST64(0xe3aa389239db71da), CONST64(0xc64257152a91d3ec), -}; - -static const ulong64 T2[256] = { - CONST64(0xd268bad36a01bbb9), CONST64(0x4d1954fc66b1e59a), CONST64(0xbc932f7114cde265), CONST64(0xcdb9749c1b512587), - CONST64(0x510253f557a4f7a2), CONST64(0x6bb8d368be03d0d6), CONST64(0x6fbdd26bb504d6de), CONST64(0x29644dd785feb352), - CONST64(0x5d0d50f04aadfdba), CONST64(0x8a26ace9e063cf09), CONST64(0x0e838d8a9684091c), CONST64(0xc679bfdc4d1aa591), - CONST64(0xddad7090374d3da7), CONST64(0x550752f65ca3f1aa), CONST64(0x52c89ab317e17ba4), CONST64(0x2d614cd48ef9b55a), - CONST64(0x8f65ea2320ac4603), CONST64(0x73a6d5628411c4e6), CONST64(0x66f197a468c255cc), CONST64(0x63b2d16ea80ddcc6), - CONST64(0xccff3355d099aa85), CONST64(0x590851f341aafbb2), CONST64(0x712a5bed0f9cc7e2), CONST64(0xa204a6f7ae55f359), - CONST64(0x5f81de7fc120febe), CONST64(0x3d7548d8a2e5ad7a), CONST64(0x9a32a8e5cc7fd729), CONST64(0x5ec799b60ae871bc), - CONST64(0x4b90db70e63be096), CONST64(0xc8fa3256db9eac8d), CONST64(0xe651b7c4152295d1), CONST64(0xd72bfc19aace32b3), - CONST64(0xab48e3387393704b), CONST64(0x42dc9ebf3bfd6384), CONST64(0x7eef91ae52d041fc), CONST64(0x56cd9bb01ce67dac), - CONST64(0xaf4de23b78947643), CONST64(0xd66dbbd06106bdb1), CONST64(0x195841c3f1da9b32), CONST64(0xa5cb6eb2e5177957), - CONST64(0xae0ba5f2b35cf941), CONST64(0x0bc0cb40564b8016), CONST64(0xb1da6bbdc20c677f), CONST64(0x6efb95a27ecc59dc), - CONST64(0xbe1fa1fe9f40e161), CONST64(0xeb18f308c3e310cb), CONST64(0xfe4fb1ce2f3081e1), CONST64(0x080a0206160e0c10), - CONST64(0x17dbcc49675e922e), CONST64(0x37f3c4513f66a26e), CONST64(0x74691d27cf534ee8), CONST64(0x5044143c9c6c78a0), - CONST64(0x2be8c3580e73b056), CONST64(0x91f263a59a34573f), CONST64(0x4f95da73ed3ce69e), CONST64(0x69345de7358ed3d2), - CONST64(0x613e5fe12380dfc2), CONST64(0x578bdc79d72ef2ae), CONST64(0xe9947d87486e13cf), CONST64(0x13decd4a6c599426), - CONST64(0xe19e7f815e601fdf), CONST64(0x752f5aee049bc1ea), CONST64(0xadc16cb4f3197547), CONST64(0x6d315ce43e89d5da), - CONST64(0xfb0cf704efff08eb), CONST64(0x98be266a47f2d42d), CONST64(0xdb24ff1cb7c738ab), CONST64(0x937eed2a11b9543b), - CONST64(0x876fe82536a24a13), CONST64(0x4ed39dba26f4699c), CONST64(0xa1ce6fb1ee107f5f), CONST64(0x028c8e8f8b8d0304), - CONST64(0x647d192be34f56c8), CONST64(0xba1aa0fd9447e769), CONST64(0xe717f00ddeea1ad3), CONST64(0x1e978986ba98113c), - CONST64(0x3c330f11692d2278), CONST64(0x1c1b070931151238), CONST64(0x8629afecfd6ac511), CONST64(0xcb30fb109bdb208b), - CONST64(0x2028081858383040), CONST64(0x5441153f976b7ea8), CONST64(0x34390d177f232e68), CONST64(0x1014040c2c1c1820), - CONST64(0x040501030b070608), CONST64(0x8de964acab214507), CONST64(0x5b84df7cca27f8b6), CONST64(0xc5b3769a0d5f2997), - CONST64(0xf980798b64720bef), CONST64(0x538edd7adc29f4a6), CONST64(0xf4c93d47b2b38ef5), CONST64(0x584e163a8a6274b0), - CONST64(0xfcc33f41a4bd82e5), CONST64(0xdceb3759fc85b2a5), CONST64(0xa9c46db7f81e734f), CONST64(0xe0d8384895a890dd), - CONST64(0xde67b9d67708b1a1), CONST64(0xd1a273952a4437bf), CONST64(0x836ae9263da54c1b), CONST64(0xd4e1355fea8bbeb5), - CONST64(0x491c55ff6db6e392), CONST64(0xd9a871933c4a3baf), CONST64(0xf18a7b8d727c07ff), CONST64(0x0a868c899d830f14), - CONST64(0xd5a77296214331b7), CONST64(0x1a928885b19f1734), CONST64(0xff09f607e4f80ee3), CONST64(0xa8822a7e33d6fc4d), - CONST64(0xf8c63e42afba84ed), CONST64(0x653b5ee22887d9ca), CONST64(0x9cbb27694cf5d225), CONST64(0x054346cac0cf890a), - CONST64(0x303c0c1474242860), CONST64(0x89ec65afa026430f), CONST64(0xbdd568b8df056d67), CONST64(0x99f861a38c3a5b2f), - CONST64(0x0c0f03051d090a18), CONST64(0x23e2c15e187dbc46), CONST64(0x411657f97bb8ef82), CONST64(0x7fa9d6679918cefe), - CONST64(0x439ad976f035ec86), CONST64(0x7d2558e81295cdfa), CONST64(0x479fd875fb32ea8e), CONST64(0x85e366aabd2f4917), - CONST64(0x7bacd764921fc8f6), CONST64(0xe8d23a4e83a69ccd), CONST64(0x07cfc8454b428a0e), CONST64(0xf0cc3c44b9b488fd), - CONST64(0xcf35fa1390dc2683), CONST64(0x62f496a763c553c4), CONST64(0xa601a7f4a552f551), CONST64(0x5ac298b501ef77b4), - CONST64(0x977bec291abe5233), CONST64(0xda62b8d57c0fb7a9), CONST64(0x3bfcc754226fa876), CONST64(0x822caeeff66dc319), - CONST64(0xb9d069bbd4026b6f), CONST64(0x317a4bddbfeca762), CONST64(0x963dabe0d176dd31), CONST64(0x9e37a9e6c778d121), - CONST64(0x81e667a9b6284f1f), CONST64(0x28220a1e4e363c50), CONST64(0x014647c9cbc88f02), CONST64(0xef1df20bc8e416c3), - CONST64(0xee5bb5c2032c99c1), CONST64(0x88aa22666beecc0d), CONST64(0xb356e5324981647b), CONST64(0x9f71ee2f0cb05e23), - CONST64(0xc27cbedf461da399), CONST64(0xac872b7d38d1fa45), CONST64(0x3ebf819ee2a0217c), CONST64(0x485a1236a67e6c90), - CONST64(0x36b58398f4ae2d6c), CONST64(0x6c771b2df5415ad8), CONST64(0x38360e12622a2470), CONST64(0x8caf236560e9ca05), - CONST64(0xf306f502f9f104fb), CONST64(0x094c45cfddc68312), CONST64(0x84a5216376e7c615), CONST64(0x1fd1ce4f71509e3e), - CONST64(0x397049dba9e2ab72), CONST64(0xb09c2c7409c4e87d), CONST64(0xc33af9168dd52c9b), CONST64(0xbf59e63754886e63), - CONST64(0xe254b6c71e2593d9), CONST64(0xa088287825d8f05d), CONST64(0x5c4b1739816572b8), CONST64(0x32b0829bffa92b64), - CONST64(0x68721a2efe465cd0), CONST64(0x169d8b80ac961d2c), CONST64(0xdf21fe1fbcc03ea3), CONST64(0x12988a83a7911b24), - CONST64(0x242d091b533f3648), CONST64(0x03cac94640458c06), CONST64(0x26a18794d8b2354c), CONST64(0x256b4ed298f7b94a), - CONST64(0xa342e13e659d7c5b), CONST64(0xb8962e721fcae46d), CONST64(0xb753e43142866273), CONST64(0xa747e03d6e9a7a53), - CONST64(0x8b60eb202bab400b), CONST64(0x7aea90ad59d747f4), CONST64(0xaa0ea4f1b85bff49), CONST64(0x78661e22d25a44f0), - CONST64(0x2eab8592cebc395c), CONST64(0x9dfd60a0873d5d27), CONST64(0x0000000000000000), CONST64(0x94b1256f5afbde35), - CONST64(0xf703f401f2f602f3), CONST64(0xe312f10ed5ed1cdb), CONST64(0x6afe94a175cb5fd4), CONST64(0x2c270b1d45313a58), - CONST64(0xbb5ce7345f8f686b), CONST64(0xc9bc759f1056238f), CONST64(0x9b74ef2c07b7582b), CONST64(0xd0e4345ce18cb8bd), - CONST64(0xc4f53153c697a695), CONST64(0x77a3d4618f16c2ee), CONST64(0x67b7d06da30adace), CONST64(0x22a48697d3b53344), - CONST64(0xe59b7e82556719d7), CONST64(0x8e23adeaeb64c901), CONST64(0xd32efd1aa1c934bb), CONST64(0xa48d297b2edff655), - CONST64(0xc0f03050cd90a09d), CONST64(0xecd73b4d88a19ac5), CONST64(0x46d99fbc30fa658c), CONST64(0xc73ff81586d22a93), - CONST64(0x3ff9c6572968ae7e), CONST64(0x4c5f1335ad796a98), CONST64(0x181e060a3a121430), CONST64(0x1411050f271b1e28), - CONST64(0x33f6c5523461a466), CONST64(0x44551133bb776688), CONST64(0xc1b6779906582f9f), CONST64(0xed917c84436915c7), - CONST64(0xf58f7a8e797b01f7), CONST64(0xfd8578886f750de7), CONST64(0xd8ee365af782b4ad), CONST64(0x706c1c24c45448e0), - CONST64(0xe4dd394b9eaf96d5), CONST64(0x792059eb1992cbf2), CONST64(0x60781828e84850c0), CONST64(0x451356fa70bfe98a), - CONST64(0xf645b3c8393e8df1), CONST64(0xfa4ab0cd243787e9), CONST64(0x90b4246c51fcd83d), CONST64(0x80a020607de0c01d), - CONST64(0xf240b2cb32398bf9), CONST64(0x72e092ab4fd94be4), CONST64(0xb615a3f8894eed71), CONST64(0x27e7c05d137aba4e), - CONST64(0x0d4944ccd6c1851a), CONST64(0x95f762a691335137), CONST64(0x40501030b0706080), CONST64(0xea5eb4c1082b9fc9), - CONST64(0x2aae8491c5bb3f54), CONST64(0x115243c5e7d49722), CONST64(0x76e593a844de4dec), CONST64(0x2fedc25b0574b65e), - CONST64(0x357f4adeb4eba16a), CONST64(0xce73bdda5b14a981), CONST64(0x06898f8c808a050c), CONST64(0xb4992d7702c3ee75), - CONST64(0xca76bcd95013af89), CONST64(0x4ad69cb92df36f94), CONST64(0xb5df6abec90b6177), CONST64(0x1d5d40c0fadd9d3a), - CONST64(0x1bd4cf4c7a579836), CONST64(0xb210a2fb8249eb79), CONST64(0x3aba809de9a72774), CONST64(0x216e4fd193f0bf42), - CONST64(0x7c631f21d95d42f8), CONST64(0x0fc5ca435d4c861e), CONST64(0x9238aae3da71db39), CONST64(0x155742c6ecd3912a), -}; - -static const ulong64 T3[256] = { - CONST64(0x68d2d3ba016ab9bb), CONST64(0x194dfc54b1669ae5), CONST64(0x93bc712fcd1465e2), CONST64(0xb9cd9c74511b8725), - CONST64(0x0251f553a457a2f7), CONST64(0xb86b68d303bed6d0), CONST64(0xbd6f6bd204b5ded6), CONST64(0x6429d74dfe8552b3), - CONST64(0x0d5df050ad4abafd), CONST64(0x268ae9ac63e009cf), CONST64(0x830e8a8d84961c09), CONST64(0x79c6dcbf1a4d91a5), - CONST64(0xaddd90704d37a73d), CONST64(0x0755f652a35caaf1), CONST64(0xc852b39ae117a47b), CONST64(0x612dd44cf98e5ab5), - CONST64(0x658f23eaac200346), CONST64(0xa67362d51184e6c4), CONST64(0xf166a497c268cc55), CONST64(0xb2636ed10da8c6dc), - CONST64(0xffcc553399d085aa), CONST64(0x0859f351aa41b2fb), CONST64(0x2a71ed5b9c0fe2c7), CONST64(0x04a2f7a655ae59f3), - CONST64(0x815f7fde20c1befe), CONST64(0x753dd848e5a27aad), CONST64(0x329ae5a87fcc29d7), CONST64(0xc75eb699e80abc71), - CONST64(0x904b70db3be696e0), CONST64(0xfac856329edb8dac), CONST64(0x51e6c4b72215d195), CONST64(0x2bd719fcceaab332), - CONST64(0x48ab38e393734b70), CONST64(0xdc42bf9efd3b8463), CONST64(0xef7eae91d052fc41), CONST64(0xcd56b09be61cac7d), - CONST64(0x4daf3be294784376), CONST64(0x6dd6d0bb0661b1bd), CONST64(0x5819c341daf1329b), CONST64(0xcba5b26e17e55779), - CONST64(0x0baef2a55cb341f9), CONST64(0xc00b40cb4b561680), CONST64(0xdab1bd6b0cc27f67), CONST64(0xfb6ea295cc7edc59), - CONST64(0x1fbefea1409f61e1), CONST64(0x18eb08f3e3c3cb10), CONST64(0x4ffeceb1302fe181), CONST64(0x0a0806020e16100c), - CONST64(0xdb1749cc5e672e92), CONST64(0xf33751c4663f6ea2), CONST64(0x6974271d53cfe84e), CONST64(0x44503c146c9ca078), - CONST64(0xe82b58c3730e56b0), CONST64(0xf291a563349a3f57), CONST64(0x954f73da3ced9ee6), CONST64(0x3469e75d8e35d2d3), - CONST64(0x3e61e15f8023c2df), CONST64(0x8b5779dc2ed7aef2), CONST64(0x94e9877d6e48cf13), CONST64(0xde134acd596c2694), - CONST64(0x9ee1817f605edf1f), CONST64(0x2f75ee5a9b04eac1), CONST64(0xc1adb46c19f34775), CONST64(0x316de45c893edad5), - CONST64(0x0cfb04f7ffefeb08), CONST64(0xbe986a26f2472dd4), CONST64(0x24db1cffc7b7ab38), CONST64(0x7e932aedb9113b54), - CONST64(0x6f8725e8a236134a), CONST64(0xd34eba9df4269c69), CONST64(0xcea1b16f10ee5f7f), CONST64(0x8c028f8e8d8b0403), - CONST64(0x7d642b194fe3c856), CONST64(0x1abafda0479469e7), CONST64(0x17e70df0eaded31a), CONST64(0x971e868998ba3c11), - CONST64(0x333c110f2d697822), CONST64(0x1b1c090715313812), CONST64(0x2986ecaf6afd11c5), CONST64(0x30cb10fbdb9b8b20), - CONST64(0x2820180838584030), CONST64(0x41543f156b97a87e), CONST64(0x3934170d237f682e), CONST64(0x14100c041c2c2018), - CONST64(0x05040301070b0806), CONST64(0xe98dac6421ab0745), CONST64(0x845b7cdf27cab6f8), CONST64(0xb3c59a765f0d9729), - CONST64(0x80f98b797264ef0b), CONST64(0x8e537add29dca6f4), CONST64(0xc9f4473db3b2f58e), CONST64(0x4e583a16628ab074), - CONST64(0xc3fc413fbda4e582), CONST64(0xebdc593785fca5b2), CONST64(0xc4a9b76d1ef84f73), CONST64(0xd8e04838a895dd90), - CONST64(0x67ded6b90877a1b1), CONST64(0xa2d19573442abf37), CONST64(0x6a8326e9a53d1b4c), CONST64(0xe1d45f358beab5be), - CONST64(0x1c49ff55b66d92e3), CONST64(0xa8d993714a3caf3b), CONST64(0x8af18d7b7c72ff07), CONST64(0x860a898c839d140f), - CONST64(0xa7d596724321b731), CONST64(0x921a85889fb13417), CONST64(0x09ff07f6f8e4e30e), CONST64(0x82a87e2ad6334dfc), - CONST64(0xc6f8423ebaafed84), CONST64(0x3b65e25e8728cad9), CONST64(0xbb9c6927f54c25d2), CONST64(0x4305ca46cfc00a89), - CONST64(0x3c30140c24746028), CONST64(0xec89af6526a00f43), CONST64(0xd5bdb86805df676d), CONST64(0xf899a3613a8c2f5b), - CONST64(0x0f0c0503091d180a), CONST64(0xe2235ec17d1846bc), CONST64(0x1641f957b87b82ef), CONST64(0xa97f67d61899fece), - CONST64(0x9a4376d935f086ec), CONST64(0x257de8589512facd), CONST64(0x9f4775d832fb8eea), CONST64(0xe385aa662fbd1749), - CONST64(0xac7b64d71f92f6c8), CONST64(0xd2e84e3aa683cd9c), CONST64(0xcf0745c8424b0e8a), CONST64(0xccf0443cb4b9fd88), - CONST64(0x35cf13fadc908326), CONST64(0xf462a796c563c453), CONST64(0x01a6f4a752a551f5), CONST64(0xc25ab598ef01b477), - CONST64(0x7b9729ecbe1a3352), CONST64(0x62dad5b80f7ca9b7), CONST64(0xfc3b54c76f2276a8), CONST64(0x2c82efae6df619c3), - CONST64(0xd0b9bb6902d46f6b), CONST64(0x7a31dd4becbf62a7), CONST64(0x3d96e0ab76d131dd), CONST64(0x379ee6a978c721d1), - CONST64(0xe681a96728b61f4f), CONST64(0x22281e0a364e503c), CONST64(0x4601c947c8cb028f), CONST64(0x1def0bf2e4c8c316), - CONST64(0x5beec2b52c03c199), CONST64(0xaa886622ee6b0dcc), CONST64(0x56b332e581497b64), CONST64(0x719f2feeb00c235e), - CONST64(0x7cc2dfbe1d4699a3), CONST64(0x87ac7d2bd13845fa), CONST64(0xbf3e9e81a0e27c21), CONST64(0x5a4836127ea6906c), - CONST64(0xb5369883aef46c2d), CONST64(0x776c2d1b41f5d85a), CONST64(0x3638120e2a627024), CONST64(0xaf8c6523e96005ca), - CONST64(0x06f302f5f1f9fb04), CONST64(0x4c09cf45c6dd1283), CONST64(0xa5846321e77615c6), CONST64(0xd11f4fce50713e9e), - CONST64(0x7039db49e2a972ab), CONST64(0x9cb0742cc4097de8), CONST64(0x3ac316f9d58d9b2c), CONST64(0x59bf37e68854636e), - CONST64(0x54e2c7b6251ed993), CONST64(0x88a07828d8255df0), CONST64(0x4b5c39176581b872), CONST64(0xb0329b82a9ff642b), - CONST64(0x72682e1a46fed05c), CONST64(0x9d16808b96ac2c1d), CONST64(0x21df1ffec0bca33e), CONST64(0x9812838a91a7241b), - CONST64(0x2d241b093f534836), CONST64(0xca0346c94540068c), CONST64(0xa1269487b2d84c35), CONST64(0x6b25d24ef7984ab9), - CONST64(0x42a33ee19d655b7c), CONST64(0x96b8722eca1f6de4), CONST64(0x53b731e486427362), CONST64(0x47a73de09a6e537a), - CONST64(0x608b20ebab2b0b40), CONST64(0xea7aad90d759f447), CONST64(0x0eaaf1a45bb849ff), CONST64(0x6678221e5ad2f044), - CONST64(0xab2e9285bcce5c39), CONST64(0xfd9da0603d87275d), CONST64(0x0000000000000000), CONST64(0xb1946f25fb5a35de), - CONST64(0x03f701f4f6f2f302), CONST64(0x12e30ef1edd5db1c), CONST64(0xfe6aa194cb75d45f), CONST64(0x272c1d0b3145583a), - CONST64(0x5cbb34e78f5f6b68), CONST64(0xbcc99f7556108f23), CONST64(0x749b2cefb7072b58), CONST64(0xe4d05c348ce1bdb8), - CONST64(0xf5c4533197c695a6), CONST64(0xa37761d4168feec2), CONST64(0xb7676dd00aa3ceda), CONST64(0xa4229786b5d34433), - CONST64(0x9be5827e6755d719), CONST64(0x238eeaad64eb01c9), CONST64(0x2ed31afdc9a1bb34), CONST64(0x8da47b29df2e55f6), - CONST64(0xf0c0503090cd9da0), CONST64(0xd7ec4d3ba188c59a), CONST64(0xd946bc9ffa308c65), CONST64(0x3fc715f8d286932a), - CONST64(0xf93f57c668297eae), CONST64(0x5f4c351379ad986a), CONST64(0x1e180a06123a3014), CONST64(0x11140f051b27281e), - CONST64(0xf63352c5613466a4), CONST64(0x5544331177bb8866), CONST64(0xb6c1997758069f2f), CONST64(0x91ed847c6943c715), - CONST64(0x8ff58e7a7b79f701), CONST64(0x85fd8878756fe70d), CONST64(0xeed85a3682f7adb4), CONST64(0x6c70241c54c4e048), - CONST64(0xdde44b39af9ed596), CONST64(0x2079eb599219f2cb), CONST64(0x7860281848e8c050), CONST64(0x1345fa56bf708ae9), - CONST64(0x45f6c8b33e39f18d), CONST64(0x4afacdb03724e987), CONST64(0xb4906c24fc513dd8), CONST64(0xa0806020e07d1dc0), - CONST64(0x40f2cbb23932f98b), CONST64(0xe072ab92d94fe44b), CONST64(0x15b6f8a34e8971ed), CONST64(0xe7275dc07a134eba), - CONST64(0x490dcc44c1d61a85), CONST64(0xf795a66233913751), CONST64(0x5040301070b08060), CONST64(0x5eeac1b42b08c99f), - CONST64(0xae2a9184bbc5543f), CONST64(0x5211c543d4e72297), CONST64(0xe576a893de44ec4d), CONST64(0xed2f5bc274055eb6), - CONST64(0x7f35de4aebb46aa1), CONST64(0x73cedabd145b81a9), CONST64(0x89068c8f8a800c05), CONST64(0x99b4772dc30275ee), - CONST64(0x76cad9bc135089af), CONST64(0xd64ab99cf32d946f), CONST64(0xdfb5be6a0bc97761), CONST64(0x5d1dc040ddfa3a9d), - CONST64(0xd41b4ccf577a3698), CONST64(0x10b2fba2498279eb), CONST64(0xba3a9d80a7e97427), CONST64(0x6e21d14ff09342bf), - CONST64(0x637c211f5dd9f842), CONST64(0xc50f43ca4c5d1e86), CONST64(0x3892e3aa71da39db), CONST64(0x5715c642d3ec2a91), -}; - -static const ulong64 T4[256] = { - CONST64(0xbbb96a01bad3d268), CONST64(0xe59a66b154fc4d19), CONST64(0xe26514cd2f71bc93), CONST64(0x25871b51749ccdb9), - CONST64(0xf7a257a453f55102), CONST64(0xd0d6be03d3686bb8), CONST64(0xd6deb504d26b6fbd), CONST64(0xb35285fe4dd72964), - CONST64(0xfdba4aad50f05d0d), CONST64(0xcf09e063ace98a26), CONST64(0x091c96848d8a0e83), CONST64(0xa5914d1abfdcc679), - CONST64(0x3da7374d7090ddad), CONST64(0xf1aa5ca352f65507), CONST64(0x7ba417e19ab352c8), CONST64(0xb55a8ef94cd42d61), - CONST64(0x460320acea238f65), CONST64(0xc4e68411d56273a6), CONST64(0x55cc68c297a466f1), CONST64(0xdcc6a80dd16e63b2), - CONST64(0xaa85d0993355ccff), CONST64(0xfbb241aa51f35908), CONST64(0xc7e20f9c5bed712a), CONST64(0xf359ae55a6f7a204), - CONST64(0xfebec120de7f5f81), CONST64(0xad7aa2e548d83d75), CONST64(0xd729cc7fa8e59a32), CONST64(0x71bc0ae899b65ec7), - CONST64(0xe096e63bdb704b90), CONST64(0xac8ddb9e3256c8fa), CONST64(0x95d11522b7c4e651), CONST64(0x32b3aacefc19d72b), - CONST64(0x704b7393e338ab48), CONST64(0x63843bfd9ebf42dc), CONST64(0x41fc52d091ae7eef), CONST64(0x7dac1ce69bb056cd), - CONST64(0x76437894e23baf4d), CONST64(0xbdb16106bbd0d66d), CONST64(0x9b32f1da41c31958), CONST64(0x7957e5176eb2a5cb), - CONST64(0xf941b35ca5f2ae0b), CONST64(0x8016564bcb400bc0), CONST64(0x677fc20c6bbdb1da), CONST64(0x59dc7ecc95a26efb), - CONST64(0xe1619f40a1febe1f), CONST64(0x10cbc3e3f308eb18), CONST64(0x81e12f30b1cefe4f), CONST64(0x0c10160e0206080a), - CONST64(0x922e675ecc4917db), CONST64(0xa26e3f66c45137f3), CONST64(0x4ee8cf531d277469), CONST64(0x78a09c6c143c5044), - CONST64(0xb0560e73c3582be8), CONST64(0x573f9a3463a591f2), CONST64(0xe69eed3cda734f95), CONST64(0xd3d2358e5de76934), - CONST64(0xdfc223805fe1613e), CONST64(0xf2aed72edc79578b), CONST64(0x13cf486e7d87e994), CONST64(0x94266c59cd4a13de), - CONST64(0x1fdf5e607f81e19e), CONST64(0xc1ea049b5aee752f), CONST64(0x7547f3196cb4adc1), CONST64(0xd5da3e895ce46d31), - CONST64(0x08ebeffff704fb0c), CONST64(0xd42d47f2266a98be), CONST64(0x38abb7c7ff1cdb24), CONST64(0x543b11b9ed2a937e), - CONST64(0x4a1336a2e825876f), CONST64(0x699c26f49dba4ed3), CONST64(0x7f5fee106fb1a1ce), CONST64(0x03048b8d8e8f028c), - CONST64(0x56c8e34f192b647d), CONST64(0xe7699447a0fdba1a), CONST64(0x1ad3deeaf00de717), CONST64(0x113cba9889861e97), - CONST64(0x2278692d0f113c33), CONST64(0x1238311507091c1b), CONST64(0xc511fd6aafec8629), CONST64(0x208b9bdbfb10cb30), - CONST64(0x3040583808182028), CONST64(0x7ea8976b153f5441), CONST64(0x2e687f230d173439), CONST64(0x18202c1c040c1014), - CONST64(0x06080b0701030405), CONST64(0x4507ab2164ac8de9), CONST64(0xf8b6ca27df7c5b84), CONST64(0x29970d5f769ac5b3), - CONST64(0x0bef6472798bf980), CONST64(0xf4a6dc29dd7a538e), CONST64(0x8ef5b2b33d47f4c9), CONST64(0x74b08a62163a584e), - CONST64(0x82e5a4bd3f41fcc3), CONST64(0xb2a5fc853759dceb), CONST64(0x734ff81e6db7a9c4), CONST64(0x90dd95a83848e0d8), - CONST64(0xb1a17708b9d6de67), CONST64(0x37bf2a447395d1a2), CONST64(0x4c1b3da5e926836a), CONST64(0xbeb5ea8b355fd4e1), - CONST64(0xe3926db655ff491c), CONST64(0x3baf3c4a7193d9a8), CONST64(0x07ff727c7b8df18a), CONST64(0x0f149d838c890a86), - CONST64(0x31b721437296d5a7), CONST64(0x1734b19f88851a92), CONST64(0x0ee3e4f8f607ff09), CONST64(0xfc4d33d62a7ea882), - CONST64(0x84edafba3e42f8c6), CONST64(0xd9ca28875ee2653b), CONST64(0xd2254cf527699cbb), CONST64(0x890ac0cf46ca0543), - CONST64(0x286074240c14303c), CONST64(0x430fa02665af89ec), CONST64(0x6d67df0568b8bdd5), CONST64(0x5b2f8c3a61a399f8), - CONST64(0x0a181d0903050c0f), CONST64(0xbc46187dc15e23e2), CONST64(0xef827bb857f94116), CONST64(0xcefe9918d6677fa9), - CONST64(0xec86f035d976439a), CONST64(0xcdfa129558e87d25), CONST64(0xea8efb32d875479f), CONST64(0x4917bd2f66aa85e3), - CONST64(0xc8f6921fd7647bac), CONST64(0x9ccd83a63a4ee8d2), CONST64(0x8a0e4b42c84507cf), CONST64(0x88fdb9b43c44f0cc), - CONST64(0x268390dcfa13cf35), CONST64(0x53c463c596a762f4), CONST64(0xf551a552a7f4a601), CONST64(0x77b401ef98b55ac2), - CONST64(0x52331abeec29977b), CONST64(0xb7a97c0fb8d5da62), CONST64(0xa876226fc7543bfc), CONST64(0xc319f66daeef822c), - CONST64(0x6b6fd40269bbb9d0), CONST64(0xa762bfec4bdd317a), CONST64(0xdd31d176abe0963d), CONST64(0xd121c778a9e69e37), - CONST64(0x4f1fb62867a981e6), CONST64(0x3c504e360a1e2822), CONST64(0x8f02cbc847c90146), CONST64(0x16c3c8e4f20bef1d), - CONST64(0x99c1032cb5c2ee5b), CONST64(0xcc0d6bee226688aa), CONST64(0x647b4981e532b356), CONST64(0x5e230cb0ee2f9f71), - CONST64(0xa399461dbedfc27c), CONST64(0xfa4538d12b7dac87), CONST64(0x217ce2a0819e3ebf), CONST64(0x6c90a67e1236485a), - CONST64(0x2d6cf4ae839836b5), CONST64(0x5ad8f5411b2d6c77), CONST64(0x2470622a0e123836), CONST64(0xca0560e923658caf), - CONST64(0x04fbf9f1f502f306), CONST64(0x8312ddc645cf094c), CONST64(0xc61576e7216384a5), CONST64(0x9e3e7150ce4f1fd1), - CONST64(0xab72a9e249db3970), CONST64(0xe87d09c42c74b09c), CONST64(0x2c9b8dd5f916c33a), CONST64(0x6e635488e637bf59), - CONST64(0x93d91e25b6c7e254), CONST64(0xf05d25d82878a088), CONST64(0x72b8816517395c4b), CONST64(0x2b64ffa9829b32b0), - CONST64(0x5cd0fe461a2e6872), CONST64(0x1d2cac968b80169d), CONST64(0x3ea3bcc0fe1fdf21), CONST64(0x1b24a7918a831298), - CONST64(0x3648533f091b242d), CONST64(0x8c064045c94603ca), CONST64(0x354cd8b2879426a1), CONST64(0xb94a98f74ed2256b), - CONST64(0x7c5b659de13ea342), CONST64(0xe46d1fca2e72b896), CONST64(0x62734286e431b753), CONST64(0x7a536e9ae03da747), - CONST64(0x400b2babeb208b60), CONST64(0x47f459d790ad7aea), CONST64(0xff49b85ba4f1aa0e), CONST64(0x44f0d25a1e227866), - CONST64(0x395ccebc85922eab), CONST64(0x5d27873d60a09dfd), CONST64(0x0000000000000000), CONST64(0xde355afb256f94b1), - CONST64(0x02f3f2f6f401f703), CONST64(0x1cdbd5edf10ee312), CONST64(0x5fd475cb94a16afe), CONST64(0x3a5845310b1d2c27), - CONST64(0x686b5f8fe734bb5c), CONST64(0x238f1056759fc9bc), CONST64(0x582b07b7ef2c9b74), CONST64(0xb8bde18c345cd0e4), - CONST64(0xa695c6973153c4f5), CONST64(0xc2ee8f16d46177a3), CONST64(0xdacea30ad06d67b7), CONST64(0x3344d3b5869722a4), - CONST64(0x19d755677e82e59b), CONST64(0xc901eb64adea8e23), CONST64(0x34bba1c9fd1ad32e), CONST64(0xf6552edf297ba48d), - CONST64(0xa09dcd903050c0f0), CONST64(0x9ac588a13b4decd7), CONST64(0x658c30fa9fbc46d9), CONST64(0x2a9386d2f815c73f), - CONST64(0xae7e2968c6573ff9), CONST64(0x6a98ad7913354c5f), CONST64(0x14303a12060a181e), CONST64(0x1e28271b050f1411), - CONST64(0xa4663461c55233f6), CONST64(0x6688bb7711334455), CONST64(0x2f9f06587799c1b6), CONST64(0x15c743697c84ed91), - CONST64(0x01f7797b7a8ef58f), CONST64(0x0de76f757888fd85), CONST64(0xb4adf782365ad8ee), CONST64(0x48e0c4541c24706c), - CONST64(0x96d59eaf394be4dd), CONST64(0xcbf2199259eb7920), CONST64(0x50c0e84818286078), CONST64(0xe98a70bf56fa4513), - CONST64(0x8df1393eb3c8f645), CONST64(0x87e92437b0cdfa4a), CONST64(0xd83d51fc246c90b4), CONST64(0xc01d7de0206080a0), - CONST64(0x8bf93239b2cbf240), CONST64(0x4be44fd992ab72e0), CONST64(0xed71894ea3f8b615), CONST64(0xba4e137ac05d27e7), - CONST64(0x851ad6c144cc0d49), CONST64(0x5137913362a695f7), CONST64(0x6080b07010304050), CONST64(0x9fc9082bb4c1ea5e), - CONST64(0x3f54c5bb84912aae), CONST64(0x9722e7d443c51152), CONST64(0x4dec44de93a876e5), CONST64(0xb65e0574c25b2fed), - CONST64(0xa16ab4eb4ade357f), CONST64(0xa9815b14bddace73), CONST64(0x050c808a8f8c0689), CONST64(0xee7502c32d77b499), - CONST64(0xaf895013bcd9ca76), CONST64(0x6f942df39cb94ad6), CONST64(0x6177c90b6abeb5df), CONST64(0x9d3afadd40c01d5d), - CONST64(0x98367a57cf4c1bd4), CONST64(0xeb798249a2fbb210), CONST64(0x2774e9a7809d3aba), CONST64(0xbf4293f04fd1216e), - CONST64(0x42f8d95d1f217c63), CONST64(0x861e5d4cca430fc5), CONST64(0xdb39da71aae39238), CONST64(0x912aecd342c61557), -}; - -static const ulong64 T5[256] = { - CONST64(0xb9bb016ad3ba68d2), CONST64(0x9ae5b166fc54194d), CONST64(0x65e2cd14712f93bc), CONST64(0x8725511b9c74b9cd), - CONST64(0xa2f7a457f5530251), CONST64(0xd6d003be68d3b86b), CONST64(0xded604b56bd2bd6f), CONST64(0x52b3fe85d74d6429), - CONST64(0xbafdad4af0500d5d), CONST64(0x09cf63e0e9ac268a), CONST64(0x1c0984968a8d830e), CONST64(0x91a51a4ddcbf79c6), - CONST64(0xa73d4d379070addd), CONST64(0xaaf1a35cf6520755), CONST64(0xa47be117b39ac852), CONST64(0x5ab5f98ed44c612d), - CONST64(0x0346ac2023ea658f), CONST64(0xe6c4118462d5a673), CONST64(0xcc55c268a497f166), CONST64(0xc6dc0da86ed1b263), - CONST64(0x85aa99d05533ffcc), CONST64(0xb2fbaa41f3510859), CONST64(0xe2c79c0fed5b2a71), CONST64(0x59f355aef7a604a2), - CONST64(0xbefe20c17fde815f), CONST64(0x7aade5a2d848753d), CONST64(0x29d77fcce5a8329a), CONST64(0xbc71e80ab699c75e), - CONST64(0x96e03be670db904b), CONST64(0x8dac9edb5632fac8), CONST64(0xd1952215c4b751e6), CONST64(0xb332ceaa19fc2bd7), - CONST64(0x4b70937338e348ab), CONST64(0x8463fd3bbf9edc42), CONST64(0xfc41d052ae91ef7e), CONST64(0xac7de61cb09bcd56), - CONST64(0x437694783be24daf), CONST64(0xb1bd0661d0bb6dd6), CONST64(0x329bdaf1c3415819), CONST64(0x577917e5b26ecba5), - CONST64(0x41f95cb3f2a50bae), CONST64(0x16804b5640cbc00b), CONST64(0x7f670cc2bd6bdab1), CONST64(0xdc59cc7ea295fb6e), - CONST64(0x61e1409ffea11fbe), CONST64(0xcb10e3c308f318eb), CONST64(0xe181302fceb14ffe), CONST64(0x100c0e1606020a08), - CONST64(0x2e925e6749ccdb17), CONST64(0x6ea2663f51c4f337), CONST64(0xe84e53cf271d6974), CONST64(0xa0786c9c3c144450), - CONST64(0x56b0730e58c3e82b), CONST64(0x3f57349aa563f291), CONST64(0x9ee63ced73da954f), CONST64(0xd2d38e35e75d3469), - CONST64(0xc2df8023e15f3e61), CONST64(0xaef22ed779dc8b57), CONST64(0xcf136e48877d94e9), CONST64(0x2694596c4acdde13), - CONST64(0xdf1f605e817f9ee1), CONST64(0xeac19b04ee5a2f75), CONST64(0x477519f3b46cc1ad), CONST64(0xdad5893ee45c316d), - CONST64(0xeb08ffef04f70cfb), CONST64(0x2dd4f2476a26be98), CONST64(0xab38c7b71cff24db), CONST64(0x3b54b9112aed7e93), - CONST64(0x134aa23625e86f87), CONST64(0x9c69f426ba9dd34e), CONST64(0x5f7f10eeb16fcea1), CONST64(0x04038d8b8f8e8c02), - CONST64(0xc8564fe32b197d64), CONST64(0x69e74794fda01aba), CONST64(0xd31aeade0df017e7), CONST64(0x3c1198ba8689971e), - CONST64(0x78222d69110f333c), CONST64(0x3812153109071b1c), CONST64(0x11c56afdecaf2986), CONST64(0x8b20db9b10fb30cb), - CONST64(0x4030385818082820), CONST64(0xa87e6b973f154154), CONST64(0x682e237f170d3934), CONST64(0x20181c2c0c041410), - CONST64(0x0806070b03010504), CONST64(0x074521abac64e98d), CONST64(0xb6f827ca7cdf845b), CONST64(0x97295f0d9a76b3c5), - CONST64(0xef0b72648b7980f9), CONST64(0xa6f429dc7add8e53), CONST64(0xf58eb3b2473dc9f4), CONST64(0xb074628a3a164e58), - CONST64(0xe582bda4413fc3fc), CONST64(0xa5b285fc5937ebdc), CONST64(0x4f731ef8b76dc4a9), CONST64(0xdd90a8954838d8e0), - CONST64(0xa1b10877d6b967de), CONST64(0xbf37442a9573a2d1), CONST64(0x1b4ca53d26e96a83), CONST64(0xb5be8bea5f35e1d4), - CONST64(0x92e3b66dff551c49), CONST64(0xaf3b4a3c9371a8d9), CONST64(0xff077c728d7b8af1), CONST64(0x140f839d898c860a), - CONST64(0xb73143219672a7d5), CONST64(0x34179fb18588921a), CONST64(0xe30ef8e407f609ff), CONST64(0x4dfcd6337e2a82a8), - CONST64(0xed84baaf423ec6f8), CONST64(0xcad98728e25e3b65), CONST64(0x25d2f54c6927bb9c), CONST64(0x0a89cfc0ca464305), - CONST64(0x60282474140c3c30), CONST64(0x0f4326a0af65ec89), CONST64(0x676d05dfb868d5bd), CONST64(0x2f5b3a8ca361f899), - CONST64(0x180a091d05030f0c), CONST64(0x46bc7d185ec1e223), CONST64(0x82efb87bf9571641), CONST64(0xfece189967d6a97f), - CONST64(0x86ec35f076d99a43), CONST64(0xfacd9512e858257d), CONST64(0x8eea32fb75d89f47), CONST64(0x17492fbdaa66e385), - CONST64(0xf6c81f9264d7ac7b), CONST64(0xcd9ca6834e3ad2e8), CONST64(0x0e8a424b45c8cf07), CONST64(0xfd88b4b9443cccf0), - CONST64(0x8326dc9013fa35cf), CONST64(0xc453c563a796f462), CONST64(0x51f552a5f4a701a6), CONST64(0xb477ef01b598c25a), - CONST64(0x3352be1a29ec7b97), CONST64(0xa9b70f7cd5b862da), CONST64(0x76a86f2254c7fc3b), CONST64(0x19c36df6efae2c82), - CONST64(0x6f6b02d4bb69d0b9), CONST64(0x62a7ecbfdd4b7a31), CONST64(0x31dd76d1e0ab3d96), CONST64(0x21d178c7e6a9379e), - CONST64(0x1f4f28b6a967e681), CONST64(0x503c364e1e0a2228), CONST64(0x028fc8cbc9474601), CONST64(0xc316e4c80bf21def), - CONST64(0xc1992c03c2b55bee), CONST64(0x0dccee6b6622aa88), CONST64(0x7b64814932e556b3), CONST64(0x235eb00c2fee719f), - CONST64(0x99a31d46dfbe7cc2), CONST64(0x45fad1387d2b87ac), CONST64(0x7c21a0e29e81bf3e), CONST64(0x906c7ea636125a48), - CONST64(0x6c2daef49883b536), CONST64(0xd85a41f52d1b776c), CONST64(0x70242a62120e3638), CONST64(0x05cae9606523af8c), - CONST64(0xfb04f1f902f506f3), CONST64(0x1283c6ddcf454c09), CONST64(0x15c6e7766321a584), CONST64(0x3e9e50714fced11f), - CONST64(0x72abe2a9db497039), CONST64(0x7de8c409742c9cb0), CONST64(0x9b2cd58d16f93ac3), CONST64(0x636e885437e659bf), - CONST64(0xd993251ec7b654e2), CONST64(0x5df0d825782888a0), CONST64(0xb872658139174b5c), CONST64(0x642ba9ff9b82b032), - CONST64(0xd05c46fe2e1a7268), CONST64(0x2c1d96ac808b9d16), CONST64(0xa33ec0bc1ffe21df), CONST64(0x241b91a7838a9812), - CONST64(0x48363f531b092d24), CONST64(0x068c454046c9ca03), CONST64(0x4c35b2d89487a126), CONST64(0x4ab9f798d24e6b25), - CONST64(0x5b7c9d653ee142a3), CONST64(0x6de4ca1f722e96b8), CONST64(0x7362864231e453b7), CONST64(0x537a9a6e3de047a7), - CONST64(0x0b40ab2b20eb608b), CONST64(0xf447d759ad90ea7a), CONST64(0x49ff5bb8f1a40eaa), CONST64(0xf0445ad2221e6678), - CONST64(0x5c39bcce9285ab2e), CONST64(0x275d3d87a060fd9d), CONST64(0x0000000000000000), CONST64(0x35defb5a6f25b194), - CONST64(0xf302f6f201f403f7), CONST64(0xdb1cedd50ef112e3), CONST64(0xd45fcb75a194fe6a), CONST64(0x583a31451d0b272c), - CONST64(0x6b688f5f34e75cbb), CONST64(0x8f2356109f75bcc9), CONST64(0x2b58b7072cef749b), CONST64(0xbdb88ce15c34e4d0), - CONST64(0x95a697c65331f5c4), CONST64(0xeec2168f61d4a377), CONST64(0xceda0aa36dd0b767), CONST64(0x4433b5d39786a422), - CONST64(0xd7196755827e9be5), CONST64(0x01c964ebeaad238e), CONST64(0xbb34c9a11afd2ed3), CONST64(0x55f6df2e7b298da4), - CONST64(0x9da090cd5030f0c0), CONST64(0xc59aa1884d3bd7ec), CONST64(0x8c65fa30bc9fd946), CONST64(0x932ad28615f83fc7), - CONST64(0x7eae682957c6f93f), CONST64(0x986a79ad35135f4c), CONST64(0x3014123a0a061e18), CONST64(0x281e1b270f051114), - CONST64(0x66a4613452c5f633), CONST64(0x886677bb33115544), CONST64(0x9f2f58069977b6c1), CONST64(0xc7156943847c91ed), - CONST64(0xf7017b798e7a8ff5), CONST64(0xe70d756f887885fd), CONST64(0xadb482f75a36eed8), CONST64(0xe04854c4241c6c70), - CONST64(0xd596af9e4b39dde4), CONST64(0xf2cb9219eb592079), CONST64(0xc05048e828187860), CONST64(0x8ae9bf70fa561345), - CONST64(0xf18d3e39c8b345f6), CONST64(0xe9873724cdb04afa), CONST64(0x3dd8fc516c24b490), CONST64(0x1dc0e07d6020a080), - CONST64(0xf98b3932cbb240f2), CONST64(0xe44bd94fab92e072), CONST64(0x71ed4e89f8a315b6), CONST64(0x4eba7a135dc0e727), - CONST64(0x1a85c1d6cc44490d), CONST64(0x37513391a662f795), CONST64(0x806070b030105040), CONST64(0xc99f2b08c1b45eea), - CONST64(0x543fbbc59184ae2a), CONST64(0x2297d4e7c5435211), CONST64(0xec4dde44a893e576), CONST64(0x5eb674055bc2ed2f), - CONST64(0x6aa1ebb4de4a7f35), CONST64(0x81a9145bdabd73ce), CONST64(0x0c058a808c8f8906), CONST64(0x75eec302772d99b4), - CONST64(0x89af1350d9bc76ca), CONST64(0x946ff32db99cd64a), CONST64(0x77610bc9be6adfb5), CONST64(0x3a9dddfac0405d1d), - CONST64(0x3698577a4ccfd41b), CONST64(0x79eb4982fba210b2), CONST64(0x7427a7e99d80ba3a), CONST64(0x42bff093d14f6e21), - CONST64(0xf8425dd9211f637c), CONST64(0x1e864c5d43cac50f), CONST64(0x39db71dae3aa3892), CONST64(0x2a91d3ecc6425715), -}; - -static const ulong64 T6[256] = { - CONST64(0x6a01bbb9d268bad3), CONST64(0x66b1e59a4d1954fc), CONST64(0x14cde265bc932f71), CONST64(0x1b512587cdb9749c), - CONST64(0x57a4f7a2510253f5), CONST64(0xbe03d0d66bb8d368), CONST64(0xb504d6de6fbdd26b), CONST64(0x85feb35229644dd7), - CONST64(0x4aadfdba5d0d50f0), CONST64(0xe063cf098a26ace9), CONST64(0x9684091c0e838d8a), CONST64(0x4d1aa591c679bfdc), - CONST64(0x374d3da7ddad7090), CONST64(0x5ca3f1aa550752f6), CONST64(0x17e17ba452c89ab3), CONST64(0x8ef9b55a2d614cd4), - CONST64(0x20ac46038f65ea23), CONST64(0x8411c4e673a6d562), CONST64(0x68c255cc66f197a4), CONST64(0xa80ddcc663b2d16e), - CONST64(0xd099aa85ccff3355), CONST64(0x41aafbb2590851f3), CONST64(0x0f9cc7e2712a5bed), CONST64(0xae55f359a204a6f7), - CONST64(0xc120febe5f81de7f), CONST64(0xa2e5ad7a3d7548d8), CONST64(0xcc7fd7299a32a8e5), CONST64(0x0ae871bc5ec799b6), - CONST64(0xe63be0964b90db70), CONST64(0xdb9eac8dc8fa3256), CONST64(0x152295d1e651b7c4), CONST64(0xaace32b3d72bfc19), - CONST64(0x7393704bab48e338), CONST64(0x3bfd638442dc9ebf), CONST64(0x52d041fc7eef91ae), CONST64(0x1ce67dac56cd9bb0), - CONST64(0x78947643af4de23b), CONST64(0x6106bdb1d66dbbd0), CONST64(0xf1da9b32195841c3), CONST64(0xe5177957a5cb6eb2), - CONST64(0xb35cf941ae0ba5f2), CONST64(0x564b80160bc0cb40), CONST64(0xc20c677fb1da6bbd), CONST64(0x7ecc59dc6efb95a2), - CONST64(0x9f40e161be1fa1fe), CONST64(0xc3e310cbeb18f308), CONST64(0x2f3081e1fe4fb1ce), CONST64(0x160e0c10080a0206), - CONST64(0x675e922e17dbcc49), CONST64(0x3f66a26e37f3c451), CONST64(0xcf534ee874691d27), CONST64(0x9c6c78a05044143c), - CONST64(0x0e73b0562be8c358), CONST64(0x9a34573f91f263a5), CONST64(0xed3ce69e4f95da73), CONST64(0x358ed3d269345de7), - CONST64(0x2380dfc2613e5fe1), CONST64(0xd72ef2ae578bdc79), CONST64(0x486e13cfe9947d87), CONST64(0x6c59942613decd4a), - CONST64(0x5e601fdfe19e7f81), CONST64(0x049bc1ea752f5aee), CONST64(0xf3197547adc16cb4), CONST64(0x3e89d5da6d315ce4), - CONST64(0xefff08ebfb0cf704), CONST64(0x47f2d42d98be266a), CONST64(0xb7c738abdb24ff1c), CONST64(0x11b9543b937eed2a), - CONST64(0x36a24a13876fe825), CONST64(0x26f4699c4ed39dba), CONST64(0xee107f5fa1ce6fb1), CONST64(0x8b8d0304028c8e8f), - CONST64(0xe34f56c8647d192b), CONST64(0x9447e769ba1aa0fd), CONST64(0xdeea1ad3e717f00d), CONST64(0xba98113c1e978986), - CONST64(0x692d22783c330f11), CONST64(0x311512381c1b0709), CONST64(0xfd6ac5118629afec), CONST64(0x9bdb208bcb30fb10), - CONST64(0x5838304020280818), CONST64(0x976b7ea85441153f), CONST64(0x7f232e6834390d17), CONST64(0x2c1c18201014040c), - CONST64(0x0b07060804050103), CONST64(0xab2145078de964ac), CONST64(0xca27f8b65b84df7c), CONST64(0x0d5f2997c5b3769a), - CONST64(0x64720beff980798b), CONST64(0xdc29f4a6538edd7a), CONST64(0xb2b38ef5f4c93d47), CONST64(0x8a6274b0584e163a), - CONST64(0xa4bd82e5fcc33f41), CONST64(0xfc85b2a5dceb3759), CONST64(0xf81e734fa9c46db7), CONST64(0x95a890dde0d83848), - CONST64(0x7708b1a1de67b9d6), CONST64(0x2a4437bfd1a27395), CONST64(0x3da54c1b836ae926), CONST64(0xea8bbeb5d4e1355f), - CONST64(0x6db6e392491c55ff), CONST64(0x3c4a3bafd9a87193), CONST64(0x727c07fff18a7b8d), CONST64(0x9d830f140a868c89), - CONST64(0x214331b7d5a77296), CONST64(0xb19f17341a928885), CONST64(0xe4f80ee3ff09f607), CONST64(0x33d6fc4da8822a7e), - CONST64(0xafba84edf8c63e42), CONST64(0x2887d9ca653b5ee2), CONST64(0x4cf5d2259cbb2769), CONST64(0xc0cf890a054346ca), - CONST64(0x74242860303c0c14), CONST64(0xa026430f89ec65af), CONST64(0xdf056d67bdd568b8), CONST64(0x8c3a5b2f99f861a3), - CONST64(0x1d090a180c0f0305), CONST64(0x187dbc4623e2c15e), CONST64(0x7bb8ef82411657f9), CONST64(0x9918cefe7fa9d667), - CONST64(0xf035ec86439ad976), CONST64(0x1295cdfa7d2558e8), CONST64(0xfb32ea8e479fd875), CONST64(0xbd2f491785e366aa), - CONST64(0x921fc8f67bacd764), CONST64(0x83a69ccde8d23a4e), CONST64(0x4b428a0e07cfc845), CONST64(0xb9b488fdf0cc3c44), - CONST64(0x90dc2683cf35fa13), CONST64(0x63c553c462f496a7), CONST64(0xa552f551a601a7f4), CONST64(0x01ef77b45ac298b5), - CONST64(0x1abe5233977bec29), CONST64(0x7c0fb7a9da62b8d5), CONST64(0x226fa8763bfcc754), CONST64(0xf66dc319822caeef), - CONST64(0xd4026b6fb9d069bb), CONST64(0xbfeca762317a4bdd), CONST64(0xd176dd31963dabe0), CONST64(0xc778d1219e37a9e6), - CONST64(0xb6284f1f81e667a9), CONST64(0x4e363c5028220a1e), CONST64(0xcbc88f02014647c9), CONST64(0xc8e416c3ef1df20b), - CONST64(0x032c99c1ee5bb5c2), CONST64(0x6beecc0d88aa2266), CONST64(0x4981647bb356e532), CONST64(0x0cb05e239f71ee2f), - CONST64(0x461da399c27cbedf), CONST64(0x38d1fa45ac872b7d), CONST64(0xe2a0217c3ebf819e), CONST64(0xa67e6c90485a1236), - CONST64(0xf4ae2d6c36b58398), CONST64(0xf5415ad86c771b2d), CONST64(0x622a247038360e12), CONST64(0x60e9ca058caf2365), - CONST64(0xf9f104fbf306f502), CONST64(0xddc68312094c45cf), CONST64(0x76e7c61584a52163), CONST64(0x71509e3e1fd1ce4f), - CONST64(0xa9e2ab72397049db), CONST64(0x09c4e87db09c2c74), CONST64(0x8dd52c9bc33af916), CONST64(0x54886e63bf59e637), - CONST64(0x1e2593d9e254b6c7), CONST64(0x25d8f05da0882878), CONST64(0x816572b85c4b1739), CONST64(0xffa92b6432b0829b), - CONST64(0xfe465cd068721a2e), CONST64(0xac961d2c169d8b80), CONST64(0xbcc03ea3df21fe1f), CONST64(0xa7911b2412988a83), - CONST64(0x533f3648242d091b), CONST64(0x40458c0603cac946), CONST64(0xd8b2354c26a18794), CONST64(0x98f7b94a256b4ed2), - CONST64(0x659d7c5ba342e13e), CONST64(0x1fcae46db8962e72), CONST64(0x42866273b753e431), CONST64(0x6e9a7a53a747e03d), - CONST64(0x2bab400b8b60eb20), CONST64(0x59d747f47aea90ad), CONST64(0xb85bff49aa0ea4f1), CONST64(0xd25a44f078661e22), - CONST64(0xcebc395c2eab8592), CONST64(0x873d5d279dfd60a0), CONST64(0x0000000000000000), CONST64(0x5afbde3594b1256f), - CONST64(0xf2f602f3f703f401), CONST64(0xd5ed1cdbe312f10e), CONST64(0x75cb5fd46afe94a1), CONST64(0x45313a582c270b1d), - CONST64(0x5f8f686bbb5ce734), CONST64(0x1056238fc9bc759f), CONST64(0x07b7582b9b74ef2c), CONST64(0xe18cb8bdd0e4345c), - CONST64(0xc697a695c4f53153), CONST64(0x8f16c2ee77a3d461), CONST64(0xa30adace67b7d06d), CONST64(0xd3b5334422a48697), - CONST64(0x556719d7e59b7e82), CONST64(0xeb64c9018e23adea), CONST64(0xa1c934bbd32efd1a), CONST64(0x2edff655a48d297b), - CONST64(0xcd90a09dc0f03050), CONST64(0x88a19ac5ecd73b4d), CONST64(0x30fa658c46d99fbc), CONST64(0x86d22a93c73ff815), - CONST64(0x2968ae7e3ff9c657), CONST64(0xad796a984c5f1335), CONST64(0x3a121430181e060a), CONST64(0x271b1e281411050f), - CONST64(0x3461a46633f6c552), CONST64(0xbb77668844551133), CONST64(0x06582f9fc1b67799), CONST64(0x436915c7ed917c84), - CONST64(0x797b01f7f58f7a8e), CONST64(0x6f750de7fd857888), CONST64(0xf782b4add8ee365a), CONST64(0xc45448e0706c1c24), - CONST64(0x9eaf96d5e4dd394b), CONST64(0x1992cbf2792059eb), CONST64(0xe84850c060781828), CONST64(0x70bfe98a451356fa), - CONST64(0x393e8df1f645b3c8), CONST64(0x243787e9fa4ab0cd), CONST64(0x51fcd83d90b4246c), CONST64(0x7de0c01d80a02060), - CONST64(0x32398bf9f240b2cb), CONST64(0x4fd94be472e092ab), CONST64(0x894eed71b615a3f8), CONST64(0x137aba4e27e7c05d), - CONST64(0xd6c1851a0d4944cc), CONST64(0x9133513795f762a6), CONST64(0xb070608040501030), CONST64(0x082b9fc9ea5eb4c1), - CONST64(0xc5bb3f542aae8491), CONST64(0xe7d49722115243c5), CONST64(0x44de4dec76e593a8), CONST64(0x0574b65e2fedc25b), - CONST64(0xb4eba16a357f4ade), CONST64(0x5b14a981ce73bdda), CONST64(0x808a050c06898f8c), CONST64(0x02c3ee75b4992d77), - CONST64(0x5013af89ca76bcd9), CONST64(0x2df36f944ad69cb9), CONST64(0xc90b6177b5df6abe), CONST64(0xfadd9d3a1d5d40c0), - CONST64(0x7a5798361bd4cf4c), CONST64(0x8249eb79b210a2fb), CONST64(0xe9a727743aba809d), CONST64(0x93f0bf42216e4fd1), - CONST64(0xd95d42f87c631f21), CONST64(0x5d4c861e0fc5ca43), CONST64(0xda71db399238aae3), CONST64(0xecd3912a155742c6), -}; - -static const ulong64 T7[256] = { - CONST64(0x016ab9bb68d2d3ba), CONST64(0xb1669ae5194dfc54), CONST64(0xcd1465e293bc712f), CONST64(0x511b8725b9cd9c74), - CONST64(0xa457a2f70251f553), CONST64(0x03bed6d0b86b68d3), CONST64(0x04b5ded6bd6f6bd2), CONST64(0xfe8552b36429d74d), - CONST64(0xad4abafd0d5df050), CONST64(0x63e009cf268ae9ac), CONST64(0x84961c09830e8a8d), CONST64(0x1a4d91a579c6dcbf), - CONST64(0x4d37a73daddd9070), CONST64(0xa35caaf10755f652), CONST64(0xe117a47bc852b39a), CONST64(0xf98e5ab5612dd44c), - CONST64(0xac200346658f23ea), CONST64(0x1184e6c4a67362d5), CONST64(0xc268cc55f166a497), CONST64(0x0da8c6dcb2636ed1), - CONST64(0x99d085aaffcc5533), CONST64(0xaa41b2fb0859f351), CONST64(0x9c0fe2c72a71ed5b), CONST64(0x55ae59f304a2f7a6), - CONST64(0x20c1befe815f7fde), CONST64(0xe5a27aad753dd848), CONST64(0x7fcc29d7329ae5a8), CONST64(0xe80abc71c75eb699), - CONST64(0x3be696e0904b70db), CONST64(0x9edb8dacfac85632), CONST64(0x2215d19551e6c4b7), CONST64(0xceaab3322bd719fc), - CONST64(0x93734b7048ab38e3), CONST64(0xfd3b8463dc42bf9e), CONST64(0xd052fc41ef7eae91), CONST64(0xe61cac7dcd56b09b), - CONST64(0x947843764daf3be2), CONST64(0x0661b1bd6dd6d0bb), CONST64(0xdaf1329b5819c341), CONST64(0x17e55779cba5b26e), - CONST64(0x5cb341f90baef2a5), CONST64(0x4b561680c00b40cb), CONST64(0x0cc27f67dab1bd6b), CONST64(0xcc7edc59fb6ea295), - CONST64(0x409f61e11fbefea1), CONST64(0xe3c3cb1018eb08f3), CONST64(0x302fe1814ffeceb1), CONST64(0x0e16100c0a080602), - CONST64(0x5e672e92db1749cc), CONST64(0x663f6ea2f33751c4), CONST64(0x53cfe84e6974271d), CONST64(0x6c9ca07844503c14), - CONST64(0x730e56b0e82b58c3), CONST64(0x349a3f57f291a563), CONST64(0x3ced9ee6954f73da), CONST64(0x8e35d2d33469e75d), - CONST64(0x8023c2df3e61e15f), CONST64(0x2ed7aef28b5779dc), CONST64(0x6e48cf1394e9877d), CONST64(0x596c2694de134acd), - CONST64(0x605edf1f9ee1817f), CONST64(0x9b04eac12f75ee5a), CONST64(0x19f34775c1adb46c), CONST64(0x893edad5316de45c), - CONST64(0xffefeb080cfb04f7), CONST64(0xf2472dd4be986a26), CONST64(0xc7b7ab3824db1cff), CONST64(0xb9113b547e932aed), - CONST64(0xa236134a6f8725e8), CONST64(0xf4269c69d34eba9d), CONST64(0x10ee5f7fcea1b16f), CONST64(0x8d8b04038c028f8e), - CONST64(0x4fe3c8567d642b19), CONST64(0x479469e71abafda0), CONST64(0xeaded31a17e70df0), CONST64(0x98ba3c11971e8689), - CONST64(0x2d697822333c110f), CONST64(0x153138121b1c0907), CONST64(0x6afd11c52986ecaf), CONST64(0xdb9b8b2030cb10fb), - CONST64(0x3858403028201808), CONST64(0x6b97a87e41543f15), CONST64(0x237f682e3934170d), CONST64(0x1c2c201814100c04), - CONST64(0x070b080605040301), CONST64(0x21ab0745e98dac64), CONST64(0x27cab6f8845b7cdf), CONST64(0x5f0d9729b3c59a76), - CONST64(0x7264ef0b80f98b79), CONST64(0x29dca6f48e537add), CONST64(0xb3b2f58ec9f4473d), CONST64(0x628ab0744e583a16), - CONST64(0xbda4e582c3fc413f), CONST64(0x85fca5b2ebdc5937), CONST64(0x1ef84f73c4a9b76d), CONST64(0xa895dd90d8e04838), - CONST64(0x0877a1b167ded6b9), CONST64(0x442abf37a2d19573), CONST64(0xa53d1b4c6a8326e9), CONST64(0x8beab5bee1d45f35), - CONST64(0xb66d92e31c49ff55), CONST64(0x4a3caf3ba8d99371), CONST64(0x7c72ff078af18d7b), CONST64(0x839d140f860a898c), - CONST64(0x4321b731a7d59672), CONST64(0x9fb13417921a8588), CONST64(0xf8e4e30e09ff07f6), CONST64(0xd6334dfc82a87e2a), - CONST64(0xbaafed84c6f8423e), CONST64(0x8728cad93b65e25e), CONST64(0xf54c25d2bb9c6927), CONST64(0xcfc00a894305ca46), - CONST64(0x247460283c30140c), CONST64(0x26a00f43ec89af65), CONST64(0x05df676dd5bdb868), CONST64(0x3a8c2f5bf899a361), - CONST64(0x091d180a0f0c0503), CONST64(0x7d1846bce2235ec1), CONST64(0xb87b82ef1641f957), CONST64(0x1899fecea97f67d6), - CONST64(0x35f086ec9a4376d9), CONST64(0x9512facd257de858), CONST64(0x32fb8eea9f4775d8), CONST64(0x2fbd1749e385aa66), - CONST64(0x1f92f6c8ac7b64d7), CONST64(0xa683cd9cd2e84e3a), CONST64(0x424b0e8acf0745c8), CONST64(0xb4b9fd88ccf0443c), - CONST64(0xdc90832635cf13fa), CONST64(0xc563c453f462a796), CONST64(0x52a551f501a6f4a7), CONST64(0xef01b477c25ab598), - CONST64(0xbe1a33527b9729ec), CONST64(0x0f7ca9b762dad5b8), CONST64(0x6f2276a8fc3b54c7), CONST64(0x6df619c32c82efae), - CONST64(0x02d46f6bd0b9bb69), CONST64(0xecbf62a77a31dd4b), CONST64(0x76d131dd3d96e0ab), CONST64(0x78c721d1379ee6a9), - CONST64(0x28b61f4fe681a967), CONST64(0x364e503c22281e0a), CONST64(0xc8cb028f4601c947), CONST64(0xe4c8c3161def0bf2), - CONST64(0x2c03c1995beec2b5), CONST64(0xee6b0dccaa886622), CONST64(0x81497b6456b332e5), CONST64(0xb00c235e719f2fee), - CONST64(0x1d4699a37cc2dfbe), CONST64(0xd13845fa87ac7d2b), CONST64(0xa0e27c21bf3e9e81), CONST64(0x7ea6906c5a483612), - CONST64(0xaef46c2db5369883), CONST64(0x41f5d85a776c2d1b), CONST64(0x2a6270243638120e), CONST64(0xe96005caaf8c6523), - CONST64(0xf1f9fb0406f302f5), CONST64(0xc6dd12834c09cf45), CONST64(0xe77615c6a5846321), CONST64(0x50713e9ed11f4fce), - CONST64(0xe2a972ab7039db49), CONST64(0xc4097de89cb0742c), CONST64(0xd58d9b2c3ac316f9), CONST64(0x8854636e59bf37e6), - CONST64(0x251ed99354e2c7b6), CONST64(0xd8255df088a07828), CONST64(0x6581b8724b5c3917), CONST64(0xa9ff642bb0329b82), - CONST64(0x46fed05c72682e1a), CONST64(0x96ac2c1d9d16808b), CONST64(0xc0bca33e21df1ffe), CONST64(0x91a7241b9812838a), - CONST64(0x3f5348362d241b09), CONST64(0x4540068cca0346c9), CONST64(0xb2d84c35a1269487), CONST64(0xf7984ab96b25d24e), - CONST64(0x9d655b7c42a33ee1), CONST64(0xca1f6de496b8722e), CONST64(0x8642736253b731e4), CONST64(0x9a6e537a47a73de0), - CONST64(0xab2b0b40608b20eb), CONST64(0xd759f447ea7aad90), CONST64(0x5bb849ff0eaaf1a4), CONST64(0x5ad2f0446678221e), - CONST64(0xbcce5c39ab2e9285), CONST64(0x3d87275dfd9da060), CONST64(0x0000000000000000), CONST64(0xfb5a35deb1946f25), - CONST64(0xf6f2f30203f701f4), CONST64(0xedd5db1c12e30ef1), CONST64(0xcb75d45ffe6aa194), CONST64(0x3145583a272c1d0b), - CONST64(0x8f5f6b685cbb34e7), CONST64(0x56108f23bcc99f75), CONST64(0xb7072b58749b2cef), CONST64(0x8ce1bdb8e4d05c34), - CONST64(0x97c695a6f5c45331), CONST64(0x168feec2a37761d4), CONST64(0x0aa3cedab7676dd0), CONST64(0xb5d34433a4229786), - CONST64(0x6755d7199be5827e), CONST64(0x64eb01c9238eeaad), CONST64(0xc9a1bb342ed31afd), CONST64(0xdf2e55f68da47b29), - CONST64(0x90cd9da0f0c05030), CONST64(0xa188c59ad7ec4d3b), CONST64(0xfa308c65d946bc9f), CONST64(0xd286932a3fc715f8), - CONST64(0x68297eaef93f57c6), CONST64(0x79ad986a5f4c3513), CONST64(0x123a30141e180a06), CONST64(0x1b27281e11140f05), - CONST64(0x613466a4f63352c5), CONST64(0x77bb886655443311), CONST64(0x58069f2fb6c19977), CONST64(0x6943c71591ed847c), - CONST64(0x7b79f7018ff58e7a), CONST64(0x756fe70d85fd8878), CONST64(0x82f7adb4eed85a36), CONST64(0x54c4e0486c70241c), - CONST64(0xaf9ed596dde44b39), CONST64(0x9219f2cb2079eb59), CONST64(0x48e8c05078602818), CONST64(0xbf708ae91345fa56), - CONST64(0x3e39f18d45f6c8b3), CONST64(0x3724e9874afacdb0), CONST64(0xfc513dd8b4906c24), CONST64(0xe07d1dc0a0806020), - CONST64(0x3932f98b40f2cbb2), CONST64(0xd94fe44be072ab92), CONST64(0x4e8971ed15b6f8a3), CONST64(0x7a134ebae7275dc0), - CONST64(0xc1d61a85490dcc44), CONST64(0x33913751f795a662), CONST64(0x70b0806050403010), CONST64(0x2b08c99f5eeac1b4), - CONST64(0xbbc5543fae2a9184), CONST64(0xd4e722975211c543), CONST64(0xde44ec4de576a893), CONST64(0x74055eb6ed2f5bc2), - CONST64(0xebb46aa17f35de4a), CONST64(0x145b81a973cedabd), CONST64(0x8a800c0589068c8f), CONST64(0xc30275ee99b4772d), - CONST64(0x135089af76cad9bc), CONST64(0xf32d946fd64ab99c), CONST64(0x0bc97761dfb5be6a), CONST64(0xddfa3a9d5d1dc040), - CONST64(0x577a3698d41b4ccf), CONST64(0x498279eb10b2fba2), CONST64(0xa7e97427ba3a9d80), CONST64(0xf09342bf6e21d14f), - CONST64(0x5dd9f842637c211f), CONST64(0x4c5d1e86c50f43ca), CONST64(0x71da39db3892e3aa), CONST64(0xd3ec2a915715c642), -}; - -static const ulong64 c[R + 1] = { - CONST64(0xba542f7453d3d24d), - CONST64(0x50ac8dbf70529a4c), - CONST64(0xead597d133515ba6), - CONST64(0xde48a899db32b7fc), - CONST64(0xe39e919be2bb416e), - CONST64(0xa5cb6b95a1f3b102), - CONST64(0xccc41d14c363da5d), - CONST64(0x5fdc7dcd7f5a6c5c), - CONST64(0xf726ffede89d6f8e), -}; - - /** - Initialize the Khazad block cipher - @param key The symmetric key you wish to pass - @param keylen The key length in bytes - @param num_rounds The number of rounds desired (0 for default) - @param skey The key in as scheduled by this function. - @return CRYPT_OK if successful - */ -int khazad_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) -{ - int r; - const ulong64 *S; - ulong64 K2, K1; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(skey != NULL); - if (keylen != 16) { - return CRYPT_INVALID_KEYSIZE; - } - if (num_rounds != 8 && num_rounds != 0) { - return CRYPT_INVALID_ROUNDS; - } - - /* use 7th table */ - S = T7; - - /* - * map unsigned char array cipher key to initial key state (mu): - */ - K2 = - ((ulong64)key[ 0] << 56) ^ - ((ulong64)key[ 1] << 48) ^ - ((ulong64)key[ 2] << 40) ^ - ((ulong64)key[ 3] << 32) ^ - ((ulong64)key[ 4] << 24) ^ - ((ulong64)key[ 5] << 16) ^ - ((ulong64)key[ 6] << 8) ^ - ((ulong64)key[ 7] ); - K1 = - ((ulong64)key[ 8] << 56) ^ - ((ulong64)key[ 9] << 48) ^ - ((ulong64)key[10] << 40) ^ - ((ulong64)key[11] << 32) ^ - ((ulong64)key[12] << 24) ^ - ((ulong64)key[13] << 16) ^ - ((ulong64)key[14] << 8) ^ - ((ulong64)key[15] ); - - /* - * compute the round keys: - */ - for (r = 0; r <= R; r++) { - /* - * K[r] = rho(c[r], K1) ^ K2; - */ - skey->khazad.roundKeyEnc[r] = - T0[(int)(K1 >> 56) ] ^ - T1[(int)(K1 >> 48) & 0xff] ^ - T2[(int)(K1 >> 40) & 0xff] ^ - T3[(int)(K1 >> 32) & 0xff] ^ - T4[(int)(K1 >> 24) & 0xff] ^ - T5[(int)(K1 >> 16) & 0xff] ^ - T6[(int)(K1 >> 8) & 0xff] ^ - T7[(int)(K1 ) & 0xff] ^ - c[r] ^ K2; - K2 = K1; K1 = skey->khazad.roundKeyEnc[r]; - } - /* - * compute the inverse key schedule: - * K'^0 = K^R, K'^R = K^0, K'^r = theta(K^{R-r}) - */ - skey->khazad.roundKeyDec[0] = skey->khazad.roundKeyEnc[R]; - for (r = 1; r < R; r++) { - K1 = skey->khazad.roundKeyEnc[R - r]; - skey->khazad.roundKeyDec[r] = - T0[(int)S[(int)(K1 >> 56) ] & 0xff] ^ - T1[(int)S[(int)(K1 >> 48) & 0xff] & 0xff] ^ - T2[(int)S[(int)(K1 >> 40) & 0xff] & 0xff] ^ - T3[(int)S[(int)(K1 >> 32) & 0xff] & 0xff] ^ - T4[(int)S[(int)(K1 >> 24) & 0xff] & 0xff] ^ - T5[(int)S[(int)(K1 >> 16) & 0xff] & 0xff] ^ - T6[(int)S[(int)(K1 >> 8) & 0xff] & 0xff] ^ - T7[(int)S[(int)(K1 ) & 0xff] & 0xff]; - } - skey->khazad.roundKeyDec[R] = skey->khazad.roundKeyEnc[0]; - - return CRYPT_OK; -} - -static void khazad_crypt(const unsigned char *plaintext, unsigned char *ciphertext, - const ulong64 *roundKey) { - int r; - ulong64 state; - /* - * map plaintext block to cipher state (mu) - * and add initial round key (sigma[K^0]): - */ - state = - ((ulong64)plaintext[0] << 56) ^ - ((ulong64)plaintext[1] << 48) ^ - ((ulong64)plaintext[2] << 40) ^ - ((ulong64)plaintext[3] << 32) ^ - ((ulong64)plaintext[4] << 24) ^ - ((ulong64)plaintext[5] << 16) ^ - ((ulong64)plaintext[6] << 8) ^ - ((ulong64)plaintext[7] ) ^ - roundKey[0]; - - /* - * R - 1 full rounds: - */ - for (r = 1; r < R; r++) { - state = - T0[(int)(state >> 56) ] ^ - T1[(int)(state >> 48) & 0xff] ^ - T2[(int)(state >> 40) & 0xff] ^ - T3[(int)(state >> 32) & 0xff] ^ - T4[(int)(state >> 24) & 0xff] ^ - T5[(int)(state >> 16) & 0xff] ^ - T6[(int)(state >> 8) & 0xff] ^ - T7[(int)(state ) & 0xff] ^ - roundKey[r]; - } - - /* - * last round: - */ - state = - (T0[(int)(state >> 56) ] & CONST64(0xff00000000000000)) ^ - (T1[(int)(state >> 48) & 0xff] & CONST64(0x00ff000000000000)) ^ - (T2[(int)(state >> 40) & 0xff] & CONST64(0x0000ff0000000000)) ^ - (T3[(int)(state >> 32) & 0xff] & CONST64(0x000000ff00000000)) ^ - (T4[(int)(state >> 24) & 0xff] & CONST64(0x00000000ff000000)) ^ - (T5[(int)(state >> 16) & 0xff] & CONST64(0x0000000000ff0000)) ^ - (T6[(int)(state >> 8) & 0xff] & CONST64(0x000000000000ff00)) ^ - (T7[(int)(state ) & 0xff] & CONST64(0x00000000000000ff)) ^ - roundKey[R]; - - /* - * map cipher state to ciphertext block (mu^{-1}): - */ - ciphertext[0] = (unsigned char)(state >> 56); - ciphertext[1] = (unsigned char)(state >> 48); - ciphertext[2] = (unsigned char)(state >> 40); - ciphertext[3] = (unsigned char)(state >> 32); - ciphertext[4] = (unsigned char)(state >> 24); - ciphertext[5] = (unsigned char)(state >> 16); - ciphertext[6] = (unsigned char)(state >> 8); - ciphertext[7] = (unsigned char)(state ); -} - -/** - Encrypts a block of text with Khazad - @param pt The input plaintext (8 bytes) - @param ct The output ciphertext (8 bytes) - @param skey The key as scheduled - @return CRYPT_OK if successful -*/ -int khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -{ - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - LTC_ARGCHK(skey != NULL); - khazad_crypt(pt, ct, skey->khazad.roundKeyEnc); - return CRYPT_OK; -} - -/** - Decrypts a block of text with Khazad - @param ct The input ciphertext (8 bytes) - @param pt The output plaintext (8 bytes) - @param skey The key as scheduled - @return CRYPT_OK if successful -*/ -int khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -{ - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - LTC_ARGCHK(skey != NULL); - khazad_crypt(ct, pt, skey->khazad.roundKeyDec); - return CRYPT_OK; -} - -/** - Performs a self-test of the Khazad block cipher - @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled -*/ -int khazad_test(void) -{ -#ifndef LTC_TEST - return CRYPT_NOP; -#else - static const struct test { - unsigned char pt[8], ct[8], key[16]; - } tests[] = { -{ - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x49, 0xA4, 0xCE, 0x32, 0xAC, 0x19, 0x0E, 0x3F }, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x64, 0x5D, 0x77, 0x3E, 0x40, 0xAB, 0xDD, 0x53 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } -}, { - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x9E, 0x39, 0x98, 0x64, 0xF7, 0x8E, 0xCA, 0x02 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -}, { - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, - { 0xA9, 0xDF, 0x3D, 0x2C, 0x64, 0xD3, 0xEA, 0x28 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -} -}; - int x, y; - unsigned char buf[2][8]; - symmetric_key skey; - - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { - khazad_setup(tests[x].key, 16, 0, &skey); - khazad_ecb_encrypt(tests[x].pt, buf[0], &skey); - khazad_ecb_decrypt(buf[0], buf[1], &skey); - if (compare_testvector(buf[0], 8, tests[x].ct, 8, "Khazad Encrypt", x) || - compare_testvector(buf[1], 8, tests[x].pt, 8, "Khazad Decrypt", x)) { - return CRYPT_FAIL_TESTVECTOR; - } - - for (y = 0; y < 1000; y++) khazad_ecb_encrypt(buf[0], buf[0], &skey); - for (y = 0; y < 1000; y++) khazad_ecb_decrypt(buf[0], buf[0], &skey); - if (compare_testvector(buf[0], 8, tests[x].ct, 8, "Khazad 1000", 1000)) { - return CRYPT_FAIL_TESTVECTOR; - } - - } - return CRYPT_OK; -#endif -} - -/** Terminate the context - @param skey The scheduled key -*/ -void khazad_done(symmetric_key *skey) -{ - LTC_UNUSED_PARAM(skey); -} - -/** - Gets suitable key size - @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable. - @return CRYPT_OK if the input key size is acceptable. -*/ -int khazad_keysize(int *keysize) -{ - LTC_ARGCHK(keysize != NULL); - if (*keysize >= 16) { - *keysize = 16; - return CRYPT_OK; - } else { - return CRYPT_INVALID_KEYSIZE; - } -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/ciphers/kseed.c b/libtomcrypt/src/ciphers/kseed.c deleted file mode 100644 index e12fdc7..0000000 --- a/libtomcrypt/src/ciphers/kseed.c +++ /dev/null @@ -1,376 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ - -/** - @file kseed.c - seed implementation of SEED derived from RFC4269 - Tom St Denis -*/ - -#include "tomcrypt.h" - -#ifdef LTC_KSEED - -const struct ltc_cipher_descriptor kseed_desc = { - "seed", - 20, - 16, 16, 16, 16, - &kseed_setup, - &kseed_ecb_encrypt, - &kseed_ecb_decrypt, - &kseed_test, - &kseed_done, - &kseed_keysize, - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL -}; - -static const ulong32 SS0[256] = { -0x2989A1A8UL,0x05858184UL,0x16C6D2D4UL,0x13C3D3D0UL,0x14445054UL,0x1D0D111CUL,0x2C8CA0ACUL,0x25052124UL, -0x1D4D515CUL,0x03434340UL,0x18081018UL,0x1E0E121CUL,0x11415150UL,0x3CCCF0FCUL,0x0ACAC2C8UL,0x23436360UL, -0x28082028UL,0x04444044UL,0x20002020UL,0x1D8D919CUL,0x20C0E0E0UL,0x22C2E2E0UL,0x08C8C0C8UL,0x17071314UL, -0x2585A1A4UL,0x0F8F838CUL,0x03030300UL,0x3B4B7378UL,0x3B8BB3B8UL,0x13031310UL,0x12C2D2D0UL,0x2ECEE2ECUL, -0x30407070UL,0x0C8C808CUL,0x3F0F333CUL,0x2888A0A8UL,0x32023230UL,0x1DCDD1DCUL,0x36C6F2F4UL,0x34447074UL, -0x2CCCE0ECUL,0x15859194UL,0x0B0B0308UL,0x17475354UL,0x1C4C505CUL,0x1B4B5358UL,0x3D8DB1BCUL,0x01010100UL, -0x24042024UL,0x1C0C101CUL,0x33437370UL,0x18889098UL,0x10001010UL,0x0CCCC0CCUL,0x32C2F2F0UL,0x19C9D1D8UL, -0x2C0C202CUL,0x27C7E3E4UL,0x32427270UL,0x03838380UL,0x1B8B9398UL,0x11C1D1D0UL,0x06868284UL,0x09C9C1C8UL, -0x20406060UL,0x10405050UL,0x2383A3A0UL,0x2BCBE3E8UL,0x0D0D010CUL,0x3686B2B4UL,0x1E8E929CUL,0x0F4F434CUL, -0x3787B3B4UL,0x1A4A5258UL,0x06C6C2C4UL,0x38487078UL,0x2686A2A4UL,0x12021210UL,0x2F8FA3ACUL,0x15C5D1D4UL, -0x21416160UL,0x03C3C3C0UL,0x3484B0B4UL,0x01414140UL,0x12425250UL,0x3D4D717CUL,0x0D8D818CUL,0x08080008UL, -0x1F0F131CUL,0x19899198UL,0x00000000UL,0x19091118UL,0x04040004UL,0x13435350UL,0x37C7F3F4UL,0x21C1E1E0UL, -0x3DCDF1FCUL,0x36467274UL,0x2F0F232CUL,0x27072324UL,0x3080B0B0UL,0x0B8B8388UL,0x0E0E020CUL,0x2B8BA3A8UL, -0x2282A2A0UL,0x2E4E626CUL,0x13839390UL,0x0D4D414CUL,0x29496168UL,0x3C4C707CUL,0x09090108UL,0x0A0A0208UL, -0x3F8FB3BCUL,0x2FCFE3ECUL,0x33C3F3F0UL,0x05C5C1C4UL,0x07878384UL,0x14041014UL,0x3ECEF2FCUL,0x24446064UL, -0x1ECED2DCUL,0x2E0E222CUL,0x0B4B4348UL,0x1A0A1218UL,0x06060204UL,0x21012120UL,0x2B4B6368UL,0x26466264UL, -0x02020200UL,0x35C5F1F4UL,0x12829290UL,0x0A8A8288UL,0x0C0C000CUL,0x3383B3B0UL,0x3E4E727CUL,0x10C0D0D0UL, -0x3A4A7278UL,0x07474344UL,0x16869294UL,0x25C5E1E4UL,0x26062224UL,0x00808080UL,0x2D8DA1ACUL,0x1FCFD3DCUL, -0x2181A1A0UL,0x30003030UL,0x37073334UL,0x2E8EA2ACUL,0x36063234UL,0x15051114UL,0x22022220UL,0x38083038UL, -0x34C4F0F4UL,0x2787A3A4UL,0x05454144UL,0x0C4C404CUL,0x01818180UL,0x29C9E1E8UL,0x04848084UL,0x17879394UL, -0x35053134UL,0x0BCBC3C8UL,0x0ECEC2CCUL,0x3C0C303CUL,0x31417170UL,0x11011110UL,0x07C7C3C4UL,0x09898188UL, -0x35457174UL,0x3BCBF3F8UL,0x1ACAD2D8UL,0x38C8F0F8UL,0x14849094UL,0x19495158UL,0x02828280UL,0x04C4C0C4UL, -0x3FCFF3FCUL,0x09494148UL,0x39093138UL,0x27476364UL,0x00C0C0C0UL,0x0FCFC3CCUL,0x17C7D3D4UL,0x3888B0B8UL, -0x0F0F030CUL,0x0E8E828CUL,0x02424240UL,0x23032320UL,0x11819190UL,0x2C4C606CUL,0x1BCBD3D8UL,0x2484A0A4UL, -0x34043034UL,0x31C1F1F0UL,0x08484048UL,0x02C2C2C0UL,0x2F4F636CUL,0x3D0D313CUL,0x2D0D212CUL,0x00404040UL, -0x3E8EB2BCUL,0x3E0E323CUL,0x3C8CB0BCUL,0x01C1C1C0UL,0x2A8AA2A8UL,0x3A8AB2B8UL,0x0E4E424CUL,0x15455154UL, -0x3B0B3338UL,0x1CCCD0DCUL,0x28486068UL,0x3F4F737CUL,0x1C8C909CUL,0x18C8D0D8UL,0x0A4A4248UL,0x16465254UL, -0x37477374UL,0x2080A0A0UL,0x2DCDE1ECUL,0x06464244UL,0x3585B1B4UL,0x2B0B2328UL,0x25456164UL,0x3ACAF2F8UL, -0x23C3E3E0UL,0x3989B1B8UL,0x3181B1B0UL,0x1F8F939CUL,0x1E4E525CUL,0x39C9F1F8UL,0x26C6E2E4UL,0x3282B2B0UL, -0x31013130UL,0x2ACAE2E8UL,0x2D4D616CUL,0x1F4F535CUL,0x24C4E0E4UL,0x30C0F0F0UL,0x0DCDC1CCUL,0x08888088UL, -0x16061214UL,0x3A0A3238UL,0x18485058UL,0x14C4D0D4UL,0x22426260UL,0x29092128UL,0x07070304UL,0x33033330UL, -0x28C8E0E8UL,0x1B0B1318UL,0x05050104UL,0x39497178UL,0x10809090UL,0x2A4A6268UL,0x2A0A2228UL,0x1A8A9298UL -}; - -static const ulong32 SS1[256] = { -0x38380830UL,0xE828C8E0UL,0x2C2D0D21UL,0xA42686A2UL,0xCC0FCFC3UL,0xDC1ECED2UL,0xB03383B3UL,0xB83888B0UL, -0xAC2F8FA3UL,0x60204060UL,0x54154551UL,0xC407C7C3UL,0x44044440UL,0x6C2F4F63UL,0x682B4B63UL,0x581B4B53UL, -0xC003C3C3UL,0x60224262UL,0x30330333UL,0xB43585B1UL,0x28290921UL,0xA02080A0UL,0xE022C2E2UL,0xA42787A3UL, -0xD013C3D3UL,0x90118191UL,0x10110111UL,0x04060602UL,0x1C1C0C10UL,0xBC3C8CB0UL,0x34360632UL,0x480B4B43UL, -0xEC2FCFE3UL,0x88088880UL,0x6C2C4C60UL,0xA82888A0UL,0x14170713UL,0xC404C4C0UL,0x14160612UL,0xF434C4F0UL, -0xC002C2C2UL,0x44054541UL,0xE021C1E1UL,0xD416C6D2UL,0x3C3F0F33UL,0x3C3D0D31UL,0x8C0E8E82UL,0x98188890UL, -0x28280820UL,0x4C0E4E42UL,0xF436C6F2UL,0x3C3E0E32UL,0xA42585A1UL,0xF839C9F1UL,0x0C0D0D01UL,0xDC1FCFD3UL, -0xD818C8D0UL,0x282B0B23UL,0x64264662UL,0x783A4A72UL,0x24270723UL,0x2C2F0F23UL,0xF031C1F1UL,0x70324272UL, -0x40024242UL,0xD414C4D0UL,0x40014141UL,0xC000C0C0UL,0x70334373UL,0x64274763UL,0xAC2C8CA0UL,0x880B8B83UL, -0xF437C7F3UL,0xAC2D8DA1UL,0x80008080UL,0x1C1F0F13UL,0xC80ACAC2UL,0x2C2C0C20UL,0xA82A8AA2UL,0x34340430UL, -0xD012C2D2UL,0x080B0B03UL,0xEC2ECEE2UL,0xE829C9E1UL,0x5C1D4D51UL,0x94148490UL,0x18180810UL,0xF838C8F0UL, -0x54174753UL,0xAC2E8EA2UL,0x08080800UL,0xC405C5C1UL,0x10130313UL,0xCC0DCDC1UL,0x84068682UL,0xB83989B1UL, -0xFC3FCFF3UL,0x7C3D4D71UL,0xC001C1C1UL,0x30310131UL,0xF435C5F1UL,0x880A8A82UL,0x682A4A62UL,0xB03181B1UL, -0xD011C1D1UL,0x20200020UL,0xD417C7D3UL,0x00020202UL,0x20220222UL,0x04040400UL,0x68284860UL,0x70314171UL, -0x04070703UL,0xD81BCBD3UL,0x9C1D8D91UL,0x98198991UL,0x60214161UL,0xBC3E8EB2UL,0xE426C6E2UL,0x58194951UL, -0xDC1DCDD1UL,0x50114151UL,0x90108090UL,0xDC1CCCD0UL,0x981A8A92UL,0xA02383A3UL,0xA82B8BA3UL,0xD010C0D0UL, -0x80018181UL,0x0C0F0F03UL,0x44074743UL,0x181A0A12UL,0xE023C3E3UL,0xEC2CCCE0UL,0x8C0D8D81UL,0xBC3F8FB3UL, -0x94168692UL,0x783B4B73UL,0x5C1C4C50UL,0xA02282A2UL,0xA02181A1UL,0x60234363UL,0x20230323UL,0x4C0D4D41UL, -0xC808C8C0UL,0x9C1E8E92UL,0x9C1C8C90UL,0x383A0A32UL,0x0C0C0C00UL,0x2C2E0E22UL,0xB83A8AB2UL,0x6C2E4E62UL, -0x9C1F8F93UL,0x581A4A52UL,0xF032C2F2UL,0x90128292UL,0xF033C3F3UL,0x48094941UL,0x78384870UL,0xCC0CCCC0UL, -0x14150511UL,0xF83BCBF3UL,0x70304070UL,0x74354571UL,0x7C3F4F73UL,0x34350531UL,0x10100010UL,0x00030303UL, -0x64244460UL,0x6C2D4D61UL,0xC406C6C2UL,0x74344470UL,0xD415C5D1UL,0xB43484B0UL,0xE82ACAE2UL,0x08090901UL, -0x74364672UL,0x18190911UL,0xFC3ECEF2UL,0x40004040UL,0x10120212UL,0xE020C0E0UL,0xBC3D8DB1UL,0x04050501UL, -0xF83ACAF2UL,0x00010101UL,0xF030C0F0UL,0x282A0A22UL,0x5C1E4E52UL,0xA82989A1UL,0x54164652UL,0x40034343UL, -0x84058581UL,0x14140410UL,0x88098981UL,0x981B8B93UL,0xB03080B0UL,0xE425C5E1UL,0x48084840UL,0x78394971UL, -0x94178793UL,0xFC3CCCF0UL,0x1C1E0E12UL,0x80028282UL,0x20210121UL,0x8C0C8C80UL,0x181B0B13UL,0x5C1F4F53UL, -0x74374773UL,0x54144450UL,0xB03282B2UL,0x1C1D0D11UL,0x24250521UL,0x4C0F4F43UL,0x00000000UL,0x44064642UL, -0xEC2DCDE1UL,0x58184850UL,0x50124252UL,0xE82BCBE3UL,0x7C3E4E72UL,0xD81ACAD2UL,0xC809C9C1UL,0xFC3DCDF1UL, -0x30300030UL,0x94158591UL,0x64254561UL,0x3C3C0C30UL,0xB43686B2UL,0xE424C4E0UL,0xB83B8BB3UL,0x7C3C4C70UL, -0x0C0E0E02UL,0x50104050UL,0x38390931UL,0x24260622UL,0x30320232UL,0x84048480UL,0x68294961UL,0x90138393UL, -0x34370733UL,0xE427C7E3UL,0x24240420UL,0xA42484A0UL,0xC80BCBC3UL,0x50134353UL,0x080A0A02UL,0x84078783UL, -0xD819C9D1UL,0x4C0C4C40UL,0x80038383UL,0x8C0F8F83UL,0xCC0ECEC2UL,0x383B0B33UL,0x480A4A42UL,0xB43787B3UL -}; - -static const ulong32 SS2[256] = { -0xA1A82989UL,0x81840585UL,0xD2D416C6UL,0xD3D013C3UL,0x50541444UL,0x111C1D0DUL,0xA0AC2C8CUL,0x21242505UL, -0x515C1D4DUL,0x43400343UL,0x10181808UL,0x121C1E0EUL,0x51501141UL,0xF0FC3CCCUL,0xC2C80ACAUL,0x63602343UL, -0x20282808UL,0x40440444UL,0x20202000UL,0x919C1D8DUL,0xE0E020C0UL,0xE2E022C2UL,0xC0C808C8UL,0x13141707UL, -0xA1A42585UL,0x838C0F8FUL,0x03000303UL,0x73783B4BUL,0xB3B83B8BUL,0x13101303UL,0xD2D012C2UL,0xE2EC2ECEUL, -0x70703040UL,0x808C0C8CUL,0x333C3F0FUL,0xA0A82888UL,0x32303202UL,0xD1DC1DCDUL,0xF2F436C6UL,0x70743444UL, -0xE0EC2CCCUL,0x91941585UL,0x03080B0BUL,0x53541747UL,0x505C1C4CUL,0x53581B4BUL,0xB1BC3D8DUL,0x01000101UL, -0x20242404UL,0x101C1C0CUL,0x73703343UL,0x90981888UL,0x10101000UL,0xC0CC0CCCUL,0xF2F032C2UL,0xD1D819C9UL, -0x202C2C0CUL,0xE3E427C7UL,0x72703242UL,0x83800383UL,0x93981B8BUL,0xD1D011C1UL,0x82840686UL,0xC1C809C9UL, -0x60602040UL,0x50501040UL,0xA3A02383UL,0xE3E82BCBUL,0x010C0D0DUL,0xB2B43686UL,0x929C1E8EUL,0x434C0F4FUL, -0xB3B43787UL,0x52581A4AUL,0xC2C406C6UL,0x70783848UL,0xA2A42686UL,0x12101202UL,0xA3AC2F8FUL,0xD1D415C5UL, -0x61602141UL,0xC3C003C3UL,0xB0B43484UL,0x41400141UL,0x52501242UL,0x717C3D4DUL,0x818C0D8DUL,0x00080808UL, -0x131C1F0FUL,0x91981989UL,0x00000000UL,0x11181909UL,0x00040404UL,0x53501343UL,0xF3F437C7UL,0xE1E021C1UL, -0xF1FC3DCDUL,0x72743646UL,0x232C2F0FUL,0x23242707UL,0xB0B03080UL,0x83880B8BUL,0x020C0E0EUL,0xA3A82B8BUL, -0xA2A02282UL,0x626C2E4EUL,0x93901383UL,0x414C0D4DUL,0x61682949UL,0x707C3C4CUL,0x01080909UL,0x02080A0AUL, -0xB3BC3F8FUL,0xE3EC2FCFUL,0xF3F033C3UL,0xC1C405C5UL,0x83840787UL,0x10141404UL,0xF2FC3ECEUL,0x60642444UL, -0xD2DC1ECEUL,0x222C2E0EUL,0x43480B4BUL,0x12181A0AUL,0x02040606UL,0x21202101UL,0x63682B4BUL,0x62642646UL, -0x02000202UL,0xF1F435C5UL,0x92901282UL,0x82880A8AUL,0x000C0C0CUL,0xB3B03383UL,0x727C3E4EUL,0xD0D010C0UL, -0x72783A4AUL,0x43440747UL,0x92941686UL,0xE1E425C5UL,0x22242606UL,0x80800080UL,0xA1AC2D8DUL,0xD3DC1FCFUL, -0xA1A02181UL,0x30303000UL,0x33343707UL,0xA2AC2E8EUL,0x32343606UL,0x11141505UL,0x22202202UL,0x30383808UL, -0xF0F434C4UL,0xA3A42787UL,0x41440545UL,0x404C0C4CUL,0x81800181UL,0xE1E829C9UL,0x80840484UL,0x93941787UL, -0x31343505UL,0xC3C80BCBUL,0xC2CC0ECEUL,0x303C3C0CUL,0x71703141UL,0x11101101UL,0xC3C407C7UL,0x81880989UL, -0x71743545UL,0xF3F83BCBUL,0xD2D81ACAUL,0xF0F838C8UL,0x90941484UL,0x51581949UL,0x82800282UL,0xC0C404C4UL, -0xF3FC3FCFUL,0x41480949UL,0x31383909UL,0x63642747UL,0xC0C000C0UL,0xC3CC0FCFUL,0xD3D417C7UL,0xB0B83888UL, -0x030C0F0FUL,0x828C0E8EUL,0x42400242UL,0x23202303UL,0x91901181UL,0x606C2C4CUL,0xD3D81BCBUL,0xA0A42484UL, -0x30343404UL,0xF1F031C1UL,0x40480848UL,0xC2C002C2UL,0x636C2F4FUL,0x313C3D0DUL,0x212C2D0DUL,0x40400040UL, -0xB2BC3E8EUL,0x323C3E0EUL,0xB0BC3C8CUL,0xC1C001C1UL,0xA2A82A8AUL,0xB2B83A8AUL,0x424C0E4EUL,0x51541545UL, -0x33383B0BUL,0xD0DC1CCCUL,0x60682848UL,0x737C3F4FUL,0x909C1C8CUL,0xD0D818C8UL,0x42480A4AUL,0x52541646UL, -0x73743747UL,0xA0A02080UL,0xE1EC2DCDUL,0x42440646UL,0xB1B43585UL,0x23282B0BUL,0x61642545UL,0xF2F83ACAUL, -0xE3E023C3UL,0xB1B83989UL,0xB1B03181UL,0x939C1F8FUL,0x525C1E4EUL,0xF1F839C9UL,0xE2E426C6UL,0xB2B03282UL, -0x31303101UL,0xE2E82ACAUL,0x616C2D4DUL,0x535C1F4FUL,0xE0E424C4UL,0xF0F030C0UL,0xC1CC0DCDUL,0x80880888UL, -0x12141606UL,0x32383A0AUL,0x50581848UL,0xD0D414C4UL,0x62602242UL,0x21282909UL,0x03040707UL,0x33303303UL, -0xE0E828C8UL,0x13181B0BUL,0x01040505UL,0x71783949UL,0x90901080UL,0x62682A4AUL,0x22282A0AUL,0x92981A8AUL -}; - -static const ulong32 SS3[256] = { -0x08303838UL,0xC8E0E828UL,0x0D212C2DUL,0x86A2A426UL,0xCFC3CC0FUL,0xCED2DC1EUL,0x83B3B033UL,0x88B0B838UL, -0x8FA3AC2FUL,0x40606020UL,0x45515415UL,0xC7C3C407UL,0x44404404UL,0x4F636C2FUL,0x4B63682BUL,0x4B53581BUL, -0xC3C3C003UL,0x42626022UL,0x03333033UL,0x85B1B435UL,0x09212829UL,0x80A0A020UL,0xC2E2E022UL,0x87A3A427UL, -0xC3D3D013UL,0x81919011UL,0x01111011UL,0x06020406UL,0x0C101C1CUL,0x8CB0BC3CUL,0x06323436UL,0x4B43480BUL, -0xCFE3EC2FUL,0x88808808UL,0x4C606C2CUL,0x88A0A828UL,0x07131417UL,0xC4C0C404UL,0x06121416UL,0xC4F0F434UL, -0xC2C2C002UL,0x45414405UL,0xC1E1E021UL,0xC6D2D416UL,0x0F333C3FUL,0x0D313C3DUL,0x8E828C0EUL,0x88909818UL, -0x08202828UL,0x4E424C0EUL,0xC6F2F436UL,0x0E323C3EUL,0x85A1A425UL,0xC9F1F839UL,0x0D010C0DUL,0xCFD3DC1FUL, -0xC8D0D818UL,0x0B23282BUL,0x46626426UL,0x4A72783AUL,0x07232427UL,0x0F232C2FUL,0xC1F1F031UL,0x42727032UL, -0x42424002UL,0xC4D0D414UL,0x41414001UL,0xC0C0C000UL,0x43737033UL,0x47636427UL,0x8CA0AC2CUL,0x8B83880BUL, -0xC7F3F437UL,0x8DA1AC2DUL,0x80808000UL,0x0F131C1FUL,0xCAC2C80AUL,0x0C202C2CUL,0x8AA2A82AUL,0x04303434UL, -0xC2D2D012UL,0x0B03080BUL,0xCEE2EC2EUL,0xC9E1E829UL,0x4D515C1DUL,0x84909414UL,0x08101818UL,0xC8F0F838UL, -0x47535417UL,0x8EA2AC2EUL,0x08000808UL,0xC5C1C405UL,0x03131013UL,0xCDC1CC0DUL,0x86828406UL,0x89B1B839UL, -0xCFF3FC3FUL,0x4D717C3DUL,0xC1C1C001UL,0x01313031UL,0xC5F1F435UL,0x8A82880AUL,0x4A62682AUL,0x81B1B031UL, -0xC1D1D011UL,0x00202020UL,0xC7D3D417UL,0x02020002UL,0x02222022UL,0x04000404UL,0x48606828UL,0x41717031UL, -0x07030407UL,0xCBD3D81BUL,0x8D919C1DUL,0x89919819UL,0x41616021UL,0x8EB2BC3EUL,0xC6E2E426UL,0x49515819UL, -0xCDD1DC1DUL,0x41515011UL,0x80909010UL,0xCCD0DC1CUL,0x8A92981AUL,0x83A3A023UL,0x8BA3A82BUL,0xC0D0D010UL, -0x81818001UL,0x0F030C0FUL,0x47434407UL,0x0A12181AUL,0xC3E3E023UL,0xCCE0EC2CUL,0x8D818C0DUL,0x8FB3BC3FUL, -0x86929416UL,0x4B73783BUL,0x4C505C1CUL,0x82A2A022UL,0x81A1A021UL,0x43636023UL,0x03232023UL,0x4D414C0DUL, -0xC8C0C808UL,0x8E929C1EUL,0x8C909C1CUL,0x0A32383AUL,0x0C000C0CUL,0x0E222C2EUL,0x8AB2B83AUL,0x4E626C2EUL, -0x8F939C1FUL,0x4A52581AUL,0xC2F2F032UL,0x82929012UL,0xC3F3F033UL,0x49414809UL,0x48707838UL,0xCCC0CC0CUL, -0x05111415UL,0xCBF3F83BUL,0x40707030UL,0x45717435UL,0x4F737C3FUL,0x05313435UL,0x00101010UL,0x03030003UL, -0x44606424UL,0x4D616C2DUL,0xC6C2C406UL,0x44707434UL,0xC5D1D415UL,0x84B0B434UL,0xCAE2E82AUL,0x09010809UL, -0x46727436UL,0x09111819UL,0xCEF2FC3EUL,0x40404000UL,0x02121012UL,0xC0E0E020UL,0x8DB1BC3DUL,0x05010405UL, -0xCAF2F83AUL,0x01010001UL,0xC0F0F030UL,0x0A22282AUL,0x4E525C1EUL,0x89A1A829UL,0x46525416UL,0x43434003UL, -0x85818405UL,0x04101414UL,0x89818809UL,0x8B93981BUL,0x80B0B030UL,0xC5E1E425UL,0x48404808UL,0x49717839UL, -0x87939417UL,0xCCF0FC3CUL,0x0E121C1EUL,0x82828002UL,0x01212021UL,0x8C808C0CUL,0x0B13181BUL,0x4F535C1FUL, -0x47737437UL,0x44505414UL,0x82B2B032UL,0x0D111C1DUL,0x05212425UL,0x4F434C0FUL,0x00000000UL,0x46424406UL, -0xCDE1EC2DUL,0x48505818UL,0x42525012UL,0xCBE3E82BUL,0x4E727C3EUL,0xCAD2D81AUL,0xC9C1C809UL,0xCDF1FC3DUL, -0x00303030UL,0x85919415UL,0x45616425UL,0x0C303C3CUL,0x86B2B436UL,0xC4E0E424UL,0x8BB3B83BUL,0x4C707C3CUL, -0x0E020C0EUL,0x40505010UL,0x09313839UL,0x06222426UL,0x02323032UL,0x84808404UL,0x49616829UL,0x83939013UL, -0x07333437UL,0xC7E3E427UL,0x04202424UL,0x84A0A424UL,0xCBC3C80BUL,0x43535013UL,0x0A02080AUL,0x87838407UL, -0xC9D1D819UL,0x4C404C0CUL,0x83838003UL,0x8F838C0FUL,0xCEC2CC0EUL,0x0B33383BUL,0x4A42480AUL,0x87B3B437UL -}; - -static const ulong32 KCi[16] = { -0x9E3779B9,0x3C6EF373, -0x78DDE6E6,0xF1BBCDCC, -0xE3779B99,0xC6EF3733, -0x8DDE6E67,0x1BBCDCCF, -0x3779B99E,0x6EF3733C, -0xDDE6E678,0xBBCDCCF1, -0x779B99E3,0xEF3733C6, -0xDE6E678D,0xBCDCCF1B -}; - -#define G(x) (SS3[((x)>>24)&255] ^ SS2[((x)>>16)&255] ^ SS1[((x)>>8)&255] ^ SS0[(x)&255]) - -#define F(L1, L2, R1, R2, K1, K2) \ - T2 = G((R1 ^ K1) ^ (R2 ^ K2)); \ - T = G( G(T2 + (R1 ^ K1)) + T2); \ - L2 ^= T; \ - L1 ^= (T + G(T2 + (R1 ^ K1))); \ - - /** - Initialize the SEED block cipher - @param key The symmetric key you wish to pass - @param keylen The key length in bytes - @param num_rounds The number of rounds desired (0 for default) - @param skey The key in as scheduled by this function. - @return CRYPT_OK if successful - */ -int kseed_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) -{ - int i; - ulong32 tmp, k1, k2, k3, k4; - - if (keylen != 16) { - return CRYPT_INVALID_KEYSIZE; - } - - if (num_rounds != 16 && num_rounds != 0) { - return CRYPT_INVALID_ROUNDS; - } - - /* load key */ - LOAD32H(k1, key); - LOAD32H(k2, key+4); - LOAD32H(k3, key+8); - LOAD32H(k4, key+12); - - for (i = 0; i < 16; i++) { - skey->kseed.K[2*i+0] = G(k1 + k3 - KCi[i]); - skey->kseed.K[2*i+1] = G(k2 - k4 + KCi[i]); - if (i&1) { - tmp = k3; - k3 = ((k3 << 8) | (k4 >> 24)) & 0xFFFFFFFF; - k4 = ((k4 << 8) | (tmp >> 24)) & 0xFFFFFFFF; - } else { - tmp = k1; - k1 = ((k1 >> 8) | (k2 << 24)) & 0xFFFFFFFF; - k2 = ((k2 >> 8) | (tmp << 24)) & 0xFFFFFFFF; - } - /* reverse keys for decrypt */ - skey->kseed.dK[2*(15-i)+0] = skey->kseed.K[2*i+0]; - skey->kseed.dK[2*(15-i)+1] = skey->kseed.K[2*i+1]; - } - - return CRYPT_OK; -} - -static void rounds(ulong32 *P, ulong32 *K) -{ - ulong32 T, T2; - int i; - for (i = 0; i < 16; i += 2) { - F(P[0], P[1], P[2], P[3], K[0], K[1]); - F(P[2], P[3], P[0], P[1], K[2], K[3]); - K += 4; - } -} - -/** - Encrypts a block of text with SEED - @param pt The input plaintext (16 bytes) - @param ct The output ciphertext (16 bytes) - @param skey The key as scheduled - @return CRYPT_OK if successful -*/ -int kseed_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -{ - ulong32 P[4]; - LOAD32H(P[0], pt); - LOAD32H(P[1], pt+4); - LOAD32H(P[2], pt+8); - LOAD32H(P[3], pt+12); - rounds(P, skey->kseed.K); - STORE32H(P[2], ct); - STORE32H(P[3], ct+4); - STORE32H(P[0], ct+8); - STORE32H(P[1], ct+12); - return CRYPT_OK; -} - -/** - Decrypts a block of text with SEED - @param ct The input ciphertext (16 bytes) - @param pt The output plaintext (16 bytes) - @param skey The key as scheduled - @return CRYPT_OK if successful -*/ -int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -{ - ulong32 P[4]; - LOAD32H(P[0], ct); - LOAD32H(P[1], ct+4); - LOAD32H(P[2], ct+8); - LOAD32H(P[3], ct+12); - rounds(P, skey->kseed.dK); - STORE32H(P[2], pt); - STORE32H(P[3], pt+4); - STORE32H(P[0], pt+8); - STORE32H(P[1], pt+12); - return CRYPT_OK; -} - -/** Terminate the context - @param skey The scheduled key -*/ -void kseed_done(symmetric_key *skey) -{ - LTC_UNUSED_PARAM(skey); -} - -/** - Performs a self-test of the SEED block cipher - @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled -*/ -int kseed_test(void) -{ -#if !defined(LTC_TEST) - return CRYPT_NOP; -#else - static const struct test { - unsigned char pt[16], ct[16], key[16]; - } tests[] = { - -{ - { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F }, - { 0x5E,0xBA,0xC6,0xE0,0x05,0x4E,0x16,0x68,0x19,0xAF,0xF1,0xCC,0x6D,0x34,0x6C,0xDB }, - { 0 }, -}, - -{ - { 0 }, - { 0xC1,0x1F,0x22,0xF2,0x01,0x40,0x50,0x50,0x84,0x48,0x35,0x97,0xE4,0x37,0x0F,0x43 }, - { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F }, -}, - -{ - { 0x83,0xA2,0xF8,0xA2,0x88,0x64,0x1F,0xB9,0xA4,0xE9,0xA5,0xCC,0x2F,0x13,0x1C,0x7D }, - { 0xEE,0x54,0xD1,0x3E,0xBC,0xAE,0x70,0x6D,0x22,0x6B,0xC3,0x14,0x2C,0xD4,0x0D,0x4A }, - { 0x47,0x06,0x48,0x08,0x51,0xE6,0x1B,0xE8,0x5D,0x74,0xBF,0xB3,0xFD,0x95,0x61,0x85 }, -}, - -{ - { 0xB4,0x1E,0x6B,0xE2,0xEB,0xA8,0x4A,0x14,0x8E,0x2E,0xED,0x84,0x59,0x3C,0x5E,0xC7 }, - { 0x9B,0x9B,0x7B,0xFC,0xD1,0x81,0x3C,0xB9,0x5D,0x0B,0x36,0x18,0xF4,0x0F,0x51,0x22 }, - { 0x28,0xDB,0xC3,0xBC,0x49,0xFF,0xD8,0x7D,0xCF,0xA5,0x09,0xB1,0x1D,0x42,0x2B,0xE7 }, -} -}; - int x; - unsigned char buf[2][16]; - symmetric_key skey; - - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { - kseed_setup(tests[x].key, 16, 0, &skey); - kseed_ecb_encrypt(tests[x].pt, buf[0], &skey); - kseed_ecb_decrypt(buf[0], buf[1], &skey); - if (compare_testvector(buf[0], 16, tests[x].ct, 16, "KSEED Encrypt", x) || - compare_testvector(buf[1], 16, tests[x].pt, 16, "KSEED Decrypt", x)) { - return CRYPT_FAIL_TESTVECTOR; - } - } - return CRYPT_OK; -#endif -} - -/** - Gets suitable key size - @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable. - @return CRYPT_OK if the input key size is acceptable. -*/ -int kseed_keysize(int *keysize) -{ - LTC_ARGCHK(keysize != NULL); - if (*keysize >= 16) { - *keysize = 16; - } else { - return CRYPT_INVALID_KEYSIZE; - } - return CRYPT_OK; -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/ciphers/multi2.c b/libtomcrypt/src/ciphers/multi2.c deleted file mode 100644 index 86c1812..0000000 --- a/libtomcrypt/src/ciphers/multi2.c +++ /dev/null @@ -1,319 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ - -/** - @file multi2.c - Multi-2 implementation (not public domain, hence the default disable) -*/ -#include "tomcrypt.h" - -#ifdef LTC_MULTI2 - -static void pi1(ulong32 *p) -{ - p[1] ^= p[0]; -} - -static void pi2(ulong32 *p, ulong32 *k) -{ - ulong32 t; - t = (p[1] + k[0]) & 0xFFFFFFFFUL; - t = (ROL(t, 1) + t - 1) & 0xFFFFFFFFUL; - t = (ROL(t, 4) ^ t) & 0xFFFFFFFFUL; - p[0] ^= t; -} - -static void pi3(ulong32 *p, ulong32 *k) -{ - ulong32 t; - t = p[0] + k[1]; - t = (ROL(t, 2) + t + 1) & 0xFFFFFFFFUL; - t = (ROL(t, 8) ^ t) & 0xFFFFFFFFUL; - t = (t + k[2]) & 0xFFFFFFFFUL; - t = (ROL(t, 1) - t) & 0xFFFFFFFFUL; - t = ROL(t, 16) ^ (p[0] | t); - p[1] ^= t; -} - -static void pi4(ulong32 *p, ulong32 *k) -{ - ulong32 t; - t = (p[1] + k[3]) & 0xFFFFFFFFUL; - t = (ROL(t, 2) + t + 1) & 0xFFFFFFFFUL; - p[0] ^= t; -} - -static void setup(ulong32 *dk, ulong32 *k, ulong32 *uk) -{ - int n, t; - ulong32 p[2]; - - p[0] = dk[0]; p[1] = dk[1]; - - t = 4; - n = 0; - pi1(p); - pi2(p, k); - uk[n++] = p[0]; - pi3(p, k); - uk[n++] = p[1]; - pi4(p, k); - uk[n++] = p[0]; - pi1(p); - uk[n++] = p[1]; - pi2(p, k+t); - uk[n++] = p[0]; - pi3(p, k+t); - uk[n++] = p[1]; - pi4(p, k+t); - uk[n++] = p[0]; - pi1(p); - uk[n++] = p[1]; -} - -static void encrypt(ulong32 *p, int N, ulong32 *uk) -{ - int n, t; - for (t = n = 0; ; ) { - pi1(p); if (++n == N) break; - pi2(p, uk+t); if (++n == N) break; - pi3(p, uk+t); if (++n == N) break; - pi4(p, uk+t); if (++n == N) break; - t ^= 4; - } -} - -static void decrypt(ulong32 *p, int N, ulong32 *uk) -{ - int n, t; - for (t = 4*(((N-1)>>2)&1), n = N; ; ) { - switch (n<=4 ? n : ((n-1)%4)+1) { - case 4: pi4(p, uk+t); --n; /* FALLTHROUGH */ - case 3: pi3(p, uk+t); --n; /* FALLTHROUGH */ - case 2: pi2(p, uk+t); --n; /* FALLTHROUGH */ - case 1: pi1(p); --n; break; - case 0: return; - } - t ^= 4; - } -} - -const struct ltc_cipher_descriptor multi2_desc = { - "multi2", - 22, - 40, 40, 8, 128, - &multi2_setup, - &multi2_ecb_encrypt, - &multi2_ecb_decrypt, - &multi2_test, - &multi2_done, - &multi2_keysize, - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL -}; - -int multi2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) -{ - ulong32 sk[8], dk[2]; - int x; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(skey != NULL); - - if (keylen != 40) return CRYPT_INVALID_KEYSIZE; - if (num_rounds == 0) num_rounds = 128; - - skey->multi2.N = num_rounds; - for (x = 0; x < 8; x++) { - LOAD32H(sk[x], key + x*4); - } - LOAD32H(dk[0], key + 32); - LOAD32H(dk[1], key + 36); - setup(dk, sk, skey->multi2.uk); - - zeromem(sk, sizeof(sk)); - zeromem(dk, sizeof(dk)); - return CRYPT_OK; -} - -/** - Encrypts a block of text with multi2 - @param pt The input plaintext (8 bytes) - @param ct The output ciphertext (8 bytes) - @param skey The key as scheduled - @return CRYPT_OK if successful -*/ -int multi2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -{ - ulong32 p[2]; - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - LTC_ARGCHK(skey != NULL); - LOAD32H(p[0], pt); - LOAD32H(p[1], pt+4); - encrypt(p, skey->multi2.N, skey->multi2.uk); - STORE32H(p[0], ct); - STORE32H(p[1], ct+4); - return CRYPT_OK; -} - -/** - Decrypts a block of text with multi2 - @param ct The input ciphertext (8 bytes) - @param pt The output plaintext (8 bytes) - @param skey The key as scheduled - @return CRYPT_OK if successful -*/ -int multi2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -{ - ulong32 p[2]; - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - LTC_ARGCHK(skey != NULL); - LOAD32H(p[0], ct); - LOAD32H(p[1], ct+4); - decrypt(p, skey->multi2.N, skey->multi2.uk); - STORE32H(p[0], pt); - STORE32H(p[1], pt+4); - return CRYPT_OK; -} - -/** - Performs a self-test of the multi2 block cipher - @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled -*/ -int multi2_test(void) -{ - static const struct { - unsigned char key[40]; - unsigned char pt[8], ct[8]; - int rounds; - } tests[] = { -{ - { - 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - - 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - - 0x01, 0x23, 0x45, 0x67, - 0x89, 0xAB, 0xCD, 0xEF - }, - { - 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01, - }, - { - 0xf8, 0x94, 0x40, 0x84, - 0x5e, 0x11, 0xcf, 0x89 - }, - 128, -}, -{ - { - 0x35, 0x91, 0x9d, 0x96, - 0x07, 0x02, 0xe2, 0xce, - 0x8d, 0x0b, 0x58, 0x3c, - 0xc9, 0xc8, 0x9d, 0x59, - 0xa2, 0xae, 0x96, 0x4e, - 0x87, 0x82, 0x45, 0xed, - 0x3f, 0x2e, 0x62, 0xd6, - 0x36, 0x35, 0xd0, 0x67, - - 0xb1, 0x27, 0xb9, 0x06, - 0xe7, 0x56, 0x22, 0x38, - }, - { - 0x1f, 0xb4, 0x60, 0x60, - 0xd0, 0xb3, 0x4f, 0xa5 - }, - { - 0xca, 0x84, 0xa9, 0x34, - 0x75, 0xc8, 0x60, 0xe5 - }, - 216, -} -}; - unsigned char buf[8]; - symmetric_key skey; - int err, x; - - for (x = 1; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { - if ((err = multi2_setup(tests[x].key, 40, tests[x].rounds, &skey)) != CRYPT_OK) { - return err; - } - if ((err = multi2_ecb_encrypt(tests[x].pt, buf, &skey)) != CRYPT_OK) { - return err; - } - - if (compare_testvector(buf, 8, tests[x].ct, 8, "Multi2 Encrypt", x)) { - return CRYPT_FAIL_TESTVECTOR; - } - - if ((err = multi2_ecb_decrypt(buf, buf, &skey)) != CRYPT_OK) { - return err; - } - if (compare_testvector(buf, 8, tests[x].pt, 8, "Multi2 Decrypt", x)) { - return CRYPT_FAIL_TESTVECTOR; - } - } - - for (x = 128; x < 256; ++x) { - unsigned char ct[8]; - - if ((err = multi2_setup(tests[0].key, 40, x, &skey)) != CRYPT_OK) { - return err; - } - if ((err = multi2_ecb_encrypt(tests[0].pt, ct, &skey)) != CRYPT_OK) { - return err; - } - if ((err = multi2_ecb_decrypt(ct, buf, &skey)) != CRYPT_OK) { - return err; - } - if (compare_testvector(buf, 8, tests[0].pt, 8, "Multi2 Rounds", x)) { - return CRYPT_FAIL_TESTVECTOR; - } - } - - return CRYPT_OK; -} - -/** Terminate the context - @param skey The scheduled key -*/ -void multi2_done(symmetric_key *skey) -{ - LTC_UNUSED_PARAM(skey); -} - -/** - Gets suitable key size - @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable. - @return CRYPT_OK if the input key size is acceptable. -*/ -int multi2_keysize(int *keysize) -{ - LTC_ARGCHK(keysize != NULL); - if (*keysize >= 40) { - *keysize = 40; - } else { - return CRYPT_INVALID_KEYSIZE; - } - return CRYPT_OK; -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/ciphers/noekeon.c b/libtomcrypt/src/ciphers/noekeon.c deleted file mode 100644 index 13720d1..0000000 --- a/libtomcrypt/src/ciphers/noekeon.c +++ /dev/null @@ -1,328 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -/** - @file noekeon.c - Implementation of the Noekeon block cipher by Tom St Denis -*/ -#include "tomcrypt.h" - -#ifdef LTC_NOEKEON - -const struct ltc_cipher_descriptor noekeon_desc = -{ - "noekeon", - 16, - 16, 16, 16, 16, - &noekeon_setup, - &noekeon_ecb_encrypt, - &noekeon_ecb_decrypt, - &noekeon_test, - &noekeon_done, - &noekeon_keysize, - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL -}; - -static const ulong32 RC[] = { - 0x00000080UL, 0x0000001bUL, 0x00000036UL, 0x0000006cUL, - 0x000000d8UL, 0x000000abUL, 0x0000004dUL, 0x0000009aUL, - 0x0000002fUL, 0x0000005eUL, 0x000000bcUL, 0x00000063UL, - 0x000000c6UL, 0x00000097UL, 0x00000035UL, 0x0000006aUL, - 0x000000d4UL -}; - -#define kTHETA(a, b, c, d) \ - temp = a^c; temp = temp ^ ROLc(temp, 8) ^ RORc(temp, 8); \ - b ^= temp; d ^= temp; \ - temp = b^d; temp = temp ^ ROLc(temp, 8) ^ RORc(temp, 8); \ - a ^= temp; c ^= temp; - -#define THETA(k, a, b, c, d) \ - temp = a^c; temp = temp ^ ROLc(temp, 8) ^ RORc(temp, 8); \ - b ^= temp ^ k[1]; d ^= temp ^ k[3]; \ - temp = b^d; temp = temp ^ ROLc(temp, 8) ^ RORc(temp, 8); \ - a ^= temp ^ k[0]; c ^= temp ^ k[2]; - -#define GAMMA(a, b, c, d) \ - b ^= ~(d|c); \ - a ^= c&b; \ - temp = d; d = a; a = temp;\ - c ^= a ^ b ^ d; \ - b ^= ~(d|c); \ - a ^= c&b; - -#define PI1(a, b, c, d) \ - b = ROLc(b, 1); c = ROLc(c, 5); d = ROLc(d, 2); - -#define PI2(a, b, c, d) \ - b = RORc(b, 1); c = RORc(c, 5); d = RORc(d, 2); - - /** - Initialize the Noekeon block cipher - @param key The symmetric key you wish to pass - @param keylen The key length in bytes - @param num_rounds The number of rounds desired (0 for default) - @param skey The key in as scheduled by this function. - @return CRYPT_OK if successful - */ -int noekeon_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) -{ - ulong32 temp; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(skey != NULL); - - if (keylen != 16) { - return CRYPT_INVALID_KEYSIZE; - } - - if (num_rounds != 16 && num_rounds != 0) { - return CRYPT_INVALID_ROUNDS; - } - - LOAD32H(skey->noekeon.K[0],&key[0]); - LOAD32H(skey->noekeon.K[1],&key[4]); - LOAD32H(skey->noekeon.K[2],&key[8]); - LOAD32H(skey->noekeon.K[3],&key[12]); - - LOAD32H(skey->noekeon.dK[0],&key[0]); - LOAD32H(skey->noekeon.dK[1],&key[4]); - LOAD32H(skey->noekeon.dK[2],&key[8]); - LOAD32H(skey->noekeon.dK[3],&key[12]); - - kTHETA(skey->noekeon.dK[0], skey->noekeon.dK[1], skey->noekeon.dK[2], skey->noekeon.dK[3]); - - return CRYPT_OK; -} - -/** - Encrypts a block of text with Noekeon - @param pt The input plaintext (16 bytes) - @param ct The output ciphertext (16 bytes) - @param skey The key as scheduled - @return CRYPT_OK if successful -*/ -#ifdef LTC_CLEAN_STACK -static int _noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -#else -int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -#endif -{ - ulong32 a,b,c,d,temp; - int r; - - LTC_ARGCHK(skey != NULL); - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - - LOAD32H(a,&pt[0]); LOAD32H(b,&pt[4]); - LOAD32H(c,&pt[8]); LOAD32H(d,&pt[12]); - -#define ROUND(i) \ - a ^= RC[i]; \ - THETA(skey->noekeon.K, a,b,c,d); \ - PI1(a,b,c,d); \ - GAMMA(a,b,c,d); \ - PI2(a,b,c,d); - - for (r = 0; r < 16; ++r) { - ROUND(r); - } - -#undef ROUND - - a ^= RC[16]; - THETA(skey->noekeon.K, a, b, c, d); - - STORE32H(a,&ct[0]); STORE32H(b,&ct[4]); - STORE32H(c,&ct[8]); STORE32H(d,&ct[12]); - - return CRYPT_OK; -} - -#ifdef LTC_CLEAN_STACK -int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -{ - int err = _noekeon_ecb_encrypt(pt, ct, skey); - burn_stack(sizeof(ulong32) * 5 + sizeof(int)); - return err; -} -#endif - -/** - Decrypts a block of text with Noekeon - @param ct The input ciphertext (16 bytes) - @param pt The output plaintext (16 bytes) - @param skey The key as scheduled - @return CRYPT_OK if successful -*/ -#ifdef LTC_CLEAN_STACK -static int _noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -#else -int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -#endif -{ - ulong32 a,b,c,d, temp; - int r; - - LTC_ARGCHK(skey != NULL); - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - - LOAD32H(a,&ct[0]); LOAD32H(b,&ct[4]); - LOAD32H(c,&ct[8]); LOAD32H(d,&ct[12]); - - -#define ROUND(i) \ - THETA(skey->noekeon.dK, a,b,c,d); \ - a ^= RC[i]; \ - PI1(a,b,c,d); \ - GAMMA(a,b,c,d); \ - PI2(a,b,c,d); - - for (r = 16; r > 0; --r) { - ROUND(r); - } - -#undef ROUND - - THETA(skey->noekeon.dK, a,b,c,d); - a ^= RC[0]; - STORE32H(a,&pt[0]); STORE32H(b, &pt[4]); - STORE32H(c,&pt[8]); STORE32H(d, &pt[12]); - return CRYPT_OK; -} - -#ifdef LTC_CLEAN_STACK -int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -{ - int err = _noekeon_ecb_decrypt(ct, pt, skey); - burn_stack(sizeof(ulong32) * 5 + sizeof(int)); - return err; -} -#endif - -/** - Performs a self-test of the Noekeon block cipher - @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled -*/ -int noekeon_test(void) -{ - #ifndef LTC_TEST - return CRYPT_NOP; - #else - static const struct { - int keylen; - unsigned char key[16], pt[16], ct[16]; - } tests[] = { - { - 16, - { 0xAA, 0x3C, 0x8C, 0x86, 0xD9, 0x8B, 0xF8, 0xBE, 0x21, 0xE0, 0x36, 0x09, 0x78, 0xFB, 0xE4, 0x90 }, - { 0xE4, 0x96, 0x6C, 0xD3, 0x13, 0xA0, 0x6C, 0xAF, 0xD0, 0x23, 0xC9, 0xFD, 0x45, 0x32, 0x23, 0x16 }, - { 0xA6, 0xEC, 0xB8, 0xA8, 0x61, 0xFD, 0x62, 0xD9, 0x13, 0x02, 0xFE, 0x9E, 0x47, 0x01, 0x3F, 0xC3 } - }, - { - 16, - { 0xED, 0x43, 0xD1, 0x87, 0x21, 0x7E, 0xE0, 0x97, 0x3D, 0x76, 0xC3, 0x37, 0x2E, 0x7D, 0xAE, 0xD3 }, - { 0xE3, 0x38, 0x32, 0xCC, 0xF2, 0x2F, 0x2F, 0x0A, 0x4A, 0x8B, 0x8F, 0x18, 0x12, 0x20, 0x17, 0xD3 }, - { 0x94, 0xA5, 0xDF, 0xF5, 0xAE, 0x1C, 0xBB, 0x22, 0xAD, 0xEB, 0xA7, 0x0D, 0xB7, 0x82, 0x90, 0xA0 } - }, - { - 16, - { 0x6F, 0xDC, 0x23, 0x38, 0xF2, 0x10, 0xFB, 0xD3, 0xC1, 0x8C, 0x02, 0xF6, 0xB4, 0x6A, 0xD5, 0xA8 }, - { 0xDB, 0x29, 0xED, 0xB5, 0x5F, 0xB3, 0x60, 0x3A, 0x92, 0xA8, 0xEB, 0x9C, 0x6D, 0x9D, 0x3E, 0x8F }, - { 0x78, 0xF3, 0x6F, 0xF8, 0x9E, 0xBB, 0x8C, 0x6A, 0xE8, 0x10, 0xF7, 0x00, 0x22, 0x15, 0x30, 0x3D } - }, - { - 16, - { 0x2C, 0x0C, 0x02, 0xEF, 0x6B, 0xC4, 0xF2, 0x0B, 0x2E, 0xB9, 0xE0, 0xBF, 0xD9, 0x36, 0xC2, 0x4E }, - { 0x84, 0xE2, 0xFE, 0x64, 0xB1, 0xB9, 0xFE, 0x76, 0xA8, 0x3F, 0x45, 0xC7, 0x40, 0x7A, 0xAF, 0xEE }, - { 0x2A, 0x08, 0xD6, 0xA2, 0x1C, 0x63, 0x08, 0xB0, 0xF8, 0xBC, 0xB3, 0xA1, 0x66, 0xF7, 0xAE, 0xCF } - }, - { - 16, - { 0x6F, 0x30, 0xF8, 0x9F, 0xDA, 0x6E, 0xA0, 0x91, 0x04, 0x0F, 0x6C, 0x8B, 0x7D, 0xF7, 0x2A, 0x4B }, - { 0x65, 0xB6, 0xA6, 0xD0, 0x42, 0x14, 0x08, 0x60, 0x34, 0x8D, 0x37, 0x2F, 0x01, 0xF0, 0x46, 0xBE }, - { 0x66, 0xAC, 0x0B, 0x62, 0x1D, 0x68, 0x11, 0xF5, 0x27, 0xB1, 0x13, 0x5D, 0xF3, 0x2A, 0xE9, 0x18 } - }, - { - 16, - { 0xCA, 0xA4, 0x16, 0xB7, 0x1C, 0x92, 0x2E, 0xAD, 0xEB, 0xA7, 0xDB, 0x69, 0x92, 0xCB, 0x35, 0xEF }, - { 0x81, 0x6F, 0x8E, 0x4D, 0x96, 0xC6, 0xB3, 0x67, 0x83, 0xF5, 0x63, 0xC7, 0x20, 0x6D, 0x40, 0x23 }, - { 0x44, 0xF7, 0x63, 0x62, 0xF0, 0x43, 0xBB, 0x67, 0x4A, 0x75, 0x12, 0x42, 0x46, 0x29, 0x28, 0x19 } - }, - { - 16, - { 0x6B, 0xCF, 0x22, 0x2F, 0xE0, 0x1B, 0xB0, 0xAA, 0xD8, 0x3C, 0x91, 0x99, 0x18, 0xB2, 0x28, 0xE8 }, - { 0x7C, 0x37, 0xC7, 0xD0, 0xAC, 0x92, 0x29, 0xF1, 0x60, 0x82, 0x93, 0x89, 0xAA, 0x61, 0xAA, 0xA9 }, - { 0xE5, 0x89, 0x1B, 0xB3, 0xFE, 0x8B, 0x0C, 0xA1, 0xA6, 0xC7, 0xBE, 0x12, 0x73, 0x0F, 0xC1, 0x19 } - }, - { - 16, - { 0xE6, 0xD0, 0xF1, 0x03, 0x2E, 0xDE, 0x70, 0x8D, 0xD8, 0x9E, 0x36, 0x5C, 0x05, 0x52, 0xE7, 0x0D }, - { 0xE2, 0x42, 0xE7, 0x92, 0x0E, 0xF7, 0x82, 0xA2, 0xB8, 0x21, 0x8D, 0x26, 0xBA, 0x2D, 0xE6, 0x32 }, - { 0x1E, 0xDD, 0x75, 0x22, 0xB9, 0x36, 0x8A, 0x0F, 0x32, 0xFD, 0xD4, 0x48, 0x65, 0x12, 0x5A, 0x2F } - } - }; - symmetric_key key; - unsigned char tmp[2][16]; - int err, i, y; - - for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { - zeromem(&key, sizeof(key)); - if ((err = noekeon_setup(tests[i].key, tests[i].keylen, 0, &key)) != CRYPT_OK) { - return err; - } - - noekeon_ecb_encrypt(tests[i].pt, tmp[0], &key); - noekeon_ecb_decrypt(tmp[0], tmp[1], &key); - if (compare_testvector(tmp[0], 16, tests[i].ct, 16, "Noekeon Encrypt", i) || - compare_testvector(tmp[1], 16, tests[i].pt, 16, "Noekeon Decrypt", i)) { - return CRYPT_FAIL_TESTVECTOR; - } - - /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */ - for (y = 0; y < 16; y++) tmp[0][y] = 0; - for (y = 0; y < 1000; y++) noekeon_ecb_encrypt(tmp[0], tmp[0], &key); - for (y = 0; y < 1000; y++) noekeon_ecb_decrypt(tmp[0], tmp[0], &key); - for (y = 0; y < 16; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR; - } - return CRYPT_OK; - #endif -} - -/** Terminate the context - @param skey The scheduled key -*/ -void noekeon_done(symmetric_key *skey) -{ - LTC_UNUSED_PARAM(skey); -} - -/** - Gets suitable key size - @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable. - @return CRYPT_OK if the input key size is acceptable. -*/ -int noekeon_keysize(int *keysize) -{ - LTC_ARGCHK(keysize != NULL); - if (*keysize < 16) { - return CRYPT_INVALID_KEYSIZE; - } else { - *keysize = 16; - return CRYPT_OK; - } -} - -#endif - - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/hashes/md2.c b/libtomcrypt/src/hashes/md2.c deleted file mode 100644 index 36cc8ae..0000000 --- a/libtomcrypt/src/hashes/md2.c +++ /dev/null @@ -1,250 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @param md2.c - LTC_MD2 (RFC 1319) hash function implementation by Tom St Denis -*/ - -#ifdef LTC_MD2 - -const struct ltc_hash_descriptor md2_desc = -{ - "md2", - 7, - 16, - 16, - - /* OID */ - { 1, 2, 840, 113549, 2, 2, }, - 6, - - &md2_init, - &md2_process, - &md2_done, - &md2_test, - NULL -}; - -static const unsigned char PI_SUBST[256] = { - 41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6, - 19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188, - 76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24, - 138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251, - 245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63, - 148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50, - 39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165, - 181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210, - 150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157, - 112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27, - 96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15, - 85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197, - 234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65, - 129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123, - 8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233, - 203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228, - 166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237, - 31, 26, 219, 153, 141, 51, 159, 17, 131, 20 -}; - -/* adds 16 bytes to the checksum */ -static void md2_update_chksum(hash_state *md) -{ - int j; - unsigned char L; - L = md->md2.chksum[15]; - for (j = 0; j < 16; j++) { - -/* caution, the RFC says its "C[j] = S[M[i*16+j] xor L]" but the reference source code [and test vectors] say - otherwise. -*/ - L = (md->md2.chksum[j] ^= PI_SUBST[(int)(md->md2.buf[j] ^ L)] & 255); - } -} - -static void md2_compress(hash_state *md) -{ - int j, k; - unsigned char t; - - /* copy block */ - for (j = 0; j < 16; j++) { - md->md2.X[16+j] = md->md2.buf[j]; - md->md2.X[32+j] = md->md2.X[j] ^ md->md2.X[16+j]; - } - - t = (unsigned char)0; - - /* do 18 rounds */ - for (j = 0; j < 18; j++) { - for (k = 0; k < 48; k++) { - t = (md->md2.X[k] ^= PI_SUBST[(int)(t & 255)]); - } - t = (t + (unsigned char)j) & 255; - } -} - -/** - Initialize the hash state - @param md The hash state you wish to initialize - @return CRYPT_OK if successful -*/ -int md2_init(hash_state *md) -{ - LTC_ARGCHK(md != NULL); - - /* LTC_MD2 uses a zero'ed state... */ - zeromem(md->md2.X, sizeof(md->md2.X)); - zeromem(md->md2.chksum, sizeof(md->md2.chksum)); - zeromem(md->md2.buf, sizeof(md->md2.buf)); - md->md2.curlen = 0; - return CRYPT_OK; -} - -/** - Process a block of memory though the hash - @param md The hash state - @param in The data to hash - @param inlen The length of the data (octets) - @return CRYPT_OK if successful -*/ -int md2_process(hash_state *md, const unsigned char *in, unsigned long inlen) -{ - unsigned long n; - LTC_ARGCHK(md != NULL); - LTC_ARGCHK(in != NULL); - if (md-> md2 .curlen > sizeof(md-> md2 .buf)) { - return CRYPT_INVALID_ARG; - } - while (inlen > 0) { - n = MIN(inlen, (16 - md->md2.curlen)); - XMEMCPY(md->md2.buf + md->md2.curlen, in, (size_t)n); - md->md2.curlen += n; - in += n; - inlen -= n; - - /* is 16 bytes full? */ - if (md->md2.curlen == 16) { - md2_compress(md); - md2_update_chksum(md); - md->md2.curlen = 0; - } - } - return CRYPT_OK; -} - -/** - Terminate the hash to get the digest - @param md The hash state - @param out [out] The destination of the hash (16 bytes) - @return CRYPT_OK if successful -*/ -int md2_done(hash_state * md, unsigned char *out) -{ - unsigned long i, k; - - LTC_ARGCHK(md != NULL); - LTC_ARGCHK(out != NULL); - - if (md->md2.curlen >= sizeof(md->md2.buf)) { - return CRYPT_INVALID_ARG; - } - - - /* pad the message */ - k = 16 - md->md2.curlen; - for (i = md->md2.curlen; i < 16; i++) { - md->md2.buf[i] = (unsigned char)k; - } - - /* hash and update */ - md2_compress(md); - md2_update_chksum(md); - - /* hash checksum */ - XMEMCPY(md->md2.buf, md->md2.chksum, 16); - md2_compress(md); - - /* output is lower 16 bytes of X */ - XMEMCPY(out, md->md2.X, 16); - -#ifdef LTC_CLEAN_STACK - zeromem(md, sizeof(hash_state)); -#endif - return CRYPT_OK; -} - -/** - Self-test the hash - @return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled -*/ -int md2_test(void) -{ - #ifndef LTC_TEST - return CRYPT_NOP; - #else - static const struct { - const char *msg; - unsigned char hash[16]; - } tests[] = { - { "", - {0x83,0x50,0xe5,0xa3,0xe2,0x4c,0x15,0x3d, - 0xf2,0x27,0x5c,0x9f,0x80,0x69,0x27,0x73 - } - }, - { "a", - {0x32,0xec,0x01,0xec,0x4a,0x6d,0xac,0x72, - 0xc0,0xab,0x96,0xfb,0x34,0xc0,0xb5,0xd1 - } - }, - { "message digest", - {0xab,0x4f,0x49,0x6b,0xfb,0x2a,0x53,0x0b, - 0x21,0x9f,0xf3,0x30,0x31,0xfe,0x06,0xb0 - } - }, - { "abcdefghijklmnopqrstuvwxyz", - {0x4e,0x8d,0xdf,0xf3,0x65,0x02,0x92,0xab, - 0x5a,0x41,0x08,0xc3,0xaa,0x47,0x94,0x0b - } - }, - { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", - {0xda,0x33,0xde,0xf2,0xa4,0x2d,0xf1,0x39, - 0x75,0x35,0x28,0x46,0xc3,0x03,0x38,0xcd - } - }, - { "12345678901234567890123456789012345678901234567890123456789012345678901234567890", - {0xd5,0x97,0x6f,0x79,0xd8,0x3d,0x3a,0x0d, - 0xc9,0x80,0x6c,0x3c,0x66,0xf3,0xef,0xd8 - } - } - }; - - int i; - unsigned char tmp[16]; - hash_state md; - - for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { - md2_init(&md); - md2_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); - md2_done(&md, tmp); - if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD2", i)) { - return CRYPT_FAIL_TESTVECTOR; - } - } - return CRYPT_OK; - #endif -} - -#endif - - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/hashes/md4.c b/libtomcrypt/src/hashes/md4.c deleted file mode 100644 index 09b6e31..0000000 --- a/libtomcrypt/src/hashes/md4.c +++ /dev/null @@ -1,306 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @param md4.c - Submitted by Dobes Vandermeer (dobes@smartt.com) -*/ - -#ifdef LTC_MD4 - -const struct ltc_hash_descriptor md4_desc = -{ - "md4", - 6, - 16, - 64, - - /* OID */ - { 1, 2, 840, 113549, 2, 4, }, - 6, - - &md4_init, - &md4_process, - &md4_done, - &md4_test, - NULL -}; - -#define S11 3 -#define S12 7 -#define S13 11 -#define S14 19 -#define S21 3 -#define S22 5 -#define S23 9 -#define S24 13 -#define S31 3 -#define S32 9 -#define S33 11 -#define S34 15 - -/* F, G and H are basic LTC_MD4 functions. */ -#define F(x, y, z) (z ^ (x & (y ^ z))) -#define G(x, y, z) ((x & y) | (z & (x | y))) -#define H(x, y, z) ((x) ^ (y) ^ (z)) - -/* ROTATE_LEFT rotates x left n bits. */ -#define ROTATE_LEFT(x, n) ROLc(x, n) - -/* FF, GG and HH are transformations for rounds 1, 2 and 3 */ -/* Rotation is separate from addition to prevent recomputation */ - -#define FF(a, b, c, d, x, s) { \ - (a) += F ((b), (c), (d)) + (x); \ - (a) = ROTATE_LEFT ((a), (s)); \ - } -#define GG(a, b, c, d, x, s) { \ - (a) += G ((b), (c), (d)) + (x) + 0x5a827999UL; \ - (a) = ROTATE_LEFT ((a), (s)); \ - } -#define HH(a, b, c, d, x, s) { \ - (a) += H ((b), (c), (d)) + (x) + 0x6ed9eba1UL; \ - (a) = ROTATE_LEFT ((a), (s)); \ - } - -#ifdef LTC_CLEAN_STACK -static int _md4_compress(hash_state *md, unsigned char *buf) -#else -static int md4_compress(hash_state *md, unsigned char *buf) -#endif -{ - ulong32 x[16], a, b, c, d; - int i; - - /* copy state */ - a = md->md4.state[0]; - b = md->md4.state[1]; - c = md->md4.state[2]; - d = md->md4.state[3]; - - /* copy the state into 512-bits into W[0..15] */ - for (i = 0; i < 16; i++) { - LOAD32L(x[i], buf + (4*i)); - } - - /* Round 1 */ - FF (a, b, c, d, x[ 0], S11); /* 1 */ - FF (d, a, b, c, x[ 1], S12); /* 2 */ - FF (c, d, a, b, x[ 2], S13); /* 3 */ - FF (b, c, d, a, x[ 3], S14); /* 4 */ - FF (a, b, c, d, x[ 4], S11); /* 5 */ - FF (d, a, b, c, x[ 5], S12); /* 6 */ - FF (c, d, a, b, x[ 6], S13); /* 7 */ - FF (b, c, d, a, x[ 7], S14); /* 8 */ - FF (a, b, c, d, x[ 8], S11); /* 9 */ - FF (d, a, b, c, x[ 9], S12); /* 10 */ - FF (c, d, a, b, x[10], S13); /* 11 */ - FF (b, c, d, a, x[11], S14); /* 12 */ - FF (a, b, c, d, x[12], S11); /* 13 */ - FF (d, a, b, c, x[13], S12); /* 14 */ - FF (c, d, a, b, x[14], S13); /* 15 */ - FF (b, c, d, a, x[15], S14); /* 16 */ - - /* Round 2 */ - GG (a, b, c, d, x[ 0], S21); /* 17 */ - GG (d, a, b, c, x[ 4], S22); /* 18 */ - GG (c, d, a, b, x[ 8], S23); /* 19 */ - GG (b, c, d, a, x[12], S24); /* 20 */ - GG (a, b, c, d, x[ 1], S21); /* 21 */ - GG (d, a, b, c, x[ 5], S22); /* 22 */ - GG (c, d, a, b, x[ 9], S23); /* 23 */ - GG (b, c, d, a, x[13], S24); /* 24 */ - GG (a, b, c, d, x[ 2], S21); /* 25 */ - GG (d, a, b, c, x[ 6], S22); /* 26 */ - GG (c, d, a, b, x[10], S23); /* 27 */ - GG (b, c, d, a, x[14], S24); /* 28 */ - GG (a, b, c, d, x[ 3], S21); /* 29 */ - GG (d, a, b, c, x[ 7], S22); /* 30 */ - GG (c, d, a, b, x[11], S23); /* 31 */ - GG (b, c, d, a, x[15], S24); /* 32 */ - - /* Round 3 */ - HH (a, b, c, d, x[ 0], S31); /* 33 */ - HH (d, a, b, c, x[ 8], S32); /* 34 */ - HH (c, d, a, b, x[ 4], S33); /* 35 */ - HH (b, c, d, a, x[12], S34); /* 36 */ - HH (a, b, c, d, x[ 2], S31); /* 37 */ - HH (d, a, b, c, x[10], S32); /* 38 */ - HH (c, d, a, b, x[ 6], S33); /* 39 */ - HH (b, c, d, a, x[14], S34); /* 40 */ - HH (a, b, c, d, x[ 1], S31); /* 41 */ - HH (d, a, b, c, x[ 9], S32); /* 42 */ - HH (c, d, a, b, x[ 5], S33); /* 43 */ - HH (b, c, d, a, x[13], S34); /* 44 */ - HH (a, b, c, d, x[ 3], S31); /* 45 */ - HH (d, a, b, c, x[11], S32); /* 46 */ - HH (c, d, a, b, x[ 7], S33); /* 47 */ - HH (b, c, d, a, x[15], S34); /* 48 */ - - - /* Update our state */ - md->md4.state[0] = md->md4.state[0] + a; - md->md4.state[1] = md->md4.state[1] + b; - md->md4.state[2] = md->md4.state[2] + c; - md->md4.state[3] = md->md4.state[3] + d; - - return CRYPT_OK; -} - -#ifdef LTC_CLEAN_STACK -static int md4_compress(hash_state *md, unsigned char *buf) -{ - int err; - err = _md4_compress(md, buf); - burn_stack(sizeof(ulong32) * 20 + sizeof(int)); - return err; -} -#endif - -/** - Initialize the hash state - @param md The hash state you wish to initialize - @return CRYPT_OK if successful -*/ -int md4_init(hash_state * md) -{ - LTC_ARGCHK(md != NULL); - md->md4.state[0] = 0x67452301UL; - md->md4.state[1] = 0xefcdab89UL; - md->md4.state[2] = 0x98badcfeUL; - md->md4.state[3] = 0x10325476UL; - md->md4.length = 0; - md->md4.curlen = 0; - return CRYPT_OK; -} - -/** - Process a block of memory though the hash - @param md The hash state - @param in The data to hash - @param inlen The length of the data (octets) - @return CRYPT_OK if successful -*/ -HASH_PROCESS(md4_process, md4_compress, md4, 64) - -/** - Terminate the hash to get the digest - @param md The hash state - @param out [out] The destination of the hash (16 bytes) - @return CRYPT_OK if successful -*/ -int md4_done(hash_state * md, unsigned char *out) -{ - int i; - - LTC_ARGCHK(md != NULL); - LTC_ARGCHK(out != NULL); - - if (md->md4.curlen >= sizeof(md->md4.buf)) { - return CRYPT_INVALID_ARG; - } - - /* increase the length of the message */ - md->md4.length += md->md4.curlen * 8; - - /* append the '1' bit */ - md->md4.buf[md->md4.curlen++] = (unsigned char)0x80; - - /* if the length is currently above 56 bytes we append zeros - * then compress. Then we can fall back to padding zeros and length - * encoding like normal. - */ - if (md->md4.curlen > 56) { - while (md->md4.curlen < 64) { - md->md4.buf[md->md4.curlen++] = (unsigned char)0; - } - md4_compress(md, md->md4.buf); - md->md4.curlen = 0; - } - - /* pad upto 56 bytes of zeroes */ - while (md->md4.curlen < 56) { - md->md4.buf[md->md4.curlen++] = (unsigned char)0; - } - - /* store length */ - STORE64L(md->md4.length, md->md4.buf+56); - md4_compress(md, md->md4.buf); - - /* copy output */ - for (i = 0; i < 4; i++) { - STORE32L(md->md4.state[i], out+(4*i)); - } -#ifdef LTC_CLEAN_STACK - zeromem(md, sizeof(hash_state)); -#endif - return CRYPT_OK; -} - -/** - Self-test the hash - @return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled -*/ -int md4_test(void) -{ - #ifndef LTC_TEST - return CRYPT_NOP; - #else - static const struct md4_test_case { - const char *input; - unsigned char hash[16]; - } tests[] = { - { "", - {0x31, 0xd6, 0xcf, 0xe0, 0xd1, 0x6a, 0xe9, 0x31, - 0xb7, 0x3c, 0x59, 0xd7, 0xe0, 0xc0, 0x89, 0xc0} }, - { "a", - {0xbd, 0xe5, 0x2c, 0xb3, 0x1d, 0xe3, 0x3e, 0x46, - 0x24, 0x5e, 0x05, 0xfb, 0xdb, 0xd6, 0xfb, 0x24} }, - { "abc", - {0xa4, 0x48, 0x01, 0x7a, 0xaf, 0x21, 0xd8, 0x52, - 0x5f, 0xc1, 0x0a, 0xe8, 0x7a, 0xa6, 0x72, 0x9d} }, - { "message digest", - {0xd9, 0x13, 0x0a, 0x81, 0x64, 0x54, 0x9f, 0xe8, - 0x18, 0x87, 0x48, 0x06, 0xe1, 0xc7, 0x01, 0x4b} }, - { "abcdefghijklmnopqrstuvwxyz", - {0xd7, 0x9e, 0x1c, 0x30, 0x8a, 0xa5, 0xbb, 0xcd, - 0xee, 0xa8, 0xed, 0x63, 0xdf, 0x41, 0x2d, 0xa9} }, - { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", - {0x04, 0x3f, 0x85, 0x82, 0xf2, 0x41, 0xdb, 0x35, - 0x1c, 0xe6, 0x27, 0xe1, 0x53, 0xe7, 0xf0, 0xe4} }, - { "12345678901234567890123456789012345678901234567890123456789012345678901234567890", - {0xe3, 0x3b, 0x4d, 0xdc, 0x9c, 0x38, 0xf2, 0x19, - 0x9c, 0x3e, 0x7b, 0x16, 0x4f, 0xcc, 0x05, 0x36} }, - }; - - int i; - unsigned char tmp[16]; - hash_state md; - - for(i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { - md4_init(&md); - md4_process(&md, (unsigned char *)tests[i].input, (unsigned long)strlen(tests[i].input)); - md4_done(&md, tmp); - if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD4", i)) { - return CRYPT_FAIL_TESTVECTOR; - } - - } - return CRYPT_OK; - #endif -} - -#endif - - - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/hashes/md5.c b/libtomcrypt/src/hashes/md5.c deleted file mode 100644 index 511329a..0000000 --- a/libtomcrypt/src/hashes/md5.c +++ /dev/null @@ -1,366 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - - -/** - @file md5.c - LTC_MD5 hash function by Tom St Denis -*/ - -#ifdef LTC_MD5 - -const struct ltc_hash_descriptor md5_desc = -{ - "md5", - 3, - 16, - 64, - - /* OID */ - { 1, 2, 840, 113549, 2, 5, }, - 6, - - &md5_init, - &md5_process, - &md5_done, - &md5_test, - NULL -}; - -#define F(x,y,z) (z ^ (x & (y ^ z))) -#define G(x,y,z) (y ^ (z & (y ^ x))) -#define H(x,y,z) (x^y^z) -#define I(x,y,z) (y^(x|(~z))) - -#ifdef LTC_SMALL_CODE - -#define FF(a,b,c,d,M,s,t) \ - a = (a + F(b,c,d) + M + t); a = ROL(a, s) + b; - -#define GG(a,b,c,d,M,s,t) \ - a = (a + G(b,c,d) + M + t); a = ROL(a, s) + b; - -#define HH(a,b,c,d,M,s,t) \ - a = (a + H(b,c,d) + M + t); a = ROL(a, s) + b; - -#define II(a,b,c,d,M,s,t) \ - a = (a + I(b,c,d) + M + t); a = ROL(a, s) + b; - -static const unsigned char Worder[64] = { - 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15, - 1,6,11,0,5,10,15,4,9,14,3,8,13,2,7,12, - 5,8,11,14,1,4,7,10,13,0,3,6,9,12,15,2, - 0,7,14,5,12,3,10,1,8,15,6,13,4,11,2,9 -}; - -static const unsigned char Rorder[64] = { - 7,12,17,22,7,12,17,22,7,12,17,22,7,12,17,22, - 5,9,14,20,5,9,14,20,5,9,14,20,5,9,14,20, - 4,11,16,23,4,11,16,23,4,11,16,23,4,11,16,23, - 6,10,15,21,6,10,15,21,6,10,15,21,6,10,15,21 -}; - -static const ulong32 Korder[64] = { -0xd76aa478UL, 0xe8c7b756UL, 0x242070dbUL, 0xc1bdceeeUL, 0xf57c0fafUL, 0x4787c62aUL, 0xa8304613UL, 0xfd469501UL, -0x698098d8UL, 0x8b44f7afUL, 0xffff5bb1UL, 0x895cd7beUL, 0x6b901122UL, 0xfd987193UL, 0xa679438eUL, 0x49b40821UL, -0xf61e2562UL, 0xc040b340UL, 0x265e5a51UL, 0xe9b6c7aaUL, 0xd62f105dUL, 0x02441453UL, 0xd8a1e681UL, 0xe7d3fbc8UL, -0x21e1cde6UL, 0xc33707d6UL, 0xf4d50d87UL, 0x455a14edUL, 0xa9e3e905UL, 0xfcefa3f8UL, 0x676f02d9UL, 0x8d2a4c8aUL, -0xfffa3942UL, 0x8771f681UL, 0x6d9d6122UL, 0xfde5380cUL, 0xa4beea44UL, 0x4bdecfa9UL, 0xf6bb4b60UL, 0xbebfbc70UL, -0x289b7ec6UL, 0xeaa127faUL, 0xd4ef3085UL, 0x04881d05UL, 0xd9d4d039UL, 0xe6db99e5UL, 0x1fa27cf8UL, 0xc4ac5665UL, -0xf4292244UL, 0x432aff97UL, 0xab9423a7UL, 0xfc93a039UL, 0x655b59c3UL, 0x8f0ccc92UL, 0xffeff47dUL, 0x85845dd1UL, -0x6fa87e4fUL, 0xfe2ce6e0UL, 0xa3014314UL, 0x4e0811a1UL, 0xf7537e82UL, 0xbd3af235UL, 0x2ad7d2bbUL, 0xeb86d391UL -}; - -#else - -#define FF(a,b,c,d,M,s,t) \ - a = (a + F(b,c,d) + M + t); a = ROLc(a, s) + b; - -#define GG(a,b,c,d,M,s,t) \ - a = (a + G(b,c,d) + M + t); a = ROLc(a, s) + b; - -#define HH(a,b,c,d,M,s,t) \ - a = (a + H(b,c,d) + M + t); a = ROLc(a, s) + b; - -#define II(a,b,c,d,M,s,t) \ - a = (a + I(b,c,d) + M + t); a = ROLc(a, s) + b; - - -#endif - -#ifdef LTC_CLEAN_STACK -static int _md5_compress(hash_state *md, unsigned char *buf) -#else -static int md5_compress(hash_state *md, unsigned char *buf) -#endif -{ - ulong32 i, W[16], a, b, c, d; -#ifdef LTC_SMALL_CODE - ulong32 t; -#endif - - /* copy the state into 512-bits into W[0..15] */ - for (i = 0; i < 16; i++) { - LOAD32L(W[i], buf + (4*i)); - } - - /* copy state */ - a = md->md5.state[0]; - b = md->md5.state[1]; - c = md->md5.state[2]; - d = md->md5.state[3]; - -#ifdef LTC_SMALL_CODE - for (i = 0; i < 16; ++i) { - FF(a,b,c,d,W[Worder[i]],Rorder[i],Korder[i]); - t = d; d = c; c = b; b = a; a = t; - } - - for (; i < 32; ++i) { - GG(a,b,c,d,W[Worder[i]],Rorder[i],Korder[i]); - t = d; d = c; c = b; b = a; a = t; - } - - for (; i < 48; ++i) { - HH(a,b,c,d,W[Worder[i]],Rorder[i],Korder[i]); - t = d; d = c; c = b; b = a; a = t; - } - - for (; i < 64; ++i) { - II(a,b,c,d,W[Worder[i]],Rorder[i],Korder[i]); - t = d; d = c; c = b; b = a; a = t; - } - -#else - FF(a,b,c,d,W[0],7,0xd76aa478UL) - FF(d,a,b,c,W[1],12,0xe8c7b756UL) - FF(c,d,a,b,W[2],17,0x242070dbUL) - FF(b,c,d,a,W[3],22,0xc1bdceeeUL) - FF(a,b,c,d,W[4],7,0xf57c0fafUL) - FF(d,a,b,c,W[5],12,0x4787c62aUL) - FF(c,d,a,b,W[6],17,0xa8304613UL) - FF(b,c,d,a,W[7],22,0xfd469501UL) - FF(a,b,c,d,W[8],7,0x698098d8UL) - FF(d,a,b,c,W[9],12,0x8b44f7afUL) - FF(c,d,a,b,W[10],17,0xffff5bb1UL) - FF(b,c,d,a,W[11],22,0x895cd7beUL) - FF(a,b,c,d,W[12],7,0x6b901122UL) - FF(d,a,b,c,W[13],12,0xfd987193UL) - FF(c,d,a,b,W[14],17,0xa679438eUL) - FF(b,c,d,a,W[15],22,0x49b40821UL) - GG(a,b,c,d,W[1],5,0xf61e2562UL) - GG(d,a,b,c,W[6],9,0xc040b340UL) - GG(c,d,a,b,W[11],14,0x265e5a51UL) - GG(b,c,d,a,W[0],20,0xe9b6c7aaUL) - GG(a,b,c,d,W[5],5,0xd62f105dUL) - GG(d,a,b,c,W[10],9,0x02441453UL) - GG(c,d,a,b,W[15],14,0xd8a1e681UL) - GG(b,c,d,a,W[4],20,0xe7d3fbc8UL) - GG(a,b,c,d,W[9],5,0x21e1cde6UL) - GG(d,a,b,c,W[14],9,0xc33707d6UL) - GG(c,d,a,b,W[3],14,0xf4d50d87UL) - GG(b,c,d,a,W[8],20,0x455a14edUL) - GG(a,b,c,d,W[13],5,0xa9e3e905UL) - GG(d,a,b,c,W[2],9,0xfcefa3f8UL) - GG(c,d,a,b,W[7],14,0x676f02d9UL) - GG(b,c,d,a,W[12],20,0x8d2a4c8aUL) - HH(a,b,c,d,W[5],4,0xfffa3942UL) - HH(d,a,b,c,W[8],11,0x8771f681UL) - HH(c,d,a,b,W[11],16,0x6d9d6122UL) - HH(b,c,d,a,W[14],23,0xfde5380cUL) - HH(a,b,c,d,W[1],4,0xa4beea44UL) - HH(d,a,b,c,W[4],11,0x4bdecfa9UL) - HH(c,d,a,b,W[7],16,0xf6bb4b60UL) - HH(b,c,d,a,W[10],23,0xbebfbc70UL) - HH(a,b,c,d,W[13],4,0x289b7ec6UL) - HH(d,a,b,c,W[0],11,0xeaa127faUL) - HH(c,d,a,b,W[3],16,0xd4ef3085UL) - HH(b,c,d,a,W[6],23,0x04881d05UL) - HH(a,b,c,d,W[9],4,0xd9d4d039UL) - HH(d,a,b,c,W[12],11,0xe6db99e5UL) - HH(c,d,a,b,W[15],16,0x1fa27cf8UL) - HH(b,c,d,a,W[2],23,0xc4ac5665UL) - II(a,b,c,d,W[0],6,0xf4292244UL) - II(d,a,b,c,W[7],10,0x432aff97UL) - II(c,d,a,b,W[14],15,0xab9423a7UL) - II(b,c,d,a,W[5],21,0xfc93a039UL) - II(a,b,c,d,W[12],6,0x655b59c3UL) - II(d,a,b,c,W[3],10,0x8f0ccc92UL) - II(c,d,a,b,W[10],15,0xffeff47dUL) - II(b,c,d,a,W[1],21,0x85845dd1UL) - II(a,b,c,d,W[8],6,0x6fa87e4fUL) - II(d,a,b,c,W[15],10,0xfe2ce6e0UL) - II(c,d,a,b,W[6],15,0xa3014314UL) - II(b,c,d,a,W[13],21,0x4e0811a1UL) - II(a,b,c,d,W[4],6,0xf7537e82UL) - II(d,a,b,c,W[11],10,0xbd3af235UL) - II(c,d,a,b,W[2],15,0x2ad7d2bbUL) - II(b,c,d,a,W[9],21,0xeb86d391UL) -#endif - - md->md5.state[0] = md->md5.state[0] + a; - md->md5.state[1] = md->md5.state[1] + b; - md->md5.state[2] = md->md5.state[2] + c; - md->md5.state[3] = md->md5.state[3] + d; - - return CRYPT_OK; -} - -#ifdef LTC_CLEAN_STACK -static int md5_compress(hash_state *md, unsigned char *buf) -{ - int err; - err = _md5_compress(md, buf); - burn_stack(sizeof(ulong32) * 21); - return err; -} -#endif - -/** - Initialize the hash state - @param md The hash state you wish to initialize - @return CRYPT_OK if successful -*/ -int md5_init(hash_state * md) -{ - LTC_ARGCHK(md != NULL); - md->md5.state[0] = 0x67452301UL; - md->md5.state[1] = 0xefcdab89UL; - md->md5.state[2] = 0x98badcfeUL; - md->md5.state[3] = 0x10325476UL; - md->md5.curlen = 0; - md->md5.length = 0; - return CRYPT_OK; -} - -/** - Process a block of memory though the hash - @param md The hash state - @param in The data to hash - @param inlen The length of the data (octets) - @return CRYPT_OK if successful -*/ -HASH_PROCESS(md5_process, md5_compress, md5, 64) - -/** - Terminate the hash to get the digest - @param md The hash state - @param out [out] The destination of the hash (16 bytes) - @return CRYPT_OK if successful -*/ -int md5_done(hash_state * md, unsigned char *out) -{ - int i; - - LTC_ARGCHK(md != NULL); - LTC_ARGCHK(out != NULL); - - if (md->md5.curlen >= sizeof(md->md5.buf)) { - return CRYPT_INVALID_ARG; - } - - - /* increase the length of the message */ - md->md5.length += md->md5.curlen * 8; - - /* append the '1' bit */ - md->md5.buf[md->md5.curlen++] = (unsigned char)0x80; - - /* if the length is currently above 56 bytes we append zeros - * then compress. Then we can fall back to padding zeros and length - * encoding like normal. - */ - if (md->md5.curlen > 56) { - while (md->md5.curlen < 64) { - md->md5.buf[md->md5.curlen++] = (unsigned char)0; - } - md5_compress(md, md->md5.buf); - md->md5.curlen = 0; - } - - /* pad upto 56 bytes of zeroes */ - while (md->md5.curlen < 56) { - md->md5.buf[md->md5.curlen++] = (unsigned char)0; - } - - /* store length */ - STORE64L(md->md5.length, md->md5.buf+56); - md5_compress(md, md->md5.buf); - - /* copy output */ - for (i = 0; i < 4; i++) { - STORE32L(md->md5.state[i], out+(4*i)); - } -#ifdef LTC_CLEAN_STACK - zeromem(md, sizeof(hash_state)); -#endif - return CRYPT_OK; -} - -/** - Self-test the hash - @return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled -*/ -int md5_test(void) -{ - #ifndef LTC_TEST - return CRYPT_NOP; - #else - static const struct { - const char *msg; - unsigned char hash[16]; - } tests[] = { - { "", - { 0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04, - 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e } }, - { "a", - {0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8, - 0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61 } }, - { "abc", - { 0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0, - 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72 } }, - { "message digest", - { 0xf9, 0x6b, 0x69, 0x7d, 0x7c, 0xb7, 0x93, 0x8d, - 0x52, 0x5a, 0x2f, 0x31, 0xaa, 0xf1, 0x61, 0xd0 } }, - { "abcdefghijklmnopqrstuvwxyz", - { 0xc3, 0xfc, 0xd3, 0xd7, 0x61, 0x92, 0xe4, 0x00, - 0x7d, 0xfb, 0x49, 0x6c, 0xca, 0x67, 0xe1, 0x3b } }, - { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", - { 0xd1, 0x74, 0xab, 0x98, 0xd2, 0x77, 0xd9, 0xf5, - 0xa5, 0x61, 0x1c, 0x2c, 0x9f, 0x41, 0x9d, 0x9f } }, - { "12345678901234567890123456789012345678901234567890123456789012345678901234567890", - { 0x57, 0xed, 0xf4, 0xa2, 0x2b, 0xe3, 0xc9, 0x55, - 0xac, 0x49, 0xda, 0x2e, 0x21, 0x07, 0xb6, 0x7a } }, - { NULL, { 0 } } - }; - - int i; - unsigned char tmp[16]; - hash_state md; - - for (i = 0; tests[i].msg != NULL; i++) { - md5_init(&md); - md5_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); - md5_done(&md, tmp); - if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD5", i)) { - return CRYPT_FAIL_TESTVECTOR; - } - } - return CRYPT_OK; - #endif -} - -#endif - - - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/hashes/tiger.c b/libtomcrypt/src/hashes/tiger.c deleted file mode 100644 index 863f7fa..0000000 --- a/libtomcrypt/src/hashes/tiger.c +++ /dev/null @@ -1,812 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ - -#include "tomcrypt.h" - -/** - @file tiger.c - Tiger hash function, Tom St Denis -*/ - -#ifdef LTC_TIGER - -const struct ltc_hash_descriptor tiger_desc = -{ - "tiger", - 1, - 24, - 64, - - /* OID */ - { 1, 3, 6, 1, 4, 1, 11591, 12, 2, }, - 9, - - &tiger_init, - &tiger_process, - &tiger_done, - &tiger_test, - NULL -}; - -#define t1 (table) -#define t2 (table+256) -#define t3 (table+256*2) -#define t4 (table+256*3) - -static const ulong64 table[4*256] = { - CONST64(0x02AAB17CF7E90C5E) /* 0 */, CONST64(0xAC424B03E243A8EC) /* 1 */, - CONST64(0x72CD5BE30DD5FCD3) /* 2 */, CONST64(0x6D019B93F6F97F3A) /* 3 */, - CONST64(0xCD9978FFD21F9193) /* 4 */, CONST64(0x7573A1C9708029E2) /* 5 */, - CONST64(0xB164326B922A83C3) /* 6 */, CONST64(0x46883EEE04915870) /* 7 */, - CONST64(0xEAACE3057103ECE6) /* 8 */, CONST64(0xC54169B808A3535C) /* 9 */, - CONST64(0x4CE754918DDEC47C) /* 10 */, CONST64(0x0AA2F4DFDC0DF40C) /* 11 */, - CONST64(0x10B76F18A74DBEFA) /* 12 */, CONST64(0xC6CCB6235AD1AB6A) /* 13 */, - CONST64(0x13726121572FE2FF) /* 14 */, CONST64(0x1A488C6F199D921E) /* 15 */, - CONST64(0x4BC9F9F4DA0007CA) /* 16 */, CONST64(0x26F5E6F6E85241C7) /* 17 */, - CONST64(0x859079DBEA5947B6) /* 18 */, CONST64(0x4F1885C5C99E8C92) /* 19 */, - CONST64(0xD78E761EA96F864B) /* 20 */, CONST64(0x8E36428C52B5C17D) /* 21 */, - CONST64(0x69CF6827373063C1) /* 22 */, CONST64(0xB607C93D9BB4C56E) /* 23 */, - CONST64(0x7D820E760E76B5EA) /* 24 */, CONST64(0x645C9CC6F07FDC42) /* 25 */, - CONST64(0xBF38A078243342E0) /* 26 */, CONST64(0x5F6B343C9D2E7D04) /* 27 */, - CONST64(0xF2C28AEB600B0EC6) /* 28 */, CONST64(0x6C0ED85F7254BCAC) /* 29 */, - CONST64(0x71592281A4DB4FE5) /* 30 */, CONST64(0x1967FA69CE0FED9F) /* 31 */, - CONST64(0xFD5293F8B96545DB) /* 32 */, CONST64(0xC879E9D7F2A7600B) /* 33 */, - CONST64(0x860248920193194E) /* 34 */, CONST64(0xA4F9533B2D9CC0B3) /* 35 */, - CONST64(0x9053836C15957613) /* 36 */, CONST64(0xDB6DCF8AFC357BF1) /* 37 */, - CONST64(0x18BEEA7A7A370F57) /* 38 */, CONST64(0x037117CA50B99066) /* 39 */, - CONST64(0x6AB30A9774424A35) /* 40 */, CONST64(0xF4E92F02E325249B) /* 41 */, - CONST64(0x7739DB07061CCAE1) /* 42 */, CONST64(0xD8F3B49CECA42A05) /* 43 */, - CONST64(0xBD56BE3F51382F73) /* 44 */, CONST64(0x45FAED5843B0BB28) /* 45 */, - CONST64(0x1C813D5C11BF1F83) /* 46 */, CONST64(0x8AF0E4B6D75FA169) /* 47 */, - CONST64(0x33EE18A487AD9999) /* 48 */, CONST64(0x3C26E8EAB1C94410) /* 49 */, - CONST64(0xB510102BC0A822F9) /* 50 */, CONST64(0x141EEF310CE6123B) /* 51 */, - CONST64(0xFC65B90059DDB154) /* 52 */, CONST64(0xE0158640C5E0E607) /* 53 */, - CONST64(0x884E079826C3A3CF) /* 54 */, CONST64(0x930D0D9523C535FD) /* 55 */, - CONST64(0x35638D754E9A2B00) /* 56 */, CONST64(0x4085FCCF40469DD5) /* 57 */, - CONST64(0xC4B17AD28BE23A4C) /* 58 */, CONST64(0xCAB2F0FC6A3E6A2E) /* 59 */, - CONST64(0x2860971A6B943FCD) /* 60 */, CONST64(0x3DDE6EE212E30446) /* 61 */, - CONST64(0x6222F32AE01765AE) /* 62 */, CONST64(0x5D550BB5478308FE) /* 63 */, - CONST64(0xA9EFA98DA0EDA22A) /* 64 */, CONST64(0xC351A71686C40DA7) /* 65 */, - CONST64(0x1105586D9C867C84) /* 66 */, CONST64(0xDCFFEE85FDA22853) /* 67 */, - CONST64(0xCCFBD0262C5EEF76) /* 68 */, CONST64(0xBAF294CB8990D201) /* 69 */, - CONST64(0xE69464F52AFAD975) /* 70 */, CONST64(0x94B013AFDF133E14) /* 71 */, - CONST64(0x06A7D1A32823C958) /* 72 */, CONST64(0x6F95FE5130F61119) /* 73 */, - CONST64(0xD92AB34E462C06C0) /* 74 */, CONST64(0xED7BDE33887C71D2) /* 75 */, - CONST64(0x79746D6E6518393E) /* 76 */, CONST64(0x5BA419385D713329) /* 77 */, - CONST64(0x7C1BA6B948A97564) /* 78 */, CONST64(0x31987C197BFDAC67) /* 79 */, - CONST64(0xDE6C23C44B053D02) /* 80 */, CONST64(0x581C49FED002D64D) /* 81 */, - CONST64(0xDD474D6338261571) /* 82 */, CONST64(0xAA4546C3E473D062) /* 83 */, - CONST64(0x928FCE349455F860) /* 84 */, CONST64(0x48161BBACAAB94D9) /* 85 */, - CONST64(0x63912430770E6F68) /* 86 */, CONST64(0x6EC8A5E602C6641C) /* 87 */, - CONST64(0x87282515337DDD2B) /* 88 */, CONST64(0x2CDA6B42034B701B) /* 89 */, - CONST64(0xB03D37C181CB096D) /* 90 */, CONST64(0xE108438266C71C6F) /* 91 */, - CONST64(0x2B3180C7EB51B255) /* 92 */, CONST64(0xDF92B82F96C08BBC) /* 93 */, - CONST64(0x5C68C8C0A632F3BA) /* 94 */, CONST64(0x5504CC861C3D0556) /* 95 */, - CONST64(0xABBFA4E55FB26B8F) /* 96 */, CONST64(0x41848B0AB3BACEB4) /* 97 */, - CONST64(0xB334A273AA445D32) /* 98 */, CONST64(0xBCA696F0A85AD881) /* 99 */, - CONST64(0x24F6EC65B528D56C) /* 100 */, CONST64(0x0CE1512E90F4524A) /* 101 */, - CONST64(0x4E9DD79D5506D35A) /* 102 */, CONST64(0x258905FAC6CE9779) /* 103 */, - CONST64(0x2019295B3E109B33) /* 104 */, CONST64(0xF8A9478B73A054CC) /* 105 */, - CONST64(0x2924F2F934417EB0) /* 106 */, CONST64(0x3993357D536D1BC4) /* 107 */, - CONST64(0x38A81AC21DB6FF8B) /* 108 */, CONST64(0x47C4FBF17D6016BF) /* 109 */, - CONST64(0x1E0FAADD7667E3F5) /* 110 */, CONST64(0x7ABCFF62938BEB96) /* 111 */, - CONST64(0xA78DAD948FC179C9) /* 112 */, CONST64(0x8F1F98B72911E50D) /* 113 */, - CONST64(0x61E48EAE27121A91) /* 114 */, CONST64(0x4D62F7AD31859808) /* 115 */, - CONST64(0xECEBA345EF5CEAEB) /* 116 */, CONST64(0xF5CEB25EBC9684CE) /* 117 */, - CONST64(0xF633E20CB7F76221) /* 118 */, CONST64(0xA32CDF06AB8293E4) /* 119 */, - CONST64(0x985A202CA5EE2CA4) /* 120 */, CONST64(0xCF0B8447CC8A8FB1) /* 121 */, - CONST64(0x9F765244979859A3) /* 122 */, CONST64(0xA8D516B1A1240017) /* 123 */, - CONST64(0x0BD7BA3EBB5DC726) /* 124 */, CONST64(0xE54BCA55B86ADB39) /* 125 */, - CONST64(0x1D7A3AFD6C478063) /* 126 */, CONST64(0x519EC608E7669EDD) /* 127 */, - CONST64(0x0E5715A2D149AA23) /* 128 */, CONST64(0x177D4571848FF194) /* 129 */, - CONST64(0xEEB55F3241014C22) /* 130 */, CONST64(0x0F5E5CA13A6E2EC2) /* 131 */, - CONST64(0x8029927B75F5C361) /* 132 */, CONST64(0xAD139FABC3D6E436) /* 133 */, - CONST64(0x0D5DF1A94CCF402F) /* 134 */, CONST64(0x3E8BD948BEA5DFC8) /* 135 */, - CONST64(0xA5A0D357BD3FF77E) /* 136 */, CONST64(0xA2D12E251F74F645) /* 137 */, - CONST64(0x66FD9E525E81A082) /* 138 */, CONST64(0x2E0C90CE7F687A49) /* 139 */, - CONST64(0xC2E8BCBEBA973BC5) /* 140 */, CONST64(0x000001BCE509745F) /* 141 */, - CONST64(0x423777BBE6DAB3D6) /* 142 */, CONST64(0xD1661C7EAEF06EB5) /* 143 */, - CONST64(0xA1781F354DAACFD8) /* 144 */, CONST64(0x2D11284A2B16AFFC) /* 145 */, - CONST64(0xF1FC4F67FA891D1F) /* 146 */, CONST64(0x73ECC25DCB920ADA) /* 147 */, - CONST64(0xAE610C22C2A12651) /* 148 */, CONST64(0x96E0A810D356B78A) /* 149 */, - CONST64(0x5A9A381F2FE7870F) /* 150 */, CONST64(0xD5AD62EDE94E5530) /* 151 */, - CONST64(0xD225E5E8368D1427) /* 152 */, CONST64(0x65977B70C7AF4631) /* 153 */, - CONST64(0x99F889B2DE39D74F) /* 154 */, CONST64(0x233F30BF54E1D143) /* 155 */, - CONST64(0x9A9675D3D9A63C97) /* 156 */, CONST64(0x5470554FF334F9A8) /* 157 */, - CONST64(0x166ACB744A4F5688) /* 158 */, CONST64(0x70C74CAAB2E4AEAD) /* 159 */, - CONST64(0xF0D091646F294D12) /* 160 */, CONST64(0x57B82A89684031D1) /* 161 */, - CONST64(0xEFD95A5A61BE0B6B) /* 162 */, CONST64(0x2FBD12E969F2F29A) /* 163 */, - CONST64(0x9BD37013FEFF9FE8) /* 164 */, CONST64(0x3F9B0404D6085A06) /* 165 */, - CONST64(0x4940C1F3166CFE15) /* 166 */, CONST64(0x09542C4DCDF3DEFB) /* 167 */, - CONST64(0xB4C5218385CD5CE3) /* 168 */, CONST64(0xC935B7DC4462A641) /* 169 */, - CONST64(0x3417F8A68ED3B63F) /* 170 */, CONST64(0xB80959295B215B40) /* 171 */, - CONST64(0xF99CDAEF3B8C8572) /* 172 */, CONST64(0x018C0614F8FCB95D) /* 173 */, - CONST64(0x1B14ACCD1A3ACDF3) /* 174 */, CONST64(0x84D471F200BB732D) /* 175 */, - CONST64(0xC1A3110E95E8DA16) /* 176 */, CONST64(0x430A7220BF1A82B8) /* 177 */, - CONST64(0xB77E090D39DF210E) /* 178 */, CONST64(0x5EF4BD9F3CD05E9D) /* 179 */, - CONST64(0x9D4FF6DA7E57A444) /* 180 */, CONST64(0xDA1D60E183D4A5F8) /* 181 */, - CONST64(0xB287C38417998E47) /* 182 */, CONST64(0xFE3EDC121BB31886) /* 183 */, - CONST64(0xC7FE3CCC980CCBEF) /* 184 */, CONST64(0xE46FB590189BFD03) /* 185 */, - CONST64(0x3732FD469A4C57DC) /* 186 */, CONST64(0x7EF700A07CF1AD65) /* 187 */, - CONST64(0x59C64468A31D8859) /* 188 */, CONST64(0x762FB0B4D45B61F6) /* 189 */, - CONST64(0x155BAED099047718) /* 190 */, CONST64(0x68755E4C3D50BAA6) /* 191 */, - CONST64(0xE9214E7F22D8B4DF) /* 192 */, CONST64(0x2ADDBF532EAC95F4) /* 193 */, - CONST64(0x32AE3909B4BD0109) /* 194 */, CONST64(0x834DF537B08E3450) /* 195 */, - CONST64(0xFA209DA84220728D) /* 196 */, CONST64(0x9E691D9B9EFE23F7) /* 197 */, - CONST64(0x0446D288C4AE8D7F) /* 198 */, CONST64(0x7B4CC524E169785B) /* 199 */, - CONST64(0x21D87F0135CA1385) /* 200 */, CONST64(0xCEBB400F137B8AA5) /* 201 */, - CONST64(0x272E2B66580796BE) /* 202 */, CONST64(0x3612264125C2B0DE) /* 203 */, - CONST64(0x057702BDAD1EFBB2) /* 204 */, CONST64(0xD4BABB8EACF84BE9) /* 205 */, - CONST64(0x91583139641BC67B) /* 206 */, CONST64(0x8BDC2DE08036E024) /* 207 */, - CONST64(0x603C8156F49F68ED) /* 208 */, CONST64(0xF7D236F7DBEF5111) /* 209 */, - CONST64(0x9727C4598AD21E80) /* 210 */, CONST64(0xA08A0896670A5FD7) /* 211 */, - CONST64(0xCB4A8F4309EBA9CB) /* 212 */, CONST64(0x81AF564B0F7036A1) /* 213 */, - CONST64(0xC0B99AA778199ABD) /* 214 */, CONST64(0x959F1EC83FC8E952) /* 215 */, - CONST64(0x8C505077794A81B9) /* 216 */, CONST64(0x3ACAAF8F056338F0) /* 217 */, - CONST64(0x07B43F50627A6778) /* 218 */, CONST64(0x4A44AB49F5ECCC77) /* 219 */, - CONST64(0x3BC3D6E4B679EE98) /* 220 */, CONST64(0x9CC0D4D1CF14108C) /* 221 */, - CONST64(0x4406C00B206BC8A0) /* 222 */, CONST64(0x82A18854C8D72D89) /* 223 */, - CONST64(0x67E366B35C3C432C) /* 224 */, CONST64(0xB923DD61102B37F2) /* 225 */, - CONST64(0x56AB2779D884271D) /* 226 */, CONST64(0xBE83E1B0FF1525AF) /* 227 */, - CONST64(0xFB7C65D4217E49A9) /* 228 */, CONST64(0x6BDBE0E76D48E7D4) /* 229 */, - CONST64(0x08DF828745D9179E) /* 230 */, CONST64(0x22EA6A9ADD53BD34) /* 231 */, - CONST64(0xE36E141C5622200A) /* 232 */, CONST64(0x7F805D1B8CB750EE) /* 233 */, - CONST64(0xAFE5C7A59F58E837) /* 234 */, CONST64(0xE27F996A4FB1C23C) /* 235 */, - CONST64(0xD3867DFB0775F0D0) /* 236 */, CONST64(0xD0E673DE6E88891A) /* 237 */, - CONST64(0x123AEB9EAFB86C25) /* 238 */, CONST64(0x30F1D5D5C145B895) /* 239 */, - CONST64(0xBB434A2DEE7269E7) /* 240 */, CONST64(0x78CB67ECF931FA38) /* 241 */, - CONST64(0xF33B0372323BBF9C) /* 242 */, CONST64(0x52D66336FB279C74) /* 243 */, - CONST64(0x505F33AC0AFB4EAA) /* 244 */, CONST64(0xE8A5CD99A2CCE187) /* 245 */, - CONST64(0x534974801E2D30BB) /* 246 */, CONST64(0x8D2D5711D5876D90) /* 247 */, - CONST64(0x1F1A412891BC038E) /* 248 */, CONST64(0xD6E2E71D82E56648) /* 249 */, - CONST64(0x74036C3A497732B7) /* 250 */, CONST64(0x89B67ED96361F5AB) /* 251 */, - CONST64(0xFFED95D8F1EA02A2) /* 252 */, CONST64(0xE72B3BD61464D43D) /* 253 */, - CONST64(0xA6300F170BDC4820) /* 254 */, CONST64(0xEBC18760ED78A77A) /* 255 */, - CONST64(0xE6A6BE5A05A12138) /* 256 */, CONST64(0xB5A122A5B4F87C98) /* 257 */, - CONST64(0x563C6089140B6990) /* 258 */, CONST64(0x4C46CB2E391F5DD5) /* 259 */, - CONST64(0xD932ADDBC9B79434) /* 260 */, CONST64(0x08EA70E42015AFF5) /* 261 */, - CONST64(0xD765A6673E478CF1) /* 262 */, CONST64(0xC4FB757EAB278D99) /* 263 */, - CONST64(0xDF11C6862D6E0692) /* 264 */, CONST64(0xDDEB84F10D7F3B16) /* 265 */, - CONST64(0x6F2EF604A665EA04) /* 266 */, CONST64(0x4A8E0F0FF0E0DFB3) /* 267 */, - CONST64(0xA5EDEEF83DBCBA51) /* 268 */, CONST64(0xFC4F0A2A0EA4371E) /* 269 */, - CONST64(0xE83E1DA85CB38429) /* 270 */, CONST64(0xDC8FF882BA1B1CE2) /* 271 */, - CONST64(0xCD45505E8353E80D) /* 272 */, CONST64(0x18D19A00D4DB0717) /* 273 */, - CONST64(0x34A0CFEDA5F38101) /* 274 */, CONST64(0x0BE77E518887CAF2) /* 275 */, - CONST64(0x1E341438B3C45136) /* 276 */, CONST64(0xE05797F49089CCF9) /* 277 */, - CONST64(0xFFD23F9DF2591D14) /* 278 */, CONST64(0x543DDA228595C5CD) /* 279 */, - CONST64(0x661F81FD99052A33) /* 280 */, CONST64(0x8736E641DB0F7B76) /* 281 */, - CONST64(0x15227725418E5307) /* 282 */, CONST64(0xE25F7F46162EB2FA) /* 283 */, - CONST64(0x48A8B2126C13D9FE) /* 284 */, CONST64(0xAFDC541792E76EEA) /* 285 */, - CONST64(0x03D912BFC6D1898F) /* 286 */, CONST64(0x31B1AAFA1B83F51B) /* 287 */, - CONST64(0xF1AC2796E42AB7D9) /* 288 */, CONST64(0x40A3A7D7FCD2EBAC) /* 289 */, - CONST64(0x1056136D0AFBBCC5) /* 290 */, CONST64(0x7889E1DD9A6D0C85) /* 291 */, - CONST64(0xD33525782A7974AA) /* 292 */, CONST64(0xA7E25D09078AC09B) /* 293 */, - CONST64(0xBD4138B3EAC6EDD0) /* 294 */, CONST64(0x920ABFBE71EB9E70) /* 295 */, - CONST64(0xA2A5D0F54FC2625C) /* 296 */, CONST64(0xC054E36B0B1290A3) /* 297 */, - CONST64(0xF6DD59FF62FE932B) /* 298 */, CONST64(0x3537354511A8AC7D) /* 299 */, - CONST64(0xCA845E9172FADCD4) /* 300 */, CONST64(0x84F82B60329D20DC) /* 301 */, - CONST64(0x79C62CE1CD672F18) /* 302 */, CONST64(0x8B09A2ADD124642C) /* 303 */, - CONST64(0xD0C1E96A19D9E726) /* 304 */, CONST64(0x5A786A9B4BA9500C) /* 305 */, - CONST64(0x0E020336634C43F3) /* 306 */, CONST64(0xC17B474AEB66D822) /* 307 */, - CONST64(0x6A731AE3EC9BAAC2) /* 308 */, CONST64(0x8226667AE0840258) /* 309 */, - CONST64(0x67D4567691CAECA5) /* 310 */, CONST64(0x1D94155C4875ADB5) /* 311 */, - CONST64(0x6D00FD985B813FDF) /* 312 */, CONST64(0x51286EFCB774CD06) /* 313 */, - CONST64(0x5E8834471FA744AF) /* 314 */, CONST64(0xF72CA0AEE761AE2E) /* 315 */, - CONST64(0xBE40E4CDAEE8E09A) /* 316 */, CONST64(0xE9970BBB5118F665) /* 317 */, - CONST64(0x726E4BEB33DF1964) /* 318 */, CONST64(0x703B000729199762) /* 319 */, - CONST64(0x4631D816F5EF30A7) /* 320 */, CONST64(0xB880B5B51504A6BE) /* 321 */, - CONST64(0x641793C37ED84B6C) /* 322 */, CONST64(0x7B21ED77F6E97D96) /* 323 */, - CONST64(0x776306312EF96B73) /* 324 */, CONST64(0xAE528948E86FF3F4) /* 325 */, - CONST64(0x53DBD7F286A3F8F8) /* 326 */, CONST64(0x16CADCE74CFC1063) /* 327 */, - CONST64(0x005C19BDFA52C6DD) /* 328 */, CONST64(0x68868F5D64D46AD3) /* 329 */, - CONST64(0x3A9D512CCF1E186A) /* 330 */, CONST64(0x367E62C2385660AE) /* 331 */, - CONST64(0xE359E7EA77DCB1D7) /* 332 */, CONST64(0x526C0773749ABE6E) /* 333 */, - CONST64(0x735AE5F9D09F734B) /* 334 */, CONST64(0x493FC7CC8A558BA8) /* 335 */, - CONST64(0xB0B9C1533041AB45) /* 336 */, CONST64(0x321958BA470A59BD) /* 337 */, - CONST64(0x852DB00B5F46C393) /* 338 */, CONST64(0x91209B2BD336B0E5) /* 339 */, - CONST64(0x6E604F7D659EF19F) /* 340 */, CONST64(0xB99A8AE2782CCB24) /* 341 */, - CONST64(0xCCF52AB6C814C4C7) /* 342 */, CONST64(0x4727D9AFBE11727B) /* 343 */, - CONST64(0x7E950D0C0121B34D) /* 344 */, CONST64(0x756F435670AD471F) /* 345 */, - CONST64(0xF5ADD442615A6849) /* 346 */, CONST64(0x4E87E09980B9957A) /* 347 */, - CONST64(0x2ACFA1DF50AEE355) /* 348 */, CONST64(0xD898263AFD2FD556) /* 349 */, - CONST64(0xC8F4924DD80C8FD6) /* 350 */, CONST64(0xCF99CA3D754A173A) /* 351 */, - CONST64(0xFE477BACAF91BF3C) /* 352 */, CONST64(0xED5371F6D690C12D) /* 353 */, - CONST64(0x831A5C285E687094) /* 354 */, CONST64(0xC5D3C90A3708A0A4) /* 355 */, - CONST64(0x0F7F903717D06580) /* 356 */, CONST64(0x19F9BB13B8FDF27F) /* 357 */, - CONST64(0xB1BD6F1B4D502843) /* 358 */, CONST64(0x1C761BA38FFF4012) /* 359 */, - CONST64(0x0D1530C4E2E21F3B) /* 360 */, CONST64(0x8943CE69A7372C8A) /* 361 */, - CONST64(0xE5184E11FEB5CE66) /* 362 */, CONST64(0x618BDB80BD736621) /* 363 */, - CONST64(0x7D29BAD68B574D0B) /* 364 */, CONST64(0x81BB613E25E6FE5B) /* 365 */, - CONST64(0x071C9C10BC07913F) /* 366 */, CONST64(0xC7BEEB7909AC2D97) /* 367 */, - CONST64(0xC3E58D353BC5D757) /* 368 */, CONST64(0xEB017892F38F61E8) /* 369 */, - CONST64(0xD4EFFB9C9B1CC21A) /* 370 */, CONST64(0x99727D26F494F7AB) /* 371 */, - CONST64(0xA3E063A2956B3E03) /* 372 */, CONST64(0x9D4A8B9A4AA09C30) /* 373 */, - CONST64(0x3F6AB7D500090FB4) /* 374 */, CONST64(0x9CC0F2A057268AC0) /* 375 */, - CONST64(0x3DEE9D2DEDBF42D1) /* 376 */, CONST64(0x330F49C87960A972) /* 377 */, - CONST64(0xC6B2720287421B41) /* 378 */, CONST64(0x0AC59EC07C00369C) /* 379 */, - CONST64(0xEF4EAC49CB353425) /* 380 */, CONST64(0xF450244EEF0129D8) /* 381 */, - CONST64(0x8ACC46E5CAF4DEB6) /* 382 */, CONST64(0x2FFEAB63989263F7) /* 383 */, - CONST64(0x8F7CB9FE5D7A4578) /* 384 */, CONST64(0x5BD8F7644E634635) /* 385 */, - CONST64(0x427A7315BF2DC900) /* 386 */, CONST64(0x17D0C4AA2125261C) /* 387 */, - CONST64(0x3992486C93518E50) /* 388 */, CONST64(0xB4CBFEE0A2D7D4C3) /* 389 */, - CONST64(0x7C75D6202C5DDD8D) /* 390 */, CONST64(0xDBC295D8E35B6C61) /* 391 */, - CONST64(0x60B369D302032B19) /* 392 */, CONST64(0xCE42685FDCE44132) /* 393 */, - CONST64(0x06F3DDB9DDF65610) /* 394 */, CONST64(0x8EA4D21DB5E148F0) /* 395 */, - CONST64(0x20B0FCE62FCD496F) /* 396 */, CONST64(0x2C1B912358B0EE31) /* 397 */, - CONST64(0xB28317B818F5A308) /* 398 */, CONST64(0xA89C1E189CA6D2CF) /* 399 */, - CONST64(0x0C6B18576AAADBC8) /* 400 */, CONST64(0xB65DEAA91299FAE3) /* 401 */, - CONST64(0xFB2B794B7F1027E7) /* 402 */, CONST64(0x04E4317F443B5BEB) /* 403 */, - CONST64(0x4B852D325939D0A6) /* 404 */, CONST64(0xD5AE6BEEFB207FFC) /* 405 */, - CONST64(0x309682B281C7D374) /* 406 */, CONST64(0xBAE309A194C3B475) /* 407 */, - CONST64(0x8CC3F97B13B49F05) /* 408 */, CONST64(0x98A9422FF8293967) /* 409 */, - CONST64(0x244B16B01076FF7C) /* 410 */, CONST64(0xF8BF571C663D67EE) /* 411 */, - CONST64(0x1F0D6758EEE30DA1) /* 412 */, CONST64(0xC9B611D97ADEB9B7) /* 413 */, - CONST64(0xB7AFD5887B6C57A2) /* 414 */, CONST64(0x6290AE846B984FE1) /* 415 */, - CONST64(0x94DF4CDEACC1A5FD) /* 416 */, CONST64(0x058A5BD1C5483AFF) /* 417 */, - CONST64(0x63166CC142BA3C37) /* 418 */, CONST64(0x8DB8526EB2F76F40) /* 419 */, - CONST64(0xE10880036F0D6D4E) /* 420 */, CONST64(0x9E0523C9971D311D) /* 421 */, - CONST64(0x45EC2824CC7CD691) /* 422 */, CONST64(0x575B8359E62382C9) /* 423 */, - CONST64(0xFA9E400DC4889995) /* 424 */, CONST64(0xD1823ECB45721568) /* 425 */, - CONST64(0xDAFD983B8206082F) /* 426 */, CONST64(0xAA7D29082386A8CB) /* 427 */, - CONST64(0x269FCD4403B87588) /* 428 */, CONST64(0x1B91F5F728BDD1E0) /* 429 */, - CONST64(0xE4669F39040201F6) /* 430 */, CONST64(0x7A1D7C218CF04ADE) /* 431 */, - CONST64(0x65623C29D79CE5CE) /* 432 */, CONST64(0x2368449096C00BB1) /* 433 */, - CONST64(0xAB9BF1879DA503BA) /* 434 */, CONST64(0xBC23ECB1A458058E) /* 435 */, - CONST64(0x9A58DF01BB401ECC) /* 436 */, CONST64(0xA070E868A85F143D) /* 437 */, - CONST64(0x4FF188307DF2239E) /* 438 */, CONST64(0x14D565B41A641183) /* 439 */, - CONST64(0xEE13337452701602) /* 440 */, CONST64(0x950E3DCF3F285E09) /* 441 */, - CONST64(0x59930254B9C80953) /* 442 */, CONST64(0x3BF299408930DA6D) /* 443 */, - CONST64(0xA955943F53691387) /* 444 */, CONST64(0xA15EDECAA9CB8784) /* 445 */, - CONST64(0x29142127352BE9A0) /* 446 */, CONST64(0x76F0371FFF4E7AFB) /* 447 */, - CONST64(0x0239F450274F2228) /* 448 */, CONST64(0xBB073AF01D5E868B) /* 449 */, - CONST64(0xBFC80571C10E96C1) /* 450 */, CONST64(0xD267088568222E23) /* 451 */, - CONST64(0x9671A3D48E80B5B0) /* 452 */, CONST64(0x55B5D38AE193BB81) /* 453 */, - CONST64(0x693AE2D0A18B04B8) /* 454 */, CONST64(0x5C48B4ECADD5335F) /* 455 */, - CONST64(0xFD743B194916A1CA) /* 456 */, CONST64(0x2577018134BE98C4) /* 457 */, - CONST64(0xE77987E83C54A4AD) /* 458 */, CONST64(0x28E11014DA33E1B9) /* 459 */, - CONST64(0x270CC59E226AA213) /* 460 */, CONST64(0x71495F756D1A5F60) /* 461 */, - CONST64(0x9BE853FB60AFEF77) /* 462 */, CONST64(0xADC786A7F7443DBF) /* 463 */, - CONST64(0x0904456173B29A82) /* 464 */, CONST64(0x58BC7A66C232BD5E) /* 465 */, - CONST64(0xF306558C673AC8B2) /* 466 */, CONST64(0x41F639C6B6C9772A) /* 467 */, - CONST64(0x216DEFE99FDA35DA) /* 468 */, CONST64(0x11640CC71C7BE615) /* 469 */, - CONST64(0x93C43694565C5527) /* 470 */, CONST64(0xEA038E6246777839) /* 471 */, - CONST64(0xF9ABF3CE5A3E2469) /* 472 */, CONST64(0x741E768D0FD312D2) /* 473 */, - CONST64(0x0144B883CED652C6) /* 474 */, CONST64(0xC20B5A5BA33F8552) /* 475 */, - CONST64(0x1AE69633C3435A9D) /* 476 */, CONST64(0x97A28CA4088CFDEC) /* 477 */, - CONST64(0x8824A43C1E96F420) /* 478 */, CONST64(0x37612FA66EEEA746) /* 479 */, - CONST64(0x6B4CB165F9CF0E5A) /* 480 */, CONST64(0x43AA1C06A0ABFB4A) /* 481 */, - CONST64(0x7F4DC26FF162796B) /* 482 */, CONST64(0x6CBACC8E54ED9B0F) /* 483 */, - CONST64(0xA6B7FFEFD2BB253E) /* 484 */, CONST64(0x2E25BC95B0A29D4F) /* 485 */, - CONST64(0x86D6A58BDEF1388C) /* 486 */, CONST64(0xDED74AC576B6F054) /* 487 */, - CONST64(0x8030BDBC2B45805D) /* 488 */, CONST64(0x3C81AF70E94D9289) /* 489 */, - CONST64(0x3EFF6DDA9E3100DB) /* 490 */, CONST64(0xB38DC39FDFCC8847) /* 491 */, - CONST64(0x123885528D17B87E) /* 492 */, CONST64(0xF2DA0ED240B1B642) /* 493 */, - CONST64(0x44CEFADCD54BF9A9) /* 494 */, CONST64(0x1312200E433C7EE6) /* 495 */, - CONST64(0x9FFCC84F3A78C748) /* 496 */, CONST64(0xF0CD1F72248576BB) /* 497 */, - CONST64(0xEC6974053638CFE4) /* 498 */, CONST64(0x2BA7B67C0CEC4E4C) /* 499 */, - CONST64(0xAC2F4DF3E5CE32ED) /* 500 */, CONST64(0xCB33D14326EA4C11) /* 501 */, - CONST64(0xA4E9044CC77E58BC) /* 502 */, CONST64(0x5F513293D934FCEF) /* 503 */, - CONST64(0x5DC9645506E55444) /* 504 */, CONST64(0x50DE418F317DE40A) /* 505 */, - CONST64(0x388CB31A69DDE259) /* 506 */, CONST64(0x2DB4A83455820A86) /* 507 */, - CONST64(0x9010A91E84711AE9) /* 508 */, CONST64(0x4DF7F0B7B1498371) /* 509 */, - CONST64(0xD62A2EABC0977179) /* 510 */, CONST64(0x22FAC097AA8D5C0E) /* 511 */, - CONST64(0xF49FCC2FF1DAF39B) /* 512 */, CONST64(0x487FD5C66FF29281) /* 513 */, - CONST64(0xE8A30667FCDCA83F) /* 514 */, CONST64(0x2C9B4BE3D2FCCE63) /* 515 */, - CONST64(0xDA3FF74B93FBBBC2) /* 516 */, CONST64(0x2FA165D2FE70BA66) /* 517 */, - CONST64(0xA103E279970E93D4) /* 518 */, CONST64(0xBECDEC77B0E45E71) /* 519 */, - CONST64(0xCFB41E723985E497) /* 520 */, CONST64(0xB70AAA025EF75017) /* 521 */, - CONST64(0xD42309F03840B8E0) /* 522 */, CONST64(0x8EFC1AD035898579) /* 523 */, - CONST64(0x96C6920BE2B2ABC5) /* 524 */, CONST64(0x66AF4163375A9172) /* 525 */, - CONST64(0x2174ABDCCA7127FB) /* 526 */, CONST64(0xB33CCEA64A72FF41) /* 527 */, - CONST64(0xF04A4933083066A5) /* 528 */, CONST64(0x8D970ACDD7289AF5) /* 529 */, - CONST64(0x8F96E8E031C8C25E) /* 530 */, CONST64(0xF3FEC02276875D47) /* 531 */, - CONST64(0xEC7BF310056190DD) /* 532 */, CONST64(0xF5ADB0AEBB0F1491) /* 533 */, - CONST64(0x9B50F8850FD58892) /* 534 */, CONST64(0x4975488358B74DE8) /* 535 */, - CONST64(0xA3354FF691531C61) /* 536 */, CONST64(0x0702BBE481D2C6EE) /* 537 */, - CONST64(0x89FB24057DEDED98) /* 538 */, CONST64(0xAC3075138596E902) /* 539 */, - CONST64(0x1D2D3580172772ED) /* 540 */, CONST64(0xEB738FC28E6BC30D) /* 541 */, - CONST64(0x5854EF8F63044326) /* 542 */, CONST64(0x9E5C52325ADD3BBE) /* 543 */, - CONST64(0x90AA53CF325C4623) /* 544 */, CONST64(0xC1D24D51349DD067) /* 545 */, - CONST64(0x2051CFEEA69EA624) /* 546 */, CONST64(0x13220F0A862E7E4F) /* 547 */, - CONST64(0xCE39399404E04864) /* 548 */, CONST64(0xD9C42CA47086FCB7) /* 549 */, - CONST64(0x685AD2238A03E7CC) /* 550 */, CONST64(0x066484B2AB2FF1DB) /* 551 */, - CONST64(0xFE9D5D70EFBF79EC) /* 552 */, CONST64(0x5B13B9DD9C481854) /* 553 */, - CONST64(0x15F0D475ED1509AD) /* 554 */, CONST64(0x0BEBCD060EC79851) /* 555 */, - CONST64(0xD58C6791183AB7F8) /* 556 */, CONST64(0xD1187C5052F3EEE4) /* 557 */, - CONST64(0xC95D1192E54E82FF) /* 558 */, CONST64(0x86EEA14CB9AC6CA2) /* 559 */, - CONST64(0x3485BEB153677D5D) /* 560 */, CONST64(0xDD191D781F8C492A) /* 561 */, - CONST64(0xF60866BAA784EBF9) /* 562 */, CONST64(0x518F643BA2D08C74) /* 563 */, - CONST64(0x8852E956E1087C22) /* 564 */, CONST64(0xA768CB8DC410AE8D) /* 565 */, - CONST64(0x38047726BFEC8E1A) /* 566 */, CONST64(0xA67738B4CD3B45AA) /* 567 */, - CONST64(0xAD16691CEC0DDE19) /* 568 */, CONST64(0xC6D4319380462E07) /* 569 */, - CONST64(0xC5A5876D0BA61938) /* 570 */, CONST64(0x16B9FA1FA58FD840) /* 571 */, - CONST64(0x188AB1173CA74F18) /* 572 */, CONST64(0xABDA2F98C99C021F) /* 573 */, - CONST64(0x3E0580AB134AE816) /* 574 */, CONST64(0x5F3B05B773645ABB) /* 575 */, - CONST64(0x2501A2BE5575F2F6) /* 576 */, CONST64(0x1B2F74004E7E8BA9) /* 577 */, - CONST64(0x1CD7580371E8D953) /* 578 */, CONST64(0x7F6ED89562764E30) /* 579 */, - CONST64(0xB15926FF596F003D) /* 580 */, CONST64(0x9F65293DA8C5D6B9) /* 581 */, - CONST64(0x6ECEF04DD690F84C) /* 582 */, CONST64(0x4782275FFF33AF88) /* 583 */, - CONST64(0xE41433083F820801) /* 584 */, CONST64(0xFD0DFE409A1AF9B5) /* 585 */, - CONST64(0x4325A3342CDB396B) /* 586 */, CONST64(0x8AE77E62B301B252) /* 587 */, - CONST64(0xC36F9E9F6655615A) /* 588 */, CONST64(0x85455A2D92D32C09) /* 589 */, - CONST64(0xF2C7DEA949477485) /* 590 */, CONST64(0x63CFB4C133A39EBA) /* 591 */, - CONST64(0x83B040CC6EBC5462) /* 592 */, CONST64(0x3B9454C8FDB326B0) /* 593 */, - CONST64(0x56F56A9E87FFD78C) /* 594 */, CONST64(0x2DC2940D99F42BC6) /* 595 */, - CONST64(0x98F7DF096B096E2D) /* 596 */, CONST64(0x19A6E01E3AD852BF) /* 597 */, - CONST64(0x42A99CCBDBD4B40B) /* 598 */, CONST64(0xA59998AF45E9C559) /* 599 */, - CONST64(0x366295E807D93186) /* 600 */, CONST64(0x6B48181BFAA1F773) /* 601 */, - CONST64(0x1FEC57E2157A0A1D) /* 602 */, CONST64(0x4667446AF6201AD5) /* 603 */, - CONST64(0xE615EBCACFB0F075) /* 604 */, CONST64(0xB8F31F4F68290778) /* 605 */, - CONST64(0x22713ED6CE22D11E) /* 606 */, CONST64(0x3057C1A72EC3C93B) /* 607 */, - CONST64(0xCB46ACC37C3F1F2F) /* 608 */, CONST64(0xDBB893FD02AAF50E) /* 609 */, - CONST64(0x331FD92E600B9FCF) /* 610 */, CONST64(0xA498F96148EA3AD6) /* 611 */, - CONST64(0xA8D8426E8B6A83EA) /* 612 */, CONST64(0xA089B274B7735CDC) /* 613 */, - CONST64(0x87F6B3731E524A11) /* 614 */, CONST64(0x118808E5CBC96749) /* 615 */, - CONST64(0x9906E4C7B19BD394) /* 616 */, CONST64(0xAFED7F7E9B24A20C) /* 617 */, - CONST64(0x6509EADEEB3644A7) /* 618 */, CONST64(0x6C1EF1D3E8EF0EDE) /* 619 */, - CONST64(0xB9C97D43E9798FB4) /* 620 */, CONST64(0xA2F2D784740C28A3) /* 621 */, - CONST64(0x7B8496476197566F) /* 622 */, CONST64(0x7A5BE3E6B65F069D) /* 623 */, - CONST64(0xF96330ED78BE6F10) /* 624 */, CONST64(0xEEE60DE77A076A15) /* 625 */, - CONST64(0x2B4BEE4AA08B9BD0) /* 626 */, CONST64(0x6A56A63EC7B8894E) /* 627 */, - CONST64(0x02121359BA34FEF4) /* 628 */, CONST64(0x4CBF99F8283703FC) /* 629 */, - CONST64(0x398071350CAF30C8) /* 630 */, CONST64(0xD0A77A89F017687A) /* 631 */, - CONST64(0xF1C1A9EB9E423569) /* 632 */, CONST64(0x8C7976282DEE8199) /* 633 */, - CONST64(0x5D1737A5DD1F7ABD) /* 634 */, CONST64(0x4F53433C09A9FA80) /* 635 */, - CONST64(0xFA8B0C53DF7CA1D9) /* 636 */, CONST64(0x3FD9DCBC886CCB77) /* 637 */, - CONST64(0xC040917CA91B4720) /* 638 */, CONST64(0x7DD00142F9D1DCDF) /* 639 */, - CONST64(0x8476FC1D4F387B58) /* 640 */, CONST64(0x23F8E7C5F3316503) /* 641 */, - CONST64(0x032A2244E7E37339) /* 642 */, CONST64(0x5C87A5D750F5A74B) /* 643 */, - CONST64(0x082B4CC43698992E) /* 644 */, CONST64(0xDF917BECB858F63C) /* 645 */, - CONST64(0x3270B8FC5BF86DDA) /* 646 */, CONST64(0x10AE72BB29B5DD76) /* 647 */, - CONST64(0x576AC94E7700362B) /* 648 */, CONST64(0x1AD112DAC61EFB8F) /* 649 */, - CONST64(0x691BC30EC5FAA427) /* 650 */, CONST64(0xFF246311CC327143) /* 651 */, - CONST64(0x3142368E30E53206) /* 652 */, CONST64(0x71380E31E02CA396) /* 653 */, - CONST64(0x958D5C960AAD76F1) /* 654 */, CONST64(0xF8D6F430C16DA536) /* 655 */, - CONST64(0xC8FFD13F1BE7E1D2) /* 656 */, CONST64(0x7578AE66004DDBE1) /* 657 */, - CONST64(0x05833F01067BE646) /* 658 */, CONST64(0xBB34B5AD3BFE586D) /* 659 */, - CONST64(0x095F34C9A12B97F0) /* 660 */, CONST64(0x247AB64525D60CA8) /* 661 */, - CONST64(0xDCDBC6F3017477D1) /* 662 */, CONST64(0x4A2E14D4DECAD24D) /* 663 */, - CONST64(0xBDB5E6D9BE0A1EEB) /* 664 */, CONST64(0x2A7E70F7794301AB) /* 665 */, - CONST64(0xDEF42D8A270540FD) /* 666 */, CONST64(0x01078EC0A34C22C1) /* 667 */, - CONST64(0xE5DE511AF4C16387) /* 668 */, CONST64(0x7EBB3A52BD9A330A) /* 669 */, - CONST64(0x77697857AA7D6435) /* 670 */, CONST64(0x004E831603AE4C32) /* 671 */, - CONST64(0xE7A21020AD78E312) /* 672 */, CONST64(0x9D41A70C6AB420F2) /* 673 */, - CONST64(0x28E06C18EA1141E6) /* 674 */, CONST64(0xD2B28CBD984F6B28) /* 675 */, - CONST64(0x26B75F6C446E9D83) /* 676 */, CONST64(0xBA47568C4D418D7F) /* 677 */, - CONST64(0xD80BADBFE6183D8E) /* 678 */, CONST64(0x0E206D7F5F166044) /* 679 */, - CONST64(0xE258A43911CBCA3E) /* 680 */, CONST64(0x723A1746B21DC0BC) /* 681 */, - CONST64(0xC7CAA854F5D7CDD3) /* 682 */, CONST64(0x7CAC32883D261D9C) /* 683 */, - CONST64(0x7690C26423BA942C) /* 684 */, CONST64(0x17E55524478042B8) /* 685 */, - CONST64(0xE0BE477656A2389F) /* 686 */, CONST64(0x4D289B5E67AB2DA0) /* 687 */, - CONST64(0x44862B9C8FBBFD31) /* 688 */, CONST64(0xB47CC8049D141365) /* 689 */, - CONST64(0x822C1B362B91C793) /* 690 */, CONST64(0x4EB14655FB13DFD8) /* 691 */, - CONST64(0x1ECBBA0714E2A97B) /* 692 */, CONST64(0x6143459D5CDE5F14) /* 693 */, - CONST64(0x53A8FBF1D5F0AC89) /* 694 */, CONST64(0x97EA04D81C5E5B00) /* 695 */, - CONST64(0x622181A8D4FDB3F3) /* 696 */, CONST64(0xE9BCD341572A1208) /* 697 */, - CONST64(0x1411258643CCE58A) /* 698 */, CONST64(0x9144C5FEA4C6E0A4) /* 699 */, - CONST64(0x0D33D06565CF620F) /* 700 */, CONST64(0x54A48D489F219CA1) /* 701 */, - CONST64(0xC43E5EAC6D63C821) /* 702 */, CONST64(0xA9728B3A72770DAF) /* 703 */, - CONST64(0xD7934E7B20DF87EF) /* 704 */, CONST64(0xE35503B61A3E86E5) /* 705 */, - CONST64(0xCAE321FBC819D504) /* 706 */, CONST64(0x129A50B3AC60BFA6) /* 707 */, - CONST64(0xCD5E68EA7E9FB6C3) /* 708 */, CONST64(0xB01C90199483B1C7) /* 709 */, - CONST64(0x3DE93CD5C295376C) /* 710 */, CONST64(0xAED52EDF2AB9AD13) /* 711 */, - CONST64(0x2E60F512C0A07884) /* 712 */, CONST64(0xBC3D86A3E36210C9) /* 713 */, - CONST64(0x35269D9B163951CE) /* 714 */, CONST64(0x0C7D6E2AD0CDB5FA) /* 715 */, - CONST64(0x59E86297D87F5733) /* 716 */, CONST64(0x298EF221898DB0E7) /* 717 */, - CONST64(0x55000029D1A5AA7E) /* 718 */, CONST64(0x8BC08AE1B5061B45) /* 719 */, - CONST64(0xC2C31C2B6C92703A) /* 720 */, CONST64(0x94CC596BAF25EF42) /* 721 */, - CONST64(0x0A1D73DB22540456) /* 722 */, CONST64(0x04B6A0F9D9C4179A) /* 723 */, - CONST64(0xEFFDAFA2AE3D3C60) /* 724 */, CONST64(0xF7C8075BB49496C4) /* 725 */, - CONST64(0x9CC5C7141D1CD4E3) /* 726 */, CONST64(0x78BD1638218E5534) /* 727 */, - CONST64(0xB2F11568F850246A) /* 728 */, CONST64(0xEDFABCFA9502BC29) /* 729 */, - CONST64(0x796CE5F2DA23051B) /* 730 */, CONST64(0xAAE128B0DC93537C) /* 731 */, - CONST64(0x3A493DA0EE4B29AE) /* 732 */, CONST64(0xB5DF6B2C416895D7) /* 733 */, - CONST64(0xFCABBD25122D7F37) /* 734 */, CONST64(0x70810B58105DC4B1) /* 735 */, - CONST64(0xE10FDD37F7882A90) /* 736 */, CONST64(0x524DCAB5518A3F5C) /* 737 */, - CONST64(0x3C9E85878451255B) /* 738 */, CONST64(0x4029828119BD34E2) /* 739 */, - CONST64(0x74A05B6F5D3CECCB) /* 740 */, CONST64(0xB610021542E13ECA) /* 741 */, - CONST64(0x0FF979D12F59E2AC) /* 742 */, CONST64(0x6037DA27E4F9CC50) /* 743 */, - CONST64(0x5E92975A0DF1847D) /* 744 */, CONST64(0xD66DE190D3E623FE) /* 745 */, - CONST64(0x5032D6B87B568048) /* 746 */, CONST64(0x9A36B7CE8235216E) /* 747 */, - CONST64(0x80272A7A24F64B4A) /* 748 */, CONST64(0x93EFED8B8C6916F7) /* 749 */, - CONST64(0x37DDBFF44CCE1555) /* 750 */, CONST64(0x4B95DB5D4B99BD25) /* 751 */, - CONST64(0x92D3FDA169812FC0) /* 752 */, CONST64(0xFB1A4A9A90660BB6) /* 753 */, - CONST64(0x730C196946A4B9B2) /* 754 */, CONST64(0x81E289AA7F49DA68) /* 755 */, - CONST64(0x64669A0F83B1A05F) /* 756 */, CONST64(0x27B3FF7D9644F48B) /* 757 */, - CONST64(0xCC6B615C8DB675B3) /* 758 */, CONST64(0x674F20B9BCEBBE95) /* 759 */, - CONST64(0x6F31238275655982) /* 760 */, CONST64(0x5AE488713E45CF05) /* 761 */, - CONST64(0xBF619F9954C21157) /* 762 */, CONST64(0xEABAC46040A8EAE9) /* 763 */, - CONST64(0x454C6FE9F2C0C1CD) /* 764 */, CONST64(0x419CF6496412691C) /* 765 */, - CONST64(0xD3DC3BEF265B0F70) /* 766 */, CONST64(0x6D0E60F5C3578A9E) /* 767 */, - CONST64(0x5B0E608526323C55) /* 768 */, CONST64(0x1A46C1A9FA1B59F5) /* 769 */, - CONST64(0xA9E245A17C4C8FFA) /* 770 */, CONST64(0x65CA5159DB2955D7) /* 771 */, - CONST64(0x05DB0A76CE35AFC2) /* 772 */, CONST64(0x81EAC77EA9113D45) /* 773 */, - CONST64(0x528EF88AB6AC0A0D) /* 774 */, CONST64(0xA09EA253597BE3FF) /* 775 */, - CONST64(0x430DDFB3AC48CD56) /* 776 */, CONST64(0xC4B3A67AF45CE46F) /* 777 */, - CONST64(0x4ECECFD8FBE2D05E) /* 778 */, CONST64(0x3EF56F10B39935F0) /* 779 */, - CONST64(0x0B22D6829CD619C6) /* 780 */, CONST64(0x17FD460A74DF2069) /* 781 */, - CONST64(0x6CF8CC8E8510ED40) /* 782 */, CONST64(0xD6C824BF3A6ECAA7) /* 783 */, - CONST64(0x61243D581A817049) /* 784 */, CONST64(0x048BACB6BBC163A2) /* 785 */, - CONST64(0xD9A38AC27D44CC32) /* 786 */, CONST64(0x7FDDFF5BAAF410AB) /* 787 */, - CONST64(0xAD6D495AA804824B) /* 788 */, CONST64(0xE1A6A74F2D8C9F94) /* 789 */, - CONST64(0xD4F7851235DEE8E3) /* 790 */, CONST64(0xFD4B7F886540D893) /* 791 */, - CONST64(0x247C20042AA4BFDA) /* 792 */, CONST64(0x096EA1C517D1327C) /* 793 */, - CONST64(0xD56966B4361A6685) /* 794 */, CONST64(0x277DA5C31221057D) /* 795 */, - CONST64(0x94D59893A43ACFF7) /* 796 */, CONST64(0x64F0C51CCDC02281) /* 797 */, - CONST64(0x3D33BCC4FF6189DB) /* 798 */, CONST64(0xE005CB184CE66AF1) /* 799 */, - CONST64(0xFF5CCD1D1DB99BEA) /* 800 */, CONST64(0xB0B854A7FE42980F) /* 801 */, - CONST64(0x7BD46A6A718D4B9F) /* 802 */, CONST64(0xD10FA8CC22A5FD8C) /* 803 */, - CONST64(0xD31484952BE4BD31) /* 804 */, CONST64(0xC7FA975FCB243847) /* 805 */, - CONST64(0x4886ED1E5846C407) /* 806 */, CONST64(0x28CDDB791EB70B04) /* 807 */, - CONST64(0xC2B00BE2F573417F) /* 808 */, CONST64(0x5C9590452180F877) /* 809 */, - CONST64(0x7A6BDDFFF370EB00) /* 810 */, CONST64(0xCE509E38D6D9D6A4) /* 811 */, - CONST64(0xEBEB0F00647FA702) /* 812 */, CONST64(0x1DCC06CF76606F06) /* 813 */, - CONST64(0xE4D9F28BA286FF0A) /* 814 */, CONST64(0xD85A305DC918C262) /* 815 */, - CONST64(0x475B1D8732225F54) /* 816 */, CONST64(0x2D4FB51668CCB5FE) /* 817 */, - CONST64(0xA679B9D9D72BBA20) /* 818 */, CONST64(0x53841C0D912D43A5) /* 819 */, - CONST64(0x3B7EAA48BF12A4E8) /* 820 */, CONST64(0x781E0E47F22F1DDF) /* 821 */, - CONST64(0xEFF20CE60AB50973) /* 822 */, CONST64(0x20D261D19DFFB742) /* 823 */, - CONST64(0x16A12B03062A2E39) /* 824 */, CONST64(0x1960EB2239650495) /* 825 */, - CONST64(0x251C16FED50EB8B8) /* 826 */, CONST64(0x9AC0C330F826016E) /* 827 */, - CONST64(0xED152665953E7671) /* 828 */, CONST64(0x02D63194A6369570) /* 829 */, - CONST64(0x5074F08394B1C987) /* 830 */, CONST64(0x70BA598C90B25CE1) /* 831 */, - CONST64(0x794A15810B9742F6) /* 832 */, CONST64(0x0D5925E9FCAF8C6C) /* 833 */, - CONST64(0x3067716CD868744E) /* 834 */, CONST64(0x910AB077E8D7731B) /* 835 */, - CONST64(0x6A61BBDB5AC42F61) /* 836 */, CONST64(0x93513EFBF0851567) /* 837 */, - CONST64(0xF494724B9E83E9D5) /* 838 */, CONST64(0xE887E1985C09648D) /* 839 */, - CONST64(0x34B1D3C675370CFD) /* 840 */, CONST64(0xDC35E433BC0D255D) /* 841 */, - CONST64(0xD0AAB84234131BE0) /* 842 */, CONST64(0x08042A50B48B7EAF) /* 843 */, - CONST64(0x9997C4EE44A3AB35) /* 844 */, CONST64(0x829A7B49201799D0) /* 845 */, - CONST64(0x263B8307B7C54441) /* 846 */, CONST64(0x752F95F4FD6A6CA6) /* 847 */, - CONST64(0x927217402C08C6E5) /* 848 */, CONST64(0x2A8AB754A795D9EE) /* 849 */, - CONST64(0xA442F7552F72943D) /* 850 */, CONST64(0x2C31334E19781208) /* 851 */, - CONST64(0x4FA98D7CEAEE6291) /* 852 */, CONST64(0x55C3862F665DB309) /* 853 */, - CONST64(0xBD0610175D53B1F3) /* 854 */, CONST64(0x46FE6CB840413F27) /* 855 */, - CONST64(0x3FE03792DF0CFA59) /* 856 */, CONST64(0xCFE700372EB85E8F) /* 857 */, - CONST64(0xA7BE29E7ADBCE118) /* 858 */, CONST64(0xE544EE5CDE8431DD) /* 859 */, - CONST64(0x8A781B1B41F1873E) /* 860 */, CONST64(0xA5C94C78A0D2F0E7) /* 861 */, - CONST64(0x39412E2877B60728) /* 862 */, CONST64(0xA1265EF3AFC9A62C) /* 863 */, - CONST64(0xBCC2770C6A2506C5) /* 864 */, CONST64(0x3AB66DD5DCE1CE12) /* 865 */, - CONST64(0xE65499D04A675B37) /* 866 */, CONST64(0x7D8F523481BFD216) /* 867 */, - CONST64(0x0F6F64FCEC15F389) /* 868 */, CONST64(0x74EFBE618B5B13C8) /* 869 */, - CONST64(0xACDC82B714273E1D) /* 870 */, CONST64(0xDD40BFE003199D17) /* 871 */, - CONST64(0x37E99257E7E061F8) /* 872 */, CONST64(0xFA52626904775AAA) /* 873 */, - CONST64(0x8BBBF63A463D56F9) /* 874 */, CONST64(0xF0013F1543A26E64) /* 875 */, - CONST64(0xA8307E9F879EC898) /* 876 */, CONST64(0xCC4C27A4150177CC) /* 877 */, - CONST64(0x1B432F2CCA1D3348) /* 878 */, CONST64(0xDE1D1F8F9F6FA013) /* 879 */, - CONST64(0x606602A047A7DDD6) /* 880 */, CONST64(0xD237AB64CC1CB2C7) /* 881 */, - CONST64(0x9B938E7225FCD1D3) /* 882 */, CONST64(0xEC4E03708E0FF476) /* 883 */, - CONST64(0xFEB2FBDA3D03C12D) /* 884 */, CONST64(0xAE0BCED2EE43889A) /* 885 */, - CONST64(0x22CB8923EBFB4F43) /* 886 */, CONST64(0x69360D013CF7396D) /* 887 */, - CONST64(0x855E3602D2D4E022) /* 888 */, CONST64(0x073805BAD01F784C) /* 889 */, - CONST64(0x33E17A133852F546) /* 890 */, CONST64(0xDF4874058AC7B638) /* 891 */, - CONST64(0xBA92B29C678AA14A) /* 892 */, CONST64(0x0CE89FC76CFAADCD) /* 893 */, - CONST64(0x5F9D4E0908339E34) /* 894 */, CONST64(0xF1AFE9291F5923B9) /* 895 */, - CONST64(0x6E3480F60F4A265F) /* 896 */, CONST64(0xEEBF3A2AB29B841C) /* 897 */, - CONST64(0xE21938A88F91B4AD) /* 898 */, CONST64(0x57DFEFF845C6D3C3) /* 899 */, - CONST64(0x2F006B0BF62CAAF2) /* 900 */, CONST64(0x62F479EF6F75EE78) /* 901 */, - CONST64(0x11A55AD41C8916A9) /* 902 */, CONST64(0xF229D29084FED453) /* 903 */, - CONST64(0x42F1C27B16B000E6) /* 904 */, CONST64(0x2B1F76749823C074) /* 905 */, - CONST64(0x4B76ECA3C2745360) /* 906 */, CONST64(0x8C98F463B91691BD) /* 907 */, - CONST64(0x14BCC93CF1ADE66A) /* 908 */, CONST64(0x8885213E6D458397) /* 909 */, - CONST64(0x8E177DF0274D4711) /* 910 */, CONST64(0xB49B73B5503F2951) /* 911 */, - CONST64(0x10168168C3F96B6B) /* 912 */, CONST64(0x0E3D963B63CAB0AE) /* 913 */, - CONST64(0x8DFC4B5655A1DB14) /* 914 */, CONST64(0xF789F1356E14DE5C) /* 915 */, - CONST64(0x683E68AF4E51DAC1) /* 916 */, CONST64(0xC9A84F9D8D4B0FD9) /* 917 */, - CONST64(0x3691E03F52A0F9D1) /* 918 */, CONST64(0x5ED86E46E1878E80) /* 919 */, - CONST64(0x3C711A0E99D07150) /* 920 */, CONST64(0x5A0865B20C4E9310) /* 921 */, - CONST64(0x56FBFC1FE4F0682E) /* 922 */, CONST64(0xEA8D5DE3105EDF9B) /* 923 */, - CONST64(0x71ABFDB12379187A) /* 924 */, CONST64(0x2EB99DE1BEE77B9C) /* 925 */, - CONST64(0x21ECC0EA33CF4523) /* 926 */, CONST64(0x59A4D7521805C7A1) /* 927 */, - CONST64(0x3896F5EB56AE7C72) /* 928 */, CONST64(0xAA638F3DB18F75DC) /* 929 */, - CONST64(0x9F39358DABE9808E) /* 930 */, CONST64(0xB7DEFA91C00B72AC) /* 931 */, - CONST64(0x6B5541FD62492D92) /* 932 */, CONST64(0x6DC6DEE8F92E4D5B) /* 933 */, - CONST64(0x353F57ABC4BEEA7E) /* 934 */, CONST64(0x735769D6DA5690CE) /* 935 */, - CONST64(0x0A234AA642391484) /* 936 */, CONST64(0xF6F9508028F80D9D) /* 937 */, - CONST64(0xB8E319A27AB3F215) /* 938 */, CONST64(0x31AD9C1151341A4D) /* 939 */, - CONST64(0x773C22A57BEF5805) /* 940 */, CONST64(0x45C7561A07968633) /* 941 */, - CONST64(0xF913DA9E249DBE36) /* 942 */, CONST64(0xDA652D9B78A64C68) /* 943 */, - CONST64(0x4C27A97F3BC334EF) /* 944 */, CONST64(0x76621220E66B17F4) /* 945 */, - CONST64(0x967743899ACD7D0B) /* 946 */, CONST64(0xF3EE5BCAE0ED6782) /* 947 */, - CONST64(0x409F753600C879FC) /* 948 */, CONST64(0x06D09A39B5926DB6) /* 949 */, - CONST64(0x6F83AEB0317AC588) /* 950 */, CONST64(0x01E6CA4A86381F21) /* 951 */, - CONST64(0x66FF3462D19F3025) /* 952 */, CONST64(0x72207C24DDFD3BFB) /* 953 */, - CONST64(0x4AF6B6D3E2ECE2EB) /* 954 */, CONST64(0x9C994DBEC7EA08DE) /* 955 */, - CONST64(0x49ACE597B09A8BC4) /* 956 */, CONST64(0xB38C4766CF0797BA) /* 957 */, - CONST64(0x131B9373C57C2A75) /* 958 */, CONST64(0xB1822CCE61931E58) /* 959 */, - CONST64(0x9D7555B909BA1C0C) /* 960 */, CONST64(0x127FAFDD937D11D2) /* 961 */, - CONST64(0x29DA3BADC66D92E4) /* 962 */, CONST64(0xA2C1D57154C2ECBC) /* 963 */, - CONST64(0x58C5134D82F6FE24) /* 964 */, CONST64(0x1C3AE3515B62274F) /* 965 */, - CONST64(0xE907C82E01CB8126) /* 966 */, CONST64(0xF8ED091913E37FCB) /* 967 */, - CONST64(0x3249D8F9C80046C9) /* 968 */, CONST64(0x80CF9BEDE388FB63) /* 969 */, - CONST64(0x1881539A116CF19E) /* 970 */, CONST64(0x5103F3F76BD52457) /* 971 */, - CONST64(0x15B7E6F5AE47F7A8) /* 972 */, CONST64(0xDBD7C6DED47E9CCF) /* 973 */, - CONST64(0x44E55C410228BB1A) /* 974 */, CONST64(0xB647D4255EDB4E99) /* 975 */, - CONST64(0x5D11882BB8AAFC30) /* 976 */, CONST64(0xF5098BBB29D3212A) /* 977 */, - CONST64(0x8FB5EA14E90296B3) /* 978 */, CONST64(0x677B942157DD025A) /* 979 */, - CONST64(0xFB58E7C0A390ACB5) /* 980 */, CONST64(0x89D3674C83BD4A01) /* 981 */, - CONST64(0x9E2DA4DF4BF3B93B) /* 982 */, CONST64(0xFCC41E328CAB4829) /* 983 */, - CONST64(0x03F38C96BA582C52) /* 984 */, CONST64(0xCAD1BDBD7FD85DB2) /* 985 */, - CONST64(0xBBB442C16082AE83) /* 986 */, CONST64(0xB95FE86BA5DA9AB0) /* 987 */, - CONST64(0xB22E04673771A93F) /* 988 */, CONST64(0x845358C9493152D8) /* 989 */, - CONST64(0xBE2A488697B4541E) /* 990 */, CONST64(0x95A2DC2DD38E6966) /* 991 */, - CONST64(0xC02C11AC923C852B) /* 992 */, CONST64(0x2388B1990DF2A87B) /* 993 */, - CONST64(0x7C8008FA1B4F37BE) /* 994 */, CONST64(0x1F70D0C84D54E503) /* 995 */, - CONST64(0x5490ADEC7ECE57D4) /* 996 */, CONST64(0x002B3C27D9063A3A) /* 997 */, - CONST64(0x7EAEA3848030A2BF) /* 998 */, CONST64(0xC602326DED2003C0) /* 999 */, - CONST64(0x83A7287D69A94086) /* 1000 */, CONST64(0xC57A5FCB30F57A8A) /* 1001 */, - CONST64(0xB56844E479EBE779) /* 1002 */, CONST64(0xA373B40F05DCBCE9) /* 1003 */, - CONST64(0xD71A786E88570EE2) /* 1004 */, CONST64(0x879CBACDBDE8F6A0) /* 1005 */, - CONST64(0x976AD1BCC164A32F) /* 1006 */, CONST64(0xAB21E25E9666D78B) /* 1007 */, - CONST64(0x901063AAE5E5C33C) /* 1008 */, CONST64(0x9818B34448698D90) /* 1009 */, - CONST64(0xE36487AE3E1E8ABB) /* 1010 */, CONST64(0xAFBDF931893BDCB4) /* 1011 */, - CONST64(0x6345A0DC5FBBD519) /* 1012 */, CONST64(0x8628FE269B9465CA) /* 1013 */, - CONST64(0x1E5D01603F9C51EC) /* 1014 */, CONST64(0x4DE44006A15049B7) /* 1015 */, - CONST64(0xBF6C70E5F776CBB1) /* 1016 */, CONST64(0x411218F2EF552BED) /* 1017 */, - CONST64(0xCB0C0708705A36A3) /* 1018 */, CONST64(0xE74D14754F986044) /* 1019 */, - CONST64(0xCD56D9430EA8280E) /* 1020 */, CONST64(0xC12591D7535F5065) /* 1021 */, - CONST64(0xC83223F1720AEF96) /* 1022 */, CONST64(0xC3A0396F7363A51F) /* 1023 */}; - -#ifdef _MSC_VER - #define INLINE __inline -#else - #define INLINE -#endif - -/* one round of the hash function */ -INLINE static void tiger_round(ulong64 *a, ulong64 *b, ulong64 *c, ulong64 x, int mul) -{ - ulong64 tmp; - tmp = (*c ^= x); - *a -= t1[byte(tmp, 0)] ^ t2[byte(tmp, 2)] ^ t3[byte(tmp, 4)] ^ t4[byte(tmp, 6)]; - tmp = (*b += t4[byte(tmp, 1)] ^ t3[byte(tmp, 3)] ^ t2[byte(tmp,5)] ^ t1[byte(tmp,7)]); - switch (mul) { - case 5: *b = (tmp << 2) + tmp; break; - case 7: *b = (tmp << 3) - tmp; break; - case 9: *b = (tmp << 3) + tmp; break; - } -} - -/* one complete pass */ -static void pass(ulong64 *a, ulong64 *b, ulong64 *c, ulong64 *x, int mul) -{ - tiger_round(a,b,c,x[0],mul); - tiger_round(b,c,a,x[1],mul); - tiger_round(c,a,b,x[2],mul); - tiger_round(a,b,c,x[3],mul); - tiger_round(b,c,a,x[4],mul); - tiger_round(c,a,b,x[5],mul); - tiger_round(a,b,c,x[6],mul); - tiger_round(b,c,a,x[7],mul); -} - -/* The key mixing schedule */ -static void key_schedule(ulong64 *x) -{ - x[0] -= x[7] ^ CONST64(0xA5A5A5A5A5A5A5A5); - x[1] ^= x[0]; - x[2] += x[1]; - x[3] -= x[2] ^ ((~x[1])<<19); - x[4] ^= x[3]; - x[5] += x[4]; - x[6] -= x[5] ^ ((~x[4])>>23); - x[7] ^= x[6]; - x[0] += x[7]; - x[1] -= x[0] ^ ((~x[7])<<19); - x[2] ^= x[1]; - x[3] += x[2]; - x[4] -= x[3] ^ ((~x[2])>>23); - x[5] ^= x[4]; - x[6] += x[5]; - x[7] -= x[6] ^ CONST64(0x0123456789ABCDEF); -} - -#ifdef LTC_CLEAN_STACK -static int _tiger_compress(hash_state *md, unsigned char *buf) -#else -static int tiger_compress(hash_state *md, unsigned char *buf) -#endif -{ - ulong64 a, b, c, x[8]; - unsigned long i; - - /* load words */ - for (i = 0; i < 8; i++) { - LOAD64L(x[i],&buf[8*i]); - } - a = md->tiger.state[0]; - b = md->tiger.state[1]; - c = md->tiger.state[2]; - - pass(&a,&b,&c,x,5); - key_schedule(x); - pass(&c,&a,&b,x,7); - key_schedule(x); - pass(&b,&c,&a,x,9); - - /* store state */ - md->tiger.state[0] = a ^ md->tiger.state[0]; - md->tiger.state[1] = b - md->tiger.state[1]; - md->tiger.state[2] = c + md->tiger.state[2]; - - return CRYPT_OK; -} - -#ifdef LTC_CLEAN_STACK -static int tiger_compress(hash_state *md, unsigned char *buf) -{ - int err; - err = _tiger_compress(md, buf); - burn_stack(sizeof(ulong64) * 11 + sizeof(unsigned long)); - return err; -} -#endif - -/** - Initialize the hash state - @param md The hash state you wish to initialize - @return CRYPT_OK if successful -*/ -int tiger_init(hash_state *md) -{ - LTC_ARGCHK(md != NULL); - md->tiger.state[0] = CONST64(0x0123456789ABCDEF); - md->tiger.state[1] = CONST64(0xFEDCBA9876543210); - md->tiger.state[2] = CONST64(0xF096A5B4C3B2E187); - md->tiger.curlen = 0; - md->tiger.length = 0; - return CRYPT_OK; -} - -/** - Process a block of memory though the hash - @param md The hash state - @param in The data to hash - @param inlen The length of the data (octets) - @return CRYPT_OK if successful -*/ -HASH_PROCESS(tiger_process, tiger_compress, tiger, 64) - -/** - Terminate the hash to get the digest - @param md The hash state - @param out [out] The destination of the hash (24 bytes) - @return CRYPT_OK if successful -*/ -int tiger_done(hash_state * md, unsigned char *out) -{ - LTC_ARGCHK(md != NULL); - LTC_ARGCHK(out != NULL); - - if (md->tiger.curlen >= sizeof(md->tiger.buf)) { - return CRYPT_INVALID_ARG; - } - - /* increase the length of the message */ - md->tiger.length += md->tiger.curlen * 8; - - /* append the '1' bit */ - md->tiger.buf[md->tiger.curlen++] = (unsigned char)0x01; - - /* if the length is currently above 56 bytes we append zeros - * then compress. Then we can fall back to padding zeros and length - * encoding like normal. */ - if (md->tiger.curlen > 56) { - while (md->tiger.curlen < 64) { - md->tiger.buf[md->tiger.curlen++] = (unsigned char)0; - } - tiger_compress(md, md->tiger.buf); - md->tiger.curlen = 0; - } - - /* pad upto 56 bytes of zeroes */ - while (md->tiger.curlen < 56) { - md->tiger.buf[md->tiger.curlen++] = (unsigned char)0; - } - - /* store length */ - STORE64L(md->tiger.length, md->tiger.buf+56); - tiger_compress(md, md->tiger.buf); - - /* copy output */ - STORE64L(md->tiger.state[0], &out[0]); - STORE64L(md->tiger.state[1], &out[8]); - STORE64L(md->tiger.state[2], &out[16]); -#ifdef LTC_CLEAN_STACK - zeromem(md, sizeof(hash_state)); -#endif - - return CRYPT_OK; -} - -/** - Self-test the hash - @return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled -*/ -int tiger_test(void) -{ - #ifndef LTC_TEST - return CRYPT_NOP; - #else - static const struct { - const char *msg; - unsigned char hash[24]; - } tests[] = { - { "", - { 0x32, 0x93, 0xac, 0x63, 0x0c, 0x13, 0xf0, 0x24, - 0x5f, 0x92, 0xbb, 0xb1, 0x76, 0x6e, 0x16, 0x16, - 0x7a, 0x4e, 0x58, 0x49, 0x2d, 0xde, 0x73, 0xf3 } - }, - { "abc", - { 0x2a, 0xab, 0x14, 0x84, 0xe8, 0xc1, 0x58, 0xf2, - 0xbf, 0xb8, 0xc5, 0xff, 0x41, 0xb5, 0x7a, 0x52, - 0x51, 0x29, 0x13, 0x1c, 0x95, 0x7b, 0x5f, 0x93 } - }, - { "Tiger", - { 0xdd, 0x00, 0x23, 0x07, 0x99, 0xf5, 0x00, 0x9f, - 0xec, 0x6d, 0xeb, 0xc8, 0x38, 0xbb, 0x6a, 0x27, - 0xdf, 0x2b, 0x9d, 0x6f, 0x11, 0x0c, 0x79, 0x37 } - }, - { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-", - { 0xf7, 0x1c, 0x85, 0x83, 0x90, 0x2a, 0xfb, 0x87, - 0x9e, 0xdf, 0xe6, 0x10, 0xf8, 0x2c, 0x0d, 0x47, - 0x86, 0xa3, 0xa5, 0x34, 0x50, 0x44, 0x86, 0xb5 } - }, - { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-", - { 0xc5, 0x40, 0x34, 0xe5, 0xb4, 0x3e, 0xb8, 0x00, - 0x58, 0x48, 0xa7, 0xe0, 0xae, 0x6a, 0xac, 0x76, - 0xe4, 0xff, 0x59, 0x0a, 0xe7, 0x15, 0xfd, 0x25 } - }, - }; - - int i; - unsigned char tmp[24]; - hash_state md; - - for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { - tiger_init(&md); - tiger_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); - tiger_done(&md, tmp); - if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "TIGER", i)) { - return CRYPT_FAIL_TESTVECTOR; - } - } - return CRYPT_OK; - #endif -} - -#endif - -/* -Hash of "": - 24F0130C63AC9332 16166E76B1BB925F F373DE2D49584E7A -Hash of "abc": - F258C1E88414AB2A 527AB541FFC5B8BF 935F7B951C132951 -Hash of "Tiger": - 9F00F599072300DD 276ABB38C8EB6DEC 37790C116F9D2BDF -Hash of "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-": - 87FB2A9083851CF7 470D2CF810E6DF9E B586445034A5A386 -Hash of "ABCDEFGHIJKLMNOPQRSTUVWXYZ=abcdefghijklmnopqrstuvwxyz+0123456789": - 467DB80863EBCE48 8DF1CD1261655DE9 57896565975F9197 -Hash of "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham": - 0C410A042968868A 1671DA5A3FD29A72 5EC1E457D3CDB303 -Hash of "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proceedings of Fast Software Encryption 3, Cambridge.": - EBF591D5AFA655CE 7F22894FF87F54AC 89C811B6B0DA3193 -Hash of "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proceedings of Fast Software Encryption 3, Cambridge, 1996.": - 3D9AEB03D1BD1A63 57B2774DFD6D5B24 DD68151D503974FC -Hash of "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-": - 00B83EB4E53440C5 76AC6AAEE0A74858 25FD15E70A59FFE4 -*/ - - - - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/mac/f9/f9_done.c b/libtomcrypt/src/mac/f9/f9_done.c deleted file mode 100644 index 8d2ccb0..0000000 --- a/libtomcrypt/src/mac/f9/f9_done.c +++ /dev/null @@ -1,75 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file f9_done.c - f9 Support, terminate the state -*/ - -#ifdef LTC_F9_MODE - -/** Terminate the f9-MAC state - @param f9 f9 state to terminate - @param out [out] Destination for the MAC tag - @param outlen [in/out] Destination size and final tag size - Return CRYPT_OK on success -*/ -int f9_done(f9_state *f9, unsigned char *out, unsigned long *outlen) -{ - int err, x; - LTC_ARGCHK(f9 != NULL); - LTC_ARGCHK(out != NULL); - - /* check structure */ - if ((err = cipher_is_valid(f9->cipher)) != CRYPT_OK) { - return err; - } - - if ((f9->blocksize > cipher_descriptor[f9->cipher].block_length) || (f9->blocksize < 0) || - (f9->buflen > f9->blocksize) || (f9->buflen < 0)) { - return CRYPT_INVALID_ARG; - } - - if (f9->buflen != 0) { - /* encrypt */ - cipher_descriptor[f9->cipher].ecb_encrypt(f9->IV, f9->IV, &f9->key); - f9->buflen = 0; - for (x = 0; x < f9->blocksize; x++) { - f9->ACC[x] ^= f9->IV[x]; - } - } - - /* schedule modified key */ - if ((err = cipher_descriptor[f9->cipher].setup(f9->akey, f9->keylen, 0, &f9->key)) != CRYPT_OK) { - return err; - } - - /* encrypt the ACC */ - cipher_descriptor[f9->cipher].ecb_encrypt(f9->ACC, f9->ACC, &f9->key); - cipher_descriptor[f9->cipher].done(&f9->key); - - /* extract tag */ - for (x = 0; x < f9->blocksize && (unsigned long)x < *outlen; x++) { - out[x] = f9->ACC[x]; - } - *outlen = x; - -#ifdef LTC_CLEAN_STACK - zeromem(f9, sizeof(*f9)); -#endif - return CRYPT_OK; -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ - diff --git a/libtomcrypt/src/mac/f9/f9_file.c b/libtomcrypt/src/mac/f9/f9_file.c deleted file mode 100644 index 04d509b..0000000 --- a/libtomcrypt/src/mac/f9/f9_file.c +++ /dev/null @@ -1,97 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file f9_file.c - f9 support, process a file, Tom St Denis -*/ - -#ifdef LTC_F9_MODE - -/** - f9 a file - @param cipher The index of the cipher desired - @param key The secret key - @param keylen The length of the secret key (octets) - @param fname The name of the file you wish to f9 - @param out [out] Where the authentication tag is to be stored - @param outlen [in/out] The max size and resulting size of the authentication tag - @return CRYPT_OK if successful, CRYPT_NOP if file support has been disabled -*/ -int f9_file(int cipher, - const unsigned char *key, unsigned long keylen, - const char *fname, - unsigned char *out, unsigned long *outlen) -{ -#ifdef LTC_NO_FILE - LTC_UNUSED_PARAM(cipher); - LTC_UNUSED_PARAM(key); - LTC_UNUSED_PARAM(keylen); - LTC_UNUSED_PARAM(fname); - LTC_UNUSED_PARAM(out); - LTC_UNUSED_PARAM(outlen); - return CRYPT_NOP; -#else - size_t x; - int err; - f9_state f9; - FILE *in; - unsigned char *buf; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(fname != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - if ((buf = XMALLOC(LTC_FILE_READ_BUFSIZE)) == NULL) { - return CRYPT_MEM; - } - - if ((err = f9_init(&f9, cipher, key, keylen)) != CRYPT_OK) { - goto LBL_ERR; - } - - in = fopen(fname, "rb"); - if (in == NULL) { - err = CRYPT_FILE_NOTFOUND; - goto LBL_ERR; - } - - do { - x = fread(buf, 1, LTC_FILE_READ_BUFSIZE, in); - if ((err = f9_process(&f9, buf, (unsigned long)x)) != CRYPT_OK) { - fclose(in); - goto LBL_CLEANBUF; - } - } while (x == LTC_FILE_READ_BUFSIZE); - - if (fclose(in) != 0) { - err = CRYPT_ERROR; - goto LBL_CLEANBUF; - } - - err = f9_done(&f9, out, outlen); - -LBL_CLEANBUF: - zeromem(buf, LTC_FILE_READ_BUFSIZE); -LBL_ERR: -#ifdef LTC_CLEAN_STACK - zeromem(&f9, sizeof(f9_state)); -#endif - XFREE(buf); - return err; -#endif -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/mac/f9/f9_init.c b/libtomcrypt/src/mac/f9/f9_init.c deleted file mode 100644 index ba59b20..0000000 --- a/libtomcrypt/src/mac/f9/f9_init.c +++ /dev/null @@ -1,68 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file f9_init.c - F9 Support, start an F9 state -*/ - -#ifdef LTC_F9_MODE - -/** Initialize F9-MAC state - @param f9 [out] f9 state to initialize - @param cipher Index of cipher to use - @param key [in] Secret key - @param keylen Length of secret key in octets - Return CRYPT_OK on success -*/ -int f9_init(f9_state *f9, int cipher, const unsigned char *key, unsigned long keylen) -{ - int x, err; - - LTC_ARGCHK(f9 != NULL); - LTC_ARGCHK(key != NULL); - - /* schedule the key */ - if ((err = cipher_is_valid(cipher)) != CRYPT_OK) { - return err; - } - -#ifdef LTC_FAST - if (cipher_descriptor[cipher].block_length % sizeof(LTC_FAST_TYPE)) { - return CRYPT_INVALID_ARG; - } -#endif - - if ((err = cipher_descriptor[cipher].setup(key, keylen, 0, &f9->key)) != CRYPT_OK) { - goto done; - } - - /* make the second key */ - for (x = 0; (unsigned)x < keylen; x++) { - f9->akey[x] = key[x] ^ 0xAA; - } - - /* setup struct */ - zeromem(f9->IV, cipher_descriptor[cipher].block_length); - zeromem(f9->ACC, cipher_descriptor[cipher].block_length); - f9->blocksize = cipher_descriptor[cipher].block_length; - f9->cipher = cipher; - f9->buflen = 0; - f9->keylen = keylen; -done: - return err; -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ - diff --git a/libtomcrypt/src/mac/f9/f9_memory.c b/libtomcrypt/src/mac/f9/f9_memory.c deleted file mode 100644 index 70c694b..0000000 --- a/libtomcrypt/src/mac/f9/f9_memory.c +++ /dev/null @@ -1,69 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file f9_process.c - f9 Support, Process a block through F9-MAC -*/ - -#ifdef LTC_F9_MODE - -/** f9-MAC a block of memory - @param cipher Index of cipher to use - @param key [in] Secret key - @param keylen Length of key in octets - @param in [in] Message to MAC - @param inlen Length of input in octets - @param out [out] Destination for the MAC tag - @param outlen [in/out] Output size and final tag size - Return CRYPT_OK on success. -*/ -int f9_memory(int cipher, - const unsigned char *key, unsigned long keylen, - const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen) -{ - f9_state *f9; - int err; - - /* is the cipher valid? */ - if ((err = cipher_is_valid(cipher)) != CRYPT_OK) { - return err; - } - - /* Use accelerator if found */ - if (cipher_descriptor[cipher].f9_memory != NULL) { - return cipher_descriptor[cipher].f9_memory(key, keylen, in, inlen, out, outlen); - } - - f9 = XCALLOC(1, sizeof(*f9)); - if (f9 == NULL) { - return CRYPT_MEM; - } - - if ((err = f9_init(f9, cipher, key, keylen)) != CRYPT_OK) { - goto done; - } - - if ((err = f9_process(f9, in, inlen)) != CRYPT_OK) { - goto done; - } - - err = f9_done(f9, out, outlen); -done: - XFREE(f9); - return err; -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/mac/f9/f9_memory_multi.c b/libtomcrypt/src/mac/f9/f9_memory_multi.c deleted file mode 100644 index 2c1d31a..0000000 --- a/libtomcrypt/src/mac/f9/f9_memory_multi.c +++ /dev/null @@ -1,88 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" -#include - -/** - @file f9_memory_multi.c - f9 support, process multiple blocks of memory, Tom St Denis -*/ - -#ifdef LTC_F9_MODE - -/** - f9 multiple blocks of memory - @param cipher The index of the desired cipher - @param key The secret key - @param keylen The length of the secret key (octets) - @param out [out] The destination of the authentication tag - @param outlen [in/out] The max size and resulting size of the authentication tag (octets) - @param in The data to send through f9 - @param inlen The length of the data to send through f9 (octets) - @param ... tuples of (data,len) pairs to f9, terminated with a (NULL,x) (x=don't care) - @return CRYPT_OK if successful -*/ -int f9_memory_multi(int cipher, - const unsigned char *key, unsigned long keylen, - unsigned char *out, unsigned long *outlen, - const unsigned char *in, unsigned long inlen, ...) -{ - int err; - f9_state *f9; - va_list args; - const unsigned char *curptr; - unsigned long curlen; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - /* allocate ram for f9 state */ - f9 = XMALLOC(sizeof(f9_state)); - if (f9 == NULL) { - return CRYPT_MEM; - } - - /* f9 process the message */ - if ((err = f9_init(f9, cipher, key, keylen)) != CRYPT_OK) { - goto LBL_ERR; - } - va_start(args, inlen); - curptr = in; - curlen = inlen; - for (;;) { - /* process buf */ - if ((err = f9_process(f9, curptr, curlen)) != CRYPT_OK) { - goto LBL_ERR; - } - /* step to next */ - curptr = va_arg(args, const unsigned char*); - if (curptr == NULL) { - break; - } - curlen = va_arg(args, unsigned long); - } - if ((err = f9_done(f9, out, outlen)) != CRYPT_OK) { - goto LBL_ERR; - } -LBL_ERR: -#ifdef LTC_CLEAN_STACK - zeromem(f9, sizeof(f9_state)); -#endif - XFREE(f9); - va_end(args); - return err; -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/mac/f9/f9_process.c b/libtomcrypt/src/mac/f9/f9_process.c deleted file mode 100644 index ba4d39f..0000000 --- a/libtomcrypt/src/mac/f9/f9_process.c +++ /dev/null @@ -1,76 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file f9_process.c - f9 Support, process blocks with f9 -*/ - -#ifdef LTC_F9_MODE - -/** Process data through f9-MAC - @param f9 The f9-MAC state - @param in Input data to process - @param inlen Length of input in octets - Return CRYPT_OK on success -*/ -int f9_process(f9_state *f9, const unsigned char *in, unsigned long inlen) -{ - int err, x; - - LTC_ARGCHK(f9 != NULL); - LTC_ARGCHK(in != NULL); - - /* check structure */ - if ((err = cipher_is_valid(f9->cipher)) != CRYPT_OK) { - return err; - } - - if ((f9->blocksize > cipher_descriptor[f9->cipher].block_length) || (f9->blocksize < 0) || - (f9->buflen > f9->blocksize) || (f9->buflen < 0)) { - return CRYPT_INVALID_ARG; - } - -#ifdef LTC_FAST - if (f9->buflen == 0) { - while (inlen >= (unsigned long)f9->blocksize) { - for (x = 0; x < f9->blocksize; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&(f9->IV[x]))) ^= *(LTC_FAST_TYPE_PTR_CAST(&(in[x]))); - } - cipher_descriptor[f9->cipher].ecb_encrypt(f9->IV, f9->IV, &f9->key); - for (x = 0; x < f9->blocksize; x += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&(f9->ACC[x]))) ^= *(LTC_FAST_TYPE_PTR_CAST(&(f9->IV[x]))); - } - in += f9->blocksize; - inlen -= f9->blocksize; - } - } -#endif - - while (inlen) { - if (f9->buflen == f9->blocksize) { - cipher_descriptor[f9->cipher].ecb_encrypt(f9->IV, f9->IV, &f9->key); - for (x = 0; x < f9->blocksize; x++) { - f9->ACC[x] ^= f9->IV[x]; - } - f9->buflen = 0; - } - f9->IV[f9->buflen++] ^= *in++; - --inlen; - } - return CRYPT_OK; -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ - diff --git a/libtomcrypt/src/mac/f9/f9_test.c b/libtomcrypt/src/mac/f9/f9_test.c deleted file mode 100644 index ca23acc..0000000 --- a/libtomcrypt/src/mac/f9/f9_test.c +++ /dev/null @@ -1,76 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file f9_test.c - f9 Support, Test F9 mode -*/ - -#ifdef LTC_F9_MODE - -/** Test f9-MAC mode - Return CRYPT_OK on succes -*/ -int f9_test(void) -{ -#ifdef LTC_NO_TEST - return CRYPT_NOP; -#else - static const struct { - int msglen; - unsigned char K[16], M[128], T[4]; - } tests[] = { -{ - 20, - { 0x2B, 0xD6, 0x45, 0x9F, 0x82, 0xC5, 0xB3, 0x00, 0x95, 0x2C, 0x49, 0x10, 0x48, 0x81, 0xFF, 0x48 }, - { 0x38, 0xA6, 0xF0, 0x56, 0xB8, 0xAE, 0xFD, 0xA9, 0x33, 0x32, 0x34, 0x62, 0x63, 0x39, 0x38, 0x61, 0x37, 0x34, 0x79, 0x40 }, - { 0x46, 0xE0, 0x0D, 0x4B } -}, - -{ - 105, - { 0x83, 0xFD, 0x23, 0xA2, 0x44, 0xA7, 0x4C, 0xF3, 0x58, 0xDA, 0x30, 0x19, 0xF1, 0x72, 0x26, 0x35 }, - { 0x36, 0xAF, 0x61, 0x44, 0x4F, 0x30, 0x2A, 0xD2, - 0x35, 0xC6, 0x87, 0x16, 0x63, 0x3C, 0x66, 0xFB, 0x75, 0x0C, 0x26, 0x68, 0x65, 0xD5, 0x3C, 0x11, 0xEA, 0x05, 0xB1, 0xE9, 0xFA, 0x49, 0xC8, 0x39, 0x8D, 0x48, 0xE1, 0xEF, 0xA5, 0x90, 0x9D, 0x39, - 0x47, 0x90, 0x28, 0x37, 0xF5, 0xAE, 0x96, 0xD5, 0xA0, 0x5B, 0xC8, 0xD6, 0x1C, 0xA8, 0xDB, 0xEF, 0x1B, 0x13, 0xA4, 0xB4, 0xAB, 0xFE, 0x4F, 0xB1, 0x00, 0x60, 0x45, 0xB6, 0x74, 0xBB, 0x54, 0x72, - 0x93, 0x04, 0xC3, 0x82, 0xBE, 0x53, 0xA5, 0xAF, 0x05, 0x55, 0x61, 0x76, 0xF6, 0xEA, 0xA2, 0xEF, 0x1D, 0x05, 0xE4, 0xB0, 0x83, 0x18, 0x1E, 0xE6, 0x74, 0xCD, 0xA5, 0xA4, 0x85, 0xF7, 0x4D, 0x7A, - 0x40|0x80 }, - { 0x95, 0xAE, 0x41, 0xBA }, -} -}; - unsigned char T[16]; - unsigned long taglen; - int err, x, idx; - - /* find kasumi */ - if ((idx = find_cipher("kasumi")) == -1) { - return CRYPT_NOP; - } - - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { - taglen = 4; - if ((err = f9_memory(idx, tests[x].K, 16, tests[x].M, tests[x].msglen, T, &taglen)) != CRYPT_OK) { - return err; - } - if (compare_testvector(T, taglen, tests[x].T, 4, "F9", x)) { - return CRYPT_FAIL_TESTVECTOR; - } - } - - return CRYPT_OK; -#endif -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ - diff --git a/libtomcrypt/src/pk/katja/katja_decrypt_key.c b/libtomcrypt/src/pk/katja/katja_decrypt_key.c deleted file mode 100644 index 72009b0..0000000 --- a/libtomcrypt/src/pk/katja/katja_decrypt_key.c +++ /dev/null @@ -1,103 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file katja_decrypt_key.c - Katja PKCS #1 OAEP Decryption, Tom St Denis -*/ - -#ifdef LTC_MKAT - -/** - (PKCS #1 v2.0) decrypt then OAEP depad - @param in The ciphertext - @param inlen The length of the ciphertext (octets) - @param out [out] The plaintext - @param outlen [in/out] The max size and resulting size of the plaintext (octets) - @param lparam The system "lparam" value - @param lparamlen The length of the lparam value (octets) - @param hash_idx The index of the hash desired - @param stat [out] Result of the decryption, 1==valid, 0==invalid - @param key The corresponding private Katja key - @return CRYPT_OK if succcessul (even if invalid) -*/ -int katja_decrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - const unsigned char *lparam, unsigned long lparamlen, - int hash_idx, int *stat, - katja_key *key) -{ - unsigned long modulus_bitlen, modulus_bytelen, x; - int err; - unsigned char *tmp; - - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(stat != NULL); - - /* default to invalid */ - *stat = 0; - - /* valid hash ? */ - if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { - return err; - } - - /* get modulus len in bits */ - modulus_bitlen = mp_count_bits( (key->N)); - - /* payload is upto pq, so we know q is 1/3rd the size of N and therefore pq is 2/3th the size */ - modulus_bitlen = ((modulus_bitlen << 1) / 3); - - /* round down to next byte */ - modulus_bitlen -= (modulus_bitlen & 7) + 8; - - /* outlen must be at least the size of the modulus */ - modulus_bytelen = mp_unsigned_bin_size( (key->N)); - if (modulus_bytelen != inlen) { - return CRYPT_INVALID_PACKET; - } - - /* allocate ram */ - tmp = XMALLOC(inlen); - if (tmp == NULL) { - return CRYPT_MEM; - } - - /* rsa decode the packet */ - x = inlen; - if ((err = katja_exptmod(in, inlen, tmp, &x, PK_PRIVATE, key)) != CRYPT_OK) { - XFREE(tmp); - return err; - } - - /* shift right by modulus_bytelen - modulus_bitlen/8 bytes */ - for (x = 0; x < (modulus_bitlen >> 3); x++) { - tmp[x] = tmp[x+(modulus_bytelen-(modulus_bitlen>>3))]; - } - - /* now OAEP decode the packet */ - err = pkcs_1_oaep_decode(tmp, x, lparam, lparamlen, modulus_bitlen, hash_idx, - out, outlen, stat); - - XFREE(tmp); - return err; -} - -#endif /* LTC_MRSA */ - - - - - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/pk/katja/katja_encrypt_key.c b/libtomcrypt/src/pk/katja/katja_encrypt_key.c deleted file mode 100644 index 9ed72fb..0000000 --- a/libtomcrypt/src/pk/katja/katja_encrypt_key.c +++ /dev/null @@ -1,85 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file katja_encrypt_key.c - Katja PKCS-style OAEP encryption, Tom St Denis -*/ - -#ifdef LTC_MKAT - -/** - (PKCS #1 v2.0) OAEP pad then encrypt - @param in The plaintext - @param inlen The length of the plaintext (octets) - @param out [out] The ciphertext - @param outlen [in/out] The max size and resulting size of the ciphertext - @param lparam The system "lparam" for the encryption - @param lparamlen The length of lparam (octets) - @param prng An active PRNG - @param prng_idx The index of the desired prng - @param hash_idx The index of the desired hash - @param key The Katja key to encrypt to - @return CRYPT_OK if successful -*/ -int katja_encrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - const unsigned char *lparam, unsigned long lparamlen, - prng_state *prng, int prng_idx, int hash_idx, katja_key *key) -{ - unsigned long modulus_bitlen, modulus_bytelen, x; - int err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* valid prng and hash ? */ - if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) { - return err; - } - if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { - return err; - } - - /* get modulus len in bits */ - modulus_bitlen = mp_count_bits((key->N)); - - /* payload is upto pq, so we know q is 1/3rd the size of N and therefore pq is 2/3th the size */ - modulus_bitlen = ((modulus_bitlen << 1) / 3); - - /* round down to next byte */ - modulus_bitlen -= (modulus_bitlen & 7) + 8; - - /* outlen must be at least the size of the modulus */ - modulus_bytelen = mp_unsigned_bin_size((key->N)); - if (modulus_bytelen > *outlen) { - *outlen = modulus_bytelen; - return CRYPT_BUFFER_OVERFLOW; - } - - /* OAEP pad the key */ - x = *outlen; - if ((err = pkcs_1_oaep_encode(in, inlen, lparam, - lparamlen, modulus_bitlen, prng, prng_idx, hash_idx, - out, &x)) != CRYPT_OK) { - return err; - } - - /* Katja exptmod the OAEP pad */ - return katja_exptmod(out, x, out, outlen, PK_PUBLIC, key); -} - -#endif /* LTC_MRSA */ - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/pk/katja/katja_export.c b/libtomcrypt/src/pk/katja/katja_export.c deleted file mode 100644 index 0412e65..0000000 --- a/libtomcrypt/src/pk/katja/katja_export.c +++ /dev/null @@ -1,73 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file katja_export.c - Export Katja PKCS-style keys, Tom St Denis -*/ - -#ifdef LTC_MKAT - -/** - This will export either an KatjaPublicKey or KatjaPrivateKey - @param out [out] Destination of the packet - @param outlen [in/out] The max size and resulting size of the packet - @param type The type of exported key (PK_PRIVATE or PK_PUBLIC) - @param key The Katja key to export - @return CRYPT_OK if successful -*/ -int katja_export(unsigned char *out, unsigned long *outlen, int type, katja_key *key) -{ - int err; - unsigned long zero=0; - - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* type valid? */ - if (!(key->type == PK_PRIVATE) && (type == PK_PRIVATE)) { - return CRYPT_PK_INVALID_TYPE; - } - - if (type == PK_PRIVATE) { - /* private key */ - /* output is - Version, n, d, p, q, d mod (p-1), d mod (q - 1), 1/q mod p, pq - */ - if ((err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_SHORT_INTEGER, 1UL, &zero, - LTC_ASN1_INTEGER, 1UL, key->N, - LTC_ASN1_INTEGER, 1UL, key->d, - LTC_ASN1_INTEGER, 1UL, key->p, - LTC_ASN1_INTEGER, 1UL, key->q, - LTC_ASN1_INTEGER, 1UL, key->dP, - LTC_ASN1_INTEGER, 1UL, key->dQ, - LTC_ASN1_INTEGER, 1UL, key->qP, - LTC_ASN1_INTEGER, 1UL, key->pq, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - return err; - } - - /* clear zero and return */ - return CRYPT_OK; - } else { - /* public key */ - return der_encode_sequence_multi(out, outlen, - LTC_ASN1_INTEGER, 1UL, key->N, - LTC_ASN1_EOL, 0UL, NULL); - } -} - -#endif /* LTC_MRSA */ - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/pk/katja/katja_exptmod.c b/libtomcrypt/src/pk/katja/katja_exptmod.c deleted file mode 100644 index afc847f..0000000 --- a/libtomcrypt/src/pk/katja/katja_exptmod.c +++ /dev/null @@ -1,113 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file katja_exptmod.c - Katja PKCS-style exptmod, Tom St Denis -*/ - -#ifdef LTC_MKAT - -/** - Compute an RSA modular exponentiation - @param in The input data to send into RSA - @param inlen The length of the input (octets) - @param out [out] The destination - @param outlen [in/out] The max size and resulting size of the output - @param which Which exponent to use, e.g. PK_PRIVATE or PK_PUBLIC - @param key The RSA key to use - @return CRYPT_OK if successful -*/ -int katja_exptmod(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, int which, - katja_key *key) -{ - void *tmp, *tmpa, *tmpb; - unsigned long x; - int err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* is the key of the right type for the operation? */ - if (which == PK_PRIVATE && (key->type != PK_PRIVATE)) { - return CRYPT_PK_NOT_PRIVATE; - } - - /* must be a private or public operation */ - if (which != PK_PRIVATE && which != PK_PUBLIC) { - return CRYPT_PK_INVALID_TYPE; - } - - /* init and copy into tmp */ - if ((err = mp_init_multi(&tmp, &tmpa, &tmpb, NULL)) != CRYPT_OK) { return err; } - if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, (int)inlen)) != CRYPT_OK) { goto error; } - - /* sanity check on the input */ - if (mp_cmp(key->N, tmp) == LTC_MP_LT) { - err = CRYPT_PK_INVALID_SIZE; - goto done; - } - - /* are we using the private exponent and is the key optimized? */ - if (which == PK_PRIVATE) { - /* tmpa = tmp^dP mod p */ - if ((err = mp_exptmod(tmp, key->dP, key->p, tmpa)) != CRYPT_OK) { goto error; } - - /* tmpb = tmp^dQ mod q */ - if ((err = mp_exptmod(tmp, key->dQ, key->q, tmpb)) != CRYPT_OK) { goto error; } - - /* tmp = (tmpa - tmpb) * qInv (mod p) */ - if ((err = mp_sub(tmpa, tmpb, tmp)) != CRYPT_OK) { goto error; } - if ((err = mp_mulmod(tmp, key->qP, key->p, tmp)) != CRYPT_OK) { goto error; } - - /* tmp = tmpb + q * tmp */ - if ((err = mp_mul(tmp, key->q, tmp)) != CRYPT_OK) { goto error; } - if ((err = mp_add(tmp, tmpb, tmp)) != CRYPT_OK) { goto error; } - } else { - /* exptmod it */ - if ((err = mp_exptmod(tmp, key->N, key->N, tmp)) != CRYPT_OK) { goto error; } - } - - /* read it back */ - x = (unsigned long)mp_unsigned_bin_size(key->N); - if (x > *outlen) { - *outlen = x; - err = CRYPT_BUFFER_OVERFLOW; - goto done; - } - - /* this should never happen ... */ - if (mp_unsigned_bin_size(tmp) > mp_unsigned_bin_size(key->N)) { - err = CRYPT_ERROR; - goto done; - } - *outlen = x; - - /* convert it */ - zeromem(out, x); - if ((err = mp_to_unsigned_bin(tmp, out+(x-mp_unsigned_bin_size(tmp)))) != CRYPT_OK) { goto error; } - - /* clean up and return */ - err = CRYPT_OK; - goto done; -error: -done: - mp_clear_multi(tmp, tmpa, tmpb, NULL); - return err; -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/pk/katja/katja_free.c b/libtomcrypt/src/pk/katja/katja_free.c deleted file mode 100644 index 117bbf4..0000000 --- a/libtomcrypt/src/pk/katja/katja_free.c +++ /dev/null @@ -1,33 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file katja_free.c - Free an Katja key, Tom St Denis -*/ - -#ifdef LTC_MKAT - -/** - Free an Katja key from memory - @param key The RSA key to free -*/ -void katja_free(katja_key *key) -{ - LTC_ARGCHK(key != NULL); - mp_clear_multi( key->d, key->N, key->dQ, key->dP, - key->qP, key->p, key->q, key->pq, NULL); -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/pk/katja/katja_import.c b/libtomcrypt/src/pk/katja/katja_import.c deleted file mode 100644 index 98357c0..0000000 --- a/libtomcrypt/src/pk/katja/katja_import.c +++ /dev/null @@ -1,79 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file katja_import.c - Import a PKCS-style Katja key, Tom St Denis -*/ - -#ifdef LTC_MKAT - -/** - Import an KatjaPublicKey or KatjaPrivateKey [two-prime only, only support >= 1024-bit keys, defined in PKCS #1 v2.1] - @param in The packet to import from - @param inlen It's length (octets) - @param key [out] Destination for newly imported key - @return CRYPT_OK if successful, upon error allocated memory is freed -*/ -int katja_import(const unsigned char *in, unsigned long inlen, katja_key *key) -{ - int err; - void *zero; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(ltc_mp.name != NULL); - - /* init key */ - if ((err = mp_init_multi(&zero, &key->d, &key->N, &key->dQ, - &key->dP, &key->qP, &key->p, &key->q, &key->pq, NULL)) != CRYPT_OK) { - return err; - } - - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_INTEGER, 1UL, key->N, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto LBL_ERR; - } - - if (mp_cmp_d(key->N, 0) == LTC_MP_EQ) { - /* it's a private key */ - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_INTEGER, 1UL, zero, - LTC_ASN1_INTEGER, 1UL, key->N, - LTC_ASN1_INTEGER, 1UL, key->d, - LTC_ASN1_INTEGER, 1UL, key->p, - LTC_ASN1_INTEGER, 1UL, key->q, - LTC_ASN1_INTEGER, 1UL, key->dP, - LTC_ASN1_INTEGER, 1UL, key->dQ, - LTC_ASN1_INTEGER, 1UL, key->qP, - LTC_ASN1_INTEGER, 1UL, key->pq, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto LBL_ERR; - } - key->type = PK_PRIVATE; - } else { - /* public we have N */ - key->type = PK_PUBLIC; - } - mp_clear(zero); - return CRYPT_OK; -LBL_ERR: - mp_clear_multi(zero, key->d, key->N, key->dQ, key->dP, - key->qP, key->p, key->q, key->pq, NULL); - return err; -} - -#endif /* LTC_MRSA */ - - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/pk/katja/katja_make_key.c b/libtomcrypt/src/pk/katja/katja_make_key.c deleted file mode 100644 index 6f83bcc..0000000 --- a/libtomcrypt/src/pk/katja/katja_make_key.c +++ /dev/null @@ -1,99 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file katja_make_key.c - Katja key generation, Tom St Denis -*/ - -#ifdef LTC_MKAT - -/** - Create a Katja key - @param prng An active PRNG state - @param wprng The index of the PRNG desired - @param size The size of the modulus (key size) desired (octets) - @param key [out] Destination of a newly created private key pair - @return CRYPT_OK if successful, upon error all allocated ram is freed -*/ -int katja_make_key(prng_state *prng, int wprng, int size, katja_key *key) -{ - void *p, *q, *tmp1, *tmp2; - int err; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(ltc_mp.name != NULL); - - if ((size < (MIN_KAT_SIZE/8)) || (size > (MAX_KAT_SIZE/8))) { - return CRYPT_INVALID_KEYSIZE; - } - - if ((err = prng_is_valid(wprng)) != CRYPT_OK) { - return err; - } - - if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, NULL)) != CRYPT_OK) { - return err; - } - - /* divide size by three */ - size = (((size << 3) / 3) + 7) >> 3; - - /* make prime "q" (we negate size to make q == 3 mod 4) */ - if ((err = rand_prime(q, -size, prng, wprng)) != CRYPT_OK) { goto done; } - if ((err = mp_sub_d(q, 1, tmp1)) != CRYPT_OK) { goto done; } - - /* make prime "p" */ - do { - if ((err = rand_prime(p, size+1, prng, wprng)) != CRYPT_OK) { goto done; } - if ((err = mp_gcd(p, tmp1, tmp2)) != CRYPT_OK) { goto done; } - } while (mp_cmp_d(tmp2, 1) != LTC_MP_EQ); - - /* make key */ - if ((err = mp_init_multi(&key->d, &key->N, &key->dQ, &key->dP, - &key->qP, &key->p, &key->q, &key->pq, NULL)) != CRYPT_OK) { - goto error; - } - - /* n=p^2q and 1/n mod pq */ - if ((err = mp_copy( p, key->p)) != CRYPT_OK) { goto error2; } - if ((err = mp_copy( q, key->q)) != CRYPT_OK) { goto error2; } - if ((err = mp_mul(key->p, key->q, key->pq)) != CRYPT_OK) { goto error2; } /* tmp1 = pq */ - if ((err = mp_mul(key->pq, key->p, key->N)) != CRYPT_OK) { goto error2; } /* N = p^2q */ - if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto error2; } /* tmp1 = q-1 */ - if ((err = mp_sub_d( q, 1, tmp2)) != CRYPT_OK) { goto error2; } /* tmp2 = p-1 */ - if ((err = mp_lcm(tmp1, tmp2, key->d)) != CRYPT_OK) { goto error2; } /* tmp1 = lcd(p-1,q-1) */ - if ((err = mp_invmod( key->N, key->d, key->d)) != CRYPT_OK) { goto error2; } /* key->d = 1/N mod pq */ - - /* optimize for CRT now */ - /* find d mod q-1 and d mod p-1 */ - if ((err = mp_mod( key->d, tmp1, key->dP)) != CRYPT_OK) { goto error2; } /* dP = d mod p-1 */ - if ((err = mp_mod( key->d, tmp2, key->dQ)) != CRYPT_OK) { goto error2; } /* dQ = d mod q-1 */ - if ((err = mp_invmod( q, p, key->qP)) != CRYPT_OK) { goto error2; } /* qP = 1/q mod p */ - - /* set key type (in this case it's CRT optimized) */ - key->type = PK_PRIVATE; - - /* return ok and free temps */ - err = CRYPT_OK; - goto done; -error2: - mp_clear_multi( key->d, key->N, key->dQ, key->dP, key->qP, key->p, key->q, key->pq, NULL); -error: -done: - mp_clear_multi( tmp2, tmp1, p, q, NULL); - return err; -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/prngs/sober128.c b/libtomcrypt/src/prngs/sober128.c deleted file mode 100644 index 275920c..0000000 --- a/libtomcrypt/src/prngs/sober128.c +++ /dev/null @@ -1,249 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ - -#include "tomcrypt.h" - -/** - @file prngs/sober128.c - Implementation of SOBER-128 by Tom St Denis. - Based on s128fast.c reference code supplied by Greg Rose of QUALCOMM. -*/ - -#ifdef LTC_SOBER128 - -const struct ltc_prng_descriptor sober128_desc = -{ - "sober128", - 40, - &sober128_start, - &sober128_add_entropy, - &sober128_ready, - &sober128_read, - &sober128_done, - &sober128_export, - &sober128_import, - &sober128_test -}; - -/** - Start the PRNG - @param prng [out] The PRNG state to initialize - @return CRYPT_OK if successful -*/ -int sober128_start(prng_state *prng) -{ - LTC_ARGCHK(prng != NULL); - prng->ready = 0; - XMEMSET(&prng->sober128.ent, 0, sizeof(prng->sober128.ent)); - prng->sober128.idx = 0; - LTC_MUTEX_INIT(&prng->lock) - return CRYPT_OK; -} - -/** - Add entropy to the PRNG state - @param in The data to add - @param inlen Length of the data to add - @param prng PRNG state to update - @return CRYPT_OK if successful -*/ -int sober128_add_entropy(const unsigned char *in, unsigned long inlen, prng_state *prng) -{ - unsigned char buf[40]; - unsigned long i; - int err; - - LTC_ARGCHK(prng != NULL); - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(inlen > 0); - - LTC_MUTEX_LOCK(&prng->lock); - if (prng->ready) { - /* sober128_ready() was already called, do "rekey" operation */ - if ((err = sober128_stream_keystream(&prng->sober128.s, buf, sizeof(buf))) != CRYPT_OK) goto LBL_UNLOCK; - for(i = 0; i < inlen; i++) buf[i % sizeof(buf)] ^= in[i]; - /* key 32 bytes, 20 rounds */ - if ((err = sober128_stream_setup(&prng->sober128.s, buf, 32)) != CRYPT_OK) goto LBL_UNLOCK; - /* iv 8 bytes */ - if ((err = sober128_stream_setiv(&prng->sober128.s, buf + 32, 8)) != CRYPT_OK) goto LBL_UNLOCK; - /* clear KEY + IV */ - zeromem(buf, sizeof(buf)); - } - else { - /* sober128_ready() was not called yet, add entropy to ent buffer */ - while (inlen--) prng->sober128.ent[prng->sober128.idx++ % sizeof(prng->sober128.ent)] ^= *in++; - } - err = CRYPT_OK; -LBL_UNLOCK: - LTC_MUTEX_UNLOCK(&prng->lock); - return err; -} - -/** - Make the PRNG ready to read from - @param prng The PRNG to make active - @return CRYPT_OK if successful -*/ -int sober128_ready(prng_state *prng) -{ - int err; - - LTC_ARGCHK(prng != NULL); - - LTC_MUTEX_LOCK(&prng->lock); - if (prng->ready) { err = CRYPT_OK; goto LBL_UNLOCK; } - /* key 32 bytes, 20 rounds */ - if ((err = sober128_stream_setup(&prng->sober128.s, prng->sober128.ent, 32)) != CRYPT_OK) goto LBL_UNLOCK; - /* iv 8 bytes */ - if ((err = sober128_stream_setiv(&prng->sober128.s, prng->sober128.ent + 32, 8)) != CRYPT_OK) goto LBL_UNLOCK; - XMEMSET(&prng->sober128.ent, 0, sizeof(prng->sober128.ent)); - prng->sober128.idx = 0; - prng->ready = 1; -LBL_UNLOCK: - LTC_MUTEX_UNLOCK(&prng->lock); - return err; -} - -/** - Read from the PRNG - @param out Destination - @param outlen Length of output - @param prng The active PRNG to read from - @return Number of octets read -*/ -unsigned long sober128_read(unsigned char *out, unsigned long outlen, prng_state *prng) -{ - if (outlen == 0 || prng == NULL || out == NULL) return 0; - LTC_MUTEX_LOCK(&prng->lock); - if (!prng->ready) { outlen = 0; goto LBL_UNLOCK; } - if (sober128_stream_keystream(&prng->sober128.s, out, outlen) != CRYPT_OK) outlen = 0; -LBL_UNLOCK: - LTC_MUTEX_UNLOCK(&prng->lock); - return outlen; -} - -/** - Terminate the PRNG - @param prng The PRNG to terminate - @return CRYPT_OK if successful -*/ -int sober128_done(prng_state *prng) -{ - int err; - LTC_ARGCHK(prng != NULL); - LTC_MUTEX_LOCK(&prng->lock); - prng->ready = 0; - err = sober128_stream_done(&prng->sober128.s); - LTC_MUTEX_UNLOCK(&prng->lock); - LTC_MUTEX_DESTROY(&prng->lock); - return err; -} - -/** - Export the PRNG state - @param out [out] Destination - @param outlen [in/out] Max size and resulting size of the state - @param prng The PRNG to export - @return CRYPT_OK if successful -*/ -int sober128_export(unsigned char *out, unsigned long *outlen, prng_state *prng) -{ - unsigned long len = sober128_desc.export_size; - - LTC_ARGCHK(prng != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - if (*outlen < len) { - *outlen = len; - return CRYPT_BUFFER_OVERFLOW; - } - - if (sober128_read(out, len, prng) != len) { - return CRYPT_ERROR_READPRNG; - } - - *outlen = len; - return CRYPT_OK; -} - -/** - Import a PRNG state - @param in The PRNG state - @param inlen Size of the state - @param prng The PRNG to import - @return CRYPT_OK if successful -*/ -int sober128_import(const unsigned char *in, unsigned long inlen, prng_state *prng) -{ - int err; - - LTC_ARGCHK(prng != NULL); - LTC_ARGCHK(in != NULL); - if (inlen < (unsigned long)sober128_desc.export_size) return CRYPT_INVALID_ARG; - - if ((err = sober128_start(prng)) != CRYPT_OK) return err; - if ((err = sober128_add_entropy(in, inlen, prng)) != CRYPT_OK) return err; - return CRYPT_OK; -} - -/** - PRNG self-test - @return CRYPT_OK if successful, CRYPT_NOP if self-testing has been disabled -*/ -int sober128_test(void) -{ -#ifndef LTC_TEST - return CRYPT_NOP; -#else - prng_state st; - unsigned char en[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, - 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, - 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, - 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, - 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32 }; - unsigned char dmp[300]; - unsigned long dmplen = sizeof(dmp); - unsigned char out[500]; - unsigned char t1[] = { 0x31, 0x82, 0xA7, 0xA5, 0x8B, 0xD7, 0xCB, 0x39, 0x86, 0x1A }; - unsigned char t2[] = { 0x6B, 0x43, 0x9E, 0xBC, 0xE7, 0x62, 0x9B, 0xE6, 0x9B, 0x83 }; - unsigned char t3[] = { 0x4A, 0x0E, 0x6C, 0xC1, 0xCF, 0xB4, 0x73, 0x49, 0x99, 0x05 }; - int err; - - if ((err = sober128_start(&st)) != CRYPT_OK) return err; - /* add entropy to uninitialized prng */ - if ((err = sober128_add_entropy(en, sizeof(en), &st)) != CRYPT_OK) return err; - if ((err = sober128_ready(&st)) != CRYPT_OK) return err; - if (sober128_read(out, 10, &st) != 10) return CRYPT_ERROR_READPRNG; /* 10 bytes for testing */ - if (compare_testvector(out, 10, t1, sizeof(t1), "SOBER128-PRNG", 1)) return CRYPT_FAIL_TESTVECTOR; - if (sober128_read(out, 500, &st) != 500) return CRYPT_ERROR_READPRNG; /* skip 500 bytes */ - /* add entropy to already initialized prng */ - if ((err = sober128_add_entropy(en, sizeof(en), &st)) != CRYPT_OK) return err; - if (sober128_read(out, 500, &st) != 500) return CRYPT_ERROR_READPRNG; /* skip 500 bytes */ - if ((err = sober128_export(dmp, &dmplen, &st)) != CRYPT_OK) return err; - if (sober128_read(out, 500, &st) != 500) return CRYPT_ERROR_READPRNG; /* skip 500 bytes */ - if (sober128_read(out, 10, &st) != 10) return CRYPT_ERROR_READPRNG; /* 10 bytes for testing */ - if (compare_testvector(out, 10, t2, sizeof(t2), "SOBER128-PRNG", 2)) return CRYPT_FAIL_TESTVECTOR; - if ((err = sober128_done(&st)) != CRYPT_OK) return err; - if ((err = sober128_import(dmp, dmplen, &st)) != CRYPT_OK) return err; - if ((err = sober128_ready(&st)) != CRYPT_OK) return err; - if (sober128_read(out, 500, &st) != 500) return CRYPT_ERROR_READPRNG; /* skip 500 bytes */ - if (sober128_read(out, 10, &st) != 10) return CRYPT_ERROR_READPRNG; /* 10 bytes for testing */ - if (compare_testvector(out, 10, t3, sizeof(t3), "SOBER128-PRNG", 3)) return CRYPT_FAIL_TESTVECTOR; - if ((err = sober128_done(&st)) != CRYPT_OK) return err; - - return CRYPT_OK; -#endif -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/stream/sober128/sober128_stream.c b/libtomcrypt/src/stream/sober128/sober128_stream.c deleted file mode 100644 index 5c35eda..0000000 --- a/libtomcrypt/src/stream/sober128/sober128_stream.c +++ /dev/null @@ -1,346 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ -#include "tomcrypt.h" - -/** - @file sober128_stream.c - Implementation of SOBER-128 by Tom St Denis. - Based on s128fast.c reference code supplied by Greg Rose of QUALCOMM. -*/ - -#ifdef LTC_SOBER128 - -#define __LTC_SOBER128TAB_C__ -#include "sober128tab.c" - -/* don't change these... */ -#define N 17 -#define FOLD N /* how many iterations of folding to do */ -#define INITKONST 0x6996c53a /* value of KONST to use during key loading */ -#define KEYP 15 /* where to insert key words */ -#define FOLDP 4 /* where to insert non-linear feedback */ - -#define B(x,i) ((unsigned char)(((x) >> (8*i)) & 0xFF)) - -static ulong32 BYTE2WORD(unsigned char *b) -{ - ulong32 t; - LOAD32L(t, b); - return t; -} - -static void XORWORD(ulong32 w, const unsigned char *in, unsigned char *out) -{ - ulong32 t; - LOAD32L(t, in); - t ^= w; - STORE32L(t, out); -} - -/* give correct offset for the current position of the register, - * where logically R[0] is at position "zero". - */ -#define OFF(zero, i) (((zero)+(i)) % N) - -/* step the LFSR */ -/* After stepping, "zero" moves right one place */ -#define STEP(R,z) \ - R[OFF(z,0)] = R[OFF(z,15)] ^ R[OFF(z,4)] ^ (R[OFF(z,0)] << 8) ^ Multab[(R[OFF(z,0)] >> 24) & 0xFF]; - -static void cycle(ulong32 *R) -{ - ulong32 t; - int i; - - STEP(R,0); - t = R[0]; - for (i = 1; i < N; ++i) { - R[i-1] = R[i]; - } - R[N-1] = t; -} - -/* Return a non-linear function of some parts of the register. - */ -#define NLFUNC(c,z) \ -{ \ - t = c->R[OFF(z,0)] + c->R[OFF(z,16)]; \ - t ^= Sbox[(t >> 24) & 0xFF]; \ - t = RORc(t, 8); \ - t = ((t + c->R[OFF(z,1)]) ^ c->konst) + c->R[OFF(z,6)]; \ - t ^= Sbox[(t >> 24) & 0xFF]; \ - t = t + c->R[OFF(z,13)]; \ -} - -static ulong32 nltap(sober128_state *c) -{ - ulong32 t; - NLFUNC(c, 0); - return t; -} - -/* Save the current register state - */ -static void s128_savestate(sober128_state *c) -{ - int i; - for (i = 0; i < N; ++i) { - c->initR[i] = c->R[i]; - } -} - -/* initialise to previously saved register state - */ -static void s128_reloadstate(sober128_state *c) -{ - int i; - - for (i = 0; i < N; ++i) { - c->R[i] = c->initR[i]; - } -} - -/* Initialise "konst" - */ -static void s128_genkonst(sober128_state *c) -{ - ulong32 newkonst; - - do { - cycle(c->R); - newkonst = nltap(c); - } while ((newkonst & 0xFF000000) == 0); - c->konst = newkonst; -} - -/* Load key material into the register - */ -#define ADDKEY(k) \ - c->R[KEYP] += (k); - -#define XORNL(nl) \ - c->R[FOLDP] ^= (nl); - -/* nonlinear diffusion of register for key */ -#define DROUND(z) STEP(c->R,z); NLFUNC(c,(z+1)); c->R[OFF((z+1),FOLDP)] ^= t; -static void s128_diffuse(sober128_state *c) -{ - ulong32 t; - /* relies on FOLD == N == 17! */ - DROUND(0); - DROUND(1); - DROUND(2); - DROUND(3); - DROUND(4); - DROUND(5); - DROUND(6); - DROUND(7); - DROUND(8); - DROUND(9); - DROUND(10); - DROUND(11); - DROUND(12); - DROUND(13); - DROUND(14); - DROUND(15); - DROUND(16); -} - -/** - Initialize an Sober128 context (only the key) - @param c [out] The destination of the Sober128 state - @param key The secret key - @param keylen The length of the secret key (octets) - @return CRYPT_OK if successful -*/ -int sober128_stream_setup(sober128_state *c, const unsigned char *key, unsigned long keylen) -{ - ulong32 i, k; - - LTC_ARGCHK(c != NULL); - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(keylen > 0); - - /* keylen must be multiple of 4 bytes */ - if ((keylen & 3) != 0) { - return CRYPT_INVALID_KEYSIZE; - } - - /* Register initialised to Fibonacci numbers */ - c->R[0] = 1; - c->R[1] = 1; - for (i = 2; i < N; ++i) { - c->R[i] = c->R[i-1] + c->R[i-2]; - } - c->konst = INITKONST; - - for (i = 0; i < keylen; i += 4) { - k = BYTE2WORD((unsigned char *)&key[i]); - ADDKEY(k); - cycle(c->R); - XORNL(nltap(c)); - } - - /* also fold in the length of the key */ - ADDKEY(keylen); - - /* now diffuse */ - s128_diffuse(c); - s128_genkonst(c); - s128_savestate(c); - c->nbuf = 0; - - return CRYPT_OK; -} - -/** - Set IV to the Sober128 state - @param c The Sober12820 state - @param iv The IV data to add - @param ivlen The length of the IV (must be 12) - @return CRYPT_OK on success - */ -int sober128_stream_setiv(sober128_state *c, const unsigned char *iv, unsigned long ivlen) -{ - ulong32 i, k; - - LTC_ARGCHK(c != NULL); - LTC_ARGCHK(iv != NULL); - LTC_ARGCHK(ivlen > 0); - - /* ok we are adding an IV then... */ - s128_reloadstate(c); - - /* ivlen must be multiple of 4 bytes */ - if ((ivlen & 3) != 0) { - return CRYPT_INVALID_KEYSIZE; - } - - for (i = 0; i < ivlen; i += 4) { - k = BYTE2WORD((unsigned char *)&iv[i]); - ADDKEY(k); - cycle(c->R); - XORNL(nltap(c)); - } - - /* also fold in the length of the key */ - ADDKEY(ivlen); - - /* now diffuse */ - s128_diffuse(c); - c->nbuf = 0; - - return CRYPT_OK; -} - -/* XOR pseudo-random bytes into buffer - */ -#define SROUND(z) STEP(c->R,z); NLFUNC(c,(z+1)); XORWORD(t, in+(z*4), out+(z*4)); - -/** - Encrypt (or decrypt) bytes of ciphertext (or plaintext) with Sober128 - @param c The Sober128 state - @param in The plaintext (or ciphertext) - @param inlen The length of the input (octets) - @param out [out] The ciphertext (or plaintext), length inlen - @return CRYPT_OK if successful -*/ -int sober128_stream_crypt(sober128_state *c, const unsigned char *in, unsigned long inlen, unsigned char *out) -{ - ulong32 t; - - if (inlen == 0) return CRYPT_OK; /* nothing to do */ - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(c != NULL); - - /* handle any previously buffered bytes */ - while (c->nbuf != 0 && inlen != 0) { - *out++ = *in++ ^ (unsigned char)(c->sbuf & 0xFF); - c->sbuf >>= 8; - c->nbuf -= 8; - --inlen; - } - -#ifndef LTC_SMALL_CODE - /* do lots at a time, if there's enough to do */ - while (inlen >= N*4) { - SROUND(0); - SROUND(1); - SROUND(2); - SROUND(3); - SROUND(4); - SROUND(5); - SROUND(6); - SROUND(7); - SROUND(8); - SROUND(9); - SROUND(10); - SROUND(11); - SROUND(12); - SROUND(13); - SROUND(14); - SROUND(15); - SROUND(16); - out += 4*N; - in += 4*N; - inlen -= 4*N; - } -#endif - - /* do small or odd size buffers the slow way */ - while (4 <= inlen) { - cycle(c->R); - t = nltap(c); - XORWORD(t, in, out); - out += 4; - in += 4; - inlen -= 4; - } - - /* handle any trailing bytes */ - if (inlen != 0) { - cycle(c->R); - c->sbuf = nltap(c); - c->nbuf = 32; - while (c->nbuf != 0 && inlen != 0) { - *out++ = *in++ ^ (unsigned char)(c->sbuf & 0xFF); - c->sbuf >>= 8; - c->nbuf -= 8; - --inlen; - } - } - - return CRYPT_OK; -} - -int sober128_stream_keystream(sober128_state *c, unsigned char *out, unsigned long outlen) -{ - if (outlen == 0) return CRYPT_OK; /* nothing to do */ - LTC_ARGCHK(out != NULL); - XMEMSET(out, 0, outlen); - return sober128_stream_crypt(c, out, outlen, out); -} - -/** - Terminate and clear Sober128 state - @param c The Sober128 state - @return CRYPT_OK on success -*/ -int sober128_stream_done(sober128_state *c) -{ - LTC_ARGCHK(c != NULL); - XMEMSET(c, 0, sizeof(sober128_state)); - return CRYPT_OK; -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/stream/sober128/sober128_test.c b/libtomcrypt/src/stream/sober128/sober128_test.c deleted file mode 100644 index 32ea461..0000000 --- a/libtomcrypt/src/stream/sober128/sober128_test.c +++ /dev/null @@ -1,45 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ - -#include "tomcrypt.h" - -#ifdef LTC_SOBER128 - -int sober128_stream_test(void) -{ -#ifndef LTC_TEST - return CRYPT_NOP; -#else - unsigned char key[16] = { 0x74, 0x65, 0x73, 0x74, 0x20, 0x6b, 0x65, 0x79, - 0x20, 0x31, 0x32, 0x38, 0x62, 0x69, 0x74, 0x73 }; - unsigned char iv[4] = { 0x00, 0x00, 0x00, 0x00 }; - unsigned char out[20] = { 0x43, 0x50, 0x0c, 0xcf, 0x89, 0x91, 0x9f, 0x1d, - 0xaa, 0x37, 0x74, 0x95, 0xf4, 0xb4, 0x58, 0xc2, - 0x40, 0x37, 0x8b, 0xbb }; - int err, len = 20; - unsigned char src[20], dst[20]; - sober128_state st; - - XMEMSET(src, 0, len); /* input */ - if ((err = sober128_stream_setup(&st, key, sizeof(key))) != CRYPT_OK) return err; - if ((err = sober128_stream_setiv(&st, iv, sizeof(iv))) != CRYPT_OK) return err; - if ((err = sober128_stream_crypt(&st, src, len, dst)) != CRYPT_OK) return err; - if ((err = sober128_stream_done(&st)) != CRYPT_OK) return err; - if (compare_testvector(dst, len, out, len, "SOBER-128", 0)) { - return CRYPT_FAIL_TESTVECTOR; - } - return CRYPT_OK; -#endif -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/libtomcrypt/src/stream/sober128/sober128tab.c b/libtomcrypt/src/stream/sober128/sober128tab.c deleted file mode 100644 index e02ff23..0000000 --- a/libtomcrypt/src/stream/sober128/sober128tab.c +++ /dev/null @@ -1,176 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ - -/** - @file sober128tab.c - SOBER-128 Tables -*/ - -#ifdef __LTC_SOBER128TAB_C__ - -/* $ID$ */ -/* @(#)TuringMultab.h 1.3 (QUALCOMM) 02/09/03 */ -/* Multiplication table for Turing using 0xD02B4367 */ -static const ulong32 Multab[256] = { - 0x00000000, 0xD02B4367, 0xED5686CE, 0x3D7DC5A9, - 0x97AC41D1, 0x478702B6, 0x7AFAC71F, 0xAAD18478, - 0x631582EF, 0xB33EC188, 0x8E430421, 0x5E684746, - 0xF4B9C33E, 0x24928059, 0x19EF45F0, 0xC9C40697, - 0xC62A4993, 0x16010AF4, 0x2B7CCF5D, 0xFB578C3A, - 0x51860842, 0x81AD4B25, 0xBCD08E8C, 0x6CFBCDEB, - 0xA53FCB7C, 0x7514881B, 0x48694DB2, 0x98420ED5, - 0x32938AAD, 0xE2B8C9CA, 0xDFC50C63, 0x0FEE4F04, - 0xC154926B, 0x117FD10C, 0x2C0214A5, 0xFC2957C2, - 0x56F8D3BA, 0x86D390DD, 0xBBAE5574, 0x6B851613, - 0xA2411084, 0x726A53E3, 0x4F17964A, 0x9F3CD52D, - 0x35ED5155, 0xE5C61232, 0xD8BBD79B, 0x089094FC, - 0x077EDBF8, 0xD755989F, 0xEA285D36, 0x3A031E51, - 0x90D29A29, 0x40F9D94E, 0x7D841CE7, 0xADAF5F80, - 0x646B5917, 0xB4401A70, 0x893DDFD9, 0x59169CBE, - 0xF3C718C6, 0x23EC5BA1, 0x1E919E08, 0xCEBADD6F, - 0xCFA869D6, 0x1F832AB1, 0x22FEEF18, 0xF2D5AC7F, - 0x58042807, 0x882F6B60, 0xB552AEC9, 0x6579EDAE, - 0xACBDEB39, 0x7C96A85E, 0x41EB6DF7, 0x91C02E90, - 0x3B11AAE8, 0xEB3AE98F, 0xD6472C26, 0x066C6F41, - 0x09822045, 0xD9A96322, 0xE4D4A68B, 0x34FFE5EC, - 0x9E2E6194, 0x4E0522F3, 0x7378E75A, 0xA353A43D, - 0x6A97A2AA, 0xBABCE1CD, 0x87C12464, 0x57EA6703, - 0xFD3BE37B, 0x2D10A01C, 0x106D65B5, 0xC04626D2, - 0x0EFCFBBD, 0xDED7B8DA, 0xE3AA7D73, 0x33813E14, - 0x9950BA6C, 0x497BF90B, 0x74063CA2, 0xA42D7FC5, - 0x6DE97952, 0xBDC23A35, 0x80BFFF9C, 0x5094BCFB, - 0xFA453883, 0x2A6E7BE4, 0x1713BE4D, 0xC738FD2A, - 0xC8D6B22E, 0x18FDF149, 0x258034E0, 0xF5AB7787, - 0x5F7AF3FF, 0x8F51B098, 0xB22C7531, 0x62073656, - 0xABC330C1, 0x7BE873A6, 0x4695B60F, 0x96BEF568, - 0x3C6F7110, 0xEC443277, 0xD139F7DE, 0x0112B4B9, - 0xD31DD2E1, 0x03369186, 0x3E4B542F, 0xEE601748, - 0x44B19330, 0x949AD057, 0xA9E715FE, 0x79CC5699, - 0xB008500E, 0x60231369, 0x5D5ED6C0, 0x8D7595A7, - 0x27A411DF, 0xF78F52B8, 0xCAF29711, 0x1AD9D476, - 0x15379B72, 0xC51CD815, 0xF8611DBC, 0x284A5EDB, - 0x829BDAA3, 0x52B099C4, 0x6FCD5C6D, 0xBFE61F0A, - 0x7622199D, 0xA6095AFA, 0x9B749F53, 0x4B5FDC34, - 0xE18E584C, 0x31A51B2B, 0x0CD8DE82, 0xDCF39DE5, - 0x1249408A, 0xC26203ED, 0xFF1FC644, 0x2F348523, - 0x85E5015B, 0x55CE423C, 0x68B38795, 0xB898C4F2, - 0x715CC265, 0xA1778102, 0x9C0A44AB, 0x4C2107CC, - 0xE6F083B4, 0x36DBC0D3, 0x0BA6057A, 0xDB8D461D, - 0xD4630919, 0x04484A7E, 0x39358FD7, 0xE91ECCB0, - 0x43CF48C8, 0x93E40BAF, 0xAE99CE06, 0x7EB28D61, - 0xB7768BF6, 0x675DC891, 0x5A200D38, 0x8A0B4E5F, - 0x20DACA27, 0xF0F18940, 0xCD8C4CE9, 0x1DA70F8E, - 0x1CB5BB37, 0xCC9EF850, 0xF1E33DF9, 0x21C87E9E, - 0x8B19FAE6, 0x5B32B981, 0x664F7C28, 0xB6643F4F, - 0x7FA039D8, 0xAF8B7ABF, 0x92F6BF16, 0x42DDFC71, - 0xE80C7809, 0x38273B6E, 0x055AFEC7, 0xD571BDA0, - 0xDA9FF2A4, 0x0AB4B1C3, 0x37C9746A, 0xE7E2370D, - 0x4D33B375, 0x9D18F012, 0xA06535BB, 0x704E76DC, - 0xB98A704B, 0x69A1332C, 0x54DCF685, 0x84F7B5E2, - 0x2E26319A, 0xFE0D72FD, 0xC370B754, 0x135BF433, - 0xDDE1295C, 0x0DCA6A3B, 0x30B7AF92, 0xE09CECF5, - 0x4A4D688D, 0x9A662BEA, 0xA71BEE43, 0x7730AD24, - 0xBEF4ABB3, 0x6EDFE8D4, 0x53A22D7D, 0x83896E1A, - 0x2958EA62, 0xF973A905, 0xC40E6CAC, 0x14252FCB, - 0x1BCB60CF, 0xCBE023A8, 0xF69DE601, 0x26B6A566, - 0x8C67211E, 0x5C4C6279, 0x6131A7D0, 0xB11AE4B7, - 0x78DEE220, 0xA8F5A147, 0x958864EE, 0x45A32789, - 0xEF72A3F1, 0x3F59E096, 0x0224253F, 0xD20F6658, -}; - -/* $ID$ */ -/* Sbox for SOBER-128 */ -/* - * This is really the combination of two SBoxes; the least significant - * 24 bits comes from: - * 8->32 Sbox generated by Millan et. al. at Queensland University of - * Technology. See: E. Dawson, W. Millan, L. Burnett, G. Carter, - * "On the Design of 8*32 S-boxes". Unpublished report, by the - * Information Systems Research Centre, - * Queensland University of Technology, 1999. - * - * The most significant 8 bits are the Skipjack "F table", which can be - * found at http://csrc.nist.gov/CryptoToolkit/skipjack/skipjack.pdf . - * In this optimised table, though, the intent is to XOR the word from - * the table selected by the high byte with the input word. Thus, the - * high byte is actually the Skipjack F-table entry XORED with its - * table index. - */ -static const ulong32 Sbox[256] = { - 0xa3aa1887, 0xd65e435c, 0x0b65c042, 0x800e6ef4, - 0xfc57ee20, 0x4d84fed3, 0xf066c502, 0xf354e8ae, - 0xbb2ee9d9, 0x281f38d4, 0x1f829b5d, 0x735cdf3c, - 0x95864249, 0xbc2e3963, 0xa1f4429f, 0xf6432c35, - 0xf7f40325, 0x3cc0dd70, 0x5f973ded, 0x9902dc5e, - 0xda175b42, 0x590012bf, 0xdc94d78c, 0x39aab26b, - 0x4ac11b9a, 0x8c168146, 0xc3ea8ec5, 0x058ac28f, - 0x52ed5c0f, 0x25b4101c, 0x5a2db082, 0x370929e1, - 0x2a1843de, 0xfe8299fc, 0x202fbc4b, 0x833915dd, - 0x33a803fa, 0xd446b2de, 0x46233342, 0x4fcee7c3, - 0x3ad607ef, 0x9e97ebab, 0x507f859b, 0xe81f2e2f, - 0xc55b71da, 0xd7e2269a, 0x1339c3d1, 0x7ca56b36, - 0xa6c9def2, 0xb5c9fc5f, 0x5927b3a3, 0x89a56ddf, - 0xc625b510, 0x560f85a7, 0xace82e71, 0x2ecb8816, - 0x44951e2a, 0x97f5f6af, 0xdfcbc2b3, 0xce4ff55d, - 0xcb6b6214, 0x2b0b83e3, 0x549ea6f5, 0x9de041af, - 0x792f1f17, 0xf73b99ee, 0x39a65ec0, 0x4c7016c6, - 0x857709a4, 0xd6326e01, 0xc7b280d9, 0x5cfb1418, - 0xa6aff227, 0xfd548203, 0x506b9d96, 0xa117a8c0, - 0x9cd5bf6e, 0xdcee7888, 0x61fcfe64, 0xf7a193cd, - 0x050d0184, 0xe8ae4930, 0x88014f36, 0xd6a87088, - 0x6bad6c2a, 0x1422c678, 0xe9204de7, 0xb7c2e759, - 0x0200248e, 0x013b446b, 0xda0d9fc2, 0x0414a895, - 0x3a6cc3a1, 0x56fef170, 0x86c19155, 0xcf7b8a66, - 0x551b5e69, 0xb4a8623e, 0xa2bdfa35, 0xc4f068cc, - 0x573a6acd, 0x6355e936, 0x03602db9, 0x0edf13c1, - 0x2d0bb16d, 0x6980b83c, 0xfeb23763, 0x3dd8a911, - 0x01b6bc13, 0xf55579d7, 0xf55c2fa8, 0x19f4196e, - 0xe7db5476, 0x8d64a866, 0xc06e16ad, 0xb17fc515, - 0xc46feb3c, 0x8bc8a306, 0xad6799d9, 0x571a9133, - 0x992466dd, 0x92eb5dcd, 0xac118f50, 0x9fafb226, - 0xa1b9cef3, 0x3ab36189, 0x347a19b1, 0x62c73084, - 0xc27ded5c, 0x6c8bc58f, 0x1cdde421, 0xed1e47fb, - 0xcdcc715e, 0xb9c0ff99, 0x4b122f0f, 0xc4d25184, - 0xaf7a5e6c, 0x5bbf18bc, 0x8dd7c6e0, 0x5fb7e420, - 0x521f523f, 0x4ad9b8a2, 0xe9da1a6b, 0x97888c02, - 0x19d1e354, 0x5aba7d79, 0xa2cc7753, 0x8c2d9655, - 0x19829da1, 0x531590a7, 0x19c1c149, 0x3d537f1c, - 0x50779b69, 0xed71f2b7, 0x463c58fa, 0x52dc4418, - 0xc18c8c76, 0xc120d9f0, 0xafa80d4d, 0x3b74c473, - 0xd09410e9, 0x290e4211, 0xc3c8082b, 0x8f6b334a, - 0x3bf68ed2, 0xa843cc1b, 0x8d3c0ff3, 0x20e564a0, - 0xf8f55a4f, 0x2b40f8e7, 0xfea7f15f, 0xcf00fe21, - 0x8a6d37d6, 0xd0d506f1, 0xade00973, 0xefbbde36, - 0x84670fa8, 0xfa31ab9e, 0xaedab618, 0xc01f52f5, - 0x6558eb4f, 0x71b9e343, 0x4b8d77dd, 0x8cb93da6, - 0x740fd52d, 0x425412f8, 0xc5a63360, 0x10e53ad0, - 0x5a700f1c, 0x8324ed0b, 0xe53dc1ec, 0x1a366795, - 0x6d549d15, 0xc5ce46d7, 0xe17abe76, 0x5f48e0a0, - 0xd0f07c02, 0x941249b7, 0xe49ed6ba, 0x37a47f78, - 0xe1cfffbd, 0xb007ca84, 0xbb65f4da, 0xb59f35da, - 0x33d2aa44, 0x417452ac, 0xc0d674a7, 0x2d61a46a, - 0xdc63152a, 0x3e12b7aa, 0x6e615927, 0xa14fb118, - 0xa151758d, 0xba81687b, 0xe152f0b3, 0x764254ed, - 0x34c77271, 0x0a31acab, 0x54f94aec, 0xb9e994cd, - 0x574d9e81, 0x5b623730, 0xce8a21e8, 0x37917f0b, - 0xe8a9b5d6, 0x9697adf8, 0xf3d30431, 0x5dcac921, - 0x76b35d46, 0xaa430a36, 0xc2194022, 0x22bca65e, - 0xdaec70ba, 0xdfaea8cc, 0x777bae8b, 0x242924d5, - 0x1f098a5a, 0x4b396b81, 0x55de2522, 0x435c1cb8, - 0xaeb8fe1d, 0x9db3c697, 0x5b164f83, 0xe0c16376, - 0xa319224c, 0xd0203b35, 0x433ac0fe, 0x1466a19a, - 0x45f0b24f, 0x51fda998, 0xc0d52d71, 0xfa0896a8, - 0xf9e6053f, 0xa4b0d300, 0xd499cbcc, 0xb95e3d40, -}; - -#endif /* __LTC_SOBER128TAB_C__ */ - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */