Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 60eb817520c949543bcdccce2242c1b73372a45b / . / drivers / staging / skein / threefish512Block.c
blob: f428fd6e1719a5dc654ebb98ad24085b1f3519b9 [file] [log] [blame]
Jason Cooperc2c74262014-03-24 02:32:49 +0000[diff] [blame]1#include <linux/string.h>
Jason Cooper449bb812014-03-24 01:48:58 +0000[diff] [blame]2#include <threefishApi.h>
Jason Cooper449bb812014-03-24 01:48:58 +0000[diff] [blame]3
4
Jason Coopercd4811a2014-03-24 01:49:06 +0000[diff] [blame]5void threefishEncrypt512(struct threefish_key *keyCtx, u64 *input, u64 *output)
Jason Cooper39bd42b2014-03-24 01:49:09 +0000[diff] [blame]6{
7 u64 b0 = input[0], b1 = input[1],
8 b2 = input[2], b3 = input[3],
9 b4 = input[4], b5 = input[5],
10 b6 = input[6], b7 = input[7];
11 u64 k0 = keyCtx->key[0], k1 = keyCtx->key[1],
12 k2 = keyCtx->key[2], k3 = keyCtx->key[3],
13 k4 = keyCtx->key[4], k5 = keyCtx->key[5],
14 k6 = keyCtx->key[6], k7 = keyCtx->key[7],
15 k8 = keyCtx->key[8];
16 u64 t0 = keyCtx->tweak[0], t1 = keyCtx->tweak[1],
17 t2 = keyCtx->tweak[2];
Jason Cooper449bb812014-03-24 01:48:58 +0000[diff] [blame]18
Jason Cooper60eb8172014-03-24 01:49:11 +0000[diff] [blame^]19 b1 += k1;
20 b0 += b1 + k0;
21 b1 = ((b1 << 46) | (b1 >> (64 - 46))) ^ b0;
22
23 b3 += k3;
24 b2 += b3 + k2;
25 b3 = ((b3 << 36) | (b3 >> (64 - 36))) ^ b2;
26
27 b5 += k5 + t0;
28 b4 += b5 + k4;
29 b5 = ((b5 << 19) | (b5 >> (64 - 19))) ^ b4;
30
31 b7 += k7;
32 b6 += b7 + k6 + t1;
33 b7 = ((b7 << 37) | (b7 >> (64 - 37))) ^ b6;
34
35 b2 += b1;
36 b1 = ((b1 << 33) | (b1 >> (64 - 33))) ^ b2;
37
38 b4 += b7;
39 b7 = ((b7 << 27) | (b7 >> (64 - 27))) ^ b4;
40
41 b6 += b5;
42 b5 = ((b5 << 14) | (b5 >> (64 - 14))) ^ b6;
43
44 b0 += b3;
45 b3 = ((b3 << 42) | (b3 >> (64 - 42))) ^ b0;
46
47 b4 += b1;
48 b1 = ((b1 << 17) | (b1 >> (64 - 17))) ^ b4;
49
50 b6 += b3;
51 b3 = ((b3 << 49) | (b3 >> (64 - 49))) ^ b6;
52
53 b0 += b5;
54 b5 = ((b5 << 36) | (b5 >> (64 - 36))) ^ b0;
55
56 b2 += b7;
57 b7 = ((b7 << 39) | (b7 >> (64 - 39))) ^ b2;
58
59 b6 += b1;
60 b1 = ((b1 << 44) | (b1 >> (64 - 44))) ^ b6;
61
62 b0 += b7;
63 b7 = ((b7 << 9) | (b7 >> (64 - 9))) ^ b0;
64
65 b2 += b5;
66 b5 = ((b5 << 54) | (b5 >> (64 - 54))) ^ b2;
67
68 b4 += b3;
69 b3 = ((b3 << 56) | (b3 >> (64 - 56))) ^ b4;
70
71 b1 += k2;
72 b0 += b1 + k1;
73 b1 = ((b1 << 39) | (b1 >> (64 - 39))) ^ b0;
74
75 b3 += k4;
76 b2 += b3 + k3;
77 b3 = ((b3 << 30) | (b3 >> (64 - 30))) ^ b2;
78
79 b5 += k6 + t1;
80 b4 += b5 + k5;
81 b5 = ((b5 << 34) | (b5 >> (64 - 34))) ^ b4;
82
83 b7 += k8 + 1;
84 b6 += b7 + k7 + t2;
85 b7 = ((b7 << 24) | (b7 >> (64 - 24))) ^ b6;
86
87 b2 += b1;
88 b1 = ((b1 << 13) | (b1 >> (64 - 13))) ^ b2;
89
90 b4 += b7;
91 b7 = ((b7 << 50) | (b7 >> (64 - 50))) ^ b4;
92
93 b6 += b5;
94 b5 = ((b5 << 10) | (b5 >> (64 - 10))) ^ b6;
95
96 b0 += b3;
97 b3 = ((b3 << 17) | (b3 >> (64 - 17))) ^ b0;
98
99 b4 += b1;
100 b1 = ((b1 << 25) | (b1 >> (64 - 25))) ^ b4;
101
102 b6 += b3;
103 b3 = ((b3 << 29) | (b3 >> (64 - 29))) ^ b6;
104
105 b0 += b5;
106 b5 = ((b5 << 39) | (b5 >> (64 - 39))) ^ b0;
107
108 b2 += b7;
109 b7 = ((b7 << 43) | (b7 >> (64 - 43))) ^ b2;
110
111 b6 += b1;
112 b1 = ((b1 << 8) | (b1 >> (64 - 8))) ^ b6;
113
114 b0 += b7;
115 b7 = ((b7 << 35) | (b7 >> (64 - 35))) ^ b0;
116
117 b2 += b5;
118 b5 = ((b5 << 56) | (b5 >> (64 - 56))) ^ b2;
119
120 b4 += b3;
121 b3 = ((b3 << 22) | (b3 >> (64 - 22))) ^ b4;
122
123 b1 += k3;
124 b0 += b1 + k2;
125 b1 = ((b1 << 46) | (b1 >> (64 - 46))) ^ b0;
126
127 b3 += k5;
128 b2 += b3 + k4;
129 b3 = ((b3 << 36) | (b3 >> (64 - 36))) ^ b2;
130
131 b5 += k7 + t2;
132 b4 += b5 + k6;
133 b5 = ((b5 << 19) | (b5 >> (64 - 19))) ^ b4;
134
135 b7 += k0 + 2;
136 b6 += b7 + k8 + t0;
137 b7 = ((b7 << 37) | (b7 >> (64 - 37))) ^ b6;
138
139 b2 += b1;
140 b1 = ((b1 << 33) | (b1 >> (64 - 33))) ^ b2;
141
142 b4 += b7;
143 b7 = ((b7 << 27) | (b7 >> (64 - 27))) ^ b4;
144
145 b6 += b5;
146 b5 = ((b5 << 14) | (b5 >> (64 - 14))) ^ b6;
147
148 b0 += b3;
149 b3 = ((b3 << 42) | (b3 >> (64 - 42))) ^ b0;
150
151 b4 += b1;
152 b1 = ((b1 << 17) | (b1 >> (64 - 17))) ^ b4;
153
154 b6 += b3;
155 b3 = ((b3 << 49) | (b3 >> (64 - 49))) ^ b6;
156
157 b0 += b5;
158 b5 = ((b5 << 36) | (b5 >> (64 - 36))) ^ b0;
159
160 b2 += b7;
161 b7 = ((b7 << 39) | (b7 >> (64 - 39))) ^ b2;
162
163 b6 += b1;
164 b1 = ((b1 << 44) | (b1 >> (64 - 44))) ^ b6;
165
166 b0 += b7;
167 b7 = ((b7 << 9) | (b7 >> (64 - 9))) ^ b0;
168
169 b2 += b5;
170 b5 = ((b5 << 54) | (b5 >> (64 - 54))) ^ b2;
171
172 b4 += b3;
173 b3 = ((b3 << 56) | (b3 >> (64 - 56))) ^ b4;
174
175 b1 += k4;
176 b0 += b1 + k3;
177 b1 = ((b1 << 39) | (b1 >> (64 - 39))) ^ b0;
178
179 b3 += k6;
180 b2 += b3 + k5;
181 b3 = ((b3 << 30) | (b3 >> (64 - 30))) ^ b2;
182
183 b5 += k8 + t0;
184 b4 += b5 + k7;
185 b5 = ((b5 << 34) | (b5 >> (64 - 34))) ^ b4;
186
187 b7 += k1 + 3;
188 b6 += b7 + k0 + t1;
189 b7 = ((b7 << 24) | (b7 >> (64 - 24))) ^ b6;
190
191 b2 += b1;
192 b1 = ((b1 << 13) | (b1 >> (64 - 13))) ^ b2;
193
194 b4 += b7;
195 b7 = ((b7 << 50) | (b7 >> (64 - 50))) ^ b4;
196
197 b6 += b5;
198 b5 = ((b5 << 10) | (b5 >> (64 - 10))) ^ b6;
199
200 b0 += b3;
201 b3 = ((b3 << 17) | (b3 >> (64 - 17))) ^ b0;
202
203 b4 += b1;
204 b1 = ((b1 << 25) | (b1 >> (64 - 25))) ^ b4;
205
206 b6 += b3;
207 b3 = ((b3 << 29) | (b3 >> (64 - 29))) ^ b6;
208
209 b0 += b5;
210 b5 = ((b5 << 39) | (b5 >> (64 - 39))) ^ b0;
211
212 b2 += b7;
213 b7 = ((b7 << 43) | (b7 >> (64 - 43))) ^ b2;
214
215 b6 += b1;
216 b1 = ((b1 << 8) | (b1 >> (64 - 8))) ^ b6;
217
218 b0 += b7;
219 b7 = ((b7 << 35) | (b7 >> (64 - 35))) ^ b0;
220
221 b2 += b5;
222 b5 = ((b5 << 56) | (b5 >> (64 - 56))) ^ b2;
223
224 b4 += b3;
225 b3 = ((b3 << 22) | (b3 >> (64 - 22))) ^ b4;
226
227 b1 += k5;
228 b0 += b1 + k4;
229 b1 = ((b1 << 46) | (b1 >> (64 - 46))) ^ b0;
230
231 b3 += k7;
232 b2 += b3 + k6;
233 b3 = ((b3 << 36) | (b3 >> (64 - 36))) ^ b2;
234
235 b5 += k0 + t1;
236 b4 += b5 + k8;
237 b5 = ((b5 << 19) | (b5 >> (64 - 19))) ^ b4;
238
239 b7 += k2 + 4;
240 b6 += b7 + k1 + t2;
241 b7 = ((b7 << 37) | (b7 >> (64 - 37))) ^ b6;
242
243 b2 += b1;
244 b1 = ((b1 << 33) | (b1 >> (64 - 33))) ^ b2;
245
246 b4 += b7;
247 b7 = ((b7 << 27) | (b7 >> (64 - 27))) ^ b4;
248
249 b6 += b5;
250 b5 = ((b5 << 14) | (b5 >> (64 - 14))) ^ b6;
251
252 b0 += b3;
253 b3 = ((b3 << 42) | (b3 >> (64 - 42))) ^ b0;
254
255 b4 += b1;
256 b1 = ((b1 << 17) | (b1 >> (64 - 17))) ^ b4;
257
258 b6 += b3;
259 b3 = ((b3 << 49) | (b3 >> (64 - 49))) ^ b6;
260
261 b0 += b5;
262 b5 = ((b5 << 36) | (b5 >> (64 - 36))) ^ b0;
263
264 b2 += b7;
265 b7 = ((b7 << 39) | (b7 >> (64 - 39))) ^ b2;
266
267 b6 += b1;
268 b1 = ((b1 << 44) | (b1 >> (64 - 44))) ^ b6;
269
270 b0 += b7;
271 b7 = ((b7 << 9) | (b7 >> (64 - 9))) ^ b0;
272
273 b2 += b5;
274 b5 = ((b5 << 54) | (b5 >> (64 - 54))) ^ b2;
275
276 b4 += b3;
277 b3 = ((b3 << 56) | (b3 >> (64 - 56))) ^ b4;
278
279 b1 += k6;
280 b0 += b1 + k5;
281 b1 = ((b1 << 39) | (b1 >> (64 - 39))) ^ b0;
282
283 b3 += k8;
284 b2 += b3 + k7;
285 b3 = ((b3 << 30) | (b3 >> (64 - 30))) ^ b2;
286
287 b5 += k1 + t2;
288 b4 += b5 + k0;
289 b5 = ((b5 << 34) | (b5 >> (64 - 34))) ^ b4;
290
291 b7 += k3 + 5;
292 b6 += b7 + k2 + t0;
293 b7 = ((b7 << 24) | (b7 >> (64 - 24))) ^ b6;
294
295 b2 += b1;
296 b1 = ((b1 << 13) | (b1 >> (64 - 13))) ^ b2;
297
298 b4 += b7;
299 b7 = ((b7 << 50) | (b7 >> (64 - 50))) ^ b4;
300
301 b6 += b5;
302 b5 = ((b5 << 10) | (b5 >> (64 - 10))) ^ b6;
303
304 b0 += b3;
305 b3 = ((b3 << 17) | (b3 >> (64 - 17))) ^ b0;
306
307 b4 += b1;
308 b1 = ((b1 << 25) | (b1 >> (64 - 25))) ^ b4;
309
310 b6 += b3;
311 b3 = ((b3 << 29) | (b3 >> (64 - 29))) ^ b6;
312
313 b0 += b5;
314 b5 = ((b5 << 39) | (b5 >> (64 - 39))) ^ b0;
315
316 b2 += b7;
317 b7 = ((b7 << 43) | (b7 >> (64 - 43))) ^ b2;
318
319 b6 += b1;
320 b1 = ((b1 << 8) | (b1 >> (64 - 8))) ^ b6;
321
322 b0 += b7;
323 b7 = ((b7 << 35) | (b7 >> (64 - 35))) ^ b0;
324
325 b2 += b5;
326 b5 = ((b5 << 56) | (b5 >> (64 - 56))) ^ b2;
327
328 b4 += b3;
329 b3 = ((b3 << 22) | (b3 >> (64 - 22))) ^ b4;
330
331 b1 += k7;
332 b0 += b1 + k6;
333 b1 = ((b1 << 46) | (b1 >> (64 - 46))) ^ b0;
334
335 b3 += k0;
336 b2 += b3 + k8;
337 b3 = ((b3 << 36) | (b3 >> (64 - 36))) ^ b2;
338
339 b5 += k2 + t0;
340 b4 += b5 + k1;
341 b5 = ((b5 << 19) | (b5 >> (64 - 19))) ^ b4;
342
343 b7 += k4 + 6;
344 b6 += b7 + k3 + t1;
345 b7 = ((b7 << 37) | (b7 >> (64 - 37))) ^ b6;
346
347 b2 += b1;
348 b1 = ((b1 << 33) | (b1 >> (64 - 33))) ^ b2;
349
350 b4 += b7;
351 b7 = ((b7 << 27) | (b7 >> (64 - 27))) ^ b4;
352
353 b6 += b5;
354 b5 = ((b5 << 14) | (b5 >> (64 - 14))) ^ b6;
355
356 b0 += b3;
357 b3 = ((b3 << 42) | (b3 >> (64 - 42))) ^ b0;
358
359 b4 += b1;
360 b1 = ((b1 << 17) | (b1 >> (64 - 17))) ^ b4;
361
362 b6 += b3;
363 b3 = ((b3 << 49) | (b3 >> (64 - 49))) ^ b6;
364
365 b0 += b5;
366 b5 = ((b5 << 36) | (b5 >> (64 - 36))) ^ b0;
367
368 b2 += b7;
369 b7 = ((b7 << 39) | (b7 >> (64 - 39))) ^ b2;
370
371 b6 += b1;
372 b1 = ((b1 << 44) | (b1 >> (64 - 44))) ^ b6;
373
374 b0 += b7;
375 b7 = ((b7 << 9) | (b7 >> (64 - 9))) ^ b0;
376
377 b2 += b5;
378 b5 = ((b5 << 54) | (b5 >> (64 - 54))) ^ b2;
379
380 b4 += b3;
381 b3 = ((b3 << 56) | (b3 >> (64 - 56))) ^ b4;
382
383 b1 += k8;
384 b0 += b1 + k7;
385 b1 = ((b1 << 39) | (b1 >> (64 - 39))) ^ b0;
386
387 b3 += k1;
388 b2 += b3 + k0;
389 b3 = ((b3 << 30) | (b3 >> (64 - 30))) ^ b2;
390
391 b5 += k3 + t1;
392 b4 += b5 + k2;
393 b5 = ((b5 << 34) | (b5 >> (64 - 34))) ^ b4;
394
395 b7 += k5 + 7;
396 b6 += b7 + k4 + t2;
397 b7 = ((b7 << 24) | (b7 >> (64 - 24))) ^ b6;
398
399 b2 += b1;
400 b1 = ((b1 << 13) | (b1 >> (64 - 13))) ^ b2;
401
402 b4 += b7;
403 b7 = ((b7 << 50) | (b7 >> (64 - 50))) ^ b4;
404
405 b6 += b5;
406 b5 = ((b5 << 10) | (b5 >> (64 - 10))) ^ b6;
407
408 b0 += b3;
409 b3 = ((b3 << 17) | (b3 >> (64 - 17))) ^ b0;
410
411 b4 += b1;
412 b1 = ((b1 << 25) | (b1 >> (64 - 25))) ^ b4;
413
414 b6 += b3;
415 b3 = ((b3 << 29) | (b3 >> (64 - 29))) ^ b6;
416
417 b0 += b5;
418 b5 = ((b5 << 39) | (b5 >> (64 - 39))) ^ b0;
419
420 b2 += b7;
421 b7 = ((b7 << 43) | (b7 >> (64 - 43))) ^ b2;
422
423 b6 += b1;
424 b1 = ((b1 << 8) | (b1 >> (64 - 8))) ^ b6;
425
426 b0 += b7;
427 b7 = ((b7 << 35) | (b7 >> (64 - 35))) ^ b0;
428
429 b2 += b5;
430 b5 = ((b5 << 56) | (b5 >> (64 - 56))) ^ b2;
431
432 b4 += b3;
433 b3 = ((b3 << 22) | (b3 >> (64 - 22))) ^ b4;
434
435 b1 += k0;
436 b0 += b1 + k8;
437 b1 = ((b1 << 46) | (b1 >> (64 - 46))) ^ b0;
438
439 b3 += k2;
440 b2 += b3 + k1;
441 b3 = ((b3 << 36) | (b3 >> (64 - 36))) ^ b2;
442
443 b5 += k4 + t2;
444 b4 += b5 + k3;
445 b5 = ((b5 << 19) | (b5 >> (64 - 19))) ^ b4;
446
447 b7 += k6 + 8;
448 b6 += b7 + k5 + t0;
449 b7 = ((b7 << 37) | (b7 >> (64 - 37))) ^ b6;
450
451 b2 += b1;
452 b1 = ((b1 << 33) | (b1 >> (64 - 33))) ^ b2;
453
454 b4 += b7;
455 b7 = ((b7 << 27) | (b7 >> (64 - 27))) ^ b4;
456
457 b6 += b5;
458 b5 = ((b5 << 14) | (b5 >> (64 - 14))) ^ b6;
459
460 b0 += b3;
461 b3 = ((b3 << 42) | (b3 >> (64 - 42))) ^ b0;
462
463 b4 += b1;
464 b1 = ((b1 << 17) | (b1 >> (64 - 17))) ^ b4;
465
466 b6 += b3;
467 b3 = ((b3 << 49) | (b3 >> (64 - 49))) ^ b6;
468
469 b0 += b5;
470 b5 = ((b5 << 36) | (b5 >> (64 - 36))) ^ b0;
471
472 b2 += b7;
473 b7 = ((b7 << 39) | (b7 >> (64 - 39))) ^ b2;
474
475 b6 += b1;
476 b1 = ((b1 << 44) | (b1 >> (64 - 44))) ^ b6;
477
478 b0 += b7;
479 b7 = ((b7 << 9) | (b7 >> (64 - 9))) ^ b0;
480
481 b2 += b5;
482 b5 = ((b5 << 54) | (b5 >> (64 - 54))) ^ b2;
483
484 b4 += b3;
485 b3 = ((b3 << 56) | (b3 >> (64 - 56))) ^ b4;
486
487 b1 += k1;
488 b0 += b1 + k0;
489 b1 = ((b1 << 39) | (b1 >> (64 - 39))) ^ b0;
490
491 b3 += k3;
492 b2 += b3 + k2;
493 b3 = ((b3 << 30) | (b3 >> (64 - 30))) ^ b2;
494
495 b5 += k5 + t0;
496 b4 += b5 + k4;
497 b5 = ((b5 << 34) | (b5 >> (64 - 34))) ^ b4;
498
499 b7 += k7 + 9;
500 b6 += b7 + k6 + t1;
501 b7 = ((b7 << 24) | (b7 >> (64 - 24))) ^ b6;
502
503 b2 += b1;
504 b1 = ((b1 << 13) | (b1 >> (64 - 13))) ^ b2;
505
506 b4 += b7;
507 b7 = ((b7 << 50) | (b7 >> (64 - 50))) ^ b4;
508
509 b6 += b5;
510 b5 = ((b5 << 10) | (b5 >> (64 - 10))) ^ b6;
511
512 b0 += b3;
513 b3 = ((b3 << 17) | (b3 >> (64 - 17))) ^ b0;
514
515 b4 += b1;
516 b1 = ((b1 << 25) | (b1 >> (64 - 25))) ^ b4;
517
518 b6 += b3;
519 b3 = ((b3 << 29) | (b3 >> (64 - 29))) ^ b6;
520
521 b0 += b5;
522 b5 = ((b5 << 39) | (b5 >> (64 - 39))) ^ b0;
523
524 b2 += b7;
525 b7 = ((b7 << 43) | (b7 >> (64 - 43))) ^ b2;
526
527 b6 += b1;
528 b1 = ((b1 << 8) | (b1 >> (64 - 8))) ^ b6;
529
530 b0 += b7;
531 b7 = ((b7 << 35) | (b7 >> (64 - 35))) ^ b0;
532
533 b2 += b5;
534 b5 = ((b5 << 56) | (b5 >> (64 - 56))) ^ b2;
535
536 b4 += b3;
537 b3 = ((b3 << 22) | (b3 >> (64 - 22))) ^ b4;
538
539 b1 += k2;
540 b0 += b1 + k1;
541 b1 = ((b1 << 46) | (b1 >> (64 - 46))) ^ b0;
542
543 b3 += k4;
544 b2 += b3 + k3;
545 b3 = ((b3 << 36) | (b3 >> (64 - 36))) ^ b2;
546
547 b5 += k6 + t1;
548 b4 += b5 + k5;
549 b5 = ((b5 << 19) | (b5 >> (64 - 19))) ^ b4;
550
551 b7 += k8 + 10;
552 b6 += b7 + k7 + t2;
553 b7 = ((b7 << 37) | (b7 >> (64 - 37))) ^ b6;
554
555 b2 += b1;
556 b1 = ((b1 << 33) | (b1 >> (64 - 33))) ^ b2;
557
558 b4 += b7;
559 b7 = ((b7 << 27) | (b7 >> (64 - 27))) ^ b4;
560
561 b6 += b5;
562 b5 = ((b5 << 14) | (b5 >> (64 - 14))) ^ b6;
563
564 b0 += b3;
565 b3 = ((b3 << 42) | (b3 >> (64 - 42))) ^ b0;
566
567 b4 += b1;
568 b1 = ((b1 << 17) | (b1 >> (64 - 17))) ^ b4;
569
570 b6 += b3;
571 b3 = ((b3 << 49) | (b3 >> (64 - 49))) ^ b6;
572
573 b0 += b5;
574 b5 = ((b5 << 36) | (b5 >> (64 - 36))) ^ b0;
575
576 b2 += b7;
577 b7 = ((b7 << 39) | (b7 >> (64 - 39))) ^ b2;
578
579 b6 += b1;
580 b1 = ((b1 << 44) | (b1 >> (64 - 44))) ^ b6;
581
582 b0 += b7;
583 b7 = ((b7 << 9) | (b7 >> (64 - 9))) ^ b0;
584
585 b2 += b5;
586 b5 = ((b5 << 54) | (b5 >> (64 - 54))) ^ b2;
587
588 b4 += b3;
589 b3 = ((b3 << 56) | (b3 >> (64 - 56))) ^ b4;
590
591 b1 += k3;
592 b0 += b1 + k2;
593 b1 = ((b1 << 39) | (b1 >> (64 - 39))) ^ b0;
594
595 b3 += k5;
596 b2 += b3 + k4;
597 b3 = ((b3 << 30) | (b3 >> (64 - 30))) ^ b2;
598
599 b5 += k7 + t2;
600 b4 += b5 + k6;
601 b5 = ((b5 << 34) | (b5 >> (64 - 34))) ^ b4;
602
603 b7 += k0 + 11;
604 b6 += b7 + k8 + t0;
605 b7 = ((b7 << 24) | (b7 >> (64 - 24))) ^ b6;
606
607 b2 += b1;
608 b1 = ((b1 << 13) | (b1 >> (64 - 13))) ^ b2;
609
610 b4 += b7;
611 b7 = ((b7 << 50) | (b7 >> (64 - 50))) ^ b4;
612
613 b6 += b5;
614 b5 = ((b5 << 10) | (b5 >> (64 - 10))) ^ b6;
615
616 b0 += b3;
617 b3 = ((b3 << 17) | (b3 >> (64 - 17))) ^ b0;
618
619 b4 += b1;
620 b1 = ((b1 << 25) | (b1 >> (64 - 25))) ^ b4;
621
622 b6 += b3;
623 b3 = ((b3 << 29) | (b3 >> (64 - 29))) ^ b6;
624
625 b0 += b5;
626 b5 = ((b5 << 39) | (b5 >> (64 - 39))) ^ b0;
627
628 b2 += b7;
629 b7 = ((b7 << 43) | (b7 >> (64 - 43))) ^ b2;
630
631 b6 += b1;
632 b1 = ((b1 << 8) | (b1 >> (64 - 8))) ^ b6;
633
634 b0 += b7;
635 b7 = ((b7 << 35) | (b7 >> (64 - 35))) ^ b0;
636
637 b2 += b5;
638 b5 = ((b5 << 56) | (b5 >> (64 - 56))) ^ b2;
639
640 b4 += b3;
641 b3 = ((b3 << 22) | (b3 >> (64 - 22))) ^ b4;
642
643 b1 += k4;
644 b0 += b1 + k3;
645 b1 = ((b1 << 46) | (b1 >> (64 - 46))) ^ b0;
646
647 b3 += k6;
648 b2 += b3 + k5;
649 b3 = ((b3 << 36) | (b3 >> (64 - 36))) ^ b2;
650
651 b5 += k8 + t0;
652 b4 += b5 + k7;
653 b5 = ((b5 << 19) | (b5 >> (64 - 19))) ^ b4;
654
655 b7 += k1 + 12;
656 b6 += b7 + k0 + t1;
657 b7 = ((b7 << 37) | (b7 >> (64 - 37))) ^ b6;
658
659 b2 += b1;
660 b1 = ((b1 << 33) | (b1 >> (64 - 33))) ^ b2;
661
662 b4 += b7;
663 b7 = ((b7 << 27) | (b7 >> (64 - 27))) ^ b4;
664
665 b6 += b5;
666 b5 = ((b5 << 14) | (b5 >> (64 - 14))) ^ b6;
667
668 b0 += b3;
669 b3 = ((b3 << 42) | (b3 >> (64 - 42))) ^ b0;
670
671 b4 += b1;
672 b1 = ((b1 << 17) | (b1 >> (64 - 17))) ^ b4;
673
674 b6 += b3;
675 b3 = ((b3 << 49) | (b3 >> (64 - 49))) ^ b6;
676
677 b0 += b5;
678 b5 = ((b5 << 36) | (b5 >> (64 - 36))) ^ b0;
679
680 b2 += b7;
681 b7 = ((b7 << 39) | (b7 >> (64 - 39))) ^ b2;
682
683 b6 += b1;
684 b1 = ((b1 << 44) | (b1 >> (64 - 44))) ^ b6;
685
686 b0 += b7;
687 b7 = ((b7 << 9) | (b7 >> (64 - 9))) ^ b0;
688
689 b2 += b5;
690 b5 = ((b5 << 54) | (b5 >> (64 - 54))) ^ b2;
691
692 b4 += b3;
693 b3 = ((b3 << 56) | (b3 >> (64 - 56))) ^ b4;
694
695 b1 += k5;
696 b0 += b1 + k4;
697 b1 = ((b1 << 39) | (b1 >> (64 - 39))) ^ b0;
698
699 b3 += k7;
700 b2 += b3 + k6;
701 b3 = ((b3 << 30) | (b3 >> (64 - 30))) ^ b2;
702
703 b5 += k0 + t1;
704 b4 += b5 + k8;
705 b5 = ((b5 << 34) | (b5 >> (64 - 34))) ^ b4;
706
707 b7 += k2 + 13;
708 b6 += b7 + k1 + t2;
709 b7 = ((b7 << 24) | (b7 >> (64 - 24))) ^ b6;
710
711 b2 += b1;
712 b1 = ((b1 << 13) | (b1 >> (64 - 13))) ^ b2;
713
714 b4 += b7;
715 b7 = ((b7 << 50) | (b7 >> (64 - 50))) ^ b4;
716
717 b6 += b5;
718 b5 = ((b5 << 10) | (b5 >> (64 - 10))) ^ b6;
719
720 b0 += b3;
721 b3 = ((b3 << 17) | (b3 >> (64 - 17))) ^ b0;
722
723 b4 += b1;
724 b1 = ((b1 << 25) | (b1 >> (64 - 25))) ^ b4;
725
726 b6 += b3;
727 b3 = ((b3 << 29) | (b3 >> (64 - 29))) ^ b6;
728
729 b0 += b5;
730 b5 = ((b5 << 39) | (b5 >> (64 - 39))) ^ b0;
731
732 b2 += b7;
733 b7 = ((b7 << 43) | (b7 >> (64 - 43))) ^ b2;
734
735 b6 += b1;
736 b1 = ((b1 << 8) | (b1 >> (64 - 8))) ^ b6;
737
738 b0 += b7;
739 b7 = ((b7 << 35) | (b7 >> (64 - 35))) ^ b0;
740
741 b2 += b5;
742 b5 = ((b5 << 56) | (b5 >> (64 - 56))) ^ b2;
743
744 b4 += b3;
745 b3 = ((b3 << 22) | (b3 >> (64 - 22))) ^ b4;
746
747 b1 += k6;
748 b0 += b1 + k5;
749 b1 = ((b1 << 46) | (b1 >> (64 - 46))) ^ b0;
750
751 b3 += k8;
752 b2 += b3 + k7;
753 b3 = ((b3 << 36) | (b3 >> (64 - 36))) ^ b2;
754
755 b5 += k1 + t2;
756 b4 += b5 + k0;
757 b5 = ((b5 << 19) | (b5 >> (64 - 19))) ^ b4;
758
759 b7 += k3 + 14;
760 b6 += b7 + k2 + t0;
761 b7 = ((b7 << 37) | (b7 >> (64 - 37))) ^ b6;
762
763 b2 += b1;
764 b1 = ((b1 << 33) | (b1 >> (64 - 33))) ^ b2;
765
766 b4 += b7;
767 b7 = ((b7 << 27) | (b7 >> (64 - 27))) ^ b4;
768
769 b6 += b5;
770 b5 = ((b5 << 14) | (b5 >> (64 - 14))) ^ b6;
771
772 b0 += b3;
773 b3 = ((b3 << 42) | (b3 >> (64 - 42))) ^ b0;
774
775 b4 += b1;
776 b1 = ((b1 << 17) | (b1 >> (64 - 17))) ^ b4;
777
778 b6 += b3;
779 b3 = ((b3 << 49) | (b3 >> (64 - 49))) ^ b6;
780
781 b0 += b5;
782 b5 = ((b5 << 36) | (b5 >> (64 - 36))) ^ b0;
783
784 b2 += b7;
785 b7 = ((b7 << 39) | (b7 >> (64 - 39))) ^ b2;
786
787 b6 += b1;
788 b1 = ((b1 << 44) | (b1 >> (64 - 44))) ^ b6;
789
790 b0 += b7;
791 b7 = ((b7 << 9) | (b7 >> (64 - 9))) ^ b0;
792
793 b2 += b5;
794 b5 = ((b5 << 54) | (b5 >> (64 - 54))) ^ b2;
795
796 b4 += b3;
797 b3 = ((b3 << 56) | (b3 >> (64 - 56))) ^ b4;
798
799 b1 += k7;
800 b0 += b1 + k6;
801 b1 = ((b1 << 39) | (b1 >> (64 - 39))) ^ b0;
802
803 b3 += k0;
804 b2 += b3 + k8;
805 b3 = ((b3 << 30) | (b3 >> (64 - 30))) ^ b2;
806
807 b5 += k2 + t0;
808 b4 += b5 + k1;
809 b5 = ((b5 << 34) | (b5 >> (64 - 34))) ^ b4;
810
811 b7 += k4 + 15;
812 b6 += b7 + k3 + t1;
813 b7 = ((b7 << 24) | (b7 >> (64 - 24))) ^ b6;
814
815 b2 += b1;
816 b1 = ((b1 << 13) | (b1 >> (64 - 13))) ^ b2;
817
818 b4 += b7;
819 b7 = ((b7 << 50) | (b7 >> (64 - 50))) ^ b4;
820
821 b6 += b5;
822 b5 = ((b5 << 10) | (b5 >> (64 - 10))) ^ b6;
823
824 b0 += b3;
825 b3 = ((b3 << 17) | (b3 >> (64 - 17))) ^ b0;
826
827 b4 += b1;
828 b1 = ((b1 << 25) | (b1 >> (64 - 25))) ^ b4;
829
830 b6 += b3;
831 b3 = ((b3 << 29) | (b3 >> (64 - 29))) ^ b6;
832
833 b0 += b5;
834 b5 = ((b5 << 39) | (b5 >> (64 - 39))) ^ b0;
835
836 b2 += b7;
837 b7 = ((b7 << 43) | (b7 >> (64 - 43))) ^ b2;
838
839 b6 += b1;
840 b1 = ((b1 << 8) | (b1 >> (64 - 8))) ^ b6;
841
842 b0 += b7;
843 b7 = ((b7 << 35) | (b7 >> (64 - 35))) ^ b0;
844
845 b2 += b5;
846 b5 = ((b5 << 56) | (b5 >> (64 - 56))) ^ b2;
847
848 b4 += b3;
849 b3 = ((b3 << 22) | (b3 >> (64 - 22))) ^ b4;
850
851 b1 += k8;
852 b0 += b1 + k7;
853 b1 = ((b1 << 46) | (b1 >> (64 - 46))) ^ b0;
854
855 b3 += k1;
856 b2 += b3 + k0;
857 b3 = ((b3 << 36) | (b3 >> (64 - 36))) ^ b2;
858
859 b5 += k3 + t1;
860 b4 += b5 + k2;
861 b5 = ((b5 << 19) | (b5 >> (64 - 19))) ^ b4;
862
863 b7 += k5 + 16;
864 b6 += b7 + k4 + t2;
865 b7 = ((b7 << 37) | (b7 >> (64 - 37))) ^ b6;
866
867 b2 += b1;
868 b1 = ((b1 << 33) | (b1 >> (64 - 33))) ^ b2;
869
870 b4 += b7;
871 b7 = ((b7 << 27) | (b7 >> (64 - 27))) ^ b4;
872
873 b6 += b5;
874 b5 = ((b5 << 14) | (b5 >> (64 - 14))) ^ b6;
875
876 b0 += b3;
877 b3 = ((b3 << 42) | (b3 >> (64 - 42))) ^ b0;
878
879 b4 += b1;
880 b1 = ((b1 << 17) | (b1 >> (64 - 17))) ^ b4;
881
882 b6 += b3;
883 b3 = ((b3 << 49) | (b3 >> (64 - 49))) ^ b6;
884
885 b0 += b5;
886 b5 = ((b5 << 36) | (b5 >> (64 - 36))) ^ b0;
887
888 b2 += b7;
889 b7 = ((b7 << 39) | (b7 >> (64 - 39))) ^ b2;
890
891 b6 += b1;
892 b1 = ((b1 << 44) | (b1 >> (64 - 44))) ^ b6;
893
894 b0 += b7;
895 b7 = ((b7 << 9) | (b7 >> (64 - 9))) ^ b0;
896
897 b2 += b5;
898 b5 = ((b5 << 54) | (b5 >> (64 - 54))) ^ b2;
899
900 b4 += b3;
901 b3 = ((b3 << 56) | (b3 >> (64 - 56))) ^ b4;
902
903 b1 += k0;
904 b0 += b1 + k8;
905 b1 = ((b1 << 39) | (b1 >> (64 - 39))) ^ b0;
906
907 b3 += k2;
908 b2 += b3 + k1;
909 b3 = ((b3 << 30) | (b3 >> (64 - 30))) ^ b2;
910
911 b5 += k4 + t2;
912 b4 += b5 + k3;
913 b5 = ((b5 << 34) | (b5 >> (64 - 34))) ^ b4;
914
915 b7 += k6 + 17;
916 b6 += b7 + k5 + t0;
917 b7 = ((b7 << 24) | (b7 >> (64 - 24))) ^ b6;
918
919 b2 += b1;
920 b1 = ((b1 << 13) | (b1 >> (64 - 13))) ^ b2;
921
922 b4 += b7;
923 b7 = ((b7 << 50) | (b7 >> (64 - 50))) ^ b4;
924
925 b6 += b5;
926 b5 = ((b5 << 10) | (b5 >> (64 - 10))) ^ b6;
927
928 b0 += b3;
929 b3 = ((b3 << 17) | (b3 >> (64 - 17))) ^ b0;
930
931 b4 += b1;
932 b1 = ((b1 << 25) | (b1 >> (64 - 25))) ^ b4;
933
934 b6 += b3;
935 b3 = ((b3 << 29) | (b3 >> (64 - 29))) ^ b6;
936
937 b0 += b5;
938 b5 = ((b5 << 39) | (b5 >> (64 - 39))) ^ b0;
939
940 b2 += b7;
941 b7 = ((b7 << 43) | (b7 >> (64 - 43))) ^ b2;
942
943 b6 += b1;
944 b1 = ((b1 << 8) | (b1 >> (64 - 8))) ^ b6;
945
946 b0 += b7;
947 b7 = ((b7 << 35) | (b7 >> (64 - 35))) ^ b0;
948
949 b2 += b5;
950 b5 = ((b5 << 56) | (b5 >> (64 - 56))) ^ b2;
951
952 b4 += b3;
953 b3 = ((b3 << 22) | (b3 >> (64 - 22))) ^ b4;
Jason Cooper449bb812014-03-24 01:48:58 +0000[diff] [blame]954
Jason Cooper39bd42b2014-03-24 01:49:09 +0000[diff] [blame]955 output[0] = b0 + k0;
956 output[1] = b1 + k1;
957 output[2] = b2 + k2;
958 output[3] = b3 + k3;
959 output[4] = b4 + k4;
960 output[5] = b5 + k5 + t0;
961 output[6] = b6 + k6 + t1;
962 output[7] = b7 + k7 + 18;
963}
Jason Cooper449bb812014-03-24 01:48:58 +0000[diff] [blame]964
Jason Coopercd4811a2014-03-24 01:49:06 +0000[diff] [blame]965void threefishDecrypt512(struct threefish_key *keyCtx, u64 *input, u64 *output)
Jason Cooper39bd42b2014-03-24 01:49:09 +0000[diff] [blame]966{
967 u64 b0 = input[0], b1 = input[1],
968 b2 = input[2], b3 = input[3],
969 b4 = input[4], b5 = input[5],
970 b6 = input[6], b7 = input[7];
971 u64 k0 = keyCtx->key[0], k1 = keyCtx->key[1],
972 k2 = keyCtx->key[2], k3 = keyCtx->key[3],
973 k4 = keyCtx->key[4], k5 = keyCtx->key[5],
974 k6 = keyCtx->key[6], k7 = keyCtx->key[7],
975 k8 = keyCtx->key[8];
976 u64 t0 = keyCtx->tweak[0], t1 = keyCtx->tweak[1],
977 t2 = keyCtx->tweak[2];
Jason Cooper449bb812014-03-24 01:48:58 +0000[diff] [blame]978
Jason Cooper39bd42b2014-03-24 01:49:09 +0000[diff] [blame]979 u64 tmp;
Jason Cooper449bb812014-03-24 01:48:58 +0000[diff] [blame]980
Jason Cooper39bd42b2014-03-24 01:49:09 +0000[diff] [blame]981 b0 -= k0;
982 b1 -= k1;
983 b2 -= k2;
984 b3 -= k3;
985 b4 -= k4;
986 b5 -= k5 + t0;
987 b6 -= k6 + t1;
988 b7 -= k7 + 18;
Jason Cooper60eb8172014-03-24 01:49:11 +0000[diff] [blame^]989
990 tmp = b3 ^ b4;
991 b3 = (tmp >> 22) | (tmp << (64 - 22));
992 b4 -= b3;
993
994 tmp = b5 ^ b2;
995 b5 = (tmp >> 56) | (tmp << (64 - 56));
996 b2 -= b5;
997
998 tmp = b7 ^ b0;
999 b7 = (tmp >> 35) | (tmp << (64 - 35));
1000 b0 -= b7;
1001
1002 tmp = b1 ^ b6;
1003 b1 = (tmp >> 8) | (tmp << (64 - 8));
1004 b6 -= b1;
1005
1006 tmp = b7 ^ b2;
1007 b7 = (tmp >> 43) | (tmp << (64 - 43));
1008 b2 -= b7;
1009
1010 tmp = b5 ^ b0;
1011 b5 = (tmp >> 39) | (tmp << (64 - 39));
1012 b0 -= b5;
1013
1014 tmp = b3 ^ b6;
1015 b3 = (tmp >> 29) | (tmp << (64 - 29));
1016 b6 -= b3;
1017
1018 tmp = b1 ^ b4;
1019 b1 = (tmp >> 25) | (tmp << (64 - 25));
1020 b4 -= b1;
1021
1022 tmp = b3 ^ b0;
1023 b3 = (tmp >> 17) | (tmp << (64 - 17));
1024 b0 -= b3;
1025
1026 tmp = b5 ^ b6;
1027 b5 = (tmp >> 10) | (tmp << (64 - 10));
1028 b6 -= b5;
1029
1030 tmp = b7 ^ b4;
1031 b7 = (tmp >> 50) | (tmp << (64 - 50));
1032 b4 -= b7;
1033
1034 tmp = b1 ^ b2;
1035 b1 = (tmp >> 13) | (tmp << (64 - 13));
1036 b2 -= b1;
1037
1038 tmp = b7 ^ b6;
1039 b7 = (tmp >> 24) | (tmp << (64 - 24));
1040 b6 -= b7 + k5 + t0;
1041 b7 -= k6 + 17;
1042
1043 tmp = b5 ^ b4;
1044 b5 = (tmp >> 34) | (tmp << (64 - 34));
1045 b4 -= b5 + k3;
1046 b5 -= k4 + t2;
1047
1048 tmp = b3 ^ b2;
1049 b3 = (tmp >> 30) | (tmp << (64 - 30));
1050 b2 -= b3 + k1;
1051 b3 -= k2;
1052
1053 tmp = b1 ^ b0;
1054 b1 = (tmp >> 39) | (tmp << (64 - 39));
1055 b0 -= b1 + k8;
1056 b1 -= k0;
1057
1058 tmp = b3 ^ b4;
1059 b3 = (tmp >> 56) | (tmp << (64 - 56));
1060 b4 -= b3;
1061
1062 tmp = b5 ^ b2;
1063 b5 = (tmp >> 54) | (tmp << (64 - 54));
1064 b2 -= b5;
1065
1066 tmp = b7 ^ b0;
1067 b7 = (tmp >> 9) | (tmp << (64 - 9));
1068 b0 -= b7;
1069
1070 tmp = b1 ^ b6;
1071 b1 = (tmp >> 44) | (tmp << (64 - 44));
1072 b6 -= b1;
1073
1074 tmp = b7 ^ b2;
1075 b7 = (tmp >> 39) | (tmp << (64 - 39));
1076 b2 -= b7;
1077
1078 tmp = b5 ^ b0;
1079 b5 = (tmp >> 36) | (tmp << (64 - 36));
1080 b0 -= b5;
1081
1082 tmp = b3 ^ b6;
1083 b3 = (tmp >> 49) | (tmp << (64 - 49));
1084 b6 -= b3;
1085
1086 tmp = b1 ^ b4;
1087 b1 = (tmp >> 17) | (tmp << (64 - 17));
1088 b4 -= b1;
1089
1090 tmp = b3 ^ b0;
1091 b3 = (tmp >> 42) | (tmp << (64 - 42));
1092 b0 -= b3;
1093
1094 tmp = b5 ^ b6;
1095 b5 = (tmp >> 14) | (tmp << (64 - 14));
1096 b6 -= b5;
1097
1098 tmp = b7 ^ b4;
1099 b7 = (tmp >> 27) | (tmp << (64 - 27));
1100 b4 -= b7;
1101
1102 tmp = b1 ^ b2;
1103 b1 = (tmp >> 33) | (tmp << (64 - 33));
1104 b2 -= b1;
1105
1106 tmp = b7 ^ b6;
1107 b7 = (tmp >> 37) | (tmp << (64 - 37));
1108 b6 -= b7 + k4 + t2;
1109 b7 -= k5 + 16;
1110
1111 tmp = b5 ^ b4;
1112 b5 = (tmp >> 19) | (tmp << (64 - 19));
1113 b4 -= b5 + k2;
1114 b5 -= k3 + t1;
1115
1116 tmp = b3 ^ b2;
1117 b3 = (tmp >> 36) | (tmp << (64 - 36));
1118 b2 -= b3 + k0;
1119 b3 -= k1;
1120
1121 tmp = b1 ^ b0;
1122 b1 = (tmp >> 46) | (tmp << (64 - 46));
1123 b0 -= b1 + k7;
1124 b1 -= k8;
1125
1126 tmp = b3 ^ b4;
1127 b3 = (tmp >> 22) | (tmp << (64 - 22));
1128 b4 -= b3;
1129
1130 tmp = b5 ^ b2;
1131 b5 = (tmp >> 56) | (tmp << (64 - 56));
1132 b2 -= b5;
1133
1134 tmp = b7 ^ b0;
1135 b7 = (tmp >> 35) | (tmp << (64 - 35));
1136 b0 -= b7;
1137
1138 tmp = b1 ^ b6;
1139 b1 = (tmp >> 8) | (tmp << (64 - 8));
1140 b6 -= b1;
1141
1142 tmp = b7 ^ b2;
1143 b7 = (tmp >> 43) | (tmp << (64 - 43));
1144 b2 -= b7;
1145
1146 tmp = b5 ^ b0;
1147 b5 = (tmp >> 39) | (tmp << (64 - 39));
1148 b0 -= b5;
1149
1150 tmp = b3 ^ b6;
1151 b3 = (tmp >> 29) | (tmp << (64 - 29));
1152 b6 -= b3;
1153
1154 tmp = b1 ^ b4;
1155 b1 = (tmp >> 25) | (tmp << (64 - 25));
1156 b4 -= b1;
1157
1158 tmp = b3 ^ b0;
1159 b3 = (tmp >> 17) | (tmp << (64 - 17));
1160 b0 -= b3;
1161
1162 tmp = b5 ^ b6;
1163 b5 = (tmp >> 10) | (tmp << (64 - 10));
1164 b6 -= b5;
1165
1166 tmp = b7 ^ b4;
1167 b7 = (tmp >> 50) | (tmp << (64 - 50));
1168 b4 -= b7;
1169
1170 tmp = b1 ^ b2;
1171 b1 = (tmp >> 13) | (tmp << (64 - 13));
1172 b2 -= b1;
1173
1174 tmp = b7 ^ b6;
1175 b7 = (tmp >> 24) | (tmp << (64 - 24));
1176 b6 -= b7 + k3 + t1;
1177 b7 -= k4 + 15;
1178
1179 tmp = b5 ^ b4;
1180 b5 = (tmp >> 34) | (tmp << (64 - 34));
1181 b4 -= b5 + k1;
1182 b5 -= k2 + t0;
1183
1184 tmp = b3 ^ b2;
1185 b3 = (tmp >> 30) | (tmp << (64 - 30));
1186 b2 -= b3 + k8;
1187 b3 -= k0;
1188
1189 tmp = b1 ^ b0;
1190 b1 = (tmp >> 39) | (tmp << (64 - 39));
1191 b0 -= b1 + k6;
1192 b1 -= k7;
1193
1194 tmp = b3 ^ b4;
1195 b3 = (tmp >> 56) | (tmp << (64 - 56));
1196 b4 -= b3;
1197
1198 tmp = b5 ^ b2;
1199 b5 = (tmp >> 54) | (tmp << (64 - 54));
1200 b2 -= b5;
1201
1202 tmp = b7 ^ b0;
1203 b7 = (tmp >> 9) | (tmp << (64 - 9));
1204 b0 -= b7;
1205
1206 tmp = b1 ^ b6;
1207 b1 = (tmp >> 44) | (tmp << (64 - 44));
1208 b6 -= b1;
1209
1210 tmp = b7 ^ b2;
1211 b7 = (tmp >> 39) | (tmp << (64 - 39));
1212 b2 -= b7;
1213
1214 tmp = b5 ^ b0;
1215 b5 = (tmp >> 36) | (tmp << (64 - 36));
1216 b0 -= b5;
1217
1218 tmp = b3 ^ b6;
1219 b3 = (tmp >> 49) | (tmp << (64 - 49));
1220 b6 -= b3;
1221
1222 tmp = b1 ^ b4;
1223 b1 = (tmp >> 17) | (tmp << (64 - 17));
1224 b4 -= b1;
1225
1226 tmp = b3 ^ b0;
1227 b3 = (tmp >> 42) | (tmp << (64 - 42));
1228 b0 -= b3;
1229
1230 tmp = b5 ^ b6;
1231 b5 = (tmp >> 14) | (tmp << (64 - 14));
1232 b6 -= b5;
1233
1234 tmp = b7 ^ b4;
1235 b7 = (tmp >> 27) | (tmp << (64 - 27));
1236 b4 -= b7;
1237
1238 tmp = b1 ^ b2;
1239 b1 = (tmp >> 33) | (tmp << (64 - 33));
1240 b2 -= b1;
1241
1242 tmp = b7 ^ b6;
1243 b7 = (tmp >> 37) | (tmp << (64 - 37));
1244 b6 -= b7 + k2 + t0;
1245 b7 -= k3 + 14;
1246
1247 tmp = b5 ^ b4;
1248 b5 = (tmp >> 19) | (tmp << (64 - 19));
1249 b4 -= b5 + k0;
1250 b5 -= k1 + t2;
1251
1252 tmp = b3 ^ b2;
1253 b3 = (tmp >> 36) | (tmp << (64 - 36));
1254 b2 -= b3 + k7;
1255 b3 -= k8;
1256
1257 tmp = b1 ^ b0;
1258 b1 = (tmp >> 46) | (tmp << (64 - 46));
1259 b0 -= b1 + k5;
1260 b1 -= k6;
1261
1262 tmp = b3 ^ b4;
1263 b3 = (tmp >> 22) | (tmp << (64 - 22));
1264 b4 -= b3;
1265
1266 tmp = b5 ^ b2;
1267 b5 = (tmp >> 56) | (tmp << (64 - 56));
1268 b2 -= b5;
1269
1270 tmp = b7 ^ b0;
1271 b7 = (tmp >> 35) | (tmp << (64 - 35));
1272 b0 -= b7;
1273
1274 tmp = b1 ^ b6;
1275 b1 = (tmp >> 8) | (tmp << (64 - 8));
1276 b6 -= b1;
1277
1278 tmp = b7 ^ b2;
1279 b7 = (tmp >> 43) | (tmp << (64 - 43));
1280 b2 -= b7;
1281
1282 tmp = b5 ^ b0;
1283 b5 = (tmp >> 39) | (tmp << (64 - 39));
1284 b0 -= b5;
1285
1286 tmp = b3 ^ b6;
1287 b3 = (tmp >> 29) | (tmp << (64 - 29));
1288 b6 -= b3;
1289
1290 tmp = b1 ^ b4;
1291 b1 = (tmp >> 25) | (tmp << (64 - 25));
1292 b4 -= b1;
1293
1294 tmp = b3 ^ b0;
1295 b3 = (tmp >> 17) | (tmp << (64 - 17));
1296 b0 -= b3;
1297
1298 tmp = b5 ^ b6;
1299 b5 = (tmp >> 10) | (tmp << (64 - 10));
1300 b6 -= b5;
1301
1302 tmp = b7 ^ b4;
1303 b7 = (tmp >> 50) | (tmp << (64 - 50));
1304 b4 -= b7;
1305
1306 tmp = b1 ^ b2;
1307 b1 = (tmp >> 13) | (tmp << (64 - 13));
1308 b2 -= b1;
1309
1310 tmp = b7 ^ b6;
1311 b7 = (tmp >> 24) | (tmp << (64 - 24));
1312 b6 -= b7 + k1 + t2;
1313 b7 -= k2 + 13;
1314
1315 tmp = b5 ^ b4;
1316 b5 = (tmp >> 34) | (tmp << (64 - 34));
1317 b4 -= b5 + k8;
1318 b5 -= k0 + t1;
1319
1320 tmp = b3 ^ b2;
1321 b3 = (tmp >> 30) | (tmp << (64 - 30));
1322 b2 -= b3 + k6;
1323 b3 -= k7;
1324
1325 tmp = b1 ^ b0;
1326 b1 = (tmp >> 39) | (tmp << (64 - 39));
1327 b0 -= b1 + k4;
1328 b1 -= k5;
1329
1330 tmp = b3 ^ b4;
1331 b3 = (tmp >> 56) | (tmp << (64 - 56));
1332 b4 -= b3;
1333
1334 tmp = b5 ^ b2;
1335 b5 = (tmp >> 54) | (tmp << (64 - 54));
1336 b2 -= b5;
1337
1338 tmp = b7 ^ b0;
1339 b7 = (tmp >> 9) | (tmp << (64 - 9));
1340 b0 -= b7;
1341
1342 tmp = b1 ^ b6;
1343 b1 = (tmp >> 44) | (tmp << (64 - 44));
1344 b6 -= b1;
1345
1346 tmp = b7 ^ b2;
1347 b7 = (tmp >> 39) | (tmp << (64 - 39));
1348 b2 -= b7;
1349
1350 tmp = b5 ^ b0;
1351 b5 = (tmp >> 36) | (tmp << (64 - 36));
1352 b0 -= b5;
1353
1354 tmp = b3 ^ b6;
1355 b3 = (tmp >> 49) | (tmp << (64 - 49));
1356 b6 -= b3;
1357
1358 tmp = b1 ^ b4;
1359 b1 = (tmp >> 17) | (tmp << (64 - 17));
1360 b4 -= b1;
1361
1362 tmp = b3 ^ b0;
1363 b3 = (tmp >> 42) | (tmp << (64 - 42));
1364 b0 -= b3;
1365
1366 tmp = b5 ^ b6;
1367 b5 = (tmp >> 14) | (tmp << (64 - 14));
1368 b6 -= b5;
1369
1370 tmp = b7 ^ b4;
1371 b7 = (tmp >> 27) | (tmp << (64 - 27));
1372 b4 -= b7;
1373
1374 tmp = b1 ^ b2;
1375 b1 = (tmp >> 33) | (tmp << (64 - 33));
1376 b2 -= b1;
1377
1378 tmp = b7 ^ b6;
1379 b7 = (tmp >> 37) | (tmp << (64 - 37));
1380 b6 -= b7 + k0 + t1;
1381 b7 -= k1 + 12;
1382
1383 tmp = b5 ^ b4;
1384 b5 = (tmp >> 19) | (tmp << (64 - 19));
1385 b4 -= b5 + k7;
1386 b5 -= k8 + t0;
1387
1388 tmp = b3 ^ b2;
1389 b3 = (tmp >> 36) | (tmp << (64 - 36));
1390 b2 -= b3 + k5;
1391 b3 -= k6;
1392
1393 tmp = b1 ^ b0;
1394 b1 = (tmp >> 46) | (tmp << (64 - 46));
1395 b0 -= b1 + k3;
1396 b1 -= k4;
1397
1398 tmp = b3 ^ b4;
1399 b3 = (tmp >> 22) | (tmp << (64 - 22));
1400 b4 -= b3;
1401
1402 tmp = b5 ^ b2;
1403 b5 = (tmp >> 56) | (tmp << (64 - 56));
1404 b2 -= b5;
1405
1406 tmp = b7 ^ b0;
1407 b7 = (tmp >> 35) | (tmp << (64 - 35));
1408 b0 -= b7;
1409
1410 tmp = b1 ^ b6;
1411 b1 = (tmp >> 8) | (tmp << (64 - 8));
1412 b6 -= b1;
1413
1414 tmp = b7 ^ b2;
1415 b7 = (tmp >> 43) | (tmp << (64 - 43));
1416 b2 -= b7;
1417
1418 tmp = b5 ^ b0;
1419 b5 = (tmp >> 39) | (tmp << (64 - 39));
1420 b0 -= b5;
1421
1422 tmp = b3 ^ b6;
1423 b3 = (tmp >> 29) | (tmp << (64 - 29));
1424 b6 -= b3;
1425
1426 tmp = b1 ^ b4;
1427 b1 = (tmp >> 25) | (tmp << (64 - 25));
1428 b4 -= b1;
1429
1430 tmp = b3 ^ b0;
1431 b3 = (tmp >> 17) | (tmp << (64 - 17));
1432 b0 -= b3;
1433
1434 tmp = b5 ^ b6;
1435 b5 = (tmp >> 10) | (tmp << (64 - 10));
1436 b6 -= b5;
1437
1438 tmp = b7 ^ b4;
1439 b7 = (tmp >> 50) | (tmp << (64 - 50));
1440 b4 -= b7;
1441
1442 tmp = b1 ^ b2;
1443 b1 = (tmp >> 13) | (tmp << (64 - 13));
1444 b2 -= b1;
1445
1446 tmp = b7 ^ b6;
1447 b7 = (tmp >> 24) | (tmp << (64 - 24));
1448 b6 -= b7 + k8 + t0;
1449 b7 -= k0 + 11;
1450
1451 tmp = b5 ^ b4;
1452 b5 = (tmp >> 34) | (tmp << (64 - 34));
1453 b4 -= b5 + k6;
1454 b5 -= k7 + t2;
1455
1456 tmp = b3 ^ b2;
1457 b3 = (tmp >> 30) | (tmp << (64 - 30));
1458 b2 -= b3 + k4;
1459 b3 -= k5;
1460
1461 tmp = b1 ^ b0;
1462 b1 = (tmp >> 39) | (tmp << (64 - 39));
1463 b0 -= b1 + k2;
1464 b1 -= k3;
1465
1466 tmp = b3 ^ b4;
1467 b3 = (tmp >> 56) | (tmp << (64 - 56));
1468 b4 -= b3;
1469
1470 tmp = b5 ^ b2;
1471 b5 = (tmp >> 54) | (tmp << (64 - 54));
1472 b2 -= b5;
1473
1474 tmp = b7 ^ b0;
1475 b7 = (tmp >> 9) | (tmp << (64 - 9));
1476 b0 -= b7;
1477
1478 tmp = b1 ^ b6;
1479 b1 = (tmp >> 44) | (tmp << (64 - 44));
1480 b6 -= b1;
1481
1482 tmp = b7 ^ b2;
1483 b7 = (tmp >> 39) | (tmp << (64 - 39));
1484 b2 -= b7;
1485
1486 tmp = b5 ^ b0;
1487 b5 = (tmp >> 36) | (tmp << (64 - 36));
1488 b0 -= b5;
1489
1490 tmp = b3 ^ b6;
1491 b3 = (tmp >> 49) | (tmp << (64 - 49));
1492 b6 -= b3;
1493
1494 tmp = b1 ^ b4;
1495 b1 = (tmp >> 17) | (tmp << (64 - 17));
1496 b4 -= b1;
1497
1498 tmp = b3 ^ b0;
1499 b3 = (tmp >> 42) | (tmp << (64 - 42));
1500 b0 -= b3;
1501
1502 tmp = b5 ^ b6;
1503 b5 = (tmp >> 14) | (tmp << (64 - 14));
1504 b6 -= b5;
1505
1506 tmp = b7 ^ b4;
1507 b7 = (tmp >> 27) | (tmp << (64 - 27));
1508 b4 -= b7;
1509
1510 tmp = b1 ^ b2;
1511 b1 = (tmp >> 33) | (tmp << (64 - 33));
1512 b2 -= b1;
1513
1514 tmp = b7 ^ b6;
1515 b7 = (tmp >> 37) | (tmp << (64 - 37));
1516 b6 -= b7 + k7 + t2;
1517 b7 -= k8 + 10;
1518
1519 tmp = b5 ^ b4;
1520 b5 = (tmp >> 19) | (tmp << (64 - 19));
1521 b4 -= b5 + k5;
1522 b5 -= k6 + t1;
1523
1524 tmp = b3 ^ b2;
1525 b3 = (tmp >> 36) | (tmp << (64 - 36));
1526 b2 -= b3 + k3;
1527 b3 -= k4;
1528
1529 tmp = b1 ^ b0;
1530 b1 = (tmp >> 46) | (tmp << (64 - 46));
1531 b0 -= b1 + k1;
1532 b1 -= k2;
1533
1534 tmp = b3 ^ b4;
1535 b3 = (tmp >> 22) | (tmp << (64 - 22));
1536 b4 -= b3;
1537
1538 tmp = b5 ^ b2;
1539 b5 = (tmp >> 56) | (tmp << (64 - 56));
1540 b2 -= b5;
1541
1542 tmp = b7 ^ b0;
1543 b7 = (tmp >> 35) | (tmp << (64 - 35));
1544 b0 -= b7;
1545
1546 tmp = b1 ^ b6;
1547 b1 = (tmp >> 8) | (tmp << (64 - 8));
1548 b6 -= b1;
1549
1550 tmp = b7 ^ b2;
1551 b7 = (tmp >> 43) | (tmp << (64 - 43));
1552 b2 -= b7;
1553
1554 tmp = b5 ^ b0;
1555 b5 = (tmp >> 39) | (tmp << (64 - 39));
1556 b0 -= b5;
1557
1558 tmp = b3 ^ b6;
1559 b3 = (tmp >> 29) | (tmp << (64 - 29));
1560 b6 -= b3;
1561
1562 tmp = b1 ^ b4;
1563 b1 = (tmp >> 25) | (tmp << (64 - 25));
1564 b4 -= b1;
1565
1566 tmp = b3 ^ b0;
1567 b3 = (tmp >> 17) | (tmp << (64 - 17));
1568 b0 -= b3;
1569
1570 tmp = b5 ^ b6;
1571 b5 = (tmp >> 10) | (tmp << (64 - 10));
1572 b6 -= b5;
1573
1574 tmp = b7 ^ b4;
1575 b7 = (tmp >> 50) | (tmp << (64 - 50));
1576 b4 -= b7;
1577
1578 tmp = b1 ^ b2;
1579 b1 = (tmp >> 13) | (tmp << (64 - 13));
1580 b2 -= b1;
1581
1582 tmp = b7 ^ b6;
1583 b7 = (tmp >> 24) | (tmp << (64 - 24));
1584 b6 -= b7 + k6 + t1;
1585 b7 -= k7 + 9;
1586
1587 tmp = b5 ^ b4;
1588 b5 = (tmp >> 34) | (tmp << (64 - 34));
1589 b4 -= b5 + k4;
1590 b5 -= k5 + t0;
1591
1592 tmp = b3 ^ b2;
1593 b3 = (tmp >> 30) | (tmp << (64 - 30));
1594 b2 -= b3 + k2;
1595 b3 -= k3;
1596
1597 tmp = b1 ^ b0;
1598 b1 = (tmp >> 39) | (tmp << (64 - 39));
1599 b0 -= b1 + k0;
1600 b1 -= k1;
1601
1602 tmp = b3 ^ b4;
1603 b3 = (tmp >> 56) | (tmp << (64 - 56));
1604 b4 -= b3;
1605
1606 tmp = b5 ^ b2;
1607 b5 = (tmp >> 54) | (tmp << (64 - 54));
1608 b2 -= b5;
1609
1610 tmp = b7 ^ b0;
1611 b7 = (tmp >> 9) | (tmp << (64 - 9));
1612 b0 -= b7;
1613
1614 tmp = b1 ^ b6;
1615 b1 = (tmp >> 44) | (tmp << (64 - 44));
1616 b6 -= b1;
1617
1618 tmp = b7 ^ b2;
1619 b7 = (tmp >> 39) | (tmp << (64 - 39));
1620 b2 -= b7;
1621
1622 tmp = b5 ^ b0;
1623 b5 = (tmp >> 36) | (tmp << (64 - 36));
1624 b0 -= b5;
1625
1626 tmp = b3 ^ b6;
1627 b3 = (tmp >> 49) | (tmp << (64 - 49));
1628 b6 -= b3;
1629
1630 tmp = b1 ^ b4;
1631 b1 = (tmp >> 17) | (tmp << (64 - 17));
1632 b4 -= b1;
1633
1634 tmp = b3 ^ b0;
1635 b3 = (tmp >> 42) | (tmp << (64 - 42));
1636 b0 -= b3;
1637
1638 tmp = b5 ^ b6;
1639 b5 = (tmp >> 14) | (tmp << (64 - 14));
1640 b6 -= b5;
1641
1642 tmp = b7 ^ b4;
1643 b7 = (tmp >> 27) | (tmp << (64 - 27));
1644 b4 -= b7;
1645
1646 tmp = b1 ^ b2;
1647 b1 = (tmp >> 33) | (tmp << (64 - 33));
1648 b2 -= b1;
1649
1650 tmp = b7 ^ b6;
1651 b7 = (tmp >> 37) | (tmp << (64 - 37));
1652 b6 -= b7 + k5 + t0;
1653 b7 -= k6 + 8;
1654
1655 tmp = b5 ^ b4;
1656 b5 = (tmp >> 19) | (tmp << (64 - 19));
1657 b4 -= b5 + k3;
1658 b5 -= k4 + t2;
1659
1660 tmp = b3 ^ b2;
1661 b3 = (tmp >> 36) | (tmp << (64 - 36));
1662 b2 -= b3 + k1;
1663 b3 -= k2;
1664
1665 tmp = b1 ^ b0;
1666 b1 = (tmp >> 46) | (tmp << (64 - 46));
1667 b0 -= b1 + k8;
1668 b1 -= k0;
1669
1670 tmp = b3 ^ b4;
1671 b3 = (tmp >> 22) | (tmp << (64 - 22));
1672 b4 -= b3;
1673
1674 tmp = b5 ^ b2;
1675 b5 = (tmp >> 56) | (tmp << (64 - 56));
1676 b2 -= b5;
1677
1678 tmp = b7 ^ b0;
1679 b7 = (tmp >> 35) | (tmp << (64 - 35));
1680 b0 -= b7;
1681
1682 tmp = b1 ^ b6;
1683 b1 = (tmp >> 8) | (tmp << (64 - 8));
1684 b6 -= b1;
1685
1686 tmp = b7 ^ b2;
1687 b7 = (tmp >> 43) | (tmp << (64 - 43));
1688 b2 -= b7;
1689
1690 tmp = b5 ^ b0;
1691 b5 = (tmp >> 39) | (tmp << (64 - 39));
1692 b0 -= b5;
1693
1694 tmp = b3 ^ b6;
1695 b3 = (tmp >> 29) | (tmp << (64 - 29));
1696 b6 -= b3;
1697
1698 tmp = b1 ^ b4;
1699 b1 = (tmp >> 25) | (tmp << (64 - 25));
1700 b4 -= b1;
1701
1702 tmp = b3 ^ b0;
1703 b3 = (tmp >> 17) | (tmp << (64 - 17));
1704 b0 -= b3;
1705
1706 tmp = b5 ^ b6;
1707 b5 = (tmp >> 10) | (tmp << (64 - 10));
1708 b6 -= b5;
1709
1710 tmp = b7 ^ b4;
1711 b7 = (tmp >> 50) | (tmp << (64 - 50));
1712 b4 -= b7;
1713
1714 tmp = b1 ^ b2;
1715 b1 = (tmp >> 13) | (tmp << (64 - 13));
1716 b2 -= b1;
1717
1718 tmp = b7 ^ b6;
1719 b7 = (tmp >> 24) | (tmp << (64 - 24));
1720 b6 -= b7 + k4 + t2;
1721 b7 -= k5 + 7;
1722
1723 tmp = b5 ^ b4;
1724 b5 = (tmp >> 34) | (tmp << (64 - 34));
1725 b4 -= b5 + k2;
1726 b5 -= k3 + t1;
1727
1728 tmp = b3 ^ b2;
1729 b3 = (tmp >> 30) | (tmp << (64 - 30));
1730 b2 -= b3 + k0;
1731 b3 -= k1;
1732
1733 tmp = b1 ^ b0;
1734 b1 = (tmp >> 39) | (tmp << (64 - 39));
1735 b0 -= b1 + k7;
1736 b1 -= k8;
1737
1738 tmp = b3 ^ b4;
1739 b3 = (tmp >> 56) | (tmp << (64 - 56));
1740 b4 -= b3;
1741
1742 tmp = b5 ^ b2;
1743 b5 = (tmp >> 54) | (tmp << (64 - 54));
1744 b2 -= b5;
1745
1746 tmp = b7 ^ b0;
1747 b7 = (tmp >> 9) | (tmp << (64 - 9));
1748 b0 -= b7;
1749
1750 tmp = b1 ^ b6;
1751 b1 = (tmp >> 44) | (tmp << (64 - 44));
1752 b6 -= b1;
1753
1754 tmp = b7 ^ b2;
1755 b7 = (tmp >> 39) | (tmp << (64 - 39));
1756 b2 -= b7;
1757
1758 tmp = b5 ^ b0;
1759 b5 = (tmp >> 36) | (tmp << (64 - 36));
1760 b0 -= b5;
1761
1762 tmp = b3 ^ b6;
1763 b3 = (tmp >> 49) | (tmp << (64 - 49));
1764 b6 -= b3;
1765
1766 tmp = b1 ^ b4;
1767 b1 = (tmp >> 17) | (tmp << (64 - 17));
1768 b4 -= b1;
1769
1770 tmp = b3 ^ b0;
1771 b3 = (tmp >> 42) | (tmp << (64 - 42));
1772 b0 -= b3;
1773
1774 tmp = b5 ^ b6;
1775 b5 = (tmp >> 14) | (tmp << (64 - 14));
1776 b6 -= b5;
1777
1778 tmp = b7 ^ b4;
1779 b7 = (tmp >> 27) | (tmp << (64 - 27));
1780 b4 -= b7;
1781
1782 tmp = b1 ^ b2;
1783 b1 = (tmp >> 33) | (tmp << (64 - 33));
1784 b2 -= b1;
1785
1786 tmp = b7 ^ b6;
1787 b7 = (tmp >> 37) | (tmp << (64 - 37));
1788 b6 -= b7 + k3 + t1;
1789 b7 -= k4 + 6;
1790
1791 tmp = b5 ^ b4;
1792 b5 = (tmp >> 19) | (tmp << (64 - 19));
1793 b4 -= b5 + k1;
1794 b5 -= k2 + t0;
1795
1796 tmp = b3 ^ b2;
1797 b3 = (tmp >> 36) | (tmp << (64 - 36));
1798 b2 -= b3 + k8;
1799 b3 -= k0;
1800
1801 tmp = b1 ^ b0;
1802 b1 = (tmp >> 46) | (tmp << (64 - 46));
1803 b0 -= b1 + k6;
1804 b1 -= k7;
1805
1806 tmp = b3 ^ b4;
1807 b3 = (tmp >> 22) | (tmp << (64 - 22));
1808 b4 -= b3;
1809
1810 tmp = b5 ^ b2;
1811 b5 = (tmp >> 56) | (tmp << (64 - 56));
1812 b2 -= b5;
1813
1814 tmp = b7 ^ b0;
1815 b7 = (tmp >> 35) | (tmp << (64 - 35));
1816 b0 -= b7;
1817
1818 tmp = b1 ^ b6;
1819 b1 = (tmp >> 8) | (tmp << (64 - 8));
1820 b6 -= b1;
1821
1822 tmp = b7 ^ b2;
1823 b7 = (tmp >> 43) | (tmp << (64 - 43));
1824 b2 -= b7;
1825
1826 tmp = b5 ^ b0;
1827 b5 = (tmp >> 39) | (tmp << (64 - 39));
1828 b0 -= b5;
1829
1830 tmp = b3 ^ b6;
1831 b3 = (tmp >> 29) | (tmp << (64 - 29));
1832 b6 -= b3;
1833
1834 tmp = b1 ^ b4;
1835 b1 = (tmp >> 25) | (tmp << (64 - 25));
1836 b4 -= b1;
1837
1838 tmp = b3 ^ b0;
1839 b3 = (tmp >> 17) | (tmp << (64 - 17));
1840 b0 -= b3;
1841
1842 tmp = b5 ^ b6;
1843 b5 = (tmp >> 10) | (tmp << (64 - 10));
1844 b6 -= b5;
1845
1846 tmp = b7 ^ b4;
1847 b7 = (tmp >> 50) | (tmp << (64 - 50));
1848 b4 -= b7;
1849
1850 tmp = b1 ^ b2;
1851 b1 = (tmp >> 13) | (tmp << (64 - 13));
1852 b2 -= b1;
1853
1854 tmp = b7 ^ b6;
1855 b7 = (tmp >> 24) | (tmp << (64 - 24));
1856 b6 -= b7 + k2 + t0;
1857 b7 -= k3 + 5;
1858
1859 tmp = b5 ^ b4;
1860 b5 = (tmp >> 34) | (tmp << (64 - 34));
1861 b4 -= b5 + k0;
1862 b5 -= k1 + t2;
1863
1864 tmp = b3 ^ b2;
1865 b3 = (tmp >> 30) | (tmp << (64 - 30));
1866 b2 -= b3 + k7;
1867 b3 -= k8;
1868
1869 tmp = b1 ^ b0;
1870 b1 = (tmp >> 39) | (tmp << (64 - 39));
1871 b0 -= b1 + k5;
1872 b1 -= k6;
1873
1874 tmp = b3 ^ b4;
1875 b3 = (tmp >> 56) | (tmp << (64 - 56));
1876 b4 -= b3;
1877
1878 tmp = b5 ^ b2;
1879 b5 = (tmp >> 54) | (tmp << (64 - 54));
1880 b2 -= b5;
1881
1882 tmp = b7 ^ b0;
1883 b7 = (tmp >> 9) | (tmp << (64 - 9));
1884 b0 -= b7;
1885
1886 tmp = b1 ^ b6;
1887 b1 = (tmp >> 44) | (tmp << (64 - 44));
1888 b6 -= b1;
1889
1890 tmp = b7 ^ b2;
1891 b7 = (tmp >> 39) | (tmp << (64 - 39));
1892 b2 -= b7;
1893
1894 tmp = b5 ^ b0;
1895 b5 = (tmp >> 36) | (tmp << (64 - 36));
1896 b0 -= b5;
1897
1898 tmp = b3 ^ b6;
1899 b3 = (tmp >> 49) | (tmp << (64 - 49));
1900 b6 -= b3;
1901
1902 tmp = b1 ^ b4;
1903 b1 = (tmp >> 17) | (tmp << (64 - 17));
1904 b4 -= b1;
1905
1906 tmp = b3 ^ b0;
1907 b3 = (tmp >> 42) | (tmp << (64 - 42));
1908 b0 -= b3;
1909
1910 tmp = b5 ^ b6;
1911 b5 = (tmp >> 14) | (tmp << (64 - 14));
1912 b6 -= b5;
1913
1914 tmp = b7 ^ b4;
1915 b7 = (tmp >> 27) | (tmp << (64 - 27));
1916 b4 -= b7;
1917
1918 tmp = b1 ^ b2;
1919 b1 = (tmp >> 33) | (tmp << (64 - 33));
1920 b2 -= b1;
1921
1922 tmp = b7 ^ b6;
1923 b7 = (tmp >> 37) | (tmp << (64 - 37));
1924 b6 -= b7 + k1 + t2;
1925 b7 -= k2 + 4;
1926
1927 tmp = b5 ^ b4;
1928 b5 = (tmp >> 19) | (tmp << (64 - 19));
1929 b4 -= b5 + k8;
1930 b5 -= k0 + t1;
1931
1932 tmp = b3 ^ b2;
1933 b3 = (tmp >> 36) | (tmp << (64 - 36));
1934 b2 -= b3 + k6;
1935 b3 -= k7;
1936
1937 tmp = b1 ^ b0;
1938 b1 = (tmp >> 46) | (tmp << (64 - 46));
1939 b0 -= b1 + k4;
1940 b1 -= k5;
1941
1942 tmp = b3 ^ b4;
1943 b3 = (tmp >> 22) | (tmp << (64 - 22));
1944 b4 -= b3;
1945
1946 tmp = b5 ^ b2;
1947 b5 = (tmp >> 56) | (tmp << (64 - 56));
1948 b2 -= b5;
1949
1950 tmp = b7 ^ b0;
1951 b7 = (tmp >> 35) | (tmp << (64 - 35));
1952 b0 -= b7;
1953
1954 tmp = b1 ^ b6;
1955 b1 = (tmp >> 8) | (tmp << (64 - 8));
1956 b6 -= b1;
1957
1958 tmp = b7 ^ b2;
1959 b7 = (tmp >> 43) | (tmp << (64 - 43));
1960 b2 -= b7;
1961
1962 tmp = b5 ^ b0;
1963 b5 = (tmp >> 39) | (tmp << (64 - 39));
1964 b0 -= b5;
1965
1966 tmp = b3 ^ b6;
1967 b3 = (tmp >> 29) | (tmp << (64 - 29));
1968 b6 -= b3;
1969
1970 tmp = b1 ^ b4;
1971 b1 = (tmp >> 25) | (tmp << (64 - 25));
1972 b4 -= b1;
1973
1974 tmp = b3 ^ b0;
1975 b3 = (tmp >> 17) | (tmp << (64 - 17));
1976 b0 -= b3;
1977
1978 tmp = b5 ^ b6;
1979 b5 = (tmp >> 10) | (tmp << (64 - 10));
1980 b6 -= b5;
1981
1982 tmp = b7 ^ b4;
1983 b7 = (tmp >> 50) | (tmp << (64 - 50));
1984 b4 -= b7;
1985
1986 tmp = b1 ^ b2;
1987 b1 = (tmp >> 13) | (tmp << (64 - 13));
1988 b2 -= b1;
1989
1990 tmp = b7 ^ b6;
1991 b7 = (tmp >> 24) | (tmp << (64 - 24));
1992 b6 -= b7 + k0 + t1;
1993 b7 -= k1 + 3;
1994
1995 tmp = b5 ^ b4;
1996 b5 = (tmp >> 34) | (tmp << (64 - 34));
1997 b4 -= b5 + k7;
1998 b5 -= k8 + t0;
1999
2000 tmp = b3 ^ b2;
2001 b3 = (tmp >> 30) | (tmp << (64 - 30));
2002 b2 -= b3 + k5;
2003 b3 -= k6;
2004
2005 tmp = b1 ^ b0;
2006 b1 = (tmp >> 39) | (tmp << (64 - 39));
2007 b0 -= b1 + k3;
2008 b1 -= k4;
2009
2010 tmp = b3 ^ b4;
2011 b3 = (tmp >> 56) | (tmp << (64 - 56));
2012 b4 -= b3;
2013
2014 tmp = b5 ^ b2;
2015 b5 = (tmp >> 54) | (tmp << (64 - 54));
2016 b2 -= b5;
2017
2018 tmp = b7 ^ b0;
2019 b7 = (tmp >> 9) | (tmp << (64 - 9));
2020 b0 -= b7;
2021
2022 tmp = b1 ^ b6;
2023 b1 = (tmp >> 44) | (tmp << (64 - 44));
2024 b6 -= b1;
2025
2026 tmp = b7 ^ b2;
2027 b7 = (tmp >> 39) | (tmp << (64 - 39));
2028 b2 -= b7;
2029
2030 tmp = b5 ^ b0;
2031 b5 = (tmp >> 36) | (tmp << (64 - 36));
2032 b0 -= b5;
2033
2034 tmp = b3 ^ b6;
2035 b3 = (tmp >> 49) | (tmp << (64 - 49));
2036 b6 -= b3;
2037
2038 tmp = b1 ^ b4;
2039 b1 = (tmp >> 17) | (tmp << (64 - 17));
2040 b4 -= b1;
2041
2042 tmp = b3 ^ b0;
2043 b3 = (tmp >> 42) | (tmp << (64 - 42));
2044 b0 -= b3;
2045
2046 tmp = b5 ^ b6;
2047 b5 = (tmp >> 14) | (tmp << (64 - 14));
2048 b6 -= b5;
2049
2050 tmp = b7 ^ b4;
2051 b7 = (tmp >> 27) | (tmp << (64 - 27));
2052 b4 -= b7;
2053
2054 tmp = b1 ^ b2;
2055 b1 = (tmp >> 33) | (tmp << (64 - 33));
2056 b2 -= b1;
2057
2058 tmp = b7 ^ b6;
2059 b7 = (tmp >> 37) | (tmp << (64 - 37));
2060 b6 -= b7 + k8 + t0;
2061 b7 -= k0 + 2;
2062
2063 tmp = b5 ^ b4;
2064 b5 = (tmp >> 19) | (tmp << (64 - 19));
2065 b4 -= b5 + k6;
2066 b5 -= k7 + t2;
2067
2068 tmp = b3 ^ b2;
2069 b3 = (tmp >> 36) | (tmp << (64 - 36));
2070 b2 -= b3 + k4;
2071 b3 -= k5;
2072
2073 tmp = b1 ^ b0;
2074 b1 = (tmp >> 46) | (tmp << (64 - 46));
2075 b0 -= b1 + k2;
2076 b1 -= k3;
2077
2078 tmp = b3 ^ b4;
2079 b3 = (tmp >> 22) | (tmp << (64 - 22));
2080 b4 -= b3;
2081
2082 tmp = b5 ^ b2;
2083 b5 = (tmp >> 56) | (tmp << (64 - 56));
2084 b2 -= b5;
2085
2086 tmp = b7 ^ b0;
2087 b7 = (tmp >> 35) | (tmp << (64 - 35));
2088 b0 -= b7;
2089
2090 tmp = b1 ^ b6;
2091 b1 = (tmp >> 8) | (tmp << (64 - 8));
2092 b6 -= b1;
2093
2094 tmp = b7 ^ b2;
2095 b7 = (tmp >> 43) | (tmp << (64 - 43));
2096 b2 -= b7;
2097
2098 tmp = b5 ^ b0;
2099 b5 = (tmp >> 39) | (tmp << (64 - 39));
2100 b0 -= b5;
2101
2102 tmp = b3 ^ b6;
2103 b3 = (tmp >> 29) | (tmp << (64 - 29));
2104 b6 -= b3;
2105
2106 tmp = b1 ^ b4;
2107 b1 = (tmp >> 25) | (tmp << (64 - 25));
2108 b4 -= b1;
2109
2110 tmp = b3 ^ b0;
2111 b3 = (tmp >> 17) | (tmp << (64 - 17));
2112 b0 -= b3;
2113
2114 tmp = b5 ^ b6;
2115 b5 = (tmp >> 10) | (tmp << (64 - 10));
2116 b6 -= b5;
2117
2118 tmp = b7 ^ b4;
2119 b7 = (tmp >> 50) | (tmp << (64 - 50));
2120 b4 -= b7;
2121
2122 tmp = b1 ^ b2;
2123 b1 = (tmp >> 13) | (tmp << (64 - 13));
2124 b2 -= b1;
2125
2126 tmp = b7 ^ b6;
2127 b7 = (tmp >> 24) | (tmp << (64 - 24));
2128 b6 -= b7 + k7 + t2;
2129 b7 -= k8 + 1;
2130
2131 tmp = b5 ^ b4;
2132 b5 = (tmp >> 34) | (tmp << (64 - 34));
2133 b4 -= b5 + k5;
2134 b5 -= k6 + t1;
2135
2136 tmp = b3 ^ b2;
2137 b3 = (tmp >> 30) | (tmp << (64 - 30));
2138 b2 -= b3 + k3;
2139 b3 -= k4;
2140
2141 tmp = b1 ^ b0;
2142 b1 = (tmp >> 39) | (tmp << (64 - 39));
2143 b0 -= b1 + k1;
2144 b1 -= k2;
2145
2146 tmp = b3 ^ b4;
2147 b3 = (tmp >> 56) | (tmp << (64 - 56));
2148 b4 -= b3;
2149
2150 tmp = b5 ^ b2;
2151 b5 = (tmp >> 54) | (tmp << (64 - 54));
2152 b2 -= b5;
2153
2154 tmp = b7 ^ b0;
2155 b7 = (tmp >> 9) | (tmp << (64 - 9));
2156 b0 -= b7;
2157
2158 tmp = b1 ^ b6;
2159 b1 = (tmp >> 44) | (tmp << (64 - 44));
2160 b6 -= b1;
2161
2162 tmp = b7 ^ b2;
2163 b7 = (tmp >> 39) | (tmp << (64 - 39));
2164 b2 -= b7;
2165
2166 tmp = b5 ^ b0;
2167 b5 = (tmp >> 36) | (tmp << (64 - 36));
2168 b0 -= b5;
2169
2170 tmp = b3 ^ b6;
2171 b3 = (tmp >> 49) | (tmp << (64 - 49));
2172 b6 -= b3;
2173
2174 tmp = b1 ^ b4;
2175 b1 = (tmp >> 17) | (tmp << (64 - 17));
2176 b4 -= b1;
2177
2178 tmp = b3 ^ b0;
2179 b3 = (tmp >> 42) | (tmp << (64 - 42));
2180 b0 -= b3;
2181
2182 tmp = b5 ^ b6;
2183 b5 = (tmp >> 14) | (tmp << (64 - 14));
2184 b6 -= b5;
2185
2186 tmp = b7 ^ b4;
2187 b7 = (tmp >> 27) | (tmp << (64 - 27));
2188 b4 -= b7;
2189
2190 tmp = b1 ^ b2;
2191 b1 = (tmp >> 33) | (tmp << (64 - 33));
2192 b2 -= b1;
2193
2194 tmp = b7 ^ b6;
2195 b7 = (tmp >> 37) | (tmp << (64 - 37));
2196 b6 -= b7 + k6 + t1;
2197 b7 -= k7;
2198
2199 tmp = b5 ^ b4;
2200 b5 = (tmp >> 19) | (tmp << (64 - 19));
2201 b4 -= b5 + k4;
2202 b5 -= k5 + t0;
2203
2204 tmp = b3 ^ b2;
2205 b3 = (tmp >> 36) | (tmp << (64 - 36));
2206 b2 -= b3 + k2;
2207 b3 -= k3;
2208
2209 tmp = b1 ^ b0;
2210 b1 = (tmp >> 46) | (tmp << (64 - 46));
2211 b0 -= b1 + k0;
2212 b1 -= k1;
Jason Cooper449bb812014-03-24 01:48:58 +0000[diff] [blame]2213
Jason Cooper39bd42b2014-03-24 01:49:09 +0000[diff] [blame]2214 output[0] = b0;
2215 output[1] = b1;
2216 output[2] = b2;
2217 output[3] = b3;
Jason Cooper449bb812014-03-24 01:48:58 +0000[diff] [blame]2218
Jason Cooper39bd42b2014-03-24 01:49:09 +0000[diff] [blame]2219 output[7] = b7;
2220 output[6] = b6;
2221 output[5] = b5;
2222 output[4] = b4;
Jason Cooper449bb812014-03-24 01:48:58 +0000[diff] [blame]2223}