Christian Heimes | 4a0270d | 2012-10-06 02:23:36 +0200 | [diff] [blame] | 1 | /* |
| 2 | The Keccak sponge function, designed by Guido Bertoni, Joan Daemen, |
| 3 | Michaƫl Peeters and Gilles Van Assche. For more information, feedback or |
| 4 | questions, please refer to our website: http://keccak.noekeon.org/ |
| 5 | |
| 6 | Implementation by Ronny Van Keer, |
| 7 | hereby denoted as "the implementer". |
| 8 | |
| 9 | To the extent possible under law, the implementer has waived all copyright |
| 10 | and related or neighboring rights to the source code in this file. |
| 11 | http://creativecommons.org/publicdomain/zero/1.0/ |
| 12 | */ |
| 13 | |
| 14 | static const UINT32 KeccakF1600RoundConstants_int2[2*24] = |
| 15 | { |
| 16 | 0x00000001UL, 0x00000000UL, |
| 17 | 0x00000000UL, 0x00000089UL, |
| 18 | 0x00000000UL, 0x8000008bUL, |
| 19 | 0x00000000UL, 0x80008080UL, |
| 20 | 0x00000001UL, 0x0000008bUL, |
| 21 | 0x00000001UL, 0x00008000UL, |
| 22 | 0x00000001UL, 0x80008088UL, |
| 23 | 0x00000001UL, 0x80000082UL, |
| 24 | 0x00000000UL, 0x0000000bUL, |
| 25 | 0x00000000UL, 0x0000000aUL, |
| 26 | 0x00000001UL, 0x00008082UL, |
| 27 | 0x00000000UL, 0x00008003UL, |
| 28 | 0x00000001UL, 0x0000808bUL, |
| 29 | 0x00000001UL, 0x8000000bUL, |
| 30 | 0x00000001UL, 0x8000008aUL, |
| 31 | 0x00000001UL, 0x80000081UL, |
| 32 | 0x00000000UL, 0x80000081UL, |
| 33 | 0x00000000UL, 0x80000008UL, |
| 34 | 0x00000000UL, 0x00000083UL, |
| 35 | 0x00000000UL, 0x80008003UL, |
| 36 | 0x00000001UL, 0x80008088UL, |
| 37 | 0x00000000UL, 0x80000088UL, |
| 38 | 0x00000001UL, 0x00008000UL, |
| 39 | 0x00000000UL, 0x80008082UL |
| 40 | }; |
| 41 | |
| 42 | #undef rounds |
| 43 | |
| 44 | #define rounds \ |
| 45 | { \ |
| 46 | UINT32 Da0, De0, Di0, Do0, Du0; \ |
| 47 | UINT32 Da1, De1, Di1, Do1, Du1; \ |
| 48 | UINT32 Ba, Be, Bi, Bo, Bu; \ |
| 49 | UINT32 Aba0, Abe0, Abi0, Abo0, Abu0; \ |
| 50 | UINT32 Aba1, Abe1, Abi1, Abo1, Abu1; \ |
| 51 | UINT32 Aga0, Age0, Agi0, Ago0, Agu0; \ |
| 52 | UINT32 Aga1, Age1, Agi1, Ago1, Agu1; \ |
| 53 | UINT32 Aka0, Ake0, Aki0, Ako0, Aku0; \ |
| 54 | UINT32 Aka1, Ake1, Aki1, Ako1, Aku1; \ |
| 55 | UINT32 Ama0, Ame0, Ami0, Amo0, Amu0; \ |
| 56 | UINT32 Ama1, Ame1, Ami1, Amo1, Amu1; \ |
| 57 | UINT32 Asa0, Ase0, Asi0, Aso0, Asu0; \ |
| 58 | UINT32 Asa1, Ase1, Asi1, Aso1, Asu1; \ |
| 59 | UINT32 Cw, Cx, Cy, Cz; \ |
| 60 | UINT32 Eba0, Ebe0, Ebi0, Ebo0, Ebu0; \ |
| 61 | UINT32 Eba1, Ebe1, Ebi1, Ebo1, Ebu1; \ |
| 62 | UINT32 Ega0, Ege0, Egi0, Ego0, Egu0; \ |
| 63 | UINT32 Ega1, Ege1, Egi1, Ego1, Egu1; \ |
| 64 | UINT32 Eka0, Eke0, Eki0, Eko0, Eku0; \ |
| 65 | UINT32 Eka1, Eke1, Eki1, Eko1, Eku1; \ |
| 66 | UINT32 Ema0, Eme0, Emi0, Emo0, Emu0; \ |
| 67 | UINT32 Ema1, Eme1, Emi1, Emo1, Emu1; \ |
| 68 | UINT32 Esa0, Ese0, Esi0, Eso0, Esu0; \ |
| 69 | UINT32 Esa1, Ese1, Esi1, Eso1, Esu1; \ |
| 70 | const UINT32 * pRoundConstants = KeccakF1600RoundConstants_int2; \ |
| 71 | UINT32 i; \ |
| 72 | \ |
| 73 | copyFromState(A, state) \ |
| 74 | \ |
| 75 | for( i = 12; i != 0; --i ) { \ |
| 76 | Cx = Abu0^Agu0^Aku0^Amu0^Asu0; \ |
| 77 | Du1 = Abe1^Age1^Ake1^Ame1^Ase1; \ |
| 78 | Da0 = Cx^ROL32(Du1, 1); \ |
| 79 | Cz = Abu1^Agu1^Aku1^Amu1^Asu1; \ |
| 80 | Du0 = Abe0^Age0^Ake0^Ame0^Ase0; \ |
| 81 | Da1 = Cz^Du0; \ |
| 82 | \ |
| 83 | Cw = Abi0^Agi0^Aki0^Ami0^Asi0; \ |
| 84 | Do0 = Cw^ROL32(Cz, 1); \ |
| 85 | Cy = Abi1^Agi1^Aki1^Ami1^Asi1; \ |
| 86 | Do1 = Cy^Cx; \ |
| 87 | \ |
| 88 | Cx = Aba0^Aga0^Aka0^Ama0^Asa0; \ |
| 89 | De0 = Cx^ROL32(Cy, 1); \ |
| 90 | Cz = Aba1^Aga1^Aka1^Ama1^Asa1; \ |
| 91 | De1 = Cz^Cw; \ |
| 92 | \ |
| 93 | Cy = Abo1^Ago1^Ako1^Amo1^Aso1; \ |
| 94 | Di0 = Du0^ROL32(Cy, 1); \ |
| 95 | Cw = Abo0^Ago0^Ako0^Amo0^Aso0; \ |
| 96 | Di1 = Du1^Cw; \ |
| 97 | \ |
| 98 | Du0 = Cw^ROL32(Cz, 1); \ |
| 99 | Du1 = Cy^Cx; \ |
| 100 | \ |
| 101 | Aba0 ^= Da0; \ |
| 102 | Ba = Aba0; \ |
| 103 | Age0 ^= De0; \ |
| 104 | Be = ROL32(Age0, 22); \ |
| 105 | Aki1 ^= Di1; \ |
| 106 | Bi = ROL32(Aki1, 22); \ |
| 107 | Amo1 ^= Do1; \ |
| 108 | Bo = ROL32(Amo1, 11); \ |
| 109 | Asu0 ^= Du0; \ |
| 110 | Bu = ROL32(Asu0, 7); \ |
| 111 | Eba0 = Ba ^((~Be)& Bi ) ^ *(pRoundConstants++); \ |
| 112 | Ebe0 = Be ^((~Bi)& Bo ); \ |
| 113 | Ebi0 = Bi ^((~Bo)& Bu ); \ |
| 114 | Ebo0 = Bo ^((~Bu)& Ba ); \ |
| 115 | Ebu0 = Bu ^((~Ba)& Be ); \ |
| 116 | \ |
| 117 | Abo0 ^= Do0; \ |
| 118 | Ba = ROL32(Abo0, 14); \ |
| 119 | Agu0 ^= Du0; \ |
| 120 | Be = ROL32(Agu0, 10); \ |
| 121 | Aka1 ^= Da1; \ |
| 122 | Bi = ROL32(Aka1, 2); \ |
| 123 | Ame1 ^= De1; \ |
| 124 | Bo = ROL32(Ame1, 23); \ |
| 125 | Asi1 ^= Di1; \ |
| 126 | Bu = ROL32(Asi1, 31); \ |
| 127 | Ega0 = Ba ^((~Be)& Bi ); \ |
| 128 | Ege0 = Be ^((~Bi)& Bo ); \ |
| 129 | Egi0 = Bi ^((~Bo)& Bu ); \ |
| 130 | Ego0 = Bo ^((~Bu)& Ba ); \ |
| 131 | Egu0 = Bu ^((~Ba)& Be ); \ |
| 132 | \ |
| 133 | Abe1 ^= De1; \ |
| 134 | Ba = ROL32(Abe1, 1); \ |
| 135 | Agi0 ^= Di0; \ |
| 136 | Be = ROL32(Agi0, 3); \ |
| 137 | Ako1 ^= Do1; \ |
| 138 | Bi = ROL32(Ako1, 13); \ |
| 139 | Amu0 ^= Du0; \ |
| 140 | Bo = ROL32(Amu0, 4); \ |
| 141 | Asa0 ^= Da0; \ |
| 142 | Bu = ROL32(Asa0, 9); \ |
| 143 | Eka0 = Ba ^((~Be)& Bi ); \ |
| 144 | Eke0 = Be ^((~Bi)& Bo ); \ |
| 145 | Eki0 = Bi ^((~Bo)& Bu ); \ |
| 146 | Eko0 = Bo ^((~Bu)& Ba ); \ |
| 147 | Eku0 = Bu ^((~Ba)& Be ); \ |
| 148 | \ |
| 149 | Abu1 ^= Du1; \ |
| 150 | Ba = ROL32(Abu1, 14); \ |
| 151 | Aga0 ^= Da0; \ |
| 152 | Be = ROL32(Aga0, 18); \ |
| 153 | Ake0 ^= De0; \ |
| 154 | Bi = ROL32(Ake0, 5); \ |
| 155 | Ami1 ^= Di1; \ |
| 156 | Bo = ROL32(Ami1, 8); \ |
| 157 | Aso0 ^= Do0; \ |
| 158 | Bu = ROL32(Aso0, 28); \ |
| 159 | Ema0 = Ba ^((~Be)& Bi ); \ |
| 160 | Eme0 = Be ^((~Bi)& Bo ); \ |
| 161 | Emi0 = Bi ^((~Bo)& Bu ); \ |
| 162 | Emo0 = Bo ^((~Bu)& Ba ); \ |
| 163 | Emu0 = Bu ^((~Ba)& Be ); \ |
| 164 | \ |
| 165 | Abi0 ^= Di0; \ |
| 166 | Ba = ROL32(Abi0, 31); \ |
| 167 | Ago1 ^= Do1; \ |
| 168 | Be = ROL32(Ago1, 28); \ |
| 169 | Aku1 ^= Du1; \ |
| 170 | Bi = ROL32(Aku1, 20); \ |
| 171 | Ama1 ^= Da1; \ |
| 172 | Bo = ROL32(Ama1, 21); \ |
| 173 | Ase0 ^= De0; \ |
| 174 | Bu = ROL32(Ase0, 1); \ |
| 175 | Esa0 = Ba ^((~Be)& Bi ); \ |
| 176 | Ese0 = Be ^((~Bi)& Bo ); \ |
| 177 | Esi0 = Bi ^((~Bo)& Bu ); \ |
| 178 | Eso0 = Bo ^((~Bu)& Ba ); \ |
| 179 | Esu0 = Bu ^((~Ba)& Be ); \ |
| 180 | \ |
| 181 | Aba1 ^= Da1; \ |
| 182 | Ba = Aba1; \ |
| 183 | Age1 ^= De1; \ |
| 184 | Be = ROL32(Age1, 22); \ |
| 185 | Aki0 ^= Di0; \ |
| 186 | Bi = ROL32(Aki0, 21); \ |
| 187 | Amo0 ^= Do0; \ |
| 188 | Bo = ROL32(Amo0, 10); \ |
| 189 | Asu1 ^= Du1; \ |
| 190 | Bu = ROL32(Asu1, 7); \ |
| 191 | Eba1 = Ba ^((~Be)& Bi ); \ |
| 192 | Eba1 ^= *(pRoundConstants++); \ |
| 193 | Ebe1 = Be ^((~Bi)& Bo ); \ |
| 194 | Ebi1 = Bi ^((~Bo)& Bu ); \ |
| 195 | Ebo1 = Bo ^((~Bu)& Ba ); \ |
| 196 | Ebu1 = Bu ^((~Ba)& Be ); \ |
| 197 | \ |
| 198 | Abo1 ^= Do1; \ |
| 199 | Ba = ROL32(Abo1, 14); \ |
| 200 | Agu1 ^= Du1; \ |
| 201 | Be = ROL32(Agu1, 10); \ |
| 202 | Aka0 ^= Da0; \ |
| 203 | Bi = ROL32(Aka0, 1); \ |
| 204 | Ame0 ^= De0; \ |
| 205 | Bo = ROL32(Ame0, 22); \ |
| 206 | Asi0 ^= Di0; \ |
| 207 | Bu = ROL32(Asi0, 30); \ |
| 208 | Ega1 = Ba ^((~Be)& Bi ); \ |
| 209 | Ege1 = Be ^((~Bi)& Bo ); \ |
| 210 | Egi1 = Bi ^((~Bo)& Bu ); \ |
| 211 | Ego1 = Bo ^((~Bu)& Ba ); \ |
| 212 | Egu1 = Bu ^((~Ba)& Be ); \ |
| 213 | \ |
| 214 | Abe0 ^= De0; \ |
| 215 | Ba = Abe0; \ |
| 216 | Agi1 ^= Di1; \ |
| 217 | Be = ROL32(Agi1, 3); \ |
| 218 | Ako0 ^= Do0; \ |
| 219 | Bi = ROL32(Ako0, 12); \ |
| 220 | Amu1 ^= Du1; \ |
| 221 | Bo = ROL32(Amu1, 4); \ |
| 222 | Asa1 ^= Da1; \ |
| 223 | Bu = ROL32(Asa1, 9); \ |
| 224 | Eka1 = Ba ^((~Be)& Bi ); \ |
| 225 | Eke1 = Be ^((~Bi)& Bo ); \ |
| 226 | Eki1 = Bi ^((~Bo)& Bu ); \ |
| 227 | Eko1 = Bo ^((~Bu)& Ba ); \ |
| 228 | Eku1 = Bu ^((~Ba)& Be ); \ |
| 229 | \ |
| 230 | Abu0 ^= Du0; \ |
| 231 | Ba = ROL32(Abu0, 13); \ |
| 232 | Aga1 ^= Da1; \ |
| 233 | Be = ROL32(Aga1, 18); \ |
| 234 | Ake1 ^= De1; \ |
| 235 | Bi = ROL32(Ake1, 5); \ |
| 236 | Ami0 ^= Di0; \ |
| 237 | Bo = ROL32(Ami0, 7); \ |
| 238 | Aso1 ^= Do1; \ |
| 239 | Bu = ROL32(Aso1, 28); \ |
| 240 | Ema1 = Ba ^((~Be)& Bi ); \ |
| 241 | Eme1 = Be ^((~Bi)& Bo ); \ |
| 242 | Emi1 = Bi ^((~Bo)& Bu ); \ |
| 243 | Emo1 = Bo ^((~Bu)& Ba ); \ |
| 244 | Emu1 = Bu ^((~Ba)& Be ); \ |
| 245 | \ |
| 246 | Abi1 ^= Di1; \ |
| 247 | Ba = ROL32(Abi1, 31); \ |
| 248 | Ago0 ^= Do0; \ |
| 249 | Be = ROL32(Ago0, 27); \ |
| 250 | Aku0 ^= Du0; \ |
| 251 | Bi = ROL32(Aku0, 19); \ |
| 252 | Ama0 ^= Da0; \ |
| 253 | Bo = ROL32(Ama0, 20); \ |
| 254 | Ase1 ^= De1; \ |
| 255 | Bu = ROL32(Ase1, 1); \ |
| 256 | Esa1 = Ba ^((~Be)& Bi ); \ |
| 257 | Ese1 = Be ^((~Bi)& Bo ); \ |
| 258 | Esi1 = Bi ^((~Bo)& Bu ); \ |
| 259 | Eso1 = Bo ^((~Bu)& Ba ); \ |
| 260 | Esu1 = Bu ^((~Ba)& Be ); \ |
| 261 | \ |
| 262 | Cx = Ebu0^Egu0^Eku0^Emu0^Esu0; \ |
| 263 | Du1 = Ebe1^Ege1^Eke1^Eme1^Ese1; \ |
| 264 | Da0 = Cx^ROL32(Du1, 1); \ |
| 265 | Cz = Ebu1^Egu1^Eku1^Emu1^Esu1; \ |
| 266 | Du0 = Ebe0^Ege0^Eke0^Eme0^Ese0; \ |
| 267 | Da1 = Cz^Du0; \ |
| 268 | \ |
| 269 | Cw = Ebi0^Egi0^Eki0^Emi0^Esi0; \ |
| 270 | Do0 = Cw^ROL32(Cz, 1); \ |
| 271 | Cy = Ebi1^Egi1^Eki1^Emi1^Esi1; \ |
| 272 | Do1 = Cy^Cx; \ |
| 273 | \ |
| 274 | Cx = Eba0^Ega0^Eka0^Ema0^Esa0; \ |
| 275 | De0 = Cx^ROL32(Cy, 1); \ |
| 276 | Cz = Eba1^Ega1^Eka1^Ema1^Esa1; \ |
| 277 | De1 = Cz^Cw; \ |
| 278 | \ |
| 279 | Cy = Ebo1^Ego1^Eko1^Emo1^Eso1; \ |
| 280 | Di0 = Du0^ROL32(Cy, 1); \ |
| 281 | Cw = Ebo0^Ego0^Eko0^Emo0^Eso0; \ |
| 282 | Di1 = Du1^Cw; \ |
| 283 | \ |
| 284 | Du0 = Cw^ROL32(Cz, 1); \ |
| 285 | Du1 = Cy^Cx; \ |
| 286 | \ |
| 287 | Eba0 ^= Da0; \ |
| 288 | Ba = Eba0; \ |
| 289 | Ege0 ^= De0; \ |
| 290 | Be = ROL32(Ege0, 22); \ |
| 291 | Eki1 ^= Di1; \ |
| 292 | Bi = ROL32(Eki1, 22); \ |
| 293 | Emo1 ^= Do1; \ |
| 294 | Bo = ROL32(Emo1, 11); \ |
| 295 | Esu0 ^= Du0; \ |
| 296 | Bu = ROL32(Esu0, 7); \ |
| 297 | Aba0 = Ba ^((~Be)& Bi ); \ |
| 298 | Aba0 ^= *(pRoundConstants++); \ |
| 299 | Abe0 = Be ^((~Bi)& Bo ); \ |
| 300 | Abi0 = Bi ^((~Bo)& Bu ); \ |
| 301 | Abo0 = Bo ^((~Bu)& Ba ); \ |
| 302 | Abu0 = Bu ^((~Ba)& Be ); \ |
| 303 | \ |
| 304 | Ebo0 ^= Do0; \ |
| 305 | Ba = ROL32(Ebo0, 14); \ |
| 306 | Egu0 ^= Du0; \ |
| 307 | Be = ROL32(Egu0, 10); \ |
| 308 | Eka1 ^= Da1; \ |
| 309 | Bi = ROL32(Eka1, 2); \ |
| 310 | Eme1 ^= De1; \ |
| 311 | Bo = ROL32(Eme1, 23); \ |
| 312 | Esi1 ^= Di1; \ |
| 313 | Bu = ROL32(Esi1, 31); \ |
| 314 | Aga0 = Ba ^((~Be)& Bi ); \ |
| 315 | Age0 = Be ^((~Bi)& Bo ); \ |
| 316 | Agi0 = Bi ^((~Bo)& Bu ); \ |
| 317 | Ago0 = Bo ^((~Bu)& Ba ); \ |
| 318 | Agu0 = Bu ^((~Ba)& Be ); \ |
| 319 | \ |
| 320 | Ebe1 ^= De1; \ |
| 321 | Ba = ROL32(Ebe1, 1); \ |
| 322 | Egi0 ^= Di0; \ |
| 323 | Be = ROL32(Egi0, 3); \ |
| 324 | Eko1 ^= Do1; \ |
| 325 | Bi = ROL32(Eko1, 13); \ |
| 326 | Emu0 ^= Du0; \ |
| 327 | Bo = ROL32(Emu0, 4); \ |
| 328 | Esa0 ^= Da0; \ |
| 329 | Bu = ROL32(Esa0, 9); \ |
| 330 | Aka0 = Ba ^((~Be)& Bi ); \ |
| 331 | Ake0 = Be ^((~Bi)& Bo ); \ |
| 332 | Aki0 = Bi ^((~Bo)& Bu ); \ |
| 333 | Ako0 = Bo ^((~Bu)& Ba ); \ |
| 334 | Aku0 = Bu ^((~Ba)& Be ); \ |
| 335 | \ |
| 336 | Ebu1 ^= Du1; \ |
| 337 | Ba = ROL32(Ebu1, 14); \ |
| 338 | Ega0 ^= Da0; \ |
| 339 | Be = ROL32(Ega0, 18); \ |
| 340 | Eke0 ^= De0; \ |
| 341 | Bi = ROL32(Eke0, 5); \ |
| 342 | Emi1 ^= Di1; \ |
| 343 | Bo = ROL32(Emi1, 8); \ |
| 344 | Eso0 ^= Do0; \ |
| 345 | Bu = ROL32(Eso0, 28); \ |
| 346 | Ama0 = Ba ^((~Be)& Bi ); \ |
| 347 | Ame0 = Be ^((~Bi)& Bo ); \ |
| 348 | Ami0 = Bi ^((~Bo)& Bu ); \ |
| 349 | Amo0 = Bo ^((~Bu)& Ba ); \ |
| 350 | Amu0 = Bu ^((~Ba)& Be ); \ |
| 351 | \ |
| 352 | Ebi0 ^= Di0; \ |
| 353 | Ba = ROL32(Ebi0, 31); \ |
| 354 | Ego1 ^= Do1; \ |
| 355 | Be = ROL32(Ego1, 28); \ |
| 356 | Eku1 ^= Du1; \ |
| 357 | Bi = ROL32(Eku1, 20); \ |
| 358 | Ema1 ^= Da1; \ |
| 359 | Bo = ROL32(Ema1, 21); \ |
| 360 | Ese0 ^= De0; \ |
| 361 | Bu = ROL32(Ese0, 1); \ |
| 362 | Asa0 = Ba ^((~Be)& Bi ); \ |
| 363 | Ase0 = Be ^((~Bi)& Bo ); \ |
| 364 | Asi0 = Bi ^((~Bo)& Bu ); \ |
| 365 | Aso0 = Bo ^((~Bu)& Ba ); \ |
| 366 | Asu0 = Bu ^((~Ba)& Be ); \ |
| 367 | \ |
| 368 | Eba1 ^= Da1; \ |
| 369 | Ba = Eba1; \ |
| 370 | Ege1 ^= De1; \ |
| 371 | Be = ROL32(Ege1, 22); \ |
| 372 | Eki0 ^= Di0; \ |
| 373 | Bi = ROL32(Eki0, 21); \ |
| 374 | Emo0 ^= Do0; \ |
| 375 | Bo = ROL32(Emo0, 10); \ |
| 376 | Esu1 ^= Du1; \ |
| 377 | Bu = ROL32(Esu1, 7); \ |
| 378 | Aba1 = Ba ^((~Be)& Bi ); \ |
| 379 | Aba1 ^= *(pRoundConstants++); \ |
| 380 | Abe1 = Be ^((~Bi)& Bo ); \ |
| 381 | Abi1 = Bi ^((~Bo)& Bu ); \ |
| 382 | Abo1 = Bo ^((~Bu)& Ba ); \ |
| 383 | Abu1 = Bu ^((~Ba)& Be ); \ |
| 384 | \ |
| 385 | Ebo1 ^= Do1; \ |
| 386 | Ba = ROL32(Ebo1, 14); \ |
| 387 | Egu1 ^= Du1; \ |
| 388 | Be = ROL32(Egu1, 10); \ |
| 389 | Eka0 ^= Da0; \ |
| 390 | Bi = ROL32(Eka0, 1); \ |
| 391 | Eme0 ^= De0; \ |
| 392 | Bo = ROL32(Eme0, 22); \ |
| 393 | Esi0 ^= Di0; \ |
| 394 | Bu = ROL32(Esi0, 30); \ |
| 395 | Aga1 = Ba ^((~Be)& Bi ); \ |
| 396 | Age1 = Be ^((~Bi)& Bo ); \ |
| 397 | Agi1 = Bi ^((~Bo)& Bu ); \ |
| 398 | Ago1 = Bo ^((~Bu)& Ba ); \ |
| 399 | Agu1 = Bu ^((~Ba)& Be ); \ |
| 400 | \ |
| 401 | Ebe0 ^= De0; \ |
| 402 | Ba = Ebe0; \ |
| 403 | Egi1 ^= Di1; \ |
| 404 | Be = ROL32(Egi1, 3); \ |
| 405 | Eko0 ^= Do0; \ |
| 406 | Bi = ROL32(Eko0, 12); \ |
| 407 | Emu1 ^= Du1; \ |
| 408 | Bo = ROL32(Emu1, 4); \ |
| 409 | Esa1 ^= Da1; \ |
| 410 | Bu = ROL32(Esa1, 9); \ |
| 411 | Aka1 = Ba ^((~Be)& Bi ); \ |
| 412 | Ake1 = Be ^((~Bi)& Bo ); \ |
| 413 | Aki1 = Bi ^((~Bo)& Bu ); \ |
| 414 | Ako1 = Bo ^((~Bu)& Ba ); \ |
| 415 | Aku1 = Bu ^((~Ba)& Be ); \ |
| 416 | \ |
| 417 | Ebu0 ^= Du0; \ |
| 418 | Ba = ROL32(Ebu0, 13); \ |
| 419 | Ega1 ^= Da1; \ |
| 420 | Be = ROL32(Ega1, 18); \ |
| 421 | Eke1 ^= De1; \ |
| 422 | Bi = ROL32(Eke1, 5); \ |
| 423 | Emi0 ^= Di0; \ |
| 424 | Bo = ROL32(Emi0, 7); \ |
| 425 | Eso1 ^= Do1; \ |
| 426 | Bu = ROL32(Eso1, 28); \ |
| 427 | Ama1 = Ba ^((~Be)& Bi ); \ |
| 428 | Ame1 = Be ^((~Bi)& Bo ); \ |
| 429 | Ami1 = Bi ^((~Bo)& Bu ); \ |
| 430 | Amo1 = Bo ^((~Bu)& Ba ); \ |
| 431 | Amu1 = Bu ^((~Ba)& Be ); \ |
| 432 | \ |
| 433 | Ebi1 ^= Di1; \ |
| 434 | Ba = ROL32(Ebi1, 31); \ |
| 435 | Ego0 ^= Do0; \ |
| 436 | Be = ROL32(Ego0, 27); \ |
| 437 | Eku0 ^= Du0; \ |
| 438 | Bi = ROL32(Eku0, 19); \ |
| 439 | Ema0 ^= Da0; \ |
| 440 | Bo = ROL32(Ema0, 20); \ |
| 441 | Ese1 ^= De1; \ |
| 442 | Bu = ROL32(Ese1, 1); \ |
| 443 | Asa1 = Ba ^((~Be)& Bi ); \ |
| 444 | Ase1 = Be ^((~Bi)& Bo ); \ |
| 445 | Asi1 = Bi ^((~Bo)& Bu ); \ |
| 446 | Aso1 = Bo ^((~Bu)& Ba ); \ |
| 447 | Asu1 = Bu ^((~Ba)& Be ); \ |
| 448 | } \ |
| 449 | copyToState(state, A) \ |
| 450 | } |
| 451 | |
| 452 | #define copyFromState(X, state) \ |
| 453 | X##ba0 = state[ 0]; \ |
| 454 | X##ba1 = state[ 1]; \ |
| 455 | X##be0 = state[ 2]; \ |
| 456 | X##be1 = state[ 3]; \ |
| 457 | X##bi0 = state[ 4]; \ |
| 458 | X##bi1 = state[ 5]; \ |
| 459 | X##bo0 = state[ 6]; \ |
| 460 | X##bo1 = state[ 7]; \ |
| 461 | X##bu0 = state[ 8]; \ |
| 462 | X##bu1 = state[ 9]; \ |
| 463 | X##ga0 = state[10]; \ |
| 464 | X##ga1 = state[11]; \ |
| 465 | X##ge0 = state[12]; \ |
| 466 | X##ge1 = state[13]; \ |
| 467 | X##gi0 = state[14]; \ |
| 468 | X##gi1 = state[15]; \ |
| 469 | X##go0 = state[16]; \ |
| 470 | X##go1 = state[17]; \ |
| 471 | X##gu0 = state[18]; \ |
| 472 | X##gu1 = state[19]; \ |
| 473 | X##ka0 = state[20]; \ |
| 474 | X##ka1 = state[21]; \ |
| 475 | X##ke0 = state[22]; \ |
| 476 | X##ke1 = state[23]; \ |
| 477 | X##ki0 = state[24]; \ |
| 478 | X##ki1 = state[25]; \ |
| 479 | X##ko0 = state[26]; \ |
| 480 | X##ko1 = state[27]; \ |
| 481 | X##ku0 = state[28]; \ |
| 482 | X##ku1 = state[29]; \ |
| 483 | X##ma0 = state[30]; \ |
| 484 | X##ma1 = state[31]; \ |
| 485 | X##me0 = state[32]; \ |
| 486 | X##me1 = state[33]; \ |
| 487 | X##mi0 = state[34]; \ |
| 488 | X##mi1 = state[35]; \ |
| 489 | X##mo0 = state[36]; \ |
| 490 | X##mo1 = state[37]; \ |
| 491 | X##mu0 = state[38]; \ |
| 492 | X##mu1 = state[39]; \ |
| 493 | X##sa0 = state[40]; \ |
| 494 | X##sa1 = state[41]; \ |
| 495 | X##se0 = state[42]; \ |
| 496 | X##se1 = state[43]; \ |
| 497 | X##si0 = state[44]; \ |
| 498 | X##si1 = state[45]; \ |
| 499 | X##so0 = state[46]; \ |
| 500 | X##so1 = state[47]; \ |
| 501 | X##su0 = state[48]; \ |
| 502 | X##su1 = state[49]; \ |
| 503 | |
| 504 | #define copyToState(state, X) \ |
| 505 | state[ 0] = X##ba0; \ |
| 506 | state[ 1] = X##ba1; \ |
| 507 | state[ 2] = X##be0; \ |
| 508 | state[ 3] = X##be1; \ |
| 509 | state[ 4] = X##bi0; \ |
| 510 | state[ 5] = X##bi1; \ |
| 511 | state[ 6] = X##bo0; \ |
| 512 | state[ 7] = X##bo1; \ |
| 513 | state[ 8] = X##bu0; \ |
| 514 | state[ 9] = X##bu1; \ |
| 515 | state[10] = X##ga0; \ |
| 516 | state[11] = X##ga1; \ |
| 517 | state[12] = X##ge0; \ |
| 518 | state[13] = X##ge1; \ |
| 519 | state[14] = X##gi0; \ |
| 520 | state[15] = X##gi1; \ |
| 521 | state[16] = X##go0; \ |
| 522 | state[17] = X##go1; \ |
| 523 | state[18] = X##gu0; \ |
| 524 | state[19] = X##gu1; \ |
| 525 | state[20] = X##ka0; \ |
| 526 | state[21] = X##ka1; \ |
| 527 | state[22] = X##ke0; \ |
| 528 | state[23] = X##ke1; \ |
| 529 | state[24] = X##ki0; \ |
| 530 | state[25] = X##ki1; \ |
| 531 | state[26] = X##ko0; \ |
| 532 | state[27] = X##ko1; \ |
| 533 | state[28] = X##ku0; \ |
| 534 | state[29] = X##ku1; \ |
| 535 | state[30] = X##ma0; \ |
| 536 | state[31] = X##ma1; \ |
| 537 | state[32] = X##me0; \ |
| 538 | state[33] = X##me1; \ |
| 539 | state[34] = X##mi0; \ |
| 540 | state[35] = X##mi1; \ |
| 541 | state[36] = X##mo0; \ |
| 542 | state[37] = X##mo1; \ |
| 543 | state[38] = X##mu0; \ |
| 544 | state[39] = X##mu1; \ |
| 545 | state[40] = X##sa0; \ |
| 546 | state[41] = X##sa1; \ |
| 547 | state[42] = X##se0; \ |
| 548 | state[43] = X##se1; \ |
| 549 | state[44] = X##si0; \ |
| 550 | state[45] = X##si1; \ |
| 551 | state[46] = X##so0; \ |
| 552 | state[47] = X##so1; \ |
| 553 | state[48] = X##su0; \ |
| 554 | state[49] = X##su1; \ |
| 555 | |