Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython3 / 42ac3c91e75fc3b44c3d5e3ab30db6d022f3f749 / . / Modules / _sha3 / keccak / KeccakF-1600-simd64.macros
blob: 06a30e2ae060d2f8ff3419127f5f4b30b9eb3baa [file] [log] [blame]
Christian Heimes4a0270d2012-10-06 02:23:36 +0200[diff] [blame]1/*
2Code automatically generated by KeccakTools!
3
4The Keccak sponge function, designed by Guido Bertoni, Joan Daemen,
5Michaƫl Peeters and Gilles Van Assche. For more information, feedback or
6questions, please refer to our website: http://keccak.noekeon.org/
7
8Implementation by the designers,
9hereby denoted as "the implementer".
10
11To the extent possible under law, the implementer has waived all copyright
12and related or neighboring rights to the source code in this file.
13http://creativecommons.org/publicdomain/zero/1.0/
14*/
15
16#define declareABCDE \
17 V64 Aba, Abe, Abi, Abo, Abu; \
18 V64 Aga, Age, Agi, Ago, Agu; \
19 V64 Aka, Ake, Aki, Ako, Aku; \
20 V64 Ama, Ame, Ami, Amo, Amu; \
21 V64 Asa, Ase, Asi, Aso, Asu; \
22 V64 Bba, Bbe, Bbi, Bbo, Bbu; \
23 V64 Bga, Bge, Bgi, Bgo, Bgu; \
24 V64 Bka, Bke, Bki, Bko, Bku; \
25 V64 Bma, Bme, Bmi, Bmo, Bmu; \
26 V64 Bsa, Bse, Bsi, Bso, Bsu; \
27 V64 Ca, Ce, Ci, Co, Cu; \
28 V64 Da, De, Di, Do, Du; \
29 V64 Eba, Ebe, Ebi, Ebo, Ebu; \
30 V64 Ega, Ege, Egi, Ego, Egu; \
31 V64 Eka, Eke, Eki, Eko, Eku; \
32 V64 Ema, Eme, Emi, Emo, Emu; \
33 V64 Esa, Ese, Esi, Eso, Esu; \
34
35#define prepareTheta \
36 Ca = XOR64(Aba, XOR64(Aga, XOR64(Aka, XOR64(Ama, Asa)))); \
37 Ce = XOR64(Abe, XOR64(Age, XOR64(Ake, XOR64(Ame, Ase)))); \
38 Ci = XOR64(Abi, XOR64(Agi, XOR64(Aki, XOR64(Ami, Asi)))); \
39 Co = XOR64(Abo, XOR64(Ago, XOR64(Ako, XOR64(Amo, Aso)))); \
40 Cu = XOR64(Abu, XOR64(Agu, XOR64(Aku, XOR64(Amu, Asu)))); \
41
42/* --- Code for round, with prepare-theta */
43/* --- 64-bit lanes mapped to 64-bit words */
44#define thetaRhoPiChiIotaPrepareTheta(i, A, E) \
45 Da = XOR64(Cu, ROL64(Ce, 1)); \
46 De = XOR64(Ca, ROL64(Ci, 1)); \
47 Di = XOR64(Ce, ROL64(Co, 1)); \
48 Do = XOR64(Ci, ROL64(Cu, 1)); \
49 Du = XOR64(Co, ROL64(Ca, 1)); \
50\
51 XOReq64(A##ba, Da); \
52 Bba = A##ba; \
53 XOReq64(A##ge, De); \
54 Bbe = ROL64(A##ge, 44); \
55 XOReq64(A##ki, Di); \
56 Bbi = ROL64(A##ki, 43); \
57 E##ba = XOR64(Bba, ANDnu64(Bbe, Bbi)); \
58 XOReq64(E##ba, CONST64(KeccakF1600RoundConstants[i])); \
59 Ca = E##ba; \
60 XOReq64(A##mo, Do); \
61 Bbo = ROL64(A##mo, 21); \
62 E##be = XOR64(Bbe, ANDnu64(Bbi, Bbo)); \
63 Ce = E##be; \
64 XOReq64(A##su, Du); \
65 Bbu = ROL64(A##su, 14); \
66 E##bi = XOR64(Bbi, ANDnu64(Bbo, Bbu)); \
67 Ci = E##bi; \
68 E##bo = XOR64(Bbo, ANDnu64(Bbu, Bba)); \
69 Co = E##bo; \
70 E##bu = XOR64(Bbu, ANDnu64(Bba, Bbe)); \
71 Cu = E##bu; \
72\
73 XOReq64(A##bo, Do); \
74 Bga = ROL64(A##bo, 28); \
75 XOReq64(A##gu, Du); \
76 Bge = ROL64(A##gu, 20); \
77 XOReq64(A##ka, Da); \
78 Bgi = ROL64(A##ka, 3); \
79 E##ga = XOR64(Bga, ANDnu64(Bge, Bgi)); \
80 XOReq64(Ca, E##ga); \
81 XOReq64(A##me, De); \
82 Bgo = ROL64(A##me, 45); \
83 E##ge = XOR64(Bge, ANDnu64(Bgi, Bgo)); \
84 XOReq64(Ce, E##ge); \
85 XOReq64(A##si, Di); \
86 Bgu = ROL64(A##si, 61); \
87 E##gi = XOR64(Bgi, ANDnu64(Bgo, Bgu)); \
88 XOReq64(Ci, E##gi); \
89 E##go = XOR64(Bgo, ANDnu64(Bgu, Bga)); \
90 XOReq64(Co, E##go); \
91 E##gu = XOR64(Bgu, ANDnu64(Bga, Bge)); \
92 XOReq64(Cu, E##gu); \
93\
94 XOReq64(A##be, De); \
95 Bka = ROL64(A##be, 1); \
96 XOReq64(A##gi, Di); \
97 Bke = ROL64(A##gi, 6); \
98 XOReq64(A##ko, Do); \
99 Bki = ROL64(A##ko, 25); \
100 E##ka = XOR64(Bka, ANDnu64(Bke, Bki)); \
101 XOReq64(Ca, E##ka); \
102 XOReq64(A##mu, Du); \
103 Bko = ROL64(A##mu, 8); \
104 E##ke = XOR64(Bke, ANDnu64(Bki, Bko)); \
105 XOReq64(Ce, E##ke); \
106 XOReq64(A##sa, Da); \
107 Bku = ROL64(A##sa, 18); \
108 E##ki = XOR64(Bki, ANDnu64(Bko, Bku)); \
109 XOReq64(Ci, E##ki); \
110 E##ko = XOR64(Bko, ANDnu64(Bku, Bka)); \
111 XOReq64(Co, E##ko); \
112 E##ku = XOR64(Bku, ANDnu64(Bka, Bke)); \
113 XOReq64(Cu, E##ku); \
114\
115 XOReq64(A##bu, Du); \
116 Bma = ROL64(A##bu, 27); \
117 XOReq64(A##ga, Da); \
118 Bme = ROL64(A##ga, 36); \
119 XOReq64(A##ke, De); \
120 Bmi = ROL64(A##ke, 10); \
121 E##ma = XOR64(Bma, ANDnu64(Bme, Bmi)); \
122 XOReq64(Ca, E##ma); \
123 XOReq64(A##mi, Di); \
124 Bmo = ROL64(A##mi, 15); \
125 E##me = XOR64(Bme, ANDnu64(Bmi, Bmo)); \
126 XOReq64(Ce, E##me); \
127 XOReq64(A##so, Do); \
128 Bmu = ROL64(A##so, 56); \
129 E##mi = XOR64(Bmi, ANDnu64(Bmo, Bmu)); \
130 XOReq64(Ci, E##mi); \
131 E##mo = XOR64(Bmo, ANDnu64(Bmu, Bma)); \
132 XOReq64(Co, E##mo); \
133 E##mu = XOR64(Bmu, ANDnu64(Bma, Bme)); \
134 XOReq64(Cu, E##mu); \
135\
136 XOReq64(A##bi, Di); \
137 Bsa = ROL64(A##bi, 62); \
138 XOReq64(A##go, Do); \
139 Bse = ROL64(A##go, 55); \
140 XOReq64(A##ku, Du); \
141 Bsi = ROL64(A##ku, 39); \
142 E##sa = XOR64(Bsa, ANDnu64(Bse, Bsi)); \
143 XOReq64(Ca, E##sa); \
144 XOReq64(A##ma, Da); \
145 Bso = ROL64(A##ma, 41); \
146 E##se = XOR64(Bse, ANDnu64(Bsi, Bso)); \
147 XOReq64(Ce, E##se); \
148 XOReq64(A##se, De); \
149 Bsu = ROL64(A##se, 2); \
150 E##si = XOR64(Bsi, ANDnu64(Bso, Bsu)); \
151 XOReq64(Ci, E##si); \
152 E##so = XOR64(Bso, ANDnu64(Bsu, Bsa)); \
153 XOReq64(Co, E##so); \
154 E##su = XOR64(Bsu, ANDnu64(Bsa, Bse)); \
155 XOReq64(Cu, E##su); \
156\
157
158/* --- Code for round */
159/* --- 64-bit lanes mapped to 64-bit words */
160#define thetaRhoPiChiIota(i, A, E) \
161 Da = XOR64(Cu, ROL64(Ce, 1)); \
162 De = XOR64(Ca, ROL64(Ci, 1)); \
163 Di = XOR64(Ce, ROL64(Co, 1)); \
164 Do = XOR64(Ci, ROL64(Cu, 1)); \
165 Du = XOR64(Co, ROL64(Ca, 1)); \
166\
167 XOReq64(A##ba, Da); \
168 Bba = A##ba; \
169 XOReq64(A##ge, De); \
170 Bbe = ROL64(A##ge, 44); \
171 XOReq64(A##ki, Di); \
172 Bbi = ROL64(A##ki, 43); \
173 E##ba = XOR64(Bba, ANDnu64(Bbe, Bbi)); \
174 XOReq64(E##ba, CONST64(KeccakF1600RoundConstants[i])); \
175 XOReq64(A##mo, Do); \
176 Bbo = ROL64(A##mo, 21); \
177 E##be = XOR64(Bbe, ANDnu64(Bbi, Bbo)); \
178 XOReq64(A##su, Du); \
179 Bbu = ROL64(A##su, 14); \
180 E##bi = XOR64(Bbi, ANDnu64(Bbo, Bbu)); \
181 E##bo = XOR64(Bbo, ANDnu64(Bbu, Bba)); \
182 E##bu = XOR64(Bbu, ANDnu64(Bba, Bbe)); \
183\
184 XOReq64(A##bo, Do); \
185 Bga = ROL64(A##bo, 28); \
186 XOReq64(A##gu, Du); \
187 Bge = ROL64(A##gu, 20); \
188 XOReq64(A##ka, Da); \
189 Bgi = ROL64(A##ka, 3); \
190 E##ga = XOR64(Bga, ANDnu64(Bge, Bgi)); \
191 XOReq64(A##me, De); \
192 Bgo = ROL64(A##me, 45); \
193 E##ge = XOR64(Bge, ANDnu64(Bgi, Bgo)); \
194 XOReq64(A##si, Di); \
195 Bgu = ROL64(A##si, 61); \
196 E##gi = XOR64(Bgi, ANDnu64(Bgo, Bgu)); \
197 E##go = XOR64(Bgo, ANDnu64(Bgu, Bga)); \
198 E##gu = XOR64(Bgu, ANDnu64(Bga, Bge)); \
199\
200 XOReq64(A##be, De); \
201 Bka = ROL64(A##be, 1); \
202 XOReq64(A##gi, Di); \
203 Bke = ROL64(A##gi, 6); \
204 XOReq64(A##ko, Do); \
205 Bki = ROL64(A##ko, 25); \
206 E##ka = XOR64(Bka, ANDnu64(Bke, Bki)); \
207 XOReq64(A##mu, Du); \
208 Bko = ROL64(A##mu, 8); \
209 E##ke = XOR64(Bke, ANDnu64(Bki, Bko)); \
210 XOReq64(A##sa, Da); \
211 Bku = ROL64(A##sa, 18); \
212 E##ki = XOR64(Bki, ANDnu64(Bko, Bku)); \
213 E##ko = XOR64(Bko, ANDnu64(Bku, Bka)); \
214 E##ku = XOR64(Bku, ANDnu64(Bka, Bke)); \
215\
216 XOReq64(A##bu, Du); \
217 Bma = ROL64(A##bu, 27); \
218 XOReq64(A##ga, Da); \
219 Bme = ROL64(A##ga, 36); \
220 XOReq64(A##ke, De); \
221 Bmi = ROL64(A##ke, 10); \
222 E##ma = XOR64(Bma, ANDnu64(Bme, Bmi)); \
223 XOReq64(A##mi, Di); \
224 Bmo = ROL64(A##mi, 15); \
225 E##me = XOR64(Bme, ANDnu64(Bmi, Bmo)); \
226 XOReq64(A##so, Do); \
227 Bmu = ROL64(A##so, 56); \
228 E##mi = XOR64(Bmi, ANDnu64(Bmo, Bmu)); \
229 E##mo = XOR64(Bmo, ANDnu64(Bmu, Bma)); \
230 E##mu = XOR64(Bmu, ANDnu64(Bma, Bme)); \
231\
232 XOReq64(A##bi, Di); \
233 Bsa = ROL64(A##bi, 62); \
234 XOReq64(A##go, Do); \
235 Bse = ROL64(A##go, 55); \
236 XOReq64(A##ku, Du); \
237 Bsi = ROL64(A##ku, 39); \
238 E##sa = XOR64(Bsa, ANDnu64(Bse, Bsi)); \
239 XOReq64(A##ma, Da); \
240 Bso = ROL64(A##ma, 41); \
241 E##se = XOR64(Bse, ANDnu64(Bsi, Bso)); \
242 XOReq64(A##se, De); \
243 Bsu = ROL64(A##se, 2); \
244 E##si = XOR64(Bsi, ANDnu64(Bso, Bsu)); \
245 E##so = XOR64(Bso, ANDnu64(Bsu, Bsa)); \
246 E##su = XOR64(Bsu, ANDnu64(Bsa, Bse)); \
247\
248
249static const UINT64 KeccakF1600RoundConstants[24] = {
250 0x0000000000000001ULL,
251 0x0000000000008082ULL,
252 0x800000000000808aULL,
253 0x8000000080008000ULL,
254 0x000000000000808bULL,
255 0x0000000080000001ULL,
256 0x8000000080008081ULL,
257 0x8000000000008009ULL,
258 0x000000000000008aULL,
259 0x0000000000000088ULL,
260 0x0000000080008009ULL,
261 0x000000008000000aULL,
262 0x000000008000808bULL,
263 0x800000000000008bULL,
264 0x8000000000008089ULL,
265 0x8000000000008003ULL,
266 0x8000000000008002ULL,
267 0x8000000000000080ULL,
268 0x000000000000800aULL,
269 0x800000008000000aULL,
270 0x8000000080008081ULL,
271 0x8000000000008080ULL,
272 0x0000000080000001ULL,
273 0x8000000080008008ULL };
274
275#define copyFromStateAndXor576bits(X, state, input) \
276 X##ba = XOR64(LOAD64(state[ 0]), LOAD64(input[ 0])); \
277 X##be = XOR64(LOAD64(state[ 1]), LOAD64(input[ 1])); \
278 X##bi = XOR64(LOAD64(state[ 2]), LOAD64(input[ 2])); \
279 X##bo = XOR64(LOAD64(state[ 3]), LOAD64(input[ 3])); \
280 X##bu = XOR64(LOAD64(state[ 4]), LOAD64(input[ 4])); \
281 X##ga = XOR64(LOAD64(state[ 5]), LOAD64(input[ 5])); \
282 X##ge = XOR64(LOAD64(state[ 6]), LOAD64(input[ 6])); \
283 X##gi = XOR64(LOAD64(state[ 7]), LOAD64(input[ 7])); \
284 X##go = XOR64(LOAD64(state[ 8]), LOAD64(input[ 8])); \
285 X##gu = LOAD64(state[ 9]); \
286 X##ka = LOAD64(state[10]); \
287 X##ke = LOAD64(state[11]); \
288 X##ki = LOAD64(state[12]); \
289 X##ko = LOAD64(state[13]); \
290 X##ku = LOAD64(state[14]); \
291 X##ma = LOAD64(state[15]); \
292 X##me = LOAD64(state[16]); \
293 X##mi = LOAD64(state[17]); \
294 X##mo = LOAD64(state[18]); \
295 X##mu = LOAD64(state[19]); \
296 X##sa = LOAD64(state[20]); \
297 X##se = LOAD64(state[21]); \
298 X##si = LOAD64(state[22]); \
299 X##so = LOAD64(state[23]); \
300 X##su = LOAD64(state[24]); \
301
302#define copyFromStateAndXor832bits(X, state, input) \
303 X##ba = XOR64(LOAD64(state[ 0]), LOAD64(input[ 0])); \
304 X##be = XOR64(LOAD64(state[ 1]), LOAD64(input[ 1])); \
305 X##bi = XOR64(LOAD64(state[ 2]), LOAD64(input[ 2])); \
306 X##bo = XOR64(LOAD64(state[ 3]), LOAD64(input[ 3])); \
307 X##bu = XOR64(LOAD64(state[ 4]), LOAD64(input[ 4])); \
308 X##ga = XOR64(LOAD64(state[ 5]), LOAD64(input[ 5])); \
309 X##ge = XOR64(LOAD64(state[ 6]), LOAD64(input[ 6])); \
310 X##gi = XOR64(LOAD64(state[ 7]), LOAD64(input[ 7])); \
311 X##go = XOR64(LOAD64(state[ 8]), LOAD64(input[ 8])); \
312 X##gu = XOR64(LOAD64(state[ 9]), LOAD64(input[ 9])); \
313 X##ka = XOR64(LOAD64(state[10]), LOAD64(input[10])); \
314 X##ke = XOR64(LOAD64(state[11]), LOAD64(input[11])); \
315 X##ki = XOR64(LOAD64(state[12]), LOAD64(input[12])); \
316 X##ko = LOAD64(state[13]); \
317 X##ku = LOAD64(state[14]); \
318 X##ma = LOAD64(state[15]); \
319 X##me = LOAD64(state[16]); \
320 X##mi = LOAD64(state[17]); \
321 X##mo = LOAD64(state[18]); \
322 X##mu = LOAD64(state[19]); \
323 X##sa = LOAD64(state[20]); \
324 X##se = LOAD64(state[21]); \
325 X##si = LOAD64(state[22]); \
326 X##so = LOAD64(state[23]); \
327 X##su = LOAD64(state[24]); \
328
329#define copyFromStateAndXor1024bits(X, state, input) \
330 X##ba = XOR64(LOAD64(state[ 0]), LOAD64(input[ 0])); \
331 X##be = XOR64(LOAD64(state[ 1]), LOAD64(input[ 1])); \
332 X##bi = XOR64(LOAD64(state[ 2]), LOAD64(input[ 2])); \
333 X##bo = XOR64(LOAD64(state[ 3]), LOAD64(input[ 3])); \
334 X##bu = XOR64(LOAD64(state[ 4]), LOAD64(input[ 4])); \
335 X##ga = XOR64(LOAD64(state[ 5]), LOAD64(input[ 5])); \
336 X##ge = XOR64(LOAD64(state[ 6]), LOAD64(input[ 6])); \
337 X##gi = XOR64(LOAD64(state[ 7]), LOAD64(input[ 7])); \
338 X##go = XOR64(LOAD64(state[ 8]), LOAD64(input[ 8])); \
339 X##gu = XOR64(LOAD64(state[ 9]), LOAD64(input[ 9])); \
340 X##ka = XOR64(LOAD64(state[10]), LOAD64(input[10])); \
341 X##ke = XOR64(LOAD64(state[11]), LOAD64(input[11])); \
342 X##ki = XOR64(LOAD64(state[12]), LOAD64(input[12])); \
343 X##ko = XOR64(LOAD64(state[13]), LOAD64(input[13])); \
344 X##ku = XOR64(LOAD64(state[14]), LOAD64(input[14])); \
345 X##ma = XOR64(LOAD64(state[15]), LOAD64(input[15])); \
346 X##me = LOAD64(state[16]); \
347 X##mi = LOAD64(state[17]); \
348 X##mo = LOAD64(state[18]); \
349 X##mu = LOAD64(state[19]); \
350 X##sa = LOAD64(state[20]); \
351 X##se = LOAD64(state[21]); \
352 X##si = LOAD64(state[22]); \
353 X##so = LOAD64(state[23]); \
354 X##su = LOAD64(state[24]); \
355
356#define copyFromStateAndXor1088bits(X, state, input) \
357 X##ba = XOR64(LOAD64(state[ 0]), LOAD64(input[ 0])); \
358 X##be = XOR64(LOAD64(state[ 1]), LOAD64(input[ 1])); \
359 X##bi = XOR64(LOAD64(state[ 2]), LOAD64(input[ 2])); \
360 X##bo = XOR64(LOAD64(state[ 3]), LOAD64(input[ 3])); \
361 X##bu = XOR64(LOAD64(state[ 4]), LOAD64(input[ 4])); \
362 X##ga = XOR64(LOAD64(state[ 5]), LOAD64(input[ 5])); \
363 X##ge = XOR64(LOAD64(state[ 6]), LOAD64(input[ 6])); \
364 X##gi = XOR64(LOAD64(state[ 7]), LOAD64(input[ 7])); \
365 X##go = XOR64(LOAD64(state[ 8]), LOAD64(input[ 8])); \
366 X##gu = XOR64(LOAD64(state[ 9]), LOAD64(input[ 9])); \
367 X##ka = XOR64(LOAD64(state[10]), LOAD64(input[10])); \
368 X##ke = XOR64(LOAD64(state[11]), LOAD64(input[11])); \
369 X##ki = XOR64(LOAD64(state[12]), LOAD64(input[12])); \
370 X##ko = XOR64(LOAD64(state[13]), LOAD64(input[13])); \
371 X##ku = XOR64(LOAD64(state[14]), LOAD64(input[14])); \
372 X##ma = XOR64(LOAD64(state[15]), LOAD64(input[15])); \
373 X##me = XOR64(LOAD64(state[16]), LOAD64(input[16])); \
374 X##mi = LOAD64(state[17]); \
375 X##mo = LOAD64(state[18]); \
376 X##mu = LOAD64(state[19]); \
377 X##sa = LOAD64(state[20]); \
378 X##se = LOAD64(state[21]); \
379 X##si = LOAD64(state[22]); \
380 X##so = LOAD64(state[23]); \
381 X##su = LOAD64(state[24]); \
382
383#define copyFromStateAndXor1152bits(X, state, input) \
384 X##ba = XOR64(LOAD64(state[ 0]), LOAD64(input[ 0])); \
385 X##be = XOR64(LOAD64(state[ 1]), LOAD64(input[ 1])); \
386 X##bi = XOR64(LOAD64(state[ 2]), LOAD64(input[ 2])); \
387 X##bo = XOR64(LOAD64(state[ 3]), LOAD64(input[ 3])); \
388 X##bu = XOR64(LOAD64(state[ 4]), LOAD64(input[ 4])); \
389 X##ga = XOR64(LOAD64(state[ 5]), LOAD64(input[ 5])); \
390 X##ge = XOR64(LOAD64(state[ 6]), LOAD64(input[ 6])); \
391 X##gi = XOR64(LOAD64(state[ 7]), LOAD64(input[ 7])); \
392 X##go = XOR64(LOAD64(state[ 8]), LOAD64(input[ 8])); \
393 X##gu = XOR64(LOAD64(state[ 9]), LOAD64(input[ 9])); \
394 X##ka = XOR64(LOAD64(state[10]), LOAD64(input[10])); \
395 X##ke = XOR64(LOAD64(state[11]), LOAD64(input[11])); \
396 X##ki = XOR64(LOAD64(state[12]), LOAD64(input[12])); \
397 X##ko = XOR64(LOAD64(state[13]), LOAD64(input[13])); \
398 X##ku = XOR64(LOAD64(state[14]), LOAD64(input[14])); \
399 X##ma = XOR64(LOAD64(state[15]), LOAD64(input[15])); \
400 X##me = XOR64(LOAD64(state[16]), LOAD64(input[16])); \
401 X##mi = XOR64(LOAD64(state[17]), LOAD64(input[17])); \
402 X##mo = LOAD64(state[18]); \
403 X##mu = LOAD64(state[19]); \
404 X##sa = LOAD64(state[20]); \
405 X##se = LOAD64(state[21]); \
406 X##si = LOAD64(state[22]); \
407 X##so = LOAD64(state[23]); \
408 X##su = LOAD64(state[24]); \
409
410#define copyFromStateAndXor1344bits(X, state, input) \
411 X##ba = XOR64(LOAD64(state[ 0]), LOAD64(input[ 0])); \
412 X##be = XOR64(LOAD64(state[ 1]), LOAD64(input[ 1])); \
413 X##bi = XOR64(LOAD64(state[ 2]), LOAD64(input[ 2])); \
414 X##bo = XOR64(LOAD64(state[ 3]), LOAD64(input[ 3])); \
415 X##bu = XOR64(LOAD64(state[ 4]), LOAD64(input[ 4])); \
416 X##ga = XOR64(LOAD64(state[ 5]), LOAD64(input[ 5])); \
417 X##ge = XOR64(LOAD64(state[ 6]), LOAD64(input[ 6])); \
418 X##gi = XOR64(LOAD64(state[ 7]), LOAD64(input[ 7])); \
419 X##go = XOR64(LOAD64(state[ 8]), LOAD64(input[ 8])); \
420 X##gu = XOR64(LOAD64(state[ 9]), LOAD64(input[ 9])); \
421 X##ka = XOR64(LOAD64(state[10]), LOAD64(input[10])); \
422 X##ke = XOR64(LOAD64(state[11]), LOAD64(input[11])); \
423 X##ki = XOR64(LOAD64(state[12]), LOAD64(input[12])); \
424 X##ko = XOR64(LOAD64(state[13]), LOAD64(input[13])); \
425 X##ku = XOR64(LOAD64(state[14]), LOAD64(input[14])); \
426 X##ma = XOR64(LOAD64(state[15]), LOAD64(input[15])); \
427 X##me = XOR64(LOAD64(state[16]), LOAD64(input[16])); \
428 X##mi = XOR64(LOAD64(state[17]), LOAD64(input[17])); \
429 X##mo = XOR64(LOAD64(state[18]), LOAD64(input[18])); \
430 X##mu = XOR64(LOAD64(state[19]), LOAD64(input[19])); \
431 X##sa = XOR64(LOAD64(state[20]), LOAD64(input[20])); \
432 X##se = LOAD64(state[21]); \
433 X##si = LOAD64(state[22]); \
434 X##so = LOAD64(state[23]); \
435 X##su = LOAD64(state[24]); \
436
437#define copyFromState(X, state) \
438 X##ba = LOAD64(state[ 0]); \
439 X##be = LOAD64(state[ 1]); \
440 X##bi = LOAD64(state[ 2]); \
441 X##bo = LOAD64(state[ 3]); \
442 X##bu = LOAD64(state[ 4]); \
443 X##ga = LOAD64(state[ 5]); \
444 X##ge = LOAD64(state[ 6]); \
445 X##gi = LOAD64(state[ 7]); \
446 X##go = LOAD64(state[ 8]); \
447 X##gu = LOAD64(state[ 9]); \
448 X##ka = LOAD64(state[10]); \
449 X##ke = LOAD64(state[11]); \
450 X##ki = LOAD64(state[12]); \
451 X##ko = LOAD64(state[13]); \
452 X##ku = LOAD64(state[14]); \
453 X##ma = LOAD64(state[15]); \
454 X##me = LOAD64(state[16]); \
455 X##mi = LOAD64(state[17]); \
456 X##mo = LOAD64(state[18]); \
457 X##mu = LOAD64(state[19]); \
458 X##sa = LOAD64(state[20]); \
459 X##se = LOAD64(state[21]); \
460 X##si = LOAD64(state[22]); \
461 X##so = LOAD64(state[23]); \
462 X##su = LOAD64(state[24]); \
463
464#define copyToState(state, X) \
465 STORE64(state[ 0], X##ba); \
466 STORE64(state[ 1], X##be); \
467 STORE64(state[ 2], X##bi); \
468 STORE64(state[ 3], X##bo); \
469 STORE64(state[ 4], X##bu); \
470 STORE64(state[ 5], X##ga); \
471 STORE64(state[ 6], X##ge); \
472 STORE64(state[ 7], X##gi); \
473 STORE64(state[ 8], X##go); \
474 STORE64(state[ 9], X##gu); \
475 STORE64(state[10], X##ka); \
476 STORE64(state[11], X##ke); \
477 STORE64(state[12], X##ki); \
478 STORE64(state[13], X##ko); \
479 STORE64(state[14], X##ku); \
480 STORE64(state[15], X##ma); \
481 STORE64(state[16], X##me); \
482 STORE64(state[17], X##mi); \
483 STORE64(state[18], X##mo); \
484 STORE64(state[19], X##mu); \
485 STORE64(state[20], X##sa); \
486 STORE64(state[21], X##se); \
487 STORE64(state[22], X##si); \
488 STORE64(state[23], X##so); \
489 STORE64(state[24], X##su); \
490
491#define copyStateVariables(X, Y) \
492 X##ba = Y##ba; \
493 X##be = Y##be; \
494 X##bi = Y##bi; \
495 X##bo = Y##bo; \
496 X##bu = Y##bu; \
497 X##ga = Y##ga; \
498 X##ge = Y##ge; \
499 X##gi = Y##gi; \
500 X##go = Y##go; \
501 X##gu = Y##gu; \
502 X##ka = Y##ka; \
503 X##ke = Y##ke; \
504 X##ki = Y##ki; \
505 X##ko = Y##ko; \
506 X##ku = Y##ku; \
507 X##ma = Y##ma; \
508 X##me = Y##me; \
509 X##mi = Y##mi; \
510 X##mo = Y##mo; \
511 X##mu = Y##mu; \
512 X##sa = Y##sa; \
513 X##se = Y##se; \
514 X##si = Y##si; \
515 X##so = Y##so; \
516 X##su = Y##su; \
517