arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-03 12:00:59 +00:00
Code Issues Releases Wiki Activity

style(crypto): format blake and groestl

Browse Source
This commit is contained in:
Ondřej Vejpustek 2024-09-24 14:27:29 +02:00
parent 332c0bf365
commit 8bf02cf0a2
10 changed files with 1075 additions and 1216 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

240
crypto/blake256.c
View File

@ -7,81 +7,74 @@
and related and neighboring rights to this software to the public domain and related and neighboring rights to this software to the public domain
worldwide. This software is distributed without any warranty. worldwide. This software is distributed without any warranty.
You should have received a copy of the CC0 Public Domain Dedication along with You should have received a copy of the CC0 Public Domain Dedication along
this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>. with this software. If not, see
<http://creativecommons.org/publicdomain/zero/1.0/>.
*/ */
#include "blake256.h" #include "blake256.h"
#include <string.h> #include <string.h>
#define U8TO32_BIG(p) \ #define U8TO32_BIG(p) \
(((uint32_t)((p)[0]) << 24) | ((uint32_t)((p)[1]) << 16) | \ (((uint32_t)((p)[0]) << 24) | ((uint32_t)((p)[1]) << 16) | \
((uint32_t)((p)[2]) << 8) | ((uint32_t)((p)[3]) )) ((uint32_t)((p)[2]) << 8) | ((uint32_t)((p)[3])))
#define U32TO8_BIG(p, v) \ #define U32TO8_BIG(p, v) \
(p)[0] = (uint8_t)((v) >> 24); (p)[1] = (uint8_t)((v) >> 16); \ (p)[0] = (uint8_t)((v) >> 24); \
(p)[2] = (uint8_t)((v) >> 8); (p)[3] = (uint8_t)((v) ); (p)[1] = (uint8_t)((v) >> 16); \
(p)[2] = (uint8_t)((v) >> 8); \
(p)[3] = (uint8_t)((v));
static const uint8_t sigma[][16] = static const uint8_t sigma[][16] = {
{ {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15},
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 }, {14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3},
{14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }, {11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4},
{11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 }, {7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8},
{ 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 }, {9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13},
{ 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 }, {2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9},
{ 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 }, {12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11},
{12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 }, {13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10},
{13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 }, {6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5},
{ 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 }, {10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0},
{10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 }, {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15},
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 }, {14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3},
{14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }, {11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4},
{11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 }, {7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8},
{ 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 }, {9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13},
{ 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 }, {2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9}};
{ 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 }
};
static const uint32_t u256[16] = static const uint32_t u256[16] = {
{ 0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, 0xa4093822, 0x299f31d0,
0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, 0x082efa98, 0xec4e6c89, 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c,
0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89, 0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917};
0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c,
0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917
};
static const uint8_t padding[129] = static const uint8_t padding[129] = {
{ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
static void blake256_compress( BLAKE256_CTX *S, const uint8_t *block ) static void blake256_compress(BLAKE256_CTX *S, const uint8_t *block) {
{
uint32_t v[16] = {0}, m[16] = {0}, i = 0; uint32_t v[16] = {0}, m[16] = {0}, i = 0;
#define ROT(x,n) (((x)<<(32-n))|( (x)>>(n))) #define ROT(x, n) (((x) << (32 - n)) | ((x) >> (n)))
#define G(a,b,c,d,e) \ #define G(a, b, c, d, e) \
v[a] += (m[sigma[i][e]] ^ u256[sigma[i][e+1]]) + v[b]; \ v[a] += (m[sigma[i][e]] ^ u256[sigma[i][e + 1]]) + v[b]; \
v[d] = ROT( v[d] ^ v[a],16); \ v[d] = ROT(v[d] ^ v[a], 16); \
v[c] += v[d]; \ v[c] += v[d]; \
v[b] = ROT( v[b] ^ v[c],12); \ v[b] = ROT(v[b] ^ v[c], 12); \
v[a] += (m[sigma[i][e+1]] ^ u256[sigma[i][e]])+v[b]; \ v[a] += (m[sigma[i][e + 1]] ^ u256[sigma[i][e]]) + v[b]; \
v[d] = ROT( v[d] ^ v[a], 8); \ v[d] = ROT(v[d] ^ v[a], 8); \
v[c] += v[d]; \ v[c] += v[d]; \
v[b] = ROT( v[b] ^ v[c], 7); v[b] = ROT(v[b] ^ v[c], 7);
for( i = 0; i < 16; ++i ) m[i] = U8TO32_BIG( block + i * 4 ); for (i = 0; i < 16; ++i) m[i] = U8TO32_BIG(block + i * 4);
for( i = 0; i < 8; ++i ) v[i] = S->h[i]; for (i = 0; i < 8; ++i) v[i] = S->h[i];
v[ 8] = S->s[0] ^ u256[0]; v[8] = S->s[0] ^ u256[0];
v[ 9] = S->s[1] ^ u256[1]; v[9] = S->s[1] ^ u256[1];
v[10] = S->s[2] ^ u256[2]; v[10] = S->s[2] ^ u256[2];
v[11] = S->s[3] ^ u256[3]; v[11] = S->s[3] ^ u256[3];
v[12] = u256[4]; v[12] = u256[4];
@ -90,36 +83,32 @@ static void blake256_compress( BLAKE256_CTX *S, const uint8_t *block )
v[15] = u256[7]; v[15] = u256[7];
/* don't xor t when the block is only padding */ /* don't xor t when the block is only padding */
if ( !S->nullt ) if (!S->nullt) {
{
v[12] ^= S->t[0]; v[12] ^= S->t[0];
v[13] ^= S->t[0]; v[13] ^= S->t[0];
v[14] ^= S->t[1]; v[14] ^= S->t[1];
v[15] ^= S->t[1]; v[15] ^= S->t[1];
} }
for( i = 0; i < 14; ++i ) for (i = 0; i < 14; ++i) {
{
/* column step */ /* column step */
G( 0, 4, 8, 12, 0 ); G(0, 4, 8, 12, 0);
G( 1, 5, 9, 13, 2 ); G(1, 5, 9, 13, 2);
G( 2, 6, 10, 14, 4 ); G(2, 6, 10, 14, 4);
G( 3, 7, 11, 15, 6 ); G(3, 7, 11, 15, 6);
/* diagonal step */ /* diagonal step */
G( 0, 5, 10, 15, 8 ); G(0, 5, 10, 15, 8);
G( 1, 6, 11, 12, 10 ); G(1, 6, 11, 12, 10);
G( 2, 7, 8, 13, 12 ); G(2, 7, 8, 13, 12);
G( 3, 4, 9, 14, 14 ); G(3, 4, 9, 14, 14);
} }
for( i = 0; i < 16; ++i ) S->h[i % 8] ^= v[i]; for (i = 0; i < 16; ++i) S->h[i % 8] ^= v[i];
for( i = 0; i < 8 ; ++i ) S->h[i] ^= S->s[i % 4]; for (i = 0; i < 8; ++i) S->h[i] ^= S->s[i % 4];
} }
void blake256_Init(BLAKE256_CTX *S) {
void blake256_Init( BLAKE256_CTX *S )
{
S->h[0] = 0x6a09e667; S->h[0] = 0x6a09e667;
S->h[1] = 0xbb67ae85; S->h[1] = 0xbb67ae85;
S->h[2] = 0x3c6ef372; S->h[2] = 0x3c6ef372;
@ -132,103 +121,90 @@ void blake256_Init( BLAKE256_CTX *S )
S->s[0] = S->s[1] = S->s[2] = S->s[3] = 0; S->s[0] = S->s[1] = S->s[2] = S->s[3] = 0;
} }
void blake256_Update(BLAKE256_CTX *S, const uint8_t *in, size_t inlen) {
void blake256_Update( BLAKE256_CTX *S, const uint8_t *in, size_t inlen )
{
size_t left = S->buflen; size_t left = S->buflen;
size_t fill = 64 - left; size_t fill = 64 - left;
/* data left and data received fill a block */ /* data left and data received fill a block */
if( left && ( inlen >= fill ) ) if (left && (inlen >= fill)) {
{ memcpy((void *)(S->buf + left), (void *)in, fill);
memcpy( ( void * ) ( S->buf + left ), ( void * ) in, fill );
S->t[0] += 512; S->t[0] += 512;
if ( S->t[0] == 0 ) S->t[1]++; if (S->t[0] == 0) S->t[1]++;
blake256_compress( S, S->buf ); blake256_compress(S, S->buf);
in += fill; in += fill;
inlen -= fill; inlen -= fill;
left = 0; left = 0;
} }
/* compress blocks of data received */ /* compress blocks of data received */
while( inlen >= 64 ) while (inlen >= 64) {
{
S->t[0] += 512; S->t[0] += 512;
if ( S->t[0] == 0 ) S->t[1]++; if (S->t[0] == 0) S->t[1]++;
blake256_compress( S, in ); blake256_compress(S, in);
in += 64; in += 64;
inlen -= 64; inlen -= 64;
} }
/* store any data left */ /* store any data left */
if( inlen > 0 ) if (inlen > 0) {
{ memcpy((void *)(S->buf + left), (void *)in, (size_t)inlen);
memcpy( ( void * ) ( S->buf + left ), \
( void * ) in, ( size_t ) inlen );
} }
S->buflen = left + inlen; S->buflen = left + inlen;
} }
void blake256_Final(BLAKE256_CTX *S, uint8_t *out) {
void blake256_Final( BLAKE256_CTX *S, uint8_t *out )
{
uint8_t msglen[8] = {0}, zo = 0x01, oo = 0x81; uint8_t msglen[8] = {0}, zo = 0x01, oo = 0x81;
uint32_t lo = S->t[0] + ( S->buflen << 3 ), hi = S->t[1]; uint32_t lo = S->t[0] + (S->buflen << 3), hi = S->t[1];
/* support for hashing more than 2^32 bits */ /* support for hashing more than 2^32 bits */
if ( lo < ( S->buflen << 3 ) ) hi++; if (lo < (S->buflen << 3)) hi++;
U32TO8_BIG( msglen + 0, hi ); U32TO8_BIG(msglen + 0, hi);
U32TO8_BIG( msglen + 4, lo ); U32TO8_BIG(msglen + 4, lo);
if ( S->buflen == 55 ) /* one padding byte */ if (S->buflen == 55) /* one padding byte */
{ {
S->t[0] -= 8; S->t[0] -= 8;
blake256_Update( S, &oo, 1 ); blake256_Update(S, &oo, 1);
} } else {
else if (S->buflen < 55) /* enough space to fill the block */
{
if ( S->buflen < 55 ) /* enough space to fill the block */
{ {
if ( !S->buflen ) S->nullt = 1; if (!S->buflen) S->nullt = 1;
S->t[0] -= 440 - ( S->buflen << 3 ); S->t[0] -= 440 - (S->buflen << 3);
blake256_Update( S, padding, 55 - S->buflen ); blake256_Update(S, padding, 55 - S->buflen);
} } else /* need 2 compressions */
else /* need 2 compressions */
{ {
S->t[0] -= 512 - ( S->buflen << 3 ); S->t[0] -= 512 - (S->buflen << 3);
blake256_Update( S, padding, 64 - S->buflen ); blake256_Update(S, padding, 64 - S->buflen);
S->t[0] -= 440; S->t[0] -= 440;
blake256_Update( S, padding + 1, 55 ); blake256_Update(S, padding + 1, 55);
S->nullt = 1; S->nullt = 1;
} }
blake256_Update( S, &zo, 1 ); blake256_Update(S, &zo, 1);
S->t[0] -= 8; S->t[0] -= 8;
} }
S->t[0] -= 64; S->t[0] -= 64;
blake256_Update( S, msglen, 8 ); blake256_Update(S, msglen, 8);
U32TO8_BIG( out + 0, S->h[0] ); U32TO8_BIG(out + 0, S->h[0]);
U32TO8_BIG( out + 4, S->h[1] ); U32TO8_BIG(out + 4, S->h[1]);
U32TO8_BIG( out + 8, S->h[2] ); U32TO8_BIG(out + 8, S->h[2]);
U32TO8_BIG( out + 12, S->h[3] ); U32TO8_BIG(out + 12, S->h[3]);
U32TO8_BIG( out + 16, S->h[4] ); U32TO8_BIG(out + 16, S->h[4]);
U32TO8_BIG( out + 20, S->h[5] ); U32TO8_BIG(out + 20, S->h[5]);
U32TO8_BIG( out + 24, S->h[6] ); U32TO8_BIG(out + 24, S->h[6]);
U32TO8_BIG( out + 28, S->h[7] ); U32TO8_BIG(out + 28, S->h[7]);
} }
void blake256(const uint8_t *in, size_t inlen, uint8_t *out) {
void blake256( const uint8_t *in, size_t inlen, uint8_t *out )
{
BLAKE256_CTX S = {0}; BLAKE256_CTX S = {0};
blake256_Init( &S ); blake256_Init(&S);
blake256_Update( &S, in, inlen ); blake256_Update(&S, in, inlen);
blake256_Final( &S, out ); blake256_Final(&S, out);
} }

48
crypto/blake256.h
View File

@ -2,40 +2,46 @@
// //
// All rights reserved. // All rights reserved.
// //
// Redistribution and use in source and binary forms, with or without modification, are // Redistribution and use in source and binary forms, with or without
// permitted provided that the following conditions are met: // modification, are permitted provided that the following conditions are met:
// //
// 1. Redistributions of source code must retain the above copyright notice, this list of // 1. Redistributions of source code must retain the above copyright notice,
// this list of
// conditions and the following disclaimer. // conditions and the following disclaimer.
// //
// 2. Redistributions in binary form must reproduce the above copyright notice, this list // 2. Redistributions in binary form must reproduce the above copyright notice,
// of conditions and the following disclaimer in the documentation and/or other // this list
// materials provided with the distribution. // of conditions and the following disclaimer in the documentation and/or
// other materials provided with the distribution.
// //
// 3. Neither the name of the copyright holder nor the names of its contributors may be // 3. Neither the name of the copyright holder nor the names of its contributors
// used to endorse or promote products derived from this software without specific // may be
// prior written permission. // used to endorse or promote products derived from this software without
// specific prior written permission.
// //
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, // ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, // LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS // CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, // SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. // CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
// POSSIBILITY OF SUCH DAMAGE.
// //
// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers // Parts of this file are originally copyright (c) 2012-2013 The Cryptonote
// developers
#ifndef __BLAKE256_H__ #ifndef __BLAKE256_H__
#define __BLAKE256_H__ #define __BLAKE256_H__
#include <stdint.h>
#include <stddef.h> #include <stddef.h>
#include <stdint.h>
#define BLAKE256_DIGEST_LENGTH 32 #define BLAKE256_DIGEST_LENGTH 32
#define BLAKE256_BLOCK_LENGTH 64 #define BLAKE256_BLOCK_LENGTH 64
typedef struct { typedef struct {
uint32_t h[8], s[4], t[2]; uint32_t h[8], s[4], t[2];

355
crypto/blake2b.c
View File

@ -15,179 +15,159 @@
#include <string.h> #include <string.h>
#include "blake2b.h"
#include "blake2_common.h" #include "blake2_common.h"
#include "blake2b.h"
#include "memzero.h" #include "memzero.h"
#include "options.h" #include "options.h"
typedef struct blake2b_param__ typedef struct blake2b_param__ {
{ uint8_t digest_length; /* 1 */
uint8_t digest_length; /* 1 */ uint8_t key_length; /* 2 */
uint8_t key_length; /* 2 */ uint8_t fanout; /* 3 */
uint8_t fanout; /* 3 */ uint8_t depth; /* 4 */
uint8_t depth; /* 4 */ uint32_t leaf_length; /* 8 */
uint32_t leaf_length; /* 8 */ uint32_t node_offset; /* 12 */
uint32_t node_offset; /* 12 */ uint32_t xof_length; /* 16 */
uint32_t xof_length; /* 16 */ uint8_t node_depth; /* 17 */
uint8_t node_depth; /* 17 */ uint8_t inner_length; /* 18 */
uint8_t inner_length; /* 18 */ uint8_t reserved[14]; /* 32 */
uint8_t reserved[14]; /* 32 */ uint8_t salt[BLAKE2B_SALTBYTES]; /* 48 */
uint8_t salt[BLAKE2B_SALTBYTES]; /* 48 */ uint8_t personal[BLAKE2B_PERSONALBYTES]; /* 64 */
uint8_t personal[BLAKE2B_PERSONALBYTES]; /* 64 */
} __attribute__((packed)) blake2b_param; } __attribute__((packed)) blake2b_param;
static const uint64_t blake2b_IV[8] = static const uint64_t blake2b_IV[8] = {
{ 0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, 0x3c6ef372fe94f82bULL,
0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, 0xa54ff53a5f1d36f1ULL, 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL,
0x3c6ef372fe94f82bULL, 0xa54ff53a5f1d36f1ULL, 0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL};
0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL,
0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL
};
static const uint8_t blake2b_sigma[12][16] = static const uint8_t blake2b_sigma[12][16] = {
{ {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15},
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } , {14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3},
{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } , {11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4},
{ 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } , {7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8},
{ 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } , {9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13},
{ 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } , {2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9},
{ 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } , {12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11},
{ 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } , {13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10},
{ 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } , {6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5},
{ 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } , {10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0},
{ 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } , {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15},
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } , {14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3}};
{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }
};
static void blake2b_set_lastnode(blake2b_state *S) { S->f[1] = (uint64_t)-1; }
static void blake2b_set_lastnode( blake2b_state *S )
{
S->f[1] = (uint64_t)-1;
}
/* Some helper functions, not necessarily useful */ /* Some helper functions, not necessarily useful */
static int blake2b_is_lastblock( const blake2b_state *S ) static int blake2b_is_lastblock(const blake2b_state *S) { return S->f[0] != 0; }
{
return S->f[0] != 0;
}
static void blake2b_set_lastblock( blake2b_state *S ) static void blake2b_set_lastblock(blake2b_state *S) {
{ if (S->last_node) blake2b_set_lastnode(S);
if( S->last_node ) blake2b_set_lastnode( S );
S->f[0] = (uint64_t)-1; S->f[0] = (uint64_t)-1;
} }
static void blake2b_increment_counter( blake2b_state *S, const uint64_t inc ) static void blake2b_increment_counter(blake2b_state *S, const uint64_t inc) {
{
S->t[0] += inc; S->t[0] += inc;
S->t[1] += ( S->t[0] < inc ); S->t[1] += (S->t[0] < inc);
} }
static void blake2b_init0( blake2b_state *S ) static void blake2b_init0(blake2b_state *S) {
{
size_t i = 0; size_t i = 0;
memzero( S, sizeof( blake2b_state ) ); memzero(S, sizeof(blake2b_state));
for( i = 0; i < 8; ++i ) S->h[i] = blake2b_IV[i]; for (i = 0; i < 8; ++i) S->h[i] = blake2b_IV[i];
} }
/* init xors IV with input parameter block */ /* init xors IV with input parameter block */
int blake2b_init_param( blake2b_state *S, const blake2b_param *P ) int blake2b_init_param(blake2b_state *S, const blake2b_param *P) {
{ const uint8_t *p = (const uint8_t *)(P);
const uint8_t *p = ( const uint8_t * )( P );
size_t i = 0; size_t i = 0;
blake2b_init0( S ); blake2b_init0(S);
/* IV XOR ParamBlock */ /* IV XOR ParamBlock */
for( i = 0; i < 8; ++i ) for (i = 0; i < 8; ++i) S->h[i] ^= load64(p + sizeof(S->h[i]) * i);
S->h[i] ^= load64( p + sizeof( S->h[i] ) * i );
S->outlen = P->digest_length; S->outlen = P->digest_length;
return 0; return 0;
} }
/* Sequential blake2b initialization */ /* Sequential blake2b initialization */
int blake2b_Init( blake2b_state *S, size_t outlen ) int blake2b_Init(blake2b_state *S, size_t outlen) {
{
blake2b_param P[1] = {0}; blake2b_param P[1] = {0};
if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return -1; if ((!outlen) || (outlen > BLAKE2B_OUTBYTES)) return -1;
P->digest_length = (uint8_t)outlen; P->digest_length = (uint8_t)outlen;
P->key_length = 0; P->key_length = 0;
P->fanout = 1; P->fanout = 1;
P->depth = 1; P->depth = 1;
store32( &P->leaf_length, 0 ); store32(&P->leaf_length, 0);
store32( &P->node_offset, 0 ); store32(&P->node_offset, 0);
store32( &P->xof_length, 0 ); store32(&P->xof_length, 0);
P->node_depth = 0; P->node_depth = 0;
P->inner_length = 0; P->inner_length = 0;
memzero( P->reserved, sizeof( P->reserved ) ); memzero(P->reserved, sizeof(P->reserved));
memzero( P->salt, sizeof( P->salt ) ); memzero(P->salt, sizeof(P->salt));
memzero( P->personal, sizeof( P->personal ) ); memzero(P->personal, sizeof(P->personal));
return blake2b_init_param( S, P ); return blake2b_init_param(S, P);
} }
int blake2b_InitPersonal( blake2b_state *S, size_t outlen, const void *personal, size_t personal_len) int blake2b_InitPersonal(blake2b_state *S, size_t outlen, const void *personal,
{ size_t personal_len) {
blake2b_param P[1] = {0}; blake2b_param P[1] = {0};
if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return -1; if ((!outlen) || (outlen > BLAKE2B_OUTBYTES)) return -1;
if ( ( !personal ) || ( personal_len != BLAKE2B_PERSONALBYTES ) ) return -1; if ((!personal) || (personal_len != BLAKE2B_PERSONALBYTES)) return -1;
P->digest_length = (uint8_t)outlen; P->digest_length = (uint8_t)outlen;
P->key_length = 0; P->key_length = 0;
P->fanout = 1; P->fanout = 1;
P->depth = 1; P->depth = 1;
store32( &P->leaf_length, 0 ); store32(&P->leaf_length, 0);
store32( &P->node_offset, 0 ); store32(&P->node_offset, 0);
store32( &P->xof_length, 0 ); store32(&P->xof_length, 0);
P->node_depth = 0; P->node_depth = 0;
P->inner_length = 0; P->inner_length = 0;
memzero( P->reserved, sizeof( P->reserved ) ); memzero(P->reserved, sizeof(P->reserved));
memzero( P->salt, sizeof( P->salt ) ); memzero(P->salt, sizeof(P->salt));
memcpy( P->personal, personal, BLAKE2B_PERSONALBYTES ); memcpy(P->personal, personal, BLAKE2B_PERSONALBYTES);
return blake2b_init_param( S, P ); return blake2b_init_param(S, P);
} }
int blake2b_InitKey( blake2b_state *S, size_t outlen, const void *key, size_t keylen ) int blake2b_InitKey(blake2b_state *S, size_t outlen, const void *key,
{ size_t keylen) {
blake2b_param P[1] = {0}; blake2b_param P[1] = {0};
if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return -1; if ((!outlen) || (outlen > BLAKE2B_OUTBYTES)) return -1;
if ( !key || !keylen || keylen > BLAKE2B_KEYBYTES ) return -1; if (!key || !keylen || keylen > BLAKE2B_KEYBYTES) return -1;
P->digest_length = (uint8_t)outlen; P->digest_length = (uint8_t)outlen;
P->key_length = (uint8_t)keylen; P->key_length = (uint8_t)keylen;
P->fanout = 1; P->fanout = 1;
P->depth = 1; P->depth = 1;
store32( &P->leaf_length, 0 ); store32(&P->leaf_length, 0);
store32( &P->node_offset, 0 ); store32(&P->node_offset, 0);
store32( &P->xof_length, 0 ); store32(&P->xof_length, 0);
P->node_depth = 0; P->node_depth = 0;
P->inner_length = 0; P->inner_length = 0;
memzero( P->reserved, sizeof( P->reserved ) ); memzero(P->reserved, sizeof(P->reserved));
memzero( P->salt, sizeof( P->salt ) ); memzero(P->salt, sizeof(P->salt));
memzero( P->personal, sizeof( P->personal ) ); memzero(P->personal, sizeof(P->personal));
if( blake2b_init_param( S, P ) < 0 ) return -1; if (blake2b_init_param(S, P) < 0) return -1;
{ {
uint8_t block[BLAKE2B_BLOCKBYTES] = {0}; uint8_t block[BLAKE2B_BLOCKBYTES] = {0};
memzero( block, BLAKE2B_BLOCKBYTES ); memzero(block, BLAKE2B_BLOCKBYTES);
memcpy( block, key, keylen ); memcpy(block, key, keylen);
blake2b_Update( S, block, BLAKE2B_BLOCKBYTES ); blake2b_Update(S, block, BLAKE2B_BLOCKBYTES);
memzero( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from stack */ memzero(block, BLAKE2B_BLOCKBYTES); /* Burn the key from stack */
} }
return 0; return 0;
} }
#define G(m,r,i,a,b,c,d) \ #define G(m, r, i, a, b, c, d) \
do { \ do { \
*(a) = *(a) + *(b) + m[blake2b_sigma[r][2 * i + 0]]; \ *(a) = *(a) + *(b) + m[blake2b_sigma[r][2 * i + 0]]; \
*(d) = rotr64(*(d) ^ *(a), 32); \ *(d) = rotr64(*(d) ^ *(a), 32); \
@ -197,45 +177,45 @@ int blake2b_InitKey( blake2b_state *S, size_t outlen, const void *key, size_t ke
*(d) = rotr64(*(d) ^ *(a), 16); \ *(d) = rotr64(*(d) ^ *(a), 16); \
*(c) = *(c) + *(d); \ *(c) = *(c) + *(d); \
*(b) = rotr64(*(b) ^ *(c), 63); \ *(b) = rotr64(*(b) ^ *(c), 63); \
} while(0) } while (0)
#if OPTIMIZE_SIZE_BLAKE2B #if OPTIMIZE_SIZE_BLAKE2B
static void g(uint64_t *m, int r, int i, uint64_t *a, uint64_t *b, uint64_t *c, static void g(uint64_t *m, int r, int i, uint64_t *a, uint64_t *b, uint64_t *c,
uint64_t *d) { uint64_t *d) {
G(m,r,i,a,b,c,d); G(m, r, i, a, b, c, d);
} }
#else #else
#define g(m,r,i,a,b,c,d) G(m,r,i,a,b,c,d) #define g(m, r, i, a, b, c, d) G(m, r, i, a, b, c, d)
#endif #endif
#define ROUND(m,v,r) \ #define ROUND(m, v, r) \
do { \ do { \
g(m,r,0,v + 0,v + 4,v + 8,v + 12); \ g(m, r, 0, v + 0, v + 4, v + 8, v + 12); \
g(m,r,1,v + 1,v + 5,v + 9,v + 13); \ g(m, r, 1, v + 1, v + 5, v + 9, v + 13); \
g(m,r,2,v + 2,v + 6,v + 10,v + 14); \ g(m, r, 2, v + 2, v + 6, v + 10, v + 14); \
g(m,r,3,v + 3,v + 7,v + 11,v + 15); \ g(m, r, 3, v + 3, v + 7, v + 11, v + 15); \
g(m,r,4,v + 0,v + 5,v + 10,v + 15); \ g(m, r, 4, v + 0, v + 5, v + 10, v + 15); \
g(m,r,5,v + 1,v + 6,v + 11,v + 12); \ g(m, r, 5, v + 1, v + 6, v + 11, v + 12); \
g(m,r,6,v + 2,v + 7,v + 8,v + 13); \ g(m, r, 6, v + 2, v + 7, v + 8, v + 13); \
g(m,r,7,v + 3,v + 4,v + 9,v + 14); \ g(m, r, 7, v + 3, v + 4, v + 9, v + 14); \
} while(0) } while (0)
static void blake2b_compress( blake2b_state *S, const uint8_t block[BLAKE2B_BLOCKBYTES] ) static void blake2b_compress(blake2b_state *S,
{ const uint8_t block[BLAKE2B_BLOCKBYTES]) {
uint64_t m[16] = {0}; uint64_t m[16] = {0};
uint64_t v[16] = {0}; uint64_t v[16] = {0};
size_t i = 0; size_t i = 0;
for( i = 0; i < 16; ++i ) { for (i = 0; i < 16; ++i) {
m[i] = load64( block + i * sizeof( m[i] ) ); m[i] = load64(block + i * sizeof(m[i]));
} }
for( i = 0; i < 8; ++i ) { for (i = 0; i < 8; ++i) {
v[i] = S->h[i]; v[i] = S->h[i];
} }
v[ 8] = blake2b_IV[0]; v[8] = blake2b_IV[0];
v[ 9] = blake2b_IV[1]; v[9] = blake2b_IV[1];
v[10] = blake2b_IV[2]; v[10] = blake2b_IV[2];
v[11] = blake2b_IV[3]; v[11] = blake2b_IV[3];
v[12] = blake2b_IV[4] ^ S->t[0]; v[12] = blake2b_IV[4] ^ S->t[0];
@ -243,27 +223,26 @@ static void blake2b_compress( blake2b_state *S, const uint8_t block[BLAKE2B_BLOC
v[14] = blake2b_IV[6] ^ S->f[0]; v[14] = blake2b_IV[6] ^ S->f[0];
v[15] = blake2b_IV[7] ^ S->f[1]; v[15] = blake2b_IV[7] ^ S->f[1];
#if OPTIMIZE_SIZE_BLAKE2B #if OPTIMIZE_SIZE_BLAKE2B
for (int r = 0; r < 12; r++) { for (int r = 0; r < 12; r++) {
ROUND(m, v, r); ROUND(m, v, r);
} }
#else #else
ROUND( m, v, 0 ); ROUND(m, v, 0);
ROUND( m, v, 1 ); ROUND(m, v, 1);
ROUND( m, v, 2 ); ROUND(m, v, 2);
ROUND( m, v, 3 ); ROUND(m, v, 3);
ROUND( m, v, 4 ); ROUND(m, v, 4);
ROUND( m, v, 5 ); ROUND(m, v, 5);
ROUND( m, v, 6 ); ROUND(m, v, 6);
ROUND( m, v, 7 ); ROUND(m, v, 7);
ROUND( m, v, 8 ); ROUND(m, v, 8);
ROUND( m, v, 9 ); ROUND(m, v, 9);
ROUND( m, v, 10 ); ROUND(m, v, 10);
ROUND( m, v, 11 ); ROUND(m, v, 11);
#endif #endif
for( i = 0; i < 8; ++i ) { for (i = 0; i < 8; ++i) {
S->h[i] = S->h[i] ^ v[i] ^ v[i + 8]; S->h[i] = S->h[i] ^ v[i] ^ v[i + 8];
} }
} }
@ -271,71 +250,65 @@ static void blake2b_compress( blake2b_state *S, const uint8_t block[BLAKE2B_BLOC
#undef G #undef G
#undef ROUND #undef ROUND
int blake2b_Update( blake2b_state *S, const void *pin, size_t inlen ) int blake2b_Update(blake2b_state *S, const void *pin, size_t inlen) {
{ const unsigned char *in = (const unsigned char *)pin;
const unsigned char * in = (const unsigned char *)pin; if (inlen > 0) {
if( inlen > 0 )
{
size_t left = S->buflen; size_t left = S->buflen;
size_t fill = BLAKE2B_BLOCKBYTES - left; size_t fill = BLAKE2B_BLOCKBYTES - left;
if( inlen > fill ) if (inlen > fill) {
{
S->buflen = 0; S->buflen = 0;
memcpy( S->buf + left, in, fill ); /* Fill buffer */ memcpy(S->buf + left, in, fill); /* Fill buffer */
blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); blake2b_increment_counter(S, BLAKE2B_BLOCKBYTES);
blake2b_compress( S, S->buf ); /* Compress */ blake2b_compress(S, S->buf); /* Compress */
in += fill; inlen -= fill; in += fill;
while(inlen > BLAKE2B_BLOCKBYTES) { inlen -= fill;
while (inlen > BLAKE2B_BLOCKBYTES) {
blake2b_increment_counter(S, BLAKE2B_BLOCKBYTES); blake2b_increment_counter(S, BLAKE2B_BLOCKBYTES);
blake2b_compress( S, in ); blake2b_compress(S, in);
in += BLAKE2B_BLOCKBYTES; in += BLAKE2B_BLOCKBYTES;
inlen -= BLAKE2B_BLOCKBYTES; inlen -= BLAKE2B_BLOCKBYTES;
} }
} }
memcpy( S->buf + S->buflen, in, inlen ); memcpy(S->buf + S->buflen, in, inlen);
S->buflen += inlen; S->buflen += inlen;
} }
return 0; return 0;
} }
int blake2b_Final( blake2b_state *S, void *out, size_t outlen ) int blake2b_Final(blake2b_state *S, void *out, size_t outlen) {
{
uint8_t buffer[BLAKE2B_OUTBYTES] = {0}; uint8_t buffer[BLAKE2B_OUTBYTES] = {0};
size_t i = 0; size_t i = 0;
if( out == NULL || outlen < S->outlen ) if (out == NULL || outlen < S->outlen) return -1;
return -1;
if( blake2b_is_lastblock( S ) ) if (blake2b_is_lastblock(S)) return -1;
return -1;
blake2b_increment_counter( S, S->buflen ); blake2b_increment_counter(S, S->buflen);
blake2b_set_lastblock( S ); blake2b_set_lastblock(S);
memzero( S->buf + S->buflen, BLAKE2B_BLOCKBYTES - S->buflen ); /* Padding */ memzero(S->buf + S->buflen, BLAKE2B_BLOCKBYTES - S->buflen); /* Padding */
blake2b_compress( S, S->buf ); blake2b_compress(S, S->buf);
for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */ for (i = 0; i < 8; ++i) /* Output full hash to temp buffer */
store64( buffer + sizeof( S->h[i] ) * i, S->h[i] ); store64(buffer + sizeof(S->h[i]) * i, S->h[i]);
memcpy( out, buffer, S->outlen ); memcpy(out, buffer, S->outlen);
memzero(buffer, sizeof(buffer)); memzero(buffer, sizeof(buffer));
return 0; return 0;
} }
int blake2b(const uint8_t *msg, uint32_t msg_len, void *out, size_t outlen) int blake2b(const uint8_t *msg, uint32_t msg_len, void *out, size_t outlen) {
{ BLAKE2B_CTX ctx;
BLAKE2B_CTX ctx; if (0 != blake2b_Init(&ctx, outlen)) return -1;
if (0 != blake2b_Init(&ctx, outlen)) return -1; if (0 != blake2b_Update(&ctx, msg, msg_len)) return -1;
if (0 != blake2b_Update(&ctx, msg, msg_len)) return -1; if (0 != blake2b_Final(&ctx, out, outlen)) return -1;
if (0 != blake2b_Final(&ctx, out, outlen)) return -1; return 0;
return 0;
} }
int blake2b_Key(const uint8_t *msg, uint32_t msg_len, const void *key, size_t keylen, void *out, size_t outlen) int blake2b_Key(const uint8_t *msg, uint32_t msg_len, const void *key,
{ size_t keylen, void *out, size_t outlen) {
BLAKE2B_CTX ctx; BLAKE2B_CTX ctx;
if (0 != blake2b_InitKey(&ctx, outlen, key, keylen)) return -1; if (0 != blake2b_InitKey(&ctx, outlen, key, keylen)) return -1;
if (0 != blake2b_Update(&ctx, msg, msg_len)) return -1; if (0 != blake2b_Update(&ctx, msg, msg_len)) return -1;
if (0 != blake2b_Final(&ctx, out, outlen)) return -1; if (0 != blake2b_Final(&ctx, out, outlen)) return -1;
return 0; return 0;
} }

47
crypto/blake2b.h
View File

@ -1,41 +1,42 @@
#ifndef __BLAKE2B_H__ #ifndef __BLAKE2B_H__
#define __BLAKE2B_H__ #define __BLAKE2B_H__
#include <stdint.h>
#include <stddef.h> #include <stddef.h>
#include <stdint.h>
enum blake2b_constant enum blake2b_constant {
{ BLAKE2B_BLOCKBYTES = 128,
BLAKE2B_BLOCKBYTES = 128, BLAKE2B_OUTBYTES = 64,
BLAKE2B_OUTBYTES = 64, BLAKE2B_KEYBYTES = 64,
BLAKE2B_KEYBYTES = 64, BLAKE2B_SALTBYTES = 16,
BLAKE2B_SALTBYTES = 16, BLAKE2B_PERSONALBYTES = 16
BLAKE2B_PERSONALBYTES = 16
}; };
typedef struct __blake2b_state typedef struct __blake2b_state {
{ uint64_t h[8];
uint64_t h[8]; uint64_t t[2];
uint64_t t[2]; uint64_t f[2];
uint64_t f[2]; uint8_t buf[BLAKE2B_BLOCKBYTES];
uint8_t buf[BLAKE2B_BLOCKBYTES]; size_t buflen;
size_t buflen; size_t outlen;
size_t outlen; uint8_t last_node;
uint8_t last_node;
} blake2b_state; } blake2b_state;
#define BLAKE2B_CTX blake2b_state #define BLAKE2B_CTX blake2b_state
#define BLAKE2B_BLOCK_LENGTH BLAKE2B_BLOCKBYTES #define BLAKE2B_BLOCK_LENGTH BLAKE2B_BLOCKBYTES
#define BLAKE2B_DIGEST_LENGTH BLAKE2B_OUTBYTES #define BLAKE2B_DIGEST_LENGTH BLAKE2B_OUTBYTES
#define BLAKE2B_KEY_LENGTH BLAKE2B_KEYBYTES #define BLAKE2B_KEY_LENGTH BLAKE2B_KEYBYTES
int blake2b_Init(blake2b_state *S, size_t outlen); int blake2b_Init(blake2b_state *S, size_t outlen);
int blake2b_InitKey(blake2b_state *S, size_t outlen, const void *key, size_t keylen); int blake2b_InitKey(blake2b_state *S, size_t outlen, const void *key,
int blake2b_InitPersonal(blake2b_state *S, size_t outlen, const void *personal, size_t personal_len); size_t keylen);
int blake2b_InitPersonal(blake2b_state *S, size_t outlen, const void *personal,
size_t personal_len);
int blake2b_Update(blake2b_state *S, const void *pin, size_t inlen); int blake2b_Update(blake2b_state *S, const void *pin, size_t inlen);
int blake2b_Final(blake2b_state *S, void *out, size_t outlen); int blake2b_Final(blake2b_state *S, void *out, size_t outlen);
int blake2b(const uint8_t *msg, uint32_t msg_len, void *out, size_t outlen); int blake2b(const uint8_t *msg, uint32_t msg_len, void *out, size_t outlen);
int blake2b_Key(const uint8_t *msg, uint32_t msg_len, const void *key, size_t keylen, void *out, size_t outlen); int blake2b_Key(const uint8_t *msg, uint32_t msg_len, const void *key,
size_t keylen, void *out, size_t outlen);
#endif #endif

356
crypto/blake2s.c
View File

@ -15,223 +15,205 @@
#include <string.h> #include <string.h>
#include "blake2s.h"
#include "blake2_common.h" #include "blake2_common.h"
#include "blake2s.h"
#include "memzero.h" #include "memzero.h"
#include "options.h" #include "options.h"
typedef struct blake2s_param__ typedef struct blake2s_param__ {
{ uint8_t digest_length; /* 1 */
uint8_t digest_length; /* 1 */ uint8_t key_length; /* 2 */
uint8_t key_length; /* 2 */ uint8_t fanout; /* 3 */
uint8_t fanout; /* 3 */ uint8_t depth; /* 4 */
uint8_t depth; /* 4 */ uint32_t leaf_length; /* 8 */
uint32_t leaf_length; /* 8 */ uint32_t node_offset; /* 12 */
uint32_t node_offset; /* 12 */ uint16_t xof_length; /* 14 */
uint16_t xof_length; /* 14 */ uint8_t node_depth; /* 15 */
uint8_t node_depth; /* 15 */ uint8_t inner_length; /* 16 */
uint8_t inner_length; /* 16 */ /* uint8_t reserved[0]; */
/* uint8_t reserved[0]; */ uint8_t salt[BLAKE2S_SALTBYTES]; /* 24 */
uint8_t salt[BLAKE2S_SALTBYTES]; /* 24 */ uint8_t personal[BLAKE2S_PERSONALBYTES]; /* 32 */
uint8_t personal[BLAKE2S_PERSONALBYTES]; /* 32 */
} __attribute__((packed)) blake2s_param; } __attribute__((packed)) blake2s_param;
static const uint32_t blake2s_IV[8] = static const uint32_t blake2s_IV[8] = {0x6A09E667UL, 0xBB67AE85UL, 0x3C6EF372UL,
{ 0xA54FF53AUL, 0x510E527FUL, 0x9B05688CUL,
0x6A09E667UL, 0xBB67AE85UL, 0x3C6EF372UL, 0xA54FF53AUL, 0x1F83D9ABUL, 0x5BE0CD19UL};
0x510E527FUL, 0x9B05688CUL, 0x1F83D9ABUL, 0x5BE0CD19UL
static const uint8_t blake2s_sigma[10][16] = {
{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15},
{14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3},
{11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4},
{7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8},
{9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13},
{2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9},
{12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11},
{13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10},
{6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5},
{10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0},
}; };
static const uint8_t blake2s_sigma[10][16] = static void blake2s_set_lastnode(blake2s_state *S) { S->f[1] = (uint32_t)-1; }
{
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } ,
{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } ,
{ 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } ,
{ 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } ,
{ 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } ,
{ 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } ,
{ 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } ,
{ 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } ,
{ 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } ,
{ 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } ,
};
static void blake2s_set_lastnode( blake2s_state *S )
{
S->f[1] = (uint32_t)-1;
}
/* Some helper functions, not necessarily useful */ /* Some helper functions, not necessarily useful */
static int blake2s_is_lastblock( const blake2s_state *S ) static int blake2s_is_lastblock(const blake2s_state *S) { return S->f[0] != 0; }
{
return S->f[0] != 0;
}
static void blake2s_set_lastblock( blake2s_state *S ) static void blake2s_set_lastblock(blake2s_state *S) {
{ if (S->last_node) blake2s_set_lastnode(S);
if( S->last_node ) blake2s_set_lastnode( S );
S->f[0] = (uint32_t)-1; S->f[0] = (uint32_t)-1;
} }
static void blake2s_increment_counter( blake2s_state *S, const uint32_t inc ) static void blake2s_increment_counter(blake2s_state *S, const uint32_t inc) {
{
S->t[0] += inc; S->t[0] += inc;
S->t[1] += ( S->t[0] < inc ); S->t[1] += (S->t[0] < inc);
} }
static void blake2s_init0( blake2s_state *S ) static void blake2s_init0(blake2s_state *S) {
{
size_t i = 0; size_t i = 0;
memzero( S, sizeof( blake2s_state ) ); memzero(S, sizeof(blake2s_state));
for( i = 0; i < 8; ++i ) S->h[i] = blake2s_IV[i]; for (i = 0; i < 8; ++i) S->h[i] = blake2s_IV[i];
} }
/* init2 xors IV with input parameter block */ /* init2 xors IV with input parameter block */
int blake2s_init_param( blake2s_state *S, const blake2s_param *P ) int blake2s_init_param(blake2s_state *S, const blake2s_param *P) {
{ const unsigned char *p = (const unsigned char *)(P);
const unsigned char *p = ( const unsigned char * )( P );
size_t i = 0; size_t i = 0;
blake2s_init0( S ); blake2s_init0(S);
/* IV XOR ParamBlock */ /* IV XOR ParamBlock */
for( i = 0; i < 8; ++i ) for (i = 0; i < 8; ++i) S->h[i] ^= load32(&p[i * 4]);
S->h[i] ^= load32( &p[i * 4] );
S->outlen = P->digest_length; S->outlen = P->digest_length;
return 0; return 0;
} }
/* Sequential blake2s initialization */ /* Sequential blake2s initialization */
int blake2s_Init( blake2s_state *S, size_t outlen ) int blake2s_Init(blake2s_state *S, size_t outlen) {
{
blake2s_param P[1] = {0}; blake2s_param P[1] = {0};
if ( ( !outlen ) || ( outlen > BLAKE2S_OUTBYTES ) ) return -1; if ((!outlen) || (outlen > BLAKE2S_OUTBYTES)) return -1;
P->digest_length = (uint8_t)outlen; P->digest_length = (uint8_t)outlen;
P->key_length = 0; P->key_length = 0;
P->fanout = 1; P->fanout = 1;
P->depth = 1; P->depth = 1;
store32( &P->leaf_length, 0 ); store32(&P->leaf_length, 0);
store32( &P->node_offset, 0 ); store32(&P->node_offset, 0);
store16( &P->xof_length, 0 ); store16(&P->xof_length, 0);
P->node_depth = 0; P->node_depth = 0;
P->inner_length = 0; P->inner_length = 0;
/* memzero(P->reserved, sizeof(P->reserved) ); */ /* memzero(P->reserved, sizeof(P->reserved) ); */
memzero( P->salt, sizeof( P->salt ) ); memzero(P->salt, sizeof(P->salt));
memzero( P->personal, sizeof( P->personal ) ); memzero(P->personal, sizeof(P->personal));
return blake2s_init_param( S, P ); return blake2s_init_param(S, P);
} }
int blake2s_InitPersonal( blake2s_state *S, size_t outlen, const void *personal, size_t personal_len) int blake2s_InitPersonal(blake2s_state *S, size_t outlen, const void *personal,
{ size_t personal_len) {
blake2s_param P[1] = {0}; blake2s_param P[1] = {0};
if ( ( !outlen ) || ( outlen > BLAKE2S_OUTBYTES ) ) return -1; if ((!outlen) || (outlen > BLAKE2S_OUTBYTES)) return -1;
if ( ( !personal ) || ( personal_len != BLAKE2S_PERSONALBYTES ) ) return -1; if ((!personal) || (personal_len != BLAKE2S_PERSONALBYTES)) return -1;
P->digest_length = (uint8_t)outlen; P->digest_length = (uint8_t)outlen;
P->key_length = 0; P->key_length = 0;
P->fanout = 1; P->fanout = 1;
P->depth = 1; P->depth = 1;
store32( &P->leaf_length, 0 ); store32(&P->leaf_length, 0);
store32( &P->node_offset, 0 ); store32(&P->node_offset, 0);
store16( &P->xof_length, 0 ); store16(&P->xof_length, 0);
P->node_depth = 0; P->node_depth = 0;
P->inner_length = 0; P->inner_length = 0;
/* memzero(P->reserved, sizeof(P->reserved) ); */ /* memzero(P->reserved, sizeof(P->reserved) ); */
memzero( P->salt, sizeof( P->salt ) ); memzero(P->salt, sizeof(P->salt));
memcpy( P->personal, personal, BLAKE2S_PERSONALBYTES ); memcpy(P->personal, personal, BLAKE2S_PERSONALBYTES);
return blake2s_init_param( S, P ); return blake2s_init_param(S, P);
} }
int blake2s_InitKey(blake2s_state *S, size_t outlen, const void *key,
int blake2s_InitKey( blake2s_state *S, size_t outlen, const void *key, size_t keylen ) size_t keylen) {
{
blake2s_param P[1] = {0}; blake2s_param P[1] = {0};
if ( ( !outlen ) || ( outlen > BLAKE2S_OUTBYTES ) ) return -1; if ((!outlen) || (outlen > BLAKE2S_OUTBYTES)) return -1;
if ( !key || !keylen || keylen > BLAKE2S_KEYBYTES ) return -1; if (!key || !keylen || keylen > BLAKE2S_KEYBYTES) return -1;
P->digest_length = (uint8_t)outlen; P->digest_length = (uint8_t)outlen;
P->key_length = (uint8_t)keylen; P->key_length = (uint8_t)keylen;
P->fanout = 1; P->fanout = 1;
P->depth = 1; P->depth = 1;
store32( &P->leaf_length, 0 ); store32(&P->leaf_length, 0);
store32( &P->node_offset, 0 ); store32(&P->node_offset, 0);
store16( &P->xof_length, 0 ); store16(&P->xof_length, 0);
P->node_depth = 0; P->node_depth = 0;
P->inner_length = 0; P->inner_length = 0;
/* memzero(P->reserved, sizeof(P->reserved) ); */ /* memzero(P->reserved, sizeof(P->reserved) ); */
memzero( P->salt, sizeof( P->salt ) ); memzero(P->salt, sizeof(P->salt));
memzero( P->personal, sizeof( P->personal ) ); memzero(P->personal, sizeof(P->personal));
if( blake2s_init_param( S, P ) < 0 ) return -1; if (blake2s_init_param(S, P) < 0) return -1;
{ {
uint8_t block[BLAKE2S_BLOCKBYTES] = {0}; uint8_t block[BLAKE2S_BLOCKBYTES] = {0};
memzero( block, BLAKE2S_BLOCKBYTES ); memzero(block, BLAKE2S_BLOCKBYTES);
memcpy( block, key, keylen ); memcpy(block, key, keylen);
blake2s_Update( S, block, BLAKE2S_BLOCKBYTES ); blake2s_Update(S, block, BLAKE2S_BLOCKBYTES);
memzero( block, BLAKE2S_BLOCKBYTES ); /* Burn the key from stack */ memzero(block, BLAKE2S_BLOCKBYTES); /* Burn the key from stack */
} }
return 0; return 0;
} }
#define G(m,r,i,a,b,c,d) \ #define G(m, r, i, a, b, c, d) \
do { \ do { \
*(a) = *(a) + *(b) + m[blake2s_sigma[r][2*i+0]]; \ *(a) = *(a) + *(b) + m[blake2s_sigma[r][2 * i + 0]]; \
*(d) = rotr32(*(d) ^ *(a), 16); \ *(d) = rotr32(*(d) ^ *(a), 16); \
*(c) = *(c) + *(d); \ *(c) = *(c) + *(d); \
*(b) = rotr32(*(b) ^ *(c), 12); \ *(b) = rotr32(*(b) ^ *(c), 12); \
*(a) = *(a) + *(b) + m[blake2s_sigma[r][2*i+1]]; \ *(a) = *(a) + *(b) + m[blake2s_sigma[r][2 * i + 1]]; \
*(d) = rotr32(*(d) ^ *(a), 8); \ *(d) = rotr32(*(d) ^ *(a), 8); \
*(c) = *(c) + *(d); \ *(c) = *(c) + *(d); \
*(b) = rotr32(*(b) ^ *(c), 7); \ *(b) = rotr32(*(b) ^ *(c), 7); \
} while(0) } while (0)
#if OPTIMIZE_SIZE_BLAKE2S #if OPTIMIZE_SIZE_BLAKE2S
static void g(uint32_t *m, int r, int i, uint32_t *a, uint32_t *b, uint32_t *c, static void g(uint32_t *m, int r, int i, uint32_t *a, uint32_t *b, uint32_t *c,
uint32_t *d) { uint32_t *d) {
G(m,r,i,a,b,c,d); G(m, r, i, a, b, c, d);
} }
#else #else
#define g(m,r,i,a,b,c,d) G(m,r,i,a,b,c,d) #define g(m, r, i, a, b, c, d) G(m, r, i, a, b, c, d)
#endif #endif
#define ROUND(m,v,r) \ #define ROUND(m, v, r) \
do { \ do { \
g(m,r,0,v + 0,v + 4,v + 8,v + 12); \ g(m, r, 0, v + 0, v + 4, v + 8, v + 12); \
g(m,r,1,v + 1,v + 5,v + 9,v + 13); \ g(m, r, 1, v + 1, v + 5, v + 9, v + 13); \
g(m,r,2,v + 2,v + 6,v + 10,v + 14); \ g(m, r, 2, v + 2, v + 6, v + 10, v + 14); \
g(m,r,3,v + 3,v + 7,v + 11,v + 15); \ g(m, r, 3, v + 3, v + 7, v + 11, v + 15); \
g(m,r,4,v + 0,v + 5,v + 10,v + 15); \ g(m, r, 4, v + 0, v + 5, v + 10, v + 15); \
g(m,r,5,v + 1,v + 6,v + 11,v + 12); \ g(m, r, 5, v + 1, v + 6, v + 11, v + 12); \
g(m,r,6,v + 2,v + 7,v + 8,v + 13); \ g(m, r, 6, v + 2, v + 7, v + 8, v + 13); \
g(m,r,7,v + 3,v + 4,v + 9,v + 14); \ g(m, r, 7, v + 3, v + 4, v + 9, v + 14); \
} while(0) } while (0)
static void blake2s_compress( blake2s_state *S, const uint8_t in[BLAKE2S_BLOCKBYTES] ) static void blake2s_compress(blake2s_state *S,
{ const uint8_t in[BLAKE2S_BLOCKBYTES]) {
uint32_t m[16] = {0}; uint32_t m[16] = {0};
uint32_t v[16] = {0}; uint32_t v[16] = {0};
size_t i = 0; size_t i = 0;
for( i = 0; i < 16; ++i ) { for (i = 0; i < 16; ++i) {
m[i] = load32( in + i * sizeof( m[i] ) ); m[i] = load32(in + i * sizeof(m[i]));
} }
for( i = 0; i < 8; ++i ) { for (i = 0; i < 8; ++i) {
v[i] = S->h[i]; v[i] = S->h[i];
} }
v[ 8] = blake2s_IV[0]; v[8] = blake2s_IV[0];
v[ 9] = blake2s_IV[1]; v[9] = blake2s_IV[1];
v[10] = blake2s_IV[2]; v[10] = blake2s_IV[2];
v[11] = blake2s_IV[3]; v[11] = blake2s_IV[3];
v[12] = S->t[0] ^ blake2s_IV[4]; v[12] = S->t[0] ^ blake2s_IV[4];
@ -244,19 +226,19 @@ static void blake2s_compress( blake2s_state *S, const uint8_t in[BLAKE2S_BLOCKBY
ROUND(m, v, r); ROUND(m, v, r);
} }
#else #else
ROUND( m, v, 0 ); ROUND(m, v, 0);
ROUND( m, v, 1 ); ROUND(m, v, 1);
ROUND( m, v, 2 ); ROUND(m, v, 2);
ROUND( m, v, 3 ); ROUND(m, v, 3);
ROUND( m, v, 4 ); ROUND(m, v, 4);
ROUND( m, v, 5 ); ROUND(m, v, 5);
ROUND( m, v, 6 ); ROUND(m, v, 6);
ROUND( m, v, 7 ); ROUND(m, v, 7);
ROUND( m, v, 8 ); ROUND(m, v, 8);
ROUND( m, v, 9 ); ROUND(m, v, 9);
#endif #endif
for( i = 0; i < 8; ++i ) { for (i = 0; i < 8; ++i) {
S->h[i] = S->h[i] ^ v[i] ^ v[i + 8]; S->h[i] = S->h[i] ^ v[i] ^ v[i + 8];
} }
} }
@ -264,71 +246,65 @@ static void blake2s_compress( blake2s_state *S, const uint8_t in[BLAKE2S_BLOCKBY
#undef G #undef G
#undef ROUND #undef ROUND
int blake2s_Update( blake2s_state *S, const void *pin, size_t inlen ) int blake2s_Update(blake2s_state *S, const void *pin, size_t inlen) {
{ const unsigned char *in = (const unsigned char *)pin;
const unsigned char * in = (const unsigned char *)pin; if (inlen > 0) {
if( inlen > 0 )
{
size_t left = S->buflen; size_t left = S->buflen;
size_t fill = BLAKE2S_BLOCKBYTES - left; size_t fill = BLAKE2S_BLOCKBYTES - left;
if( inlen > fill ) if (inlen > fill) {
{
S->buflen = 0; S->buflen = 0;
memcpy( S->buf + left, in, fill ); /* Fill buffer */ memcpy(S->buf + left, in, fill); /* Fill buffer */
blake2s_increment_counter( S, BLAKE2S_BLOCKBYTES ); blake2s_increment_counter(S, BLAKE2S_BLOCKBYTES);
blake2s_compress( S, S->buf ); /* Compress */ blake2s_compress(S, S->buf); /* Compress */
in += fill; inlen -= fill; in += fill;
while(inlen > BLAKE2S_BLOCKBYTES) { inlen -= fill;
while (inlen > BLAKE2S_BLOCKBYTES) {
blake2s_increment_counter(S, BLAKE2S_BLOCKBYTES); blake2s_increment_counter(S, BLAKE2S_BLOCKBYTES);
blake2s_compress( S, in ); blake2s_compress(S, in);
in += BLAKE2S_BLOCKBYTES; in += BLAKE2S_BLOCKBYTES;
inlen -= BLAKE2S_BLOCKBYTES; inlen -= BLAKE2S_BLOCKBYTES;
} }
} }
memcpy( S->buf + S->buflen, in, inlen ); memcpy(S->buf + S->buflen, in, inlen);
S->buflen += inlen; S->buflen += inlen;
} }
return 0; return 0;
} }
int blake2s_Final( blake2s_state *S, void *out, size_t outlen ) int blake2s_Final(blake2s_state *S, void *out, size_t outlen) {
{
uint8_t buffer[BLAKE2S_OUTBYTES] = {0}; uint8_t buffer[BLAKE2S_OUTBYTES] = {0};
size_t i = 0; size_t i = 0;
if( out == NULL || outlen < S->outlen ) if (out == NULL || outlen < S->outlen) return -1;
return -1;
if( blake2s_is_lastblock( S ) ) if (blake2s_is_lastblock(S)) return -1;
return -1;
blake2s_increment_counter( S, ( uint32_t )S->buflen ); blake2s_increment_counter(S, (uint32_t)S->buflen);
blake2s_set_lastblock( S ); blake2s_set_lastblock(S);
memzero( S->buf + S->buflen, BLAKE2S_BLOCKBYTES - S->buflen ); /* Padding */ memzero(S->buf + S->buflen, BLAKE2S_BLOCKBYTES - S->buflen); /* Padding */
blake2s_compress( S, S->buf ); blake2s_compress(S, S->buf);
for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */ for (i = 0; i < 8; ++i) /* Output full hash to temp buffer */
store32( buffer + sizeof( S->h[i] ) * i, S->h[i] ); store32(buffer + sizeof(S->h[i]) * i, S->h[i]);
memcpy( out, buffer, outlen ); memcpy(out, buffer, outlen);
memzero(buffer, sizeof(buffer)); memzero(buffer, sizeof(buffer));
return 0; return 0;
} }
int blake2s(const uint8_t *msg, uint32_t msg_len, void *out, size_t outlen) int blake2s(const uint8_t *msg, uint32_t msg_len, void *out, size_t outlen) {
{ BLAKE2S_CTX ctx;
BLAKE2S_CTX ctx; if (0 != blake2s_Init(&ctx, outlen)) return -1;
if (0 != blake2s_Init(&ctx, outlen)) return -1; if (0 != blake2s_Update(&ctx, msg, msg_len)) return -1;
if (0 != blake2s_Update(&ctx, msg, msg_len)) return -1; if (0 != blake2s_Final(&ctx, out, outlen)) return -1;
if (0 != blake2s_Final(&ctx, out, outlen)) return -1; return 0;
return 0;
} }
int blake2s_Key(const uint8_t *msg, uint32_t msg_len, const void *key, size_t keylen, void *out, size_t outlen) int blake2s_Key(const uint8_t *msg, uint32_t msg_len, const void *key,
{ size_t keylen, void *out, size_t outlen) {
BLAKE2S_CTX ctx; BLAKE2S_CTX ctx;
if (0 != blake2s_InitKey(&ctx, outlen, key, keylen)) return -1; if (0 != blake2s_InitKey(&ctx, outlen, key, keylen)) return -1;
if (0 != blake2s_Update(&ctx, msg, msg_len)) return -1; if (0 != blake2s_Update(&ctx, msg, msg_len)) return -1;
if (0 != blake2s_Final(&ctx, out, outlen)) return -1; if (0 != blake2s_Final(&ctx, out, outlen)) return -1;
return 0; return 0;
} }

47
crypto/blake2s.h
View File

@ -1,41 +1,42 @@
#ifndef __BLAKE2S_H__ #ifndef __BLAKE2S_H__
#define __BLAKE2S_H__ #define __BLAKE2S_H__
#include <stdint.h>
#include <stddef.h> #include <stddef.h>
#include <stdint.h>
enum blake2s_constant enum blake2s_constant {
{ BLAKE2S_BLOCKBYTES = 64,
BLAKE2S_BLOCKBYTES = 64, BLAKE2S_OUTBYTES = 32,
BLAKE2S_OUTBYTES = 32, BLAKE2S_KEYBYTES = 32,
BLAKE2S_KEYBYTES = 32, BLAKE2S_SALTBYTES = 8,
BLAKE2S_SALTBYTES = 8, BLAKE2S_PERSONALBYTES = 8
BLAKE2S_PERSONALBYTES = 8
}; };
typedef struct __blake2s_state typedef struct __blake2s_state {
{ uint32_t h[8];
uint32_t h[8]; uint32_t t[2];
uint32_t t[2]; uint32_t f[2];
uint32_t f[2]; uint8_t buf[BLAKE2S_BLOCKBYTES];
uint8_t buf[BLAKE2S_BLOCKBYTES]; uint32_t buflen;
uint32_t buflen; uint8_t outlen;
uint8_t outlen; uint8_t last_node;
uint8_t last_node;
} blake2s_state; } blake2s_state;
#define BLAKE2S_CTX blake2s_state #define BLAKE2S_CTX blake2s_state
#define BLAKE2S_BLOCK_LENGTH BLAKE2S_BLOCKBYTES #define BLAKE2S_BLOCK_LENGTH BLAKE2S_BLOCKBYTES
#define BLAKE2S_DIGEST_LENGTH BLAKE2S_OUTBYTES #define BLAKE2S_DIGEST_LENGTH BLAKE2S_OUTBYTES
#define BLAKE2S_KEY_LENGTH BLAKE2S_KEYBYTES #define BLAKE2S_KEY_LENGTH BLAKE2S_KEYBYTES
int blake2s_Init(blake2s_state *S, size_t outlen); int blake2s_Init(blake2s_state *S, size_t outlen);
int blake2s_InitKey(blake2s_state *S, size_t outlen, const void *key, size_t keylen); int blake2s_InitKey(blake2s_state *S, size_t outlen, const void *key,
int blake2s_InitPersonal(blake2s_state *S, size_t outlen, const void *personal, size_t personal_len); size_t keylen);
int blake2s_InitPersonal(blake2s_state *S, size_t outlen, const void *personal,
size_t personal_len);
int blake2s_Update(blake2s_state *S, const void *pin, size_t inlen); int blake2s_Update(blake2s_state *S, const void *pin, size_t inlen);
int blake2s_Final(blake2s_state *S, void *out, size_t outlen); int blake2s_Final(blake2s_state *S, void *out, size_t outlen);
int blake2s(const uint8_t *msg, uint32_t msg_len, void *out, size_t outlen); int blake2s(const uint8_t *msg, uint32_t msg_len, void *out, size_t outlen);
int blake2s_Key(const uint8_t *msg, uint32_t msg_len, const void *key, size_t keylen, void *out, size_t outlen); int blake2s_Key(const uint8_t *msg, uint32_t msg_len, const void *key,
size_t keylen, void *out, size_t outlen);
#endif #endif

798
crypto/groestl.c
View File

@ -34,311 +34,304 @@
#include <stddef.h> #include <stddef.h>
#include <string.h> #include <string.h>
#include "groestl_internal.h"
#include "groestl.h" #include "groestl.h"
#include "groestl_internal.h"
#include "memzero.h" #include "memzero.h"
#define C32e(x) \
((SPH_C32(x) >> 24) | ((SPH_C32(x) >> 8) & SPH_C32(0x0000FF00)) | \
((SPH_C32(x) << 8) & SPH_C32(0x00FF0000)) | \
((SPH_C32(x) << 24) & SPH_C32(0xFF000000)))
#define dec32e_aligned sph_dec32le_aligned
#define enc32e sph_enc32le
#define B32_0(x) ((x) & 0xFF)
#define B32_1(x) (((x) >> 8) & 0xFF)
#define B32_2(x) (((x) >> 16) & 0xFF)
#define B32_3(x) ((x) >> 24)
#define C32e(x) ((SPH_C32(x) >> 24) \ #define R32u(u, d) SPH_T32(((u) << 16) | ((d) >> 16))
| ((SPH_C32(x) >> 8) & SPH_C32(0x0000FF00)) \ #define R32d(u, d) SPH_T32(((u) >> 16) | ((d) << 16))
| ((SPH_C32(x) << 8) & SPH_C32(0x00FF0000)) \
| ((SPH_C32(x) << 24) & SPH_C32(0xFF000000)))
#define dec32e_aligned sph_dec32le_aligned
#define enc32e sph_enc32le
#define B32_0(x) ((x) & 0xFF)
#define B32_1(x) (((x) >> 8) & 0xFF)
#define B32_2(x) (((x) >> 16) & 0xFF)
#define B32_3(x) ((x) >> 24)
#define R32u(u, d) SPH_T32(((u) << 16) | ((d) >> 16))
#define R32d(u, d) SPH_T32(((u) >> 16) | ((d) << 16))
#define PC32up(j, r) ((sph_u32)((j) + (r)))
#define PC32dn(j, r) 0
#define QC32up(j, r) SPH_C32(0xFFFFFFFF)
#define QC32dn(j, r) (((sph_u32)(r) << 24) ^ SPH_T32(~((sph_u32)(j) << 24)))
#define PC32up(j, r) ((sph_u32)((j) + (r)))
#define PC32dn(j, r) 0
#define QC32up(j, r) SPH_C32(0xFFFFFFFF)
#define QC32dn(j, r) (((sph_u32)(r) << 24) ^ SPH_T32(~((sph_u32)(j) << 24)))
static const sph_u32 T0up[] = { static const sph_u32 T0up[] = {
C32e(0xc632f4a5), C32e(0xf86f9784), C32e(0xee5eb099), C32e(0xf67a8c8d), C32e(0xc632f4a5), C32e(0xf86f9784), C32e(0xee5eb099), C32e(0xf67a8c8d),
C32e(0xffe8170d), C32e(0xd60adcbd), C32e(0xde16c8b1), C32e(0x916dfc54), C32e(0xffe8170d), C32e(0xd60adcbd), C32e(0xde16c8b1), C32e(0x916dfc54),
C32e(0x6090f050), C32e(0x02070503), C32e(0xce2ee0a9), C32e(0x56d1877d), C32e(0x6090f050), C32e(0x02070503), C32e(0xce2ee0a9), C32e(0x56d1877d),
C32e(0xe7cc2b19), C32e(0xb513a662), C32e(0x4d7c31e6), C32e(0xec59b59a), C32e(0xe7cc2b19), C32e(0xb513a662), C32e(0x4d7c31e6), C32e(0xec59b59a),
C32e(0x8f40cf45), C32e(0x1fa3bc9d), C32e(0x8949c040), C32e(0xfa689287), C32e(0x8f40cf45), C32e(0x1fa3bc9d), C32e(0x8949c040), C32e(0xfa689287),
C32e(0xefd03f15), C32e(0xb29426eb), C32e(0x8ece40c9), C32e(0xfbe61d0b), C32e(0xefd03f15), C32e(0xb29426eb), C32e(0x8ece40c9), C32e(0xfbe61d0b),
C32e(0x416e2fec), C32e(0xb31aa967), C32e(0x5f431cfd), C32e(0x456025ea), C32e(0x416e2fec), C32e(0xb31aa967), C32e(0x5f431cfd), C32e(0x456025ea),
C32e(0x23f9dabf), C32e(0x535102f7), C32e(0xe445a196), C32e(0x9b76ed5b), C32e(0x23f9dabf), C32e(0x535102f7), C32e(0xe445a196), C32e(0x9b76ed5b),
C32e(0x75285dc2), C32e(0xe1c5241c), C32e(0x3dd4e9ae), C32e(0x4cf2be6a), C32e(0x75285dc2), C32e(0xe1c5241c), C32e(0x3dd4e9ae), C32e(0x4cf2be6a),
C32e(0x6c82ee5a), C32e(0x7ebdc341), C32e(0xf5f30602), C32e(0x8352d14f), C32e(0x6c82ee5a), C32e(0x7ebdc341), C32e(0xf5f30602), C32e(0x8352d14f),
C32e(0x688ce45c), C32e(0x515607f4), C32e(0xd18d5c34), C32e(0xf9e11808), C32e(0x688ce45c), C32e(0x515607f4), C32e(0xd18d5c34), C32e(0xf9e11808),
C32e(0xe24cae93), C32e(0xab3e9573), C32e(0x6297f553), C32e(0x2a6b413f), C32e(0xe24cae93), C32e(0xab3e9573), C32e(0x6297f553), C32e(0x2a6b413f),
C32e(0x081c140c), C32e(0x9563f652), C32e(0x46e9af65), C32e(0x9d7fe25e), C32e(0x081c140c), C32e(0x9563f652), C32e(0x46e9af65), C32e(0x9d7fe25e),
C32e(0x30487828), C32e(0x37cff8a1), C32e(0x0a1b110f), C32e(0x2febc4b5), C32e(0x30487828), C32e(0x37cff8a1), C32e(0x0a1b110f), C32e(0x2febc4b5),
C32e(0x0e151b09), C32e(0x247e5a36), C32e(0x1badb69b), C32e(0xdf98473d), C32e(0x0e151b09), C32e(0x247e5a36), C32e(0x1badb69b), C32e(0xdf98473d),
C32e(0xcda76a26), C32e(0x4ef5bb69), C32e(0x7f334ccd), C32e(0xea50ba9f), C32e(0xcda76a26), C32e(0x4ef5bb69), C32e(0x7f334ccd), C32e(0xea50ba9f),
C32e(0x123f2d1b), C32e(0x1da4b99e), C32e(0x58c49c74), C32e(0x3446722e), C32e(0x123f2d1b), C32e(0x1da4b99e), C32e(0x58c49c74), C32e(0x3446722e),
C32e(0x3641772d), C32e(0xdc11cdb2), C32e(0xb49d29ee), C32e(0x5b4d16fb), C32e(0x3641772d), C32e(0xdc11cdb2), C32e(0xb49d29ee), C32e(0x5b4d16fb),
C32e(0xa4a501f6), C32e(0x76a1d74d), C32e(0xb714a361), C32e(0x7d3449ce), C32e(0xa4a501f6), C32e(0x76a1d74d), C32e(0xb714a361), C32e(0x7d3449ce),
C32e(0x52df8d7b), C32e(0xdd9f423e), C32e(0x5ecd9371), C32e(0x13b1a297), C32e(0x52df8d7b), C32e(0xdd9f423e), C32e(0x5ecd9371), C32e(0x13b1a297),
C32e(0xa6a204f5), C32e(0xb901b868), C32e(0x00000000), C32e(0xc1b5742c), C32e(0xa6a204f5), C32e(0xb901b868), C32e(0x00000000), C32e(0xc1b5742c),
C32e(0x40e0a060), C32e(0xe3c2211f), C32e(0x793a43c8), C32e(0xb69a2ced), C32e(0x40e0a060), C32e(0xe3c2211f), C32e(0x793a43c8), C32e(0xb69a2ced),
C32e(0xd40dd9be), C32e(0x8d47ca46), C32e(0x671770d9), C32e(0x72afdd4b), C32e(0xd40dd9be), C32e(0x8d47ca46), C32e(0x671770d9), C32e(0x72afdd4b),
C32e(0x94ed79de), C32e(0x98ff67d4), C32e(0xb09323e8), C32e(0x855bde4a), C32e(0x94ed79de), C32e(0x98ff67d4), C32e(0xb09323e8), C32e(0x855bde4a),
C32e(0xbb06bd6b), C32e(0xc5bb7e2a), C32e(0x4f7b34e5), C32e(0xedd73a16), C32e(0xbb06bd6b), C32e(0xc5bb7e2a), C32e(0x4f7b34e5), C32e(0xedd73a16),
C32e(0x86d254c5), C32e(0x9af862d7), C32e(0x6699ff55), C32e(0x11b6a794), C32e(0x86d254c5), C32e(0x9af862d7), C32e(0x6699ff55), C32e(0x11b6a794),
C32e(0x8ac04acf), C32e(0xe9d93010), C32e(0x040e0a06), C32e(0xfe669881), C32e(0x8ac04acf), C32e(0xe9d93010), C32e(0x040e0a06), C32e(0xfe669881),
C32e(0xa0ab0bf0), C32e(0x78b4cc44), C32e(0x25f0d5ba), C32e(0x4b753ee3), C32e(0xa0ab0bf0), C32e(0x78b4cc44), C32e(0x25f0d5ba), C32e(0x4b753ee3),
C32e(0xa2ac0ef3), C32e(0x5d4419fe), C32e(0x80db5bc0), C32e(0x0580858a), C32e(0xa2ac0ef3), C32e(0x5d4419fe), C32e(0x80db5bc0), C32e(0x0580858a),
C32e(0x3fd3ecad), C32e(0x21fedfbc), C32e(0x70a8d848), C32e(0xf1fd0c04), C32e(0x3fd3ecad), C32e(0x21fedfbc), C32e(0x70a8d848), C32e(0xf1fd0c04),
C32e(0x63197adf), C32e(0x772f58c1), C32e(0xaf309f75), C32e(0x42e7a563), C32e(0x63197adf), C32e(0x772f58c1), C32e(0xaf309f75), C32e(0x42e7a563),
C32e(0x20705030), C32e(0xe5cb2e1a), C32e(0xfdef120e), C32e(0xbf08b76d), C32e(0x20705030), C32e(0xe5cb2e1a), C32e(0xfdef120e), C32e(0xbf08b76d),
C32e(0x8155d44c), C32e(0x18243c14), C32e(0x26795f35), C32e(0xc3b2712f), C32e(0x8155d44c), C32e(0x18243c14), C32e(0x26795f35), C32e(0xc3b2712f),
C32e(0xbe8638e1), C32e(0x35c8fda2), C32e(0x88c74fcc), C32e(0x2e654b39), C32e(0xbe8638e1), C32e(0x35c8fda2), C32e(0x88c74fcc), C32e(0x2e654b39),
C32e(0x936af957), C32e(0x55580df2), C32e(0xfc619d82), C32e(0x7ab3c947), C32e(0x936af957), C32e(0x55580df2), C32e(0xfc619d82), C32e(0x7ab3c947),
C32e(0xc827efac), C32e(0xba8832e7), C32e(0x324f7d2b), C32e(0xe642a495), C32e(0xc827efac), C32e(0xba8832e7), C32e(0x324f7d2b), C32e(0xe642a495),
C32e(0xc03bfba0), C32e(0x19aab398), C32e(0x9ef668d1), C32e(0xa322817f), C32e(0xc03bfba0), C32e(0x19aab398), C32e(0x9ef668d1), C32e(0xa322817f),
C32e(0x44eeaa66), C32e(0x54d6827e), C32e(0x3bdde6ab), C32e(0x0b959e83), C32e(0x44eeaa66), C32e(0x54d6827e), C32e(0x3bdde6ab), C32e(0x0b959e83),
C32e(0x8cc945ca), C32e(0xc7bc7b29), C32e(0x6b056ed3), C32e(0x286c443c), C32e(0x8cc945ca), C32e(0xc7bc7b29), C32e(0x6b056ed3), C32e(0x286c443c),
C32e(0xa72c8b79), C32e(0xbc813de2), C32e(0x1631271d), C32e(0xad379a76), C32e(0xa72c8b79), C32e(0xbc813de2), C32e(0x1631271d), C32e(0xad379a76),
C32e(0xdb964d3b), C32e(0x649efa56), C32e(0x74a6d24e), C32e(0x1436221e), C32e(0xdb964d3b), C32e(0x649efa56), C32e(0x74a6d24e), C32e(0x1436221e),
C32e(0x92e476db), C32e(0x0c121e0a), C32e(0x48fcb46c), C32e(0xb88f37e4), C32e(0x92e476db), C32e(0x0c121e0a), C32e(0x48fcb46c), C32e(0xb88f37e4),
C32e(0x9f78e75d), C32e(0xbd0fb26e), C32e(0x43692aef), C32e(0xc435f1a6), C32e(0x9f78e75d), C32e(0xbd0fb26e), C32e(0x43692aef), C32e(0xc435f1a6),
C32e(0x39dae3a8), C32e(0x31c6f7a4), C32e(0xd38a5937), C32e(0xf274868b), C32e(0x39dae3a8), C32e(0x31c6f7a4), C32e(0xd38a5937), C32e(0xf274868b),
C32e(0xd5835632), C32e(0x8b4ec543), C32e(0x6e85eb59), C32e(0xda18c2b7), C32e(0xd5835632), C32e(0x8b4ec543), C32e(0x6e85eb59), C32e(0xda18c2b7),
C32e(0x018e8f8c), C32e(0xb11dac64), C32e(0x9cf16dd2), C32e(0x49723be0), C32e(0x018e8f8c), C32e(0xb11dac64), C32e(0x9cf16dd2), C32e(0x49723be0),
C32e(0xd81fc7b4), C32e(0xacb915fa), C32e(0xf3fa0907), C32e(0xcfa06f25), C32e(0xd81fc7b4), C32e(0xacb915fa), C32e(0xf3fa0907), C32e(0xcfa06f25),
C32e(0xca20eaaf), C32e(0xf47d898e), C32e(0x476720e9), C32e(0x10382818), C32e(0xca20eaaf), C32e(0xf47d898e), C32e(0x476720e9), C32e(0x10382818),
C32e(0x6f0b64d5), C32e(0xf0738388), C32e(0x4afbb16f), C32e(0x5cca9672), C32e(0x6f0b64d5), C32e(0xf0738388), C32e(0x4afbb16f), C32e(0x5cca9672),
C32e(0x38546c24), C32e(0x575f08f1), C32e(0x732152c7), C32e(0x9764f351), C32e(0x38546c24), C32e(0x575f08f1), C32e(0x732152c7), C32e(0x9764f351),
C32e(0xcbae6523), C32e(0xa125847c), C32e(0xe857bf9c), C32e(0x3e5d6321), C32e(0xcbae6523), C32e(0xa125847c), C32e(0xe857bf9c), C32e(0x3e5d6321),
C32e(0x96ea7cdd), C32e(0x611e7fdc), C32e(0x0d9c9186), C32e(0x0f9b9485), C32e(0x96ea7cdd), C32e(0x611e7fdc), C32e(0x0d9c9186), C32e(0x0f9b9485),
C32e(0xe04bab90), C32e(0x7cbac642), C32e(0x712657c4), C32e(0xcc29e5aa), C32e(0xe04bab90), C32e(0x7cbac642), C32e(0x712657c4), C32e(0xcc29e5aa),
C32e(0x90e373d8), C32e(0x06090f05), C32e(0xf7f40301), C32e(0x1c2a3612), C32e(0x90e373d8), C32e(0x06090f05), C32e(0xf7f40301), C32e(0x1c2a3612),
C32e(0xc23cfea3), C32e(0x6a8be15f), C32e(0xaebe10f9), C32e(0x69026bd0), C32e(0xc23cfea3), C32e(0x6a8be15f), C32e(0xaebe10f9), C32e(0x69026bd0),
C32e(0x17bfa891), C32e(0x9971e858), C32e(0x3a536927), C32e(0x27f7d0b9), C32e(0x17bfa891), C32e(0x9971e858), C32e(0x3a536927), C32e(0x27f7d0b9),
C32e(0xd9914838), C32e(0xebde3513), C32e(0x2be5ceb3), C32e(0x22775533), C32e(0xd9914838), C32e(0xebde3513), C32e(0x2be5ceb3), C32e(0x22775533),
C32e(0xd204d6bb), C32e(0xa9399070), C32e(0x07878089), C32e(0x33c1f2a7), C32e(0xd204d6bb), C32e(0xa9399070), C32e(0x07878089), C32e(0x33c1f2a7),
C32e(0x2decc1b6), C32e(0x3c5a6622), C32e(0x15b8ad92), C32e(0xc9a96020), C32e(0x2decc1b6), C32e(0x3c5a6622), C32e(0x15b8ad92), C32e(0xc9a96020),
C32e(0x875cdb49), C32e(0xaab01aff), C32e(0x50d88878), C32e(0xa52b8e7a), C32e(0x875cdb49), C32e(0xaab01aff), C32e(0x50d88878), C32e(0xa52b8e7a),
C32e(0x03898a8f), C32e(0x594a13f8), C32e(0x09929b80), C32e(0x1a233917), C32e(0x03898a8f), C32e(0x594a13f8), C32e(0x09929b80), C32e(0x1a233917),
C32e(0x651075da), C32e(0xd7845331), C32e(0x84d551c6), C32e(0xd003d3b8), C32e(0x651075da), C32e(0xd7845331), C32e(0x84d551c6), C32e(0xd003d3b8),
C32e(0x82dc5ec3), C32e(0x29e2cbb0), C32e(0x5ac39977), C32e(0x1e2d3311), C32e(0x82dc5ec3), C32e(0x29e2cbb0), C32e(0x5ac39977), C32e(0x1e2d3311),
C32e(0x7b3d46cb), C32e(0xa8b71ffc), C32e(0x6d0c61d6), C32e(0x2c624e3a) C32e(0x7b3d46cb), C32e(0xa8b71ffc), C32e(0x6d0c61d6), C32e(0x2c624e3a)};
};
static const sph_u32 T0dn[] = { static const sph_u32 T0dn[] = {
C32e(0xf497a5c6), C32e(0x97eb84f8), C32e(0xb0c799ee), C32e(0x8cf78df6), C32e(0xf497a5c6), C32e(0x97eb84f8), C32e(0xb0c799ee), C32e(0x8cf78df6),
C32e(0x17e50dff), C32e(0xdcb7bdd6), C32e(0xc8a7b1de), C32e(0xfc395491), C32e(0x17e50dff), C32e(0xdcb7bdd6), C32e(0xc8a7b1de), C32e(0xfc395491),
C32e(0xf0c05060), C32e(0x05040302), C32e(0xe087a9ce), C32e(0x87ac7d56), C32e(0xf0c05060), C32e(0x05040302), C32e(0xe087a9ce), C32e(0x87ac7d56),
C32e(0x2bd519e7), C32e(0xa67162b5), C32e(0x319ae64d), C32e(0xb5c39aec), C32e(0x2bd519e7), C32e(0xa67162b5), C32e(0x319ae64d), C32e(0xb5c39aec),
C32e(0xcf05458f), C32e(0xbc3e9d1f), C32e(0xc0094089), C32e(0x92ef87fa), C32e(0xcf05458f), C32e(0xbc3e9d1f), C32e(0xc0094089), C32e(0x92ef87fa),
C32e(0x3fc515ef), C32e(0x267febb2), C32e(0x4007c98e), C32e(0x1ded0bfb), C32e(0x3fc515ef), C32e(0x267febb2), C32e(0x4007c98e), C32e(0x1ded0bfb),
C32e(0x2f82ec41), C32e(0xa97d67b3), C32e(0x1cbefd5f), C32e(0x258aea45), C32e(0x2f82ec41), C32e(0xa97d67b3), C32e(0x1cbefd5f), C32e(0x258aea45),
C32e(0xda46bf23), C32e(0x02a6f753), C32e(0xa1d396e4), C32e(0xed2d5b9b), C32e(0xda46bf23), C32e(0x02a6f753), C32e(0xa1d396e4), C32e(0xed2d5b9b),
C32e(0x5deac275), C32e(0x24d91ce1), C32e(0xe97aae3d), C32e(0xbe986a4c), C32e(0x5deac275), C32e(0x24d91ce1), C32e(0xe97aae3d), C32e(0xbe986a4c),
C32e(0xeed85a6c), C32e(0xc3fc417e), C32e(0x06f102f5), C32e(0xd11d4f83), C32e(0xeed85a6c), C32e(0xc3fc417e), C32e(0x06f102f5), C32e(0xd11d4f83),
C32e(0xe4d05c68), C32e(0x07a2f451), C32e(0x5cb934d1), C32e(0x18e908f9), C32e(0xe4d05c68), C32e(0x07a2f451), C32e(0x5cb934d1), C32e(0x18e908f9),
C32e(0xaedf93e2), C32e(0x954d73ab), C32e(0xf5c45362), C32e(0x41543f2a), C32e(0xaedf93e2), C32e(0x954d73ab), C32e(0xf5c45362), C32e(0x41543f2a),
C32e(0x14100c08), C32e(0xf6315295), C32e(0xaf8c6546), C32e(0xe2215e9d), C32e(0x14100c08), C32e(0xf6315295), C32e(0xaf8c6546), C32e(0xe2215e9d),
C32e(0x78602830), C32e(0xf86ea137), C32e(0x11140f0a), C32e(0xc45eb52f), C32e(0x78602830), C32e(0xf86ea137), C32e(0x11140f0a), C32e(0xc45eb52f),
C32e(0x1b1c090e), C32e(0x5a483624), C32e(0xb6369b1b), C32e(0x47a53ddf), C32e(0x1b1c090e), C32e(0x5a483624), C32e(0xb6369b1b), C32e(0x47a53ddf),
C32e(0x6a8126cd), C32e(0xbb9c694e), C32e(0x4cfecd7f), C32e(0xbacf9fea), C32e(0x6a8126cd), C32e(0xbb9c694e), C32e(0x4cfecd7f), C32e(0xbacf9fea),
C32e(0x2d241b12), C32e(0xb93a9e1d), C32e(0x9cb07458), C32e(0x72682e34), C32e(0x2d241b12), C32e(0xb93a9e1d), C32e(0x9cb07458), C32e(0x72682e34),
C32e(0x776c2d36), C32e(0xcda3b2dc), C32e(0x2973eeb4), C32e(0x16b6fb5b), C32e(0x776c2d36), C32e(0xcda3b2dc), C32e(0x2973eeb4), C32e(0x16b6fb5b),
C32e(0x0153f6a4), C32e(0xd7ec4d76), C32e(0xa37561b7), C32e(0x49face7d), C32e(0x0153f6a4), C32e(0xd7ec4d76), C32e(0xa37561b7), C32e(0x49face7d),
C32e(0x8da47b52), C32e(0x42a13edd), C32e(0x93bc715e), C32e(0xa2269713), C32e(0x8da47b52), C32e(0x42a13edd), C32e(0x93bc715e), C32e(0xa2269713),
C32e(0x0457f5a6), C32e(0xb86968b9), C32e(0x00000000), C32e(0x74992cc1), C32e(0x0457f5a6), C32e(0xb86968b9), C32e(0x00000000), C32e(0x74992cc1),
C32e(0xa0806040), C32e(0x21dd1fe3), C32e(0x43f2c879), C32e(0x2c77edb6), C32e(0xa0806040), C32e(0x21dd1fe3), C32e(0x43f2c879), C32e(0x2c77edb6),
C32e(0xd9b3bed4), C32e(0xca01468d), C32e(0x70ced967), C32e(0xdde44b72), C32e(0xd9b3bed4), C32e(0xca01468d), C32e(0x70ced967), C32e(0xdde44b72),
C32e(0x7933de94), C32e(0x672bd498), C32e(0x237be8b0), C32e(0xde114a85), C32e(0x7933de94), C32e(0x672bd498), C32e(0x237be8b0), C32e(0xde114a85),
C32e(0xbd6d6bbb), C32e(0x7e912ac5), C32e(0x349ee54f), C32e(0x3ac116ed), C32e(0xbd6d6bbb), C32e(0x7e912ac5), C32e(0x349ee54f), C32e(0x3ac116ed),
C32e(0x5417c586), C32e(0x622fd79a), C32e(0xffcc5566), C32e(0xa7229411), C32e(0x5417c586), C32e(0x622fd79a), C32e(0xffcc5566), C32e(0xa7229411),
C32e(0x4a0fcf8a), C32e(0x30c910e9), C32e(0x0a080604), C32e(0x98e781fe), C32e(0x4a0fcf8a), C32e(0x30c910e9), C32e(0x0a080604), C32e(0x98e781fe),
C32e(0x0b5bf0a0), C32e(0xccf04478), C32e(0xd54aba25), C32e(0x3e96e34b), C32e(0x0b5bf0a0), C32e(0xccf04478), C32e(0xd54aba25), C32e(0x3e96e34b),
C32e(0x0e5ff3a2), C32e(0x19bafe5d), C32e(0x5b1bc080), C32e(0x850a8a05), C32e(0x0e5ff3a2), C32e(0x19bafe5d), C32e(0x5b1bc080), C32e(0x850a8a05),
C32e(0xec7ead3f), C32e(0xdf42bc21), C32e(0xd8e04870), C32e(0x0cf904f1), C32e(0xec7ead3f), C32e(0xdf42bc21), C32e(0xd8e04870), C32e(0x0cf904f1),
C32e(0x7ac6df63), C32e(0x58eec177), C32e(0x9f4575af), C32e(0xa5846342), C32e(0x7ac6df63), C32e(0x58eec177), C32e(0x9f4575af), C32e(0xa5846342),
C32e(0x50403020), C32e(0x2ed11ae5), C32e(0x12e10efd), C32e(0xb7656dbf), C32e(0x50403020), C32e(0x2ed11ae5), C32e(0x12e10efd), C32e(0xb7656dbf),
C32e(0xd4194c81), C32e(0x3c301418), C32e(0x5f4c3526), C32e(0x719d2fc3), C32e(0xd4194c81), C32e(0x3c301418), C32e(0x5f4c3526), C32e(0x719d2fc3),
C32e(0x3867e1be), C32e(0xfd6aa235), C32e(0x4f0bcc88), C32e(0x4b5c392e), C32e(0x3867e1be), C32e(0xfd6aa235), C32e(0x4f0bcc88), C32e(0x4b5c392e),
C32e(0xf93d5793), C32e(0x0daaf255), C32e(0x9de382fc), C32e(0xc9f4477a), C32e(0xf93d5793), C32e(0x0daaf255), C32e(0x9de382fc), C32e(0xc9f4477a),
C32e(0xef8bacc8), C32e(0x326fe7ba), C32e(0x7d642b32), C32e(0xa4d795e6), C32e(0xef8bacc8), C32e(0x326fe7ba), C32e(0x7d642b32), C32e(0xa4d795e6),
C32e(0xfb9ba0c0), C32e(0xb3329819), C32e(0x6827d19e), C32e(0x815d7fa3), C32e(0xfb9ba0c0), C32e(0xb3329819), C32e(0x6827d19e), C32e(0x815d7fa3),
C32e(0xaa886644), C32e(0x82a87e54), C32e(0xe676ab3b), C32e(0x9e16830b), C32e(0xaa886644), C32e(0x82a87e54), C32e(0xe676ab3b), C32e(0x9e16830b),
C32e(0x4503ca8c), C32e(0x7b9529c7), C32e(0x6ed6d36b), C32e(0x44503c28), C32e(0x4503ca8c), C32e(0x7b9529c7), C32e(0x6ed6d36b), C32e(0x44503c28),
C32e(0x8b5579a7), C32e(0x3d63e2bc), C32e(0x272c1d16), C32e(0x9a4176ad), C32e(0x8b5579a7), C32e(0x3d63e2bc), C32e(0x272c1d16), C32e(0x9a4176ad),
C32e(0x4dad3bdb), C32e(0xfac85664), C32e(0xd2e84e74), C32e(0x22281e14), C32e(0x4dad3bdb), C32e(0xfac85664), C32e(0xd2e84e74), C32e(0x22281e14),
C32e(0x763fdb92), C32e(0x1e180a0c), C32e(0xb4906c48), C32e(0x376be4b8), C32e(0x763fdb92), C32e(0x1e180a0c), C32e(0xb4906c48), C32e(0x376be4b8),
C32e(0xe7255d9f), C32e(0xb2616ebd), C32e(0x2a86ef43), C32e(0xf193a6c4), C32e(0xe7255d9f), C32e(0xb2616ebd), C32e(0x2a86ef43), C32e(0xf193a6c4),
C32e(0xe372a839), C32e(0xf762a431), C32e(0x59bd37d3), C32e(0x86ff8bf2), C32e(0xe372a839), C32e(0xf762a431), C32e(0x59bd37d3), C32e(0x86ff8bf2),
C32e(0x56b132d5), C32e(0xc50d438b), C32e(0xebdc596e), C32e(0xc2afb7da), C32e(0x56b132d5), C32e(0xc50d438b), C32e(0xebdc596e), C32e(0xc2afb7da),
C32e(0x8f028c01), C32e(0xac7964b1), C32e(0x6d23d29c), C32e(0x3b92e049), C32e(0x8f028c01), C32e(0xac7964b1), C32e(0x6d23d29c), C32e(0x3b92e049),
C32e(0xc7abb4d8), C32e(0x1543faac), C32e(0x09fd07f3), C32e(0x6f8525cf), C32e(0xc7abb4d8), C32e(0x1543faac), C32e(0x09fd07f3), C32e(0x6f8525cf),
C32e(0xea8fafca), C32e(0x89f38ef4), C32e(0x208ee947), C32e(0x28201810), C32e(0xea8fafca), C32e(0x89f38ef4), C32e(0x208ee947), C32e(0x28201810),
C32e(0x64ded56f), C32e(0x83fb88f0), C32e(0xb1946f4a), C32e(0x96b8725c), C32e(0x64ded56f), C32e(0x83fb88f0), C32e(0xb1946f4a), C32e(0x96b8725c),
C32e(0x6c702438), C32e(0x08aef157), C32e(0x52e6c773), C32e(0xf3355197), C32e(0x6c702438), C32e(0x08aef157), C32e(0x52e6c773), C32e(0xf3355197),
C32e(0x658d23cb), C32e(0x84597ca1), C32e(0xbfcb9ce8), C32e(0x637c213e), C32e(0x658d23cb), C32e(0x84597ca1), C32e(0xbfcb9ce8), C32e(0x637c213e),
C32e(0x7c37dd96), C32e(0x7fc2dc61), C32e(0x911a860d), C32e(0x941e850f), C32e(0x7c37dd96), C32e(0x7fc2dc61), C32e(0x911a860d), C32e(0x941e850f),
C32e(0xabdb90e0), C32e(0xc6f8427c), C32e(0x57e2c471), C32e(0xe583aacc), C32e(0xabdb90e0), C32e(0xc6f8427c), C32e(0x57e2c471), C32e(0xe583aacc),
C32e(0x733bd890), C32e(0x0f0c0506), C32e(0x03f501f7), C32e(0x3638121c), C32e(0x733bd890), C32e(0x0f0c0506), C32e(0x03f501f7), C32e(0x3638121c),
C32e(0xfe9fa3c2), C32e(0xe1d45f6a), C32e(0x1047f9ae), C32e(0x6bd2d069), C32e(0xfe9fa3c2), C32e(0xe1d45f6a), C32e(0x1047f9ae), C32e(0x6bd2d069),
C32e(0xa82e9117), C32e(0xe8295899), C32e(0x6974273a), C32e(0xd04eb927), C32e(0xa82e9117), C32e(0xe8295899), C32e(0x6974273a), C32e(0xd04eb927),
C32e(0x48a938d9), C32e(0x35cd13eb), C32e(0xce56b32b), C32e(0x55443322), C32e(0x48a938d9), C32e(0x35cd13eb), C32e(0xce56b32b), C32e(0x55443322),
C32e(0xd6bfbbd2), C32e(0x904970a9), C32e(0x800e8907), C32e(0xf266a733), C32e(0xd6bfbbd2), C32e(0x904970a9), C32e(0x800e8907), C32e(0xf266a733),
C32e(0xc15ab62d), C32e(0x6678223c), C32e(0xad2a9215), C32e(0x608920c9), C32e(0xc15ab62d), C32e(0x6678223c), C32e(0xad2a9215), C32e(0x608920c9),
C32e(0xdb154987), C32e(0x1a4fffaa), C32e(0x88a07850), C32e(0x8e517aa5), C32e(0xdb154987), C32e(0x1a4fffaa), C32e(0x88a07850), C32e(0x8e517aa5),
C32e(0x8a068f03), C32e(0x13b2f859), C32e(0x9b128009), C32e(0x3934171a), C32e(0x8a068f03), C32e(0x13b2f859), C32e(0x9b128009), C32e(0x3934171a),
C32e(0x75cada65), C32e(0x53b531d7), C32e(0x5113c684), C32e(0xd3bbb8d0), C32e(0x75cada65), C32e(0x53b531d7), C32e(0x5113c684), C32e(0xd3bbb8d0),
C32e(0x5e1fc382), C32e(0xcb52b029), C32e(0x99b4775a), C32e(0x333c111e), C32e(0x5e1fc382), C32e(0xcb52b029), C32e(0x99b4775a), C32e(0x333c111e),
C32e(0x46f6cb7b), C32e(0x1f4bfca8), C32e(0x61dad66d), C32e(0x4e583a2c) C32e(0x46f6cb7b), C32e(0x1f4bfca8), C32e(0x61dad66d), C32e(0x4e583a2c)};
};
static const sph_u32 T1up[] = { static const sph_u32 T1up[] = {
C32e(0xc6c632f4), C32e(0xf8f86f97), C32e(0xeeee5eb0), C32e(0xf6f67a8c), C32e(0xc6c632f4), C32e(0xf8f86f97), C32e(0xeeee5eb0), C32e(0xf6f67a8c),
C32e(0xffffe817), C32e(0xd6d60adc), C32e(0xdede16c8), C32e(0x91916dfc), C32e(0xffffe817), C32e(0xd6d60adc), C32e(0xdede16c8), C32e(0x91916dfc),
C32e(0x606090f0), C32e(0x02020705), C32e(0xcece2ee0), C32e(0x5656d187), C32e(0x606090f0), C32e(0x02020705), C32e(0xcece2ee0), C32e(0x5656d187),
C32e(0xe7e7cc2b), C32e(0xb5b513a6), C32e(0x4d4d7c31), C32e(0xecec59b5), C32e(0xe7e7cc2b), C32e(0xb5b513a6), C32e(0x4d4d7c31), C32e(0xecec59b5),
C32e(0x8f8f40cf), C32e(0x1f1fa3bc), C32e(0x898949c0), C32e(0xfafa6892), C32e(0x8f8f40cf), C32e(0x1f1fa3bc), C32e(0x898949c0), C32e(0xfafa6892),
C32e(0xefefd03f), C32e(0xb2b29426), C32e(0x8e8ece40), C32e(0xfbfbe61d), C32e(0xefefd03f), C32e(0xb2b29426), C32e(0x8e8ece40), C32e(0xfbfbe61d),
C32e(0x41416e2f), C32e(0xb3b31aa9), C32e(0x5f5f431c), C32e(0x45456025), C32e(0x41416e2f), C32e(0xb3b31aa9), C32e(0x5f5f431c), C32e(0x45456025),
C32e(0x2323f9da), C32e(0x53535102), C32e(0xe4e445a1), C32e(0x9b9b76ed), C32e(0x2323f9da), C32e(0x53535102), C32e(0xe4e445a1), C32e(0x9b9b76ed),
C32e(0x7575285d), C32e(0xe1e1c524), C32e(0x3d3dd4e9), C32e(0x4c4cf2be), C32e(0x7575285d), C32e(0xe1e1c524), C32e(0x3d3dd4e9), C32e(0x4c4cf2be),
C32e(0x6c6c82ee), C32e(0x7e7ebdc3), C32e(0xf5f5f306), C32e(0x838352d1), C32e(0x6c6c82ee), C32e(0x7e7ebdc3), C32e(0xf5f5f306), C32e(0x838352d1),
C32e(0x68688ce4), C32e(0x51515607), C32e(0xd1d18d5c), C32e(0xf9f9e118), C32e(0x68688ce4), C32e(0x51515607), C32e(0xd1d18d5c), C32e(0xf9f9e118),
C32e(0xe2e24cae), C32e(0xabab3e95), C32e(0x626297f5), C32e(0x2a2a6b41), C32e(0xe2e24cae), C32e(0xabab3e95), C32e(0x626297f5), C32e(0x2a2a6b41),
C32e(0x08081c14), C32e(0x959563f6), C32e(0x4646e9af), C32e(0x9d9d7fe2), C32e(0x08081c14), C32e(0x959563f6), C32e(0x4646e9af), C32e(0x9d9d7fe2),
C32e(0x30304878), C32e(0x3737cff8), C32e(0x0a0a1b11), C32e(0x2f2febc4), C32e(0x30304878), C32e(0x3737cff8), C32e(0x0a0a1b11), C32e(0x2f2febc4),
C32e(0x0e0e151b), C32e(0x24247e5a), C32e(0x1b1badb6), C32e(0xdfdf9847), C32e(0x0e0e151b), C32e(0x24247e5a), C32e(0x1b1badb6), C32e(0xdfdf9847),
C32e(0xcdcda76a), C32e(0x4e4ef5bb), C32e(0x7f7f334c), C32e(0xeaea50ba), C32e(0xcdcda76a), C32e(0x4e4ef5bb), C32e(0x7f7f334c), C32e(0xeaea50ba),
C32e(0x12123f2d), C32e(0x1d1da4b9), C32e(0x5858c49c), C32e(0x34344672), C32e(0x12123f2d), C32e(0x1d1da4b9), C32e(0x5858c49c), C32e(0x34344672),
C32e(0x36364177), C32e(0xdcdc11cd), C32e(0xb4b49d29), C32e(0x5b5b4d16), C32e(0x36364177), C32e(0xdcdc11cd), C32e(0xb4b49d29), C32e(0x5b5b4d16),
C32e(0xa4a4a501), C32e(0x7676a1d7), C32e(0xb7b714a3), C32e(0x7d7d3449), C32e(0xa4a4a501), C32e(0x7676a1d7), C32e(0xb7b714a3), C32e(0x7d7d3449),
C32e(0x5252df8d), C32e(0xdddd9f42), C32e(0x5e5ecd93), C32e(0x1313b1a2), C32e(0x5252df8d), C32e(0xdddd9f42), C32e(0x5e5ecd93), C32e(0x1313b1a2),
C32e(0xa6a6a204), C32e(0xb9b901b8), C32e(0x00000000), C32e(0xc1c1b574), C32e(0xa6a6a204), C32e(0xb9b901b8), C32e(0x00000000), C32e(0xc1c1b574),
C32e(0x4040e0a0), C32e(0xe3e3c221), C32e(0x79793a43), C32e(0xb6b69a2c), C32e(0x4040e0a0), C32e(0xe3e3c221), C32e(0x79793a43), C32e(0xb6b69a2c),
C32e(0xd4d40dd9), C32e(0x8d8d47ca), C32e(0x67671770), C32e(0x7272afdd), C32e(0xd4d40dd9), C32e(0x8d8d47ca), C32e(0x67671770), C32e(0x7272afdd),
C32e(0x9494ed79), C32e(0x9898ff67), C32e(0xb0b09323), C32e(0x85855bde), C32e(0x9494ed79), C32e(0x9898ff67), C32e(0xb0b09323), C32e(0x85855bde),
C32e(0xbbbb06bd), C32e(0xc5c5bb7e), C32e(0x4f4f7b34), C32e(0xededd73a), C32e(0xbbbb06bd), C32e(0xc5c5bb7e), C32e(0x4f4f7b34), C32e(0xededd73a),
C32e(0x8686d254), C32e(0x9a9af862), C32e(0x666699ff), C32e(0x1111b6a7), C32e(0x8686d254), C32e(0x9a9af862), C32e(0x666699ff), C32e(0x1111b6a7),
C32e(0x8a8ac04a), C32e(0xe9e9d930), C32e(0x04040e0a), C32e(0xfefe6698), C32e(0x8a8ac04a), C32e(0xe9e9d930), C32e(0x04040e0a), C32e(0xfefe6698),
C32e(0xa0a0ab0b), C32e(0x7878b4cc), C32e(0x2525f0d5), C32e(0x4b4b753e), C32e(0xa0a0ab0b), C32e(0x7878b4cc), C32e(0x2525f0d5), C32e(0x4b4b753e),
C32e(0xa2a2ac0e), C32e(0x5d5d4419), C32e(0x8080db5b), C32e(0x05058085), C32e(0xa2a2ac0e), C32e(0x5d5d4419), C32e(0x8080db5b), C32e(0x05058085),
C32e(0x3f3fd3ec), C32e(0x2121fedf), C32e(0x7070a8d8), C32e(0xf1f1fd0c), C32e(0x3f3fd3ec), C32e(0x2121fedf), C32e(0x7070a8d8), C32e(0xf1f1fd0c),
C32e(0x6363197a), C32e(0x77772f58), C32e(0xafaf309f), C32e(0x4242e7a5), C32e(0x6363197a), C32e(0x77772f58), C32e(0xafaf309f), C32e(0x4242e7a5),
C32e(0x20207050), C32e(0xe5e5cb2e), C32e(0xfdfdef12), C32e(0xbfbf08b7), C32e(0x20207050), C32e(0xe5e5cb2e), C32e(0xfdfdef12), C32e(0xbfbf08b7),
C32e(0x818155d4), C32e(0x1818243c), C32e(0x2626795f), C32e(0xc3c3b271), C32e(0x818155d4), C32e(0x1818243c), C32e(0x2626795f), C32e(0xc3c3b271),
C32e(0xbebe8638), C32e(0x3535c8fd), C32e(0x8888c74f), C32e(0x2e2e654b), C32e(0xbebe8638), C32e(0x3535c8fd), C32e(0x8888c74f), C32e(0x2e2e654b),
C32e(0x93936af9), C32e(0x5555580d), C32e(0xfcfc619d), C32e(0x7a7ab3c9), C32e(0x93936af9), C32e(0x5555580d), C32e(0xfcfc619d), C32e(0x7a7ab3c9),
C32e(0xc8c827ef), C32e(0xbaba8832), C32e(0x32324f7d), C32e(0xe6e642a4), C32e(0xc8c827ef), C32e(0xbaba8832), C32e(0x32324f7d), C32e(0xe6e642a4),
C32e(0xc0c03bfb), C32e(0x1919aab3), C32e(0x9e9ef668), C32e(0xa3a32281), C32e(0xc0c03bfb), C32e(0x1919aab3), C32e(0x9e9ef668), C32e(0xa3a32281),
C32e(0x4444eeaa), C32e(0x5454d682), C32e(0x3b3bdde6), C32e(0x0b0b959e), C32e(0x4444eeaa), C32e(0x5454d682), C32e(0x3b3bdde6), C32e(0x0b0b959e),
C32e(0x8c8cc945), C32e(0xc7c7bc7b), C32e(0x6b6b056e), C32e(0x28286c44), C32e(0x8c8cc945), C32e(0xc7c7bc7b), C32e(0x6b6b056e), C32e(0x28286c44),
C32e(0xa7a72c8b), C32e(0xbcbc813d), C32e(0x16163127), C32e(0xadad379a), C32e(0xa7a72c8b), C32e(0xbcbc813d), C32e(0x16163127), C32e(0xadad379a),
C32e(0xdbdb964d), C32e(0x64649efa), C32e(0x7474a6d2), C32e(0x14143622), C32e(0xdbdb964d), C32e(0x64649efa), C32e(0x7474a6d2), C32e(0x14143622),
C32e(0x9292e476), C32e(0x0c0c121e), C32e(0x4848fcb4), C32e(0xb8b88f37), C32e(0x9292e476), C32e(0x0c0c121e), C32e(0x4848fcb4), C32e(0xb8b88f37),
C32e(0x9f9f78e7), C32e(0xbdbd0fb2), C32e(0x4343692a), C32e(0xc4c435f1), C32e(0x9f9f78e7), C32e(0xbdbd0fb2), C32e(0x4343692a), C32e(0xc4c435f1),
C32e(0x3939dae3), C32e(0x3131c6f7), C32e(0xd3d38a59), C32e(0xf2f27486), C32e(0x3939dae3), C32e(0x3131c6f7), C32e(0xd3d38a59), C32e(0xf2f27486),
C32e(0xd5d58356), C32e(0x8b8b4ec5), C32e(0x6e6e85eb), C32e(0xdada18c2), C32e(0xd5d58356), C32e(0x8b8b4ec5), C32e(0x6e6e85eb), C32e(0xdada18c2),
C32e(0x01018e8f), C32e(0xb1b11dac), C32e(0x9c9cf16d), C32e(0x4949723b), C32e(0x01018e8f), C32e(0xb1b11dac), C32e(0x9c9cf16d), C32e(0x4949723b),
C32e(0xd8d81fc7), C32e(0xacacb915), C32e(0xf3f3fa09), C32e(0xcfcfa06f), C32e(0xd8d81fc7), C32e(0xacacb915), C32e(0xf3f3fa09), C32e(0xcfcfa06f),
C32e(0xcaca20ea), C32e(0xf4f47d89), C32e(0x47476720), C32e(0x10103828), C32e(0xcaca20ea), C32e(0xf4f47d89), C32e(0x47476720), C32e(0x10103828),
C32e(0x6f6f0b64), C32e(0xf0f07383), C32e(0x4a4afbb1), C32e(0x5c5cca96), C32e(0x6f6f0b64), C32e(0xf0f07383), C32e(0x4a4afbb1), C32e(0x5c5cca96),
C32e(0x3838546c), C32e(0x57575f08), C32e(0x73732152), C32e(0x979764f3), C32e(0x3838546c), C32e(0x57575f08), C32e(0x73732152), C32e(0x979764f3),
C32e(0xcbcbae65), C32e(0xa1a12584), C32e(0xe8e857bf), C32e(0x3e3e5d63), C32e(0xcbcbae65), C32e(0xa1a12584), C32e(0xe8e857bf), C32e(0x3e3e5d63),
C32e(0x9696ea7c), C32e(0x61611e7f), C32e(0x0d0d9c91), C32e(0x0f0f9b94), C32e(0x9696ea7c), C32e(0x61611e7f), C32e(0x0d0d9c91), C32e(0x0f0f9b94),
C32e(0xe0e04bab), C32e(0x7c7cbac6), C32e(0x71712657), C32e(0xcccc29e5), C32e(0xe0e04bab), C32e(0x7c7cbac6), C32e(0x71712657), C32e(0xcccc29e5),
C32e(0x9090e373), C32e(0x0606090f), C32e(0xf7f7f403), C32e(0x1c1c2a36), C32e(0x9090e373), C32e(0x0606090f), C32e(0xf7f7f403), C32e(0x1c1c2a36),
C32e(0xc2c23cfe), C32e(0x6a6a8be1), C32e(0xaeaebe10), C32e(0x6969026b), C32e(0xc2c23cfe), C32e(0x6a6a8be1), C32e(0xaeaebe10), C32e(0x6969026b),
C32e(0x1717bfa8), C32e(0x999971e8), C32e(0x3a3a5369), C32e(0x2727f7d0), C32e(0x1717bfa8), C32e(0x999971e8), C32e(0x3a3a5369), C32e(0x2727f7d0),
C32e(0xd9d99148), C32e(0xebebde35), C32e(0x2b2be5ce), C32e(0x22227755), C32e(0xd9d99148), C32e(0xebebde35), C32e(0x2b2be5ce), C32e(0x22227755),
C32e(0xd2d204d6), C32e(0xa9a93990), C32e(0x07078780), C32e(0x3333c1f2), C32e(0xd2d204d6), C32e(0xa9a93990), C32e(0x07078780), C32e(0x3333c1f2),
C32e(0x2d2decc1), C32e(0x3c3c5a66), C32e(0x1515b8ad), C32e(0xc9c9a960), C32e(0x2d2decc1), C32e(0x3c3c5a66), C32e(0x1515b8ad), C32e(0xc9c9a960),
C32e(0x87875cdb), C32e(0xaaaab01a), C32e(0x5050d888), C32e(0xa5a52b8e), C32e(0x87875cdb), C32e(0xaaaab01a), C32e(0x5050d888), C32e(0xa5a52b8e),
C32e(0x0303898a), C32e(0x59594a13), C32e(0x0909929b), C32e(0x1a1a2339), C32e(0x0303898a), C32e(0x59594a13), C32e(0x0909929b), C32e(0x1a1a2339),
C32e(0x65651075), C32e(0xd7d78453), C32e(0x8484d551), C32e(0xd0d003d3), C32e(0x65651075), C32e(0xd7d78453), C32e(0x8484d551), C32e(0xd0d003d3),
C32e(0x8282dc5e), C32e(0x2929e2cb), C32e(0x5a5ac399), C32e(0x1e1e2d33), C32e(0x8282dc5e), C32e(0x2929e2cb), C32e(0x5a5ac399), C32e(0x1e1e2d33),
C32e(0x7b7b3d46), C32e(0xa8a8b71f), C32e(0x6d6d0c61), C32e(0x2c2c624e) C32e(0x7b7b3d46), C32e(0xa8a8b71f), C32e(0x6d6d0c61), C32e(0x2c2c624e)};
};
static const sph_u32 T1dn[] = { static const sph_u32 T1dn[] = {
C32e(0xa5f497a5), C32e(0x8497eb84), C32e(0x99b0c799), C32e(0x8d8cf78d), C32e(0xa5f497a5), C32e(0x8497eb84), C32e(0x99b0c799), C32e(0x8d8cf78d),
C32e(0x0d17e50d), C32e(0xbddcb7bd), C32e(0xb1c8a7b1), C32e(0x54fc3954), C32e(0x0d17e50d), C32e(0xbddcb7bd), C32e(0xb1c8a7b1), C32e(0x54fc3954),
C32e(0x50f0c050), C32e(0x03050403), C32e(0xa9e087a9), C32e(0x7d87ac7d), C32e(0x50f0c050), C32e(0x03050403), C32e(0xa9e087a9), C32e(0x7d87ac7d),
C32e(0x192bd519), C32e(0x62a67162), C32e(0xe6319ae6), C32e(0x9ab5c39a), C32e(0x192bd519), C32e(0x62a67162), C32e(0xe6319ae6), C32e(0x9ab5c39a),
C32e(0x45cf0545), C32e(0x9dbc3e9d), C32e(0x40c00940), C32e(0x8792ef87), C32e(0x45cf0545), C32e(0x9dbc3e9d), C32e(0x40c00940), C32e(0x8792ef87),
C32e(0x153fc515), C32e(0xeb267feb), C32e(0xc94007c9), C32e(0x0b1ded0b), C32e(0x153fc515), C32e(0xeb267feb), C32e(0xc94007c9), C32e(0x0b1ded0b),
C32e(0xec2f82ec), C32e(0x67a97d67), C32e(0xfd1cbefd), C32e(0xea258aea), C32e(0xec2f82ec), C32e(0x67a97d67), C32e(0xfd1cbefd), C32e(0xea258aea),
C32e(0xbfda46bf), C32e(0xf702a6f7), C32e(0x96a1d396), C32e(0x5bed2d5b), C32e(0xbfda46bf), C32e(0xf702a6f7), C32e(0x96a1d396), C32e(0x5bed2d5b),
C32e(0xc25deac2), C32e(0x1c24d91c), C32e(0xaee97aae), C32e(0x6abe986a), C32e(0xc25deac2), C32e(0x1c24d91c), C32e(0xaee97aae), C32e(0x6abe986a),
C32e(0x5aeed85a), C32e(0x41c3fc41), C32e(0x0206f102), C32e(0x4fd11d4f), C32e(0x5aeed85a), C32e(0x41c3fc41), C32e(0x0206f102), C32e(0x4fd11d4f),
C32e(0x5ce4d05c), C32e(0xf407a2f4), C32e(0x345cb934), C32e(0x0818e908), C32e(0x5ce4d05c), C32e(0xf407a2f4), C32e(0x345cb934), C32e(0x0818e908),
C32e(0x93aedf93), C32e(0x73954d73), C32e(0x53f5c453), C32e(0x3f41543f), C32e(0x93aedf93), C32e(0x73954d73), C32e(0x53f5c453), C32e(0x3f41543f),
C32e(0x0c14100c), C32e(0x52f63152), C32e(0x65af8c65), C32e(0x5ee2215e), C32e(0x0c14100c), C32e(0x52f63152), C32e(0x65af8c65), C32e(0x5ee2215e),
C32e(0x28786028), C32e(0xa1f86ea1), C32e(0x0f11140f), C32e(0xb5c45eb5), C32e(0x28786028), C32e(0xa1f86ea1), C32e(0x0f11140f), C32e(0xb5c45eb5),
C32e(0x091b1c09), C32e(0x365a4836), C32e(0x9bb6369b), C32e(0x3d47a53d), C32e(0x091b1c09), C32e(0x365a4836), C32e(0x9bb6369b), C32e(0x3d47a53d),
C32e(0x266a8126), C32e(0x69bb9c69), C32e(0xcd4cfecd), C32e(0x9fbacf9f), C32e(0x266a8126), C32e(0x69bb9c69), C32e(0xcd4cfecd), C32e(0x9fbacf9f),
C32e(0x1b2d241b), C32e(0x9eb93a9e), C32e(0x749cb074), C32e(0x2e72682e), C32e(0x1b2d241b), C32e(0x9eb93a9e), C32e(0x749cb074), C32e(0x2e72682e),
C32e(0x2d776c2d), C32e(0xb2cda3b2), C32e(0xee2973ee), C32e(0xfb16b6fb), C32e(0x2d776c2d), C32e(0xb2cda3b2), C32e(0xee2973ee), C32e(0xfb16b6fb),
C32e(0xf60153f6), C32e(0x4dd7ec4d), C32e(0x61a37561), C32e(0xce49face), C32e(0xf60153f6), C32e(0x4dd7ec4d), C32e(0x61a37561), C32e(0xce49face),
C32e(0x7b8da47b), C32e(0x3e42a13e), C32e(0x7193bc71), C32e(0x97a22697), C32e(0x7b8da47b), C32e(0x3e42a13e), C32e(0x7193bc71), C32e(0x97a22697),
C32e(0xf50457f5), C32e(0x68b86968), C32e(0x00000000), C32e(0x2c74992c), C32e(0xf50457f5), C32e(0x68b86968), C32e(0x00000000), C32e(0x2c74992c),
C32e(0x60a08060), C32e(0x1f21dd1f), C32e(0xc843f2c8), C32e(0xed2c77ed), C32e(0x60a08060), C32e(0x1f21dd1f), C32e(0xc843f2c8), C32e(0xed2c77ed),
C32e(0xbed9b3be), C32e(0x46ca0146), C32e(0xd970ced9), C32e(0x4bdde44b), C32e(0xbed9b3be), C32e(0x46ca0146), C32e(0xd970ced9), C32e(0x4bdde44b),
C32e(0xde7933de), C32e(0xd4672bd4), C32e(0xe8237be8), C32e(0x4ade114a), C32e(0xde7933de), C32e(0xd4672bd4), C32e(0xe8237be8), C32e(0x4ade114a),
C32e(0x6bbd6d6b), C32e(0x2a7e912a), C32e(0xe5349ee5), C32e(0x163ac116), C32e(0x6bbd6d6b), C32e(0x2a7e912a), C32e(0xe5349ee5), C32e(0x163ac116),
C32e(0xc55417c5), C32e(0xd7622fd7), C32e(0x55ffcc55), C32e(0x94a72294), C32e(0xc55417c5), C32e(0xd7622fd7), C32e(0x55ffcc55), C32e(0x94a72294),
C32e(0xcf4a0fcf), C32e(0x1030c910), C32e(0x060a0806), C32e(0x8198e781), C32e(0xcf4a0fcf), C32e(0x1030c910), C32e(0x060a0806), C32e(0x8198e781),
C32e(0xf00b5bf0), C32e(0x44ccf044), C32e(0xbad54aba), C32e(0xe33e96e3), C32e(0xf00b5bf0), C32e(0x44ccf044), C32e(0xbad54aba), C32e(0xe33e96e3),
C32e(0xf30e5ff3), C32e(0xfe19bafe), C32e(0xc05b1bc0), C32e(0x8a850a8a), C32e(0xf30e5ff3), C32e(0xfe19bafe), C32e(0xc05b1bc0), C32e(0x8a850a8a),
C32e(0xadec7ead), C32e(0xbcdf42bc), C32e(0x48d8e048), C32e(0x040cf904), C32e(0xadec7ead), C32e(0xbcdf42bc), C32e(0x48d8e048), C32e(0x040cf904),
C32e(0xdf7ac6df), C32e(0xc158eec1), C32e(0x759f4575), C32e(0x63a58463), C32e(0xdf7ac6df), C32e(0xc158eec1), C32e(0x759f4575), C32e(0x63a58463),
C32e(0x30504030), C32e(0x1a2ed11a), C32e(0x0e12e10e), C32e(0x6db7656d), C32e(0x30504030), C32e(0x1a2ed11a), C32e(0x0e12e10e), C32e(0x6db7656d),
C32e(0x4cd4194c), C32e(0x143c3014), C32e(0x355f4c35), C32e(0x2f719d2f), C32e(0x4cd4194c), C32e(0x143c3014), C32e(0x355f4c35), C32e(0x2f719d2f),
C32e(0xe13867e1), C32e(0xa2fd6aa2), C32e(0xcc4f0bcc), C32e(0x394b5c39), C32e(0xe13867e1), C32e(0xa2fd6aa2), C32e(0xcc4f0bcc), C32e(0x394b5c39),
C32e(0x57f93d57), C32e(0xf20daaf2), C32e(0x829de382), C32e(0x47c9f447), C32e(0x57f93d57), C32e(0xf20daaf2), C32e(0x829de382), C32e(0x47c9f447),
C32e(0xacef8bac), C32e(0xe7326fe7), C32e(0x2b7d642b), C32e(0x95a4d795), C32e(0xacef8bac), C32e(0xe7326fe7), C32e(0x2b7d642b), C32e(0x95a4d795),
C32e(0xa0fb9ba0), C32e(0x98b33298), C32e(0xd16827d1), C32e(0x7f815d7f), C32e(0xa0fb9ba0), C32e(0x98b33298), C32e(0xd16827d1), C32e(0x7f815d7f),
C32e(0x66aa8866), C32e(0x7e82a87e), C32e(0xabe676ab), C32e(0x839e1683), C32e(0x66aa8866), C32e(0x7e82a87e), C32e(0xabe676ab), C32e(0x839e1683),
C32e(0xca4503ca), C32e(0x297b9529), C32e(0xd36ed6d3), C32e(0x3c44503c), C32e(0xca4503ca), C32e(0x297b9529), C32e(0xd36ed6d3), C32e(0x3c44503c),
C32e(0x798b5579), C32e(0xe23d63e2), C32e(0x1d272c1d), C32e(0x769a4176), C32e(0x798b5579), C32e(0xe23d63e2), C32e(0x1d272c1d), C32e(0x769a4176),
C32e(0x3b4dad3b), C32e(0x56fac856), C32e(0x4ed2e84e), C32e(0x1e22281e), C32e(0x3b4dad3b), C32e(0x56fac856), C32e(0x4ed2e84e), C32e(0x1e22281e),
C32e(0xdb763fdb), C32e(0x0a1e180a), C32e(0x6cb4906c), C32e(0xe4376be4), C32e(0xdb763fdb), C32e(0x0a1e180a), C32e(0x6cb4906c), C32e(0xe4376be4),
C32e(0x5de7255d), C32e(0x6eb2616e), C32e(0xef2a86ef), C32e(0xa6f193a6), C32e(0x5de7255d), C32e(0x6eb2616e), C32e(0xef2a86ef), C32e(0xa6f193a6),
C32e(0xa8e372a8), C32e(0xa4f762a4), C32e(0x3759bd37), C32e(0x8b86ff8b), C32e(0xa8e372a8), C32e(0xa4f762a4), C32e(0x3759bd37), C32e(0x8b86ff8b),
C32e(0x3256b132), C32e(0x43c50d43), C32e(0x59ebdc59), C32e(0xb7c2afb7), C32e(0x3256b132), C32e(0x43c50d43), C32e(0x59ebdc59), C32e(0xb7c2afb7),
C32e(0x8c8f028c), C32e(0x64ac7964), C32e(0xd26d23d2), C32e(0xe03b92e0), C32e(0x8c8f028c), C32e(0x64ac7964), C32e(0xd26d23d2), C32e(0xe03b92e0),
C32e(0xb4c7abb4), C32e(0xfa1543fa), C32e(0x0709fd07), C32e(0x256f8525), C32e(0xb4c7abb4), C32e(0xfa1543fa), C32e(0x0709fd07), C32e(0x256f8525),
C32e(0xafea8faf), C32e(0x8e89f38e), C32e(0xe9208ee9), C32e(0x18282018), C32e(0xafea8faf), C32e(0x8e89f38e), C32e(0xe9208ee9), C32e(0x18282018),
C32e(0xd564ded5), C32e(0x8883fb88), C32e(0x6fb1946f), C32e(0x7296b872), C32e(0xd564ded5), C32e(0x8883fb88), C32e(0x6fb1946f), C32e(0x7296b872),
C32e(0x246c7024), C32e(0xf108aef1), C32e(0xc752e6c7), C32e(0x51f33551), C32e(0x246c7024), C32e(0xf108aef1), C32e(0xc752e6c7), C32e(0x51f33551),
C32e(0x23658d23), C32e(0x7c84597c), C32e(0x9cbfcb9c), C32e(0x21637c21), C32e(0x23658d23), C32e(0x7c84597c), C32e(0x9cbfcb9c), C32e(0x21637c21),
C32e(0xdd7c37dd), C32e(0xdc7fc2dc), C32e(0x86911a86), C32e(0x85941e85), C32e(0xdd7c37dd), C32e(0xdc7fc2dc), C32e(0x86911a86), C32e(0x85941e85),
C32e(0x90abdb90), C32e(0x42c6f842), C32e(0xc457e2c4), C32e(0xaae583aa), C32e(0x90abdb90), C32e(0x42c6f842), C32e(0xc457e2c4), C32e(0xaae583aa),
C32e(0xd8733bd8), C32e(0x050f0c05), C32e(0x0103f501), C32e(0x12363812), C32e(0xd8733bd8), C32e(0x050f0c05), C32e(0x0103f501), C32e(0x12363812),
C32e(0xa3fe9fa3), C32e(0x5fe1d45f), C32e(0xf91047f9), C32e(0xd06bd2d0), C32e(0xa3fe9fa3), C32e(0x5fe1d45f), C32e(0xf91047f9), C32e(0xd06bd2d0),
C32e(0x91a82e91), C32e(0x58e82958), C32e(0x27697427), C32e(0xb9d04eb9), C32e(0x91a82e91), C32e(0x58e82958), C32e(0x27697427), C32e(0xb9d04eb9),
C32e(0x3848a938), C32e(0x1335cd13), C32e(0xb3ce56b3), C32e(0x33554433), C32e(0x3848a938), C32e(0x1335cd13), C32e(0xb3ce56b3), C32e(0x33554433),
C32e(0xbbd6bfbb), C32e(0x70904970), C32e(0x89800e89), C32e(0xa7f266a7), C32e(0xbbd6bfbb), C32e(0x70904970), C32e(0x89800e89), C32e(0xa7f266a7),
C32e(0xb6c15ab6), C32e(0x22667822), C32e(0x92ad2a92), C32e(0x20608920), C32e(0xb6c15ab6), C32e(0x22667822), C32e(0x92ad2a92), C32e(0x20608920),
C32e(0x49db1549), C32e(0xff1a4fff), C32e(0x7888a078), C32e(0x7a8e517a), C32e(0x49db1549), C32e(0xff1a4fff), C32e(0x7888a078), C32e(0x7a8e517a),
C32e(0x8f8a068f), C32e(0xf813b2f8), C32e(0x809b1280), C32e(0x17393417), C32e(0x8f8a068f), C32e(0xf813b2f8), C32e(0x809b1280), C32e(0x17393417),
C32e(0xda75cada), C32e(0x3153b531), C32e(0xc65113c6), C32e(0xb8d3bbb8), C32e(0xda75cada), C32e(0x3153b531), C32e(0xc65113c6), C32e(0xb8d3bbb8),
C32e(0xc35e1fc3), C32e(0xb0cb52b0), C32e(0x7799b477), C32e(0x11333c11), C32e(0xc35e1fc3), C32e(0xb0cb52b0), C32e(0x7799b477), C32e(0x11333c11),
C32e(0xcb46f6cb), C32e(0xfc1f4bfc), C32e(0xd661dad6), C32e(0x3a4e583a) C32e(0xcb46f6cb), C32e(0xfc1f4bfc), C32e(0xd661dad6), C32e(0x3a4e583a)};
};
#define DECL_STATE_BIG \ #define DECL_STATE_BIG sph_u32 H[32] = {0};
sph_u32 H[32] = {0};
#define READ_STATE_BIG(sc) do { \
memcpy(H, (sc)->state.narrow, sizeof H); \
} while (0)
#define WRITE_STATE_BIG(sc) do { \
memcpy((sc)->state.narrow, H, sizeof H); \
} while (0)
#define READ_STATE_BIG(sc) \
do { \
memcpy(H, (sc)->state.narrow, sizeof H); \
} while (0)
#define WRITE_STATE_BIG(sc) \
do { \
memcpy((sc)->state.narrow, H, sizeof H); \
} while (0)
static void RBTT(size_t d0, size_t d1, sph_u32 *a, size_t b0, size_t b1, static void RBTT(size_t d0, size_t d1, sph_u32 *a, size_t b0, size_t b1,
size_t b2, size_t b3, size_t b4, size_t b5, size_t b6, size_t b2, size_t b3, size_t b4, size_t b5, size_t b6,
@ -407,153 +400,134 @@ static void ROUND_BIG_Q(sph_u32 *a, int r) {
memcpy(a, t, sizeof(t)); memcpy(a, t, sizeof(t));
} }
#define PERM_BIG_P(a) \
do { \
int r; \
for (r = 0; r < 14; r++) ROUND_BIG_P(a, r); \
} while (0)
#define PERM_BIG_P(a) do { \ #define PERM_BIG_Q(a) \
int r; \ do { \
for (r = 0; r < 14; r ++) \ int r; \
ROUND_BIG_P(a, r); \ for (r = 0; r < 14; r++) ROUND_BIG_Q(a, r); \
} while (0) } while (0)
#define PERM_BIG_Q(a) do { \ #define COMPRESS_BIG \
int r; \ do { \
for (r = 0; r < 14; r ++) \ sph_u32 g[32], m[32]; \
ROUND_BIG_Q(a, r); \ size_t uu; \
} while (0) for (uu = 0; uu < 32; uu++) { \
m[uu] = dec32e_aligned(buf + (uu << 2)); \
g[uu] = m[uu] ^ H[uu]; \
} \
PERM_BIG_P(g); \
PERM_BIG_Q(m); \
for (uu = 0; uu < 32; uu++) H[uu] ^= g[uu] ^ m[uu]; \
} while (0)
#define FINAL_BIG \
do { \
sph_u32 x[32]; \
size_t uu; \
memcpy(x, H, sizeof x); \
PERM_BIG_P(x); \
for (uu = 0; uu < 32; uu++) H[uu] ^= x[uu]; \
} while (0)
#define COMPRESS_BIG do { \ static void groestl_big_init(sph_groestl_big_context *sc, unsigned out_size) {
sph_u32 g[32], m[32]; \ size_t u = 0;
size_t uu; \
for (uu = 0; uu < 32; uu ++) { \
m[uu] = dec32e_aligned(buf + (uu << 2)); \
g[uu] = m[uu] ^ H[uu]; \
} \
PERM_BIG_P(g); \
PERM_BIG_Q(m); \
for (uu = 0; uu < 32; uu ++) \
H[uu] ^= g[uu] ^ m[uu]; \
} while (0)
#define FINAL_BIG do { \ sc->ptr = 0;
sph_u32 x[32]; \ for (u = 0; u < 31; u++) sc->state.narrow[u] = 0;
size_t uu; \ sc->state.narrow[31] =
memcpy(x, H, sizeof x); \ ((sph_u32)(out_size & 0xFF) << 24) | ((sph_u32)(out_size & 0xFF00) << 8);
PERM_BIG_P(x); \ sc->count = 0;
for (uu = 0; uu < 32; uu ++) \
H[uu] ^= x[uu]; \
} while (0)
static void
groestl_big_init(sph_groestl_big_context *sc, unsigned out_size)
{
size_t u = 0;
sc->ptr = 0;
for (u = 0; u < 31; u ++)
sc->state.narrow[u] = 0;
sc->state.narrow[31] = ((sph_u32)(out_size & 0xFF) << 24)
| ((sph_u32)(out_size & 0xFF00) << 8);
sc->count = 0;
} }
static void static void groestl_big_core(sph_groestl_big_context *sc, const void *data,
groestl_big_core(sph_groestl_big_context *sc, const void *data, size_t len) size_t len) {
{
if (len == 0) { if (len == 0) {
return; return;
} }
unsigned char *buf = NULL; unsigned char *buf = NULL;
size_t ptr = 0; size_t ptr = 0;
DECL_STATE_BIG DECL_STATE_BIG
buf = sc->buf; buf = sc->buf;
ptr = sc->ptr; ptr = sc->ptr;
if (len < (sizeof sc->buf) - ptr) { if (len < (sizeof sc->buf) - ptr) {
memcpy(buf + ptr, data, len); memcpy(buf + ptr, data, len);
ptr += len; ptr += len;
sc->ptr = ptr; sc->ptr = ptr;
return; return;
} }
READ_STATE_BIG(sc); READ_STATE_BIG(sc);
while (len > 0) { while (len > 0) {
size_t clen = 0; size_t clen = 0;
clen = (sizeof sc->buf) - ptr; clen = (sizeof sc->buf) - ptr;
if (clen > len) if (clen > len) clen = len;
clen = len; memcpy(buf + ptr, data, clen);
memcpy(buf + ptr, data, clen); ptr += clen;
ptr += clen; data = (const unsigned char *)data + clen;
data = (const unsigned char *)data + clen; len -= clen;
len -= clen; if (ptr == sizeof sc->buf) {
if (ptr == sizeof sc->buf) { COMPRESS_BIG;
COMPRESS_BIG; sc->count++;
sc->count ++; ptr = 0;
ptr = 0; }
} }
} WRITE_STATE_BIG(sc);
WRITE_STATE_BIG(sc); sc->ptr = ptr;
sc->ptr = ptr;
} }
static void static void groestl_big_close(sph_groestl_big_context *sc, unsigned ub,
groestl_big_close(sph_groestl_big_context *sc, unsigned n, void *dst, size_t out_len) {
unsigned ub, unsigned n, void *dst, size_t out_len) unsigned char pad[136] = {0};
{ size_t ptr = 0, pad_len = 0, u2 = 0;
unsigned char pad[136] = {0}; sph_u64 count = 0;
size_t ptr = 0, pad_len = 0, u2 = 0; unsigned z = 0;
sph_u64 count = 0; DECL_STATE_BIG
unsigned z = 0;
DECL_STATE_BIG
ptr = sc->ptr; ptr = sc->ptr;
z = 0x80 >> n; z = 0x80 >> n;
pad[0] = ((ub & -z) | z) & 0xFF; pad[0] = ((ub & -z) | z) & 0xFF;
if (ptr < 120) { if (ptr < 120) {
pad_len = 128 - ptr; pad_len = 128 - ptr;
count = SPH_T64(sc->count + 1); count = SPH_T64(sc->count + 1);
} else { } else {
pad_len = 256 - ptr; pad_len = 256 - ptr;
count = SPH_T64(sc->count + 2); count = SPH_T64(sc->count + 2);
} }
memzero(pad + 1, pad_len - 9); memzero(pad + 1, pad_len - 9);
sph_enc64be(pad + pad_len - 8, count); sph_enc64be(pad + pad_len - 8, count);
groestl_big_core(sc, pad, pad_len); groestl_big_core(sc, pad, pad_len);
READ_STATE_BIG(sc); READ_STATE_BIG(sc);
FINAL_BIG; FINAL_BIG;
for (u2 = 0; u2 < 16; u2 ++) for (u2 = 0; u2 < 16; u2++) enc32e(pad + (u2 << 2), H[u2 + 16]);
enc32e(pad + (u2 << 2), H[u2 + 16]); memcpy(dst, pad + 64 - out_len, out_len);
memcpy(dst, pad + 64 - out_len, out_len); groestl_big_init(sc, (unsigned)out_len << 3);
groestl_big_init(sc, (unsigned)out_len << 3);
} }
void void groestl512_Init(void *cc) {
groestl512_Init(void *cc) groestl_big_init((sph_groestl_big_context *)cc, 512);
{
groestl_big_init((sph_groestl_big_context *)cc, 512);
} }
void void groestl512_Update(void *cc, const void *data, size_t len) {
groestl512_Update(void *cc, const void *data, size_t len) groestl_big_core((sph_groestl_big_context *)cc, data, len);
{
groestl_big_core((sph_groestl_big_context *)cc, data, len);
} }
void void groestl512_Final(void *cc, void *dst) {
groestl512_Final(void *cc, void *dst) groestl_big_close((sph_groestl_big_context *)cc, 0, 0, dst, 64);
{
groestl_big_close((sph_groestl_big_context *)cc, 0, 0, dst, 64);
} }
void void groestl512_DoubleTrunc(void *cc, void *dst) {
groestl512_DoubleTrunc(void *cc, void *dst) char buf[64] = {0};
{
char buf[64] = {0};
groestl512_Final(cc, buf); groestl512_Final(cc, buf);
groestl512_Update(cc, buf, sizeof(buf)); groestl512_Update(cc, buf, sizeof(buf));
groestl512_Final(cc, buf); groestl512_Final(cc, buf);
memcpy(dst, buf, 32); memcpy(dst, buf, 32);
} }

14
crypto/groestl.h
View File

@ -50,13 +50,13 @@
* <code>memcpy()</code>). * <code>memcpy()</code>).
*/ */
typedef struct { typedef struct {
unsigned char buf[128]; /* first field, for alignment */ unsigned char buf[128]; /* first field, for alignment */
size_t ptr; size_t ptr;
union { union {
uint64_t wide[16]; uint64_t wide[16];
uint32_t narrow[32]; uint32_t narrow[32];
} state; } state;
uint64_t count; uint64_t count;
} sph_groestl_big_context; } sph_groestl_big_context;
typedef sph_groestl_big_context GROESTL512_CTX; typedef sph_groestl_big_context GROESTL512_CTX;

384
crypto/groestl_internal.h
View File

@ -67,70 +67,66 @@ typedef int32_t sph_s32;
typedef uint64_t sph_u64; typedef uint64_t sph_u64;
typedef int64_t sph_s64; typedef int64_t sph_s64;
#define SPH_C32(x) ((sph_u32)(x)) #define SPH_C32(x) ((sph_u32)(x))
#define SPH_C64(x) ((sph_u64)(x)) #define SPH_C64(x) ((sph_u64)(x))
#else #else
#error We need at least C99 compiler #error We need at least C99 compiler
#endif #endif
#define SPH_T32(x) ((x) & SPH_C32(0xFFFFFFFF)) #define SPH_T32(x) ((x) & SPH_C32(0xFFFFFFFF))
#define SPH_ROTL32(x, n) SPH_T32(((x) << (n)) | ((x) >> (32 - (n)))) #define SPH_ROTL32(x, n) SPH_T32(((x) << (n)) | ((x) >> (32 - (n))))
#define SPH_ROTR32(x, n) SPH_ROTL32(x, (32 - (n))) #define SPH_ROTR32(x, n) SPH_ROTL32(x, (32 - (n)))
#define SPH_T64(x) ((x) & SPH_C64(0xFFFFFFFFFFFFFFFF)) #define SPH_T64(x) ((x) & SPH_C64(0xFFFFFFFFFFFFFFFF))
#define SPH_ROTL64(x, n) SPH_T64(((x) << (n)) | ((x) >> (64 - (n)))) #define SPH_ROTL64(x, n) SPH_T64(((x) << (n)) | ((x) >> (64 - (n))))
#define SPH_ROTR64(x, n) SPH_ROTL64(x, (64 - (n))) #define SPH_ROTR64(x, n) SPH_ROTL64(x, (64 - (n)))
/* /*
* 32-bit x86, aka "i386 compatible". * 32-bit x86, aka "i386 compatible".
*/ */
#if defined __i386__ || defined _M_IX86 #if defined __i386__ || defined _M_IX86
#define SPH_DETECT_LITTLE_ENDIAN 1 #define SPH_DETECT_LITTLE_ENDIAN 1
#define SPH_DETECT_BIG_ENDIAN 0 #define SPH_DETECT_BIG_ENDIAN 0
/* /*
* 64-bit x86, hereafter known as "amd64". * 64-bit x86, hereafter known as "amd64".
*/ */
#elif defined __x86_64 || defined _M_X64 #elif defined __x86_64 || defined _M_X64
#define SPH_DETECT_LITTLE_ENDIAN 1 #define SPH_DETECT_LITTLE_ENDIAN 1
#define SPH_DETECT_BIG_ENDIAN 0 #define SPH_DETECT_BIG_ENDIAN 0
/* /*
* ARM, little-endian. * ARM, little-endian.
*/ */
#elif defined __arm__ && __ARMEL__ #elif defined __arm__ && __ARMEL__
#define SPH_DETECT_LITTLE_ENDIAN 1 #define SPH_DETECT_LITTLE_ENDIAN 1
#define SPH_DETECT_BIG_ENDIAN 0 #define SPH_DETECT_BIG_ENDIAN 0
/* /*
* ARM64, little-endian. * ARM64, little-endian.
*/ */
#elif defined __aarch64__ #elif defined __aarch64__
#define SPH_DETECT_LITTLE_ENDIAN 1 #define SPH_DETECT_LITTLE_ENDIAN 1
#define SPH_DETECT_BIG_ENDIAN 0 #define SPH_DETECT_BIG_ENDIAN 0
#endif #endif
#if defined SPH_DETECT_LITTLE_ENDIAN && !defined SPH_LITTLE_ENDIAN #if defined SPH_DETECT_LITTLE_ENDIAN && !defined SPH_LITTLE_ENDIAN
#define SPH_LITTLE_ENDIAN SPH_DETECT_LITTLE_ENDIAN #define SPH_LITTLE_ENDIAN SPH_DETECT_LITTLE_ENDIAN
#endif #endif
#if defined SPH_DETECT_BIG_ENDIAN && !defined SPH_BIG_ENDIAN #if defined SPH_DETECT_BIG_ENDIAN && !defined SPH_BIG_ENDIAN
#define SPH_BIG_ENDIAN SPH_DETECT_BIG_ENDIAN #define SPH_BIG_ENDIAN SPH_DETECT_BIG_ENDIAN
#endif #endif
static inline sph_u32 static inline sph_u32 sph_bswap32(sph_u32 x) {
sph_bswap32(sph_u32 x) x = SPH_T32((x << 16) | (x >> 16));
{ x = ((x & SPH_C32(0xFF00FF00)) >> 8) | ((x & SPH_C32(0x00FF00FF)) << 8);
x = SPH_T32((x << 16) | (x >> 16)); return x;
x = ((x & SPH_C32(0xFF00FF00)) >> 8)
| ((x & SPH_C32(0x00FF00FF)) << 8);
return x;
} }
/** /**
@ -139,43 +135,33 @@ sph_bswap32(sph_u32 x)
* @param x the input value * @param x the input value
* @return the byte-swapped value * @return the byte-swapped value
*/ */
static inline sph_u64 static inline sph_u64 sph_bswap64(sph_u64 x) {
sph_bswap64(sph_u64 x) x = SPH_T64((x << 32) | (x >> 32));
{ x = ((x & SPH_C64(0xFFFF0000FFFF0000)) >> 16) |
x = SPH_T64((x << 32) | (x >> 32)); ((x & SPH_C64(0x0000FFFF0000FFFF)) << 16);
x = ((x & SPH_C64(0xFFFF0000FFFF0000)) >> 16) x = ((x & SPH_C64(0xFF00FF00FF00FF00)) >> 8) |
| ((x & SPH_C64(0x0000FFFF0000FFFF)) << 16); ((x & SPH_C64(0x00FF00FF00FF00FF)) << 8);
x = ((x & SPH_C64(0xFF00FF00FF00FF00)) >> 8) return x;
| ((x & SPH_C64(0x00FF00FF00FF00FF)) << 8);
return x;
} }
static inline void static inline void sph_enc16be(void *dst, unsigned val) {
sph_enc16be(void *dst, unsigned val) ((unsigned char *)dst)[0] = (val >> 8);
{ ((unsigned char *)dst)[1] = val;
((unsigned char *)dst)[0] = (val >> 8);
((unsigned char *)dst)[1] = val;
} }
static inline unsigned static inline unsigned sph_dec16be(const void *src) {
sph_dec16be(const void *src) return ((unsigned)(((const unsigned char *)src)[0]) << 8) |
{ (unsigned)(((const unsigned char *)src)[1]);
return ((unsigned)(((const unsigned char *)src)[0]) << 8)
| (unsigned)(((const unsigned char *)src)[1]);
} }
static inline void static inline void sph_enc16le(void *dst, unsigned val) {
sph_enc16le(void *dst, unsigned val) ((unsigned char *)dst)[0] = val;
{ ((unsigned char *)dst)[1] = val >> 8;
((unsigned char *)dst)[0] = val;
((unsigned char *)dst)[1] = val >> 8;
} }
static inline unsigned static inline unsigned sph_dec16le(const void *src) {
sph_dec16le(const void *src) return (unsigned)(((const unsigned char *)src)[0]) |
{ ((unsigned)(((const unsigned char *)src)[1]) << 8);
return (unsigned)(((const unsigned char *)src)[0])
| ((unsigned)(((const unsigned char *)src)[1]) << 8);
} }
/** /**
@ -184,13 +170,11 @@ sph_dec16le(const void *src)
* @param dst the destination buffer * @param dst the destination buffer
* @param val the 32-bit value to encode * @param val the 32-bit value to encode
*/ */
static inline void static inline void sph_enc32be(void *dst, sph_u32 val) {
sph_enc32be(void *dst, sph_u32 val) ((unsigned char *)dst)[0] = (val >> 24);
{ ((unsigned char *)dst)[1] = (val >> 16);
((unsigned char *)dst)[0] = (val >> 24); ((unsigned char *)dst)[2] = (val >> 8);
((unsigned char *)dst)[1] = (val >> 16); ((unsigned char *)dst)[3] = val;
((unsigned char *)dst)[2] = (val >> 8);
((unsigned char *)dst)[3] = val;
} }
/** /**
@ -200,18 +184,16 @@ sph_enc32be(void *dst, sph_u32 val)
* @param dst the destination buffer (32-bit aligned) * @param dst the destination buffer (32-bit aligned)
* @param val the value to encode * @param val the value to encode
*/ */
static inline void static inline void sph_enc32be_aligned(void *dst, sph_u32 val) {
sph_enc32be_aligned(void *dst, sph_u32 val)
{
#if SPH_LITTLE_ENDIAN #if SPH_LITTLE_ENDIAN
*(sph_u32 *)dst = sph_bswap32(val); *(sph_u32 *)dst = sph_bswap32(val);
#elif SPH_BIG_ENDIAN #elif SPH_BIG_ENDIAN
*(sph_u32 *)dst = val; *(sph_u32 *)dst = val;
#else #else
((unsigned char *)dst)[0] = (val >> 24); ((unsigned char *)dst)[0] = (val >> 24);
((unsigned char *)dst)[1] = (val >> 16); ((unsigned char *)dst)[1] = (val >> 16);
((unsigned char *)dst)[2] = (val >> 8); ((unsigned char *)dst)[2] = (val >> 8);
((unsigned char *)dst)[3] = val; ((unsigned char *)dst)[3] = val;
#endif #endif
} }
@ -221,13 +203,11 @@ sph_enc32be_aligned(void *dst, sph_u32 val)
* @param src the source buffer * @param src the source buffer
* @return the decoded value * @return the decoded value
*/ */
static inline sph_u32 static inline sph_u32 sph_dec32be(const void *src) {
sph_dec32be(const void *src) return ((sph_u32)(((const unsigned char *)src)[0]) << 24) |
{ ((sph_u32)(((const unsigned char *)src)[1]) << 16) |
return ((sph_u32)(((const unsigned char *)src)[0]) << 24) ((sph_u32)(((const unsigned char *)src)[2]) << 8) |
| ((sph_u32)(((const unsigned char *)src)[1]) << 16) (sph_u32)(((const unsigned char *)src)[3]);
| ((sph_u32)(((const unsigned char *)src)[2]) << 8)
| (sph_u32)(((const unsigned char *)src)[3]);
} }
/** /**
@ -237,18 +217,16 @@ sph_dec32be(const void *src)
* @param src the source buffer (32-bit aligned) * @param src the source buffer (32-bit aligned)
* @return the decoded value * @return the decoded value
*/ */
static inline sph_u32 static inline sph_u32 sph_dec32be_aligned(const void *src) {
sph_dec32be_aligned(const void *src)
{
#if SPH_LITTLE_ENDIAN #if SPH_LITTLE_ENDIAN
return sph_bswap32(*(const sph_u32 *)src); return sph_bswap32(*(const sph_u32 *)src);
#elif SPH_BIG_ENDIAN #elif SPH_BIG_ENDIAN
return *(const sph_u32 *)src; return *(const sph_u32 *)src;
#else #else
return ((sph_u32)(((const unsigned char *)src)[0]) << 24) return ((sph_u32)(((const unsigned char *)src)[0]) << 24) |
| ((sph_u32)(((const unsigned char *)src)[1]) << 16) ((sph_u32)(((const unsigned char *)src)[1]) << 16) |
| ((sph_u32)(((const unsigned char *)src)[2]) << 8) ((sph_u32)(((const unsigned char *)src)[2]) << 8) |
| (sph_u32)(((const unsigned char *)src)[3]); (sph_u32)(((const unsigned char *)src)[3]);
#endif #endif
} }
@ -258,13 +236,11 @@ sph_dec32be_aligned(const void *src)
* @param dst the destination buffer * @param dst the destination buffer
* @param val the 32-bit value to encode * @param val the 32-bit value to encode
*/ */
static inline void static inline void sph_enc32le(void *dst, sph_u32 val) {
sph_enc32le(void *dst, sph_u32 val) ((unsigned char *)dst)[0] = val;
{ ((unsigned char *)dst)[1] = (val >> 8);
((unsigned char *)dst)[0] = val; ((unsigned char *)dst)[2] = (val >> 16);
((unsigned char *)dst)[1] = (val >> 8); ((unsigned char *)dst)[3] = (val >> 24);
((unsigned char *)dst)[2] = (val >> 16);
((unsigned char *)dst)[3] = (val >> 24);
} }
/** /**
@ -274,18 +250,16 @@ sph_enc32le(void *dst, sph_u32 val)
* @param dst the destination buffer (32-bit aligned) * @param dst the destination buffer (32-bit aligned)
* @param val the value to encode * @param val the value to encode
*/ */
static inline void static inline void sph_enc32le_aligned(void *dst, sph_u32 val) {
sph_enc32le_aligned(void *dst, sph_u32 val)
{
#if SPH_LITTLE_ENDIAN #if SPH_LITTLE_ENDIAN
*(sph_u32 *)dst = val; *(sph_u32 *)dst = val;
#elif SPH_BIG_ENDIAN #elif SPH_BIG_ENDIAN
*(sph_u32 *)dst = sph_bswap32(val); *(sph_u32 *)dst = sph_bswap32(val);
#else #else
((unsigned char *)dst)[0] = val; ((unsigned char *)dst)[0] = val;
((unsigned char *)dst)[1] = (val >> 8); ((unsigned char *)dst)[1] = (val >> 8);
((unsigned char *)dst)[2] = (val >> 16); ((unsigned char *)dst)[2] = (val >> 16);
((unsigned char *)dst)[3] = (val >> 24); ((unsigned char *)dst)[3] = (val >> 24);
#endif #endif
} }
@ -295,13 +269,11 @@ sph_enc32le_aligned(void *dst, sph_u32 val)
* @param src the source buffer * @param src the source buffer
* @return the decoded value * @return the decoded value
*/ */
static inline sph_u32 static inline sph_u32 sph_dec32le(const void *src) {
sph_dec32le(const void *src) return (sph_u32)(((const unsigned char *)src)[0]) |
{ ((sph_u32)(((const unsigned char *)src)[1]) << 8) |
return (sph_u32)(((const unsigned char *)src)[0]) ((sph_u32)(((const unsigned char *)src)[2]) << 16) |
| ((sph_u32)(((const unsigned char *)src)[1]) << 8) ((sph_u32)(((const unsigned char *)src)[3]) << 24);
| ((sph_u32)(((const unsigned char *)src)[2]) << 16)
| ((sph_u32)(((const unsigned char *)src)[3]) << 24);
} }
/** /**
@ -311,18 +283,16 @@ sph_dec32le(const void *src)
* @param src the source buffer (32-bit aligned) * @param src the source buffer (32-bit aligned)
* @return the decoded value * @return the decoded value
*/ */
static inline sph_u32 static inline sph_u32 sph_dec32le_aligned(const void *src) {
sph_dec32le_aligned(const void *src)
{
#if SPH_LITTLE_ENDIAN #if SPH_LITTLE_ENDIAN
return *(const sph_u32 *)src; return *(const sph_u32 *)src;
#elif SPH_BIG_ENDIAN #elif SPH_BIG_ENDIAN
return sph_bswap32(*(const sph_u32 *)src); return sph_bswap32(*(const sph_u32 *)src);
#else #else
return (sph_u32)(((const unsigned char *)src)[0]) return (sph_u32)(((const unsigned char *)src)[0]) |
| ((sph_u32)(((const unsigned char *)src)[1]) << 8) ((sph_u32)(((const unsigned char *)src)[1]) << 8) |
| ((sph_u32)(((const unsigned char *)src)[2]) << 16) ((sph_u32)(((const unsigned char *)src)[2]) << 16) |
| ((sph_u32)(((const unsigned char *)src)[3]) << 24); ((sph_u32)(((const unsigned char *)src)[3]) << 24);
#endif #endif
} }
@ -332,17 +302,15 @@ sph_dec32le_aligned(const void *src)
* @param dst the destination buffer * @param dst the destination buffer
* @param val the 64-bit value to encode * @param val the 64-bit value to encode
*/ */
static inline void static inline void sph_enc64be(void *dst, sph_u64 val) {
sph_enc64be(void *dst, sph_u64 val) ((unsigned char *)dst)[0] = (val >> 56);
{ ((unsigned char *)dst)[1] = (val >> 48);
((unsigned char *)dst)[0] = (val >> 56); ((unsigned char *)dst)[2] = (val >> 40);
((unsigned char *)dst)[1] = (val >> 48); ((unsigned char *)dst)[3] = (val >> 32);
((unsigned char *)dst)[2] = (val >> 40); ((unsigned char *)dst)[4] = (val >> 24);
((unsigned char *)dst)[3] = (val >> 32); ((unsigned char *)dst)[5] = (val >> 16);
((unsigned char *)dst)[4] = (val >> 24); ((unsigned char *)dst)[6] = (val >> 8);
((unsigned char *)dst)[5] = (val >> 16); ((unsigned char *)dst)[7] = val;
((unsigned char *)dst)[6] = (val >> 8);
((unsigned char *)dst)[7] = val;
} }
/** /**
@ -352,22 +320,20 @@ sph_enc64be(void *dst, sph_u64 val)
* @param dst the destination buffer (64-bit aligned) * @param dst the destination buffer (64-bit aligned)
* @param val the value to encode * @param val the value to encode
*/ */
static inline void static inline void sph_enc64be_aligned(void *dst, sph_u64 val) {
sph_enc64be_aligned(void *dst, sph_u64 val)
{
#if SPH_LITTLE_ENDIAN #if SPH_LITTLE_ENDIAN
*(sph_u64 *)dst = sph_bswap64(val); *(sph_u64 *)dst = sph_bswap64(val);
#elif SPH_BIG_ENDIAN #elif SPH_BIG_ENDIAN
*(sph_u64 *)dst = val; *(sph_u64 *)dst = val;
#else #else
((unsigned char *)dst)[0] = (val >> 56); ((unsigned char *)dst)[0] = (val >> 56);
((unsigned char *)dst)[1] = (val >> 48); ((unsigned char *)dst)[1] = (val >> 48);
((unsigned char *)dst)[2] = (val >> 40); ((unsigned char *)dst)[2] = (val >> 40);
((unsigned char *)dst)[3] = (val >> 32); ((unsigned char *)dst)[3] = (val >> 32);
((unsigned char *)dst)[4] = (val >> 24); ((unsigned char *)dst)[4] = (val >> 24);
((unsigned char *)dst)[5] = (val >> 16); ((unsigned char *)dst)[5] = (val >> 16);
((unsigned char *)dst)[6] = (val >> 8); ((unsigned char *)dst)[6] = (val >> 8);
((unsigned char *)dst)[7] = val; ((unsigned char *)dst)[7] = val;
#endif #endif
} }
@ -377,17 +343,15 @@ sph_enc64be_aligned(void *dst, sph_u64 val)
* @param src the source buffer * @param src the source buffer
* @return the decoded value * @return the decoded value
*/ */
static inline sph_u64 static inline sph_u64 sph_dec64be(const void *src) {
sph_dec64be(const void *src) return ((sph_u64)(((const unsigned char *)src)[0]) << 56) |
{ ((sph_u64)(((const unsigned char *)src)[1]) << 48) |
return ((sph_u64)(((const unsigned char *)src)[0]) << 56) ((sph_u64)(((const unsigned char *)src)[2]) << 40) |
| ((sph_u64)(((const unsigned char *)src)[1]) << 48) ((sph_u64)(((const unsigned char *)src)[3]) << 32) |
| ((sph_u64)(((const unsigned char *)src)[2]) << 40) ((sph_u64)(((const unsigned char *)src)[4]) << 24) |
| ((sph_u64)(((const unsigned char *)src)[3]) << 32) ((sph_u64)(((const unsigned char *)src)[5]) << 16) |
| ((sph_u64)(((const unsigned char *)src)[4]) << 24) ((sph_u64)(((const unsigned char *)src)[6]) << 8) |
| ((sph_u64)(((const unsigned char *)src)[5]) << 16) (sph_u64)(((const unsigned char *)src)[7]);
| ((sph_u64)(((const unsigned char *)src)[6]) << 8)
| (sph_u64)(((const unsigned char *)src)[7]);
} }
/** /**
@ -397,22 +361,20 @@ sph_dec64be(const void *src)
* @param src the source buffer (64-bit aligned) * @param src the source buffer (64-bit aligned)
* @return the decoded value * @return the decoded value
*/ */
static inline sph_u64 static inline sph_u64 sph_dec64be_aligned(const void *src) {
sph_dec64be_aligned(const void *src)
{
#if SPH_LITTLE_ENDIAN #if SPH_LITTLE_ENDIAN
return sph_bswap64(*(const sph_u64 *)src); return sph_bswap64(*(const sph_u64 *)src);
#elif SPH_BIG_ENDIAN #elif SPH_BIG_ENDIAN
return *(const sph_u64 *)src; return *(const sph_u64 *)src;
#else #else
return ((sph_u64)(((const unsigned char *)src)[0]) << 56) return ((sph_u64)(((const unsigned char *)src)[0]) << 56) |
| ((sph_u64)(((const unsigned char *)src)[1]) << 48) ((sph_u64)(((const unsigned char *)src)[1]) << 48) |
| ((sph_u64)(((const unsigned char *)src)[2]) << 40) ((sph_u64)(((const unsigned char *)src)[2]) << 40) |
| ((sph_u64)(((const unsigned char *)src)[3]) << 32) ((sph_u64)(((const unsigned char *)src)[3]) << 32) |
| ((sph_u64)(((const unsigned char *)src)[4]) << 24) ((sph_u64)(((const unsigned char *)src)[4]) << 24) |
| ((sph_u64)(((const unsigned char *)src)[5]) << 16) ((sph_u64)(((const unsigned char *)src)[5]) << 16) |
| ((sph_u64)(((const unsigned char *)src)[6]) << 8) ((sph_u64)(((const unsigned char *)src)[6]) << 8) |
| (sph_u64)(((const unsigned char *)src)[7]); (sph_u64)(((const unsigned char *)src)[7]);
#endif #endif
} }
@ -422,17 +384,15 @@ sph_dec64be_aligned(const void *src)
* @param dst the destination buffer * @param dst the destination buffer
* @param val the 64-bit value to encode * @param val the 64-bit value to encode
*/ */
static inline void static inline void sph_enc64le(void *dst, sph_u64 val) {
sph_enc64le(void *dst, sph_u64 val) ((unsigned char *)dst)[0] = val;
{ ((unsigned char *)dst)[1] = (val >> 8);
((unsigned char *)dst)[0] = val; ((unsigned char *)dst)[2] = (val >> 16);
((unsigned char *)dst)[1] = (val >> 8); ((unsigned char *)dst)[3] = (val >> 24);
((unsigned char *)dst)[2] = (val >> 16); ((unsigned char *)dst)[4] = (val >> 32);
((unsigned char *)dst)[3] = (val >> 24); ((unsigned char *)dst)[5] = (val >> 40);
((unsigned char *)dst)[4] = (val >> 32); ((unsigned char *)dst)[6] = (val >> 48);
((unsigned char *)dst)[5] = (val >> 40); ((unsigned char *)dst)[7] = (val >> 56);
((unsigned char *)dst)[6] = (val >> 48);
((unsigned char *)dst)[7] = (val >> 56);
} }
/** /**
@ -442,22 +402,20 @@ sph_enc64le(void *dst, sph_u64 val)
* @param dst the destination buffer (64-bit aligned) * @param dst the destination buffer (64-bit aligned)
* @param val the value to encode * @param val the value to encode
*/ */
static inline void static inline void sph_enc64le_aligned(void *dst, sph_u64 val) {
sph_enc64le_aligned(void *dst, sph_u64 val)
{
#if SPH_LITTLE_ENDIAN #if SPH_LITTLE_ENDIAN
*(sph_u64 *)dst = val; *(sph_u64 *)dst = val;
#elif SPH_BIG_ENDIAN #elif SPH_BIG_ENDIAN
*(sph_u64 *)dst = sph_bswap64(val); *(sph_u64 *)dst = sph_bswap64(val);
#else #else
((unsigned char *)dst)[0] = val; ((unsigned char *)dst)[0] = val;
((unsigned char *)dst)[1] = (val >> 8); ((unsigned char *)dst)[1] = (val >> 8);
((unsigned char *)dst)[2] = (val >> 16); ((unsigned char *)dst)[2] = (val >> 16);
((unsigned char *)dst)[3] = (val >> 24); ((unsigned char *)dst)[3] = (val >> 24);
((unsigned char *)dst)[4] = (val >> 32); ((unsigned char *)dst)[4] = (val >> 32);
((unsigned char *)dst)[5] = (val >> 40); ((unsigned char *)dst)[5] = (val >> 40);
((unsigned char *)dst)[6] = (val >> 48); ((unsigned char *)dst)[6] = (val >> 48);
((unsigned char *)dst)[7] = (val >> 56); ((unsigned char *)dst)[7] = (val >> 56);
#endif #endif
} }
@ -467,17 +425,15 @@ sph_enc64le_aligned(void *dst, sph_u64 val)
* @param src the source buffer * @param src the source buffer
* @return the decoded value * @return the decoded value
*/ */
static inline sph_u64 static inline sph_u64 sph_dec64le(const void *src) {
sph_dec64le(const void *src) return (sph_u64)(((const unsigned char *)src)[0]) |
{ ((sph_u64)(((const unsigned char *)src)[1]) << 8) |
return (sph_u64)(((const unsigned char *)src)[0]) ((sph_u64)(((const unsigned char *)src)[2]) << 16) |
| ((sph_u64)(((const unsigned char *)src)[1]) << 8) ((sph_u64)(((const unsigned char *)src)[3]) << 24) |
| ((sph_u64)(((const unsigned char *)src)[2]) << 16) ((sph_u64)(((const unsigned char *)src)[4]) << 32) |
| ((sph_u64)(((const unsigned char *)src)[3]) << 24) ((sph_u64)(((const unsigned char *)src)[5]) << 40) |
| ((sph_u64)(((const unsigned char *)src)[4]) << 32) ((sph_u64)(((const unsigned char *)src)[6]) << 48) |
| ((sph_u64)(((const unsigned char *)src)[5]) << 40) ((sph_u64)(((const unsigned char *)src)[7]) << 56);
| ((sph_u64)(((const unsigned char *)src)[6]) << 48)
| ((sph_u64)(((const unsigned char *)src)[7]) << 56);
} }
/** /**
@ -487,22 +443,20 @@ sph_dec64le(const void *src)
* @param src the source buffer (64-bit aligned) * @param src the source buffer (64-bit aligned)
* @return the decoded value * @return the decoded value
*/ */
static inline sph_u64 static inline sph_u64 sph_dec64le_aligned(const void *src) {
sph_dec64le_aligned(const void *src)
{
#if SPH_LITTLE_ENDIAN #if SPH_LITTLE_ENDIAN
return *(const sph_u64 *)src; return *(const sph_u64 *)src;
#elif SPH_BIG_ENDIAN #elif SPH_BIG_ENDIAN
return sph_bswap64(*(const sph_u64 *)src); return sph_bswap64(*(const sph_u64 *)src);
#else #else
return (sph_u64)(((const unsigned char *)src)[0]) return (sph_u64)(((const unsigned char *)src)[0]) |
| ((sph_u64)(((const unsigned char *)src)[1]) << 8) ((sph_u64)(((const unsigned char *)src)[1]) << 8) |
| ((sph_u64)(((const unsigned char *)src)[2]) << 16) ((sph_u64)(((const unsigned char *)src)[2]) << 16) |
| ((sph_u64)(((const unsigned char *)src)[3]) << 24) ((sph_u64)(((const unsigned char *)src)[3]) << 24) |
| ((sph_u64)(((const unsigned char *)src)[4]) << 32) ((sph_u64)(((const unsigned char *)src)[4]) << 32) |
| ((sph_u64)(((const unsigned char *)src)[5]) << 40) ((sph_u64)(((const unsigned char *)src)[5]) << 40) |
| ((sph_u64)(((const unsigned char *)src)[6]) << 48) ((sph_u64)(((const unsigned char *)src)[6]) << 48) |
| ((sph_u64)(((const unsigned char *)src)[7]) << 56); ((sph_u64)(((const unsigned char *)src)[7]) << 56);
#endif #endif
} }

2
tools/style.c.exclude
View File

@ -3,9 +3,7 @@
^\./crypto/chacha20poly1305/ ^\./crypto/chacha20poly1305/
^\./crypto/ed25519-donna/ ^\./crypto/ed25519-donna/
^\./crypto/gui/ ^\./crypto/gui/
^\./crypto/blake2
^\./crypto/check_mem ^\./crypto/check_mem
^\./crypto/groestl
^\./crypto/ripemd160 ^\./crypto/ripemd160
^\./crypto/segwit_addr ^\./crypto/segwit_addr
^\./crypto/sha2 ^\./crypto/sha2