summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjsing <>2014-04-15 14:38:10 +0000
committerjsing <>2014-04-15 14:38:10 +0000
commitfd934c882a62cc862a41725de129e7a623ce16a3 (patch)
tree0afadc32450a98b257d0902261d2c1f7ba6b56be
parent69a8d2dcc19aed0d1116ba2ecd81cce5ae736c94 (diff)
downloadopenbsd-fd934c882a62cc862a41725de129e7a623ce16a3.tar.gz
openbsd-fd934c882a62cc862a41725de129e7a623ce16a3.tar.bz2
openbsd-fd934c882a62cc862a41725de129e7a623ce16a3.zip
First pass at applying KNF to the OpenSSL code, which almost makes it
readable. This pass is whitespace only and can readily be verified using tr and md5.
Diffstat
-rw-r--r--src/lib/libcrypto/aes/aes.h64
-rw-r--r--src/lib/libcrypto/aes/aes_cbc.c14
-rw-r--r--src/lib/libcrypto/aes/aes_cfb.c37
-rw-r--r--src/lib/libcrypto/aes/aes_core.c2042
-rw-r--r--src/lib/libcrypto/aes/aes_ctr.c13
-rw-r--r--src/lib/libcrypto/aes/aes_ecb.c12
-rw-r--r--src/lib/libcrypto/aes/aes_ige.c145
-rw-r--r--src/lib/libcrypto/aes/aes_misc.c25
-rw-r--r--src/lib/libcrypto/aes/aes_ofb.c9
-rw-r--r--src/lib/libcrypto/aes/aes_wrap.c186
-rw-r--r--src/lib/libcrypto/aes/aes_x86core.c1417
-rw-r--r--src/lib/libssl/src/crypto/aes/aes.h64
-rw-r--r--src/lib/libssl/src/crypto/aes/aes_cbc.c14
-rw-r--r--src/lib/libssl/src/crypto/aes/aes_cfb.c37
-rw-r--r--src/lib/libssl/src/crypto/aes/aes_core.c2042
-rw-r--r--src/lib/libssl/src/crypto/aes/aes_ctr.c13
-rw-r--r--src/lib/libssl/src/crypto/aes/aes_ecb.c12
-rw-r--r--src/lib/libssl/src/crypto/aes/aes_ige.c145
-rw-r--r--src/lib/libssl/src/crypto/aes/aes_misc.c25
-rw-r--r--src/lib/libssl/src/crypto/aes/aes_ofb.c9
-rw-r--r--src/lib/libssl/src/crypto/aes/aes_wrap.c186
-rw-r--r--src/lib/libssl/src/crypto/aes/aes_x86core.c1417
22 files changed, 3988 insertions, 3940 deletions
diff --git a/src/lib/libcrypto/aes/aes.h b/src/lib/libcrypto/aes/aes.h
index 031abf01b5..4d477bdf19 100644
--- a/src/lib/libcrypto/aes/aes.h
+++ b/src/lib/libcrypto/aes/aes.h
@@ -75,69 +75,61 @@ extern "C" {
75/* This should be a hidden type, but EVP requires that the size be known */ 75/* This should be a hidden type, but EVP requires that the size be known */
76struct aes_key_st { 76struct aes_key_st {
77#ifdef AES_LONG 77#ifdef AES_LONG
78 unsigned long rd_key[4 *(AES_MAXNR + 1)]; 78 unsigned long rd_key[4 *(AES_MAXNR + 1)];
79#else 79#else
80 unsigned int rd_key[4 *(AES_MAXNR + 1)]; 80 unsigned int rd_key[4 *(AES_MAXNR + 1)];
81#endif 81#endif
82 int rounds; 82 int rounds;
83}; 83};
84typedef struct aes_key_st AES_KEY; 84typedef struct aes_key_st AES_KEY;
85 85
86const char *AES_options(void); 86const char *AES_options(void);
87 87
88int AES_set_encrypt_key(const unsigned char *userKey, const int bits, 88int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
89 AES_KEY *key); 89 AES_KEY *key);
90int AES_set_decrypt_key(const unsigned char *userKey, const int bits, 90int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
91 AES_KEY *key); 91 AES_KEY *key);
92 92
93int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits, 93int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
94 AES_KEY *key); 94 AES_KEY *key);
95int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits, 95int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
96 AES_KEY *key); 96 AES_KEY *key);
97 97
98void AES_encrypt(const unsigned char *in, unsigned char *out, 98void AES_encrypt(const unsigned char *in, unsigned char *out,
99 const AES_KEY *key); 99 const AES_KEY *key);
100void AES_decrypt(const unsigned char *in, unsigned char *out, 100void AES_decrypt(const unsigned char *in, unsigned char *out,
101 const AES_KEY *key); 101 const AES_KEY *key);
102 102
103void AES_ecb_encrypt(const unsigned char *in, unsigned char *out, 103void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
104 const AES_KEY *key, const int enc); 104 const AES_KEY *key, const int enc);
105void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, 105void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
106 size_t length, const AES_KEY *key, 106 size_t length, const AES_KEY *key, unsigned char *ivec, const int enc);
107 unsigned char *ivec, const int enc);
108void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, 107void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
109 size_t length, const AES_KEY *key, 108 size_t length, const AES_KEY *key, unsigned char *ivec, int *num,
110 unsigned char *ivec, int *num, const int enc); 109 const int enc);
111void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, 110void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
112 size_t length, const AES_KEY *key, 111 size_t length, const AES_KEY *key, unsigned char *ivec, int *num,
113 unsigned char *ivec, int *num, const int enc); 112 const int enc);
114void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, 113void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
115 size_t length, const AES_KEY *key, 114 size_t length, const AES_KEY *key, unsigned char *ivec, int *num,
116 unsigned char *ivec, int *num, const int enc); 115 const int enc);
117void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, 116void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
118 size_t length, const AES_KEY *key, 117 size_t length, const AES_KEY *key, unsigned char *ivec, int *num);
119 unsigned char *ivec, int *num);
120void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, 118void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
121 size_t length, const AES_KEY *key, 119 size_t length, const AES_KEY *key, unsigned char ivec[AES_BLOCK_SIZE],
122 unsigned char ivec[AES_BLOCK_SIZE], 120 unsigned char ecount_buf[AES_BLOCK_SIZE], unsigned int *num);
123 unsigned char ecount_buf[AES_BLOCK_SIZE],
124 unsigned int *num);
125/* NB: the IV is _two_ blocks long */ 121/* NB: the IV is _two_ blocks long */
126void AES_ige_encrypt(const unsigned char *in, unsigned char *out, 122void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
127 size_t length, const AES_KEY *key, 123 size_t length, const AES_KEY *key, unsigned char *ivec, const int enc);
128 unsigned char *ivec, const int enc);
129/* NB: the IV is _four_ blocks long */ 124/* NB: the IV is _four_ blocks long */
130void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out, 125void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
131 size_t length, const AES_KEY *key, 126 size_t length, const AES_KEY *key, const AES_KEY *key2,
132 const AES_KEY *key2, const unsigned char *ivec, 127 const unsigned char *ivec, const int enc);
133 const int enc); 128
134 129int AES_wrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
135int AES_wrap_key(AES_KEY *key, const unsigned char *iv, 130 const unsigned char *in, unsigned int inlen);
136 unsigned char *out, 131int AES_unwrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
137 const unsigned char *in, unsigned int inlen); 132 const unsigned char *in, unsigned int inlen);
138int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
139 unsigned char *out,
140 const unsigned char *in, unsigned int inlen);
141 133
142 134
143#ifdef __cplusplus 135#ifdef __cplusplus
diff --git a/src/lib/libcrypto/aes/aes_cbc.c b/src/lib/libcrypto/aes/aes_cbc.c
index 227f75625d..9430e04a3e 100644
--- a/src/lib/libcrypto/aes/aes_cbc.c
+++ b/src/lib/libcrypto/aes/aes_cbc.c
@@ -52,12 +52,14 @@
52#include <openssl/aes.h> 52#include <openssl/aes.h>
53#include <openssl/modes.h> 53#include <openssl/modes.h>
54 54
55void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, 55void
56 size_t len, const AES_KEY *key, 56AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
57 unsigned char *ivec, const int enc) { 57 size_t len, const AES_KEY *key, unsigned char *ivec, const int enc)
58 58{
59 if (enc) 59 if (enc)
60 CRYPTO_cbc128_encrypt(in,out,len,key,ivec,(block128_f)AES_encrypt); 60 CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
61 (block128_f)AES_encrypt);
61 else 62 else
62 CRYPTO_cbc128_decrypt(in,out,len,key,ivec,(block128_f)AES_decrypt); 63 CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
64 (block128_f)AES_decrypt);
63} 65}
diff --git a/src/lib/libcrypto/aes/aes_cfb.c b/src/lib/libcrypto/aes/aes_cfb.c
index 0c6d058ce7..b496a04716 100644
--- a/src/lib/libcrypto/aes/aes_cfb.c
+++ b/src/lib/libcrypto/aes/aes_cfb.c
@@ -57,25 +57,28 @@
57 * 128bit block we have used is contained in *num; 57 * 128bit block we have used is contained in *num;
58 */ 58 */
59 59
60void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, 60void
61 size_t length, const AES_KEY *key, 61AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, size_t length,
62 unsigned char *ivec, int *num, const int enc) { 62 const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
63 63{
64 CRYPTO_cfb128_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt); 64 CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
65 (block128_f)AES_encrypt);
65} 66}
66 67
67/* N.B. This expects the input to be packed, MS bit first */ 68/* N.B. This expects the input to be packed, MS bit first */
68void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, 69void
69 size_t length, const AES_KEY *key, 70AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, size_t length,
70 unsigned char *ivec, int *num, const int enc) 71 const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
71 { 72{
72 CRYPTO_cfb128_1_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt); 73 CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
73 } 74 (block128_f)AES_encrypt);
75}
74 76
75void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, 77void
76 size_t length, const AES_KEY *key, 78AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, size_t length,
77 unsigned char *ivec, int *num, const int enc) 79 const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
78 { 80{
79 CRYPTO_cfb128_8_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt); 81 CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
80 } 82 (block128_f)AES_encrypt);
83}
81 84
diff --git a/src/lib/libcrypto/aes/aes_core.c b/src/lib/libcrypto/aes/aes_core.c
index 8f5210ac70..05ffbfbf5f 100644
--- a/src/lib/libcrypto/aes/aes_core.c
+++ b/src/lib/libcrypto/aes/aes_core.c
@@ -54,567 +54,567 @@ Td4[x] = Si[x].[01];
54*/ 54*/
55 55
56static const u32 Te0[256] = { 56static const u32 Te0[256] = {
57 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU, 57 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
58 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U, 58 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
59 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU, 59 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
60 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU, 60 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
61 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U, 61 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
62 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU, 62 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
63 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU, 63 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
64 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU, 64 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
65 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU, 65 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
66 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU, 66 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
67 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U, 67 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
68 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU, 68 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
69 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU, 69 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
70 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U, 70 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
71 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU, 71 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
72 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU, 72 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
73 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU, 73 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
74 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU, 74 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
75 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU, 75 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
76 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U, 76 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
77 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU, 77 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
78 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU, 78 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
79 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU, 79 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
80 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU, 80 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
81 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U, 81 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
82 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U, 82 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
83 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U, 83 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
84 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U, 84 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
85 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU, 85 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
86 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U, 86 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
87 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U, 87 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
88 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU, 88 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
89 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU, 89 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
90 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U, 90 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
91 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U, 91 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
92 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U, 92 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
93 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU, 93 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
94 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U, 94 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
95 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU, 95 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
96 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U, 96 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
97 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU, 97 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
98 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U, 98 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
99 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U, 99 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
100 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU, 100 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
101 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U, 101 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
102 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U, 102 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
103 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U, 103 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
104 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U, 104 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
105 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U, 105 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
106 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U, 106 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
107 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U, 107 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
108 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U, 108 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
109 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU, 109 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
110 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U, 110 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
111 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U, 111 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
112 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U, 112 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
113 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U, 113 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
114 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U, 114 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
115 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U, 115 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
116 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU, 116 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
117 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U, 117 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
118 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U, 118 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
119 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U, 119 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
120 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU, 120 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
121}; 121};
122static const u32 Te1[256] = { 122static const u32 Te1[256] = {
123 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU, 123 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
124 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U, 124 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
125 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU, 125 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
126 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U, 126 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
127 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU, 127 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
128 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U, 128 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
129 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU, 129 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
130 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U, 130 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
131 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U, 131 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
132 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU, 132 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
133 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U, 133 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
134 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U, 134 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
135 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U, 135 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
136 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU, 136 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
137 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U, 137 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
138 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U, 138 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
139 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU, 139 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
140 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U, 140 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
141 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U, 141 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
142 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U, 142 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
143 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU, 143 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
144 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU, 144 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
145 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U, 145 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
146 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU, 146 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
147 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU, 147 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
148 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U, 148 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
149 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU, 149 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
150 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U, 150 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
151 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU, 151 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
152 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U, 152 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
153 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U, 153 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
154 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U, 154 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
155 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU, 155 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
156 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U, 156 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
157 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU, 157 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
158 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U, 158 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
159 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU, 159 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
160 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U, 160 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
161 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U, 161 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
162 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU, 162 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
163 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU, 163 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
164 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU, 164 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
165 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U, 165 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
166 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U, 166 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
167 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU, 167 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
168 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U, 168 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
169 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU, 169 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
170 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U, 170 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
171 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU, 171 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
172 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U, 172 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
173 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU, 173 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
174 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU, 174 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
175 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U, 175 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
176 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU, 176 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
177 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U, 177 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
178 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU, 178 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
179 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U, 179 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
180 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U, 180 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
181 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U, 181 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
182 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU, 182 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
183 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU, 183 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
184 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U, 184 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
185 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU, 185 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
186 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U, 186 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
187}; 187};
188static const u32 Te2[256] = { 188static const u32 Te2[256] = {
189 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU, 189 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
190 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U, 190 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
191 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU, 191 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
192 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U, 192 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
193 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU, 193 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
194 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U, 194 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
195 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU, 195 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
196 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U, 196 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
197 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U, 197 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
198 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU, 198 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
199 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U, 199 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
200 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U, 200 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
201 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U, 201 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
202 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU, 202 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
203 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U, 203 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
204 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U, 204 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
205 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU, 205 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
206 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U, 206 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
207 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U, 207 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
208 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U, 208 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
209 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU, 209 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
210 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU, 210 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
211 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U, 211 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
212 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU, 212 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
213 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU, 213 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
214 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U, 214 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
215 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU, 215 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
216 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U, 216 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
217 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU, 217 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
218 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U, 218 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
219 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U, 219 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
220 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U, 220 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
221 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU, 221 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
222 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U, 222 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
223 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU, 223 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
224 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U, 224 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
225 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU, 225 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
226 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U, 226 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
227 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U, 227 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
228 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU, 228 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
229 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU, 229 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
230 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU, 230 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
231 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U, 231 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
232 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U, 232 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
233 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU, 233 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
234 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U, 234 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
235 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU, 235 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
236 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U, 236 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
237 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU, 237 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
238 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U, 238 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
239 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU, 239 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
240 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU, 240 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
241 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U, 241 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
242 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU, 242 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
243 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U, 243 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
244 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU, 244 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
245 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U, 245 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
246 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U, 246 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
247 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U, 247 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
248 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU, 248 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
249 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU, 249 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
250 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U, 250 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
251 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU, 251 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
252 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U, 252 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
253}; 253};
254static const u32 Te3[256] = { 254static const u32 Te3[256] = {
255 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U, 255 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
256 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U, 256 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
257 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U, 257 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
258 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU, 258 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
259 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU, 259 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
260 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU, 260 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
261 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U, 261 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
262 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU, 262 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
263 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU, 263 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
264 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U, 264 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
265 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U, 265 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
266 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU, 266 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
267 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU, 267 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
268 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU, 268 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
269 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU, 269 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
270 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU, 270 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
271 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U, 271 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
272 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU, 272 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
273 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU, 273 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
274 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U, 274 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
275 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U, 275 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
276 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U, 276 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
277 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U, 277 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
278 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U, 278 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
279 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU, 279 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
280 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U, 280 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
281 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU, 281 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
282 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU, 282 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
283 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U, 283 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
284 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U, 284 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
285 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U, 285 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
286 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU, 286 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
287 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U, 287 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
288 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU, 288 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
289 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU, 289 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
290 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U, 290 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
291 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U, 291 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
292 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU, 292 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
293 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U, 293 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
294 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU, 294 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
295 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U, 295 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
296 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U, 296 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
297 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U, 297 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
298 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U, 298 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
299 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU, 299 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
300 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U, 300 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
301 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU, 301 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
302 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U, 302 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
303 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU, 303 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
304 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U, 304 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
305 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU, 305 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
306 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU, 306 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
307 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU, 307 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
308 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU, 308 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
309 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U, 309 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
310 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U, 310 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
311 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U, 311 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
312 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U, 312 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
313 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U, 313 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
314 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U, 314 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
315 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU, 315 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
316 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U, 316 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
317 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU, 317 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
318 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU, 318 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
319}; 319};
320 320
321static const u32 Td0[256] = { 321static const u32 Td0[256] = {
322 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U, 322 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
323 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U, 323 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
324 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U, 324 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
325 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU, 325 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
326 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U, 326 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
327 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U, 327 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
328 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU, 328 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
329 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U, 329 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
330 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU, 330 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
331 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U, 331 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
332 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U, 332 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
333 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U, 333 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
334 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U, 334 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
335 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU, 335 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
336 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U, 336 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
337 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU, 337 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
338 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U, 338 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
339 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU, 339 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
340 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U, 340 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
341 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U, 341 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
342 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U, 342 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
343 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU, 343 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
344 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U, 344 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
345 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU, 345 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
346 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U, 346 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
347 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU, 347 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
348 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U, 348 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
349 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU, 349 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
350 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU, 350 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
351 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U, 351 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
352 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU, 352 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
353 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U, 353 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
354 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU, 354 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
355 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U, 355 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
356 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U, 356 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
357 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U, 357 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
358 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU, 358 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
359 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U, 359 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
360 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U, 360 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
361 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU, 361 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
362 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U, 362 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
363 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U, 363 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
364 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U, 364 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
365 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U, 365 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
366 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U, 366 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
367 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU, 367 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
368 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U, 368 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
369 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U, 369 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
370 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U, 370 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
371 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U, 371 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
372 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U, 372 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
373 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU, 373 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
374 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU, 374 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
375 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU, 375 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
376 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU, 376 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
377 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U, 377 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
378 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U, 378 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
379 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU, 379 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
380 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU, 380 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
381 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U, 381 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
382 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU, 382 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
383 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U, 383 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
384 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U, 384 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
385 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U, 385 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
386}; 386};
387static const u32 Td1[256] = { 387static const u32 Td1[256] = {
388 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU, 388 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
389 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U, 389 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
390 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU, 390 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
391 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U, 391 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
392 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U, 392 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
393 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U, 393 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
394 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U, 394 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
395 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U, 395 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
396 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U, 396 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
397 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU, 397 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
398 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU, 398 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
399 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU, 399 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
400 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U, 400 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
401 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU, 401 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
402 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U, 402 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
403 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U, 403 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
404 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U, 404 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
405 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU, 405 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
406 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU, 406 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
407 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U, 407 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
408 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU, 408 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
409 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U, 409 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
410 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU, 410 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
411 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU, 411 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
412 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U, 412 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
413 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U, 413 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
414 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U, 414 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
415 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU, 415 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
416 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U, 416 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
417 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU, 417 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
418 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U, 418 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
419 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U, 419 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
420 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U, 420 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
421 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU, 421 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
422 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U, 422 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
423 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U, 423 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
424 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U, 424 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
425 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U, 425 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
426 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U, 426 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
427 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U, 427 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
428 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU, 428 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
429 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU, 429 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
430 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U, 430 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
431 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU, 431 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
432 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U, 432 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
433 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU, 433 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
434 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU, 434 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
435 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U, 435 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
436 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU, 436 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
437 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U, 437 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
438 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U, 438 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
439 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U, 439 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
440 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U, 440 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
441 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U, 441 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
442 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U, 442 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
443 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U, 443 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
444 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU, 444 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
445 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U, 445 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
446 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U, 446 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
447 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU, 447 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
448 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U, 448 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
449 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U, 449 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
450 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U, 450 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
451 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U, 451 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
452}; 452};
453static const u32 Td2[256] = { 453static const u32 Td2[256] = {
454 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U, 454 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
455 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U, 455 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
456 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U, 456 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
457 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U, 457 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
458 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU, 458 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
459 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U, 459 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
460 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U, 460 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
461 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U, 461 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
462 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U, 462 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
463 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU, 463 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
464 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U, 464 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
465 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U, 465 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
466 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU, 466 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
467 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U, 467 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
468 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U, 468 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
469 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U, 469 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
470 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U, 470 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
471 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U, 471 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
472 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U, 472 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
473 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU, 473 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
474 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U, 474 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
475 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U, 475 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
476 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U, 476 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
477 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U, 477 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
478 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U, 478 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
479 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU, 479 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
480 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU, 480 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
481 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U, 481 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
482 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU, 482 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
483 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U, 483 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
484 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU, 484 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
485 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU, 485 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
486 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU, 486 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
487 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU, 487 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
488 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U, 488 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
489 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U, 489 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
490 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U, 490 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
491 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U, 491 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
492 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U, 492 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
493 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U, 493 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
494 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U, 494 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
495 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU, 495 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
496 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU, 496 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
497 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U, 497 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
498 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U, 498 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
499 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU, 499 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
500 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU, 500 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
501 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U, 501 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
502 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U, 502 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
503 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U, 503 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
504 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U, 504 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
505 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U, 505 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
506 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U, 506 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
507 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U, 507 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
508 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU, 508 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
509 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U, 509 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
510 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U, 510 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
511 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U, 511 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
512 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U, 512 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
513 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U, 513 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
514 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U, 514 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
515 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU, 515 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
516 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U, 516 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
517 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U, 517 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
518}; 518};
519static const u32 Td3[256] = { 519static const u32 Td3[256] = {
520 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU, 520 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
521 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU, 521 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
522 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U, 522 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
523 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U, 523 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
524 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU, 524 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
525 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU, 525 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
526 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U, 526 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
527 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU, 527 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
528 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U, 528 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
529 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU, 529 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
530 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U, 530 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
531 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U, 531 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
532 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U, 532 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
533 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U, 533 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
534 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U, 534 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
535 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU, 535 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
536 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU, 536 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
537 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U, 537 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
538 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U, 538 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
539 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU, 539 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
540 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU, 540 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
541 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U, 541 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
542 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U, 542 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
543 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U, 543 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
544 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U, 544 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
545 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU, 545 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
546 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U, 546 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
547 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U, 547 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
548 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU, 548 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
549 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU, 549 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
550 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U, 550 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
551 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U, 551 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
552 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U, 552 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
553 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU, 553 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
554 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U, 554 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
555 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U, 555 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
556 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U, 556 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
557 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U, 557 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
558 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U, 558 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
559 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U, 559 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
560 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U, 560 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
561 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU, 561 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
562 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U, 562 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
563 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U, 563 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
564 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU, 564 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
565 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU, 565 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
566 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U, 566 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
567 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU, 567 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
568 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U, 568 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
569 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U, 569 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
570 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U, 570 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
571 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U, 571 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
572 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U, 572 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
573 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U, 573 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
574 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU, 574 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
575 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU, 575 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
576 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU, 576 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
577 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU, 577 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
578 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U, 578 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
579 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U, 579 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
580 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U, 580 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
581 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU, 581 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
582 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U, 582 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
583 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U, 583 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
584}; 584};
585static const u8 Td4[256] = { 585static const u8 Td4[256] = {
586 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U, 586 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
587 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU, 587 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
588 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U, 588 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
589 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU, 589 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
590 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU, 590 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
591 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU, 591 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
592 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U, 592 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
593 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U, 593 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
594 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U, 594 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
595 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U, 595 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
596 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU, 596 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
597 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U, 597 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
598 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU, 598 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
599 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U, 599 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
600 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U, 600 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
601 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU, 601 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
602 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU, 602 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
603 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U, 603 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
604 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U, 604 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
605 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU, 605 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
606 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U, 606 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
607 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU, 607 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
608 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U, 608 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
609 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U, 609 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
610 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U, 610 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
611 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU, 611 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
612 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU, 612 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
613 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU, 613 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
614 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U, 614 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
615 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U, 615 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
616 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U, 616 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
617 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU, 617 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
618}; 618};
619static const u32 rcon[] = { 619static const u32 rcon[] = {
620 0x01000000, 0x02000000, 0x04000000, 0x08000000, 620 0x01000000, 0x02000000, 0x04000000, 0x08000000,
@@ -625,11 +625,12 @@ static const u32 rcon[] = {
625/** 625/**
626 * Expand the cipher key into the encryption key schedule. 626 * Expand the cipher key into the encryption key schedule.
627 */ 627 */
628int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits, 628int
629 AES_KEY *key) { 629private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
630 630 AES_KEY *key)
631{
631 u32 *rk; 632 u32 *rk;
632 int i = 0; 633 int i = 0;
633 u32 temp; 634 u32 temp;
634 635
635 if (!userKey || !key) 636 if (!userKey || !key)
@@ -639,26 +640,26 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
639 640
640 rk = key->rd_key; 641 rk = key->rd_key;
641 642
642 if (bits==128) 643 if (bits == 128)
643 key->rounds = 10; 644 key->rounds = 10;
644 else if (bits==192) 645 else if (bits == 192)
645 key->rounds = 12; 646 key->rounds = 12;
646 else 647 else
647 key->rounds = 14; 648 key->rounds = 14;
648 649
649 rk[0] = GETU32(userKey ); 650 rk[0] = GETU32(userKey);
650 rk[1] = GETU32(userKey + 4); 651 rk[1] = GETU32(userKey + 4);
651 rk[2] = GETU32(userKey + 8); 652 rk[2] = GETU32(userKey + 8);
652 rk[3] = GETU32(userKey + 12); 653 rk[3] = GETU32(userKey + 12);
653 if (bits == 128) { 654 if (bits == 128) {
654 while (1) { 655 while (1) {
655 temp = rk[3]; 656 temp = rk[3];
656 rk[4] = rk[0] ^ 657 rk[4] = rk[0] ^
657 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ 658 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
658 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ 659 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
659 (Te0[(temp ) & 0xff] & 0x0000ff00) ^ 660 (Te0[(temp) & 0xff] & 0x0000ff00) ^
660 (Te1[(temp >> 24) ] & 0x000000ff) ^ 661 (Te1[(temp >> 24)] & 0x000000ff) ^
661 rcon[i]; 662 rcon[i];
662 rk[5] = rk[1] ^ rk[4]; 663 rk[5] = rk[1] ^ rk[4];
663 rk[6] = rk[2] ^ rk[5]; 664 rk[6] = rk[2] ^ rk[5];
664 rk[7] = rk[3] ^ rk[6]; 665 rk[7] = rk[3] ^ rk[6];
@@ -672,21 +673,21 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
672 rk[5] = GETU32(userKey + 20); 673 rk[5] = GETU32(userKey + 20);
673 if (bits == 192) { 674 if (bits == 192) {
674 while (1) { 675 while (1) {
675 temp = rk[ 5]; 676 temp = rk[5];
676 rk[ 6] = rk[ 0] ^ 677 rk[6] = rk[ 0] ^
677 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ 678 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
678 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ 679 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
679 (Te0[(temp ) & 0xff] & 0x0000ff00) ^ 680 (Te0[(temp) & 0xff] & 0x0000ff00) ^
680 (Te1[(temp >> 24) ] & 0x000000ff) ^ 681 (Te1[(temp >> 24)] & 0x000000ff) ^
681 rcon[i]; 682 rcon[i];
682 rk[ 7] = rk[ 1] ^ rk[ 6]; 683 rk[7] = rk[1] ^ rk[6];
683 rk[ 8] = rk[ 2] ^ rk[ 7]; 684 rk[8] = rk[2] ^ rk[7];
684 rk[ 9] = rk[ 3] ^ rk[ 8]; 685 rk[9] = rk[3] ^ rk[8];
685 if (++i == 8) { 686 if (++i == 8) {
686 return 0; 687 return 0;
687 } 688 }
688 rk[10] = rk[ 4] ^ rk[ 9]; 689 rk[10] = rk[4] ^ rk[9];
689 rk[11] = rk[ 5] ^ rk[10]; 690 rk[11] = rk[5] ^ rk[10];
690 rk += 6; 691 rk += 6;
691 } 692 }
692 } 693 }
@@ -694,31 +695,31 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
694 rk[7] = GETU32(userKey + 28); 695 rk[7] = GETU32(userKey + 28);
695 if (bits == 256) { 696 if (bits == 256) {
696 while (1) { 697 while (1) {
697 temp = rk[ 7]; 698 temp = rk[7];
698 rk[ 8] = rk[ 0] ^ 699 rk[8] = rk[0] ^
699 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ 700 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
700 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ 701 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
701 (Te0[(temp ) & 0xff] & 0x0000ff00) ^ 702 (Te0[(temp) & 0xff] & 0x0000ff00) ^
702 (Te1[(temp >> 24) ] & 0x000000ff) ^ 703 (Te1[(temp >> 24)] & 0x000000ff) ^
703 rcon[i]; 704 rcon[i];
704 rk[ 9] = rk[ 1] ^ rk[ 8]; 705 rk[9] = rk[1] ^ rk[8];
705 rk[10] = rk[ 2] ^ rk[ 9]; 706 rk[10] = rk[2] ^ rk[9];
706 rk[11] = rk[ 3] ^ rk[10]; 707 rk[11] = rk[3] ^ rk[10];
707 if (++i == 7) { 708 if (++i == 7) {
708 return 0; 709 return 0;
709 } 710 }
710 temp = rk[11]; 711 temp = rk[11];
711 rk[12] = rk[ 4] ^ 712 rk[12] = rk[4] ^
712 (Te2[(temp >> 24) ] & 0xff000000) ^ 713 (Te2[(temp >> 24)] & 0xff000000) ^
713 (Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^ 714 (Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^
714 (Te0[(temp >> 8) & 0xff] & 0x0000ff00) ^ 715 (Te0[(temp >> 8) & 0xff] & 0x0000ff00) ^
715 (Te1[(temp ) & 0xff] & 0x000000ff); 716 (Te1[(temp) & 0xff] & 0x000000ff);
716 rk[13] = rk[ 5] ^ rk[12]; 717 rk[13] = rk[5] ^ rk[12];
717 rk[14] = rk[ 6] ^ rk[13]; 718 rk[14] = rk[6] ^ rk[13];
718 rk[15] = rk[ 7] ^ rk[14]; 719 rk[15] = rk[7] ^ rk[14];
719 720
720 rk += 8; 721 rk += 8;
721 } 722 }
722 } 723 }
723 return 0; 724 return 0;
724} 725}
@@ -726,10 +727,11 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
726/** 727/**
727 * Expand the cipher key into the decryption key schedule. 728 * Expand the cipher key into the decryption key schedule.
728 */ 729 */
729int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits, 730int
730 AES_KEY *key) { 731private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
731 732 AES_KEY *key)
732 u32 *rk; 733{
734 u32 *rk;
733 int i, j, status; 735 int i, j, status;
734 u32 temp; 736 u32 temp;
735 737
@@ -741,35 +743,43 @@ int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
741 rk = key->rd_key; 743 rk = key->rd_key;
742 744
743 /* invert the order of the round keys: */ 745 /* invert the order of the round keys: */
744 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) { 746 for (i = 0, j = 4 * (key->rounds); i < j; i += 4, j -= 4) {
745 temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp; 747 temp = rk[i];
746 temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp; 748 rk[i] = rk[j];
747 temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp; 749 rk[j] = temp;
748 temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp; 750 temp = rk[i + 1];
751 rk[i + 1] = rk[j + 1];
752 rk[j + 1] = temp;
753 temp = rk[i + 2];
754 rk[i + 2] = rk[j + 2];
755 rk[j + 2] = temp;
756 temp = rk[i + 3];
757 rk[i + 3] = rk[j + 3];
758 rk[j + 3] = temp;
749 } 759 }
750 /* apply the inverse MixColumn transform to all round keys but the first and the last: */ 760 /* apply the inverse MixColumn transform to all round keys but the first and the last: */
751 for (i = 1; i < (key->rounds); i++) { 761 for (i = 1; i < (key->rounds); i++) {
752 rk += 4; 762 rk += 4;
753 rk[0] = 763 rk[0] =
754 Td0[Te1[(rk[0] >> 24) ] & 0xff] ^ 764 Td0[Te1[(rk[0] >> 24)] & 0xff] ^
755 Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^ 765 Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^
756 Td2[Te1[(rk[0] >> 8) & 0xff] & 0xff] ^ 766 Td2[Te1[(rk[0] >> 8) & 0xff] & 0xff] ^
757 Td3[Te1[(rk[0] ) & 0xff] & 0xff]; 767 Td3[Te1[(rk[0]) & 0xff] & 0xff];
758 rk[1] = 768 rk[1] =
759 Td0[Te1[(rk[1] >> 24) ] & 0xff] ^ 769 Td0[Te1[(rk[1] >> 24)] & 0xff] ^
760 Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^ 770 Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^
761 Td2[Te1[(rk[1] >> 8) & 0xff] & 0xff] ^ 771 Td2[Te1[(rk[1] >> 8) & 0xff] & 0xff] ^
762 Td3[Te1[(rk[1] ) & 0xff] & 0xff]; 772 Td3[Te1[(rk[1]) & 0xff] & 0xff];
763 rk[2] = 773 rk[2] =
764 Td0[Te1[(rk[2] >> 24) ] & 0xff] ^ 774 Td0[Te1[(rk[2] >> 24)] & 0xff] ^
765 Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^ 775 Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^
766 Td2[Te1[(rk[2] >> 8) & 0xff] & 0xff] ^ 776 Td2[Te1[(rk[2] >> 8) & 0xff] & 0xff] ^
767 Td3[Te1[(rk[2] ) & 0xff] & 0xff]; 777 Td3[Te1[(rk[2]) & 0xff] & 0xff];
768 rk[3] = 778 rk[3] =
769 Td0[Te1[(rk[3] >> 24) ] & 0xff] ^ 779 Td0[Te1[(rk[3] >> 24)] & 0xff] ^
770 Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^ 780 Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^
771 Td2[Te1[(rk[3] >> 8) & 0xff] & 0xff] ^ 781 Td2[Te1[(rk[3] >> 8) & 0xff] & 0xff] ^
772 Td3[Te1[(rk[3] ) & 0xff] & 0xff]; 782 Td3[Te1[(rk[3]) & 0xff] & 0xff];
773 } 783 }
774 return 0; 784 return 0;
775} 785}
@@ -778,9 +788,9 @@ int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
778 * Encrypt a single block 788 * Encrypt a single block
779 * in and out can overlap 789 * in and out can overlap
780 */ 790 */
781void AES_encrypt(const unsigned char *in, unsigned char *out, 791void
782 const AES_KEY *key) { 792AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
783 793{
784 const u32 *rk; 794 const u32 *rk;
785 u32 s0, s1, s2, s3, t0, t1, t2, t3; 795 u32 s0, s1, s2, s3, t0, t1, t2, t3;
786#ifndef FULL_UNROLL 796#ifndef FULL_UNROLL
@@ -800,168 +810,168 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
800 s3 = GETU32(in + 12) ^ rk[3]; 810 s3 = GETU32(in + 12) ^ rk[3];
801#ifdef FULL_UNROLL 811#ifdef FULL_UNROLL
802 /* round 1: */ 812 /* round 1: */
803 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4]; 813 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
804 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5]; 814 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
805 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6]; 815 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
806 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7]; 816 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
807 /* round 2: */ 817 /* round 2: */
808 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8]; 818 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
809 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9]; 819 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
810 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10]; 820 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
811 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11]; 821 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
812 /* round 3: */ 822 /* round 3: */
813 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12]; 823 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
814 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13]; 824 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
815 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14]; 825 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
816 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15]; 826 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
817 /* round 4: */ 827 /* round 4: */
818 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16]; 828 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
819 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17]; 829 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
820 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18]; 830 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
821 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19]; 831 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
822 /* round 5: */ 832 /* round 5: */
823 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20]; 833 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
824 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21]; 834 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
825 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22]; 835 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
826 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23]; 836 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
827 /* round 6: */ 837 /* round 6: */
828 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24]; 838 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
829 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25]; 839 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
830 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26]; 840 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
831 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27]; 841 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
832 /* round 7: */ 842 /* round 7: */
833 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28]; 843 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
834 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29]; 844 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
835 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30]; 845 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
836 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31]; 846 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
837 /* round 8: */ 847 /* round 8: */
838 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32]; 848 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
839 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33]; 849 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
840 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34]; 850 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
841 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35]; 851 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
842 /* round 9: */ 852 /* round 9: */
843 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36]; 853 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
844 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37]; 854 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
845 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; 855 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
846 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; 856 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
847 if (key->rounds > 10) { 857 if (key->rounds > 10) {
848 /* round 10: */ 858 /* round 10: */
849 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; 859 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
850 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41]; 860 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
851 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42]; 861 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
852 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43]; 862 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
853 /* round 11: */ 863 /* round 11: */
854 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44]; 864 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
855 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45]; 865 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
856 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46]; 866 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
857 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47]; 867 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
858 if (key->rounds > 12) { 868 if (key->rounds > 12) {
859 /* round 12: */ 869 /* round 12: */
860 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48]; 870 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
861 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49]; 871 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
862 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50]; 872 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
863 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51]; 873 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
864 /* round 13: */ 874 /* round 13: */
865 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52]; 875 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
866 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53]; 876 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
867 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54]; 877 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
868 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55]; 878 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
869 } 879 }
870 } 880 }
871 rk += key->rounds << 2; 881 rk += key->rounds << 2;
872#else /* !FULL_UNROLL */ 882#else /* !FULL_UNROLL */
873 /* 883 /*
874 * Nr - 1 full rounds: 884 * Nr - 1 full rounds:
875 */ 885 */
876 r = key->rounds >> 1; 886 r = key->rounds >> 1;
877 for (;;) { 887 for (;;) {
878 t0 = 888 t0 =
879 Te0[(s0 >> 24) ] ^ 889 Te0[(s0 >> 24)] ^
880 Te1[(s1 >> 16) & 0xff] ^ 890 Te1[(s1 >> 16) & 0xff] ^
881 Te2[(s2 >> 8) & 0xff] ^ 891 Te2[(s2 >> 8) & 0xff] ^
882 Te3[(s3 ) & 0xff] ^ 892 Te3[(s3) & 0xff] ^
883 rk[4]; 893 rk[4];
884 t1 = 894 t1 =
885 Te0[(s1 >> 24) ] ^ 895 Te0[(s1 >> 24)] ^
886 Te1[(s2 >> 16) & 0xff] ^ 896 Te1[(s2 >> 16) & 0xff] ^
887 Te2[(s3 >> 8) & 0xff] ^ 897 Te2[(s3 >> 8) & 0xff] ^
888 Te3[(s0 ) & 0xff] ^ 898 Te3[(s0) & 0xff] ^
889 rk[5]; 899 rk[5];
890 t2 = 900 t2 =
891 Te0[(s2 >> 24) ] ^ 901 Te0[(s2 >> 24)] ^
892 Te1[(s3 >> 16) & 0xff] ^ 902 Te1[(s3 >> 16) & 0xff] ^
893 Te2[(s0 >> 8) & 0xff] ^ 903 Te2[(s0 >> 8) & 0xff] ^
894 Te3[(s1 ) & 0xff] ^ 904 Te3[(s1) & 0xff] ^
895 rk[6]; 905 rk[6];
896 t3 = 906 t3 =
897 Te0[(s3 >> 24) ] ^ 907 Te0[(s3 >> 24)] ^
898 Te1[(s0 >> 16) & 0xff] ^ 908 Te1[(s0 >> 16) & 0xff] ^
899 Te2[(s1 >> 8) & 0xff] ^ 909 Te2[(s1 >> 8) & 0xff] ^
900 Te3[(s2 ) & 0xff] ^ 910 Te3[(s2) & 0xff] ^
901 rk[7]; 911 rk[7];
902 912
903 rk += 8; 913 rk += 8;
904 if (--r == 0) { 914 if (--r == 0) {
905 break; 915 break;
906 } 916 }
907 917
908 s0 = 918 s0 =
909 Te0[(t0 >> 24) ] ^ 919 Te0[(t0 >> 24)] ^
910 Te1[(t1 >> 16) & 0xff] ^ 920 Te1[(t1 >> 16) & 0xff] ^
911 Te2[(t2 >> 8) & 0xff] ^ 921 Te2[(t2 >> 8) & 0xff] ^
912 Te3[(t3 ) & 0xff] ^ 922 Te3[(t3) & 0xff] ^
913 rk[0]; 923 rk[0];
914 s1 = 924 s1 =
915 Te0[(t1 >> 24) ] ^ 925 Te0[(t1 >> 24)] ^
916 Te1[(t2 >> 16) & 0xff] ^ 926 Te1[(t2 >> 16) & 0xff] ^
917 Te2[(t3 >> 8) & 0xff] ^ 927 Te2[(t3 >> 8) & 0xff] ^
918 Te3[(t0 ) & 0xff] ^ 928 Te3[(t0) & 0xff] ^
919 rk[1]; 929 rk[1];
920 s2 = 930 s2 =
921 Te0[(t2 >> 24) ] ^ 931 Te0[(t2 >> 24)] ^
922 Te1[(t3 >> 16) & 0xff] ^ 932 Te1[(t3 >> 16) & 0xff] ^
923 Te2[(t0 >> 8) & 0xff] ^ 933 Te2[(t0 >> 8) & 0xff] ^
924 Te3[(t1 ) & 0xff] ^ 934 Te3[(t1) & 0xff] ^
925 rk[2]; 935 rk[2];
926 s3 = 936 s3 =
927 Te0[(t3 >> 24) ] ^ 937 Te0[(t3 >> 24)] ^
928 Te1[(t0 >> 16) & 0xff] ^ 938 Te1[(t0 >> 16) & 0xff] ^
929 Te2[(t1 >> 8) & 0xff] ^ 939 Te2[(t1 >> 8) & 0xff] ^
930 Te3[(t2 ) & 0xff] ^ 940 Te3[(t2) & 0xff] ^
931 rk[3]; 941 rk[3];
932 } 942 }
933#endif /* ?FULL_UNROLL */ 943#endif /* ?FULL_UNROLL */
934 /* 944 /*
935 * apply last round and 945 * apply last round and
936 * map cipher state to byte array block: 946 * map cipher state to byte array block:
937 */ 947 */
938 s0 = 948 s0 =
939 (Te2[(t0 >> 24) ] & 0xff000000) ^ 949 (Te2[(t0 >> 24)] & 0xff000000) ^
940 (Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^ 950 (Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^
941 (Te0[(t2 >> 8) & 0xff] & 0x0000ff00) ^ 951 (Te0[(t2 >> 8) & 0xff] & 0x0000ff00) ^
942 (Te1[(t3 ) & 0xff] & 0x000000ff) ^ 952 (Te1[(t3) & 0xff] & 0x000000ff) ^
943 rk[0]; 953 rk[0];
944 PUTU32(out , s0); 954 PUTU32(out, s0);
945 s1 = 955 s1 =
946 (Te2[(t1 >> 24) ] & 0xff000000) ^ 956 (Te2[(t1 >> 24)] & 0xff000000) ^
947 (Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^ 957 (Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^
948 (Te0[(t3 >> 8) & 0xff] & 0x0000ff00) ^ 958 (Te0[(t3 >> 8) & 0xff] & 0x0000ff00) ^
949 (Te1[(t0 ) & 0xff] & 0x000000ff) ^ 959 (Te1[(t0) & 0xff] & 0x000000ff) ^
950 rk[1]; 960 rk[1];
951 PUTU32(out + 4, s1); 961 PUTU32(out + 4, s1);
952 s2 = 962 s2 =
953 (Te2[(t2 >> 24) ] & 0xff000000) ^ 963 (Te2[(t2 >> 24)] & 0xff000000) ^
954 (Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^ 964 (Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^
955 (Te0[(t0 >> 8) & 0xff] & 0x0000ff00) ^ 965 (Te0[(t0 >> 8) & 0xff] & 0x0000ff00) ^
956 (Te1[(t1 ) & 0xff] & 0x000000ff) ^ 966 (Te1[(t1) & 0xff] & 0x000000ff) ^
957 rk[2]; 967 rk[2];
958 PUTU32(out + 8, s2); 968 PUTU32(out + 8, s2);
959 s3 = 969 s3 =
960 (Te2[(t3 >> 24) ] & 0xff000000) ^ 970 (Te2[(t3 >> 24)] & 0xff000000) ^
961 (Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^ 971 (Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^
962 (Te0[(t1 >> 8) & 0xff] & 0x0000ff00) ^ 972 (Te0[(t1 >> 8) & 0xff] & 0x0000ff00) ^
963 (Te1[(t2 ) & 0xff] & 0x000000ff) ^ 973 (Te1[(t2) & 0xff] & 0x000000ff) ^
964 rk[3]; 974 rk[3];
965 PUTU32(out + 12, s3); 975 PUTU32(out + 12, s3);
966} 976}
967 977
@@ -969,9 +979,9 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
969 * Decrypt a single block 979 * Decrypt a single block
970 * in and out can overlap 980 * in and out can overlap
971 */ 981 */
972void AES_decrypt(const unsigned char *in, unsigned char *out, 982void
973 const AES_KEY *key) { 983AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
974 984{
975 const u32 *rk; 985 const u32 *rk;
976 u32 s0, s1, s2, s3, t0, t1, t2, t3; 986 u32 s0, s1, s2, s3, t0, t1, t2, t3;
977#ifndef FULL_UNROLL 987#ifndef FULL_UNROLL
@@ -985,226 +995,229 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
985 * map byte array block to cipher state 995 * map byte array block to cipher state
986 * and add initial round key: 996 * and add initial round key:
987 */ 997 */
988 s0 = GETU32(in ) ^ rk[0]; 998 s0 = GETU32(in) ^ rk[0];
989 s1 = GETU32(in + 4) ^ rk[1]; 999 s1 = GETU32(in + 4) ^ rk[1];
990 s2 = GETU32(in + 8) ^ rk[2]; 1000 s2 = GETU32(in + 8) ^ rk[2];
991 s3 = GETU32(in + 12) ^ rk[3]; 1001 s3 = GETU32(in + 12) ^ rk[3];
992#ifdef FULL_UNROLL 1002#ifdef FULL_UNROLL
993 /* round 1: */ 1003 /* round 1: */
994 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4]; 1004 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
995 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5]; 1005 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
996 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6]; 1006 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
997 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7]; 1007 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
998 /* round 2: */ 1008 /* round 2: */
999 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8]; 1009 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
1000 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9]; 1010 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
1001 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10]; 1011 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
1002 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11]; 1012 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
1003 /* round 3: */ 1013 /* round 3: */
1004 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12]; 1014 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
1005 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13]; 1015 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
1006 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14]; 1016 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
1007 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15]; 1017 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
1008 /* round 4: */ 1018 /* round 4: */
1009 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16]; 1019 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
1010 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17]; 1020 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
1011 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18]; 1021 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
1012 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19]; 1022 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
1013 /* round 5: */ 1023 /* round 5: */
1014 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20]; 1024 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
1015 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21]; 1025 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
1016 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22]; 1026 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
1017 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23]; 1027 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
1018 /* round 6: */ 1028 /* round 6: */
1019 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24]; 1029 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
1020 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25]; 1030 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
1021 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26]; 1031 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
1022 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27]; 1032 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
1023 /* round 7: */ 1033 /* round 7: */
1024 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28]; 1034 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
1025 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29]; 1035 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
1026 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30]; 1036 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
1027 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31]; 1037 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
1028 /* round 8: */ 1038 /* round 8: */
1029 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32]; 1039 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
1030 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33]; 1040 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
1031 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34]; 1041 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
1032 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35]; 1042 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
1033 /* round 9: */ 1043 /* round 9: */
1034 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36]; 1044 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
1035 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37]; 1045 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
1036 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38]; 1046 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
1037 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39]; 1047 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
1038 if (key->rounds > 10) { 1048 if (key->rounds > 10) {
1039 /* round 10: */ 1049 /* round 10: */
1040 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40]; 1050 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
1041 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41]; 1051 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
1042 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42]; 1052 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
1043 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43]; 1053 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
1044 /* round 11: */ 1054 /* round 11: */
1045 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44]; 1055 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
1046 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45]; 1056 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
1047 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46]; 1057 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
1048 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47]; 1058 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
1049 if (key->rounds > 12) { 1059 if (key->rounds > 12) {
1050 /* round 12: */ 1060 /* round 12: */
1051 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48]; 1061 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
1052 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49]; 1062 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
1053 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50]; 1063 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
1054 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51]; 1064 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
1055 /* round 13: */ 1065 /* round 13: */
1056 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52]; 1066 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
1057 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53]; 1067 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
1058 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54]; 1068 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
1059 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55]; 1069 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
1060 } 1070 }
1061 } 1071 }
1062 rk += key->rounds << 2; 1072 rk += key->rounds << 2;
1063#else /* !FULL_UNROLL */ 1073#else /* !FULL_UNROLL */
1064 /* 1074 /*
1065 * Nr - 1 full rounds: 1075 * Nr - 1 full rounds:
1066 */ 1076 */
1067 r = key->rounds >> 1; 1077 r = key->rounds >> 1;
1068 for (;;) { 1078 for (;;) {
1069 t0 = 1079 t0 =
1070 Td0[(s0 >> 24) ] ^ 1080 Td0[(s0 >> 24)] ^
1071 Td1[(s3 >> 16) & 0xff] ^ 1081 Td1[(s3 >> 16) & 0xff] ^
1072 Td2[(s2 >> 8) & 0xff] ^ 1082 Td2[(s2 >> 8) & 0xff] ^
1073 Td3[(s1 ) & 0xff] ^ 1083 Td3[(s1) & 0xff] ^
1074 rk[4]; 1084 rk[4];
1075 t1 = 1085 t1 =
1076 Td0[(s1 >> 24) ] ^ 1086 Td0[(s1 >> 24)] ^
1077 Td1[(s0 >> 16) & 0xff] ^ 1087 Td1[(s0 >> 16) & 0xff] ^
1078 Td2[(s3 >> 8) & 0xff] ^ 1088 Td2[(s3 >> 8) & 0xff] ^
1079 Td3[(s2 ) & 0xff] ^ 1089 Td3[(s2) & 0xff] ^
1080 rk[5]; 1090 rk[5];
1081 t2 = 1091 t2 =
1082 Td0[(s2 >> 24) ] ^ 1092 Td0[(s2 >> 24)] ^
1083 Td1[(s1 >> 16) & 0xff] ^ 1093 Td1[(s1 >> 16) & 0xff] ^
1084 Td2[(s0 >> 8) & 0xff] ^ 1094 Td2[(s0 >> 8) & 0xff] ^
1085 Td3[(s3 ) & 0xff] ^ 1095 Td3[(s3) & 0xff] ^
1086 rk[6]; 1096 rk[6];
1087 t3 = 1097 t3 =
1088 Td0[(s3 >> 24) ] ^ 1098 Td0[(s3 >> 24)] ^
1089 Td1[(s2 >> 16) & 0xff] ^ 1099 Td1[(s2 >> 16) & 0xff] ^
1090 Td2[(s1 >> 8) & 0xff] ^ 1100 Td2[(s1 >> 8) & 0xff] ^
1091 Td3[(s0 ) & 0xff] ^ 1101 Td3[(s0) & 0xff] ^
1092 rk[7]; 1102 rk[7];
1093 1103
1094 rk += 8; 1104 rk += 8;
1095 if (--r == 0) { 1105 if (--r == 0) {
1096 break; 1106 break;
1097 } 1107 }
1098 1108
1099 s0 = 1109 s0 =
1100 Td0[(t0 >> 24) ] ^ 1110 Td0[(t0 >> 24)] ^
1101 Td1[(t3 >> 16) & 0xff] ^ 1111 Td1[(t3 >> 16) & 0xff] ^
1102 Td2[(t2 >> 8) & 0xff] ^ 1112 Td2[(t2 >> 8) & 0xff] ^
1103 Td3[(t1 ) & 0xff] ^ 1113 Td3[(t1) & 0xff] ^
1104 rk[0]; 1114 rk[0];
1105 s1 = 1115 s1 =
1106 Td0[(t1 >> 24) ] ^ 1116 Td0[(t1 >> 24)] ^
1107 Td1[(t0 >> 16) & 0xff] ^ 1117 Td1[(t0 >> 16) & 0xff] ^
1108 Td2[(t3 >> 8) & 0xff] ^ 1118 Td2[(t3 >> 8) & 0xff] ^
1109 Td3[(t2 ) & 0xff] ^ 1119 Td3[(t2) & 0xff] ^
1110 rk[1]; 1120 rk[1];
1111 s2 = 1121 s2 =
1112 Td0[(t2 >> 24) ] ^ 1122 Td0[(t2 >> 24)] ^
1113 Td1[(t1 >> 16) & 0xff] ^ 1123 Td1[(t1 >> 16) & 0xff] ^
1114 Td2[(t0 >> 8) & 0xff] ^ 1124 Td2[(t0 >> 8) & 0xff] ^
1115 Td3[(t3 ) & 0xff] ^ 1125 Td3[(t3) & 0xff] ^
1116 rk[2]; 1126 rk[2];
1117 s3 = 1127 s3 =
1118 Td0[(t3 >> 24) ] ^ 1128 Td0[(t3 >> 24)] ^
1119 Td1[(t2 >> 16) & 0xff] ^ 1129 Td1[(t2 >> 16) & 0xff] ^
1120 Td2[(t1 >> 8) & 0xff] ^ 1130 Td2[(t1 >> 8) & 0xff] ^
1121 Td3[(t0 ) & 0xff] ^ 1131 Td3[(t0) & 0xff] ^
1122 rk[3]; 1132 rk[3];
1123 } 1133 }
1124#endif /* ?FULL_UNROLL */ 1134#endif /* ?FULL_UNROLL */
1125 /* 1135 /*
1126 * apply last round and 1136 * apply last round and
1127 * map cipher state to byte array block: 1137 * map cipher state to byte array block:
1128 */ 1138 */
1129 s0 = 1139 s0 =
1130 (Td4[(t0 >> 24) ] << 24) ^ 1140 (Td4[(t0 >> 24)] << 24) ^
1131 (Td4[(t3 >> 16) & 0xff] << 16) ^ 1141 (Td4[(t3 >> 16) & 0xff] << 16) ^
1132 (Td4[(t2 >> 8) & 0xff] << 8) ^ 1142 (Td4[(t2 >> 8) & 0xff] << 8) ^
1133 (Td4[(t1 ) & 0xff]) ^ 1143 (Td4[(t1) & 0xff]) ^
1134 rk[0]; 1144 rk[0];
1135 PUTU32(out , s0); 1145 PUTU32(out, s0);
1136 s1 = 1146 s1 =
1137 (Td4[(t1 >> 24) ] << 24) ^ 1147 (Td4[(t1 >> 24)] << 24) ^
1138 (Td4[(t0 >> 16) & 0xff] << 16) ^ 1148 (Td4[(t0 >> 16) & 0xff] << 16) ^
1139 (Td4[(t3 >> 8) & 0xff] << 8) ^ 1149 (Td4[(t3 >> 8) & 0xff] << 8) ^
1140 (Td4[(t2 ) & 0xff]) ^ 1150 (Td4[(t2) & 0xff]) ^
1141 rk[1]; 1151 rk[1];
1142 PUTU32(out + 4, s1); 1152 PUTU32(out + 4, s1);
1143 s2 = 1153 s2 =
1144 (Td4[(t2 >> 24) ] << 24) ^ 1154 (Td4[(t2 >> 24)] << 24) ^
1145 (Td4[(t1 >> 16) & 0xff] << 16) ^ 1155 (Td4[(t1 >> 16) & 0xff] << 16) ^
1146 (Td4[(t0 >> 8) & 0xff] << 8) ^ 1156 (Td4[(t0 >> 8) & 0xff] << 8) ^
1147 (Td4[(t3 ) & 0xff]) ^ 1157 (Td4[(t3) & 0xff]) ^
1148 rk[2]; 1158 rk[2];
1149 PUTU32(out + 8, s2); 1159 PUTU32(out + 8, s2);
1150 s3 = 1160 s3 =
1151 (Td4[(t3 >> 24) ] << 24) ^ 1161 (Td4[(t3 >> 24)] << 24) ^
1152 (Td4[(t2 >> 16) & 0xff] << 16) ^ 1162 (Td4[(t2 >> 16) & 0xff] << 16) ^
1153 (Td4[(t1 >> 8) & 0xff] << 8) ^ 1163 (Td4[(t1 >> 8) & 0xff] << 8) ^
1154 (Td4[(t0 ) & 0xff]) ^ 1164 (Td4[(t0) & 0xff]) ^
1155 rk[3]; 1165 rk[3];
1156 PUTU32(out + 12, s3); 1166 PUTU32(out + 12, s3);
1157} 1167}
1158 1168
1159#else /* AES_ASM */ 1169#else /* AES_ASM */
1160 1170
1161static const u8 Te4[256] = { 1171static const u8 Te4[256] = {
1162 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U, 1172 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
1163 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U, 1173 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
1164 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U, 1174 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
1165 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U, 1175 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
1166 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU, 1176 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
1167 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U, 1177 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
1168 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU, 1178 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
1169 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U, 1179 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
1170 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U, 1180 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
1171 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U, 1181 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
1172 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU, 1182 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
1173 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU, 1183 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
1174 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U, 1184 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
1175 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U, 1185 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
1176 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U, 1186 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
1177 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U, 1187 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
1178 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U, 1188 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
1179 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U, 1189 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
1180 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U, 1190 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
1181 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU, 1191 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
1182 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU, 1192 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
1183 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U, 1193 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
1184 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U, 1194 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
1185 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U, 1195 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
1186 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U, 1196 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
1187 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU, 1197 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
1188 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU, 1198 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
1189 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU, 1199 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
1190 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U, 1200 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
1191 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU, 1201 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
1192 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U, 1202 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
1193 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U 1203 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
1194}; 1204};
1195static const u32 rcon[] = { 1205static const u32 rcon[] = {
1196 0x01000000, 0x02000000, 0x04000000, 0x08000000, 1206 0x01000000, 0x02000000, 0x04000000, 0x08000000,
1197 0x10000000, 0x20000000, 0x40000000, 0x80000000, 1207 0x10000000, 0x20000000, 0x40000000, 0x80000000,
1198 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ 1208 0x1B000000, 0x36000000,
1209 /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
1199}; 1210};
1200 1211
1201/** 1212/**
1202 * Expand the cipher key into the encryption key schedule. 1213 * Expand the cipher key into the encryption key schedule.
1203 */ 1214 */
1204int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits, 1215int
1205 AES_KEY *key) { 1216private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
1217 AES_KEY *key)
1218{
1206 u32 *rk; 1219 u32 *rk;
1207 int i = 0; 1220 int i = 0;
1208 u32 temp; 1221 u32 temp;
1209 1222
1210 if (!userKey || !key) 1223 if (!userKey || !key)
@@ -1214,26 +1227,26 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
1214 1227
1215 rk = key->rd_key; 1228 rk = key->rd_key;
1216 1229
1217 if (bits==128) 1230 if (bits == 128)
1218 key->rounds = 10; 1231 key->rounds = 10;
1219 else if (bits==192) 1232 else if (bits == 192)
1220 key->rounds = 12; 1233 key->rounds = 12;
1221 else 1234 else
1222 key->rounds = 14; 1235 key->rounds = 14;
1223 1236
1224 rk[0] = GETU32(userKey ); 1237 rk[0] = GETU32(userKey);
1225 rk[1] = GETU32(userKey + 4); 1238 rk[1] = GETU32(userKey + 4);
1226 rk[2] = GETU32(userKey + 8); 1239 rk[2] = GETU32(userKey + 8);
1227 rk[3] = GETU32(userKey + 12); 1240 rk[3] = GETU32(userKey + 12);
1228 if (bits == 128) { 1241 if (bits == 128) {
1229 while (1) { 1242 while (1) {
1230 temp = rk[3]; 1243 temp = rk[3];
1231 rk[4] = rk[0] ^ 1244 rk[4] = rk[0] ^
1232 (Te4[(temp >> 16) & 0xff] << 24) ^ 1245 (Te4[(temp >> 16) & 0xff] << 24) ^
1233 (Te4[(temp >> 8) & 0xff] << 16) ^ 1246 (Te4[(temp >> 8) & 0xff] << 16) ^
1234 (Te4[(temp ) & 0xff] << 8) ^ 1247 (Te4[(temp) & 0xff] << 8) ^
1235 (Te4[(temp >> 24) ]) ^ 1248 (Te4[(temp >> 24)]) ^
1236 rcon[i]; 1249 rcon[i];
1237 rk[5] = rk[1] ^ rk[4]; 1250 rk[5] = rk[1] ^ rk[4];
1238 rk[6] = rk[2] ^ rk[5]; 1251 rk[6] = rk[2] ^ rk[5];
1239 rk[7] = rk[3] ^ rk[6]; 1252 rk[7] = rk[3] ^ rk[6];
@@ -1247,21 +1260,21 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
1247 rk[5] = GETU32(userKey + 20); 1260 rk[5] = GETU32(userKey + 20);
1248 if (bits == 192) { 1261 if (bits == 192) {
1249 while (1) { 1262 while (1) {
1250 temp = rk[ 5]; 1263 temp = rk[5];
1251 rk[ 6] = rk[ 0] ^ 1264 rk[6] = rk[0] ^
1252 (Te4[(temp >> 16) & 0xff] << 24) ^ 1265 (Te4[(temp >> 16) & 0xff] << 24) ^
1253 (Te4[(temp >> 8) & 0xff] << 16) ^ 1266 (Te4[(temp >> 8) & 0xff] << 16) ^
1254 (Te4[(temp ) & 0xff] << 8) ^ 1267 (Te4[(temp) & 0xff] << 8) ^
1255 (Te4[(temp >> 24) ]) ^ 1268 (Te4[(temp >> 24)]) ^
1256 rcon[i]; 1269 rcon[i];
1257 rk[ 7] = rk[ 1] ^ rk[ 6]; 1270 rk[7] = rk[1] ^ rk[6];
1258 rk[ 8] = rk[ 2] ^ rk[ 7]; 1271 rk[8] = rk[2] ^ rk[7];
1259 rk[ 9] = rk[ 3] ^ rk[ 8]; 1272 rk[9] = rk[3] ^ rk[8];
1260 if (++i == 8) { 1273 if (++i == 8) {
1261 return 0; 1274 return 0;
1262 } 1275 }
1263 rk[10] = rk[ 4] ^ rk[ 9]; 1276 rk[10] = rk[4] ^ rk[9];
1264 rk[11] = rk[ 5] ^ rk[10]; 1277 rk[11] = rk[5] ^ rk[10];
1265 rk += 6; 1278 rk += 6;
1266 } 1279 }
1267 } 1280 }
@@ -1269,31 +1282,31 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
1269 rk[7] = GETU32(userKey + 28); 1282 rk[7] = GETU32(userKey + 28);
1270 if (bits == 256) { 1283 if (bits == 256) {
1271 while (1) { 1284 while (1) {
1272 temp = rk[ 7]; 1285 temp = rk[7];
1273 rk[ 8] = rk[ 0] ^ 1286 rk[8] = rk[0] ^
1274 (Te4[(temp >> 16) & 0xff] << 24) ^ 1287 (Te4[(temp >> 16) & 0xff] << 24) ^
1275 (Te4[(temp >> 8) & 0xff] << 16) ^ 1288 (Te4[(temp >> 8) & 0xff] << 16) ^
1276 (Te4[(temp ) & 0xff] << 8) ^ 1289 (Te4[(temp) & 0xff] << 8) ^
1277 (Te4[(temp >> 24) ]) ^ 1290 (Te4[(temp >> 24)]) ^
1278 rcon[i]; 1291 rcon[i];
1279 rk[ 9] = rk[ 1] ^ rk[ 8]; 1292 rk[9] = rk[1] ^ rk[8];
1280 rk[10] = rk[ 2] ^ rk[ 9]; 1293 rk[10] = rk[2] ^ rk[9];
1281 rk[11] = rk[ 3] ^ rk[10]; 1294 rk[11] = rk[3] ^ rk[10];
1282 if (++i == 7) { 1295 if (++i == 7) {
1283 return 0; 1296 return 0;
1284 } 1297 }
1285 temp = rk[11]; 1298 temp = rk[11];
1286 rk[12] = rk[ 4] ^ 1299 rk[12] = rk[4] ^
1287 (Te4[(temp >> 24) ] << 24) ^ 1300 (Te4[(temp >> 24)] << 24) ^
1288 (Te4[(temp >> 16) & 0xff] << 16) ^ 1301 (Te4[(temp >> 16) & 0xff] << 16) ^
1289 (Te4[(temp >> 8) & 0xff] << 8) ^ 1302 (Te4[(temp >> 8) & 0xff] << 8) ^
1290 (Te4[(temp ) & 0xff]); 1303 (Te4[(temp) & 0xff]);
1291 rk[13] = rk[ 5] ^ rk[12]; 1304 rk[13] = rk[5] ^ rk[12];
1292 rk[14] = rk[ 6] ^ rk[13]; 1305 rk[14] = rk[6] ^ rk[13];
1293 rk[15] = rk[ 7] ^ rk[14]; 1306 rk[15] = rk[7] ^ rk[14];
1294 1307
1295 rk += 8; 1308 rk += 8;
1296 } 1309 }
1297 } 1310 }
1298 return 0; 1311 return 0;
1299} 1312}
@@ -1301,10 +1314,11 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
1301/** 1314/**
1302 * Expand the cipher key into the decryption key schedule. 1315 * Expand the cipher key into the decryption key schedule.
1303 */ 1316 */
1304int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits, 1317int
1305 AES_KEY *key) { 1318private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
1306 1319 AES_KEY *key)
1307 u32 *rk; 1320{
1321 u32 *rk;
1308 int i, j, status; 1322 int i, j, status;
1309 u32 temp; 1323 u32 temp;
1310 1324
@@ -1317,10 +1331,18 @@ int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
1317 1331
1318 /* invert the order of the round keys: */ 1332 /* invert the order of the round keys: */
1319 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) { 1333 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
1320 temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp; 1334 temp = rk[i];
1321 temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp; 1335 rk[i] = rk[j];
1322 temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp; 1336 rk[j] = temp;
1323 temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp; 1337 temp = rk[i + 1];
1338 rk[i + 1] = rk[j + 1];
1339 rk[j + 1] = temp;
1340 temp = rk[i + 2];
1341 rk[i + 2] = rk[j + 2];
1342 rk[j + 2] = temp;
1343 temp = rk[i + 3];
1344 rk[i + 3] = rk[j + 3];
1345 rk[j + 3] = temp;
1324 } 1346 }
1325 /* apply the inverse MixColumn transform to all round keys but the first and the last: */ 1347 /* apply the inverse MixColumn transform to all round keys but the first and the last: */
1326 for (i = 1; i < (key->rounds); i++) { 1348 for (i = 1; i < (key->rounds); i++) {
@@ -1331,24 +1353,24 @@ int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
1331 tp1 = rk[j]; 1353 tp1 = rk[j];
1332 m = tp1 & 0x80808080; 1354 m = tp1 & 0x80808080;
1333 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^ 1355 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
1334 ((m - (m >> 7)) & 0x1b1b1b1b); 1356 ((m - (m >> 7)) & 0x1b1b1b1b);
1335 m = tp2 & 0x80808080; 1357 m = tp2 & 0x80808080;
1336 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^ 1358 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
1337 ((m - (m >> 7)) & 0x1b1b1b1b); 1359 ((m - (m >> 7)) & 0x1b1b1b1b);
1338 m = tp4 & 0x80808080; 1360 m = tp4 & 0x80808080;
1339 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^ 1361 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
1340 ((m - (m >> 7)) & 0x1b1b1b1b); 1362 ((m - (m >> 7)) & 0x1b1b1b1b);
1341 tp9 = tp8 ^ tp1; 1363 tp9 = tp8 ^ tp1;
1342 tpb = tp9 ^ tp2; 1364 tpb = tp9 ^ tp2;
1343 tpd = tp9 ^ tp4; 1365 tpd = tp9 ^ tp4;
1344 tpe = tp8 ^ tp4 ^ tp2; 1366 tpe = tp8 ^ tp4 ^ tp2;
1345#if defined(ROTATE) 1367#if defined(ROTATE)
1346 rk[j] = tpe ^ ROTATE(tpd,16) ^ 1368 rk[j] = tpe ^ ROTATE(tpd, 16) ^
1347 ROTATE(tp9,24) ^ ROTATE(tpb,8); 1369 ROTATE(tp9, 24) ^ ROTATE(tpb, 8);
1348#else 1370#else
1349 rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 1371 rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
1350 (tp9 >> 8) ^ (tp9 << 24) ^ 1372 (tp9 >> 8) ^ (tp9 << 24) ^
1351 (tpb >> 24) ^ (tpb << 8); 1373 (tpb >> 24) ^ (tpb << 8);
1352#endif 1374#endif
1353 } 1375 }
1354 } 1376 }
diff --git a/src/lib/libcrypto/aes/aes_ctr.c b/src/lib/libcrypto/aes/aes_ctr.c
index 7c9d165d8a..663b5a17bb 100644
--- a/src/lib/libcrypto/aes/aes_ctr.c
+++ b/src/lib/libcrypto/aes/aes_ctr.c
@@ -52,10 +52,11 @@
52#include <openssl/aes.h> 52#include <openssl/aes.h>
53#include <openssl/modes.h> 53#include <openssl/modes.h>
54 54
55void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, 55void
56 size_t length, const AES_KEY *key, 56AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
57 unsigned char ivec[AES_BLOCK_SIZE], 57 size_t length, const AES_KEY *key, unsigned char ivec[AES_BLOCK_SIZE],
58 unsigned char ecount_buf[AES_BLOCK_SIZE], 58 unsigned char ecount_buf[AES_BLOCK_SIZE], unsigned int *num)
59 unsigned int *num) { 59{
60 CRYPTO_ctr128_encrypt(in,out,length,key,ivec,ecount_buf,num,(block128_f)AES_encrypt); 60 CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
61 (block128_f)AES_encrypt);
61} 62}
diff --git a/src/lib/libcrypto/aes/aes_ecb.c b/src/lib/libcrypto/aes/aes_ecb.c
index 28aa561c2d..f374a5f051 100644
--- a/src/lib/libcrypto/aes/aes_ecb.c
+++ b/src/lib/libcrypto/aes/aes_ecb.c
@@ -59,15 +59,15 @@
59#include <openssl/aes.h> 59#include <openssl/aes.h>
60#include "aes_locl.h" 60#include "aes_locl.h"
61 61
62void AES_ecb_encrypt(const unsigned char *in, unsigned char *out, 62void
63 const AES_KEY *key, const int enc) { 63AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
64 64 const AES_KEY *key, const int enc)
65 assert(in && out && key); 65{
66 assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); 66 assert(in && out && key);
67 assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
67 68
68 if (AES_ENCRYPT == enc) 69 if (AES_ENCRYPT == enc)
69 AES_encrypt(in, out, key); 70 AES_encrypt(in, out, key);
70 else 71 else
71 AES_decrypt(in, out, key); 72 AES_decrypt(in, out, key);
72} 73}
73
diff --git a/src/lib/libcrypto/aes/aes_ige.c b/src/lib/libcrypto/aes/aes_ige.c
index c161351e65..0882a3d853 100644
--- a/src/lib/libcrypto/aes/aes_ige.c
+++ b/src/lib/libcrypto/aes/aes_ige.c
@@ -56,7 +56,7 @@
56 56
57#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long)) 57#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
58typedef struct { 58typedef struct {
59 unsigned long data[N_WORDS]; 59 unsigned long data[N_WORDS];
60} aes_block_t; 60} aes_block_t;
61 61
62/* XXX: probably some better way to do this */ 62/* XXX: probably some better way to do this */
@@ -76,48 +76,44 @@ typedef struct {
76 76
77/* N.B. The IV for this mode is _twice_ the block size */ 77/* N.B. The IV for this mode is _twice_ the block size */
78 78
79void AES_ige_encrypt(const unsigned char *in, unsigned char *out, 79void
80 size_t length, const AES_KEY *key, 80AES_ige_encrypt(const unsigned char *in, unsigned char *out, size_t length,
81 unsigned char *ivec, const int enc) 81 const AES_KEY *key, unsigned char *ivec, const int enc)
82 { 82{
83 size_t n; 83 size_t n;
84 size_t len = length; 84 size_t len = length;
85 85
86 OPENSSL_assert(in && out && key && ivec); 86 OPENSSL_assert(in && out && key && ivec);
87 OPENSSL_assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); 87 OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
88 OPENSSL_assert((length%AES_BLOCK_SIZE) == 0); 88 OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
89 89
90 len = length / AES_BLOCK_SIZE; 90 len = length / AES_BLOCK_SIZE;
91 91
92 if (AES_ENCRYPT == enc) 92 if (AES_ENCRYPT == enc) {
93 { 93 if (in != out && (UNALIGNED_MEMOPS_ARE_FAST ||
94 if (in != out && 94 ((size_t)in|(size_t)out|(size_t)ivec) %
95 (UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0)) 95 sizeof(long) == 0)) {
96 {
97 aes_block_t *ivp = (aes_block_t *)ivec; 96 aes_block_t *ivp = (aes_block_t *)ivec;
98 aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE); 97 aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
99 98
100 while (len) 99 while (len) {
101 {
102 aes_block_t *inp = (aes_block_t *)in; 100 aes_block_t *inp = (aes_block_t *)in;
103 aes_block_t *outp = (aes_block_t *)out; 101 aes_block_t *outp = (aes_block_t *)out;
104 102
105 for(n=0 ; n < N_WORDS; ++n) 103 for (n = 0; n < N_WORDS; ++n)
106 outp->data[n] = inp->data[n] ^ ivp->data[n]; 104 outp->data[n] = inp->data[n] ^ ivp->data[n];
107 AES_encrypt((unsigned char *)outp->data, (unsigned char *)outp->data, key); 105 AES_encrypt((unsigned char *)outp->data, (unsigned char *)outp->data, key);
108 for(n=0 ; n < N_WORDS; ++n) 106 for (n = 0; n < N_WORDS; ++n)
109 outp->data[n] ^= iv2p->data[n]; 107 outp->data[n] ^= iv2p->data[n];
110 ivp = outp; 108 ivp = outp;
111 iv2p = inp; 109 iv2p = inp;
112 --len; 110 --len;
113 in += AES_BLOCK_SIZE; 111 in += AES_BLOCK_SIZE;
114 out += AES_BLOCK_SIZE; 112 out += AES_BLOCK_SIZE;
115 } 113 }
116 memcpy(ivec, ivp->data, AES_BLOCK_SIZE); 114 memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
117 memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE); 115 memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
118 } 116 } else {
119 else
120 {
121 aes_block_t tmp, tmp2; 117 aes_block_t tmp, tmp2;
122 aes_block_t iv; 118 aes_block_t iv;
123 aes_block_t iv2; 119 aes_block_t iv2;
@@ -125,13 +121,13 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
125 load_block(iv, ivec); 121 load_block(iv, ivec);
126 load_block(iv2, ivec + AES_BLOCK_SIZE); 122 load_block(iv2, ivec + AES_BLOCK_SIZE);
127 123
128 while (len) 124 while (len) {
129 {
130 load_block(tmp, in); 125 load_block(tmp, in);
131 for(n=0 ; n < N_WORDS; ++n) 126 for (n = 0; n < N_WORDS; ++n)
132 tmp2.data[n] = tmp.data[n] ^ iv.data[n]; 127 tmp2.data[n] = tmp.data[n] ^ iv.data[n];
133 AES_encrypt((unsigned char *)tmp2.data, (unsigned char *)tmp2.data, key); 128 AES_encrypt((unsigned char *)tmp2.data,
134 for(n=0 ; n < N_WORDS; ++n) 129 (unsigned char *)tmp2.data, key);
130 for (n = 0; n < N_WORDS; ++n)
135 tmp2.data[n] ^= iv2.data[n]; 131 tmp2.data[n] ^= iv2.data[n];
136 store_block(out, tmp2); 132 store_block(out, tmp2);
137 iv = tmp2; 133 iv = tmp2;
@@ -139,41 +135,37 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
139 --len; 135 --len;
140 in += AES_BLOCK_SIZE; 136 in += AES_BLOCK_SIZE;
141 out += AES_BLOCK_SIZE; 137 out += AES_BLOCK_SIZE;
142 } 138 }
143 memcpy(ivec, iv.data, AES_BLOCK_SIZE); 139 memcpy(ivec, iv.data, AES_BLOCK_SIZE);
144 memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE); 140 memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
145 }
146 } 141 }
147 else 142 } else {
148 { 143 if (in != out && (UNALIGNED_MEMOPS_ARE_FAST ||
149 if (in != out && 144 ((size_t)in|(size_t)out|(size_t)ivec) %
150 (UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0)) 145 sizeof(long) == 0)) {
151 {
152 aes_block_t *ivp = (aes_block_t *)ivec; 146 aes_block_t *ivp = (aes_block_t *)ivec;
153 aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE); 147 aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
154 148
155 while (len) 149 while (len) {
156 {
157 aes_block_t tmp; 150 aes_block_t tmp;
158 aes_block_t *inp = (aes_block_t *)in; 151 aes_block_t *inp = (aes_block_t *)in;
159 aes_block_t *outp = (aes_block_t *)out; 152 aes_block_t *outp = (aes_block_t *)out;
160 153
161 for(n=0 ; n < N_WORDS; ++n) 154 for (n = 0; n < N_WORDS; ++n)
162 tmp.data[n] = inp->data[n] ^ iv2p->data[n]; 155 tmp.data[n] = inp->data[n] ^ iv2p->data[n];
163 AES_decrypt((unsigned char *)tmp.data, (unsigned char *)outp->data, key); 156 AES_decrypt((unsigned char *)tmp.data,
164 for(n=0 ; n < N_WORDS; ++n) 157 (unsigned char *)outp->data, key);
158 for (n = 0; n < N_WORDS; ++n)
165 outp->data[n] ^= ivp->data[n]; 159 outp->data[n] ^= ivp->data[n];
166 ivp = inp; 160 ivp = inp;
167 iv2p = outp; 161 iv2p = outp;
168 --len; 162 --len;
169 in += AES_BLOCK_SIZE; 163 in += AES_BLOCK_SIZE;
170 out += AES_BLOCK_SIZE; 164 out += AES_BLOCK_SIZE;
171 } 165 }
172 memcpy(ivec, ivp->data, AES_BLOCK_SIZE); 166 memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
173 memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE); 167 memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
174 } 168 } else {
175 else
176 {
177 aes_block_t tmp, tmp2; 169 aes_block_t tmp, tmp2;
178 aes_block_t iv; 170 aes_block_t iv;
179 aes_block_t iv2; 171 aes_block_t iv2;
@@ -181,14 +173,14 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
181 load_block(iv, ivec); 173 load_block(iv, ivec);
182 load_block(iv2, ivec + AES_BLOCK_SIZE); 174 load_block(iv2, ivec + AES_BLOCK_SIZE);
183 175
184 while (len) 176 while (len) {
185 {
186 load_block(tmp, in); 177 load_block(tmp, in);
187 tmp2 = tmp; 178 tmp2 = tmp;
188 for(n=0 ; n < N_WORDS; ++n) 179 for (n = 0; n < N_WORDS; ++n)
189 tmp.data[n] ^= iv2.data[n]; 180 tmp.data[n] ^= iv2.data[n];
190 AES_decrypt((unsigned char *)tmp.data, (unsigned char *)tmp.data, key); 181 AES_decrypt((unsigned char *)tmp.data,
191 for(n=0 ; n < N_WORDS; ++n) 182 (unsigned char *)tmp.data, key);
183 for (n = 0; n < N_WORDS; ++n)
192 tmp.data[n] ^= iv.data[n]; 184 tmp.data[n] ^= iv.data[n];
193 store_block(out, tmp); 185 store_block(out, tmp);
194 iv = tmp2; 186 iv = tmp2;
@@ -196,12 +188,12 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
196 --len; 188 --len;
197 in += AES_BLOCK_SIZE; 189 in += AES_BLOCK_SIZE;
198 out += AES_BLOCK_SIZE; 190 out += AES_BLOCK_SIZE;
199 } 191 }
200 memcpy(ivec, iv.data, AES_BLOCK_SIZE); 192 memcpy(ivec, iv.data, AES_BLOCK_SIZE);
201 memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE); 193 memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
202 }
203 } 194 }
204 } 195 }
196}
205 197
206/* 198/*
207 * Note that its effectively impossible to do biIGE in anything other 199 * Note that its effectively impossible to do biIGE in anything other
@@ -210,11 +202,11 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
210 202
211/* N.B. The IV for this mode is _four times_ the block size */ 203/* N.B. The IV for this mode is _four times_ the block size */
212 204
213void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out, 205void
214 size_t length, const AES_KEY *key, 206AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out, size_t length,
215 const AES_KEY *key2, const unsigned char *ivec, 207 const AES_KEY *key, const AES_KEY *key2, const unsigned char *ivec,
216 const int enc) 208 const int enc)
217 { 209{
218 size_t n; 210 size_t n;
219 size_t len = length; 211 size_t len = length;
220 unsigned char tmp[AES_BLOCK_SIZE]; 212 unsigned char tmp[AES_BLOCK_SIZE];
@@ -225,23 +217,21 @@ void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
225 const unsigned char *iv2; 217 const unsigned char *iv2;
226 218
227 OPENSSL_assert(in && out && key && ivec); 219 OPENSSL_assert(in && out && key && ivec);
228 OPENSSL_assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); 220 OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
229 OPENSSL_assert((length%AES_BLOCK_SIZE) == 0); 221 OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
230 222
231 if (AES_ENCRYPT == enc) 223 if (AES_ENCRYPT == enc) {
232 {
233 /* XXX: Do a separate case for when in != out (strictly should 224 /* XXX: Do a separate case for when in != out (strictly should
234 check for overlap, too) */ 225 check for overlap, too) */
235 226
236 /* First the forward pass */ 227 /* First the forward pass */
237 iv = ivec; 228 iv = ivec;
238 iv2 = ivec + AES_BLOCK_SIZE; 229 iv2 = ivec + AES_BLOCK_SIZE;
239 while (len >= AES_BLOCK_SIZE) 230 while (len >= AES_BLOCK_SIZE) {
240 { 231 for (n = 0; n < AES_BLOCK_SIZE; ++n)
241 for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
242 out[n] = in[n] ^ iv[n]; 232 out[n] = in[n] ^ iv[n];
243 AES_encrypt(out, out, key); 233 AES_encrypt(out, out, key);
244 for(n=0 ; n < AES_BLOCK_SIZE ; ++n) 234 for (n = 0; n < AES_BLOCK_SIZE; ++n)
245 out[n] ^= iv2[n]; 235 out[n] ^= iv2[n];
246 iv = out; 236 iv = out;
247 memcpy(prev, in, AES_BLOCK_SIZE); 237 memcpy(prev, in, AES_BLOCK_SIZE);
@@ -249,68 +239,63 @@ void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
249 len -= AES_BLOCK_SIZE; 239 len -= AES_BLOCK_SIZE;
250 in += AES_BLOCK_SIZE; 240 in += AES_BLOCK_SIZE;
251 out += AES_BLOCK_SIZE; 241 out += AES_BLOCK_SIZE;
252 } 242 }
253 243
254 /* And now backwards */ 244 /* And now backwards */
255 iv = ivec + AES_BLOCK_SIZE*2; 245 iv = ivec + AES_BLOCK_SIZE*2;
256 iv2 = ivec + AES_BLOCK_SIZE*3; 246 iv2 = ivec + AES_BLOCK_SIZE*3;
257 len = length; 247 len = length;
258 while(len >= AES_BLOCK_SIZE) 248 while (len >= AES_BLOCK_SIZE) {
259 {
260 out -= AES_BLOCK_SIZE; 249 out -= AES_BLOCK_SIZE;
261 /* XXX: reduce copies by alternating between buffers */ 250 /* XXX: reduce copies by alternating between buffers */
262 memcpy(tmp, out, AES_BLOCK_SIZE); 251 memcpy(tmp, out, AES_BLOCK_SIZE);
263 for(n=0 ; n < AES_BLOCK_SIZE ; ++n) 252 for (n = 0; n < AES_BLOCK_SIZE; ++n)
264 out[n] ^= iv[n]; 253 out[n] ^= iv[n];
265 /* hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE); */ 254 /* hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE); */
266 AES_encrypt(out, out, key); 255 AES_encrypt(out, out, key);
267 /* hexdump(stdout,"enc", out, AES_BLOCK_SIZE); */ 256 /* hexdump(stdout,"enc", out, AES_BLOCK_SIZE); */
268 /* hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE); */ 257 /* hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE); */
269 for(n=0 ; n < AES_BLOCK_SIZE ; ++n) 258 for (n = 0; n < AES_BLOCK_SIZE; ++n)
270 out[n] ^= iv2[n]; 259 out[n] ^= iv2[n];
271 /* hexdump(stdout,"out", out, AES_BLOCK_SIZE); */ 260 /* hexdump(stdout,"out", out, AES_BLOCK_SIZE); */
272 iv = out; 261 iv = out;
273 memcpy(prev, tmp, AES_BLOCK_SIZE); 262 memcpy(prev, tmp, AES_BLOCK_SIZE);
274 iv2 = prev; 263 iv2 = prev;
275 len -= AES_BLOCK_SIZE; 264 len -= AES_BLOCK_SIZE;
276 }
277 } 265 }
278 else 266 } else {
279 {
280 /* First backwards */ 267 /* First backwards */
281 iv = ivec + AES_BLOCK_SIZE*2; 268 iv = ivec + AES_BLOCK_SIZE*2;
282 iv2 = ivec + AES_BLOCK_SIZE*3; 269 iv2 = ivec + AES_BLOCK_SIZE*3;
283 in += length; 270 in += length;
284 out += length; 271 out += length;
285 while (len >= AES_BLOCK_SIZE) 272 while (len >= AES_BLOCK_SIZE) {
286 {
287 in -= AES_BLOCK_SIZE; 273 in -= AES_BLOCK_SIZE;
288 out -= AES_BLOCK_SIZE; 274 out -= AES_BLOCK_SIZE;
289 memcpy(tmp, in, AES_BLOCK_SIZE); 275 memcpy(tmp, in, AES_BLOCK_SIZE);
290 memcpy(tmp2, in, AES_BLOCK_SIZE); 276 memcpy(tmp2, in, AES_BLOCK_SIZE);
291 for(n=0 ; n < AES_BLOCK_SIZE ; ++n) 277 for (n = 0; n < AES_BLOCK_SIZE; ++n)
292 tmp[n] ^= iv2[n]; 278 tmp[n] ^= iv2[n];
293 AES_decrypt(tmp, out, key); 279 AES_decrypt(tmp, out, key);
294 for(n=0 ; n < AES_BLOCK_SIZE ; ++n) 280 for (n = 0; n < AES_BLOCK_SIZE; ++n)
295 out[n] ^= iv[n]; 281 out[n] ^= iv[n];
296 memcpy(tmp3, tmp2, AES_BLOCK_SIZE); 282 memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
297 iv = tmp3; 283 iv = tmp3;
298 iv2 = out; 284 iv2 = out;
299 len -= AES_BLOCK_SIZE; 285 len -= AES_BLOCK_SIZE;
300 } 286 }
301 287
302 /* And now forwards */ 288 /* And now forwards */
303 iv = ivec; 289 iv = ivec;
304 iv2 = ivec + AES_BLOCK_SIZE; 290 iv2 = ivec + AES_BLOCK_SIZE;
305 len = length; 291 len = length;
306 while (len >= AES_BLOCK_SIZE) 292 while (len >= AES_BLOCK_SIZE) {
307 {
308 memcpy(tmp, out, AES_BLOCK_SIZE); 293 memcpy(tmp, out, AES_BLOCK_SIZE);
309 memcpy(tmp2, out, AES_BLOCK_SIZE); 294 memcpy(tmp2, out, AES_BLOCK_SIZE);
310 for(n=0 ; n < AES_BLOCK_SIZE ; ++n) 295 for (n = 0; n < AES_BLOCK_SIZE; ++n)
311 tmp[n] ^= iv2[n]; 296 tmp[n] ^= iv2[n];
312 AES_decrypt(tmp, out, key); 297 AES_decrypt(tmp, out, key);
313 for(n=0 ; n < AES_BLOCK_SIZE ; ++n) 298 for (n = 0; n < AES_BLOCK_SIZE; ++n)
314 out[n] ^= iv[n]; 299 out[n] ^= iv[n];
315 memcpy(tmp3, tmp2, AES_BLOCK_SIZE); 300 memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
316 iv = tmp3; 301 iv = tmp3;
@@ -318,6 +303,6 @@ void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
318 len -= AES_BLOCK_SIZE; 303 len -= AES_BLOCK_SIZE;
319 in += AES_BLOCK_SIZE; 304 in += AES_BLOCK_SIZE;
320 out += AES_BLOCK_SIZE; 305 out += AES_BLOCK_SIZE;
321 }
322 } 306 }
323 } 307 }
308}
diff --git a/src/lib/libcrypto/aes/aes_misc.c b/src/lib/libcrypto/aes/aes_misc.c
index f083488ecb..d666c06409 100644
--- a/src/lib/libcrypto/aes/aes_misc.c
+++ b/src/lib/libcrypto/aes/aes_misc.c
@@ -56,30 +56,33 @@
56 56
57const char AES_version[]="AES" OPENSSL_VERSION_PTEXT; 57const char AES_version[]="AES" OPENSSL_VERSION_PTEXT;
58 58
59const char *AES_options(void) { 59const char
60*AES_options(void) {
60#ifdef FULL_UNROLL 61#ifdef FULL_UNROLL
61 return "aes(full)"; 62 return "aes(full)";
62#else 63#else
63 return "aes(partial)"; 64 return "aes(partial)";
64#endif 65#endif
65} 66}
66 67
67/* FIPS wrapper functions to block low level AES calls in FIPS mode */ 68/* FIPS wrapper functions to block low level AES calls in FIPS mode */
68 69
69int AES_set_encrypt_key(const unsigned char *userKey, const int bits, 70int
70 AES_KEY *key) 71AES_set_encrypt_key(const unsigned char *userKey, const int bits,
71 { 72 AES_KEY *key)
73{
72#ifdef OPENSSL_FIPS 74#ifdef OPENSSL_FIPS
73 fips_cipher_abort(AES); 75 fips_cipher_abort(AES);
74#endif 76#endif
75 return private_AES_set_encrypt_key(userKey, bits, key); 77 return private_AES_set_encrypt_key(userKey, bits, key);
76 } 78}
77 79
78int AES_set_decrypt_key(const unsigned char *userKey, const int bits, 80int
79 AES_KEY *key) 81AES_set_decrypt_key(const unsigned char *userKey, const int bits,
80 { 82 AES_KEY *key)
83{
81#ifdef OPENSSL_FIPS 84#ifdef OPENSSL_FIPS
82 fips_cipher_abort(AES); 85 fips_cipher_abort(AES);
83#endif 86#endif
84 return private_AES_set_decrypt_key(userKey, bits, key); 87 return private_AES_set_decrypt_key(userKey, bits, key);
85 } 88}
diff --git a/src/lib/libcrypto/aes/aes_ofb.c b/src/lib/libcrypto/aes/aes_ofb.c
index 50bf0b8325..f5a35b20c5 100644
--- a/src/lib/libcrypto/aes/aes_ofb.c
+++ b/src/lib/libcrypto/aes/aes_ofb.c
@@ -52,9 +52,10 @@
52#include <openssl/aes.h> 52#include <openssl/aes.h>
53#include <openssl/modes.h> 53#include <openssl/modes.h>
54 54
55void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, 55void
56 size_t length, const AES_KEY *key, 56AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, size_t length,
57 unsigned char *ivec, int *num) 57 const AES_KEY *key, unsigned char *ivec, int *num)
58{ 58{
59 CRYPTO_ofb128_encrypt(in,out,length,key,ivec,num,(block128_f)AES_encrypt); 59 CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
60 (block128_f)AES_encrypt);
60} 61}
diff --git a/src/lib/libcrypto/aes/aes_wrap.c b/src/lib/libcrypto/aes/aes_wrap.c
index e2d73d37ce..198b0be333 100644
--- a/src/lib/libcrypto/aes/aes_wrap.c
+++ b/src/lib/libcrypto/aes/aes_wrap.c
@@ -56,13 +56,13 @@
56#include <openssl/bio.h> 56#include <openssl/bio.h>
57 57
58static const unsigned char default_iv[] = { 58static const unsigned char default_iv[] = {
59 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 59 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6,
60}; 60};
61 61
62int AES_wrap_key(AES_KEY *key, const unsigned char *iv, 62int
63 unsigned char *out, 63AES_wrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
64 const unsigned char *in, unsigned int inlen) 64 const unsigned char *in, unsigned int inlen)
65 { 65{
66 unsigned char *A, B[16], *R; 66 unsigned char *A, B[16], *R;
67 unsigned int i, j, t; 67 unsigned int i, j, t;
68 if ((inlen & 0x7) || (inlen < 8)) 68 if ((inlen & 0x7) || (inlen < 8))
@@ -75,31 +75,28 @@ int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
75 75
76 memcpy(A, iv, 8); 76 memcpy(A, iv, 8);
77 77
78 for (j = 0; j < 6; j++) 78 for (j = 0; j < 6; j++) {
79 {
80 R = out + 8; 79 R = out + 8;
81 for (i = 0; i < inlen; i += 8, t++, R += 8) 80 for (i = 0; i < inlen; i += 8, t++, R += 8) {
82 {
83 memcpy(B + 8, R, 8); 81 memcpy(B + 8, R, 8);
84 AES_encrypt(B, B, key); 82 AES_encrypt(B, B, key);
85 A[7] ^= (unsigned char)(t & 0xff); 83 A[7] ^= (unsigned char)(t & 0xff);
86 if (t > 0xff) 84 if (t > 0xff) {
87 {
88 A[6] ^= (unsigned char)((t >> 8) & 0xff); 85 A[6] ^= (unsigned char)((t >> 8) & 0xff);
89 A[5] ^= (unsigned char)((t >> 16) & 0xff); 86 A[5] ^= (unsigned char)((t >> 16) & 0xff);
90 A[4] ^= (unsigned char)((t >> 24) & 0xff); 87 A[4] ^= (unsigned char)((t >> 24) & 0xff);
91 }
92 memcpy(R, B + 8, 8);
93 } 88 }
89 memcpy(R, B + 8, 8);
94 } 90 }
91 }
95 memcpy(out, A, 8); 92 memcpy(out, A, 8);
96 return inlen + 8; 93 return inlen + 8;
97 } 94}
98 95
99int AES_unwrap_key(AES_KEY *key, const unsigned char *iv, 96int
100 unsigned char *out, 97AES_unwrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
101 const unsigned char *in, unsigned int inlen) 98 const unsigned char *in, unsigned int inlen)
102 { 99{
103 unsigned char *A, B[16], *R; 100 unsigned char *A, B[16], *R;
104 unsigned int i, j, t; 101 unsigned int i, j, t;
105 inlen -= 8; 102 inlen -= 8;
@@ -108,43 +105,39 @@ int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
108 if (inlen < 8) 105 if (inlen < 8)
109 return -1; 106 return -1;
110 A = B; 107 A = B;
111 t = 6 * (inlen >> 3); 108 t = 6 * (inlen >> 3);
112 memcpy(A, in, 8); 109 memcpy(A, in, 8);
113 memcpy(out, in + 8, inlen); 110 memcpy(out, in + 8, inlen);
114 for (j = 0; j < 6; j++) 111 for (j = 0; j < 6; j++) {
115 {
116 R = out + inlen - 8; 112 R = out + inlen - 8;
117 for (i = 0; i < inlen; i += 8, t--, R -= 8) 113 for (i = 0; i < inlen; i += 8, t--, R -= 8) {
118 {
119 A[7] ^= (unsigned char)(t & 0xff); 114 A[7] ^= (unsigned char)(t & 0xff);
120 if (t > 0xff) 115 if (t > 0xff) {
121 {
122 A[6] ^= (unsigned char)((t >> 8) & 0xff); 116 A[6] ^= (unsigned char)((t >> 8) & 0xff);
123 A[5] ^= (unsigned char)((t >> 16) & 0xff); 117 A[5] ^= (unsigned char)((t >> 16) & 0xff);
124 A[4] ^= (unsigned char)((t >> 24) & 0xff); 118 A[4] ^= (unsigned char)((t >> 24) & 0xff);
125 } 119 }
126 memcpy(B + 8, R, 8); 120 memcpy(B + 8, R, 8);
127 AES_decrypt(B, B, key); 121 AES_decrypt(B, B, key);
128 memcpy(R, B + 8, 8); 122 memcpy(R, B + 8, 8);
129 }
130 } 123 }
124 }
131 if (!iv) 125 if (!iv)
132 iv = default_iv; 126 iv = default_iv;
133 if (memcmp(A, iv, 8)) 127 if (memcmp(A, iv, 8)) {
134 {
135 OPENSSL_cleanse(out, inlen); 128 OPENSSL_cleanse(out, inlen);
136 return 0; 129 return 0;
137 }
138 return inlen;
139 } 130 }
131 return inlen;
132}
140 133
141#ifdef AES_WRAP_TEST 134#ifdef AES_WRAP_TEST
142 135
143int AES_wrap_unwrap_test(const unsigned char *kek, int keybits, 136int
144 const unsigned char *iv, 137AES_wrap_unwrap_test(const unsigned char *kek, int keybits,
145 const unsigned char *eout, 138 const unsigned char *iv, const unsigned char *eout,
146 const unsigned char *key, int keylen) 139 const unsigned char *key, int keylen)
147 { 140{
148 unsigned char *otmp = NULL, *ptmp = NULL; 141 unsigned char *otmp = NULL, *ptmp = NULL;
149 int r, ret = 0; 142 int r, ret = 0;
150 AES_KEY wctx; 143 AES_KEY wctx;
@@ -160,7 +153,7 @@ int AES_wrap_unwrap_test(const unsigned char *kek, int keybits,
160 153
161 if (eout && memcmp(eout, otmp, keylen)) 154 if (eout && memcmp(eout, otmp, keylen))
162 goto err; 155 goto err;
163 156
164 if (AES_set_decrypt_key(kek, keybits, &wctx)) 157 if (AES_set_decrypt_key(kek, keybits, &wctx))
165 goto err; 158 goto err;
166 r = AES_unwrap_key(&wctx, iv, ptmp, otmp, r); 159 r = AES_unwrap_key(&wctx, iv, ptmp, otmp, r);
@@ -170,74 +163,72 @@ int AES_wrap_unwrap_test(const unsigned char *kek, int keybits,
170 163
171 ret = 1; 164 ret = 1;
172 165
173 err: 166err:
174 if (otmp) 167 if (otmp)
175 OPENSSL_free(otmp); 168 OPENSSL_free(otmp);
176 if (ptmp) 169 if (ptmp)
177 OPENSSL_free(ptmp); 170 OPENSSL_free(ptmp);
178 171
179 return ret; 172 return ret;
180 173}
181 }
182
183 174
184 175
185int main(int argc, char **argv) 176int
177main(int argc, char **argv)
186{ 178{
187 179 static const unsigned char kek[] = {
188static const unsigned char kek[] = { 180 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
189 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 181 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
190 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 182 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
191 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 183 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
192 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f 184 };
193}; 185
194 186 static const unsigned char key[] = {
195static const unsigned char key[] = { 187 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
196 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 188 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
197 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 189 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
198 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 190 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
199 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f 191 };
200}; 192
201 193 static const unsigned char e1[] = {
202static const unsigned char e1[] = { 194 0x1f, 0xa6, 0x8b, 0x0a, 0x81, 0x12, 0xb4, 0x47,
203 0x1f, 0xa6, 0x8b, 0x0a, 0x81, 0x12, 0xb4, 0x47, 195 0xae, 0xf3, 0x4b, 0xd8, 0xfb, 0x5a, 0x7b, 0x82,
204 0xae, 0xf3, 0x4b, 0xd8, 0xfb, 0x5a, 0x7b, 0x82, 196 0x9d, 0x3e, 0x86, 0x23, 0x71, 0xd2, 0xcf, 0xe5
205 0x9d, 0x3e, 0x86, 0x23, 0x71, 0xd2, 0xcf, 0xe5 197 };
206}; 198
207 199 static const unsigned char e2[] = {
208static const unsigned char e2[] = { 200 0x96, 0x77, 0x8b, 0x25, 0xae, 0x6c, 0xa4, 0x35,
209 0x96, 0x77, 0x8b, 0x25, 0xae, 0x6c, 0xa4, 0x35, 201 0xf9, 0x2b, 0x5b, 0x97, 0xc0, 0x50, 0xae, 0xd2,
210 0xf9, 0x2b, 0x5b, 0x97, 0xc0, 0x50, 0xae, 0xd2, 202 0x46, 0x8a, 0xb8, 0xa1, 0x7a, 0xd8, 0x4e, 0x5d
211 0x46, 0x8a, 0xb8, 0xa1, 0x7a, 0xd8, 0x4e, 0x5d 203 };
212}; 204
213 205 static const unsigned char e3[] = {
214static const unsigned char e3[] = { 206 0x64, 0xe8, 0xc3, 0xf9, 0xce, 0x0f, 0x5b, 0xa2,
215 0x64, 0xe8, 0xc3, 0xf9, 0xce, 0x0f, 0x5b, 0xa2, 207 0x63, 0xe9, 0x77, 0x79, 0x05, 0x81, 0x8a, 0x2a,
216 0x63, 0xe9, 0x77, 0x79, 0x05, 0x81, 0x8a, 0x2a, 208 0x93, 0xc8, 0x19, 0x1e, 0x7d, 0x6e, 0x8a, 0xe7
217 0x93, 0xc8, 0x19, 0x1e, 0x7d, 0x6e, 0x8a, 0xe7 209 };
218}; 210
219 211 static const unsigned char e4[] = {
220static const unsigned char e4[] = { 212 0x03, 0x1d, 0x33, 0x26, 0x4e, 0x15, 0xd3, 0x32,
221 0x03, 0x1d, 0x33, 0x26, 0x4e, 0x15, 0xd3, 0x32, 213 0x68, 0xf2, 0x4e, 0xc2, 0x60, 0x74, 0x3e, 0xdc,
222 0x68, 0xf2, 0x4e, 0xc2, 0x60, 0x74, 0x3e, 0xdc, 214 0xe1, 0xc6, 0xc7, 0xdd, 0xee, 0x72, 0x5a, 0x93,
223 0xe1, 0xc6, 0xc7, 0xdd, 0xee, 0x72, 0x5a, 0x93, 215 0x6b, 0xa8, 0x14, 0x91, 0x5c, 0x67, 0x62, 0xd2
224 0x6b, 0xa8, 0x14, 0x91, 0x5c, 0x67, 0x62, 0xd2 216 };
225}; 217
226 218 static const unsigned char e5[] = {
227static const unsigned char e5[] = { 219 0xa8, 0xf9, 0xbc, 0x16, 0x12, 0xc6, 0x8b, 0x3f,
228 0xa8, 0xf9, 0xbc, 0x16, 0x12, 0xc6, 0x8b, 0x3f, 220 0xf6, 0xe6, 0xf4, 0xfb, 0xe3, 0x0e, 0x71, 0xe4,
229 0xf6, 0xe6, 0xf4, 0xfb, 0xe3, 0x0e, 0x71, 0xe4, 221 0x76, 0x9c, 0x8b, 0x80, 0xa3, 0x2c, 0xb8, 0x95,
230 0x76, 0x9c, 0x8b, 0x80, 0xa3, 0x2c, 0xb8, 0x95, 222 0x8c, 0xd5, 0xd1, 0x7d, 0x6b, 0x25, 0x4d, 0xa1
231 0x8c, 0xd5, 0xd1, 0x7d, 0x6b, 0x25, 0x4d, 0xa1 223 };
232}; 224
233 225 static const unsigned char e6[] = {
234static const unsigned char e6[] = { 226 0x28, 0xc9, 0xf4, 0x04, 0xc4, 0xb8, 0x10, 0xf4,
235 0x28, 0xc9, 0xf4, 0x04, 0xc4, 0xb8, 0x10, 0xf4, 227 0xcb, 0xcc, 0xb3, 0x5c, 0xfb, 0x87, 0xf8, 0x26,
236 0xcb, 0xcc, 0xb3, 0x5c, 0xfb, 0x87, 0xf8, 0x26, 228 0x3f, 0x57, 0x86, 0xe2, 0xd8, 0x0e, 0xd3, 0x26,
237 0x3f, 0x57, 0x86, 0xe2, 0xd8, 0x0e, 0xd3, 0x26, 229 0xcb, 0xc7, 0xf0, 0xe7, 0x1a, 0x99, 0xf4, 0x3b,
238 0xcb, 0xc7, 0xf0, 0xe7, 0x1a, 0x99, 0xf4, 0x3b, 230 0xfb, 0x98, 0x8b, 0x9b, 0x7a, 0x02, 0xdd, 0x21
239 0xfb, 0x98, 0x8b, 0x9b, 0x7a, 0x02, 0xdd, 0x21 231 };
240};
241 232
242 AES_KEY wctx, xctx; 233 AES_KEY wctx, xctx;
243 int ret; 234 int ret;
@@ -254,6 +245,5 @@ static const unsigned char e6[] = {
254 ret = AES_wrap_unwrap_test(kek, 256, NULL, e6, key, 32); 245 ret = AES_wrap_unwrap_test(kek, 256, NULL, e6, key, 32);
255 fprintf(stderr, "Key test result %d\n", ret); 246 fprintf(stderr, "Key test result %d\n", ret);
256} 247}
257 248
258
259#endif 249#endif
diff --git a/src/lib/libcrypto/aes/aes_x86core.c b/src/lib/libcrypto/aes/aes_x86core.c
index d323e265c0..c5d17b3127 100644
--- a/src/lib/libcrypto/aes/aes_x86core.c
+++ b/src/lib/libcrypto/aes/aes_x86core.c
@@ -59,14 +59,16 @@
59#endif 59#endif
60 60
61#if 1 61#if 1
62static void prefetch256(const void *table) 62static void
63prefetch256(const void *table)
63{ 64{
64 volatile unsigned long *t=(void *)table,ret; 65 volatile unsigned long *t = (void *)table, ret;
65 unsigned long sum; 66 unsigned long sum;
66 int i; 67 int i;
67 68
68 /* 32 is common least cache-line size */ 69 /* 32 is common least cache-line size */
69 for (sum=0,i=0;i<256/sizeof(t[0]);i+=32/sizeof(t[0])) sum ^= t[i]; 70 for (sum = 0, i = 0; i < 256/sizeof(t[0]); i += 32 / sizeof(t[0]))
71 sum ^= t[i];
70 72
71 ret = sum; 73 ret = sum;
72} 74}
@@ -128,350 +130,350 @@ Td4[x] = Si[x].[01];
128#define Td3 (u32)((u64*)((u8*)Td+1)) 130#define Td3 (u32)((u64*)((u8*)Td+1))
129 131
130static const u64 Te[256] = { 132static const u64 Te[256] = {
131 U64(0xa56363c6a56363c6), U64(0x847c7cf8847c7cf8), 133 U64(0xa56363c6a56363c6), U64(0x847c7cf8847c7cf8),
132 U64(0x997777ee997777ee), U64(0x8d7b7bf68d7b7bf6), 134 U64(0x997777ee997777ee), U64(0x8d7b7bf68d7b7bf6),
133 U64(0x0df2f2ff0df2f2ff), U64(0xbd6b6bd6bd6b6bd6), 135 U64(0x0df2f2ff0df2f2ff), U64(0xbd6b6bd6bd6b6bd6),
134 U64(0xb16f6fdeb16f6fde), U64(0x54c5c59154c5c591), 136 U64(0xb16f6fdeb16f6fde), U64(0x54c5c59154c5c591),
135 U64(0x5030306050303060), U64(0x0301010203010102), 137 U64(0x5030306050303060), U64(0x0301010203010102),
136 U64(0xa96767cea96767ce), U64(0x7d2b2b567d2b2b56), 138 U64(0xa96767cea96767ce), U64(0x7d2b2b567d2b2b56),
137 U64(0x19fefee719fefee7), U64(0x62d7d7b562d7d7b5), 139 U64(0x19fefee719fefee7), U64(0x62d7d7b562d7d7b5),
138 U64(0xe6abab4de6abab4d), U64(0x9a7676ec9a7676ec), 140 U64(0xe6abab4de6abab4d), U64(0x9a7676ec9a7676ec),
139 U64(0x45caca8f45caca8f), U64(0x9d82821f9d82821f), 141 U64(0x45caca8f45caca8f), U64(0x9d82821f9d82821f),
140 U64(0x40c9c98940c9c989), U64(0x877d7dfa877d7dfa), 142 U64(0x40c9c98940c9c989), U64(0x877d7dfa877d7dfa),
141 U64(0x15fafaef15fafaef), U64(0xeb5959b2eb5959b2), 143 U64(0x15fafaef15fafaef), U64(0xeb5959b2eb5959b2),
142 U64(0xc947478ec947478e), U64(0x0bf0f0fb0bf0f0fb), 144 U64(0xc947478ec947478e), U64(0x0bf0f0fb0bf0f0fb),
143 U64(0xecadad41ecadad41), U64(0x67d4d4b367d4d4b3), 145 U64(0xecadad41ecadad41), U64(0x67d4d4b367d4d4b3),
144 U64(0xfda2a25ffda2a25f), U64(0xeaafaf45eaafaf45), 146 U64(0xfda2a25ffda2a25f), U64(0xeaafaf45eaafaf45),
145 U64(0xbf9c9c23bf9c9c23), U64(0xf7a4a453f7a4a453), 147 U64(0xbf9c9c23bf9c9c23), U64(0xf7a4a453f7a4a453),
146 U64(0x967272e4967272e4), U64(0x5bc0c09b5bc0c09b), 148 U64(0x967272e4967272e4), U64(0x5bc0c09b5bc0c09b),
147 U64(0xc2b7b775c2b7b775), U64(0x1cfdfde11cfdfde1), 149 U64(0xc2b7b775c2b7b775), U64(0x1cfdfde11cfdfde1),
148 U64(0xae93933dae93933d), U64(0x6a26264c6a26264c), 150 U64(0xae93933dae93933d), U64(0x6a26264c6a26264c),
149 U64(0x5a36366c5a36366c), U64(0x413f3f7e413f3f7e), 151 U64(0x5a36366c5a36366c), U64(0x413f3f7e413f3f7e),
150 U64(0x02f7f7f502f7f7f5), U64(0x4fcccc834fcccc83), 152 U64(0x02f7f7f502f7f7f5), U64(0x4fcccc834fcccc83),
151 U64(0x5c3434685c343468), U64(0xf4a5a551f4a5a551), 153 U64(0x5c3434685c343468), U64(0xf4a5a551f4a5a551),
152 U64(0x34e5e5d134e5e5d1), U64(0x08f1f1f908f1f1f9), 154 U64(0x34e5e5d134e5e5d1), U64(0x08f1f1f908f1f1f9),
153 U64(0x937171e2937171e2), U64(0x73d8d8ab73d8d8ab), 155 U64(0x937171e2937171e2), U64(0x73d8d8ab73d8d8ab),
154 U64(0x5331316253313162), U64(0x3f15152a3f15152a), 156 U64(0x5331316253313162), U64(0x3f15152a3f15152a),
155 U64(0x0c0404080c040408), U64(0x52c7c79552c7c795), 157 U64(0x0c0404080c040408), U64(0x52c7c79552c7c795),
156 U64(0x6523234665232346), U64(0x5ec3c39d5ec3c39d), 158 U64(0x6523234665232346), U64(0x5ec3c39d5ec3c39d),
157 U64(0x2818183028181830), U64(0xa1969637a1969637), 159 U64(0x2818183028181830), U64(0xa1969637a1969637),
158 U64(0x0f05050a0f05050a), U64(0xb59a9a2fb59a9a2f), 160 U64(0x0f05050a0f05050a), U64(0xb59a9a2fb59a9a2f),
159 U64(0x0907070e0907070e), U64(0x3612122436121224), 161 U64(0x0907070e0907070e), U64(0x3612122436121224),
160 U64(0x9b80801b9b80801b), U64(0x3de2e2df3de2e2df), 162 U64(0x9b80801b9b80801b), U64(0x3de2e2df3de2e2df),
161 U64(0x26ebebcd26ebebcd), U64(0x6927274e6927274e), 163 U64(0x26ebebcd26ebebcd), U64(0x6927274e6927274e),
162 U64(0xcdb2b27fcdb2b27f), U64(0x9f7575ea9f7575ea), 164 U64(0xcdb2b27fcdb2b27f), U64(0x9f7575ea9f7575ea),
163 U64(0x1b0909121b090912), U64(0x9e83831d9e83831d), 165 U64(0x1b0909121b090912), U64(0x9e83831d9e83831d),
164 U64(0x742c2c58742c2c58), U64(0x2e1a1a342e1a1a34), 166 U64(0x742c2c58742c2c58), U64(0x2e1a1a342e1a1a34),
165 U64(0x2d1b1b362d1b1b36), U64(0xb26e6edcb26e6edc), 167 U64(0x2d1b1b362d1b1b36), U64(0xb26e6edcb26e6edc),
166 U64(0xee5a5ab4ee5a5ab4), U64(0xfba0a05bfba0a05b), 168 U64(0xee5a5ab4ee5a5ab4), U64(0xfba0a05bfba0a05b),
167 U64(0xf65252a4f65252a4), U64(0x4d3b3b764d3b3b76), 169 U64(0xf65252a4f65252a4), U64(0x4d3b3b764d3b3b76),
168 U64(0x61d6d6b761d6d6b7), U64(0xceb3b37dceb3b37d), 170 U64(0x61d6d6b761d6d6b7), U64(0xceb3b37dceb3b37d),
169 U64(0x7b2929527b292952), U64(0x3ee3e3dd3ee3e3dd), 171 U64(0x7b2929527b292952), U64(0x3ee3e3dd3ee3e3dd),
170 U64(0x712f2f5e712f2f5e), U64(0x9784841397848413), 172 U64(0x712f2f5e712f2f5e), U64(0x9784841397848413),
171 U64(0xf55353a6f55353a6), U64(0x68d1d1b968d1d1b9), 173 U64(0xf55353a6f55353a6), U64(0x68d1d1b968d1d1b9),
172 U64(0x0000000000000000), U64(0x2cededc12cededc1), 174 U64(0x0000000000000000), U64(0x2cededc12cededc1),
173 U64(0x6020204060202040), U64(0x1ffcfce31ffcfce3), 175 U64(0x6020204060202040), U64(0x1ffcfce31ffcfce3),
174 U64(0xc8b1b179c8b1b179), U64(0xed5b5bb6ed5b5bb6), 176 U64(0xc8b1b179c8b1b179), U64(0xed5b5bb6ed5b5bb6),
175 U64(0xbe6a6ad4be6a6ad4), U64(0x46cbcb8d46cbcb8d), 177 U64(0xbe6a6ad4be6a6ad4), U64(0x46cbcb8d46cbcb8d),
176 U64(0xd9bebe67d9bebe67), U64(0x4b3939724b393972), 178 U64(0xd9bebe67d9bebe67), U64(0x4b3939724b393972),
177 U64(0xde4a4a94de4a4a94), U64(0xd44c4c98d44c4c98), 179 U64(0xde4a4a94de4a4a94), U64(0xd44c4c98d44c4c98),
178 U64(0xe85858b0e85858b0), U64(0x4acfcf854acfcf85), 180 U64(0xe85858b0e85858b0), U64(0x4acfcf854acfcf85),
179 U64(0x6bd0d0bb6bd0d0bb), U64(0x2aefefc52aefefc5), 181 U64(0x6bd0d0bb6bd0d0bb), U64(0x2aefefc52aefefc5),
180 U64(0xe5aaaa4fe5aaaa4f), U64(0x16fbfbed16fbfbed), 182 U64(0xe5aaaa4fe5aaaa4f), U64(0x16fbfbed16fbfbed),
181 U64(0xc5434386c5434386), U64(0xd74d4d9ad74d4d9a), 183 U64(0xc5434386c5434386), U64(0xd74d4d9ad74d4d9a),
182 U64(0x5533336655333366), U64(0x9485851194858511), 184 U64(0x5533336655333366), U64(0x9485851194858511),
183 U64(0xcf45458acf45458a), U64(0x10f9f9e910f9f9e9), 185 U64(0xcf45458acf45458a), U64(0x10f9f9e910f9f9e9),
184 U64(0x0602020406020204), U64(0x817f7ffe817f7ffe), 186 U64(0x0602020406020204), U64(0x817f7ffe817f7ffe),
185 U64(0xf05050a0f05050a0), U64(0x443c3c78443c3c78), 187 U64(0xf05050a0f05050a0), U64(0x443c3c78443c3c78),
186 U64(0xba9f9f25ba9f9f25), U64(0xe3a8a84be3a8a84b), 188 U64(0xba9f9f25ba9f9f25), U64(0xe3a8a84be3a8a84b),
187 U64(0xf35151a2f35151a2), U64(0xfea3a35dfea3a35d), 189 U64(0xf35151a2f35151a2), U64(0xfea3a35dfea3a35d),
188 U64(0xc0404080c0404080), U64(0x8a8f8f058a8f8f05), 190 U64(0xc0404080c0404080), U64(0x8a8f8f058a8f8f05),
189 U64(0xad92923fad92923f), U64(0xbc9d9d21bc9d9d21), 191 U64(0xad92923fad92923f), U64(0xbc9d9d21bc9d9d21),
190 U64(0x4838387048383870), U64(0x04f5f5f104f5f5f1), 192 U64(0x4838387048383870), U64(0x04f5f5f104f5f5f1),
191 U64(0xdfbcbc63dfbcbc63), U64(0xc1b6b677c1b6b677), 193 U64(0xdfbcbc63dfbcbc63), U64(0xc1b6b677c1b6b677),
192 U64(0x75dadaaf75dadaaf), U64(0x6321214263212142), 194 U64(0x75dadaaf75dadaaf), U64(0x6321214263212142),
193 U64(0x3010102030101020), U64(0x1affffe51affffe5), 195 U64(0x3010102030101020), U64(0x1affffe51affffe5),
194 U64(0x0ef3f3fd0ef3f3fd), U64(0x6dd2d2bf6dd2d2bf), 196 U64(0x0ef3f3fd0ef3f3fd), U64(0x6dd2d2bf6dd2d2bf),
195 U64(0x4ccdcd814ccdcd81), U64(0x140c0c18140c0c18), 197 U64(0x4ccdcd814ccdcd81), U64(0x140c0c18140c0c18),
196 U64(0x3513132635131326), U64(0x2fececc32fececc3), 198 U64(0x3513132635131326), U64(0x2fececc32fececc3),
197 U64(0xe15f5fbee15f5fbe), U64(0xa2979735a2979735), 199 U64(0xe15f5fbee15f5fbe), U64(0xa2979735a2979735),
198 U64(0xcc444488cc444488), U64(0x3917172e3917172e), 200 U64(0xcc444488cc444488), U64(0x3917172e3917172e),
199 U64(0x57c4c49357c4c493), U64(0xf2a7a755f2a7a755), 201 U64(0x57c4c49357c4c493), U64(0xf2a7a755f2a7a755),
200 U64(0x827e7efc827e7efc), U64(0x473d3d7a473d3d7a), 202 U64(0x827e7efc827e7efc), U64(0x473d3d7a473d3d7a),
201 U64(0xac6464c8ac6464c8), U64(0xe75d5dbae75d5dba), 203 U64(0xac6464c8ac6464c8), U64(0xe75d5dbae75d5dba),
202 U64(0x2b1919322b191932), U64(0x957373e6957373e6), 204 U64(0x2b1919322b191932), U64(0x957373e6957373e6),
203 U64(0xa06060c0a06060c0), U64(0x9881811998818119), 205 U64(0xa06060c0a06060c0), U64(0x9881811998818119),
204 U64(0xd14f4f9ed14f4f9e), U64(0x7fdcdca37fdcdca3), 206 U64(0xd14f4f9ed14f4f9e), U64(0x7fdcdca37fdcdca3),
205 U64(0x6622224466222244), U64(0x7e2a2a547e2a2a54), 207 U64(0x6622224466222244), U64(0x7e2a2a547e2a2a54),
206 U64(0xab90903bab90903b), U64(0x8388880b8388880b), 208 U64(0xab90903bab90903b), U64(0x8388880b8388880b),
207 U64(0xca46468cca46468c), U64(0x29eeeec729eeeec7), 209 U64(0xca46468cca46468c), U64(0x29eeeec729eeeec7),
208 U64(0xd3b8b86bd3b8b86b), U64(0x3c1414283c141428), 210 U64(0xd3b8b86bd3b8b86b), U64(0x3c1414283c141428),
209 U64(0x79dedea779dedea7), U64(0xe25e5ebce25e5ebc), 211 U64(0x79dedea779dedea7), U64(0xe25e5ebce25e5ebc),
210 U64(0x1d0b0b161d0b0b16), U64(0x76dbdbad76dbdbad), 212 U64(0x1d0b0b161d0b0b16), U64(0x76dbdbad76dbdbad),
211 U64(0x3be0e0db3be0e0db), U64(0x5632326456323264), 213 U64(0x3be0e0db3be0e0db), U64(0x5632326456323264),
212 U64(0x4e3a3a744e3a3a74), U64(0x1e0a0a141e0a0a14), 214 U64(0x4e3a3a744e3a3a74), U64(0x1e0a0a141e0a0a14),
213 U64(0xdb494992db494992), U64(0x0a06060c0a06060c), 215 U64(0xdb494992db494992), U64(0x0a06060c0a06060c),
214 U64(0x6c2424486c242448), U64(0xe45c5cb8e45c5cb8), 216 U64(0x6c2424486c242448), U64(0xe45c5cb8e45c5cb8),
215 U64(0x5dc2c29f5dc2c29f), U64(0x6ed3d3bd6ed3d3bd), 217 U64(0x5dc2c29f5dc2c29f), U64(0x6ed3d3bd6ed3d3bd),
216 U64(0xefacac43efacac43), U64(0xa66262c4a66262c4), 218 U64(0xefacac43efacac43), U64(0xa66262c4a66262c4),
217 U64(0xa8919139a8919139), U64(0xa4959531a4959531), 219 U64(0xa8919139a8919139), U64(0xa4959531a4959531),
218 U64(0x37e4e4d337e4e4d3), U64(0x8b7979f28b7979f2), 220 U64(0x37e4e4d337e4e4d3), U64(0x8b7979f28b7979f2),
219 U64(0x32e7e7d532e7e7d5), U64(0x43c8c88b43c8c88b), 221 U64(0x32e7e7d532e7e7d5), U64(0x43c8c88b43c8c88b),
220 U64(0x5937376e5937376e), U64(0xb76d6ddab76d6dda), 222 U64(0x5937376e5937376e), U64(0xb76d6ddab76d6dda),
221 U64(0x8c8d8d018c8d8d01), U64(0x64d5d5b164d5d5b1), 223 U64(0x8c8d8d018c8d8d01), U64(0x64d5d5b164d5d5b1),
222 U64(0xd24e4e9cd24e4e9c), U64(0xe0a9a949e0a9a949), 224 U64(0xd24e4e9cd24e4e9c), U64(0xe0a9a949e0a9a949),
223 U64(0xb46c6cd8b46c6cd8), U64(0xfa5656acfa5656ac), 225 U64(0xb46c6cd8b46c6cd8), U64(0xfa5656acfa5656ac),
224 U64(0x07f4f4f307f4f4f3), U64(0x25eaeacf25eaeacf), 226 U64(0x07f4f4f307f4f4f3), U64(0x25eaeacf25eaeacf),
225 U64(0xaf6565caaf6565ca), U64(0x8e7a7af48e7a7af4), 227 U64(0xaf6565caaf6565ca), U64(0x8e7a7af48e7a7af4),
226 U64(0xe9aeae47e9aeae47), U64(0x1808081018080810), 228 U64(0xe9aeae47e9aeae47), U64(0x1808081018080810),
227 U64(0xd5baba6fd5baba6f), U64(0x887878f0887878f0), 229 U64(0xd5baba6fd5baba6f), U64(0x887878f0887878f0),
228 U64(0x6f25254a6f25254a), U64(0x722e2e5c722e2e5c), 230 U64(0x6f25254a6f25254a), U64(0x722e2e5c722e2e5c),
229 U64(0x241c1c38241c1c38), U64(0xf1a6a657f1a6a657), 231 U64(0x241c1c38241c1c38), U64(0xf1a6a657f1a6a657),
230 U64(0xc7b4b473c7b4b473), U64(0x51c6c69751c6c697), 232 U64(0xc7b4b473c7b4b473), U64(0x51c6c69751c6c697),
231 U64(0x23e8e8cb23e8e8cb), U64(0x7cdddda17cdddda1), 233 U64(0x23e8e8cb23e8e8cb), U64(0x7cdddda17cdddda1),
232 U64(0x9c7474e89c7474e8), U64(0x211f1f3e211f1f3e), 234 U64(0x9c7474e89c7474e8), U64(0x211f1f3e211f1f3e),
233 U64(0xdd4b4b96dd4b4b96), U64(0xdcbdbd61dcbdbd61), 235 U64(0xdd4b4b96dd4b4b96), U64(0xdcbdbd61dcbdbd61),
234 U64(0x868b8b0d868b8b0d), U64(0x858a8a0f858a8a0f), 236 U64(0x868b8b0d868b8b0d), U64(0x858a8a0f858a8a0f),
235 U64(0x907070e0907070e0), U64(0x423e3e7c423e3e7c), 237 U64(0x907070e0907070e0), U64(0x423e3e7c423e3e7c),
236 U64(0xc4b5b571c4b5b571), U64(0xaa6666ccaa6666cc), 238 U64(0xc4b5b571c4b5b571), U64(0xaa6666ccaa6666cc),
237 U64(0xd8484890d8484890), U64(0x0503030605030306), 239 U64(0xd8484890d8484890), U64(0x0503030605030306),
238 U64(0x01f6f6f701f6f6f7), U64(0x120e0e1c120e0e1c), 240 U64(0x01f6f6f701f6f6f7), U64(0x120e0e1c120e0e1c),
239 U64(0xa36161c2a36161c2), U64(0x5f35356a5f35356a), 241 U64(0xa36161c2a36161c2), U64(0x5f35356a5f35356a),
240 U64(0xf95757aef95757ae), U64(0xd0b9b969d0b9b969), 242 U64(0xf95757aef95757ae), U64(0xd0b9b969d0b9b969),
241 U64(0x9186861791868617), U64(0x58c1c19958c1c199), 243 U64(0x9186861791868617), U64(0x58c1c19958c1c199),
242 U64(0x271d1d3a271d1d3a), U64(0xb99e9e27b99e9e27), 244 U64(0x271d1d3a271d1d3a), U64(0xb99e9e27b99e9e27),
243 U64(0x38e1e1d938e1e1d9), U64(0x13f8f8eb13f8f8eb), 245 U64(0x38e1e1d938e1e1d9), U64(0x13f8f8eb13f8f8eb),
244 U64(0xb398982bb398982b), U64(0x3311112233111122), 246 U64(0xb398982bb398982b), U64(0x3311112233111122),
245 U64(0xbb6969d2bb6969d2), U64(0x70d9d9a970d9d9a9), 247 U64(0xbb6969d2bb6969d2), U64(0x70d9d9a970d9d9a9),
246 U64(0x898e8e07898e8e07), U64(0xa7949433a7949433), 248 U64(0x898e8e07898e8e07), U64(0xa7949433a7949433),
247 U64(0xb69b9b2db69b9b2d), U64(0x221e1e3c221e1e3c), 249 U64(0xb69b9b2db69b9b2d), U64(0x221e1e3c221e1e3c),
248 U64(0x9287871592878715), U64(0x20e9e9c920e9e9c9), 250 U64(0x9287871592878715), U64(0x20e9e9c920e9e9c9),
249 U64(0x49cece8749cece87), U64(0xff5555aaff5555aa), 251 U64(0x49cece8749cece87), U64(0xff5555aaff5555aa),
250 U64(0x7828285078282850), U64(0x7adfdfa57adfdfa5), 252 U64(0x7828285078282850), U64(0x7adfdfa57adfdfa5),
251 U64(0x8f8c8c038f8c8c03), U64(0xf8a1a159f8a1a159), 253 U64(0x8f8c8c038f8c8c03), U64(0xf8a1a159f8a1a159),
252 U64(0x8089890980898909), U64(0x170d0d1a170d0d1a), 254 U64(0x8089890980898909), U64(0x170d0d1a170d0d1a),
253 U64(0xdabfbf65dabfbf65), U64(0x31e6e6d731e6e6d7), 255 U64(0xdabfbf65dabfbf65), U64(0x31e6e6d731e6e6d7),
254 U64(0xc6424284c6424284), U64(0xb86868d0b86868d0), 256 U64(0xc6424284c6424284), U64(0xb86868d0b86868d0),
255 U64(0xc3414182c3414182), U64(0xb0999929b0999929), 257 U64(0xc3414182c3414182), U64(0xb0999929b0999929),
256 U64(0x772d2d5a772d2d5a), U64(0x110f0f1e110f0f1e), 258 U64(0x772d2d5a772d2d5a), U64(0x110f0f1e110f0f1e),
257 U64(0xcbb0b07bcbb0b07b), U64(0xfc5454a8fc5454a8), 259 U64(0xcbb0b07bcbb0b07b), U64(0xfc5454a8fc5454a8),
258 U64(0xd6bbbb6dd6bbbb6d), U64(0x3a16162c3a16162c) 260 U64(0xd6bbbb6dd6bbbb6d), U64(0x3a16162c3a16162c)
259}; 261};
260 262
261static const u8 Te4[256] = { 263static const u8 Te4[256] = {
262 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U, 264 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
263 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U, 265 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
264 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U, 266 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
265 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U, 267 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
266 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU, 268 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
267 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U, 269 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
268 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU, 270 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
269 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U, 271 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
270 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U, 272 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
271 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U, 273 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
272 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU, 274 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
273 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU, 275 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
274 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U, 276 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
275 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U, 277 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
276 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U, 278 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
277 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U, 279 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
278 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U, 280 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
279 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U, 281 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
280 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U, 282 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
281 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU, 283 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
282 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU, 284 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
283 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U, 285 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
284 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U, 286 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
285 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U, 287 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
286 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U, 288 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
287 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU, 289 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
288 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU, 290 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
289 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU, 291 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
290 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U, 292 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
291 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU, 293 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
292 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U, 294 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
293 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U 295 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
294}; 296};
295 297
296static const u64 Td[256] = { 298static const u64 Td[256] = {
297 U64(0x50a7f45150a7f451), U64(0x5365417e5365417e), 299 U64(0x50a7f45150a7f451), U64(0x5365417e5365417e),
298 U64(0xc3a4171ac3a4171a), U64(0x965e273a965e273a), 300 U64(0xc3a4171ac3a4171a), U64(0x965e273a965e273a),
299 U64(0xcb6bab3bcb6bab3b), U64(0xf1459d1ff1459d1f), 301 U64(0xcb6bab3bcb6bab3b), U64(0xf1459d1ff1459d1f),
300 U64(0xab58faacab58faac), U64(0x9303e34b9303e34b), 302 U64(0xab58faacab58faac), U64(0x9303e34b9303e34b),
301 U64(0x55fa302055fa3020), U64(0xf66d76adf66d76ad), 303 U64(0x55fa302055fa3020), U64(0xf66d76adf66d76ad),
302 U64(0x9176cc889176cc88), U64(0x254c02f5254c02f5), 304 U64(0x9176cc889176cc88), U64(0x254c02f5254c02f5),
303 U64(0xfcd7e54ffcd7e54f), U64(0xd7cb2ac5d7cb2ac5), 305 U64(0xfcd7e54ffcd7e54f), U64(0xd7cb2ac5d7cb2ac5),
304 U64(0x8044352680443526), U64(0x8fa362b58fa362b5), 306 U64(0x8044352680443526), U64(0x8fa362b58fa362b5),
305 U64(0x495ab1de495ab1de), U64(0x671bba25671bba25), 307 U64(0x495ab1de495ab1de), U64(0x671bba25671bba25),
306 U64(0x980eea45980eea45), U64(0xe1c0fe5de1c0fe5d), 308 U64(0x980eea45980eea45), U64(0xe1c0fe5de1c0fe5d),
307 U64(0x02752fc302752fc3), U64(0x12f04c8112f04c81), 309 U64(0x02752fc302752fc3), U64(0x12f04c8112f04c81),
308 U64(0xa397468da397468d), U64(0xc6f9d36bc6f9d36b), 310 U64(0xa397468da397468d), U64(0xc6f9d36bc6f9d36b),
309 U64(0xe75f8f03e75f8f03), U64(0x959c9215959c9215), 311 U64(0xe75f8f03e75f8f03), U64(0x959c9215959c9215),
310 U64(0xeb7a6dbfeb7a6dbf), U64(0xda595295da595295), 312 U64(0xeb7a6dbfeb7a6dbf), U64(0xda595295da595295),
311 U64(0x2d83bed42d83bed4), U64(0xd3217458d3217458), 313 U64(0x2d83bed42d83bed4), U64(0xd3217458d3217458),
312 U64(0x2969e0492969e049), U64(0x44c8c98e44c8c98e), 314 U64(0x2969e0492969e049), U64(0x44c8c98e44c8c98e),
313 U64(0x6a89c2756a89c275), U64(0x78798ef478798ef4), 315 U64(0x6a89c2756a89c275), U64(0x78798ef478798ef4),
314 U64(0x6b3e58996b3e5899), U64(0xdd71b927dd71b927), 316 U64(0x6b3e58996b3e5899), U64(0xdd71b927dd71b927),
315 U64(0xb64fe1beb64fe1be), U64(0x17ad88f017ad88f0), 317 U64(0xb64fe1beb64fe1be), U64(0x17ad88f017ad88f0),
316 U64(0x66ac20c966ac20c9), U64(0xb43ace7db43ace7d), 318 U64(0x66ac20c966ac20c9), U64(0xb43ace7db43ace7d),
317 U64(0x184adf63184adf63), U64(0x82311ae582311ae5), 319 U64(0x184adf63184adf63), U64(0x82311ae582311ae5),
318 U64(0x6033519760335197), U64(0x457f5362457f5362), 320 U64(0x6033519760335197), U64(0x457f5362457f5362),
319 U64(0xe07764b1e07764b1), U64(0x84ae6bbb84ae6bbb), 321 U64(0xe07764b1e07764b1), U64(0x84ae6bbb84ae6bbb),
320 U64(0x1ca081fe1ca081fe), U64(0x942b08f9942b08f9), 322 U64(0x1ca081fe1ca081fe), U64(0x942b08f9942b08f9),
321 U64(0x5868487058684870), U64(0x19fd458f19fd458f), 323 U64(0x5868487058684870), U64(0x19fd458f19fd458f),
322 U64(0x876cde94876cde94), U64(0xb7f87b52b7f87b52), 324 U64(0x876cde94876cde94), U64(0xb7f87b52b7f87b52),
323 U64(0x23d373ab23d373ab), U64(0xe2024b72e2024b72), 325 U64(0x23d373ab23d373ab), U64(0xe2024b72e2024b72),
324 U64(0x578f1fe3578f1fe3), U64(0x2aab55662aab5566), 326 U64(0x578f1fe3578f1fe3), U64(0x2aab55662aab5566),
325 U64(0x0728ebb20728ebb2), U64(0x03c2b52f03c2b52f), 327 U64(0x0728ebb20728ebb2), U64(0x03c2b52f03c2b52f),
326 U64(0x9a7bc5869a7bc586), U64(0xa50837d3a50837d3), 328 U64(0x9a7bc5869a7bc586), U64(0xa50837d3a50837d3),
327 U64(0xf2872830f2872830), U64(0xb2a5bf23b2a5bf23), 329 U64(0xf2872830f2872830), U64(0xb2a5bf23b2a5bf23),
328 U64(0xba6a0302ba6a0302), U64(0x5c8216ed5c8216ed), 330 U64(0xba6a0302ba6a0302), U64(0x5c8216ed5c8216ed),
329 U64(0x2b1ccf8a2b1ccf8a), U64(0x92b479a792b479a7), 331 U64(0x2b1ccf8a2b1ccf8a), U64(0x92b479a792b479a7),
330 U64(0xf0f207f3f0f207f3), U64(0xa1e2694ea1e2694e), 332 U64(0xf0f207f3f0f207f3), U64(0xa1e2694ea1e2694e),
331 U64(0xcdf4da65cdf4da65), U64(0xd5be0506d5be0506), 333 U64(0xcdf4da65cdf4da65), U64(0xd5be0506d5be0506),
332 U64(0x1f6234d11f6234d1), U64(0x8afea6c48afea6c4), 334 U64(0x1f6234d11f6234d1), U64(0x8afea6c48afea6c4),
333 U64(0x9d532e349d532e34), U64(0xa055f3a2a055f3a2), 335 U64(0x9d532e349d532e34), U64(0xa055f3a2a055f3a2),
334 U64(0x32e18a0532e18a05), U64(0x75ebf6a475ebf6a4), 336 U64(0x32e18a0532e18a05), U64(0x75ebf6a475ebf6a4),
335 U64(0x39ec830b39ec830b), U64(0xaaef6040aaef6040), 337 U64(0x39ec830b39ec830b), U64(0xaaef6040aaef6040),
336 U64(0x069f715e069f715e), U64(0x51106ebd51106ebd), 338 U64(0x069f715e069f715e), U64(0x51106ebd51106ebd),
337 U64(0xf98a213ef98a213e), U64(0x3d06dd963d06dd96), 339 U64(0xf98a213ef98a213e), U64(0x3d06dd963d06dd96),
338 U64(0xae053eddae053edd), U64(0x46bde64d46bde64d), 340 U64(0xae053eddae053edd), U64(0x46bde64d46bde64d),
339 U64(0xb58d5491b58d5491), U64(0x055dc471055dc471), 341 U64(0xb58d5491b58d5491), U64(0x055dc471055dc471),
340 U64(0x6fd406046fd40604), U64(0xff155060ff155060), 342 U64(0x6fd406046fd40604), U64(0xff155060ff155060),
341 U64(0x24fb981924fb9819), U64(0x97e9bdd697e9bdd6), 343 U64(0x24fb981924fb9819), U64(0x97e9bdd697e9bdd6),
342 U64(0xcc434089cc434089), U64(0x779ed967779ed967), 344 U64(0xcc434089cc434089), U64(0x779ed967779ed967),
343 U64(0xbd42e8b0bd42e8b0), U64(0x888b8907888b8907), 345 U64(0xbd42e8b0bd42e8b0), U64(0x888b8907888b8907),
344 U64(0x385b19e7385b19e7), U64(0xdbeec879dbeec879), 346 U64(0x385b19e7385b19e7), U64(0xdbeec879dbeec879),
345 U64(0x470a7ca1470a7ca1), U64(0xe90f427ce90f427c), 347 U64(0x470a7ca1470a7ca1), U64(0xe90f427ce90f427c),
346 U64(0xc91e84f8c91e84f8), U64(0x0000000000000000), 348 U64(0xc91e84f8c91e84f8), U64(0x0000000000000000),
347 U64(0x8386800983868009), U64(0x48ed2b3248ed2b32), 349 U64(0x8386800983868009), U64(0x48ed2b3248ed2b32),
348 U64(0xac70111eac70111e), U64(0x4e725a6c4e725a6c), 350 U64(0xac70111eac70111e), U64(0x4e725a6c4e725a6c),
349 U64(0xfbff0efdfbff0efd), U64(0x5638850f5638850f), 351 U64(0xfbff0efdfbff0efd), U64(0x5638850f5638850f),
350 U64(0x1ed5ae3d1ed5ae3d), U64(0x27392d3627392d36), 352 U64(0x1ed5ae3d1ed5ae3d), U64(0x27392d3627392d36),
351 U64(0x64d90f0a64d90f0a), U64(0x21a65c6821a65c68), 353 U64(0x64d90f0a64d90f0a), U64(0x21a65c6821a65c68),
352 U64(0xd1545b9bd1545b9b), U64(0x3a2e36243a2e3624), 354 U64(0xd1545b9bd1545b9b), U64(0x3a2e36243a2e3624),
353 U64(0xb1670a0cb1670a0c), U64(0x0fe757930fe75793), 355 U64(0xb1670a0cb1670a0c), U64(0x0fe757930fe75793),
354 U64(0xd296eeb4d296eeb4), U64(0x9e919b1b9e919b1b), 356 U64(0xd296eeb4d296eeb4), U64(0x9e919b1b9e919b1b),
355 U64(0x4fc5c0804fc5c080), U64(0xa220dc61a220dc61), 357 U64(0x4fc5c0804fc5c080), U64(0xa220dc61a220dc61),
356 U64(0x694b775a694b775a), U64(0x161a121c161a121c), 358 U64(0x694b775a694b775a), U64(0x161a121c161a121c),
357 U64(0x0aba93e20aba93e2), U64(0xe52aa0c0e52aa0c0), 359 U64(0x0aba93e20aba93e2), U64(0xe52aa0c0e52aa0c0),
358 U64(0x43e0223c43e0223c), U64(0x1d171b121d171b12), 360 U64(0x43e0223c43e0223c), U64(0x1d171b121d171b12),
359 U64(0x0b0d090e0b0d090e), U64(0xadc78bf2adc78bf2), 361 U64(0x0b0d090e0b0d090e), U64(0xadc78bf2adc78bf2),
360 U64(0xb9a8b62db9a8b62d), U64(0xc8a91e14c8a91e14), 362 U64(0xb9a8b62db9a8b62d), U64(0xc8a91e14c8a91e14),
361 U64(0x8519f1578519f157), U64(0x4c0775af4c0775af), 363 U64(0x8519f1578519f157), U64(0x4c0775af4c0775af),
362 U64(0xbbdd99eebbdd99ee), U64(0xfd607fa3fd607fa3), 364 U64(0xbbdd99eebbdd99ee), U64(0xfd607fa3fd607fa3),
363 U64(0x9f2601f79f2601f7), U64(0xbcf5725cbcf5725c), 365 U64(0x9f2601f79f2601f7), U64(0xbcf5725cbcf5725c),
364 U64(0xc53b6644c53b6644), U64(0x347efb5b347efb5b), 366 U64(0xc53b6644c53b6644), U64(0x347efb5b347efb5b),
365 U64(0x7629438b7629438b), U64(0xdcc623cbdcc623cb), 367 U64(0x7629438b7629438b), U64(0xdcc623cbdcc623cb),
366 U64(0x68fcedb668fcedb6), U64(0x63f1e4b863f1e4b8), 368 U64(0x68fcedb668fcedb6), U64(0x63f1e4b863f1e4b8),
367 U64(0xcadc31d7cadc31d7), U64(0x1085634210856342), 369 U64(0xcadc31d7cadc31d7), U64(0x1085634210856342),
368 U64(0x4022971340229713), U64(0x2011c6842011c684), 370 U64(0x4022971340229713), U64(0x2011c6842011c684),
369 U64(0x7d244a857d244a85), U64(0xf83dbbd2f83dbbd2), 371 U64(0x7d244a857d244a85), U64(0xf83dbbd2f83dbbd2),
370 U64(0x1132f9ae1132f9ae), U64(0x6da129c76da129c7), 372 U64(0x1132f9ae1132f9ae), U64(0x6da129c76da129c7),
371 U64(0x4b2f9e1d4b2f9e1d), U64(0xf330b2dcf330b2dc), 373 U64(0x4b2f9e1d4b2f9e1d), U64(0xf330b2dcf330b2dc),
372 U64(0xec52860dec52860d), U64(0xd0e3c177d0e3c177), 374 U64(0xec52860dec52860d), U64(0xd0e3c177d0e3c177),
373 U64(0x6c16b32b6c16b32b), U64(0x99b970a999b970a9), 375 U64(0x6c16b32b6c16b32b), U64(0x99b970a999b970a9),
374 U64(0xfa489411fa489411), U64(0x2264e9472264e947), 376 U64(0xfa489411fa489411), U64(0x2264e9472264e947),
375 U64(0xc48cfca8c48cfca8), U64(0x1a3ff0a01a3ff0a0), 377 U64(0xc48cfca8c48cfca8), U64(0x1a3ff0a01a3ff0a0),
376 U64(0xd82c7d56d82c7d56), U64(0xef903322ef903322), 378 U64(0xd82c7d56d82c7d56), U64(0xef903322ef903322),
377 U64(0xc74e4987c74e4987), U64(0xc1d138d9c1d138d9), 379 U64(0xc74e4987c74e4987), U64(0xc1d138d9c1d138d9),
378 U64(0xfea2ca8cfea2ca8c), U64(0x360bd498360bd498), 380 U64(0xfea2ca8cfea2ca8c), U64(0x360bd498360bd498),
379 U64(0xcf81f5a6cf81f5a6), U64(0x28de7aa528de7aa5), 381 U64(0xcf81f5a6cf81f5a6), U64(0x28de7aa528de7aa5),
380 U64(0x268eb7da268eb7da), U64(0xa4bfad3fa4bfad3f), 382 U64(0x268eb7da268eb7da), U64(0xa4bfad3fa4bfad3f),
381 U64(0xe49d3a2ce49d3a2c), U64(0x0d9278500d927850), 383 U64(0xe49d3a2ce49d3a2c), U64(0x0d9278500d927850),
382 U64(0x9bcc5f6a9bcc5f6a), U64(0x62467e5462467e54), 384 U64(0x9bcc5f6a9bcc5f6a), U64(0x62467e5462467e54),
383 U64(0xc2138df6c2138df6), U64(0xe8b8d890e8b8d890), 385 U64(0xc2138df6c2138df6), U64(0xe8b8d890e8b8d890),
384 U64(0x5ef7392e5ef7392e), U64(0xf5afc382f5afc382), 386 U64(0x5ef7392e5ef7392e), U64(0xf5afc382f5afc382),
385 U64(0xbe805d9fbe805d9f), U64(0x7c93d0697c93d069), 387 U64(0xbe805d9fbe805d9f), U64(0x7c93d0697c93d069),
386 U64(0xa92dd56fa92dd56f), U64(0xb31225cfb31225cf), 388 U64(0xa92dd56fa92dd56f), U64(0xb31225cfb31225cf),
387 U64(0x3b99acc83b99acc8), U64(0xa77d1810a77d1810), 389 U64(0x3b99acc83b99acc8), U64(0xa77d1810a77d1810),
388 U64(0x6e639ce86e639ce8), U64(0x7bbb3bdb7bbb3bdb), 390 U64(0x6e639ce86e639ce8), U64(0x7bbb3bdb7bbb3bdb),
389 U64(0x097826cd097826cd), U64(0xf418596ef418596e), 391 U64(0x097826cd097826cd), U64(0xf418596ef418596e),
390 U64(0x01b79aec01b79aec), U64(0xa89a4f83a89a4f83), 392 U64(0x01b79aec01b79aec), U64(0xa89a4f83a89a4f83),
391 U64(0x656e95e6656e95e6), U64(0x7ee6ffaa7ee6ffaa), 393 U64(0x656e95e6656e95e6), U64(0x7ee6ffaa7ee6ffaa),
392 U64(0x08cfbc2108cfbc21), U64(0xe6e815efe6e815ef), 394 U64(0x08cfbc2108cfbc21), U64(0xe6e815efe6e815ef),
393 U64(0xd99be7bad99be7ba), U64(0xce366f4ace366f4a), 395 U64(0xd99be7bad99be7ba), U64(0xce366f4ace366f4a),
394 U64(0xd4099fead4099fea), U64(0xd67cb029d67cb029), 396 U64(0xd4099fead4099fea), U64(0xd67cb029d67cb029),
395 U64(0xafb2a431afb2a431), U64(0x31233f2a31233f2a), 397 U64(0xafb2a431afb2a431), U64(0x31233f2a31233f2a),
396 U64(0x3094a5c63094a5c6), U64(0xc066a235c066a235), 398 U64(0x3094a5c63094a5c6), U64(0xc066a235c066a235),
397 U64(0x37bc4e7437bc4e74), U64(0xa6ca82fca6ca82fc), 399 U64(0x37bc4e7437bc4e74), U64(0xa6ca82fca6ca82fc),
398 U64(0xb0d090e0b0d090e0), U64(0x15d8a73315d8a733), 400 U64(0xb0d090e0b0d090e0), U64(0x15d8a73315d8a733),
399 U64(0x4a9804f14a9804f1), U64(0xf7daec41f7daec41), 401 U64(0x4a9804f14a9804f1), U64(0xf7daec41f7daec41),
400 U64(0x0e50cd7f0e50cd7f), U64(0x2ff691172ff69117), 402 U64(0x0e50cd7f0e50cd7f), U64(0x2ff691172ff69117),
401 U64(0x8dd64d768dd64d76), U64(0x4db0ef434db0ef43), 403 U64(0x8dd64d768dd64d76), U64(0x4db0ef434db0ef43),
402 U64(0x544daacc544daacc), U64(0xdf0496e4df0496e4), 404 U64(0x544daacc544daacc), U64(0xdf0496e4df0496e4),
403 U64(0xe3b5d19ee3b5d19e), U64(0x1b886a4c1b886a4c), 405 U64(0xe3b5d19ee3b5d19e), U64(0x1b886a4c1b886a4c),
404 U64(0xb81f2cc1b81f2cc1), U64(0x7f5165467f516546), 406 U64(0xb81f2cc1b81f2cc1), U64(0x7f5165467f516546),
405 U64(0x04ea5e9d04ea5e9d), U64(0x5d358c015d358c01), 407 U64(0x04ea5e9d04ea5e9d), U64(0x5d358c015d358c01),
406 U64(0x737487fa737487fa), U64(0x2e410bfb2e410bfb), 408 U64(0x737487fa737487fa), U64(0x2e410bfb2e410bfb),
407 U64(0x5a1d67b35a1d67b3), U64(0x52d2db9252d2db92), 409 U64(0x5a1d67b35a1d67b3), U64(0x52d2db9252d2db92),
408 U64(0x335610e9335610e9), U64(0x1347d66d1347d66d), 410 U64(0x335610e9335610e9), U64(0x1347d66d1347d66d),
409 U64(0x8c61d79a8c61d79a), U64(0x7a0ca1377a0ca137), 411 U64(0x8c61d79a8c61d79a), U64(0x7a0ca1377a0ca137),
410 U64(0x8e14f8598e14f859), U64(0x893c13eb893c13eb), 412 U64(0x8e14f8598e14f859), U64(0x893c13eb893c13eb),
411 U64(0xee27a9ceee27a9ce), U64(0x35c961b735c961b7), 413 U64(0xee27a9ceee27a9ce), U64(0x35c961b735c961b7),
412 U64(0xede51ce1ede51ce1), U64(0x3cb1477a3cb1477a), 414 U64(0xede51ce1ede51ce1), U64(0x3cb1477a3cb1477a),
413 U64(0x59dfd29c59dfd29c), U64(0x3f73f2553f73f255), 415 U64(0x59dfd29c59dfd29c), U64(0x3f73f2553f73f255),
414 U64(0x79ce141879ce1418), U64(0xbf37c773bf37c773), 416 U64(0x79ce141879ce1418), U64(0xbf37c773bf37c773),
415 U64(0xeacdf753eacdf753), U64(0x5baafd5f5baafd5f), 417 U64(0xeacdf753eacdf753), U64(0x5baafd5f5baafd5f),
416 U64(0x146f3ddf146f3ddf), U64(0x86db447886db4478), 418 U64(0x146f3ddf146f3ddf), U64(0x86db447886db4478),
417 U64(0x81f3afca81f3afca), U64(0x3ec468b93ec468b9), 419 U64(0x81f3afca81f3afca), U64(0x3ec468b93ec468b9),
418 U64(0x2c3424382c342438), U64(0x5f40a3c25f40a3c2), 420 U64(0x2c3424382c342438), U64(0x5f40a3c25f40a3c2),
419 U64(0x72c31d1672c31d16), U64(0x0c25e2bc0c25e2bc), 421 U64(0x72c31d1672c31d16), U64(0x0c25e2bc0c25e2bc),
420 U64(0x8b493c288b493c28), U64(0x41950dff41950dff), 422 U64(0x8b493c288b493c28), U64(0x41950dff41950dff),
421 U64(0x7101a8397101a839), U64(0xdeb30c08deb30c08), 423 U64(0x7101a8397101a839), U64(0xdeb30c08deb30c08),
422 U64(0x9ce4b4d89ce4b4d8), U64(0x90c1566490c15664), 424 U64(0x9ce4b4d89ce4b4d8), U64(0x90c1566490c15664),
423 U64(0x6184cb7b6184cb7b), U64(0x70b632d570b632d5), 425 U64(0x6184cb7b6184cb7b), U64(0x70b632d570b632d5),
424 U64(0x745c6c48745c6c48), U64(0x4257b8d04257b8d0) 426 U64(0x745c6c48745c6c48), U64(0x4257b8d04257b8d0)
425}; 427};
426static const u8 Td4[256] = { 428static const u8 Td4[256] = {
427 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U, 429 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
428 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU, 430 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
429 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U, 431 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
430 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU, 432 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
431 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU, 433 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
432 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU, 434 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
433 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U, 435 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
434 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U, 436 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
435 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U, 437 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
436 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U, 438 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
437 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU, 439 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
438 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U, 440 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
439 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU, 441 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
440 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U, 442 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
441 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U, 443 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
442 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU, 444 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
443 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU, 445 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
444 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U, 446 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
445 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U, 447 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
446 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU, 448 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
447 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U, 449 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
448 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU, 450 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
449 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U, 451 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
450 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U, 452 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
451 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U, 453 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
452 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU, 454 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
453 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU, 455 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
454 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU, 456 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
455 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U, 457 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
456 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U, 458 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
457 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U, 459 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
458 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU 460 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU
459}; 461};
460 462
461static const u32 rcon[] = { 463static const u32 rcon[] = {
462 0x00000001U, 0x00000002U, 0x00000004U, 0x00000008U, 464 0x00000001U, 0x00000002U, 0x00000004U, 0x00000008U,
463 0x00000010U, 0x00000020U, 0x00000040U, 0x00000080U, 465 0x00000010U, 0x00000020U, 0x00000040U, 0x00000080U,
464 0x0000001bU, 0x00000036U, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ 466 0x0000001bU, 0x00000036U,
467 /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
465}; 468};
466 469
467/** 470/**
468 * Expand the cipher key into the encryption key schedule. 471 * Expand the cipher key into the encryption key schedule.
469 */ 472 */
470int AES_set_encrypt_key(const unsigned char *userKey, const int bits, 473int
471 AES_KEY *key) { 474AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key) {
472
473 u32 *rk; 475 u32 *rk;
474 int i = 0; 476 int i = 0;
475 u32 temp; 477 u32 temp;
476 478
477 if (!userKey || !key) 479 if (!userKey || !key)
@@ -481,26 +483,26 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
481 483
482 rk = key->rd_key; 484 rk = key->rd_key;
483 485
484 if (bits==128) 486 if (bits == 128)
485 key->rounds = 10; 487 key->rounds = 10;
486 else if (bits==192) 488 else if (bits == 192)
487 key->rounds = 12; 489 key->rounds = 12;
488 else 490 else
489 key->rounds = 14; 491 key->rounds = 14;
490 492
491 rk[0] = GETU32(userKey ); 493 rk[0] = GETU32(userKey);
492 rk[1] = GETU32(userKey + 4); 494 rk[1] = GETU32(userKey + 4);
493 rk[2] = GETU32(userKey + 8); 495 rk[2] = GETU32(userKey + 8);
494 rk[3] = GETU32(userKey + 12); 496 rk[3] = GETU32(userKey + 12);
495 if (bits == 128) { 497 if (bits == 128) {
496 while (1) { 498 while (1) {
497 temp = rk[3]; 499 temp = rk[3];
498 rk[4] = rk[0] ^ 500 rk[4] = rk[0] ^
499 (Te4[(temp >> 8) & 0xff] ) ^ 501 (Te4[(temp >> 8) & 0xff]) ^
500 (Te4[(temp >> 16) & 0xff] << 8) ^ 502 (Te4[(temp >> 16) & 0xff] << 8) ^
501 (Te4[(temp >> 24) ] << 16) ^ 503 (Te4[(temp >> 24)] << 16) ^
502 (Te4[(temp ) & 0xff] << 24) ^ 504 (Te4[(temp) & 0xff] << 24) ^
503 rcon[i]; 505 rcon[i];
504 rk[5] = rk[1] ^ rk[4]; 506 rk[5] = rk[1] ^ rk[4];
505 rk[6] = rk[2] ^ rk[5]; 507 rk[6] = rk[2] ^ rk[5];
506 rk[7] = rk[3] ^ rk[6]; 508 rk[7] = rk[3] ^ rk[6];
@@ -514,21 +516,21 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
514 rk[5] = GETU32(userKey + 20); 516 rk[5] = GETU32(userKey + 20);
515 if (bits == 192) { 517 if (bits == 192) {
516 while (1) { 518 while (1) {
517 temp = rk[ 5]; 519 temp = rk[5];
518 rk[ 6] = rk[ 0] ^ 520 rk[6] = rk[ 0] ^
519 (Te4[(temp >> 8) & 0xff] ) ^ 521 (Te4[(temp >> 8) & 0xff]) ^
520 (Te4[(temp >> 16) & 0xff] << 8) ^ 522 (Te4[(temp >> 16) & 0xff] << 8) ^
521 (Te4[(temp >> 24) ] << 16) ^ 523 (Te4[(temp >> 24)] << 16) ^
522 (Te4[(temp ) & 0xff] << 24) ^ 524 (Te4[(temp) & 0xff] << 24) ^
523 rcon[i]; 525 rcon[i];
524 rk[ 7] = rk[ 1] ^ rk[ 6]; 526 rk[7] = rk[1] ^ rk[6];
525 rk[ 8] = rk[ 2] ^ rk[ 7]; 527 rk[8] = rk[2] ^ rk[7];
526 rk[ 9] = rk[ 3] ^ rk[ 8]; 528 rk[9] = rk[3] ^ rk[8];
527 if (++i == 8) { 529 if (++i == 8) {
528 return 0; 530 return 0;
529 } 531 }
530 rk[10] = rk[ 4] ^ rk[ 9]; 532 rk[10] = rk[4] ^ rk[9];
531 rk[11] = rk[ 5] ^ rk[10]; 533 rk[11] = rk[5] ^ rk[10];
532 rk += 6; 534 rk += 6;
533 } 535 }
534 } 536 }
@@ -536,31 +538,31 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
536 rk[7] = GETU32(userKey + 28); 538 rk[7] = GETU32(userKey + 28);
537 if (bits == 256) { 539 if (bits == 256) {
538 while (1) { 540 while (1) {
539 temp = rk[ 7]; 541 temp = rk[7];
540 rk[ 8] = rk[ 0] ^ 542 rk[8] = rk[0] ^
541 (Te4[(temp >> 8) & 0xff] ) ^ 543 (Te4[(temp >> 8) & 0xff]) ^
542 (Te4[(temp >> 16) & 0xff] << 8) ^ 544 (Te4[(temp >> 16) & 0xff] << 8) ^
543 (Te4[(temp >> 24) ] << 16) ^ 545 (Te4[(temp >> 24)] << 16) ^
544 (Te4[(temp ) & 0xff] << 24) ^ 546 (Te4[(temp) & 0xff] << 24) ^
545 rcon[i]; 547 rcon[i];
546 rk[ 9] = rk[ 1] ^ rk[ 8]; 548 rk[9] = rk[1] ^ rk[8];
547 rk[10] = rk[ 2] ^ rk[ 9]; 549 rk[10] = rk[2] ^ rk[9];
548 rk[11] = rk[ 3] ^ rk[10]; 550 rk[11] = rk[3] ^ rk[10];
549 if (++i == 7) { 551 if (++i == 7) {
550 return 0; 552 return 0;
551 } 553 }
552 temp = rk[11]; 554 temp = rk[11];
553 rk[12] = rk[ 4] ^ 555 rk[12] = rk[4] ^
554 (Te4[(temp ) & 0xff] ) ^ 556 (Te4[(temp) & 0xff]) ^
555 (Te4[(temp >> 8) & 0xff] << 8) ^ 557 (Te4[(temp >> 8) & 0xff] << 8) ^
556 (Te4[(temp >> 16) & 0xff] << 16) ^ 558 (Te4[(temp >> 16) & 0xff] << 16) ^
557 (Te4[(temp >> 24) ] << 24); 559 (Te4[(temp >> 24)] << 24);
558 rk[13] = rk[ 5] ^ rk[12]; 560 rk[13] = rk[5] ^ rk[12];
559 rk[14] = rk[ 6] ^ rk[13]; 561 rk[14] = rk[6] ^ rk[13];
560 rk[15] = rk[ 7] ^ rk[14]; 562 rk[15] = rk[7] ^ rk[14];
561 563
562 rk += 8; 564 rk += 8;
563 } 565 }
564 } 566 }
565 return 0; 567 return 0;
566} 568}
@@ -568,10 +570,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
568/** 570/**
569 * Expand the cipher key into the decryption key schedule. 571 * Expand the cipher key into the decryption key schedule.
570 */ 572 */
571int AES_set_decrypt_key(const unsigned char *userKey, const int bits, 573int
572 AES_KEY *key) { 574AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
573 575{
574 u32 *rk; 576 u32 *rk;
575 int i, j, status; 577 int i, j, status;
576 u32 temp; 578 u32 temp;
577 579
@@ -584,10 +586,18 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
584 586
585 /* invert the order of the round keys: */ 587 /* invert the order of the round keys: */
586 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) { 588 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
587 temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp; 589 temp = rk[i];
588 temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp; 590 rk[i] = rk[j];
589 temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp; 591 rk[j] = temp;
590 temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp; 592 temp = rk[i + 1];
593 rk[i + 1] = rk[j + 1];
594 rk[j + 1] = temp;
595 temp = rk[i + 2];
596 rk[i + 2] = rk[j + 2];
597 rk[j + 2] = temp;
598 temp = rk[i + 3];
599 rk[i + 3] = rk[j + 3];
600 rk[j + 3] = temp;
591 } 601 }
592 /* apply the inverse MixColumn transform to all round keys but the first and the last: */ 602 /* apply the inverse MixColumn transform to all round keys but the first and the last: */
593 for (i = 1; i < (key->rounds); i++) { 603 for (i = 1; i < (key->rounds); i++) {
@@ -599,47 +609,47 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
599 tp1 = rk[j]; 609 tp1 = rk[j];
600 m = tp1 & 0x80808080; 610 m = tp1 & 0x80808080;
601 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^ 611 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
602 ((m - (m >> 7)) & 0x1b1b1b1b); 612 ((m - (m >> 7)) & 0x1b1b1b1b);
603 m = tp2 & 0x80808080; 613 m = tp2 & 0x80808080;
604 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^ 614 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
605 ((m - (m >> 7)) & 0x1b1b1b1b); 615 ((m - (m >> 7)) & 0x1b1b1b1b);
606 m = tp4 & 0x80808080; 616 m = tp4 & 0x80808080;
607 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^ 617 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
608 ((m - (m >> 7)) & 0x1b1b1b1b); 618 ((m - (m >> 7)) & 0x1b1b1b1b);
609 tp9 = tp8 ^ tp1; 619 tp9 = tp8 ^ tp1;
610 tpb = tp9 ^ tp2; 620 tpb = tp9 ^ tp2;
611 tpd = tp9 ^ tp4; 621 tpd = tp9 ^ tp4;
612 tpe = tp8 ^ tp4 ^ tp2; 622 tpe = tp8 ^ tp4 ^ tp2;
613#if defined(ROTATE) 623#if defined(ROTATE)
614 rk[j] = tpe ^ ROTATE(tpd,16) ^ 624 rk[j] = tpe ^ ROTATE(tpd, 16) ^
615 ROTATE(tp9,8) ^ ROTATE(tpb,24); 625 ROTATE(tp9, 8) ^ ROTATE(tpb, 24);
616#else 626#else
617 rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 627 rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
618 (tp9 >> 24) ^ (tp9 << 8) ^ 628 (tp9 >> 24) ^ (tp9 << 8) ^
619 (tpb >> 8) ^ (tpb << 24); 629 (tpb >> 8) ^ (tpb << 24);
620#endif 630#endif
621 } 631 }
622#else 632#else
623 rk[0] = 633 rk[0] =
624 Td0[Te2[(rk[0] ) & 0xff] & 0xff] ^ 634 Td0[Te2[(rk[0]) & 0xff] & 0xff] ^
625 Td1[Te2[(rk[0] >> 8) & 0xff] & 0xff] ^ 635 Td1[Te2[(rk[0] >> 8) & 0xff] & 0xff] ^
626 Td2[Te2[(rk[0] >> 16) & 0xff] & 0xff] ^ 636 Td2[Te2[(rk[0] >> 16) & 0xff] & 0xff] ^
627 Td3[Te2[(rk[0] >> 24) ] & 0xff]; 637 Td3[Te2[(rk[0] >> 24)] & 0xff];
628 rk[1] = 638 rk[1] =
629 Td0[Te2[(rk[1] ) & 0xff] & 0xff] ^ 639 Td0[Te2[(rk[1]) & 0xff] & 0xff] ^
630 Td1[Te2[(rk[1] >> 8) & 0xff] & 0xff] ^ 640 Td1[Te2[(rk[1] >> 8) & 0xff] & 0xff] ^
631 Td2[Te2[(rk[1] >> 16) & 0xff] & 0xff] ^ 641 Td2[Te2[(rk[1] >> 16) & 0xff] & 0xff] ^
632 Td3[Te2[(rk[1] >> 24) ] & 0xff]; 642 Td3[Te2[(rk[1] >> 24)] & 0xff];
633 rk[2] = 643 rk[2] =
634 Td0[Te2[(rk[2] ) & 0xff] & 0xff] ^ 644 Td0[Te2[(rk[2]) & 0xff] & 0xff] ^
635 Td1[Te2[(rk[2] >> 8) & 0xff] & 0xff] ^ 645 Td1[Te2[(rk[2] >> 8) & 0xff] & 0xff] ^
636 Td2[Te2[(rk[2] >> 16) & 0xff] & 0xff] ^ 646 Td2[Te2[(rk[2] >> 16) & 0xff] & 0xff] ^
637 Td3[Te2[(rk[2] >> 24) ] & 0xff]; 647 Td3[Te2[(rk[2] >> 24)] & 0xff];
638 rk[3] = 648 rk[3] =
639 Td0[Te2[(rk[3] ) & 0xff] & 0xff] ^ 649 Td0[Te2[(rk[3]) & 0xff] & 0xff] ^
640 Td1[Te2[(rk[3] >> 8) & 0xff] & 0xff] ^ 650 Td1[Te2[(rk[3] >> 8) & 0xff] & 0xff] ^
641 Td2[Te2[(rk[3] >> 16) & 0xff] & 0xff] ^ 651 Td2[Te2[(rk[3] >> 16) & 0xff] & 0xff] ^
642 Td3[Te2[(rk[3] >> 24) ] & 0xff]; 652 Td3[Te2[(rk[3] >> 24)] & 0xff];
643#endif 653#endif
644 } 654 }
645 return 0; 655 return 0;
@@ -649,9 +659,9 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
649 * Encrypt a single block 659 * Encrypt a single block
650 * in and out can overlap 660 * in and out can overlap
651 */ 661 */
652void AES_encrypt(const unsigned char *in, unsigned char *out, 662void
653 const AES_KEY *key) { 663AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
654 664{
655 const u32 *rk; 665 const u32 *rk;
656 u32 s0, s1, s2, s3, t[4]; 666 u32 s0, s1, s2, s3, t[4];
657 int r; 667 int r;
@@ -663,197 +673,205 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
663 * map byte array block to cipher state 673 * map byte array block to cipher state
664 * and add initial round key: 674 * and add initial round key:
665 */ 675 */
666 s0 = GETU32(in ) ^ rk[0]; 676 s0 = GETU32(in) ^ rk[0];
667 s1 = GETU32(in + 4) ^ rk[1]; 677 s1 = GETU32(in + 4) ^ rk[1];
668 s2 = GETU32(in + 8) ^ rk[2]; 678 s2 = GETU32(in + 8) ^ rk[2];
669 s3 = GETU32(in + 12) ^ rk[3]; 679 s3 = GETU32(in + 12) ^ rk[3];
670 680
671#if defined(AES_COMPACT_IN_OUTER_ROUNDS) 681#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
672 prefetch256(Te4); 682 prefetch256(Te4);
673 683
674 t[0] = Te4[(s0 ) & 0xff] ^ 684 t[0] = Te4[(s0) & 0xff] ^
675 Te4[(s1 >> 8) & 0xff] << 8 ^ 685 Te4[(s1 >> 8) & 0xff] << 8 ^
676 Te4[(s2 >> 16) & 0xff] << 16 ^ 686 Te4[(s2 >> 16) & 0xff] << 16 ^
677 Te4[(s3 >> 24) ] << 24; 687 Te4[(s3 >> 24)] << 24;
678 t[1] = Te4[(s1 ) & 0xff] ^ 688 t[1] = Te4[(s1) & 0xff] ^
679 Te4[(s2 >> 8) & 0xff] << 8 ^ 689 Te4[(s2 >> 8) & 0xff] << 8 ^
680 Te4[(s3 >> 16) & 0xff] << 16 ^ 690 Te4[(s3 >> 16) & 0xff] << 16 ^
681 Te4[(s0 >> 24) ] << 24; 691 Te4[(s0 >> 24)] << 24;
682 t[2] = Te4[(s2 ) & 0xff] ^ 692 t[2] = Te4[(s2) & 0xff] ^
683 Te4[(s3 >> 8) & 0xff] << 8 ^ 693 Te4[(s3 >> 8) & 0xff] << 8 ^
684 Te4[(s0 >> 16) & 0xff] << 16 ^ 694 Te4[(s0 >> 16) & 0xff] << 16 ^
685 Te4[(s1 >> 24) ] << 24; 695 Te4[(s1 >> 24)] << 24;
686 t[3] = Te4[(s3 ) & 0xff] ^ 696 t[3] = Te4[(s3) & 0xff] ^
687 Te4[(s0 >> 8) & 0xff] << 8 ^ 697 Te4[(s0 >> 8) & 0xff] << 8 ^
688 Te4[(s1 >> 16) & 0xff] << 16 ^ 698 Te4[(s1 >> 16) & 0xff] << 16 ^
689 Te4[(s2 >> 24) ] << 24; 699 Te4[(s2 >> 24)] << 24;
690 700
691 /* now do the linear transform using words */ 701 /* now do the linear transform using words */
692 { int i; 702 {
703 int i;
693 u32 r0, r1, r2; 704 u32 r0, r1, r2;
694 705
695 for (i = 0; i < 4; i++) { 706 for (i = 0; i < 4; i++) {
696 r0 = t[i]; 707 r0 = t[i];
697 r1 = r0 & 0x80808080; 708 r1 = r0 & 0x80808080;
698 r2 = ((r0 & 0x7f7f7f7f) << 1) ^ 709 r2 = ((r0 & 0x7f7f7f7f) << 1) ^
699 ((r1 - (r1 >> 7)) & 0x1b1b1b1b); 710 ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
700#if defined(ROTATE) 711#if defined(ROTATE)
701 t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^ 712 t[i] = r2 ^ ROTATE(r2, 24) ^ ROTATE(r0, 24) ^
702 ROTATE(r0,16) ^ ROTATE(r0,8); 713 ROTATE(r0, 16) ^ ROTATE(r0, 8);
703#else 714#else
704 t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^ 715 t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
705 (r0 << 16) ^ (r0 >> 16) ^ 716 (r0 << 16) ^ (r0 >> 16) ^ (r0 << 8) ^ (r0 >> 24);
706 (r0 << 8) ^ (r0 >> 24);
707#endif 717#endif
708 t[i] ^= rk[4+i]; 718 t[i] ^= rk[4 + i];
709 } 719 }
710 } 720 }
711#else 721#else
712 t[0] = Te0[(s0 ) & 0xff] ^ 722 t[0] = Te0[(s0) & 0xff] ^
713 Te1[(s1 >> 8) & 0xff] ^ 723 Te1[(s1 >> 8) & 0xff] ^
714 Te2[(s2 >> 16) & 0xff] ^ 724 Te2[(s2 >> 16) & 0xff] ^
715 Te3[(s3 >> 24) ] ^ 725 Te3[(s3 >> 24)] ^
716 rk[4]; 726 rk[4];
717 t[1] = Te0[(s1 ) & 0xff] ^ 727 t[1] = Te0[(s1) & 0xff] ^
718 Te1[(s2 >> 8) & 0xff] ^ 728 Te1[(s2 >> 8) & 0xff] ^
719 Te2[(s3 >> 16) & 0xff] ^ 729 Te2[(s3 >> 16) & 0xff] ^
720 Te3[(s0 >> 24) ] ^ 730 Te3[(s0 >> 24)] ^
721 rk[5]; 731 rk[5];
722 t[2] = Te0[(s2 ) & 0xff] ^ 732 t[2] = Te0[(s2) & 0xff] ^
723 Te1[(s3 >> 8) & 0xff] ^ 733 Te1[(s3 >> 8) & 0xff] ^
724 Te2[(s0 >> 16) & 0xff] ^ 734 Te2[(s0 >> 16) & 0xff] ^
725 Te3[(s1 >> 24) ] ^ 735 Te3[(s1 >> 24)] ^
726 rk[6]; 736 rk[6];
727 t[3] = Te0[(s3 ) & 0xff] ^ 737 t[3] = Te0[(s3) & 0xff] ^
728 Te1[(s0 >> 8) & 0xff] ^ 738 Te1[(s0 >> 8) & 0xff] ^
729 Te2[(s1 >> 16) & 0xff] ^ 739 Te2[(s1 >> 16) & 0xff] ^
730 Te3[(s2 >> 24) ] ^ 740 Te3[(s2 >> 24)] ^
731 rk[7]; 741 rk[7];
732#endif 742#endif
733 s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3]; 743 s0 = t[0];
744 s1 = t[1];
745 s2 = t[2];
746 s3 = t[3];
734 747
735 /* 748 /*
736 * Nr - 2 full rounds: 749 * Nr - 2 full rounds:
737 */ 750 */
738 for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) { 751 for (rk += 8, r = key->rounds - 2; r > 0; rk += 4, r--) {
739#if defined(AES_COMPACT_IN_INNER_ROUNDS) 752#if defined(AES_COMPACT_IN_INNER_ROUNDS)
740 t[0] = Te4[(s0 ) & 0xff] ^ 753 t[0] = Te4[(s0) & 0xff] ^
741 Te4[(s1 >> 8) & 0xff] << 8 ^ 754 Te4[(s1 >> 8) & 0xff] << 8 ^
742 Te4[(s2 >> 16) & 0xff] << 16 ^ 755 Te4[(s2 >> 16) & 0xff] << 16 ^
743 Te4[(s3 >> 24) ] << 24; 756 Te4[(s3 >> 24)] << 24;
744 t[1] = Te4[(s1 ) & 0xff] ^ 757 t[1] = Te4[(s1) & 0xff] ^
745 Te4[(s2 >> 8) & 0xff] << 8 ^ 758 Te4[(s2 >> 8) & 0xff] << 8 ^
746 Te4[(s3 >> 16) & 0xff] << 16 ^ 759 Te4[(s3 >> 16) & 0xff] << 16 ^
747 Te4[(s0 >> 24) ] << 24; 760 Te4[(s0 >> 24)] << 24;
748 t[2] = Te4[(s2 ) & 0xff] ^ 761 t[2] = Te4[(s2) & 0xff] ^
749 Te4[(s3 >> 8) & 0xff] << 8 ^ 762 Te4[(s3 >> 8) & 0xff] << 8 ^
750 Te4[(s0 >> 16) & 0xff] << 16 ^ 763 Te4[(s0 >> 16) & 0xff] << 16 ^
751 Te4[(s1 >> 24) ] << 24; 764 Te4[(s1 >> 24)] << 24;
752 t[3] = Te4[(s3 ) & 0xff] ^ 765 t[3] = Te4[(s3) & 0xff] ^
753 Te4[(s0 >> 8) & 0xff] << 8 ^ 766 Te4[(s0 >> 8) & 0xff] << 8 ^
754 Te4[(s1 >> 16) & 0xff] << 16 ^ 767 Te4[(s1 >> 16) & 0xff] << 16 ^
755 Te4[(s2 >> 24) ] << 24; 768 Te4[(s2 >> 24)] << 24;
756 769
757 /* now do the linear transform using words */ 770 /* now do the linear transform using words */
758 { int i; 771 {
759 u32 r0, r1, r2; 772 int i;
773 u32 r0, r1, r2;
760 774
761 for (i = 0; i < 4; i++) { 775 for (i = 0; i < 4; i++) {
762 r0 = t[i]; 776 r0 = t[i];
763 r1 = r0 & 0x80808080; 777 r1 = r0 & 0x80808080;
764 r2 = ((r0 & 0x7f7f7f7f) << 1) ^ 778 r2 = ((r0 & 0x7f7f7f7f) << 1) ^
765 ((r1 - (r1 >> 7)) & 0x1b1b1b1b); 779 ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
766#if defined(ROTATE) 780#if defined(ROTATE)
767 t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^ 781 t[i] = r2 ^ ROTATE(r2, 24) ^ ROTATE(r0, 24) ^
768 ROTATE(r0,16) ^ ROTATE(r0,8); 782 ROTATE(r0, 16) ^ ROTATE(r0, 8);
769#else 783#else
770 t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^ 784 t[i] = r2 ^ ((r2 ^ r0) << 24) ^
771 (r0 << 16) ^ (r0 >> 16) ^ 785 ((r2 ^ r0) >> 8) ^
772 (r0 << 8) ^ (r0 >> 24); 786 (r0 << 16) ^ (r0 >> 16) ^
787 (r0 << 8) ^ (r0 >> 24);
773#endif 788#endif
774 t[i] ^= rk[i]; 789 t[i] ^= rk[i];
790 }
775 } 791 }
776 }
777#else 792#else
778 t[0] = Te0[(s0 ) & 0xff] ^ 793 t[0] = Te0[(s0) & 0xff] ^
779 Te1[(s1 >> 8) & 0xff] ^ 794 Te1[(s1 >> 8) & 0xff] ^
780 Te2[(s2 >> 16) & 0xff] ^ 795 Te2[(s2 >> 16) & 0xff] ^
781 Te3[(s3 >> 24) ] ^ 796 Te3[(s3 >> 24)] ^
782 rk[0]; 797 rk[0];
783 t[1] = Te0[(s1 ) & 0xff] ^ 798 t[1] = Te0[(s1) & 0xff] ^
784 Te1[(s2 >> 8) & 0xff] ^ 799 Te1[(s2 >> 8) & 0xff] ^
785 Te2[(s3 >> 16) & 0xff] ^ 800 Te2[(s3 >> 16) & 0xff] ^
786 Te3[(s0 >> 24) ] ^ 801 Te3[(s0 >> 24)] ^
787 rk[1]; 802 rk[1];
788 t[2] = Te0[(s2 ) & 0xff] ^ 803 t[2] = Te0[(s2) & 0xff] ^
789 Te1[(s3 >> 8) & 0xff] ^ 804 Te1[(s3 >> 8) & 0xff] ^
790 Te2[(s0 >> 16) & 0xff] ^ 805 Te2[(s0 >> 16) & 0xff] ^
791 Te3[(s1 >> 24) ] ^ 806 Te3[(s1 >> 24)] ^
792 rk[2]; 807 rk[2];
793 t[3] = Te0[(s3 ) & 0xff] ^ 808 t[3] = Te0[(s3) & 0xff] ^
794 Te1[(s0 >> 8) & 0xff] ^ 809 Te1[(s0 >> 8) & 0xff] ^
795 Te2[(s1 >> 16) & 0xff] ^ 810 Te2[(s1 >> 16) & 0xff] ^
796 Te3[(s2 >> 24) ] ^ 811 Te3[(s2 >> 24)] ^
797 rk[3]; 812 rk[3];
798#endif 813#endif
799 s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3]; 814 s0 = t[0];
800 } 815 s1 = t[1];
801 /* 816 s2 = t[2];
817 s3 = t[3];
818 }
819 /*
802 * apply last round and 820 * apply last round and
803 * map cipher state to byte array block: 821 * map cipher state to byte array block:
804 */ 822 */
805#if defined(AES_COMPACT_IN_OUTER_ROUNDS) 823#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
806 prefetch256(Te4); 824 prefetch256(Te4);
807 825
808 *(u32*)(out+0) = 826 *(u32*)(out + 0) =
809 Te4[(s0 ) & 0xff] ^ 827 Te4[(s0) & 0xff] ^
810 Te4[(s1 >> 8) & 0xff] << 8 ^ 828 Te4[(s1 >> 8) & 0xff] << 8 ^
811 Te4[(s2 >> 16) & 0xff] << 16 ^ 829 Te4[(s2 >> 16) & 0xff] << 16 ^
812 Te4[(s3 >> 24) ] << 24 ^ 830 Te4[(s3 >> 24)] << 24 ^
813 rk[0]; 831 rk[0];
814 *(u32*)(out+4) = 832 *(u32*)(out + 4) =
815 Te4[(s1 ) & 0xff] ^ 833 Te4[(s1) & 0xff] ^
816 Te4[(s2 >> 8) & 0xff] << 8 ^ 834 Te4[(s2 >> 8) & 0xff] << 8 ^
817 Te4[(s3 >> 16) & 0xff] << 16 ^ 835 Te4[(s3 >> 16) & 0xff] << 16 ^
818 Te4[(s0 >> 24) ] << 24 ^ 836 Te4[(s0 >> 24)] << 24 ^
819 rk[1]; 837 rk[1];
820 *(u32*)(out+8) = 838 *(u32*)(out + 8) =
821 Te4[(s2 ) & 0xff] ^ 839 Te4[(s2) & 0xff] ^
822 Te4[(s3 >> 8) & 0xff] << 8 ^ 840 Te4[(s3 >> 8) & 0xff] << 8 ^
823 Te4[(s0 >> 16) & 0xff] << 16 ^ 841 Te4[(s0 >> 16) & 0xff] << 16 ^
824 Te4[(s1 >> 24) ] << 24 ^ 842 Te4[(s1 >> 24)] << 24 ^
825 rk[2]; 843 rk[2];
826 *(u32*)(out+12) = 844 *(u32*)(out + 12) =
827 Te4[(s3 ) & 0xff] ^ 845 Te4[(s3) & 0xff] ^
828 Te4[(s0 >> 8) & 0xff] << 8 ^ 846 Te4[(s0 >> 8) & 0xff] << 8 ^
829 Te4[(s1 >> 16) & 0xff] << 16 ^ 847 Te4[(s1 >> 16) & 0xff] << 16 ^
830 Te4[(s2 >> 24) ] << 24 ^ 848 Te4[(s2 >> 24)] << 24 ^
831 rk[3]; 849 rk[3];
832#else 850#else
833 *(u32*)(out+0) = 851 *(u32*)(out + 0) =
834 (Te2[(s0 ) & 0xff] & 0x000000ffU) ^ 852 (Te2[(s0) & 0xff] & 0x000000ffU) ^
835 (Te3[(s1 >> 8) & 0xff] & 0x0000ff00U) ^ 853 (Te3[(s1 >> 8) & 0xff] & 0x0000ff00U) ^
836 (Te0[(s2 >> 16) & 0xff] & 0x00ff0000U) ^ 854 (Te0[(s2 >> 16) & 0xff] & 0x00ff0000U) ^
837 (Te1[(s3 >> 24) ] & 0xff000000U) ^ 855 (Te1[(s3 >> 24)] & 0xff000000U) ^
838 rk[0]; 856 rk[0];
839 *(u32*)(out+4) = 857 *(u32*)(out + 4) =
840 (Te2[(s1 ) & 0xff] & 0x000000ffU) ^ 858 (Te2[(s1) & 0xff] & 0x000000ffU) ^
841 (Te3[(s2 >> 8) & 0xff] & 0x0000ff00U) ^ 859 (Te3[(s2 >> 8) & 0xff] & 0x0000ff00U) ^
842 (Te0[(s3 >> 16) & 0xff] & 0x00ff0000U) ^ 860 (Te0[(s3 >> 16) & 0xff] & 0x00ff0000U) ^
843 (Te1[(s0 >> 24) ] & 0xff000000U) ^ 861 (Te1[(s0 >> 24)] & 0xff000000U) ^
844 rk[1]; 862 rk[1];
845 *(u32*)(out+8) = 863 *(u32*)(out + 8) =
846 (Te2[(s2 ) & 0xff] & 0x000000ffU) ^ 864 (Te2[(s2) & 0xff] & 0x000000ffU) ^
847 (Te3[(s3 >> 8) & 0xff] & 0x0000ff00U) ^ 865 (Te3[(s3 >> 8) & 0xff] & 0x0000ff00U) ^
848 (Te0[(s0 >> 16) & 0xff] & 0x00ff0000U) ^ 866 (Te0[(s0 >> 16) & 0xff] & 0x00ff0000U) ^
849 (Te1[(s1 >> 24) ] & 0xff000000U) ^ 867 (Te1[(s1 >> 24)] & 0xff000000U) ^
850 rk[2]; 868 rk[2];
851 *(u32*)(out+12) = 869 *(u32*)(out + 12) =
852 (Te2[(s3 ) & 0xff] & 0x000000ffU) ^ 870 (Te2[(s3) & 0xff] & 0x000000ffU) ^
853 (Te3[(s0 >> 8) & 0xff] & 0x0000ff00U) ^ 871 (Te3[(s0 >> 8) & 0xff] & 0x0000ff00U) ^
854 (Te0[(s1 >> 16) & 0xff] & 0x00ff0000U) ^ 872 (Te0[(s1 >> 16) & 0xff] & 0x00ff0000U) ^
855 (Te1[(s2 >> 24) ] & 0xff000000U) ^ 873 (Te1[(s2 >> 24)] & 0xff000000U) ^
856 rk[3]; 874 rk[3];
857#endif 875#endif
858} 876}
859 877
@@ -861,9 +879,9 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
861 * Decrypt a single block 879 * Decrypt a single block
862 * in and out can overlap 880 * in and out can overlap
863 */ 881 */
864void AES_decrypt(const unsigned char *in, unsigned char *out, 882void
865 const AES_KEY *key) { 883AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
866 884{
867 const u32 *rk; 885 const u32 *rk;
868 u32 s0, s1, s2, s3, t[4]; 886 u32 s0, s1, s2, s3, t[4];
869 int r; 887 int r;
@@ -875,7 +893,7 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
875 * map byte array block to cipher state 893 * map byte array block to cipher state
876 * and add initial round key: 894 * and add initial round key:
877 */ 895 */
878 s0 = GETU32(in ) ^ rk[0]; 896 s0 = GETU32(in) ^ rk[0];
879 s1 = GETU32(in + 4) ^ rk[1]; 897 s1 = GETU32(in + 4) ^ rk[1];
880 s2 = GETU32(in + 8) ^ rk[2]; 898 s2 = GETU32(in + 8) ^ rk[2];
881 s3 = GETU32(in + 12) ^ rk[3]; 899 s3 = GETU32(in + 12) ^ rk[3];
@@ -883,181 +901,188 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
883#if defined(AES_COMPACT_IN_OUTER_ROUNDS) 901#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
884 prefetch256(Td4); 902 prefetch256(Td4);
885 903
886 t[0] = Td4[(s0 ) & 0xff] ^ 904 t[0] = Td4[(s0) & 0xff] ^
887 Td4[(s3 >> 8) & 0xff] << 8 ^ 905 Td4[(s3 >> 8) & 0xff] << 8 ^
888 Td4[(s2 >> 16) & 0xff] << 16 ^ 906 Td4[(s2 >> 16) & 0xff] << 16 ^
889 Td4[(s1 >> 24) ] << 24; 907 Td4[(s1 >> 24)] << 24;
890 t[1] = Td4[(s1 ) & 0xff] ^ 908 t[1] = Td4[(s1) & 0xff] ^
891 Td4[(s0 >> 8) & 0xff] << 8 ^ 909 Td4[(s0 >> 8) & 0xff] << 8 ^
892 Td4[(s3 >> 16) & 0xff] << 16 ^ 910 Td4[(s3 >> 16) & 0xff] << 16 ^
893 Td4[(s2 >> 24) ] << 24; 911 Td4[(s2 >> 24)] << 24;
894 t[2] = Td4[(s2 ) & 0xff] ^ 912 t[2] = Td4[(s2) & 0xff] ^
895 Td4[(s1 >> 8) & 0xff] << 8 ^ 913 Td4[(s1 >> 8) & 0xff] << 8 ^
896 Td4[(s0 >> 16) & 0xff] << 16 ^ 914 Td4[(s0 >> 16) & 0xff] << 16 ^
897 Td4[(s3 >> 24) ] << 24; 915 Td4[(s3 >> 24)] << 24;
898 t[3] = Td4[(s3 ) & 0xff] ^ 916 t[3] = Td4[(s3) & 0xff] ^
899 Td4[(s2 >> 8) & 0xff] << 8 ^ 917 Td4[(s2 >> 8) & 0xff] << 8 ^
900 Td4[(s1 >> 16) & 0xff] << 16 ^ 918 Td4[(s1 >> 16) & 0xff] << 16 ^
901 Td4[(s0 >> 24) ] << 24; 919 Td4[(s0 >> 24)] << 24;
902 920
903 /* now do the linear transform using words */ 921 /* now do the linear transform using words */
904 { int i; 922 {
923 int i;
905 u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m; 924 u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
906 925
907 for (i = 0; i < 4; i++) { 926 for (i = 0; i < 4; i++) {
908 tp1 = t[i]; 927 tp1 = t[i];
909 m = tp1 & 0x80808080; 928 m = tp1 & 0x80808080;
910 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^ 929 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
911 ((m - (m >> 7)) & 0x1b1b1b1b); 930 ((m - (m >> 7)) & 0x1b1b1b1b);
912 m = tp2 & 0x80808080; 931 m = tp2 & 0x80808080;
913 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^ 932 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
914 ((m - (m >> 7)) & 0x1b1b1b1b); 933 ((m - (m >> 7)) & 0x1b1b1b1b);
915 m = tp4 & 0x80808080; 934 m = tp4 & 0x80808080;
916 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^ 935 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
917 ((m - (m >> 7)) & 0x1b1b1b1b); 936 ((m - (m >> 7)) & 0x1b1b1b1b);
918 tp9 = tp8 ^ tp1; 937 tp9 = tp8 ^ tp1;
919 tpb = tp9 ^ tp2; 938 tpb = tp9 ^ tp2;
920 tpd = tp9 ^ tp4; 939 tpd = tp9 ^ tp4;
921 tpe = tp8 ^ tp4 ^ tp2; 940 tpe = tp8 ^ tp4 ^ tp2;
922#if defined(ROTATE) 941#if defined(ROTATE)
923 t[i] = tpe ^ ROTATE(tpd,16) ^ 942 t[i] = tpe ^ ROTATE(tpd, 16) ^
924 ROTATE(tp9,8) ^ ROTATE(tpb,24); 943 ROTATE(tp9, 8) ^ ROTATE(tpb, 24);
925#else 944#else
926 t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 945 t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
927 (tp9 >> 24) ^ (tp9 << 8) ^ 946 (tp9 >> 24) ^ (tp9 << 8) ^ (tpb >> 8) ^ (tpb << 24);
928 (tpb >> 8) ^ (tpb << 24);
929#endif 947#endif
930 t[i] ^= rk[4+i]; 948 t[i] ^= rk[4 + i];
931 } 949 }
932 } 950 }
933#else 951#else
934 t[0] = Td0[(s0 ) & 0xff] ^ 952 t[0] = Td0[(s0) & 0xff] ^
935 Td1[(s3 >> 8) & 0xff] ^ 953 Td1[(s3 >> 8) & 0xff] ^
936 Td2[(s2 >> 16) & 0xff] ^ 954 Td2[(s2 >> 16) & 0xff] ^
937 Td3[(s1 >> 24) ] ^ 955 Td3[(s1 >> 24)] ^
938 rk[4]; 956 rk[4];
939 t[1] = Td0[(s1 ) & 0xff] ^ 957 t[1] = Td0[(s1) & 0xff] ^
940 Td1[(s0 >> 8) & 0xff] ^ 958 Td1[(s0 >> 8) & 0xff] ^
941 Td2[(s3 >> 16) & 0xff] ^ 959 Td2[(s3 >> 16) & 0xff] ^
942 Td3[(s2 >> 24) ] ^ 960 Td3[(s2 >> 24)] ^
943 rk[5]; 961 rk[5];
944 t[2] = Td0[(s2 ) & 0xff] ^ 962 t[2] = Td0[(s2) & 0xff] ^
945 Td1[(s1 >> 8) & 0xff] ^ 963 Td1[(s1 >> 8) & 0xff] ^
946 Td2[(s0 >> 16) & 0xff] ^ 964 Td2[(s0 >> 16) & 0xff] ^
947 Td3[(s3 >> 24) ] ^ 965 Td3[(s3 >> 24)] ^
948 rk[6]; 966 rk[6];
949 t[3] = Td0[(s3 ) & 0xff] ^ 967 t[3] = Td0[(s3) & 0xff] ^
950 Td1[(s2 >> 8) & 0xff] ^ 968 Td1[(s2 >> 8) & 0xff] ^
951 Td2[(s1 >> 16) & 0xff] ^ 969 Td2[(s1 >> 16) & 0xff] ^
952 Td3[(s0 >> 24) ] ^ 970 Td3[(s0 >> 24)] ^
953 rk[7]; 971 rk[7];
954#endif 972#endif
955 s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3]; 973 s0 = t[0];
974 s1 = t[1];
975 s2 = t[2];
976 s3 = t[3];
956 977
957 /* 978 /*
958 * Nr - 2 full rounds: 979 * Nr - 2 full rounds:
959 */ 980 */
960 for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) { 981 for (rk += 8, r = key->rounds - 2; r > 0; rk += 4, r--) {
961#if defined(AES_COMPACT_IN_INNER_ROUNDS) 982#if defined(AES_COMPACT_IN_INNER_ROUNDS)
962 t[0] = Td4[(s0 ) & 0xff] ^ 983 t[0] = Td4[(s0) & 0xff] ^
963 Td4[(s3 >> 8) & 0xff] << 8 ^ 984 Td4[(s3 >> 8) & 0xff] << 8 ^
964 Td4[(s2 >> 16) & 0xff] << 16 ^ 985 Td4[(s2 >> 16) & 0xff] << 16 ^
965 Td4[(s1 >> 24) ] << 24; 986 Td4[(s1 >> 24)] << 24;
966 t[1] = Td4[(s1 ) & 0xff] ^ 987 t[1] = Td4[(s1) & 0xff] ^
967 Td4[(s0 >> 8) & 0xff] << 8 ^ 988 Td4[(s0 >> 8) & 0xff] << 8 ^
968 Td4[(s3 >> 16) & 0xff] << 16 ^ 989 Td4[(s3 >> 16) & 0xff] << 16 ^
969 Td4[(s2 >> 24) ] << 24; 990 Td4[(s2 >> 24)] << 24;
970 t[2] = Td4[(s2 ) & 0xff] ^ 991 t[2] = Td4[(s2) & 0xff] ^
971 Td4[(s1 >> 8) & 0xff] << 8 ^ 992 Td4[(s1 >> 8) & 0xff] << 8 ^
972 Td4[(s0 >> 16) & 0xff] << 16 ^ 993 Td4[(s0 >> 16) & 0xff] << 16 ^
973 Td4[(s3 >> 24) ] << 24; 994 Td4[(s3 >> 24)] << 24;
974 t[3] = Td4[(s3 ) & 0xff] ^ 995 t[3] = Td4[(s3) & 0xff] ^
975 Td4[(s2 >> 8) & 0xff] << 8 ^ 996 Td4[(s2 >> 8) & 0xff] << 8 ^
976 Td4[(s1 >> 16) & 0xff] << 16 ^ 997 Td4[(s1 >> 16) & 0xff] << 16 ^
977 Td4[(s0 >> 24) ] << 24; 998 Td4[(s0 >> 24)] << 24;
978 999
979 /* now do the linear transform using words */ 1000 /* now do the linear transform using words */
980 { int i; 1001 {
981 u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m; 1002 int i;
1003 u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
982 1004
983 for (i = 0; i < 4; i++) { 1005 for (i = 0; i < 4; i++) {
984 tp1 = t[i]; 1006 tp1 = t[i];
985 m = tp1 & 0x80808080; 1007 m = tp1 & 0x80808080;
986 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^ 1008 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
987 ((m - (m >> 7)) & 0x1b1b1b1b); 1009 ((m - (m >> 7)) & 0x1b1b1b1b);
988 m = tp2 & 0x80808080; 1010 m = tp2 & 0x80808080;
989 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^ 1011 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
990 ((m - (m >> 7)) & 0x1b1b1b1b); 1012 ((m - (m >> 7)) & 0x1b1b1b1b);
991 m = tp4 & 0x80808080; 1013 m = tp4 & 0x80808080;
992 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^ 1014 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
993 ((m - (m >> 7)) & 0x1b1b1b1b); 1015 ((m - (m >> 7)) & 0x1b1b1b1b);
994 tp9 = tp8 ^ tp1; 1016 tp9 = tp8 ^ tp1;
995 tpb = tp9 ^ tp2; 1017 tpb = tp9 ^ tp2;
996 tpd = tp9 ^ tp4; 1018 tpd = tp9 ^ tp4;
997 tpe = tp8 ^ tp4 ^ tp2; 1019 tpe = tp8 ^ tp4 ^ tp2;
998#if defined(ROTATE) 1020#if defined(ROTATE)
999 t[i] = tpe ^ ROTATE(tpd,16) ^ 1021 t[i] = tpe ^ ROTATE(tpd, 16) ^
1000 ROTATE(tp9,8) ^ ROTATE(tpb,24); 1022 ROTATE(tp9, 8) ^ ROTATE(tpb, 24);
1001#else 1023#else
1002 t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 1024 t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
1003 (tp9 >> 24) ^ (tp9 << 8) ^ 1025 (tp9 >> 24) ^ (tp9 << 8) ^
1004 (tpb >> 8) ^ (tpb << 24); 1026 (tpb >> 8) ^ (tpb << 24);
1005#endif 1027#endif
1006 t[i] ^= rk[i]; 1028 t[i] ^= rk[i];
1029 }
1007 } 1030 }
1008 }
1009#else 1031#else
1010 t[0] = Td0[(s0 ) & 0xff] ^ 1032 t[0] = Td0[(s0) & 0xff] ^
1011 Td1[(s3 >> 8) & 0xff] ^ 1033 Td1[(s3 >> 8) & 0xff] ^
1012 Td2[(s2 >> 16) & 0xff] ^ 1034 Td2[(s2 >> 16) & 0xff] ^
1013 Td3[(s1 >> 24) ] ^ 1035 Td3[(s1 >> 24)] ^
1014 rk[0]; 1036 rk[0];
1015 t[1] = Td0[(s1 ) & 0xff] ^ 1037 t[1] = Td0[(s1) & 0xff] ^
1016 Td1[(s0 >> 8) & 0xff] ^ 1038 Td1[(s0 >> 8) & 0xff] ^
1017 Td2[(s3 >> 16) & 0xff] ^ 1039 Td2[(s3 >> 16) & 0xff] ^
1018 Td3[(s2 >> 24) ] ^ 1040 Td3[(s2 >> 24)] ^
1019 rk[1]; 1041 rk[1];
1020 t[2] = Td0[(s2 ) & 0xff] ^ 1042 t[2] = Td0[(s2) & 0xff] ^
1021 Td1[(s1 >> 8) & 0xff] ^ 1043 Td1[(s1 >> 8) & 0xff] ^
1022 Td2[(s0 >> 16) & 0xff] ^ 1044 Td2[(s0 >> 16) & 0xff] ^
1023 Td3[(s3 >> 24) ] ^ 1045 Td3[(s3 >> 24)] ^
1024 rk[2]; 1046 rk[2];
1025 t[3] = Td0[(s3 ) & 0xff] ^ 1047 t[3] = Td0[(s3) & 0xff] ^
1026 Td1[(s2 >> 8) & 0xff] ^ 1048 Td1[(s2 >> 8) & 0xff] ^
1027 Td2[(s1 >> 16) & 0xff] ^ 1049 Td2[(s1 >> 16) & 0xff] ^
1028 Td3[(s0 >> 24) ] ^ 1050 Td3[(s0 >> 24)] ^
1029 rk[3]; 1051 rk[3];
1030#endif 1052#endif
1031 s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3]; 1053 s0 = t[0];
1032 } 1054 s1 = t[1];
1033 /* 1055 s2 = t[2];
1056 s3 = t[3];
1057 }
1058 /*
1034 * apply last round and 1059 * apply last round and
1035 * map cipher state to byte array block: 1060 * map cipher state to byte array block:
1036 */ 1061 */
1037 prefetch256(Td4); 1062 prefetch256(Td4);
1038 1063
1039 *(u32*)(out+0) = 1064 *(u32*)(out + 0) =
1040 (Td4[(s0 ) & 0xff]) ^ 1065 (Td4[(s0) & 0xff]) ^
1041 (Td4[(s3 >> 8) & 0xff] << 8) ^ 1066 (Td4[(s3 >> 8) & 0xff] << 8) ^
1042 (Td4[(s2 >> 16) & 0xff] << 16) ^ 1067 (Td4[(s2 >> 16) & 0xff] << 16) ^
1043 (Td4[(s1 >> 24) ] << 24) ^ 1068 (Td4[(s1 >> 24)] << 24) ^
1044 rk[0]; 1069 rk[0];
1045 *(u32*)(out+4) = 1070 *(u32*)(out + 4) =
1046 (Td4[(s1 ) & 0xff]) ^ 1071 (Td4[(s1) & 0xff]) ^
1047 (Td4[(s0 >> 8) & 0xff] << 8) ^ 1072 (Td4[(s0 >> 8) & 0xff] << 8) ^
1048 (Td4[(s3 >> 16) & 0xff] << 16) ^ 1073 (Td4[(s3 >> 16) & 0xff] << 16) ^
1049 (Td4[(s2 >> 24) ] << 24) ^ 1074 (Td4[(s2 >> 24)] << 24) ^
1050 rk[1]; 1075 rk[1];
1051 *(u32*)(out+8) = 1076 *(u32*)(out + 8) =
1052 (Td4[(s2 ) & 0xff]) ^ 1077 (Td4[(s2) & 0xff]) ^
1053 (Td4[(s1 >> 8) & 0xff] << 8) ^ 1078 (Td4[(s1 >> 8) & 0xff] << 8) ^
1054 (Td4[(s0 >> 16) & 0xff] << 16) ^ 1079 (Td4[(s0 >> 16) & 0xff] << 16) ^
1055 (Td4[(s3 >> 24) ] << 24) ^ 1080 (Td4[(s3 >> 24)] << 24) ^
1056 rk[2]; 1081 rk[2];
1057 *(u32*)(out+12) = 1082 *(u32*)(out + 12) =
1058 (Td4[(s3 ) & 0xff]) ^ 1083 (Td4[(s3) & 0xff]) ^
1059 (Td4[(s2 >> 8) & 0xff] << 8) ^ 1084 (Td4[(s2 >> 8) & 0xff] << 8) ^
1060 (Td4[(s1 >> 16) & 0xff] << 16) ^ 1085 (Td4[(s1 >> 16) & 0xff] << 16) ^
1061 (Td4[(s0 >> 24) ] << 24) ^ 1086 (Td4[(s0 >> 24)] << 24) ^
1062 rk[3]; 1087 rk[3];
1063} 1088}
diff --git a/src/lib/libssl/src/crypto/aes/aes.h b/src/lib/libssl/src/crypto/aes/aes.h
index 031abf01b5..4d477bdf19 100644
--- a/src/lib/libssl/src/crypto/aes/aes.h
+++ b/src/lib/libssl/src/crypto/aes/aes.h
@@ -75,69 +75,61 @@ extern "C" {
75/* This should be a hidden type, but EVP requires that the size be known */ 75/* This should be a hidden type, but EVP requires that the size be known */
76struct aes_key_st { 76struct aes_key_st {
77#ifdef AES_LONG 77#ifdef AES_LONG
78 unsigned long rd_key[4 *(AES_MAXNR + 1)]; 78 unsigned long rd_key[4 *(AES_MAXNR + 1)];
79#else 79#else
80 unsigned int rd_key[4 *(AES_MAXNR + 1)]; 80 unsigned int rd_key[4 *(AES_MAXNR + 1)];
81#endif 81#endif
82 int rounds; 82 int rounds;
83}; 83};
84typedef struct aes_key_st AES_KEY; 84typedef struct aes_key_st AES_KEY;
85 85
86const char *AES_options(void); 86const char *AES_options(void);
87 87
88int AES_set_encrypt_key(const unsigned char *userKey, const int bits, 88int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
89 AES_KEY *key); 89 AES_KEY *key);
90int AES_set_decrypt_key(const unsigned char *userKey, const int bits, 90int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
91 AES_KEY *key); 91 AES_KEY *key);
92 92
93int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits, 93int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
94 AES_KEY *key); 94 AES_KEY *key);
95int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits, 95int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
96 AES_KEY *key); 96 AES_KEY *key);
97 97
98void AES_encrypt(const unsigned char *in, unsigned char *out, 98void AES_encrypt(const unsigned char *in, unsigned char *out,
99 const AES_KEY *key); 99 const AES_KEY *key);
100void AES_decrypt(const unsigned char *in, unsigned char *out, 100void AES_decrypt(const unsigned char *in, unsigned char *out,
101 const AES_KEY *key); 101 const AES_KEY *key);
102 102
103void AES_ecb_encrypt(const unsigned char *in, unsigned char *out, 103void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
104 const AES_KEY *key, const int enc); 104 const AES_KEY *key, const int enc);
105void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, 105void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
106 size_t length, const AES_KEY *key, 106 size_t length, const AES_KEY *key, unsigned char *ivec, const int enc);
107 unsigned char *ivec, const int enc);
108void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, 107void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
109 size_t length, const AES_KEY *key, 108 size_t length, const AES_KEY *key, unsigned char *ivec, int *num,
110 unsigned char *ivec, int *num, const int enc); 109 const int enc);
111void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, 110void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
112 size_t length, const AES_KEY *key, 111 size_t length, const AES_KEY *key, unsigned char *ivec, int *num,
113 unsigned char *ivec, int *num, const int enc); 112 const int enc);
114void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, 113void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
115 size_t length, const AES_KEY *key, 114 size_t length, const AES_KEY *key, unsigned char *ivec, int *num,
116 unsigned char *ivec, int *num, const int enc); 115 const int enc);
117void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, 116void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
118 size_t length, const AES_KEY *key, 117 size_t length, const AES_KEY *key, unsigned char *ivec, int *num);
119 unsigned char *ivec, int *num);
120void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, 118void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
121 size_t length, const AES_KEY *key, 119 size_t length, const AES_KEY *key, unsigned char ivec[AES_BLOCK_SIZE],
122 unsigned char ivec[AES_BLOCK_SIZE], 120 unsigned char ecount_buf[AES_BLOCK_SIZE], unsigned int *num);
123 unsigned char ecount_buf[AES_BLOCK_SIZE],
124 unsigned int *num);
125/* NB: the IV is _two_ blocks long */ 121/* NB: the IV is _two_ blocks long */
126void AES_ige_encrypt(const unsigned char *in, unsigned char *out, 122void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
127 size_t length, const AES_KEY *key, 123 size_t length, const AES_KEY *key, unsigned char *ivec, const int enc);
128 unsigned char *ivec, const int enc);
129/* NB: the IV is _four_ blocks long */ 124/* NB: the IV is _four_ blocks long */
130void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out, 125void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
131 size_t length, const AES_KEY *key, 126 size_t length, const AES_KEY *key, const AES_KEY *key2,
132 const AES_KEY *key2, const unsigned char *ivec, 127 const unsigned char *ivec, const int enc);
133 const int enc); 128
134 129int AES_wrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
135int AES_wrap_key(AES_KEY *key, const unsigned char *iv, 130 const unsigned char *in, unsigned int inlen);
136 unsigned char *out, 131int AES_unwrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
137 const unsigned char *in, unsigned int inlen); 132 const unsigned char *in, unsigned int inlen);
138int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
139 unsigned char *out,
140 const unsigned char *in, unsigned int inlen);
141 133
142 134
143#ifdef __cplusplus 135#ifdef __cplusplus
diff --git a/src/lib/libssl/src/crypto/aes/aes_cbc.c b/src/lib/libssl/src/crypto/aes/aes_cbc.c
index 227f75625d..9430e04a3e 100644
--- a/src/lib/libssl/src/crypto/aes/aes_cbc.c
+++ b/src/lib/libssl/src/crypto/aes/aes_cbc.c
@@ -52,12 +52,14 @@
52#include <openssl/aes.h> 52#include <openssl/aes.h>
53#include <openssl/modes.h> 53#include <openssl/modes.h>
54 54
55void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, 55void
56 size_t len, const AES_KEY *key, 56AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
57 unsigned char *ivec, const int enc) { 57 size_t len, const AES_KEY *key, unsigned char *ivec, const int enc)
58 58{
59 if (enc) 59 if (enc)
60 CRYPTO_cbc128_encrypt(in,out,len,key,ivec,(block128_f)AES_encrypt); 60 CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
61 (block128_f)AES_encrypt);
61 else 62 else
62 CRYPTO_cbc128_decrypt(in,out,len,key,ivec,(block128_f)AES_decrypt); 63 CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
64 (block128_f)AES_decrypt);
63} 65}
diff --git a/src/lib/libssl/src/crypto/aes/aes_cfb.c b/src/lib/libssl/src/crypto/aes/aes_cfb.c
index 0c6d058ce7..b496a04716 100644
--- a/src/lib/libssl/src/crypto/aes/aes_cfb.c
+++ b/src/lib/libssl/src/crypto/aes/aes_cfb.c
@@ -57,25 +57,28 @@
57 * 128bit block we have used is contained in *num; 57 * 128bit block we have used is contained in *num;
58 */ 58 */
59 59
60void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, 60void
61 size_t length, const AES_KEY *key, 61AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, size_t length,
62 unsigned char *ivec, int *num, const int enc) { 62 const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
63 63{
64 CRYPTO_cfb128_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt); 64 CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
65 (block128_f)AES_encrypt);
65} 66}
66 67
67/* N.B. This expects the input to be packed, MS bit first */ 68/* N.B. This expects the input to be packed, MS bit first */
68void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, 69void
69 size_t length, const AES_KEY *key, 70AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, size_t length,
70 unsigned char *ivec, int *num, const int enc) 71 const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
71 { 72{
72 CRYPTO_cfb128_1_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt); 73 CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
73 } 74 (block128_f)AES_encrypt);
75}
74 76
75void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, 77void
76 size_t length, const AES_KEY *key, 78AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, size_t length,
77 unsigned char *ivec, int *num, const int enc) 79 const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
78 { 80{
79 CRYPTO_cfb128_8_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt); 81 CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
80 } 82 (block128_f)AES_encrypt);
83}
81 84
diff --git a/src/lib/libssl/src/crypto/aes/aes_core.c b/src/lib/libssl/src/crypto/aes/aes_core.c
index 8f5210ac70..05ffbfbf5f 100644
--- a/src/lib/libssl/src/crypto/aes/aes_core.c
+++ b/src/lib/libssl/src/crypto/aes/aes_core.c
@@ -54,567 +54,567 @@ Td4[x] = Si[x].[01];
54*/ 54*/
55 55
56static const u32 Te0[256] = { 56static const u32 Te0[256] = {
57 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU, 57 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
58 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U, 58 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
59 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU, 59 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
60 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU, 60 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
61 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U, 61 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
62 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU, 62 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
63 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU, 63 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
64 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU, 64 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
65 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU, 65 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
66 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU, 66 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
67 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U, 67 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
68 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU, 68 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
69 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU, 69 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
70 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U, 70 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
71 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU, 71 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
72 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU, 72 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
73 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU, 73 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
74 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU, 74 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
75 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU, 75 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
76 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U, 76 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
77 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU, 77 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
78 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU, 78 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
79 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU, 79 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
80 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU, 80 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
81 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U, 81 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
82 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U, 82 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
83 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U, 83 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
84 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U, 84 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
85 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU, 85 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
86 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U, 86 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
87 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U, 87 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
88 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU, 88 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
89 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU, 89 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
90 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U, 90 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
91 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U, 91 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
92 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U, 92 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
93 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU, 93 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
94 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U, 94 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
95 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU, 95 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
96 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U, 96 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
97 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU, 97 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
98 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U, 98 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
99 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U, 99 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
100 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU, 100 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
101 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U, 101 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
102 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U, 102 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
103 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U, 103 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
104 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U, 104 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
105 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U, 105 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
106 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U, 106 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
107 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U, 107 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
108 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U, 108 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
109 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU, 109 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
110 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U, 110 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
111 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U, 111 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
112 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U, 112 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
113 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U, 113 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
114 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U, 114 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
115 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U, 115 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
116 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU, 116 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
117 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U, 117 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
118 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U, 118 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
119 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U, 119 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
120 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU, 120 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
121}; 121};
122static const u32 Te1[256] = { 122static const u32 Te1[256] = {
123 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU, 123 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
124 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U, 124 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
125 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU, 125 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
126 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U, 126 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
127 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU, 127 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
128 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U, 128 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
129 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU, 129 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
130 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U, 130 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
131 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U, 131 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
132 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU, 132 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
133 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U, 133 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
134 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U, 134 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
135 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U, 135 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
136 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU, 136 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
137 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U, 137 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
138 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U, 138 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
139 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU, 139 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
140 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U, 140 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
141 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U, 141 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
142 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U, 142 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
143 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU, 143 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
144 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU, 144 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
145 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U, 145 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
146 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU, 146 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
147 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU, 147 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
148 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U, 148 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
149 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU, 149 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
150 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U, 150 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
151 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU, 151 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
152 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U, 152 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
153 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U, 153 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
154 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U, 154 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
155 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU, 155 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
156 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U, 156 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
157 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU, 157 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
158 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U, 158 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
159 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU, 159 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
160 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U, 160 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
161 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U, 161 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
162 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU, 162 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
163 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU, 163 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
164 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU, 164 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
165 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U, 165 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
166 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U, 166 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
167 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU, 167 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
168 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U, 168 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
169 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU, 169 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
170 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U, 170 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
171 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU, 171 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
172 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U, 172 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
173 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU, 173 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
174 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU, 174 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
175 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U, 175 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
176 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU, 176 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
177 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U, 177 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
178 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU, 178 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
179 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U, 179 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
180 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U, 180 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
181 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U, 181 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
182 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU, 182 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
183 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU, 183 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
184 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U, 184 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
185 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU, 185 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
186 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U, 186 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
187}; 187};
188static const u32 Te2[256] = { 188static const u32 Te2[256] = {
189 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU, 189 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
190 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U, 190 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
191 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU, 191 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
192 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U, 192 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
193 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU, 193 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
194 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U, 194 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
195 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU, 195 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
196 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U, 196 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
197 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U, 197 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
198 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU, 198 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
199 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U, 199 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
200 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U, 200 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
201 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U, 201 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
202 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU, 202 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
203 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U, 203 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
204 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U, 204 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
205 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU, 205 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
206 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U, 206 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
207 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U, 207 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
208 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U, 208 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
209 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU, 209 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
210 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU, 210 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
211 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U, 211 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
212 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU, 212 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
213 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU, 213 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
214 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U, 214 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
215 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU, 215 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
216 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U, 216 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
217 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU, 217 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
218 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U, 218 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
219 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U, 219 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
220 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U, 220 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
221 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU, 221 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
222 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U, 222 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
223 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU, 223 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
224 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U, 224 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
225 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU, 225 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
226 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U, 226 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
227 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U, 227 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
228 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU, 228 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
229 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU, 229 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
230 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU, 230 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
231 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U, 231 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
232 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U, 232 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
233 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU, 233 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
234 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U, 234 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
235 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU, 235 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
236 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U, 236 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
237 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU, 237 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
238 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U, 238 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
239 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU, 239 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
240 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU, 240 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
241 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U, 241 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
242 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU, 242 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
243 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U, 243 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
244 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU, 244 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
245 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U, 245 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
246 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U, 246 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
247 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U, 247 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
248 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU, 248 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
249 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU, 249 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
250 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U, 250 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
251 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU, 251 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
252 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U, 252 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
253}; 253};
254static const u32 Te3[256] = { 254static const u32 Te3[256] = {
255 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U, 255 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
256 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U, 256 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
257 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U, 257 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
258 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU, 258 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
259 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU, 259 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
260 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU, 260 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
261 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U, 261 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
262 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU, 262 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
263 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU, 263 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
264 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U, 264 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
265 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U, 265 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
266 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU, 266 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
267 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU, 267 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
268 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU, 268 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
269 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU, 269 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
270 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU, 270 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
271 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U, 271 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
272 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU, 272 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
273 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU, 273 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
274 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U, 274 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
275 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U, 275 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
276 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U, 276 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
277 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U, 277 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
278 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U, 278 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
279 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU, 279 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
280 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U, 280 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
281 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU, 281 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
282 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU, 282 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
283 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U, 283 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
284 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U, 284 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
285 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U, 285 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
286 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU, 286 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
287 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U, 287 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
288 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU, 288 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
289 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU, 289 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
290 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U, 290 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
291 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U, 291 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
292 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU, 292 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
293 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U, 293 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
294 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU, 294 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
295 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U, 295 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
296 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U, 296 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
297 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U, 297 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
298 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U, 298 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
299 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU, 299 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
300 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U, 300 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
301 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU, 301 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
302 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U, 302 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
303 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU, 303 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
304 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U, 304 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
305 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU, 305 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
306 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU, 306 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
307 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU, 307 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
308 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU, 308 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
309 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U, 309 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
310 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U, 310 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
311 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U, 311 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
312 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U, 312 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
313 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U, 313 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
314 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U, 314 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
315 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU, 315 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
316 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U, 316 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
317 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU, 317 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
318 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU, 318 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
319}; 319};
320 320
321static const u32 Td0[256] = { 321static const u32 Td0[256] = {
322 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U, 322 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
323 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U, 323 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
324 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U, 324 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
325 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU, 325 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
326 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U, 326 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
327 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U, 327 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
328 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU, 328 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
329 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U, 329 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
330 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU, 330 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
331 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U, 331 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
332 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U, 332 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
333 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U, 333 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
334 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U, 334 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
335 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU, 335 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
336 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U, 336 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
337 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU, 337 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
338 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U, 338 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
339 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU, 339 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
340 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U, 340 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
341 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U, 341 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
342 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U, 342 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
343 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU, 343 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
344 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U, 344 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
345 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU, 345 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
346 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U, 346 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
347 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU, 347 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
348 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U, 348 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
349 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU, 349 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
350 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU, 350 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
351 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U, 351 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
352 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU, 352 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
353 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U, 353 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
354 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU, 354 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
355 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U, 355 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
356 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U, 356 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
357 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U, 357 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
358 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU, 358 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
359 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U, 359 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
360 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U, 360 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
361 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU, 361 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
362 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U, 362 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
363 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U, 363 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
364 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U, 364 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
365 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U, 365 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
366 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U, 366 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
367 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU, 367 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
368 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U, 368 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
369 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U, 369 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
370 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U, 370 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
371 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U, 371 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
372 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U, 372 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
373 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU, 373 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
374 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU, 374 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
375 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU, 375 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
376 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU, 376 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
377 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U, 377 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
378 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U, 378 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
379 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU, 379 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
380 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU, 380 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
381 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U, 381 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
382 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU, 382 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
383 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U, 383 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
384 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U, 384 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
385 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U, 385 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
386}; 386};
387static const u32 Td1[256] = { 387static const u32 Td1[256] = {
388 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU, 388 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
389 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U, 389 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
390 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU, 390 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
391 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U, 391 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
392 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U, 392 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
393 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U, 393 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
394 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U, 394 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
395 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U, 395 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
396 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U, 396 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
397 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU, 397 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
398 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU, 398 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
399 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU, 399 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
400 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U, 400 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
401 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU, 401 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
402 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U, 402 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
403 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U, 403 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
404 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U, 404 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
405 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU, 405 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
406 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU, 406 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
407 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U, 407 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
408 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU, 408 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
409 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U, 409 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
410 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU, 410 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
411 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU, 411 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
412 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U, 412 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
413 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U, 413 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
414 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U, 414 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
415 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU, 415 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
416 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U, 416 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
417 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU, 417 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
418 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U, 418 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
419 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U, 419 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
420 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U, 420 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
421 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU, 421 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
422 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U, 422 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
423 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U, 423 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
424 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U, 424 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
425 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U, 425 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
426 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U, 426 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
427 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U, 427 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
428 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU, 428 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
429 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU, 429 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
430 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U, 430 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
431 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU, 431 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
432 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U, 432 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
433 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU, 433 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
434 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU, 434 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
435 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U, 435 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
436 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU, 436 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
437 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U, 437 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
438 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U, 438 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
439 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U, 439 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
440 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U, 440 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
441 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U, 441 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
442 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U, 442 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
443 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U, 443 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
444 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU, 444 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
445 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U, 445 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
446 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U, 446 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
447 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU, 447 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
448 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U, 448 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
449 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U, 449 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
450 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U, 450 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
451 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U, 451 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
452}; 452};
453static const u32 Td2[256] = { 453static const u32 Td2[256] = {
454 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U, 454 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
455 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U, 455 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
456 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U, 456 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
457 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U, 457 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
458 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU, 458 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
459 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U, 459 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
460 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U, 460 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
461 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U, 461 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
462 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U, 462 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
463 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU, 463 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
464 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U, 464 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
465 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U, 465 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
466 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU, 466 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
467 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U, 467 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
468 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U, 468 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
469 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U, 469 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
470 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U, 470 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
471 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U, 471 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
472 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U, 472 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
473 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU, 473 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
474 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U, 474 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
475 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U, 475 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
476 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U, 476 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
477 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U, 477 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
478 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U, 478 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
479 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU, 479 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
480 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU, 480 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
481 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U, 481 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
482 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU, 482 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
483 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U, 483 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
484 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU, 484 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
485 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU, 485 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
486 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU, 486 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
487 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU, 487 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
488 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U, 488 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
489 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U, 489 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
490 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U, 490 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
491 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U, 491 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
492 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U, 492 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
493 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U, 493 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
494 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U, 494 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
495 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU, 495 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
496 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU, 496 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
497 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U, 497 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
498 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U, 498 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
499 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU, 499 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
500 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU, 500 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
501 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U, 501 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
502 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U, 502 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
503 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U, 503 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
504 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U, 504 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
505 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U, 505 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
506 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U, 506 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
507 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U, 507 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
508 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU, 508 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
509 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U, 509 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
510 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U, 510 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
511 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U, 511 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
512 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U, 512 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
513 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U, 513 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
514 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U, 514 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
515 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU, 515 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
516 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U, 516 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
517 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U, 517 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
518}; 518};
519static const u32 Td3[256] = { 519static const u32 Td3[256] = {
520 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU, 520 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
521 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU, 521 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
522 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U, 522 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
523 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U, 523 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
524 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU, 524 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
525 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU, 525 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
526 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U, 526 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
527 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU, 527 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
528 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U, 528 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
529 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU, 529 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
530 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U, 530 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
531 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U, 531 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
532 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U, 532 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
533 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U, 533 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
534 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U, 534 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
535 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU, 535 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
536 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU, 536 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
537 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U, 537 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
538 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U, 538 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
539 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU, 539 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
540 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU, 540 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
541 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U, 541 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
542 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U, 542 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
543 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U, 543 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
544 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U, 544 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
545 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU, 545 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
546 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U, 546 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
547 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U, 547 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
548 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU, 548 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
549 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU, 549 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
550 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U, 550 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
551 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U, 551 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
552 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U, 552 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
553 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU, 553 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
554 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U, 554 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
555 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U, 555 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
556 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U, 556 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
557 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U, 557 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
558 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U, 558 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
559 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U, 559 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
560 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U, 560 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
561 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU, 561 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
562 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U, 562 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
563 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U, 563 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
564 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU, 564 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
565 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU, 565 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
566 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U, 566 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
567 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU, 567 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
568 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U, 568 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
569 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U, 569 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
570 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U, 570 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
571 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U, 571 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
572 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U, 572 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
573 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U, 573 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
574 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU, 574 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
575 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU, 575 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
576 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU, 576 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
577 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU, 577 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
578 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U, 578 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
579 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U, 579 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
580 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U, 580 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
581 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU, 581 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
582 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U, 582 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
583 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U, 583 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
584}; 584};
585static const u8 Td4[256] = { 585static const u8 Td4[256] = {
586 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U, 586 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
587 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU, 587 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
588 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U, 588 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
589 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU, 589 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
590 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU, 590 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
591 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU, 591 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
592 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U, 592 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
593 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U, 593 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
594 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U, 594 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
595 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U, 595 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
596 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU, 596 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
597 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U, 597 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
598 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU, 598 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
599 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U, 599 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
600 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U, 600 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
601 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU, 601 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
602 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU, 602 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
603 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U, 603 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
604 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U, 604 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
605 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU, 605 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
606 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U, 606 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
607 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU, 607 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
608 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U, 608 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
609 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U, 609 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
610 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U, 610 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
611 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU, 611 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
612 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU, 612 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
613 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU, 613 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
614 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U, 614 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
615 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U, 615 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
616 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U, 616 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
617 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU, 617 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
618}; 618};
619static const u32 rcon[] = { 619static const u32 rcon[] = {
620 0x01000000, 0x02000000, 0x04000000, 0x08000000, 620 0x01000000, 0x02000000, 0x04000000, 0x08000000,
@@ -625,11 +625,12 @@ static const u32 rcon[] = {
625/** 625/**
626 * Expand the cipher key into the encryption key schedule. 626 * Expand the cipher key into the encryption key schedule.
627 */ 627 */
628int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits, 628int
629 AES_KEY *key) { 629private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
630 630 AES_KEY *key)
631{
631 u32 *rk; 632 u32 *rk;
632 int i = 0; 633 int i = 0;
633 u32 temp; 634 u32 temp;
634 635
635 if (!userKey || !key) 636 if (!userKey || !key)
@@ -639,26 +640,26 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
639 640
640 rk = key->rd_key; 641 rk = key->rd_key;
641 642
642 if (bits==128) 643 if (bits == 128)
643 key->rounds = 10; 644 key->rounds = 10;
644 else if (bits==192) 645 else if (bits == 192)
645 key->rounds = 12; 646 key->rounds = 12;
646 else 647 else
647 key->rounds = 14; 648 key->rounds = 14;
648 649
649 rk[0] = GETU32(userKey ); 650 rk[0] = GETU32(userKey);
650 rk[1] = GETU32(userKey + 4); 651 rk[1] = GETU32(userKey + 4);
651 rk[2] = GETU32(userKey + 8); 652 rk[2] = GETU32(userKey + 8);
652 rk[3] = GETU32(userKey + 12); 653 rk[3] = GETU32(userKey + 12);
653 if (bits == 128) { 654 if (bits == 128) {
654 while (1) { 655 while (1) {
655 temp = rk[3]; 656 temp = rk[3];
656 rk[4] = rk[0] ^ 657 rk[4] = rk[0] ^
657 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ 658 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
658 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ 659 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
659 (Te0[(temp ) & 0xff] & 0x0000ff00) ^ 660 (Te0[(temp) & 0xff] & 0x0000ff00) ^
660 (Te1[(temp >> 24) ] & 0x000000ff) ^ 661 (Te1[(temp >> 24)] & 0x000000ff) ^
661 rcon[i]; 662 rcon[i];
662 rk[5] = rk[1] ^ rk[4]; 663 rk[5] = rk[1] ^ rk[4];
663 rk[6] = rk[2] ^ rk[5]; 664 rk[6] = rk[2] ^ rk[5];
664 rk[7] = rk[3] ^ rk[6]; 665 rk[7] = rk[3] ^ rk[6];
@@ -672,21 +673,21 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
672 rk[5] = GETU32(userKey + 20); 673 rk[5] = GETU32(userKey + 20);
673 if (bits == 192) { 674 if (bits == 192) {
674 while (1) { 675 while (1) {
675 temp = rk[ 5]; 676 temp = rk[5];
676 rk[ 6] = rk[ 0] ^ 677 rk[6] = rk[ 0] ^
677 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ 678 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
678 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ 679 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
679 (Te0[(temp ) & 0xff] & 0x0000ff00) ^ 680 (Te0[(temp) & 0xff] & 0x0000ff00) ^
680 (Te1[(temp >> 24) ] & 0x000000ff) ^ 681 (Te1[(temp >> 24)] & 0x000000ff) ^
681 rcon[i]; 682 rcon[i];
682 rk[ 7] = rk[ 1] ^ rk[ 6]; 683 rk[7] = rk[1] ^ rk[6];
683 rk[ 8] = rk[ 2] ^ rk[ 7]; 684 rk[8] = rk[2] ^ rk[7];
684 rk[ 9] = rk[ 3] ^ rk[ 8]; 685 rk[9] = rk[3] ^ rk[8];
685 if (++i == 8) { 686 if (++i == 8) {
686 return 0; 687 return 0;
687 } 688 }
688 rk[10] = rk[ 4] ^ rk[ 9]; 689 rk[10] = rk[4] ^ rk[9];
689 rk[11] = rk[ 5] ^ rk[10]; 690 rk[11] = rk[5] ^ rk[10];
690 rk += 6; 691 rk += 6;
691 } 692 }
692 } 693 }
@@ -694,31 +695,31 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
694 rk[7] = GETU32(userKey + 28); 695 rk[7] = GETU32(userKey + 28);
695 if (bits == 256) { 696 if (bits == 256) {
696 while (1) { 697 while (1) {
697 temp = rk[ 7]; 698 temp = rk[7];
698 rk[ 8] = rk[ 0] ^ 699 rk[8] = rk[0] ^
699 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ 700 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
700 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ 701 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
701 (Te0[(temp ) & 0xff] & 0x0000ff00) ^ 702 (Te0[(temp) & 0xff] & 0x0000ff00) ^
702 (Te1[(temp >> 24) ] & 0x000000ff) ^ 703 (Te1[(temp >> 24)] & 0x000000ff) ^
703 rcon[i]; 704 rcon[i];
704 rk[ 9] = rk[ 1] ^ rk[ 8]; 705 rk[9] = rk[1] ^ rk[8];
705 rk[10] = rk[ 2] ^ rk[ 9]; 706 rk[10] = rk[2] ^ rk[9];
706 rk[11] = rk[ 3] ^ rk[10]; 707 rk[11] = rk[3] ^ rk[10];
707 if (++i == 7) { 708 if (++i == 7) {
708 return 0; 709 return 0;
709 } 710 }
710 temp = rk[11]; 711 temp = rk[11];
711 rk[12] = rk[ 4] ^ 712 rk[12] = rk[4] ^
712 (Te2[(temp >> 24) ] & 0xff000000) ^ 713 (Te2[(temp >> 24)] & 0xff000000) ^
713 (Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^ 714 (Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^
714 (Te0[(temp >> 8) & 0xff] & 0x0000ff00) ^ 715 (Te0[(temp >> 8) & 0xff] & 0x0000ff00) ^
715 (Te1[(temp ) & 0xff] & 0x000000ff); 716 (Te1[(temp) & 0xff] & 0x000000ff);
716 rk[13] = rk[ 5] ^ rk[12]; 717 rk[13] = rk[5] ^ rk[12];
717 rk[14] = rk[ 6] ^ rk[13]; 718 rk[14] = rk[6] ^ rk[13];
718 rk[15] = rk[ 7] ^ rk[14]; 719 rk[15] = rk[7] ^ rk[14];
719 720
720 rk += 8; 721 rk += 8;
721 } 722 }
722 } 723 }
723 return 0; 724 return 0;
724} 725}
@@ -726,10 +727,11 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
726/** 727/**
727 * Expand the cipher key into the decryption key schedule. 728 * Expand the cipher key into the decryption key schedule.
728 */ 729 */
729int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits, 730int
730 AES_KEY *key) { 731private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
731 732 AES_KEY *key)
732 u32 *rk; 733{
734 u32 *rk;
733 int i, j, status; 735 int i, j, status;
734 u32 temp; 736 u32 temp;
735 737
@@ -741,35 +743,43 @@ int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
741 rk = key->rd_key; 743 rk = key->rd_key;
742 744
743 /* invert the order of the round keys: */ 745 /* invert the order of the round keys: */
744 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) { 746 for (i = 0, j = 4 * (key->rounds); i < j; i += 4, j -= 4) {
745 temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp; 747 temp = rk[i];
746 temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp; 748 rk[i] = rk[j];
747 temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp; 749 rk[j] = temp;
748 temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp; 750 temp = rk[i + 1];
751 rk[i + 1] = rk[j + 1];
752 rk[j + 1] = temp;
753 temp = rk[i + 2];
754 rk[i + 2] = rk[j + 2];
755 rk[j + 2] = temp;
756 temp = rk[i + 3];
757 rk[i + 3] = rk[j + 3];
758 rk[j + 3] = temp;
749 } 759 }
750 /* apply the inverse MixColumn transform to all round keys but the first and the last: */ 760 /* apply the inverse MixColumn transform to all round keys but the first and the last: */
751 for (i = 1; i < (key->rounds); i++) { 761 for (i = 1; i < (key->rounds); i++) {
752 rk += 4; 762 rk += 4;
753 rk[0] = 763 rk[0] =
754 Td0[Te1[(rk[0] >> 24) ] & 0xff] ^ 764 Td0[Te1[(rk[0] >> 24)] & 0xff] ^
755 Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^ 765 Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^
756 Td2[Te1[(rk[0] >> 8) & 0xff] & 0xff] ^ 766 Td2[Te1[(rk[0] >> 8) & 0xff] & 0xff] ^
757 Td3[Te1[(rk[0] ) & 0xff] & 0xff]; 767 Td3[Te1[(rk[0]) & 0xff] & 0xff];
758 rk[1] = 768 rk[1] =
759 Td0[Te1[(rk[1] >> 24) ] & 0xff] ^ 769 Td0[Te1[(rk[1] >> 24)] & 0xff] ^
760 Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^ 770 Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^
761 Td2[Te1[(rk[1] >> 8) & 0xff] & 0xff] ^ 771 Td2[Te1[(rk[1] >> 8) & 0xff] & 0xff] ^
762 Td3[Te1[(rk[1] ) & 0xff] & 0xff]; 772 Td3[Te1[(rk[1]) & 0xff] & 0xff];
763 rk[2] = 773 rk[2] =
764 Td0[Te1[(rk[2] >> 24) ] & 0xff] ^ 774 Td0[Te1[(rk[2] >> 24)] & 0xff] ^
765 Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^ 775 Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^
766 Td2[Te1[(rk[2] >> 8) & 0xff] & 0xff] ^ 776 Td2[Te1[(rk[2] >> 8) & 0xff] & 0xff] ^
767 Td3[Te1[(rk[2] ) & 0xff] & 0xff]; 777 Td3[Te1[(rk[2]) & 0xff] & 0xff];
768 rk[3] = 778 rk[3] =
769 Td0[Te1[(rk[3] >> 24) ] & 0xff] ^ 779 Td0[Te1[(rk[3] >> 24)] & 0xff] ^
770 Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^ 780 Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^
771 Td2[Te1[(rk[3] >> 8) & 0xff] & 0xff] ^ 781 Td2[Te1[(rk[3] >> 8) & 0xff] & 0xff] ^
772 Td3[Te1[(rk[3] ) & 0xff] & 0xff]; 782 Td3[Te1[(rk[3]) & 0xff] & 0xff];
773 } 783 }
774 return 0; 784 return 0;
775} 785}
@@ -778,9 +788,9 @@ int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
778 * Encrypt a single block 788 * Encrypt a single block
779 * in and out can overlap 789 * in and out can overlap
780 */ 790 */
781void AES_encrypt(const unsigned char *in, unsigned char *out, 791void
782 const AES_KEY *key) { 792AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
783 793{
784 const u32 *rk; 794 const u32 *rk;
785 u32 s0, s1, s2, s3, t0, t1, t2, t3; 795 u32 s0, s1, s2, s3, t0, t1, t2, t3;
786#ifndef FULL_UNROLL 796#ifndef FULL_UNROLL
@@ -800,168 +810,168 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
800 s3 = GETU32(in + 12) ^ rk[3]; 810 s3 = GETU32(in + 12) ^ rk[3];
801#ifdef FULL_UNROLL 811#ifdef FULL_UNROLL
802 /* round 1: */ 812 /* round 1: */
803 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4]; 813 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
804 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5]; 814 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
805 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6]; 815 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
806 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7]; 816 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
807 /* round 2: */ 817 /* round 2: */
808 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8]; 818 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
809 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9]; 819 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
810 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10]; 820 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
811 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11]; 821 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
812 /* round 3: */ 822 /* round 3: */
813 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12]; 823 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
814 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13]; 824 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
815 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14]; 825 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
816 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15]; 826 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
817 /* round 4: */ 827 /* round 4: */
818 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16]; 828 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
819 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17]; 829 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
820 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18]; 830 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
821 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19]; 831 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
822 /* round 5: */ 832 /* round 5: */
823 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20]; 833 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
824 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21]; 834 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
825 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22]; 835 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
826 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23]; 836 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
827 /* round 6: */ 837 /* round 6: */
828 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24]; 838 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
829 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25]; 839 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
830 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26]; 840 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
831 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27]; 841 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
832 /* round 7: */ 842 /* round 7: */
833 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28]; 843 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
834 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29]; 844 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
835 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30]; 845 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
836 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31]; 846 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
837 /* round 8: */ 847 /* round 8: */
838 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32]; 848 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
839 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33]; 849 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
840 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34]; 850 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
841 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35]; 851 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
842 /* round 9: */ 852 /* round 9: */
843 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36]; 853 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
844 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37]; 854 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
845 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; 855 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
846 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; 856 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
847 if (key->rounds > 10) { 857 if (key->rounds > 10) {
848 /* round 10: */ 858 /* round 10: */
849 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; 859 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
850 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41]; 860 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
851 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42]; 861 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
852 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43]; 862 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
853 /* round 11: */ 863 /* round 11: */
854 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44]; 864 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
855 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45]; 865 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
856 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46]; 866 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
857 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47]; 867 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
858 if (key->rounds > 12) { 868 if (key->rounds > 12) {
859 /* round 12: */ 869 /* round 12: */
860 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48]; 870 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
861 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49]; 871 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
862 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50]; 872 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
863 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51]; 873 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
864 /* round 13: */ 874 /* round 13: */
865 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52]; 875 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
866 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53]; 876 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
867 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54]; 877 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
868 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55]; 878 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
869 } 879 }
870 } 880 }
871 rk += key->rounds << 2; 881 rk += key->rounds << 2;
872#else /* !FULL_UNROLL */ 882#else /* !FULL_UNROLL */
873 /* 883 /*
874 * Nr - 1 full rounds: 884 * Nr - 1 full rounds:
875 */ 885 */
876 r = key->rounds >> 1; 886 r = key->rounds >> 1;
877 for (;;) { 887 for (;;) {
878 t0 = 888 t0 =
879 Te0[(s0 >> 24) ] ^ 889 Te0[(s0 >> 24)] ^
880 Te1[(s1 >> 16) & 0xff] ^ 890 Te1[(s1 >> 16) & 0xff] ^
881 Te2[(s2 >> 8) & 0xff] ^ 891 Te2[(s2 >> 8) & 0xff] ^
882 Te3[(s3 ) & 0xff] ^ 892 Te3[(s3) & 0xff] ^
883 rk[4]; 893 rk[4];
884 t1 = 894 t1 =
885 Te0[(s1 >> 24) ] ^ 895 Te0[(s1 >> 24)] ^
886 Te1[(s2 >> 16) & 0xff] ^ 896 Te1[(s2 >> 16) & 0xff] ^
887 Te2[(s3 >> 8) & 0xff] ^ 897 Te2[(s3 >> 8) & 0xff] ^
888 Te3[(s0 ) & 0xff] ^ 898 Te3[(s0) & 0xff] ^
889 rk[5]; 899 rk[5];
890 t2 = 900 t2 =
891 Te0[(s2 >> 24) ] ^ 901 Te0[(s2 >> 24)] ^
892 Te1[(s3 >> 16) & 0xff] ^ 902 Te1[(s3 >> 16) & 0xff] ^
893 Te2[(s0 >> 8) & 0xff] ^ 903 Te2[(s0 >> 8) & 0xff] ^
894 Te3[(s1 ) & 0xff] ^ 904 Te3[(s1) & 0xff] ^
895 rk[6]; 905 rk[6];
896 t3 = 906 t3 =
897 Te0[(s3 >> 24) ] ^ 907 Te0[(s3 >> 24)] ^
898 Te1[(s0 >> 16) & 0xff] ^ 908 Te1[(s0 >> 16) & 0xff] ^
899 Te2[(s1 >> 8) & 0xff] ^ 909 Te2[(s1 >> 8) & 0xff] ^
900 Te3[(s2 ) & 0xff] ^ 910 Te3[(s2) & 0xff] ^
901 rk[7]; 911 rk[7];
902 912
903 rk += 8; 913 rk += 8;
904 if (--r == 0) { 914 if (--r == 0) {
905 break; 915 break;
906 } 916 }
907 917
908 s0 = 918 s0 =
909 Te0[(t0 >> 24) ] ^ 919 Te0[(t0 >> 24)] ^
910 Te1[(t1 >> 16) & 0xff] ^ 920 Te1[(t1 >> 16) & 0xff] ^
911 Te2[(t2 >> 8) & 0xff] ^ 921 Te2[(t2 >> 8) & 0xff] ^
912 Te3[(t3 ) & 0xff] ^ 922 Te3[(t3) & 0xff] ^
913 rk[0]; 923 rk[0];
914 s1 = 924 s1 =
915 Te0[(t1 >> 24) ] ^ 925 Te0[(t1 >> 24)] ^
916 Te1[(t2 >> 16) & 0xff] ^ 926 Te1[(t2 >> 16) & 0xff] ^
917 Te2[(t3 >> 8) & 0xff] ^ 927 Te2[(t3 >> 8) & 0xff] ^
918 Te3[(t0 ) & 0xff] ^ 928 Te3[(t0) & 0xff] ^
919 rk[1]; 929 rk[1];
920 s2 = 930 s2 =
921 Te0[(t2 >> 24) ] ^ 931 Te0[(t2 >> 24)] ^
922 Te1[(t3 >> 16) & 0xff] ^ 932 Te1[(t3 >> 16) & 0xff] ^
923 Te2[(t0 >> 8) & 0xff] ^ 933 Te2[(t0 >> 8) & 0xff] ^
924 Te3[(t1 ) & 0xff] ^ 934 Te3[(t1) & 0xff] ^
925 rk[2]; 935 rk[2];
926 s3 = 936 s3 =
927 Te0[(t3 >> 24) ] ^ 937 Te0[(t3 >> 24)] ^
928 Te1[(t0 >> 16) & 0xff] ^ 938 Te1[(t0 >> 16) & 0xff] ^
929 Te2[(t1 >> 8) & 0xff] ^ 939 Te2[(t1 >> 8) & 0xff] ^
930 Te3[(t2 ) & 0xff] ^ 940 Te3[(t2) & 0xff] ^
931 rk[3]; 941 rk[3];
932 } 942 }
933#endif /* ?FULL_UNROLL */ 943#endif /* ?FULL_UNROLL */
934 /* 944 /*
935 * apply last round and 945 * apply last round and
936 * map cipher state to byte array block: 946 * map cipher state to byte array block:
937 */ 947 */
938 s0 = 948 s0 =
939 (Te2[(t0 >> 24) ] & 0xff000000) ^ 949 (Te2[(t0 >> 24)] & 0xff000000) ^
940 (Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^ 950 (Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^
941 (Te0[(t2 >> 8) & 0xff] & 0x0000ff00) ^ 951 (Te0[(t2 >> 8) & 0xff] & 0x0000ff00) ^
942 (Te1[(t3 ) & 0xff] & 0x000000ff) ^ 952 (Te1[(t3) & 0xff] & 0x000000ff) ^
943 rk[0]; 953 rk[0];
944 PUTU32(out , s0); 954 PUTU32(out, s0);
945 s1 = 955 s1 =
946 (Te2[(t1 >> 24) ] & 0xff000000) ^ 956 (Te2[(t1 >> 24)] & 0xff000000) ^
947 (Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^ 957 (Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^
948 (Te0[(t3 >> 8) & 0xff] & 0x0000ff00) ^ 958 (Te0[(t3 >> 8) & 0xff] & 0x0000ff00) ^
949 (Te1[(t0 ) & 0xff] & 0x000000ff) ^ 959 (Te1[(t0) & 0xff] & 0x000000ff) ^
950 rk[1]; 960 rk[1];
951 PUTU32(out + 4, s1); 961 PUTU32(out + 4, s1);
952 s2 = 962 s2 =
953 (Te2[(t2 >> 24) ] & 0xff000000) ^ 963 (Te2[(t2 >> 24)] & 0xff000000) ^
954 (Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^ 964 (Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^
955 (Te0[(t0 >> 8) & 0xff] & 0x0000ff00) ^ 965 (Te0[(t0 >> 8) & 0xff] & 0x0000ff00) ^
956 (Te1[(t1 ) & 0xff] & 0x000000ff) ^ 966 (Te1[(t1) & 0xff] & 0x000000ff) ^
957 rk[2]; 967 rk[2];
958 PUTU32(out + 8, s2); 968 PUTU32(out + 8, s2);
959 s3 = 969 s3 =
960 (Te2[(t3 >> 24) ] & 0xff000000) ^ 970 (Te2[(t3 >> 24)] & 0xff000000) ^
961 (Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^ 971 (Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^
962 (Te0[(t1 >> 8) & 0xff] & 0x0000ff00) ^ 972 (Te0[(t1 >> 8) & 0xff] & 0x0000ff00) ^
963 (Te1[(t2 ) & 0xff] & 0x000000ff) ^ 973 (Te1[(t2) & 0xff] & 0x000000ff) ^
964 rk[3]; 974 rk[3];
965 PUTU32(out + 12, s3); 975 PUTU32(out + 12, s3);
966} 976}
967 977
@@ -969,9 +979,9 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
969 * Decrypt a single block 979 * Decrypt a single block
970 * in and out can overlap 980 * in and out can overlap
971 */ 981 */
972void AES_decrypt(const unsigned char *in, unsigned char *out, 982void
973 const AES_KEY *key) { 983AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
974 984{
975 const u32 *rk; 985 const u32 *rk;
976 u32 s0, s1, s2, s3, t0, t1, t2, t3; 986 u32 s0, s1, s2, s3, t0, t1, t2, t3;
977#ifndef FULL_UNROLL 987#ifndef FULL_UNROLL
@@ -985,226 +995,229 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
985 * map byte array block to cipher state 995 * map byte array block to cipher state
986 * and add initial round key: 996 * and add initial round key:
987 */ 997 */
988 s0 = GETU32(in ) ^ rk[0]; 998 s0 = GETU32(in) ^ rk[0];
989 s1 = GETU32(in + 4) ^ rk[1]; 999 s1 = GETU32(in + 4) ^ rk[1];
990 s2 = GETU32(in + 8) ^ rk[2]; 1000 s2 = GETU32(in + 8) ^ rk[2];
991 s3 = GETU32(in + 12) ^ rk[3]; 1001 s3 = GETU32(in + 12) ^ rk[3];
992#ifdef FULL_UNROLL 1002#ifdef FULL_UNROLL
993 /* round 1: */ 1003 /* round 1: */
994 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4]; 1004 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
995 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5]; 1005 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
996 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6]; 1006 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
997 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7]; 1007 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
998 /* round 2: */ 1008 /* round 2: */
999 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8]; 1009 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
1000 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9]; 1010 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
1001 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10]; 1011 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
1002 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11]; 1012 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
1003 /* round 3: */ 1013 /* round 3: */
1004 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12]; 1014 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
1005 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13]; 1015 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
1006 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14]; 1016 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
1007 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15]; 1017 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
1008 /* round 4: */ 1018 /* round 4: */
1009 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16]; 1019 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
1010 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17]; 1020 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
1011 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18]; 1021 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
1012 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19]; 1022 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
1013 /* round 5: */ 1023 /* round 5: */
1014 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20]; 1024 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
1015 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21]; 1025 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
1016 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22]; 1026 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
1017 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23]; 1027 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
1018 /* round 6: */ 1028 /* round 6: */
1019 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24]; 1029 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
1020 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25]; 1030 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
1021 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26]; 1031 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
1022 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27]; 1032 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
1023 /* round 7: */ 1033 /* round 7: */
1024 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28]; 1034 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
1025 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29]; 1035 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
1026 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30]; 1036 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
1027 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31]; 1037 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
1028 /* round 8: */ 1038 /* round 8: */
1029 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32]; 1039 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
1030 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33]; 1040 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
1031 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34]; 1041 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
1032 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35]; 1042 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
1033 /* round 9: */ 1043 /* round 9: */
1034 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36]; 1044 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
1035 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37]; 1045 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
1036 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38]; 1046 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
1037 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39]; 1047 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
1038 if (key->rounds > 10) { 1048 if (key->rounds > 10) {
1039 /* round 10: */ 1049 /* round 10: */
1040 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40]; 1050 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
1041 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41]; 1051 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
1042 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42]; 1052 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
1043 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43]; 1053 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
1044 /* round 11: */ 1054 /* round 11: */
1045 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44]; 1055 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
1046 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45]; 1056 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
1047 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46]; 1057 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
1048 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47]; 1058 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
1049 if (key->rounds > 12) { 1059 if (key->rounds > 12) {
1050 /* round 12: */ 1060 /* round 12: */
1051 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48]; 1061 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
1052 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49]; 1062 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
1053 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50]; 1063 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
1054 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51]; 1064 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
1055 /* round 13: */ 1065 /* round 13: */
1056 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52]; 1066 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
1057 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53]; 1067 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
1058 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54]; 1068 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
1059 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55]; 1069 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
1060 } 1070 }
1061 } 1071 }
1062 rk += key->rounds << 2; 1072 rk += key->rounds << 2;
1063#else /* !FULL_UNROLL */ 1073#else /* !FULL_UNROLL */
1064 /* 1074 /*
1065 * Nr - 1 full rounds: 1075 * Nr - 1 full rounds:
1066 */ 1076 */
1067 r = key->rounds >> 1; 1077 r = key->rounds >> 1;
1068 for (;;) { 1078 for (;;) {
1069 t0 = 1079 t0 =
1070 Td0[(s0 >> 24) ] ^ 1080 Td0[(s0 >> 24)] ^
1071 Td1[(s3 >> 16) & 0xff] ^ 1081 Td1[(s3 >> 16) & 0xff] ^
1072 Td2[(s2 >> 8) & 0xff] ^ 1082 Td2[(s2 >> 8) & 0xff] ^
1073 Td3[(s1 ) & 0xff] ^ 1083 Td3[(s1) & 0xff] ^
1074 rk[4]; 1084 rk[4];
1075 t1 = 1085 t1 =
1076 Td0[(s1 >> 24) ] ^ 1086 Td0[(s1 >> 24)] ^
1077 Td1[(s0 >> 16) & 0xff] ^ 1087 Td1[(s0 >> 16) & 0xff] ^
1078 Td2[(s3 >> 8) & 0xff] ^ 1088 Td2[(s3 >> 8) & 0xff] ^
1079 Td3[(s2 ) & 0xff] ^ 1089 Td3[(s2) & 0xff] ^
1080 rk[5]; 1090 rk[5];
1081 t2 = 1091 t2 =
1082 Td0[(s2 >> 24) ] ^ 1092 Td0[(s2 >> 24)] ^
1083 Td1[(s1 >> 16) & 0xff] ^ 1093 Td1[(s1 >> 16) & 0xff] ^
1084 Td2[(s0 >> 8) & 0xff] ^ 1094 Td2[(s0 >> 8) & 0xff] ^
1085 Td3[(s3 ) & 0xff] ^ 1095 Td3[(s3) & 0xff] ^
1086 rk[6]; 1096 rk[6];
1087 t3 = 1097 t3 =
1088 Td0[(s3 >> 24) ] ^ 1098 Td0[(s3 >> 24)] ^
1089 Td1[(s2 >> 16) & 0xff] ^ 1099 Td1[(s2 >> 16) & 0xff] ^
1090 Td2[(s1 >> 8) & 0xff] ^ 1100 Td2[(s1 >> 8) & 0xff] ^
1091 Td3[(s0 ) & 0xff] ^ 1101 Td3[(s0) & 0xff] ^
1092 rk[7]; 1102 rk[7];
1093 1103
1094 rk += 8; 1104 rk += 8;
1095 if (--r == 0) { 1105 if (--r == 0) {
1096 break; 1106 break;
1097 } 1107 }
1098 1108
1099 s0 = 1109 s0 =
1100 Td0[(t0 >> 24) ] ^ 1110 Td0[(t0 >> 24)] ^
1101 Td1[(t3 >> 16) & 0xff] ^ 1111 Td1[(t3 >> 16) & 0xff] ^
1102 Td2[(t2 >> 8) & 0xff] ^ 1112 Td2[(t2 >> 8) & 0xff] ^
1103 Td3[(t1 ) & 0xff] ^ 1113 Td3[(t1) & 0xff] ^
1104 rk[0]; 1114 rk[0];
1105 s1 = 1115 s1 =
1106 Td0[(t1 >> 24) ] ^ 1116 Td0[(t1 >> 24)] ^
1107 Td1[(t0 >> 16) & 0xff] ^ 1117 Td1[(t0 >> 16) & 0xff] ^
1108 Td2[(t3 >> 8) & 0xff] ^ 1118 Td2[(t3 >> 8) & 0xff] ^
1109 Td3[(t2 ) & 0xff] ^ 1119 Td3[(t2) & 0xff] ^
1110 rk[1]; 1120 rk[1];
1111 s2 = 1121 s2 =
1112 Td0[(t2 >> 24) ] ^ 1122 Td0[(t2 >> 24)] ^
1113 Td1[(t1 >> 16) & 0xff] ^ 1123 Td1[(t1 >> 16) & 0xff] ^
1114 Td2[(t0 >> 8) & 0xff] ^ 1124 Td2[(t0 >> 8) & 0xff] ^
1115 Td3[(t3 ) & 0xff] ^ 1125 Td3[(t3) & 0xff] ^
1116 rk[2]; 1126 rk[2];
1117 s3 = 1127 s3 =
1118 Td0[(t3 >> 24) ] ^ 1128 Td0[(t3 >> 24)] ^
1119 Td1[(t2 >> 16) & 0xff] ^ 1129 Td1[(t2 >> 16) & 0xff] ^
1120 Td2[(t1 >> 8) & 0xff] ^ 1130 Td2[(t1 >> 8) & 0xff] ^
1121 Td3[(t0 ) & 0xff] ^ 1131 Td3[(t0) & 0xff] ^
1122 rk[3]; 1132 rk[3];
1123 } 1133 }
1124#endif /* ?FULL_UNROLL */ 1134#endif /* ?FULL_UNROLL */
1125 /* 1135 /*
1126 * apply last round and 1136 * apply last round and
1127 * map cipher state to byte array block: 1137 * map cipher state to byte array block:
1128 */ 1138 */
1129 s0 = 1139 s0 =
1130 (Td4[(t0 >> 24) ] << 24) ^ 1140 (Td4[(t0 >> 24)] << 24) ^
1131 (Td4[(t3 >> 16) & 0xff] << 16) ^ 1141 (Td4[(t3 >> 16) & 0xff] << 16) ^
1132 (Td4[(t2 >> 8) & 0xff] << 8) ^ 1142 (Td4[(t2 >> 8) & 0xff] << 8) ^
1133 (Td4[(t1 ) & 0xff]) ^ 1143 (Td4[(t1) & 0xff]) ^
1134 rk[0]; 1144 rk[0];
1135 PUTU32(out , s0); 1145 PUTU32(out, s0);
1136 s1 = 1146 s1 =
1137 (Td4[(t1 >> 24) ] << 24) ^ 1147 (Td4[(t1 >> 24)] << 24) ^
1138 (Td4[(t0 >> 16) & 0xff] << 16) ^ 1148 (Td4[(t0 >> 16) & 0xff] << 16) ^
1139 (Td4[(t3 >> 8) & 0xff] << 8) ^ 1149 (Td4[(t3 >> 8) & 0xff] << 8) ^
1140 (Td4[(t2 ) & 0xff]) ^ 1150 (Td4[(t2) & 0xff]) ^
1141 rk[1]; 1151 rk[1];
1142 PUTU32(out + 4, s1); 1152 PUTU32(out + 4, s1);
1143 s2 = 1153 s2 =
1144 (Td4[(t2 >> 24) ] << 24) ^ 1154 (Td4[(t2 >> 24)] << 24) ^
1145 (Td4[(t1 >> 16) & 0xff] << 16) ^ 1155 (Td4[(t1 >> 16) & 0xff] << 16) ^
1146 (Td4[(t0 >> 8) & 0xff] << 8) ^ 1156 (Td4[(t0 >> 8) & 0xff] << 8) ^
1147 (Td4[(t3 ) & 0xff]) ^ 1157 (Td4[(t3) & 0xff]) ^
1148 rk[2]; 1158 rk[2];
1149 PUTU32(out + 8, s2); 1159 PUTU32(out + 8, s2);
1150 s3 = 1160 s3 =
1151 (Td4[(t3 >> 24) ] << 24) ^ 1161 (Td4[(t3 >> 24)] << 24) ^
1152 (Td4[(t2 >> 16) & 0xff] << 16) ^ 1162 (Td4[(t2 >> 16) & 0xff] << 16) ^
1153 (Td4[(t1 >> 8) & 0xff] << 8) ^ 1163 (Td4[(t1 >> 8) & 0xff] << 8) ^
1154 (Td4[(t0 ) & 0xff]) ^ 1164 (Td4[(t0) & 0xff]) ^
1155 rk[3]; 1165 rk[3];
1156 PUTU32(out + 12, s3); 1166 PUTU32(out + 12, s3);
1157} 1167}
1158 1168
1159#else /* AES_ASM */ 1169#else /* AES_ASM */
1160 1170
1161static const u8 Te4[256] = { 1171static const u8 Te4[256] = {
1162 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U, 1172 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
1163 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U, 1173 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
1164 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U, 1174 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
1165 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U, 1175 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
1166 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU, 1176 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
1167 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U, 1177 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
1168 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU, 1178 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
1169 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U, 1179 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
1170 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U, 1180 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
1171 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U, 1181 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
1172 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU, 1182 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
1173 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU, 1183 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
1174 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U, 1184 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
1175 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U, 1185 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
1176 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U, 1186 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
1177 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U, 1187 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
1178 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U, 1188 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
1179 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U, 1189 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
1180 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U, 1190 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
1181 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU, 1191 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
1182 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU, 1192 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
1183 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U, 1193 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
1184 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U, 1194 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
1185 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U, 1195 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
1186 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U, 1196 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
1187 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU, 1197 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
1188 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU, 1198 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
1189 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU, 1199 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
1190 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U, 1200 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
1191 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU, 1201 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
1192 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U, 1202 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
1193 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U 1203 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
1194}; 1204};
1195static const u32 rcon[] = { 1205static const u32 rcon[] = {
1196 0x01000000, 0x02000000, 0x04000000, 0x08000000, 1206 0x01000000, 0x02000000, 0x04000000, 0x08000000,
1197 0x10000000, 0x20000000, 0x40000000, 0x80000000, 1207 0x10000000, 0x20000000, 0x40000000, 0x80000000,
1198 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ 1208 0x1B000000, 0x36000000,
1209 /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
1199}; 1210};
1200 1211
1201/** 1212/**
1202 * Expand the cipher key into the encryption key schedule. 1213 * Expand the cipher key into the encryption key schedule.
1203 */ 1214 */
1204int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits, 1215int
1205 AES_KEY *key) { 1216private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
1217 AES_KEY *key)
1218{
1206 u32 *rk; 1219 u32 *rk;
1207 int i = 0; 1220 int i = 0;
1208 u32 temp; 1221 u32 temp;
1209 1222
1210 if (!userKey || !key) 1223 if (!userKey || !key)
@@ -1214,26 +1227,26 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
1214 1227
1215 rk = key->rd_key; 1228 rk = key->rd_key;
1216 1229
1217 if (bits==128) 1230 if (bits == 128)
1218 key->rounds = 10; 1231 key->rounds = 10;
1219 else if (bits==192) 1232 else if (bits == 192)
1220 key->rounds = 12; 1233 key->rounds = 12;
1221 else 1234 else
1222 key->rounds = 14; 1235 key->rounds = 14;
1223 1236
1224 rk[0] = GETU32(userKey ); 1237 rk[0] = GETU32(userKey);
1225 rk[1] = GETU32(userKey + 4); 1238 rk[1] = GETU32(userKey + 4);
1226 rk[2] = GETU32(userKey + 8); 1239 rk[2] = GETU32(userKey + 8);
1227 rk[3] = GETU32(userKey + 12); 1240 rk[3] = GETU32(userKey + 12);
1228 if (bits == 128) { 1241 if (bits == 128) {
1229 while (1) { 1242 while (1) {
1230 temp = rk[3]; 1243 temp = rk[3];
1231 rk[4] = rk[0] ^ 1244 rk[4] = rk[0] ^
1232 (Te4[(temp >> 16) & 0xff] << 24) ^ 1245 (Te4[(temp >> 16) & 0xff] << 24) ^
1233 (Te4[(temp >> 8) & 0xff] << 16) ^ 1246 (Te4[(temp >> 8) & 0xff] << 16) ^
1234 (Te4[(temp ) & 0xff] << 8) ^ 1247 (Te4[(temp) & 0xff] << 8) ^
1235 (Te4[(temp >> 24) ]) ^ 1248 (Te4[(temp >> 24)]) ^
1236 rcon[i]; 1249 rcon[i];
1237 rk[5] = rk[1] ^ rk[4]; 1250 rk[5] = rk[1] ^ rk[4];
1238 rk[6] = rk[2] ^ rk[5]; 1251 rk[6] = rk[2] ^ rk[5];
1239 rk[7] = rk[3] ^ rk[6]; 1252 rk[7] = rk[3] ^ rk[6];
@@ -1247,21 +1260,21 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
1247 rk[5] = GETU32(userKey + 20); 1260 rk[5] = GETU32(userKey + 20);
1248 if (bits == 192) { 1261 if (bits == 192) {
1249 while (1) { 1262 while (1) {
1250 temp = rk[ 5]; 1263 temp = rk[5];
1251 rk[ 6] = rk[ 0] ^ 1264 rk[6] = rk[0] ^
1252 (Te4[(temp >> 16) & 0xff] << 24) ^ 1265 (Te4[(temp >> 16) & 0xff] << 24) ^
1253 (Te4[(temp >> 8) & 0xff] << 16) ^ 1266 (Te4[(temp >> 8) & 0xff] << 16) ^
1254 (Te4[(temp ) & 0xff] << 8) ^ 1267 (Te4[(temp) & 0xff] << 8) ^
1255 (Te4[(temp >> 24) ]) ^ 1268 (Te4[(temp >> 24)]) ^
1256 rcon[i]; 1269 rcon[i];
1257 rk[ 7] = rk[ 1] ^ rk[ 6]; 1270 rk[7] = rk[1] ^ rk[6];
1258 rk[ 8] = rk[ 2] ^ rk[ 7]; 1271 rk[8] = rk[2] ^ rk[7];
1259 rk[ 9] = rk[ 3] ^ rk[ 8]; 1272 rk[9] = rk[3] ^ rk[8];
1260 if (++i == 8) { 1273 if (++i == 8) {
1261 return 0; 1274 return 0;
1262 } 1275 }
1263 rk[10] = rk[ 4] ^ rk[ 9]; 1276 rk[10] = rk[4] ^ rk[9];
1264 rk[11] = rk[ 5] ^ rk[10]; 1277 rk[11] = rk[5] ^ rk[10];
1265 rk += 6; 1278 rk += 6;
1266 } 1279 }
1267 } 1280 }
@@ -1269,31 +1282,31 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
1269 rk[7] = GETU32(userKey + 28); 1282 rk[7] = GETU32(userKey + 28);
1270 if (bits == 256) { 1283 if (bits == 256) {
1271 while (1) { 1284 while (1) {
1272 temp = rk[ 7]; 1285 temp = rk[7];
1273 rk[ 8] = rk[ 0] ^ 1286 rk[8] = rk[0] ^
1274 (Te4[(temp >> 16) & 0xff] << 24) ^ 1287 (Te4[(temp >> 16) & 0xff] << 24) ^
1275 (Te4[(temp >> 8) & 0xff] << 16) ^ 1288 (Te4[(temp >> 8) & 0xff] << 16) ^
1276 (Te4[(temp ) & 0xff] << 8) ^ 1289 (Te4[(temp) & 0xff] << 8) ^
1277 (Te4[(temp >> 24) ]) ^ 1290 (Te4[(temp >> 24)]) ^
1278 rcon[i]; 1291 rcon[i];
1279 rk[ 9] = rk[ 1] ^ rk[ 8]; 1292 rk[9] = rk[1] ^ rk[8];
1280 rk[10] = rk[ 2] ^ rk[ 9]; 1293 rk[10] = rk[2] ^ rk[9];
1281 rk[11] = rk[ 3] ^ rk[10]; 1294 rk[11] = rk[3] ^ rk[10];
1282 if (++i == 7) { 1295 if (++i == 7) {
1283 return 0; 1296 return 0;
1284 } 1297 }
1285 temp = rk[11]; 1298 temp = rk[11];
1286 rk[12] = rk[ 4] ^ 1299 rk[12] = rk[4] ^
1287 (Te4[(temp >> 24) ] << 24) ^ 1300 (Te4[(temp >> 24)] << 24) ^
1288 (Te4[(temp >> 16) & 0xff] << 16) ^ 1301 (Te4[(temp >> 16) & 0xff] << 16) ^
1289 (Te4[(temp >> 8) & 0xff] << 8) ^ 1302 (Te4[(temp >> 8) & 0xff] << 8) ^
1290 (Te4[(temp ) & 0xff]); 1303 (Te4[(temp) & 0xff]);
1291 rk[13] = rk[ 5] ^ rk[12]; 1304 rk[13] = rk[5] ^ rk[12];
1292 rk[14] = rk[ 6] ^ rk[13]; 1305 rk[14] = rk[6] ^ rk[13];
1293 rk[15] = rk[ 7] ^ rk[14]; 1306 rk[15] = rk[7] ^ rk[14];
1294 1307
1295 rk += 8; 1308 rk += 8;
1296 } 1309 }
1297 } 1310 }
1298 return 0; 1311 return 0;
1299} 1312}
@@ -1301,10 +1314,11 @@ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
1301/** 1314/**
1302 * Expand the cipher key into the decryption key schedule. 1315 * Expand the cipher key into the decryption key schedule.
1303 */ 1316 */
1304int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits, 1317int
1305 AES_KEY *key) { 1318private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
1306 1319 AES_KEY *key)
1307 u32 *rk; 1320{
1321 u32 *rk;
1308 int i, j, status; 1322 int i, j, status;
1309 u32 temp; 1323 u32 temp;
1310 1324
@@ -1317,10 +1331,18 @@ int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
1317 1331
1318 /* invert the order of the round keys: */ 1332 /* invert the order of the round keys: */
1319 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) { 1333 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
1320 temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp; 1334 temp = rk[i];
1321 temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp; 1335 rk[i] = rk[j];
1322 temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp; 1336 rk[j] = temp;
1323 temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp; 1337 temp = rk[i + 1];
1338 rk[i + 1] = rk[j + 1];
1339 rk[j + 1] = temp;
1340 temp = rk[i + 2];
1341 rk[i + 2] = rk[j + 2];
1342 rk[j + 2] = temp;
1343 temp = rk[i + 3];
1344 rk[i + 3] = rk[j + 3];
1345 rk[j + 3] = temp;
1324 } 1346 }
1325 /* apply the inverse MixColumn transform to all round keys but the first and the last: */ 1347 /* apply the inverse MixColumn transform to all round keys but the first and the last: */
1326 for (i = 1; i < (key->rounds); i++) { 1348 for (i = 1; i < (key->rounds); i++) {
@@ -1331,24 +1353,24 @@ int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
1331 tp1 = rk[j]; 1353 tp1 = rk[j];
1332 m = tp1 & 0x80808080; 1354 m = tp1 & 0x80808080;
1333 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^ 1355 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
1334 ((m - (m >> 7)) & 0x1b1b1b1b); 1356 ((m - (m >> 7)) & 0x1b1b1b1b);
1335 m = tp2 & 0x80808080; 1357 m = tp2 & 0x80808080;
1336 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^ 1358 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
1337 ((m - (m >> 7)) & 0x1b1b1b1b); 1359 ((m - (m >> 7)) & 0x1b1b1b1b);
1338 m = tp4 & 0x80808080; 1360 m = tp4 & 0x80808080;
1339 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^ 1361 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
1340 ((m - (m >> 7)) & 0x1b1b1b1b); 1362 ((m - (m >> 7)) & 0x1b1b1b1b);
1341 tp9 = tp8 ^ tp1; 1363 tp9 = tp8 ^ tp1;
1342 tpb = tp9 ^ tp2; 1364 tpb = tp9 ^ tp2;
1343 tpd = tp9 ^ tp4; 1365 tpd = tp9 ^ tp4;
1344 tpe = tp8 ^ tp4 ^ tp2; 1366 tpe = tp8 ^ tp4 ^ tp2;
1345#if defined(ROTATE) 1367#if defined(ROTATE)
1346 rk[j] = tpe ^ ROTATE(tpd,16) ^ 1368 rk[j] = tpe ^ ROTATE(tpd, 16) ^
1347 ROTATE(tp9,24) ^ ROTATE(tpb,8); 1369 ROTATE(tp9, 24) ^ ROTATE(tpb, 8);
1348#else 1370#else
1349 rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 1371 rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
1350 (tp9 >> 8) ^ (tp9 << 24) ^ 1372 (tp9 >> 8) ^ (tp9 << 24) ^
1351 (tpb >> 24) ^ (tpb << 8); 1373 (tpb >> 24) ^ (tpb << 8);
1352#endif 1374#endif
1353 } 1375 }
1354 } 1376 }
diff --git a/src/lib/libssl/src/crypto/aes/aes_ctr.c b/src/lib/libssl/src/crypto/aes/aes_ctr.c
index 7c9d165d8a..663b5a17bb 100644
--- a/src/lib/libssl/src/crypto/aes/aes_ctr.c
+++ b/src/lib/libssl/src/crypto/aes/aes_ctr.c
@@ -52,10 +52,11 @@
52#include <openssl/aes.h> 52#include <openssl/aes.h>
53#include <openssl/modes.h> 53#include <openssl/modes.h>
54 54
55void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, 55void
56 size_t length, const AES_KEY *key, 56AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
57 unsigned char ivec[AES_BLOCK_SIZE], 57 size_t length, const AES_KEY *key, unsigned char ivec[AES_BLOCK_SIZE],
58 unsigned char ecount_buf[AES_BLOCK_SIZE], 58 unsigned char ecount_buf[AES_BLOCK_SIZE], unsigned int *num)
59 unsigned int *num) { 59{
60 CRYPTO_ctr128_encrypt(in,out,length,key,ivec,ecount_buf,num,(block128_f)AES_encrypt); 60 CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
61 (block128_f)AES_encrypt);
61} 62}
diff --git a/src/lib/libssl/src/crypto/aes/aes_ecb.c b/src/lib/libssl/src/crypto/aes/aes_ecb.c
index 28aa561c2d..f374a5f051 100644
--- a/src/lib/libssl/src/crypto/aes/aes_ecb.c
+++ b/src/lib/libssl/src/crypto/aes/aes_ecb.c
@@ -59,15 +59,15 @@
59#include <openssl/aes.h> 59#include <openssl/aes.h>
60#include "aes_locl.h" 60#include "aes_locl.h"
61 61
62void AES_ecb_encrypt(const unsigned char *in, unsigned char *out, 62void
63 const AES_KEY *key, const int enc) { 63AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
64 64 const AES_KEY *key, const int enc)
65 assert(in && out && key); 65{
66 assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); 66 assert(in && out && key);
67 assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
67 68
68 if (AES_ENCRYPT == enc) 69 if (AES_ENCRYPT == enc)
69 AES_encrypt(in, out, key); 70 AES_encrypt(in, out, key);
70 else 71 else
71 AES_decrypt(in, out, key); 72 AES_decrypt(in, out, key);
72} 73}
73
diff --git a/src/lib/libssl/src/crypto/aes/aes_ige.c b/src/lib/libssl/src/crypto/aes/aes_ige.c
index c161351e65..0882a3d853 100644
--- a/src/lib/libssl/src/crypto/aes/aes_ige.c
+++ b/src/lib/libssl/src/crypto/aes/aes_ige.c
@@ -56,7 +56,7 @@
56 56
57#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long)) 57#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
58typedef struct { 58typedef struct {
59 unsigned long data[N_WORDS]; 59 unsigned long data[N_WORDS];
60} aes_block_t; 60} aes_block_t;
61 61
62/* XXX: probably some better way to do this */ 62/* XXX: probably some better way to do this */
@@ -76,48 +76,44 @@ typedef struct {
76 76
77/* N.B. The IV for this mode is _twice_ the block size */ 77/* N.B. The IV for this mode is _twice_ the block size */
78 78
79void AES_ige_encrypt(const unsigned char *in, unsigned char *out, 79void
80 size_t length, const AES_KEY *key, 80AES_ige_encrypt(const unsigned char *in, unsigned char *out, size_t length,
81 unsigned char *ivec, const int enc) 81 const AES_KEY *key, unsigned char *ivec, const int enc)
82 { 82{
83 size_t n; 83 size_t n;
84 size_t len = length; 84 size_t len = length;
85 85
86 OPENSSL_assert(in && out && key && ivec); 86 OPENSSL_assert(in && out && key && ivec);
87 OPENSSL_assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); 87 OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
88 OPENSSL_assert((length%AES_BLOCK_SIZE) == 0); 88 OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
89 89
90 len = length / AES_BLOCK_SIZE; 90 len = length / AES_BLOCK_SIZE;
91 91
92 if (AES_ENCRYPT == enc) 92 if (AES_ENCRYPT == enc) {
93 { 93 if (in != out && (UNALIGNED_MEMOPS_ARE_FAST ||
94 if (in != out && 94 ((size_t)in|(size_t)out|(size_t)ivec) %
95 (UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0)) 95 sizeof(long) == 0)) {
96 {
97 aes_block_t *ivp = (aes_block_t *)ivec; 96 aes_block_t *ivp = (aes_block_t *)ivec;
98 aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE); 97 aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
99 98
100 while (len) 99 while (len) {
101 {
102 aes_block_t *inp = (aes_block_t *)in; 100 aes_block_t *inp = (aes_block_t *)in;
103 aes_block_t *outp = (aes_block_t *)out; 101 aes_block_t *outp = (aes_block_t *)out;
104 102
105 for(n=0 ; n < N_WORDS; ++n) 103 for (n = 0; n < N_WORDS; ++n)
106 outp->data[n] = inp->data[n] ^ ivp->data[n]; 104 outp->data[n] = inp->data[n] ^ ivp->data[n];
107 AES_encrypt((unsigned char *)outp->data, (unsigned char *)outp->data, key); 105 AES_encrypt((unsigned char *)outp->data, (unsigned char *)outp->data, key);
108 for(n=0 ; n < N_WORDS; ++n) 106 for (n = 0; n < N_WORDS; ++n)
109 outp->data[n] ^= iv2p->data[n]; 107 outp->data[n] ^= iv2p->data[n];
110 ivp = outp; 108 ivp = outp;
111 iv2p = inp; 109 iv2p = inp;
112 --len; 110 --len;
113 in += AES_BLOCK_SIZE; 111 in += AES_BLOCK_SIZE;
114 out += AES_BLOCK_SIZE; 112 out += AES_BLOCK_SIZE;
115 } 113 }
116 memcpy(ivec, ivp->data, AES_BLOCK_SIZE); 114 memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
117 memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE); 115 memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
118 } 116 } else {
119 else
120 {
121 aes_block_t tmp, tmp2; 117 aes_block_t tmp, tmp2;
122 aes_block_t iv; 118 aes_block_t iv;
123 aes_block_t iv2; 119 aes_block_t iv2;
@@ -125,13 +121,13 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
125 load_block(iv, ivec); 121 load_block(iv, ivec);
126 load_block(iv2, ivec + AES_BLOCK_SIZE); 122 load_block(iv2, ivec + AES_BLOCK_SIZE);
127 123
128 while (len) 124 while (len) {
129 {
130 load_block(tmp, in); 125 load_block(tmp, in);
131 for(n=0 ; n < N_WORDS; ++n) 126 for (n = 0; n < N_WORDS; ++n)
132 tmp2.data[n] = tmp.data[n] ^ iv.data[n]; 127 tmp2.data[n] = tmp.data[n] ^ iv.data[n];
133 AES_encrypt((unsigned char *)tmp2.data, (unsigned char *)tmp2.data, key); 128 AES_encrypt((unsigned char *)tmp2.data,
134 for(n=0 ; n < N_WORDS; ++n) 129 (unsigned char *)tmp2.data, key);
130 for (n = 0; n < N_WORDS; ++n)
135 tmp2.data[n] ^= iv2.data[n]; 131 tmp2.data[n] ^= iv2.data[n];
136 store_block(out, tmp2); 132 store_block(out, tmp2);
137 iv = tmp2; 133 iv = tmp2;
@@ -139,41 +135,37 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
139 --len; 135 --len;
140 in += AES_BLOCK_SIZE; 136 in += AES_BLOCK_SIZE;
141 out += AES_BLOCK_SIZE; 137 out += AES_BLOCK_SIZE;
142 } 138 }
143 memcpy(ivec, iv.data, AES_BLOCK_SIZE); 139 memcpy(ivec, iv.data, AES_BLOCK_SIZE);
144 memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE); 140 memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
145 }
146 } 141 }
147 else 142 } else {
148 { 143 if (in != out && (UNALIGNED_MEMOPS_ARE_FAST ||
149 if (in != out && 144 ((size_t)in|(size_t)out|(size_t)ivec) %
150 (UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0)) 145 sizeof(long) == 0)) {
151 {
152 aes_block_t *ivp = (aes_block_t *)ivec; 146 aes_block_t *ivp = (aes_block_t *)ivec;
153 aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE); 147 aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
154 148
155 while (len) 149 while (len) {
156 {
157 aes_block_t tmp; 150 aes_block_t tmp;
158 aes_block_t *inp = (aes_block_t *)in; 151 aes_block_t *inp = (aes_block_t *)in;
159 aes_block_t *outp = (aes_block_t *)out; 152 aes_block_t *outp = (aes_block_t *)out;
160 153
161 for(n=0 ; n < N_WORDS; ++n) 154 for (n = 0; n < N_WORDS; ++n)
162 tmp.data[n] = inp->data[n] ^ iv2p->data[n]; 155 tmp.data[n] = inp->data[n] ^ iv2p->data[n];
163 AES_decrypt((unsigned char *)tmp.data, (unsigned char *)outp->data, key); 156 AES_decrypt((unsigned char *)tmp.data,
164 for(n=0 ; n < N_WORDS; ++n) 157 (unsigned char *)outp->data, key);
158 for (n = 0; n < N_WORDS; ++n)
165 outp->data[n] ^= ivp->data[n]; 159 outp->data[n] ^= ivp->data[n];
166 ivp = inp; 160 ivp = inp;
167 iv2p = outp; 161 iv2p = outp;
168 --len; 162 --len;
169 in += AES_BLOCK_SIZE; 163 in += AES_BLOCK_SIZE;
170 out += AES_BLOCK_SIZE; 164 out += AES_BLOCK_SIZE;
171 } 165 }
172 memcpy(ivec, ivp->data, AES_BLOCK_SIZE); 166 memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
173 memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE); 167 memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
174 } 168 } else {
175 else
176 {
177 aes_block_t tmp, tmp2; 169 aes_block_t tmp, tmp2;
178 aes_block_t iv; 170 aes_block_t iv;
179 aes_block_t iv2; 171 aes_block_t iv2;
@@ -181,14 +173,14 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
181 load_block(iv, ivec); 173 load_block(iv, ivec);
182 load_block(iv2, ivec + AES_BLOCK_SIZE); 174 load_block(iv2, ivec + AES_BLOCK_SIZE);
183 175
184 while (len) 176 while (len) {
185 {
186 load_block(tmp, in); 177 load_block(tmp, in);
187 tmp2 = tmp; 178 tmp2 = tmp;
188 for(n=0 ; n < N_WORDS; ++n) 179 for (n = 0; n < N_WORDS; ++n)
189 tmp.data[n] ^= iv2.data[n]; 180 tmp.data[n] ^= iv2.data[n];
190 AES_decrypt((unsigned char *)tmp.data, (unsigned char *)tmp.data, key); 181 AES_decrypt((unsigned char *)tmp.data,
191 for(n=0 ; n < N_WORDS; ++n) 182 (unsigned char *)tmp.data, key);
183 for (n = 0; n < N_WORDS; ++n)
192 tmp.data[n] ^= iv.data[n]; 184 tmp.data[n] ^= iv.data[n];
193 store_block(out, tmp); 185 store_block(out, tmp);
194 iv = tmp2; 186 iv = tmp2;
@@ -196,12 +188,12 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
196 --len; 188 --len;
197 in += AES_BLOCK_SIZE; 189 in += AES_BLOCK_SIZE;
198 out += AES_BLOCK_SIZE; 190 out += AES_BLOCK_SIZE;
199 } 191 }
200 memcpy(ivec, iv.data, AES_BLOCK_SIZE); 192 memcpy(ivec, iv.data, AES_BLOCK_SIZE);
201 memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE); 193 memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
202 }
203 } 194 }
204 } 195 }
196}
205 197
206/* 198/*
207 * Note that its effectively impossible to do biIGE in anything other 199 * Note that its effectively impossible to do biIGE in anything other
@@ -210,11 +202,11 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
210 202
211/* N.B. The IV for this mode is _four times_ the block size */ 203/* N.B. The IV for this mode is _four times_ the block size */
212 204
213void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out, 205void
214 size_t length, const AES_KEY *key, 206AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out, size_t length,
215 const AES_KEY *key2, const unsigned char *ivec, 207 const AES_KEY *key, const AES_KEY *key2, const unsigned char *ivec,
216 const int enc) 208 const int enc)
217 { 209{
218 size_t n; 210 size_t n;
219 size_t len = length; 211 size_t len = length;
220 unsigned char tmp[AES_BLOCK_SIZE]; 212 unsigned char tmp[AES_BLOCK_SIZE];
@@ -225,23 +217,21 @@ void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
225 const unsigned char *iv2; 217 const unsigned char *iv2;
226 218
227 OPENSSL_assert(in && out && key && ivec); 219 OPENSSL_assert(in && out && key && ivec);
228 OPENSSL_assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); 220 OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
229 OPENSSL_assert((length%AES_BLOCK_SIZE) == 0); 221 OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
230 222
231 if (AES_ENCRYPT == enc) 223 if (AES_ENCRYPT == enc) {
232 {
233 /* XXX: Do a separate case for when in != out (strictly should 224 /* XXX: Do a separate case for when in != out (strictly should
234 check for overlap, too) */ 225 check for overlap, too) */
235 226
236 /* First the forward pass */ 227 /* First the forward pass */
237 iv = ivec; 228 iv = ivec;
238 iv2 = ivec + AES_BLOCK_SIZE; 229 iv2 = ivec + AES_BLOCK_SIZE;
239 while (len >= AES_BLOCK_SIZE) 230 while (len >= AES_BLOCK_SIZE) {
240 { 231 for (n = 0; n < AES_BLOCK_SIZE; ++n)
241 for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
242 out[n] = in[n] ^ iv[n]; 232 out[n] = in[n] ^ iv[n];
243 AES_encrypt(out, out, key); 233 AES_encrypt(out, out, key);
244 for(n=0 ; n < AES_BLOCK_SIZE ; ++n) 234 for (n = 0; n < AES_BLOCK_SIZE; ++n)
245 out[n] ^= iv2[n]; 235 out[n] ^= iv2[n];
246 iv = out; 236 iv = out;
247 memcpy(prev, in, AES_BLOCK_SIZE); 237 memcpy(prev, in, AES_BLOCK_SIZE);
@@ -249,68 +239,63 @@ void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
249 len -= AES_BLOCK_SIZE; 239 len -= AES_BLOCK_SIZE;
250 in += AES_BLOCK_SIZE; 240 in += AES_BLOCK_SIZE;
251 out += AES_BLOCK_SIZE; 241 out += AES_BLOCK_SIZE;
252 } 242 }
253 243
254 /* And now backwards */ 244 /* And now backwards */
255 iv = ivec + AES_BLOCK_SIZE*2; 245 iv = ivec + AES_BLOCK_SIZE*2;
256 iv2 = ivec + AES_BLOCK_SIZE*3; 246 iv2 = ivec + AES_BLOCK_SIZE*3;
257 len = length; 247 len = length;
258 while(len >= AES_BLOCK_SIZE) 248 while (len >= AES_BLOCK_SIZE) {
259 {
260 out -= AES_BLOCK_SIZE; 249 out -= AES_BLOCK_SIZE;
261 /* XXX: reduce copies by alternating between buffers */ 250 /* XXX: reduce copies by alternating between buffers */
262 memcpy(tmp, out, AES_BLOCK_SIZE); 251 memcpy(tmp, out, AES_BLOCK_SIZE);
263 for(n=0 ; n < AES_BLOCK_SIZE ; ++n) 252 for (n = 0; n < AES_BLOCK_SIZE; ++n)
264 out[n] ^= iv[n]; 253 out[n] ^= iv[n];
265 /* hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE); */ 254 /* hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE); */
266 AES_encrypt(out, out, key); 255 AES_encrypt(out, out, key);
267 /* hexdump(stdout,"enc", out, AES_BLOCK_SIZE); */ 256 /* hexdump(stdout,"enc", out, AES_BLOCK_SIZE); */
268 /* hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE); */ 257 /* hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE); */
269 for(n=0 ; n < AES_BLOCK_SIZE ; ++n) 258 for (n = 0; n < AES_BLOCK_SIZE; ++n)
270 out[n] ^= iv2[n]; 259 out[n] ^= iv2[n];
271 /* hexdump(stdout,"out", out, AES_BLOCK_SIZE); */ 260 /* hexdump(stdout,"out", out, AES_BLOCK_SIZE); */
272 iv = out; 261 iv = out;
273 memcpy(prev, tmp, AES_BLOCK_SIZE); 262 memcpy(prev, tmp, AES_BLOCK_SIZE);
274 iv2 = prev; 263 iv2 = prev;
275 len -= AES_BLOCK_SIZE; 264 len -= AES_BLOCK_SIZE;
276 }
277 } 265 }
278 else 266 } else {
279 {
280 /* First backwards */ 267 /* First backwards */
281 iv = ivec + AES_BLOCK_SIZE*2; 268 iv = ivec + AES_BLOCK_SIZE*2;
282 iv2 = ivec + AES_BLOCK_SIZE*3; 269 iv2 = ivec + AES_BLOCK_SIZE*3;
283 in += length; 270 in += length;
284 out += length; 271 out += length;
285 while (len >= AES_BLOCK_SIZE) 272 while (len >= AES_BLOCK_SIZE) {
286 {
287 in -= AES_BLOCK_SIZE; 273 in -= AES_BLOCK_SIZE;
288 out -= AES_BLOCK_SIZE; 274 out -= AES_BLOCK_SIZE;
289 memcpy(tmp, in, AES_BLOCK_SIZE); 275 memcpy(tmp, in, AES_BLOCK_SIZE);
290 memcpy(tmp2, in, AES_BLOCK_SIZE); 276 memcpy(tmp2, in, AES_BLOCK_SIZE);
291 for(n=0 ; n < AES_BLOCK_SIZE ; ++n) 277 for (n = 0; n < AES_BLOCK_SIZE; ++n)
292 tmp[n] ^= iv2[n]; 278 tmp[n] ^= iv2[n];
293 AES_decrypt(tmp, out, key); 279 AES_decrypt(tmp, out, key);
294 for(n=0 ; n < AES_BLOCK_SIZE ; ++n) 280 for (n = 0; n < AES_BLOCK_SIZE; ++n)
295 out[n] ^= iv[n]; 281 out[n] ^= iv[n];
296 memcpy(tmp3, tmp2, AES_BLOCK_SIZE); 282 memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
297 iv = tmp3; 283 iv = tmp3;
298 iv2 = out; 284 iv2 = out;
299 len -= AES_BLOCK_SIZE; 285 len -= AES_BLOCK_SIZE;
300 } 286 }
301 287
302 /* And now forwards */ 288 /* And now forwards */
303 iv = ivec; 289 iv = ivec;
304 iv2 = ivec + AES_BLOCK_SIZE; 290 iv2 = ivec + AES_BLOCK_SIZE;
305 len = length; 291 len = length;
306 while (len >= AES_BLOCK_SIZE) 292 while (len >= AES_BLOCK_SIZE) {
307 {
308 memcpy(tmp, out, AES_BLOCK_SIZE); 293 memcpy(tmp, out, AES_BLOCK_SIZE);
309 memcpy(tmp2, out, AES_BLOCK_SIZE); 294 memcpy(tmp2, out, AES_BLOCK_SIZE);
310 for(n=0 ; n < AES_BLOCK_SIZE ; ++n) 295 for (n = 0; n < AES_BLOCK_SIZE; ++n)
311 tmp[n] ^= iv2[n]; 296 tmp[n] ^= iv2[n];
312 AES_decrypt(tmp, out, key); 297 AES_decrypt(tmp, out, key);
313 for(n=0 ; n < AES_BLOCK_SIZE ; ++n) 298 for (n = 0; n < AES_BLOCK_SIZE; ++n)
314 out[n] ^= iv[n]; 299 out[n] ^= iv[n];
315 memcpy(tmp3, tmp2, AES_BLOCK_SIZE); 300 memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
316 iv = tmp3; 301 iv = tmp3;
@@ -318,6 +303,6 @@ void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
318 len -= AES_BLOCK_SIZE; 303 len -= AES_BLOCK_SIZE;
319 in += AES_BLOCK_SIZE; 304 in += AES_BLOCK_SIZE;
320 out += AES_BLOCK_SIZE; 305 out += AES_BLOCK_SIZE;
321 }
322 } 306 }
323 } 307 }
308}
diff --git a/src/lib/libssl/src/crypto/aes/aes_misc.c b/src/lib/libssl/src/crypto/aes/aes_misc.c
index f083488ecb..d666c06409 100644
--- a/src/lib/libssl/src/crypto/aes/aes_misc.c
+++ b/src/lib/libssl/src/crypto/aes/aes_misc.c
@@ -56,30 +56,33 @@
56 56
57const char AES_version[]="AES" OPENSSL_VERSION_PTEXT; 57const char AES_version[]="AES" OPENSSL_VERSION_PTEXT;
58 58
59const char *AES_options(void) { 59const char
60*AES_options(void) {
60#ifdef FULL_UNROLL 61#ifdef FULL_UNROLL
61 return "aes(full)"; 62 return "aes(full)";
62#else 63#else
63 return "aes(partial)"; 64 return "aes(partial)";
64#endif 65#endif
65} 66}
66 67
67/* FIPS wrapper functions to block low level AES calls in FIPS mode */ 68/* FIPS wrapper functions to block low level AES calls in FIPS mode */
68 69
69int AES_set_encrypt_key(const unsigned char *userKey, const int bits, 70int
70 AES_KEY *key) 71AES_set_encrypt_key(const unsigned char *userKey, const int bits,
71 { 72 AES_KEY *key)
73{
72#ifdef OPENSSL_FIPS 74#ifdef OPENSSL_FIPS
73 fips_cipher_abort(AES); 75 fips_cipher_abort(AES);
74#endif 76#endif
75 return private_AES_set_encrypt_key(userKey, bits, key); 77 return private_AES_set_encrypt_key(userKey, bits, key);
76 } 78}
77 79
78int AES_set_decrypt_key(const unsigned char *userKey, const int bits, 80int
79 AES_KEY *key) 81AES_set_decrypt_key(const unsigned char *userKey, const int bits,
80 { 82 AES_KEY *key)
83{
81#ifdef OPENSSL_FIPS 84#ifdef OPENSSL_FIPS
82 fips_cipher_abort(AES); 85 fips_cipher_abort(AES);
83#endif 86#endif
84 return private_AES_set_decrypt_key(userKey, bits, key); 87 return private_AES_set_decrypt_key(userKey, bits, key);
85 } 88}
diff --git a/src/lib/libssl/src/crypto/aes/aes_ofb.c b/src/lib/libssl/src/crypto/aes/aes_ofb.c
index 50bf0b8325..f5a35b20c5 100644
--- a/src/lib/libssl/src/crypto/aes/aes_ofb.c
+++ b/src/lib/libssl/src/crypto/aes/aes_ofb.c
@@ -52,9 +52,10 @@
52#include <openssl/aes.h> 52#include <openssl/aes.h>
53#include <openssl/modes.h> 53#include <openssl/modes.h>
54 54
55void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, 55void
56 size_t length, const AES_KEY *key, 56AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, size_t length,
57 unsigned char *ivec, int *num) 57 const AES_KEY *key, unsigned char *ivec, int *num)
58{ 58{
59 CRYPTO_ofb128_encrypt(in,out,length,key,ivec,num,(block128_f)AES_encrypt); 59 CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
60 (block128_f)AES_encrypt);
60} 61}
diff --git a/src/lib/libssl/src/crypto/aes/aes_wrap.c b/src/lib/libssl/src/crypto/aes/aes_wrap.c
index e2d73d37ce..198b0be333 100644
--- a/src/lib/libssl/src/crypto/aes/aes_wrap.c
+++ b/src/lib/libssl/src/crypto/aes/aes_wrap.c
@@ -56,13 +56,13 @@
56#include <openssl/bio.h> 56#include <openssl/bio.h>
57 57
58static const unsigned char default_iv[] = { 58static const unsigned char default_iv[] = {
59 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 59 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6,
60}; 60};
61 61
62int AES_wrap_key(AES_KEY *key, const unsigned char *iv, 62int
63 unsigned char *out, 63AES_wrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
64 const unsigned char *in, unsigned int inlen) 64 const unsigned char *in, unsigned int inlen)
65 { 65{
66 unsigned char *A, B[16], *R; 66 unsigned char *A, B[16], *R;
67 unsigned int i, j, t; 67 unsigned int i, j, t;
68 if ((inlen & 0x7) || (inlen < 8)) 68 if ((inlen & 0x7) || (inlen < 8))
@@ -75,31 +75,28 @@ int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
75 75
76 memcpy(A, iv, 8); 76 memcpy(A, iv, 8);
77 77
78 for (j = 0; j < 6; j++) 78 for (j = 0; j < 6; j++) {
79 {
80 R = out + 8; 79 R = out + 8;
81 for (i = 0; i < inlen; i += 8, t++, R += 8) 80 for (i = 0; i < inlen; i += 8, t++, R += 8) {
82 {
83 memcpy(B + 8, R, 8); 81 memcpy(B + 8, R, 8);
84 AES_encrypt(B, B, key); 82 AES_encrypt(B, B, key);
85 A[7] ^= (unsigned char)(t & 0xff); 83 A[7] ^= (unsigned char)(t & 0xff);
86 if (t > 0xff) 84 if (t > 0xff) {
87 {
88 A[6] ^= (unsigned char)((t >> 8) & 0xff); 85 A[6] ^= (unsigned char)((t >> 8) & 0xff);
89 A[5] ^= (unsigned char)((t >> 16) & 0xff); 86 A[5] ^= (unsigned char)((t >> 16) & 0xff);
90 A[4] ^= (unsigned char)((t >> 24) & 0xff); 87 A[4] ^= (unsigned char)((t >> 24) & 0xff);
91 }
92 memcpy(R, B + 8, 8);
93 } 88 }
89 memcpy(R, B + 8, 8);
94 } 90 }
91 }
95 memcpy(out, A, 8); 92 memcpy(out, A, 8);
96 return inlen + 8; 93 return inlen + 8;
97 } 94}
98 95
99int AES_unwrap_key(AES_KEY *key, const unsigned char *iv, 96int
100 unsigned char *out, 97AES_unwrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
101 const unsigned char *in, unsigned int inlen) 98 const unsigned char *in, unsigned int inlen)
102 { 99{
103 unsigned char *A, B[16], *R; 100 unsigned char *A, B[16], *R;
104 unsigned int i, j, t; 101 unsigned int i, j, t;
105 inlen -= 8; 102 inlen -= 8;
@@ -108,43 +105,39 @@ int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
108 if (inlen < 8) 105 if (inlen < 8)
109 return -1; 106 return -1;
110 A = B; 107 A = B;
111 t = 6 * (inlen >> 3); 108 t = 6 * (inlen >> 3);
112 memcpy(A, in, 8); 109 memcpy(A, in, 8);
113 memcpy(out, in + 8, inlen); 110 memcpy(out, in + 8, inlen);
114 for (j = 0; j < 6; j++) 111 for (j = 0; j < 6; j++) {
115 {
116 R = out + inlen - 8; 112 R = out + inlen - 8;
117 for (i = 0; i < inlen; i += 8, t--, R -= 8) 113 for (i = 0; i < inlen; i += 8, t--, R -= 8) {
118 {
119 A[7] ^= (unsigned char)(t & 0xff); 114 A[7] ^= (unsigned char)(t & 0xff);
120 if (t > 0xff) 115 if (t > 0xff) {
121 {
122 A[6] ^= (unsigned char)((t >> 8) & 0xff); 116 A[6] ^= (unsigned char)((t >> 8) & 0xff);
123 A[5] ^= (unsigned char)((t >> 16) & 0xff); 117 A[5] ^= (unsigned char)((t >> 16) & 0xff);
124 A[4] ^= (unsigned char)((t >> 24) & 0xff); 118 A[4] ^= (unsigned char)((t >> 24) & 0xff);
125 } 119 }
126 memcpy(B + 8, R, 8); 120 memcpy(B + 8, R, 8);
127 AES_decrypt(B, B, key); 121 AES_decrypt(B, B, key);
128 memcpy(R, B + 8, 8); 122 memcpy(R, B + 8, 8);
129 }
130 } 123 }
124 }
131 if (!iv) 125 if (!iv)
132 iv = default_iv; 126 iv = default_iv;
133 if (memcmp(A, iv, 8)) 127 if (memcmp(A, iv, 8)) {
134 {
135 OPENSSL_cleanse(out, inlen); 128 OPENSSL_cleanse(out, inlen);
136 return 0; 129 return 0;
137 }
138 return inlen;
139 } 130 }
131 return inlen;
132}
140 133
141#ifdef AES_WRAP_TEST 134#ifdef AES_WRAP_TEST
142 135
143int AES_wrap_unwrap_test(const unsigned char *kek, int keybits, 136int
144 const unsigned char *iv, 137AES_wrap_unwrap_test(const unsigned char *kek, int keybits,
145 const unsigned char *eout, 138 const unsigned char *iv, const unsigned char *eout,
146 const unsigned char *key, int keylen) 139 const unsigned char *key, int keylen)
147 { 140{
148 unsigned char *otmp = NULL, *ptmp = NULL; 141 unsigned char *otmp = NULL, *ptmp = NULL;
149 int r, ret = 0; 142 int r, ret = 0;
150 AES_KEY wctx; 143 AES_KEY wctx;
@@ -160,7 +153,7 @@ int AES_wrap_unwrap_test(const unsigned char *kek, int keybits,
160 153
161 if (eout && memcmp(eout, otmp, keylen)) 154 if (eout && memcmp(eout, otmp, keylen))
162 goto err; 155 goto err;
163 156
164 if (AES_set_decrypt_key(kek, keybits, &wctx)) 157 if (AES_set_decrypt_key(kek, keybits, &wctx))
165 goto err; 158 goto err;
166 r = AES_unwrap_key(&wctx, iv, ptmp, otmp, r); 159 r = AES_unwrap_key(&wctx, iv, ptmp, otmp, r);
@@ -170,74 +163,72 @@ int AES_wrap_unwrap_test(const unsigned char *kek, int keybits,
170 163
171 ret = 1; 164 ret = 1;
172 165
173 err: 166err:
174 if (otmp) 167 if (otmp)
175 OPENSSL_free(otmp); 168 OPENSSL_free(otmp);
176 if (ptmp) 169 if (ptmp)
177 OPENSSL_free(ptmp); 170 OPENSSL_free(ptmp);
178 171
179 return ret; 172 return ret;
180 173}
181 }
182
183 174
184 175
185int main(int argc, char **argv) 176int
177main(int argc, char **argv)
186{ 178{
187 179 static const unsigned char kek[] = {
188static const unsigned char kek[] = { 180 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
189 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 181 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
190 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 182 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
191 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 183 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
192 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f 184 };
193}; 185
194 186 static const unsigned char key[] = {
195static const unsigned char key[] = { 187 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
196 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 188 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
197 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 189 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
198 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 190 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
199 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f 191 };
200}; 192
201 193 static const unsigned char e1[] = {
202static const unsigned char e1[] = { 194 0x1f, 0xa6, 0x8b, 0x0a, 0x81, 0x12, 0xb4, 0x47,
203 0x1f, 0xa6, 0x8b, 0x0a, 0x81, 0x12, 0xb4, 0x47, 195 0xae, 0xf3, 0x4b, 0xd8, 0xfb, 0x5a, 0x7b, 0x82,
204 0xae, 0xf3, 0x4b, 0xd8, 0xfb, 0x5a, 0x7b, 0x82, 196 0x9d, 0x3e, 0x86, 0x23, 0x71, 0xd2, 0xcf, 0xe5
205 0x9d, 0x3e, 0x86, 0x23, 0x71, 0xd2, 0xcf, 0xe5 197 };
206}; 198
207 199 static const unsigned char e2[] = {
208static const unsigned char e2[] = { 200 0x96, 0x77, 0x8b, 0x25, 0xae, 0x6c, 0xa4, 0x35,
209 0x96, 0x77, 0x8b, 0x25, 0xae, 0x6c, 0xa4, 0x35, 201 0xf9, 0x2b, 0x5b, 0x97, 0xc0, 0x50, 0xae, 0xd2,
210 0xf9, 0x2b, 0x5b, 0x97, 0xc0, 0x50, 0xae, 0xd2, 202 0x46, 0x8a, 0xb8, 0xa1, 0x7a, 0xd8, 0x4e, 0x5d
211 0x46, 0x8a, 0xb8, 0xa1, 0x7a, 0xd8, 0x4e, 0x5d 203 };
212}; 204
213 205 static const unsigned char e3[] = {
214static const unsigned char e3[] = { 206 0x64, 0xe8, 0xc3, 0xf9, 0xce, 0x0f, 0x5b, 0xa2,
215 0x64, 0xe8, 0xc3, 0xf9, 0xce, 0x0f, 0x5b, 0xa2, 207 0x63, 0xe9, 0x77, 0x79, 0x05, 0x81, 0x8a, 0x2a,
216 0x63, 0xe9, 0x77, 0x79, 0x05, 0x81, 0x8a, 0x2a, 208 0x93, 0xc8, 0x19, 0x1e, 0x7d, 0x6e, 0x8a, 0xe7
217 0x93, 0xc8, 0x19, 0x1e, 0x7d, 0x6e, 0x8a, 0xe7 209 };
218}; 210
219 211 static const unsigned char e4[] = {
220static const unsigned char e4[] = { 212 0x03, 0x1d, 0x33, 0x26, 0x4e, 0x15, 0xd3, 0x32,
221 0x03, 0x1d, 0x33, 0x26, 0x4e, 0x15, 0xd3, 0x32, 213 0x68, 0xf2, 0x4e, 0xc2, 0x60, 0x74, 0x3e, 0xdc,
222 0x68, 0xf2, 0x4e, 0xc2, 0x60, 0x74, 0x3e, 0xdc, 214 0xe1, 0xc6, 0xc7, 0xdd, 0xee, 0x72, 0x5a, 0x93,
223 0xe1, 0xc6, 0xc7, 0xdd, 0xee, 0x72, 0x5a, 0x93, 215 0x6b, 0xa8, 0x14, 0x91, 0x5c, 0x67, 0x62, 0xd2
224 0x6b, 0xa8, 0x14, 0x91, 0x5c, 0x67, 0x62, 0xd2 216 };
225}; 217
226 218 static const unsigned char e5[] = {
227static const unsigned char e5[] = { 219 0xa8, 0xf9, 0xbc, 0x16, 0x12, 0xc6, 0x8b, 0x3f,
228 0xa8, 0xf9, 0xbc, 0x16, 0x12, 0xc6, 0x8b, 0x3f, 220 0xf6, 0xe6, 0xf4, 0xfb, 0xe3, 0x0e, 0x71, 0xe4,
229 0xf6, 0xe6, 0xf4, 0xfb, 0xe3, 0x0e, 0x71, 0xe4, 221 0x76, 0x9c, 0x8b, 0x80, 0xa3, 0x2c, 0xb8, 0x95,
230 0x76, 0x9c, 0x8b, 0x80, 0xa3, 0x2c, 0xb8, 0x95, 222 0x8c, 0xd5, 0xd1, 0x7d, 0x6b, 0x25, 0x4d, 0xa1
231 0x8c, 0xd5, 0xd1, 0x7d, 0x6b, 0x25, 0x4d, 0xa1 223 };
232}; 224
233 225 static const unsigned char e6[] = {
234static const unsigned char e6[] = { 226 0x28, 0xc9, 0xf4, 0x04, 0xc4, 0xb8, 0x10, 0xf4,
235 0x28, 0xc9, 0xf4, 0x04, 0xc4, 0xb8, 0x10, 0xf4, 227 0xcb, 0xcc, 0xb3, 0x5c, 0xfb, 0x87, 0xf8, 0x26,
236 0xcb, 0xcc, 0xb3, 0x5c, 0xfb, 0x87, 0xf8, 0x26, 228 0x3f, 0x57, 0x86, 0xe2, 0xd8, 0x0e, 0xd3, 0x26,
237 0x3f, 0x57, 0x86, 0xe2, 0xd8, 0x0e, 0xd3, 0x26, 229 0xcb, 0xc7, 0xf0, 0xe7, 0x1a, 0x99, 0xf4, 0x3b,
238 0xcb, 0xc7, 0xf0, 0xe7, 0x1a, 0x99, 0xf4, 0x3b, 230 0xfb, 0x98, 0x8b, 0x9b, 0x7a, 0x02, 0xdd, 0x21
239 0xfb, 0x98, 0x8b, 0x9b, 0x7a, 0x02, 0xdd, 0x21 231 };
240};
241 232
242 AES_KEY wctx, xctx; 233 AES_KEY wctx, xctx;
243 int ret; 234 int ret;
@@ -254,6 +245,5 @@ static const unsigned char e6[] = {
254 ret = AES_wrap_unwrap_test(kek, 256, NULL, e6, key, 32); 245 ret = AES_wrap_unwrap_test(kek, 256, NULL, e6, key, 32);
255 fprintf(stderr, "Key test result %d\n", ret); 246 fprintf(stderr, "Key test result %d\n", ret);
256} 247}
257 248
258
259#endif 249#endif
diff --git a/src/lib/libssl/src/crypto/aes/aes_x86core.c b/src/lib/libssl/src/crypto/aes/aes_x86core.c
index d323e265c0..c5d17b3127 100644
--- a/src/lib/libssl/src/crypto/aes/aes_x86core.c
+++ b/src/lib/libssl/src/crypto/aes/aes_x86core.c
@@ -59,14 +59,16 @@
59#endif 59#endif
60 60
61#if 1 61#if 1
62static void prefetch256(const void *table) 62static void
63prefetch256(const void *table)
63{ 64{
64 volatile unsigned long *t=(void *)table,ret; 65 volatile unsigned long *t = (void *)table, ret;
65 unsigned long sum; 66 unsigned long sum;
66 int i; 67 int i;
67 68
68 /* 32 is common least cache-line size */ 69 /* 32 is common least cache-line size */
69 for (sum=0,i=0;i<256/sizeof(t[0]);i+=32/sizeof(t[0])) sum ^= t[i]; 70 for (sum = 0, i = 0; i < 256/sizeof(t[0]); i += 32 / sizeof(t[0]))
71 sum ^= t[i];
70 72
71 ret = sum; 73 ret = sum;
72} 74}
@@ -128,350 +130,350 @@ Td4[x] = Si[x].[01];
128#define Td3 (u32)((u64*)((u8*)Td+1)) 130#define Td3 (u32)((u64*)((u8*)Td+1))
129 131
130static const u64 Te[256] = { 132static const u64 Te[256] = {
131 U64(0xa56363c6a56363c6), U64(0x847c7cf8847c7cf8), 133 U64(0xa56363c6a56363c6), U64(0x847c7cf8847c7cf8),
132 U64(0x997777ee997777ee), U64(0x8d7b7bf68d7b7bf6), 134 U64(0x997777ee997777ee), U64(0x8d7b7bf68d7b7bf6),
133 U64(0x0df2f2ff0df2f2ff), U64(0xbd6b6bd6bd6b6bd6), 135 U64(0x0df2f2ff0df2f2ff), U64(0xbd6b6bd6bd6b6bd6),
134 U64(0xb16f6fdeb16f6fde), U64(0x54c5c59154c5c591), 136 U64(0xb16f6fdeb16f6fde), U64(0x54c5c59154c5c591),
135 U64(0x5030306050303060), U64(0x0301010203010102), 137 U64(0x5030306050303060), U64(0x0301010203010102),
136 U64(0xa96767cea96767ce), U64(0x7d2b2b567d2b2b56), 138 U64(0xa96767cea96767ce), U64(0x7d2b2b567d2b2b56),
137 U64(0x19fefee719fefee7), U64(0x62d7d7b562d7d7b5), 139 U64(0x19fefee719fefee7), U64(0x62d7d7b562d7d7b5),
138 U64(0xe6abab4de6abab4d), U64(0x9a7676ec9a7676ec), 140 U64(0xe6abab4de6abab4d), U64(0x9a7676ec9a7676ec),
139 U64(0x45caca8f45caca8f), U64(0x9d82821f9d82821f), 141 U64(0x45caca8f45caca8f), U64(0x9d82821f9d82821f),
140 U64(0x40c9c98940c9c989), U64(0x877d7dfa877d7dfa), 142 U64(0x40c9c98940c9c989), U64(0x877d7dfa877d7dfa),
141 U64(0x15fafaef15fafaef), U64(0xeb5959b2eb5959b2), 143 U64(0x15fafaef15fafaef), U64(0xeb5959b2eb5959b2),
142 U64(0xc947478ec947478e), U64(0x0bf0f0fb0bf0f0fb), 144 U64(0xc947478ec947478e), U64(0x0bf0f0fb0bf0f0fb),
143 U64(0xecadad41ecadad41), U64(0x67d4d4b367d4d4b3), 145 U64(0xecadad41ecadad41), U64(0x67d4d4b367d4d4b3),
144 U64(0xfda2a25ffda2a25f), U64(0xeaafaf45eaafaf45), 146 U64(0xfda2a25ffda2a25f), U64(0xeaafaf45eaafaf45),
145 U64(0xbf9c9c23bf9c9c23), U64(0xf7a4a453f7a4a453), 147 U64(0xbf9c9c23bf9c9c23), U64(0xf7a4a453f7a4a453),
146 U64(0x967272e4967272e4), U64(0x5bc0c09b5bc0c09b), 148 U64(0x967272e4967272e4), U64(0x5bc0c09b5bc0c09b),
147 U64(0xc2b7b775c2b7b775), U64(0x1cfdfde11cfdfde1), 149 U64(0xc2b7b775c2b7b775), U64(0x1cfdfde11cfdfde1),
148 U64(0xae93933dae93933d), U64(0x6a26264c6a26264c), 150 U64(0xae93933dae93933d), U64(0x6a26264c6a26264c),
149 U64(0x5a36366c5a36366c), U64(0x413f3f7e413f3f7e), 151 U64(0x5a36366c5a36366c), U64(0x413f3f7e413f3f7e),
150 U64(0x02f7f7f502f7f7f5), U64(0x4fcccc834fcccc83), 152 U64(0x02f7f7f502f7f7f5), U64(0x4fcccc834fcccc83),
151 U64(0x5c3434685c343468), U64(0xf4a5a551f4a5a551), 153 U64(0x5c3434685c343468), U64(0xf4a5a551f4a5a551),
152 U64(0x34e5e5d134e5e5d1), U64(0x08f1f1f908f1f1f9), 154 U64(0x34e5e5d134e5e5d1), U64(0x08f1f1f908f1f1f9),
153 U64(0x937171e2937171e2), U64(0x73d8d8ab73d8d8ab), 155 U64(0x937171e2937171e2), U64(0x73d8d8ab73d8d8ab),
154 U64(0x5331316253313162), U64(0x3f15152a3f15152a), 156 U64(0x5331316253313162), U64(0x3f15152a3f15152a),
155 U64(0x0c0404080c040408), U64(0x52c7c79552c7c795), 157 U64(0x0c0404080c040408), U64(0x52c7c79552c7c795),
156 U64(0x6523234665232346), U64(0x5ec3c39d5ec3c39d), 158 U64(0x6523234665232346), U64(0x5ec3c39d5ec3c39d),
157 U64(0x2818183028181830), U64(0xa1969637a1969637), 159 U64(0x2818183028181830), U64(0xa1969637a1969637),
158 U64(0x0f05050a0f05050a), U64(0xb59a9a2fb59a9a2f), 160 U64(0x0f05050a0f05050a), U64(0xb59a9a2fb59a9a2f),
159 U64(0x0907070e0907070e), U64(0x3612122436121224), 161 U64(0x0907070e0907070e), U64(0x3612122436121224),
160 U64(0x9b80801b9b80801b), U64(0x3de2e2df3de2e2df), 162 U64(0x9b80801b9b80801b), U64(0x3de2e2df3de2e2df),
161 U64(0x26ebebcd26ebebcd), U64(0x6927274e6927274e), 163 U64(0x26ebebcd26ebebcd), U64(0x6927274e6927274e),
162 U64(0xcdb2b27fcdb2b27f), U64(0x9f7575ea9f7575ea), 164 U64(0xcdb2b27fcdb2b27f), U64(0x9f7575ea9f7575ea),
163 U64(0x1b0909121b090912), U64(0x9e83831d9e83831d), 165 U64(0x1b0909121b090912), U64(0x9e83831d9e83831d),
164 U64(0x742c2c58742c2c58), U64(0x2e1a1a342e1a1a34), 166 U64(0x742c2c58742c2c58), U64(0x2e1a1a342e1a1a34),
165 U64(0x2d1b1b362d1b1b36), U64(0xb26e6edcb26e6edc), 167 U64(0x2d1b1b362d1b1b36), U64(0xb26e6edcb26e6edc),
166 U64(0xee5a5ab4ee5a5ab4), U64(0xfba0a05bfba0a05b), 168 U64(0xee5a5ab4ee5a5ab4), U64(0xfba0a05bfba0a05b),
167 U64(0xf65252a4f65252a4), U64(0x4d3b3b764d3b3b76), 169 U64(0xf65252a4f65252a4), U64(0x4d3b3b764d3b3b76),
168 U64(0x61d6d6b761d6d6b7), U64(0xceb3b37dceb3b37d), 170 U64(0x61d6d6b761d6d6b7), U64(0xceb3b37dceb3b37d),
169 U64(0x7b2929527b292952), U64(0x3ee3e3dd3ee3e3dd), 171 U64(0x7b2929527b292952), U64(0x3ee3e3dd3ee3e3dd),
170 U64(0x712f2f5e712f2f5e), U64(0x9784841397848413), 172 U64(0x712f2f5e712f2f5e), U64(0x9784841397848413),
171 U64(0xf55353a6f55353a6), U64(0x68d1d1b968d1d1b9), 173 U64(0xf55353a6f55353a6), U64(0x68d1d1b968d1d1b9),
172 U64(0x0000000000000000), U64(0x2cededc12cededc1), 174 U64(0x0000000000000000), U64(0x2cededc12cededc1),
173 U64(0x6020204060202040), U64(0x1ffcfce31ffcfce3), 175 U64(0x6020204060202040), U64(0x1ffcfce31ffcfce3),
174 U64(0xc8b1b179c8b1b179), U64(0xed5b5bb6ed5b5bb6), 176 U64(0xc8b1b179c8b1b179), U64(0xed5b5bb6ed5b5bb6),
175 U64(0xbe6a6ad4be6a6ad4), U64(0x46cbcb8d46cbcb8d), 177 U64(0xbe6a6ad4be6a6ad4), U64(0x46cbcb8d46cbcb8d),
176 U64(0xd9bebe67d9bebe67), U64(0x4b3939724b393972), 178 U64(0xd9bebe67d9bebe67), U64(0x4b3939724b393972),
177 U64(0xde4a4a94de4a4a94), U64(0xd44c4c98d44c4c98), 179 U64(0xde4a4a94de4a4a94), U64(0xd44c4c98d44c4c98),
178 U64(0xe85858b0e85858b0), U64(0x4acfcf854acfcf85), 180 U64(0xe85858b0e85858b0), U64(0x4acfcf854acfcf85),
179 U64(0x6bd0d0bb6bd0d0bb), U64(0x2aefefc52aefefc5), 181 U64(0x6bd0d0bb6bd0d0bb), U64(0x2aefefc52aefefc5),
180 U64(0xe5aaaa4fe5aaaa4f), U64(0x16fbfbed16fbfbed), 182 U64(0xe5aaaa4fe5aaaa4f), U64(0x16fbfbed16fbfbed),
181 U64(0xc5434386c5434386), U64(0xd74d4d9ad74d4d9a), 183 U64(0xc5434386c5434386), U64(0xd74d4d9ad74d4d9a),
182 U64(0x5533336655333366), U64(0x9485851194858511), 184 U64(0x5533336655333366), U64(0x9485851194858511),
183 U64(0xcf45458acf45458a), U64(0x10f9f9e910f9f9e9), 185 U64(0xcf45458acf45458a), U64(0x10f9f9e910f9f9e9),
184 U64(0x0602020406020204), U64(0x817f7ffe817f7ffe), 186 U64(0x0602020406020204), U64(0x817f7ffe817f7ffe),
185 U64(0xf05050a0f05050a0), U64(0x443c3c78443c3c78), 187 U64(0xf05050a0f05050a0), U64(0x443c3c78443c3c78),
186 U64(0xba9f9f25ba9f9f25), U64(0xe3a8a84be3a8a84b), 188 U64(0xba9f9f25ba9f9f25), U64(0xe3a8a84be3a8a84b),
187 U64(0xf35151a2f35151a2), U64(0xfea3a35dfea3a35d), 189 U64(0xf35151a2f35151a2), U64(0xfea3a35dfea3a35d),
188 U64(0xc0404080c0404080), U64(0x8a8f8f058a8f8f05), 190 U64(0xc0404080c0404080), U64(0x8a8f8f058a8f8f05),
189 U64(0xad92923fad92923f), U64(0xbc9d9d21bc9d9d21), 191 U64(0xad92923fad92923f), U64(0xbc9d9d21bc9d9d21),
190 U64(0x4838387048383870), U64(0x04f5f5f104f5f5f1), 192 U64(0x4838387048383870), U64(0x04f5f5f104f5f5f1),
191 U64(0xdfbcbc63dfbcbc63), U64(0xc1b6b677c1b6b677), 193 U64(0xdfbcbc63dfbcbc63), U64(0xc1b6b677c1b6b677),
192 U64(0x75dadaaf75dadaaf), U64(0x6321214263212142), 194 U64(0x75dadaaf75dadaaf), U64(0x6321214263212142),
193 U64(0x3010102030101020), U64(0x1affffe51affffe5), 195 U64(0x3010102030101020), U64(0x1affffe51affffe5),
194 U64(0x0ef3f3fd0ef3f3fd), U64(0x6dd2d2bf6dd2d2bf), 196 U64(0x0ef3f3fd0ef3f3fd), U64(0x6dd2d2bf6dd2d2bf),
195 U64(0x4ccdcd814ccdcd81), U64(0x140c0c18140c0c18), 197 U64(0x4ccdcd814ccdcd81), U64(0x140c0c18140c0c18),
196 U64(0x3513132635131326), U64(0x2fececc32fececc3), 198 U64(0x3513132635131326), U64(0x2fececc32fececc3),
197 U64(0xe15f5fbee15f5fbe), U64(0xa2979735a2979735), 199 U64(0xe15f5fbee15f5fbe), U64(0xa2979735a2979735),
198 U64(0xcc444488cc444488), U64(0x3917172e3917172e), 200 U64(0xcc444488cc444488), U64(0x3917172e3917172e),
199 U64(0x57c4c49357c4c493), U64(0xf2a7a755f2a7a755), 201 U64(0x57c4c49357c4c493), U64(0xf2a7a755f2a7a755),
200 U64(0x827e7efc827e7efc), U64(0x473d3d7a473d3d7a), 202 U64(0x827e7efc827e7efc), U64(0x473d3d7a473d3d7a),
201 U64(0xac6464c8ac6464c8), U64(0xe75d5dbae75d5dba), 203 U64(0xac6464c8ac6464c8), U64(0xe75d5dbae75d5dba),
202 U64(0x2b1919322b191932), U64(0x957373e6957373e6), 204 U64(0x2b1919322b191932), U64(0x957373e6957373e6),
203 U64(0xa06060c0a06060c0), U64(0x9881811998818119), 205 U64(0xa06060c0a06060c0), U64(0x9881811998818119),
204 U64(0xd14f4f9ed14f4f9e), U64(0x7fdcdca37fdcdca3), 206 U64(0xd14f4f9ed14f4f9e), U64(0x7fdcdca37fdcdca3),
205 U64(0x6622224466222244), U64(0x7e2a2a547e2a2a54), 207 U64(0x6622224466222244), U64(0x7e2a2a547e2a2a54),
206 U64(0xab90903bab90903b), U64(0x8388880b8388880b), 208 U64(0xab90903bab90903b), U64(0x8388880b8388880b),
207 U64(0xca46468cca46468c), U64(0x29eeeec729eeeec7), 209 U64(0xca46468cca46468c), U64(0x29eeeec729eeeec7),
208 U64(0xd3b8b86bd3b8b86b), U64(0x3c1414283c141428), 210 U64(0xd3b8b86bd3b8b86b), U64(0x3c1414283c141428),
209 U64(0x79dedea779dedea7), U64(0xe25e5ebce25e5ebc), 211 U64(0x79dedea779dedea7), U64(0xe25e5ebce25e5ebc),
210 U64(0x1d0b0b161d0b0b16), U64(0x76dbdbad76dbdbad), 212 U64(0x1d0b0b161d0b0b16), U64(0x76dbdbad76dbdbad),
211 U64(0x3be0e0db3be0e0db), U64(0x5632326456323264), 213 U64(0x3be0e0db3be0e0db), U64(0x5632326456323264),
212 U64(0x4e3a3a744e3a3a74), U64(0x1e0a0a141e0a0a14), 214 U64(0x4e3a3a744e3a3a74), U64(0x1e0a0a141e0a0a14),
213 U64(0xdb494992db494992), U64(0x0a06060c0a06060c), 215 U64(0xdb494992db494992), U64(0x0a06060c0a06060c),
214 U64(0x6c2424486c242448), U64(0xe45c5cb8e45c5cb8), 216 U64(0x6c2424486c242448), U64(0xe45c5cb8e45c5cb8),
215 U64(0x5dc2c29f5dc2c29f), U64(0x6ed3d3bd6ed3d3bd), 217 U64(0x5dc2c29f5dc2c29f), U64(0x6ed3d3bd6ed3d3bd),
216 U64(0xefacac43efacac43), U64(0xa66262c4a66262c4), 218 U64(0xefacac43efacac43), U64(0xa66262c4a66262c4),
217 U64(0xa8919139a8919139), U64(0xa4959531a4959531), 219 U64(0xa8919139a8919139), U64(0xa4959531a4959531),
218 U64(0x37e4e4d337e4e4d3), U64(0x8b7979f28b7979f2), 220 U64(0x37e4e4d337e4e4d3), U64(0x8b7979f28b7979f2),
219 U64(0x32e7e7d532e7e7d5), U64(0x43c8c88b43c8c88b), 221 U64(0x32e7e7d532e7e7d5), U64(0x43c8c88b43c8c88b),
220 U64(0x5937376e5937376e), U64(0xb76d6ddab76d6dda), 222 U64(0x5937376e5937376e), U64(0xb76d6ddab76d6dda),
221 U64(0x8c8d8d018c8d8d01), U64(0x64d5d5b164d5d5b1), 223 U64(0x8c8d8d018c8d8d01), U64(0x64d5d5b164d5d5b1),
222 U64(0xd24e4e9cd24e4e9c), U64(0xe0a9a949e0a9a949), 224 U64(0xd24e4e9cd24e4e9c), U64(0xe0a9a949e0a9a949),
223 U64(0xb46c6cd8b46c6cd8), U64(0xfa5656acfa5656ac), 225 U64(0xb46c6cd8b46c6cd8), U64(0xfa5656acfa5656ac),
224 U64(0x07f4f4f307f4f4f3), U64(0x25eaeacf25eaeacf), 226 U64(0x07f4f4f307f4f4f3), U64(0x25eaeacf25eaeacf),
225 U64(0xaf6565caaf6565ca), U64(0x8e7a7af48e7a7af4), 227 U64(0xaf6565caaf6565ca), U64(0x8e7a7af48e7a7af4),
226 U64(0xe9aeae47e9aeae47), U64(0x1808081018080810), 228 U64(0xe9aeae47e9aeae47), U64(0x1808081018080810),
227 U64(0xd5baba6fd5baba6f), U64(0x887878f0887878f0), 229 U64(0xd5baba6fd5baba6f), U64(0x887878f0887878f0),
228 U64(0x6f25254a6f25254a), U64(0x722e2e5c722e2e5c), 230 U64(0x6f25254a6f25254a), U64(0x722e2e5c722e2e5c),
229 U64(0x241c1c38241c1c38), U64(0xf1a6a657f1a6a657), 231 U64(0x241c1c38241c1c38), U64(0xf1a6a657f1a6a657),
230 U64(0xc7b4b473c7b4b473), U64(0x51c6c69751c6c697), 232 U64(0xc7b4b473c7b4b473), U64(0x51c6c69751c6c697),
231 U64(0x23e8e8cb23e8e8cb), U64(0x7cdddda17cdddda1), 233 U64(0x23e8e8cb23e8e8cb), U64(0x7cdddda17cdddda1),
232 U64(0x9c7474e89c7474e8), U64(0x211f1f3e211f1f3e), 234 U64(0x9c7474e89c7474e8), U64(0x211f1f3e211f1f3e),
233 U64(0xdd4b4b96dd4b4b96), U64(0xdcbdbd61dcbdbd61), 235 U64(0xdd4b4b96dd4b4b96), U64(0xdcbdbd61dcbdbd61),
234 U64(0x868b8b0d868b8b0d), U64(0x858a8a0f858a8a0f), 236 U64(0x868b8b0d868b8b0d), U64(0x858a8a0f858a8a0f),
235 U64(0x907070e0907070e0), U64(0x423e3e7c423e3e7c), 237 U64(0x907070e0907070e0), U64(0x423e3e7c423e3e7c),
236 U64(0xc4b5b571c4b5b571), U64(0xaa6666ccaa6666cc), 238 U64(0xc4b5b571c4b5b571), U64(0xaa6666ccaa6666cc),
237 U64(0xd8484890d8484890), U64(0x0503030605030306), 239 U64(0xd8484890d8484890), U64(0x0503030605030306),
238 U64(0x01f6f6f701f6f6f7), U64(0x120e0e1c120e0e1c), 240 U64(0x01f6f6f701f6f6f7), U64(0x120e0e1c120e0e1c),
239 U64(0xa36161c2a36161c2), U64(0x5f35356a5f35356a), 241 U64(0xa36161c2a36161c2), U64(0x5f35356a5f35356a),
240 U64(0xf95757aef95757ae), U64(0xd0b9b969d0b9b969), 242 U64(0xf95757aef95757ae), U64(0xd0b9b969d0b9b969),
241 U64(0x9186861791868617), U64(0x58c1c19958c1c199), 243 U64(0x9186861791868617), U64(0x58c1c19958c1c199),
242 U64(0x271d1d3a271d1d3a), U64(0xb99e9e27b99e9e27), 244 U64(0x271d1d3a271d1d3a), U64(0xb99e9e27b99e9e27),
243 U64(0x38e1e1d938e1e1d9), U64(0x13f8f8eb13f8f8eb), 245 U64(0x38e1e1d938e1e1d9), U64(0x13f8f8eb13f8f8eb),
244 U64(0xb398982bb398982b), U64(0x3311112233111122), 246 U64(0xb398982bb398982b), U64(0x3311112233111122),
245 U64(0xbb6969d2bb6969d2), U64(0x70d9d9a970d9d9a9), 247 U64(0xbb6969d2bb6969d2), U64(0x70d9d9a970d9d9a9),
246 U64(0x898e8e07898e8e07), U64(0xa7949433a7949433), 248 U64(0x898e8e07898e8e07), U64(0xa7949433a7949433),
247 U64(0xb69b9b2db69b9b2d), U64(0x221e1e3c221e1e3c), 249 U64(0xb69b9b2db69b9b2d), U64(0x221e1e3c221e1e3c),
248 U64(0x9287871592878715), U64(0x20e9e9c920e9e9c9), 250 U64(0x9287871592878715), U64(0x20e9e9c920e9e9c9),
249 U64(0x49cece8749cece87), U64(0xff5555aaff5555aa), 251 U64(0x49cece8749cece87), U64(0xff5555aaff5555aa),
250 U64(0x7828285078282850), U64(0x7adfdfa57adfdfa5), 252 U64(0x7828285078282850), U64(0x7adfdfa57adfdfa5),
251 U64(0x8f8c8c038f8c8c03), U64(0xf8a1a159f8a1a159), 253 U64(0x8f8c8c038f8c8c03), U64(0xf8a1a159f8a1a159),
252 U64(0x8089890980898909), U64(0x170d0d1a170d0d1a), 254 U64(0x8089890980898909), U64(0x170d0d1a170d0d1a),
253 U64(0xdabfbf65dabfbf65), U64(0x31e6e6d731e6e6d7), 255 U64(0xdabfbf65dabfbf65), U64(0x31e6e6d731e6e6d7),
254 U64(0xc6424284c6424284), U64(0xb86868d0b86868d0), 256 U64(0xc6424284c6424284), U64(0xb86868d0b86868d0),
255 U64(0xc3414182c3414182), U64(0xb0999929b0999929), 257 U64(0xc3414182c3414182), U64(0xb0999929b0999929),
256 U64(0x772d2d5a772d2d5a), U64(0x110f0f1e110f0f1e), 258 U64(0x772d2d5a772d2d5a), U64(0x110f0f1e110f0f1e),
257 U64(0xcbb0b07bcbb0b07b), U64(0xfc5454a8fc5454a8), 259 U64(0xcbb0b07bcbb0b07b), U64(0xfc5454a8fc5454a8),
258 U64(0xd6bbbb6dd6bbbb6d), U64(0x3a16162c3a16162c) 260 U64(0xd6bbbb6dd6bbbb6d), U64(0x3a16162c3a16162c)
259}; 261};
260 262
261static const u8 Te4[256] = { 263static const u8 Te4[256] = {
262 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U, 264 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
263 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U, 265 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
264 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U, 266 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
265 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U, 267 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
266 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU, 268 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
267 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U, 269 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
268 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU, 270 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
269 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U, 271 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
270 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U, 272 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
271 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U, 273 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
272 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU, 274 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
273 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU, 275 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
274 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U, 276 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
275 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U, 277 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
276 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U, 278 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
277 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U, 279 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
278 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U, 280 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
279 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U, 281 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
280 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U, 282 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
281 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU, 283 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
282 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU, 284 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
283 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U, 285 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
284 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U, 286 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
285 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U, 287 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
286 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U, 288 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
287 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU, 289 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
288 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU, 290 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
289 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU, 291 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
290 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U, 292 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
291 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU, 293 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
292 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U, 294 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
293 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U 295 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
294}; 296};
295 297
296static const u64 Td[256] = { 298static const u64 Td[256] = {
297 U64(0x50a7f45150a7f451), U64(0x5365417e5365417e), 299 U64(0x50a7f45150a7f451), U64(0x5365417e5365417e),
298 U64(0xc3a4171ac3a4171a), U64(0x965e273a965e273a), 300 U64(0xc3a4171ac3a4171a), U64(0x965e273a965e273a),
299 U64(0xcb6bab3bcb6bab3b), U64(0xf1459d1ff1459d1f), 301 U64(0xcb6bab3bcb6bab3b), U64(0xf1459d1ff1459d1f),
300 U64(0xab58faacab58faac), U64(0x9303e34b9303e34b), 302 U64(0xab58faacab58faac), U64(0x9303e34b9303e34b),
301 U64(0x55fa302055fa3020), U64(0xf66d76adf66d76ad), 303 U64(0x55fa302055fa3020), U64(0xf66d76adf66d76ad),
302 U64(0x9176cc889176cc88), U64(0x254c02f5254c02f5), 304 U64(0x9176cc889176cc88), U64(0x254c02f5254c02f5),
303 U64(0xfcd7e54ffcd7e54f), U64(0xd7cb2ac5d7cb2ac5), 305 U64(0xfcd7e54ffcd7e54f), U64(0xd7cb2ac5d7cb2ac5),
304 U64(0x8044352680443526), U64(0x8fa362b58fa362b5), 306 U64(0x8044352680443526), U64(0x8fa362b58fa362b5),
305 U64(0x495ab1de495ab1de), U64(0x671bba25671bba25), 307 U64(0x495ab1de495ab1de), U64(0x671bba25671bba25),
306 U64(0x980eea45980eea45), U64(0xe1c0fe5de1c0fe5d), 308 U64(0x980eea45980eea45), U64(0xe1c0fe5de1c0fe5d),
307 U64(0x02752fc302752fc3), U64(0x12f04c8112f04c81), 309 U64(0x02752fc302752fc3), U64(0x12f04c8112f04c81),
308 U64(0xa397468da397468d), U64(0xc6f9d36bc6f9d36b), 310 U64(0xa397468da397468d), U64(0xc6f9d36bc6f9d36b),
309 U64(0xe75f8f03e75f8f03), U64(0x959c9215959c9215), 311 U64(0xe75f8f03e75f8f03), U64(0x959c9215959c9215),
310 U64(0xeb7a6dbfeb7a6dbf), U64(0xda595295da595295), 312 U64(0xeb7a6dbfeb7a6dbf), U64(0xda595295da595295),
311 U64(0x2d83bed42d83bed4), U64(0xd3217458d3217458), 313 U64(0x2d83bed42d83bed4), U64(0xd3217458d3217458),
312 U64(0x2969e0492969e049), U64(0x44c8c98e44c8c98e), 314 U64(0x2969e0492969e049), U64(0x44c8c98e44c8c98e),
313 U64(0x6a89c2756a89c275), U64(0x78798ef478798ef4), 315 U64(0x6a89c2756a89c275), U64(0x78798ef478798ef4),
314 U64(0x6b3e58996b3e5899), U64(0xdd71b927dd71b927), 316 U64(0x6b3e58996b3e5899), U64(0xdd71b927dd71b927),
315 U64(0xb64fe1beb64fe1be), U64(0x17ad88f017ad88f0), 317 U64(0xb64fe1beb64fe1be), U64(0x17ad88f017ad88f0),
316 U64(0x66ac20c966ac20c9), U64(0xb43ace7db43ace7d), 318 U64(0x66ac20c966ac20c9), U64(0xb43ace7db43ace7d),
317 U64(0x184adf63184adf63), U64(0x82311ae582311ae5), 319 U64(0x184adf63184adf63), U64(0x82311ae582311ae5),
318 U64(0x6033519760335197), U64(0x457f5362457f5362), 320 U64(0x6033519760335197), U64(0x457f5362457f5362),
319 U64(0xe07764b1e07764b1), U64(0x84ae6bbb84ae6bbb), 321 U64(0xe07764b1e07764b1), U64(0x84ae6bbb84ae6bbb),
320 U64(0x1ca081fe1ca081fe), U64(0x942b08f9942b08f9), 322 U64(0x1ca081fe1ca081fe), U64(0x942b08f9942b08f9),
321 U64(0x5868487058684870), U64(0x19fd458f19fd458f), 323 U64(0x5868487058684870), U64(0x19fd458f19fd458f),
322 U64(0x876cde94876cde94), U64(0xb7f87b52b7f87b52), 324 U64(0x876cde94876cde94), U64(0xb7f87b52b7f87b52),
323 U64(0x23d373ab23d373ab), U64(0xe2024b72e2024b72), 325 U64(0x23d373ab23d373ab), U64(0xe2024b72e2024b72),
324 U64(0x578f1fe3578f1fe3), U64(0x2aab55662aab5566), 326 U64(0x578f1fe3578f1fe3), U64(0x2aab55662aab5566),
325 U64(0x0728ebb20728ebb2), U64(0x03c2b52f03c2b52f), 327 U64(0x0728ebb20728ebb2), U64(0x03c2b52f03c2b52f),
326 U64(0x9a7bc5869a7bc586), U64(0xa50837d3a50837d3), 328 U64(0x9a7bc5869a7bc586), U64(0xa50837d3a50837d3),
327 U64(0xf2872830f2872830), U64(0xb2a5bf23b2a5bf23), 329 U64(0xf2872830f2872830), U64(0xb2a5bf23b2a5bf23),
328 U64(0xba6a0302ba6a0302), U64(0x5c8216ed5c8216ed), 330 U64(0xba6a0302ba6a0302), U64(0x5c8216ed5c8216ed),
329 U64(0x2b1ccf8a2b1ccf8a), U64(0x92b479a792b479a7), 331 U64(0x2b1ccf8a2b1ccf8a), U64(0x92b479a792b479a7),
330 U64(0xf0f207f3f0f207f3), U64(0xa1e2694ea1e2694e), 332 U64(0xf0f207f3f0f207f3), U64(0xa1e2694ea1e2694e),
331 U64(0xcdf4da65cdf4da65), U64(0xd5be0506d5be0506), 333 U64(0xcdf4da65cdf4da65), U64(0xd5be0506d5be0506),
332 U64(0x1f6234d11f6234d1), U64(0x8afea6c48afea6c4), 334 U64(0x1f6234d11f6234d1), U64(0x8afea6c48afea6c4),
333 U64(0x9d532e349d532e34), U64(0xa055f3a2a055f3a2), 335 U64(0x9d532e349d532e34), U64(0xa055f3a2a055f3a2),
334 U64(0x32e18a0532e18a05), U64(0x75ebf6a475ebf6a4), 336 U64(0x32e18a0532e18a05), U64(0x75ebf6a475ebf6a4),
335 U64(0x39ec830b39ec830b), U64(0xaaef6040aaef6040), 337 U64(0x39ec830b39ec830b), U64(0xaaef6040aaef6040),
336 U64(0x069f715e069f715e), U64(0x51106ebd51106ebd), 338 U64(0x069f715e069f715e), U64(0x51106ebd51106ebd),
337 U64(0xf98a213ef98a213e), U64(0x3d06dd963d06dd96), 339 U64(0xf98a213ef98a213e), U64(0x3d06dd963d06dd96),
338 U64(0xae053eddae053edd), U64(0x46bde64d46bde64d), 340 U64(0xae053eddae053edd), U64(0x46bde64d46bde64d),
339 U64(0xb58d5491b58d5491), U64(0x055dc471055dc471), 341 U64(0xb58d5491b58d5491), U64(0x055dc471055dc471),
340 U64(0x6fd406046fd40604), U64(0xff155060ff155060), 342 U64(0x6fd406046fd40604), U64(0xff155060ff155060),
341 U64(0x24fb981924fb9819), U64(0x97e9bdd697e9bdd6), 343 U64(0x24fb981924fb9819), U64(0x97e9bdd697e9bdd6),
342 U64(0xcc434089cc434089), U64(0x779ed967779ed967), 344 U64(0xcc434089cc434089), U64(0x779ed967779ed967),
343 U64(0xbd42e8b0bd42e8b0), U64(0x888b8907888b8907), 345 U64(0xbd42e8b0bd42e8b0), U64(0x888b8907888b8907),
344 U64(0x385b19e7385b19e7), U64(0xdbeec879dbeec879), 346 U64(0x385b19e7385b19e7), U64(0xdbeec879dbeec879),
345 U64(0x470a7ca1470a7ca1), U64(0xe90f427ce90f427c), 347 U64(0x470a7ca1470a7ca1), U64(0xe90f427ce90f427c),
346 U64(0xc91e84f8c91e84f8), U64(0x0000000000000000), 348 U64(0xc91e84f8c91e84f8), U64(0x0000000000000000),
347 U64(0x8386800983868009), U64(0x48ed2b3248ed2b32), 349 U64(0x8386800983868009), U64(0x48ed2b3248ed2b32),
348 U64(0xac70111eac70111e), U64(0x4e725a6c4e725a6c), 350 U64(0xac70111eac70111e), U64(0x4e725a6c4e725a6c),
349 U64(0xfbff0efdfbff0efd), U64(0x5638850f5638850f), 351 U64(0xfbff0efdfbff0efd), U64(0x5638850f5638850f),
350 U64(0x1ed5ae3d1ed5ae3d), U64(0x27392d3627392d36), 352 U64(0x1ed5ae3d1ed5ae3d), U64(0x27392d3627392d36),
351 U64(0x64d90f0a64d90f0a), U64(0x21a65c6821a65c68), 353 U64(0x64d90f0a64d90f0a), U64(0x21a65c6821a65c68),
352 U64(0xd1545b9bd1545b9b), U64(0x3a2e36243a2e3624), 354 U64(0xd1545b9bd1545b9b), U64(0x3a2e36243a2e3624),
353 U64(0xb1670a0cb1670a0c), U64(0x0fe757930fe75793), 355 U64(0xb1670a0cb1670a0c), U64(0x0fe757930fe75793),
354 U64(0xd296eeb4d296eeb4), U64(0x9e919b1b9e919b1b), 356 U64(0xd296eeb4d296eeb4), U64(0x9e919b1b9e919b1b),
355 U64(0x4fc5c0804fc5c080), U64(0xa220dc61a220dc61), 357 U64(0x4fc5c0804fc5c080), U64(0xa220dc61a220dc61),
356 U64(0x694b775a694b775a), U64(0x161a121c161a121c), 358 U64(0x694b775a694b775a), U64(0x161a121c161a121c),
357 U64(0x0aba93e20aba93e2), U64(0xe52aa0c0e52aa0c0), 359 U64(0x0aba93e20aba93e2), U64(0xe52aa0c0e52aa0c0),
358 U64(0x43e0223c43e0223c), U64(0x1d171b121d171b12), 360 U64(0x43e0223c43e0223c), U64(0x1d171b121d171b12),
359 U64(0x0b0d090e0b0d090e), U64(0xadc78bf2adc78bf2), 361 U64(0x0b0d090e0b0d090e), U64(0xadc78bf2adc78bf2),
360 U64(0xb9a8b62db9a8b62d), U64(0xc8a91e14c8a91e14), 362 U64(0xb9a8b62db9a8b62d), U64(0xc8a91e14c8a91e14),
361 U64(0x8519f1578519f157), U64(0x4c0775af4c0775af), 363 U64(0x8519f1578519f157), U64(0x4c0775af4c0775af),
362 U64(0xbbdd99eebbdd99ee), U64(0xfd607fa3fd607fa3), 364 U64(0xbbdd99eebbdd99ee), U64(0xfd607fa3fd607fa3),
363 U64(0x9f2601f79f2601f7), U64(0xbcf5725cbcf5725c), 365 U64(0x9f2601f79f2601f7), U64(0xbcf5725cbcf5725c),
364 U64(0xc53b6644c53b6644), U64(0x347efb5b347efb5b), 366 U64(0xc53b6644c53b6644), U64(0x347efb5b347efb5b),
365 U64(0x7629438b7629438b), U64(0xdcc623cbdcc623cb), 367 U64(0x7629438b7629438b), U64(0xdcc623cbdcc623cb),
366 U64(0x68fcedb668fcedb6), U64(0x63f1e4b863f1e4b8), 368 U64(0x68fcedb668fcedb6), U64(0x63f1e4b863f1e4b8),
367 U64(0xcadc31d7cadc31d7), U64(0x1085634210856342), 369 U64(0xcadc31d7cadc31d7), U64(0x1085634210856342),
368 U64(0x4022971340229713), U64(0x2011c6842011c684), 370 U64(0x4022971340229713), U64(0x2011c6842011c684),
369 U64(0x7d244a857d244a85), U64(0xf83dbbd2f83dbbd2), 371 U64(0x7d244a857d244a85), U64(0xf83dbbd2f83dbbd2),
370 U64(0x1132f9ae1132f9ae), U64(0x6da129c76da129c7), 372 U64(0x1132f9ae1132f9ae), U64(0x6da129c76da129c7),
371 U64(0x4b2f9e1d4b2f9e1d), U64(0xf330b2dcf330b2dc), 373 U64(0x4b2f9e1d4b2f9e1d), U64(0xf330b2dcf330b2dc),
372 U64(0xec52860dec52860d), U64(0xd0e3c177d0e3c177), 374 U64(0xec52860dec52860d), U64(0xd0e3c177d0e3c177),
373 U64(0x6c16b32b6c16b32b), U64(0x99b970a999b970a9), 375 U64(0x6c16b32b6c16b32b), U64(0x99b970a999b970a9),
374 U64(0xfa489411fa489411), U64(0x2264e9472264e947), 376 U64(0xfa489411fa489411), U64(0x2264e9472264e947),
375 U64(0xc48cfca8c48cfca8), U64(0x1a3ff0a01a3ff0a0), 377 U64(0xc48cfca8c48cfca8), U64(0x1a3ff0a01a3ff0a0),
376 U64(0xd82c7d56d82c7d56), U64(0xef903322ef903322), 378 U64(0xd82c7d56d82c7d56), U64(0xef903322ef903322),
377 U64(0xc74e4987c74e4987), U64(0xc1d138d9c1d138d9), 379 U64(0xc74e4987c74e4987), U64(0xc1d138d9c1d138d9),
378 U64(0xfea2ca8cfea2ca8c), U64(0x360bd498360bd498), 380 U64(0xfea2ca8cfea2ca8c), U64(0x360bd498360bd498),
379 U64(0xcf81f5a6cf81f5a6), U64(0x28de7aa528de7aa5), 381 U64(0xcf81f5a6cf81f5a6), U64(0x28de7aa528de7aa5),
380 U64(0x268eb7da268eb7da), U64(0xa4bfad3fa4bfad3f), 382 U64(0x268eb7da268eb7da), U64(0xa4bfad3fa4bfad3f),
381 U64(0xe49d3a2ce49d3a2c), U64(0x0d9278500d927850), 383 U64(0xe49d3a2ce49d3a2c), U64(0x0d9278500d927850),
382 U64(0x9bcc5f6a9bcc5f6a), U64(0x62467e5462467e54), 384 U64(0x9bcc5f6a9bcc5f6a), U64(0x62467e5462467e54),
383 U64(0xc2138df6c2138df6), U64(0xe8b8d890e8b8d890), 385 U64(0xc2138df6c2138df6), U64(0xe8b8d890e8b8d890),
384 U64(0x5ef7392e5ef7392e), U64(0xf5afc382f5afc382), 386 U64(0x5ef7392e5ef7392e), U64(0xf5afc382f5afc382),
385 U64(0xbe805d9fbe805d9f), U64(0x7c93d0697c93d069), 387 U64(0xbe805d9fbe805d9f), U64(0x7c93d0697c93d069),
386 U64(0xa92dd56fa92dd56f), U64(0xb31225cfb31225cf), 388 U64(0xa92dd56fa92dd56f), U64(0xb31225cfb31225cf),
387 U64(0x3b99acc83b99acc8), U64(0xa77d1810a77d1810), 389 U64(0x3b99acc83b99acc8), U64(0xa77d1810a77d1810),
388 U64(0x6e639ce86e639ce8), U64(0x7bbb3bdb7bbb3bdb), 390 U64(0x6e639ce86e639ce8), U64(0x7bbb3bdb7bbb3bdb),
389 U64(0x097826cd097826cd), U64(0xf418596ef418596e), 391 U64(0x097826cd097826cd), U64(0xf418596ef418596e),
390 U64(0x01b79aec01b79aec), U64(0xa89a4f83a89a4f83), 392 U64(0x01b79aec01b79aec), U64(0xa89a4f83a89a4f83),
391 U64(0x656e95e6656e95e6), U64(0x7ee6ffaa7ee6ffaa), 393 U64(0x656e95e6656e95e6), U64(0x7ee6ffaa7ee6ffaa),
392 U64(0x08cfbc2108cfbc21), U64(0xe6e815efe6e815ef), 394 U64(0x08cfbc2108cfbc21), U64(0xe6e815efe6e815ef),
393 U64(0xd99be7bad99be7ba), U64(0xce366f4ace366f4a), 395 U64(0xd99be7bad99be7ba), U64(0xce366f4ace366f4a),
394 U64(0xd4099fead4099fea), U64(0xd67cb029d67cb029), 396 U64(0xd4099fead4099fea), U64(0xd67cb029d67cb029),
395 U64(0xafb2a431afb2a431), U64(0x31233f2a31233f2a), 397 U64(0xafb2a431afb2a431), U64(0x31233f2a31233f2a),
396 U64(0x3094a5c63094a5c6), U64(0xc066a235c066a235), 398 U64(0x3094a5c63094a5c6), U64(0xc066a235c066a235),
397 U64(0x37bc4e7437bc4e74), U64(0xa6ca82fca6ca82fc), 399 U64(0x37bc4e7437bc4e74), U64(0xa6ca82fca6ca82fc),
398 U64(0xb0d090e0b0d090e0), U64(0x15d8a73315d8a733), 400 U64(0xb0d090e0b0d090e0), U64(0x15d8a73315d8a733),
399 U64(0x4a9804f14a9804f1), U64(0xf7daec41f7daec41), 401 U64(0x4a9804f14a9804f1), U64(0xf7daec41f7daec41),
400 U64(0x0e50cd7f0e50cd7f), U64(0x2ff691172ff69117), 402 U64(0x0e50cd7f0e50cd7f), U64(0x2ff691172ff69117),
401 U64(0x8dd64d768dd64d76), U64(0x4db0ef434db0ef43), 403 U64(0x8dd64d768dd64d76), U64(0x4db0ef434db0ef43),
402 U64(0x544daacc544daacc), U64(0xdf0496e4df0496e4), 404 U64(0x544daacc544daacc), U64(0xdf0496e4df0496e4),
403 U64(0xe3b5d19ee3b5d19e), U64(0x1b886a4c1b886a4c), 405 U64(0xe3b5d19ee3b5d19e), U64(0x1b886a4c1b886a4c),
404 U64(0xb81f2cc1b81f2cc1), U64(0x7f5165467f516546), 406 U64(0xb81f2cc1b81f2cc1), U64(0x7f5165467f516546),
405 U64(0x04ea5e9d04ea5e9d), U64(0x5d358c015d358c01), 407 U64(0x04ea5e9d04ea5e9d), U64(0x5d358c015d358c01),
406 U64(0x737487fa737487fa), U64(0x2e410bfb2e410bfb), 408 U64(0x737487fa737487fa), U64(0x2e410bfb2e410bfb),
407 U64(0x5a1d67b35a1d67b3), U64(0x52d2db9252d2db92), 409 U64(0x5a1d67b35a1d67b3), U64(0x52d2db9252d2db92),
408 U64(0x335610e9335610e9), U64(0x1347d66d1347d66d), 410 U64(0x335610e9335610e9), U64(0x1347d66d1347d66d),
409 U64(0x8c61d79a8c61d79a), U64(0x7a0ca1377a0ca137), 411 U64(0x8c61d79a8c61d79a), U64(0x7a0ca1377a0ca137),
410 U64(0x8e14f8598e14f859), U64(0x893c13eb893c13eb), 412 U64(0x8e14f8598e14f859), U64(0x893c13eb893c13eb),
411 U64(0xee27a9ceee27a9ce), U64(0x35c961b735c961b7), 413 U64(0xee27a9ceee27a9ce), U64(0x35c961b735c961b7),
412 U64(0xede51ce1ede51ce1), U64(0x3cb1477a3cb1477a), 414 U64(0xede51ce1ede51ce1), U64(0x3cb1477a3cb1477a),
413 U64(0x59dfd29c59dfd29c), U64(0x3f73f2553f73f255), 415 U64(0x59dfd29c59dfd29c), U64(0x3f73f2553f73f255),
414 U64(0x79ce141879ce1418), U64(0xbf37c773bf37c773), 416 U64(0x79ce141879ce1418), U64(0xbf37c773bf37c773),
415 U64(0xeacdf753eacdf753), U64(0x5baafd5f5baafd5f), 417 U64(0xeacdf753eacdf753), U64(0x5baafd5f5baafd5f),
416 U64(0x146f3ddf146f3ddf), U64(0x86db447886db4478), 418 U64(0x146f3ddf146f3ddf), U64(0x86db447886db4478),
417 U64(0x81f3afca81f3afca), U64(0x3ec468b93ec468b9), 419 U64(0x81f3afca81f3afca), U64(0x3ec468b93ec468b9),
418 U64(0x2c3424382c342438), U64(0x5f40a3c25f40a3c2), 420 U64(0x2c3424382c342438), U64(0x5f40a3c25f40a3c2),
419 U64(0x72c31d1672c31d16), U64(0x0c25e2bc0c25e2bc), 421 U64(0x72c31d1672c31d16), U64(0x0c25e2bc0c25e2bc),
420 U64(0x8b493c288b493c28), U64(0x41950dff41950dff), 422 U64(0x8b493c288b493c28), U64(0x41950dff41950dff),
421 U64(0x7101a8397101a839), U64(0xdeb30c08deb30c08), 423 U64(0x7101a8397101a839), U64(0xdeb30c08deb30c08),
422 U64(0x9ce4b4d89ce4b4d8), U64(0x90c1566490c15664), 424 U64(0x9ce4b4d89ce4b4d8), U64(0x90c1566490c15664),
423 U64(0x6184cb7b6184cb7b), U64(0x70b632d570b632d5), 425 U64(0x6184cb7b6184cb7b), U64(0x70b632d570b632d5),
424 U64(0x745c6c48745c6c48), U64(0x4257b8d04257b8d0) 426 U64(0x745c6c48745c6c48), U64(0x4257b8d04257b8d0)
425}; 427};
426static const u8 Td4[256] = { 428static const u8 Td4[256] = {
427 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U, 429 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
428 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU, 430 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
429 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U, 431 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
430 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU, 432 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
431 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU, 433 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
432 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU, 434 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
433 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U, 435 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
434 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U, 436 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
435 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U, 437 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
436 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U, 438 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
437 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU, 439 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
438 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U, 440 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
439 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU, 441 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
440 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U, 442 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
441 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U, 443 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
442 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU, 444 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
443 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU, 445 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
444 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U, 446 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
445 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U, 447 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
446 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU, 448 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
447 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U, 449 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
448 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU, 450 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
449 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U, 451 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
450 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U, 452 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
451 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U, 453 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
452 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU, 454 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
453 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU, 455 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
454 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU, 456 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
455 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U, 457 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
456 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U, 458 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
457 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U, 459 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
458 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU 460 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU
459}; 461};
460 462
461static const u32 rcon[] = { 463static const u32 rcon[] = {
462 0x00000001U, 0x00000002U, 0x00000004U, 0x00000008U, 464 0x00000001U, 0x00000002U, 0x00000004U, 0x00000008U,
463 0x00000010U, 0x00000020U, 0x00000040U, 0x00000080U, 465 0x00000010U, 0x00000020U, 0x00000040U, 0x00000080U,
464 0x0000001bU, 0x00000036U, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ 466 0x0000001bU, 0x00000036U,
467 /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
465}; 468};
466 469
467/** 470/**
468 * Expand the cipher key into the encryption key schedule. 471 * Expand the cipher key into the encryption key schedule.
469 */ 472 */
470int AES_set_encrypt_key(const unsigned char *userKey, const int bits, 473int
471 AES_KEY *key) { 474AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key) {
472
473 u32 *rk; 475 u32 *rk;
474 int i = 0; 476 int i = 0;
475 u32 temp; 477 u32 temp;
476 478
477 if (!userKey || !key) 479 if (!userKey || !key)
@@ -481,26 +483,26 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
481 483
482 rk = key->rd_key; 484 rk = key->rd_key;
483 485
484 if (bits==128) 486 if (bits == 128)
485 key->rounds = 10; 487 key->rounds = 10;
486 else if (bits==192) 488 else if (bits == 192)
487 key->rounds = 12; 489 key->rounds = 12;
488 else 490 else
489 key->rounds = 14; 491 key->rounds = 14;
490 492
491 rk[0] = GETU32(userKey ); 493 rk[0] = GETU32(userKey);
492 rk[1] = GETU32(userKey + 4); 494 rk[1] = GETU32(userKey + 4);
493 rk[2] = GETU32(userKey + 8); 495 rk[2] = GETU32(userKey + 8);
494 rk[3] = GETU32(userKey + 12); 496 rk[3] = GETU32(userKey + 12);
495 if (bits == 128) { 497 if (bits == 128) {
496 while (1) { 498 while (1) {
497 temp = rk[3]; 499 temp = rk[3];
498 rk[4] = rk[0] ^ 500 rk[4] = rk[0] ^
499 (Te4[(temp >> 8) & 0xff] ) ^ 501 (Te4[(temp >> 8) & 0xff]) ^
500 (Te4[(temp >> 16) & 0xff] << 8) ^ 502 (Te4[(temp >> 16) & 0xff] << 8) ^
501 (Te4[(temp >> 24) ] << 16) ^ 503 (Te4[(temp >> 24)] << 16) ^
502 (Te4[(temp ) & 0xff] << 24) ^ 504 (Te4[(temp) & 0xff] << 24) ^
503 rcon[i]; 505 rcon[i];
504 rk[5] = rk[1] ^ rk[4]; 506 rk[5] = rk[1] ^ rk[4];
505 rk[6] = rk[2] ^ rk[5]; 507 rk[6] = rk[2] ^ rk[5];
506 rk[7] = rk[3] ^ rk[6]; 508 rk[7] = rk[3] ^ rk[6];
@@ -514,21 +516,21 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
514 rk[5] = GETU32(userKey + 20); 516 rk[5] = GETU32(userKey + 20);
515 if (bits == 192) { 517 if (bits == 192) {
516 while (1) { 518 while (1) {
517 temp = rk[ 5]; 519 temp = rk[5];
518 rk[ 6] = rk[ 0] ^ 520 rk[6] = rk[ 0] ^
519 (Te4[(temp >> 8) & 0xff] ) ^ 521 (Te4[(temp >> 8) & 0xff]) ^
520 (Te4[(temp >> 16) & 0xff] << 8) ^ 522 (Te4[(temp >> 16) & 0xff] << 8) ^
521 (Te4[(temp >> 24) ] << 16) ^ 523 (Te4[(temp >> 24)] << 16) ^
522 (Te4[(temp ) & 0xff] << 24) ^ 524 (Te4[(temp) & 0xff] << 24) ^
523 rcon[i]; 525 rcon[i];
524 rk[ 7] = rk[ 1] ^ rk[ 6]; 526 rk[7] = rk[1] ^ rk[6];
525 rk[ 8] = rk[ 2] ^ rk[ 7]; 527 rk[8] = rk[2] ^ rk[7];
526 rk[ 9] = rk[ 3] ^ rk[ 8]; 528 rk[9] = rk[3] ^ rk[8];
527 if (++i == 8) { 529 if (++i == 8) {
528 return 0; 530 return 0;
529 } 531 }
530 rk[10] = rk[ 4] ^ rk[ 9]; 532 rk[10] = rk[4] ^ rk[9];
531 rk[11] = rk[ 5] ^ rk[10]; 533 rk[11] = rk[5] ^ rk[10];
532 rk += 6; 534 rk += 6;
533 } 535 }
534 } 536 }
@@ -536,31 +538,31 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
536 rk[7] = GETU32(userKey + 28); 538 rk[7] = GETU32(userKey + 28);
537 if (bits == 256) { 539 if (bits == 256) {
538 while (1) { 540 while (1) {
539 temp = rk[ 7]; 541 temp = rk[7];
540 rk[ 8] = rk[ 0] ^ 542 rk[8] = rk[0] ^
541 (Te4[(temp >> 8) & 0xff] ) ^ 543 (Te4[(temp >> 8) & 0xff]) ^
542 (Te4[(temp >> 16) & 0xff] << 8) ^ 544 (Te4[(temp >> 16) & 0xff] << 8) ^
543 (Te4[(temp >> 24) ] << 16) ^ 545 (Te4[(temp >> 24)] << 16) ^
544 (Te4[(temp ) & 0xff] << 24) ^ 546 (Te4[(temp) & 0xff] << 24) ^
545 rcon[i]; 547 rcon[i];
546 rk[ 9] = rk[ 1] ^ rk[ 8]; 548 rk[9] = rk[1] ^ rk[8];
547 rk[10] = rk[ 2] ^ rk[ 9]; 549 rk[10] = rk[2] ^ rk[9];
548 rk[11] = rk[ 3] ^ rk[10]; 550 rk[11] = rk[3] ^ rk[10];
549 if (++i == 7) { 551 if (++i == 7) {
550 return 0; 552 return 0;
551 } 553 }
552 temp = rk[11]; 554 temp = rk[11];
553 rk[12] = rk[ 4] ^ 555 rk[12] = rk[4] ^
554 (Te4[(temp ) & 0xff] ) ^ 556 (Te4[(temp) & 0xff]) ^
555 (Te4[(temp >> 8) & 0xff] << 8) ^ 557 (Te4[(temp >> 8) & 0xff] << 8) ^
556 (Te4[(temp >> 16) & 0xff] << 16) ^ 558 (Te4[(temp >> 16) & 0xff] << 16) ^
557 (Te4[(temp >> 24) ] << 24); 559 (Te4[(temp >> 24)] << 24);
558 rk[13] = rk[ 5] ^ rk[12]; 560 rk[13] = rk[5] ^ rk[12];
559 rk[14] = rk[ 6] ^ rk[13]; 561 rk[14] = rk[6] ^ rk[13];
560 rk[15] = rk[ 7] ^ rk[14]; 562 rk[15] = rk[7] ^ rk[14];
561 563
562 rk += 8; 564 rk += 8;
563 } 565 }
564 } 566 }
565 return 0; 567 return 0;
566} 568}
@@ -568,10 +570,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
568/** 570/**
569 * Expand the cipher key into the decryption key schedule. 571 * Expand the cipher key into the decryption key schedule.
570 */ 572 */
571int AES_set_decrypt_key(const unsigned char *userKey, const int bits, 573int
572 AES_KEY *key) { 574AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
573 575{
574 u32 *rk; 576 u32 *rk;
575 int i, j, status; 577 int i, j, status;
576 u32 temp; 578 u32 temp;
577 579
@@ -584,10 +586,18 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
584 586
585 /* invert the order of the round keys: */ 587 /* invert the order of the round keys: */
586 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) { 588 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
587 temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp; 589 temp = rk[i];
588 temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp; 590 rk[i] = rk[j];
589 temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp; 591 rk[j] = temp;
590 temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp; 592 temp = rk[i + 1];
593 rk[i + 1] = rk[j + 1];
594 rk[j + 1] = temp;
595 temp = rk[i + 2];
596 rk[i + 2] = rk[j + 2];
597 rk[j + 2] = temp;
598 temp = rk[i + 3];
599 rk[i + 3] = rk[j + 3];
600 rk[j + 3] = temp;
591 } 601 }
592 /* apply the inverse MixColumn transform to all round keys but the first and the last: */ 602 /* apply the inverse MixColumn transform to all round keys but the first and the last: */
593 for (i = 1; i < (key->rounds); i++) { 603 for (i = 1; i < (key->rounds); i++) {
@@ -599,47 +609,47 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
599 tp1 = rk[j]; 609 tp1 = rk[j];
600 m = tp1 & 0x80808080; 610 m = tp1 & 0x80808080;
601 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^ 611 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
602 ((m - (m >> 7)) & 0x1b1b1b1b); 612 ((m - (m >> 7)) & 0x1b1b1b1b);
603 m = tp2 & 0x80808080; 613 m = tp2 & 0x80808080;
604 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^ 614 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
605 ((m - (m >> 7)) & 0x1b1b1b1b); 615 ((m - (m >> 7)) & 0x1b1b1b1b);
606 m = tp4 & 0x80808080; 616 m = tp4 & 0x80808080;
607 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^ 617 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
608 ((m - (m >> 7)) & 0x1b1b1b1b); 618 ((m - (m >> 7)) & 0x1b1b1b1b);
609 tp9 = tp8 ^ tp1; 619 tp9 = tp8 ^ tp1;
610 tpb = tp9 ^ tp2; 620 tpb = tp9 ^ tp2;
611 tpd = tp9 ^ tp4; 621 tpd = tp9 ^ tp4;
612 tpe = tp8 ^ tp4 ^ tp2; 622 tpe = tp8 ^ tp4 ^ tp2;
613#if defined(ROTATE) 623#if defined(ROTATE)
614 rk[j] = tpe ^ ROTATE(tpd,16) ^ 624 rk[j] = tpe ^ ROTATE(tpd, 16) ^
615 ROTATE(tp9,8) ^ ROTATE(tpb,24); 625 ROTATE(tp9, 8) ^ ROTATE(tpb, 24);
616#else 626#else
617 rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 627 rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
618 (tp9 >> 24) ^ (tp9 << 8) ^ 628 (tp9 >> 24) ^ (tp9 << 8) ^
619 (tpb >> 8) ^ (tpb << 24); 629 (tpb >> 8) ^ (tpb << 24);
620#endif 630#endif
621 } 631 }
622#else 632#else
623 rk[0] = 633 rk[0] =
624 Td0[Te2[(rk[0] ) & 0xff] & 0xff] ^ 634 Td0[Te2[(rk[0]) & 0xff] & 0xff] ^
625 Td1[Te2[(rk[0] >> 8) & 0xff] & 0xff] ^ 635 Td1[Te2[(rk[0] >> 8) & 0xff] & 0xff] ^
626 Td2[Te2[(rk[0] >> 16) & 0xff] & 0xff] ^ 636 Td2[Te2[(rk[0] >> 16) & 0xff] & 0xff] ^
627 Td3[Te2[(rk[0] >> 24) ] & 0xff]; 637 Td3[Te2[(rk[0] >> 24)] & 0xff];
628 rk[1] = 638 rk[1] =
629 Td0[Te2[(rk[1] ) & 0xff] & 0xff] ^ 639 Td0[Te2[(rk[1]) & 0xff] & 0xff] ^
630 Td1[Te2[(rk[1] >> 8) & 0xff] & 0xff] ^ 640 Td1[Te2[(rk[1] >> 8) & 0xff] & 0xff] ^
631 Td2[Te2[(rk[1] >> 16) & 0xff] & 0xff] ^ 641 Td2[Te2[(rk[1] >> 16) & 0xff] & 0xff] ^
632 Td3[Te2[(rk[1] >> 24) ] & 0xff]; 642 Td3[Te2[(rk[1] >> 24)] & 0xff];
633 rk[2] = 643 rk[2] =
634 Td0[Te2[(rk[2] ) & 0xff] & 0xff] ^ 644 Td0[Te2[(rk[2]) & 0xff] & 0xff] ^
635 Td1[Te2[(rk[2] >> 8) & 0xff] & 0xff] ^ 645 Td1[Te2[(rk[2] >> 8) & 0xff] & 0xff] ^
636 Td2[Te2[(rk[2] >> 16) & 0xff] & 0xff] ^ 646 Td2[Te2[(rk[2] >> 16) & 0xff] & 0xff] ^
637 Td3[Te2[(rk[2] >> 24) ] & 0xff]; 647 Td3[Te2[(rk[2] >> 24)] & 0xff];
638 rk[3] = 648 rk[3] =
639 Td0[Te2[(rk[3] ) & 0xff] & 0xff] ^ 649 Td0[Te2[(rk[3]) & 0xff] & 0xff] ^
640 Td1[Te2[(rk[3] >> 8) & 0xff] & 0xff] ^ 650 Td1[Te2[(rk[3] >> 8) & 0xff] & 0xff] ^
641 Td2[Te2[(rk[3] >> 16) & 0xff] & 0xff] ^ 651 Td2[Te2[(rk[3] >> 16) & 0xff] & 0xff] ^
642 Td3[Te2[(rk[3] >> 24) ] & 0xff]; 652 Td3[Te2[(rk[3] >> 24)] & 0xff];
643#endif 653#endif
644 } 654 }
645 return 0; 655 return 0;
@@ -649,9 +659,9 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
649 * Encrypt a single block 659 * Encrypt a single block
650 * in and out can overlap 660 * in and out can overlap
651 */ 661 */
652void AES_encrypt(const unsigned char *in, unsigned char *out, 662void
653 const AES_KEY *key) { 663AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
654 664{
655 const u32 *rk; 665 const u32 *rk;
656 u32 s0, s1, s2, s3, t[4]; 666 u32 s0, s1, s2, s3, t[4];
657 int r; 667 int r;
@@ -663,197 +673,205 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
663 * map byte array block to cipher state 673 * map byte array block to cipher state
664 * and add initial round key: 674 * and add initial round key:
665 */ 675 */
666 s0 = GETU32(in ) ^ rk[0]; 676 s0 = GETU32(in) ^ rk[0];
667 s1 = GETU32(in + 4) ^ rk[1]; 677 s1 = GETU32(in + 4) ^ rk[1];
668 s2 = GETU32(in + 8) ^ rk[2]; 678 s2 = GETU32(in + 8) ^ rk[2];
669 s3 = GETU32(in + 12) ^ rk[3]; 679 s3 = GETU32(in + 12) ^ rk[3];
670 680
671#if defined(AES_COMPACT_IN_OUTER_ROUNDS) 681#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
672 prefetch256(Te4); 682 prefetch256(Te4);
673 683
674 t[0] = Te4[(s0 ) & 0xff] ^ 684 t[0] = Te4[(s0) & 0xff] ^
675 Te4[(s1 >> 8) & 0xff] << 8 ^ 685 Te4[(s1 >> 8) & 0xff] << 8 ^
676 Te4[(s2 >> 16) & 0xff] << 16 ^ 686 Te4[(s2 >> 16) & 0xff] << 16 ^
677 Te4[(s3 >> 24) ] << 24; 687 Te4[(s3 >> 24)] << 24;
678 t[1] = Te4[(s1 ) & 0xff] ^ 688 t[1] = Te4[(s1) & 0xff] ^
679 Te4[(s2 >> 8) & 0xff] << 8 ^ 689 Te4[(s2 >> 8) & 0xff] << 8 ^
680 Te4[(s3 >> 16) & 0xff] << 16 ^ 690 Te4[(s3 >> 16) & 0xff] << 16 ^
681 Te4[(s0 >> 24) ] << 24; 691 Te4[(s0 >> 24)] << 24;
682 t[2] = Te4[(s2 ) & 0xff] ^ 692 t[2] = Te4[(s2) & 0xff] ^
683 Te4[(s3 >> 8) & 0xff] << 8 ^ 693 Te4[(s3 >> 8) & 0xff] << 8 ^
684 Te4[(s0 >> 16) & 0xff] << 16 ^ 694 Te4[(s0 >> 16) & 0xff] << 16 ^
685 Te4[(s1 >> 24) ] << 24; 695 Te4[(s1 >> 24)] << 24;
686 t[3] = Te4[(s3 ) & 0xff] ^ 696 t[3] = Te4[(s3) & 0xff] ^
687 Te4[(s0 >> 8) & 0xff] << 8 ^ 697 Te4[(s0 >> 8) & 0xff] << 8 ^
688 Te4[(s1 >> 16) & 0xff] << 16 ^ 698 Te4[(s1 >> 16) & 0xff] << 16 ^
689 Te4[(s2 >> 24) ] << 24; 699 Te4[(s2 >> 24)] << 24;
690 700
691 /* now do the linear transform using words */ 701 /* now do the linear transform using words */
692 { int i; 702 {
703 int i;
693 u32 r0, r1, r2; 704 u32 r0, r1, r2;
694 705
695 for (i = 0; i < 4; i++) { 706 for (i = 0; i < 4; i++) {
696 r0 = t[i]; 707 r0 = t[i];
697 r1 = r0 & 0x80808080; 708 r1 = r0 & 0x80808080;
698 r2 = ((r0 & 0x7f7f7f7f) << 1) ^ 709 r2 = ((r0 & 0x7f7f7f7f) << 1) ^
699 ((r1 - (r1 >> 7)) & 0x1b1b1b1b); 710 ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
700#if defined(ROTATE) 711#if defined(ROTATE)
701 t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^ 712 t[i] = r2 ^ ROTATE(r2, 24) ^ ROTATE(r0, 24) ^
702 ROTATE(r0,16) ^ ROTATE(r0,8); 713 ROTATE(r0, 16) ^ ROTATE(r0, 8);
703#else 714#else
704 t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^ 715 t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
705 (r0 << 16) ^ (r0 >> 16) ^ 716 (r0 << 16) ^ (r0 >> 16) ^ (r0 << 8) ^ (r0 >> 24);
706 (r0 << 8) ^ (r0 >> 24);
707#endif 717#endif
708 t[i] ^= rk[4+i]; 718 t[i] ^= rk[4 + i];
709 } 719 }
710 } 720 }
711#else 721#else
712 t[0] = Te0[(s0 ) & 0xff] ^ 722 t[0] = Te0[(s0) & 0xff] ^
713 Te1[(s1 >> 8) & 0xff] ^ 723 Te1[(s1 >> 8) & 0xff] ^
714 Te2[(s2 >> 16) & 0xff] ^ 724 Te2[(s2 >> 16) & 0xff] ^
715 Te3[(s3 >> 24) ] ^ 725 Te3[(s3 >> 24)] ^
716 rk[4]; 726 rk[4];
717 t[1] = Te0[(s1 ) & 0xff] ^ 727 t[1] = Te0[(s1) & 0xff] ^
718 Te1[(s2 >> 8) & 0xff] ^ 728 Te1[(s2 >> 8) & 0xff] ^
719 Te2[(s3 >> 16) & 0xff] ^ 729 Te2[(s3 >> 16) & 0xff] ^
720 Te3[(s0 >> 24) ] ^ 730 Te3[(s0 >> 24)] ^
721 rk[5]; 731 rk[5];
722 t[2] = Te0[(s2 ) & 0xff] ^ 732 t[2] = Te0[(s2) & 0xff] ^
723 Te1[(s3 >> 8) & 0xff] ^ 733 Te1[(s3 >> 8) & 0xff] ^
724 Te2[(s0 >> 16) & 0xff] ^ 734 Te2[(s0 >> 16) & 0xff] ^
725 Te3[(s1 >> 24) ] ^ 735 Te3[(s1 >> 24)] ^
726 rk[6]; 736 rk[6];
727 t[3] = Te0[(s3 ) & 0xff] ^ 737 t[3] = Te0[(s3) & 0xff] ^
728 Te1[(s0 >> 8) & 0xff] ^ 738 Te1[(s0 >> 8) & 0xff] ^
729 Te2[(s1 >> 16) & 0xff] ^ 739 Te2[(s1 >> 16) & 0xff] ^
730 Te3[(s2 >> 24) ] ^ 740 Te3[(s2 >> 24)] ^
731 rk[7]; 741 rk[7];
732#endif 742#endif
733 s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3]; 743 s0 = t[0];
744 s1 = t[1];
745 s2 = t[2];
746 s3 = t[3];
734 747
735 /* 748 /*
736 * Nr - 2 full rounds: 749 * Nr - 2 full rounds:
737 */ 750 */
738 for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) { 751 for (rk += 8, r = key->rounds - 2; r > 0; rk += 4, r--) {
739#if defined(AES_COMPACT_IN_INNER_ROUNDS) 752#if defined(AES_COMPACT_IN_INNER_ROUNDS)
740 t[0] = Te4[(s0 ) & 0xff] ^ 753 t[0] = Te4[(s0) & 0xff] ^
741 Te4[(s1 >> 8) & 0xff] << 8 ^ 754 Te4[(s1 >> 8) & 0xff] << 8 ^
742 Te4[(s2 >> 16) & 0xff] << 16 ^ 755 Te4[(s2 >> 16) & 0xff] << 16 ^
743 Te4[(s3 >> 24) ] << 24; 756 Te4[(s3 >> 24)] << 24;
744 t[1] = Te4[(s1 ) & 0xff] ^ 757 t[1] = Te4[(s1) & 0xff] ^
745 Te4[(s2 >> 8) & 0xff] << 8 ^ 758 Te4[(s2 >> 8) & 0xff] << 8 ^
746 Te4[(s3 >> 16) & 0xff] << 16 ^ 759 Te4[(s3 >> 16) & 0xff] << 16 ^
747 Te4[(s0 >> 24) ] << 24; 760 Te4[(s0 >> 24)] << 24;
748 t[2] = Te4[(s2 ) & 0xff] ^ 761 t[2] = Te4[(s2) & 0xff] ^
749 Te4[(s3 >> 8) & 0xff] << 8 ^ 762 Te4[(s3 >> 8) & 0xff] << 8 ^
750 Te4[(s0 >> 16) & 0xff] << 16 ^ 763 Te4[(s0 >> 16) & 0xff] << 16 ^
751 Te4[(s1 >> 24) ] << 24; 764 Te4[(s1 >> 24)] << 24;
752 t[3] = Te4[(s3 ) & 0xff] ^ 765 t[3] = Te4[(s3) & 0xff] ^
753 Te4[(s0 >> 8) & 0xff] << 8 ^ 766 Te4[(s0 >> 8) & 0xff] << 8 ^
754 Te4[(s1 >> 16) & 0xff] << 16 ^ 767 Te4[(s1 >> 16) & 0xff] << 16 ^
755 Te4[(s2 >> 24) ] << 24; 768 Te4[(s2 >> 24)] << 24;
756 769
757 /* now do the linear transform using words */ 770 /* now do the linear transform using words */
758 { int i; 771 {
759 u32 r0, r1, r2; 772 int i;
773 u32 r0, r1, r2;
760 774
761 for (i = 0; i < 4; i++) { 775 for (i = 0; i < 4; i++) {
762 r0 = t[i]; 776 r0 = t[i];
763 r1 = r0 & 0x80808080; 777 r1 = r0 & 0x80808080;
764 r2 = ((r0 & 0x7f7f7f7f) << 1) ^ 778 r2 = ((r0 & 0x7f7f7f7f) << 1) ^
765 ((r1 - (r1 >> 7)) & 0x1b1b1b1b); 779 ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
766#if defined(ROTATE) 780#if defined(ROTATE)
767 t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^ 781 t[i] = r2 ^ ROTATE(r2, 24) ^ ROTATE(r0, 24) ^
768 ROTATE(r0,16) ^ ROTATE(r0,8); 782 ROTATE(r0, 16) ^ ROTATE(r0, 8);
769#else 783#else
770 t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^ 784 t[i] = r2 ^ ((r2 ^ r0) << 24) ^
771 (r0 << 16) ^ (r0 >> 16) ^ 785 ((r2 ^ r0) >> 8) ^
772 (r0 << 8) ^ (r0 >> 24); 786 (r0 << 16) ^ (r0 >> 16) ^
787 (r0 << 8) ^ (r0 >> 24);
773#endif 788#endif
774 t[i] ^= rk[i]; 789 t[i] ^= rk[i];
790 }
775 } 791 }
776 }
777#else 792#else
778 t[0] = Te0[(s0 ) & 0xff] ^ 793 t[0] = Te0[(s0) & 0xff] ^
779 Te1[(s1 >> 8) & 0xff] ^ 794 Te1[(s1 >> 8) & 0xff] ^
780 Te2[(s2 >> 16) & 0xff] ^ 795 Te2[(s2 >> 16) & 0xff] ^
781 Te3[(s3 >> 24) ] ^ 796 Te3[(s3 >> 24)] ^
782 rk[0]; 797 rk[0];
783 t[1] = Te0[(s1 ) & 0xff] ^ 798 t[1] = Te0[(s1) & 0xff] ^
784 Te1[(s2 >> 8) & 0xff] ^ 799 Te1[(s2 >> 8) & 0xff] ^
785 Te2[(s3 >> 16) & 0xff] ^ 800 Te2[(s3 >> 16) & 0xff] ^
786 Te3[(s0 >> 24) ] ^ 801 Te3[(s0 >> 24)] ^
787 rk[1]; 802 rk[1];
788 t[2] = Te0[(s2 ) & 0xff] ^ 803 t[2] = Te0[(s2) & 0xff] ^
789 Te1[(s3 >> 8) & 0xff] ^ 804 Te1[(s3 >> 8) & 0xff] ^
790 Te2[(s0 >> 16) & 0xff] ^ 805 Te2[(s0 >> 16) & 0xff] ^
791 Te3[(s1 >> 24) ] ^ 806 Te3[(s1 >> 24)] ^
792 rk[2]; 807 rk[2];
793 t[3] = Te0[(s3 ) & 0xff] ^ 808 t[3] = Te0[(s3) & 0xff] ^
794 Te1[(s0 >> 8) & 0xff] ^ 809 Te1[(s0 >> 8) & 0xff] ^
795 Te2[(s1 >> 16) & 0xff] ^ 810 Te2[(s1 >> 16) & 0xff] ^
796 Te3[(s2 >> 24) ] ^ 811 Te3[(s2 >> 24)] ^
797 rk[3]; 812 rk[3];
798#endif 813#endif
799 s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3]; 814 s0 = t[0];
800 } 815 s1 = t[1];
801 /* 816 s2 = t[2];
817 s3 = t[3];
818 }
819 /*
802 * apply last round and 820 * apply last round and
803 * map cipher state to byte array block: 821 * map cipher state to byte array block:
804 */ 822 */
805#if defined(AES_COMPACT_IN_OUTER_ROUNDS) 823#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
806 prefetch256(Te4); 824 prefetch256(Te4);
807 825
808 *(u32*)(out+0) = 826 *(u32*)(out + 0) =
809 Te4[(s0 ) & 0xff] ^ 827 Te4[(s0) & 0xff] ^
810 Te4[(s1 >> 8) & 0xff] << 8 ^ 828 Te4[(s1 >> 8) & 0xff] << 8 ^
811 Te4[(s2 >> 16) & 0xff] << 16 ^ 829 Te4[(s2 >> 16) & 0xff] << 16 ^
812 Te4[(s3 >> 24) ] << 24 ^ 830 Te4[(s3 >> 24)] << 24 ^
813 rk[0]; 831 rk[0];
814 *(u32*)(out+4) = 832 *(u32*)(out + 4) =
815 Te4[(s1 ) & 0xff] ^ 833 Te4[(s1) & 0xff] ^
816 Te4[(s2 >> 8) & 0xff] << 8 ^ 834 Te4[(s2 >> 8) & 0xff] << 8 ^
817 Te4[(s3 >> 16) & 0xff] << 16 ^ 835 Te4[(s3 >> 16) & 0xff] << 16 ^
818 Te4[(s0 >> 24) ] << 24 ^ 836 Te4[(s0 >> 24)] << 24 ^
819 rk[1]; 837 rk[1];
820 *(u32*)(out+8) = 838 *(u32*)(out + 8) =
821 Te4[(s2 ) & 0xff] ^ 839 Te4[(s2) & 0xff] ^
822 Te4[(s3 >> 8) & 0xff] << 8 ^ 840 Te4[(s3 >> 8) & 0xff] << 8 ^
823 Te4[(s0 >> 16) & 0xff] << 16 ^ 841 Te4[(s0 >> 16) & 0xff] << 16 ^
824 Te4[(s1 >> 24) ] << 24 ^ 842 Te4[(s1 >> 24)] << 24 ^
825 rk[2]; 843 rk[2];
826 *(u32*)(out+12) = 844 *(u32*)(out + 12) =
827 Te4[(s3 ) & 0xff] ^ 845 Te4[(s3) & 0xff] ^
828 Te4[(s0 >> 8) & 0xff] << 8 ^ 846 Te4[(s0 >> 8) & 0xff] << 8 ^
829 Te4[(s1 >> 16) & 0xff] << 16 ^ 847 Te4[(s1 >> 16) & 0xff] << 16 ^
830 Te4[(s2 >> 24) ] << 24 ^ 848 Te4[(s2 >> 24)] << 24 ^
831 rk[3]; 849 rk[3];
832#else 850#else
833 *(u32*)(out+0) = 851 *(u32*)(out + 0) =
834 (Te2[(s0 ) & 0xff] & 0x000000ffU) ^ 852 (Te2[(s0) & 0xff] & 0x000000ffU) ^
835 (Te3[(s1 >> 8) & 0xff] & 0x0000ff00U) ^ 853 (Te3[(s1 >> 8) & 0xff] & 0x0000ff00U) ^
836 (Te0[(s2 >> 16) & 0xff] & 0x00ff0000U) ^ 854 (Te0[(s2 >> 16) & 0xff] & 0x00ff0000U) ^
837 (Te1[(s3 >> 24) ] & 0xff000000U) ^ 855 (Te1[(s3 >> 24)] & 0xff000000U) ^
838 rk[0]; 856 rk[0];
839 *(u32*)(out+4) = 857 *(u32*)(out + 4) =
840 (Te2[(s1 ) & 0xff] & 0x000000ffU) ^ 858 (Te2[(s1) & 0xff] & 0x000000ffU) ^
841 (Te3[(s2 >> 8) & 0xff] & 0x0000ff00U) ^ 859 (Te3[(s2 >> 8) & 0xff] & 0x0000ff00U) ^
842 (Te0[(s3 >> 16) & 0xff] & 0x00ff0000U) ^ 860 (Te0[(s3 >> 16) & 0xff] & 0x00ff0000U) ^
843 (Te1[(s0 >> 24) ] & 0xff000000U) ^ 861 (Te1[(s0 >> 24)] & 0xff000000U) ^
844 rk[1]; 862 rk[1];
845 *(u32*)(out+8) = 863 *(u32*)(out + 8) =
846 (Te2[(s2 ) & 0xff] & 0x000000ffU) ^ 864 (Te2[(s2) & 0xff] & 0x000000ffU) ^
847 (Te3[(s3 >> 8) & 0xff] & 0x0000ff00U) ^ 865 (Te3[(s3 >> 8) & 0xff] & 0x0000ff00U) ^
848 (Te0[(s0 >> 16) & 0xff] & 0x00ff0000U) ^ 866 (Te0[(s0 >> 16) & 0xff] & 0x00ff0000U) ^
849 (Te1[(s1 >> 24) ] & 0xff000000U) ^ 867 (Te1[(s1 >> 24)] & 0xff000000U) ^
850 rk[2]; 868 rk[2];
851 *(u32*)(out+12) = 869 *(u32*)(out + 12) =
852 (Te2[(s3 ) & 0xff] & 0x000000ffU) ^ 870 (Te2[(s3) & 0xff] & 0x000000ffU) ^
853 (Te3[(s0 >> 8) & 0xff] & 0x0000ff00U) ^ 871 (Te3[(s0 >> 8) & 0xff] & 0x0000ff00U) ^
854 (Te0[(s1 >> 16) & 0xff] & 0x00ff0000U) ^ 872 (Te0[(s1 >> 16) & 0xff] & 0x00ff0000U) ^
855 (Te1[(s2 >> 24) ] & 0xff000000U) ^ 873 (Te1[(s2 >> 24)] & 0xff000000U) ^
856 rk[3]; 874 rk[3];
857#endif 875#endif
858} 876}
859 877
@@ -861,9 +879,9 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
861 * Decrypt a single block 879 * Decrypt a single block
862 * in and out can overlap 880 * in and out can overlap
863 */ 881 */
864void AES_decrypt(const unsigned char *in, unsigned char *out, 882void
865 const AES_KEY *key) { 883AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
866 884{
867 const u32 *rk; 885 const u32 *rk;
868 u32 s0, s1, s2, s3, t[4]; 886 u32 s0, s1, s2, s3, t[4];
869 int r; 887 int r;
@@ -875,7 +893,7 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
875 * map byte array block to cipher state 893 * map byte array block to cipher state
876 * and add initial round key: 894 * and add initial round key:
877 */ 895 */
878 s0 = GETU32(in ) ^ rk[0]; 896 s0 = GETU32(in) ^ rk[0];
879 s1 = GETU32(in + 4) ^ rk[1]; 897 s1 = GETU32(in + 4) ^ rk[1];
880 s2 = GETU32(in + 8) ^ rk[2]; 898 s2 = GETU32(in + 8) ^ rk[2];
881 s3 = GETU32(in + 12) ^ rk[3]; 899 s3 = GETU32(in + 12) ^ rk[3];
@@ -883,181 +901,188 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
883#if defined(AES_COMPACT_IN_OUTER_ROUNDS) 901#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
884 prefetch256(Td4); 902 prefetch256(Td4);
885 903
886 t[0] = Td4[(s0 ) & 0xff] ^ 904 t[0] = Td4[(s0) & 0xff] ^
887 Td4[(s3 >> 8) & 0xff] << 8 ^ 905 Td4[(s3 >> 8) & 0xff] << 8 ^
888 Td4[(s2 >> 16) & 0xff] << 16 ^ 906 Td4[(s2 >> 16) & 0xff] << 16 ^
889 Td4[(s1 >> 24) ] << 24; 907 Td4[(s1 >> 24)] << 24;
890 t[1] = Td4[(s1 ) & 0xff] ^ 908 t[1] = Td4[(s1) & 0xff] ^
891 Td4[(s0 >> 8) & 0xff] << 8 ^ 909 Td4[(s0 >> 8) & 0xff] << 8 ^
892 Td4[(s3 >> 16) & 0xff] << 16 ^ 910 Td4[(s3 >> 16) & 0xff] << 16 ^
893 Td4[(s2 >> 24) ] << 24; 911 Td4[(s2 >> 24)] << 24;
894 t[2] = Td4[(s2 ) & 0xff] ^ 912 t[2] = Td4[(s2) & 0xff] ^
895 Td4[(s1 >> 8) & 0xff] << 8 ^ 913 Td4[(s1 >> 8) & 0xff] << 8 ^
896 Td4[(s0 >> 16) & 0xff] << 16 ^ 914 Td4[(s0 >> 16) & 0xff] << 16 ^
897 Td4[(s3 >> 24) ] << 24; 915 Td4[(s3 >> 24)] << 24;
898 t[3] = Td4[(s3 ) & 0xff] ^ 916 t[3] = Td4[(s3) & 0xff] ^
899 Td4[(s2 >> 8) & 0xff] << 8 ^ 917 Td4[(s2 >> 8) & 0xff] << 8 ^
900 Td4[(s1 >> 16) & 0xff] << 16 ^ 918 Td4[(s1 >> 16) & 0xff] << 16 ^
901 Td4[(s0 >> 24) ] << 24; 919 Td4[(s0 >> 24)] << 24;
902 920
903 /* now do the linear transform using words */ 921 /* now do the linear transform using words */
904 { int i; 922 {
923 int i;
905 u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m; 924 u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
906 925
907 for (i = 0; i < 4; i++) { 926 for (i = 0; i < 4; i++) {
908 tp1 = t[i]; 927 tp1 = t[i];
909 m = tp1 & 0x80808080; 928 m = tp1 & 0x80808080;
910 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^ 929 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
911 ((m - (m >> 7)) & 0x1b1b1b1b); 930 ((m - (m >> 7)) & 0x1b1b1b1b);
912 m = tp2 & 0x80808080; 931 m = tp2 & 0x80808080;
913 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^ 932 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
914 ((m - (m >> 7)) & 0x1b1b1b1b); 933 ((m - (m >> 7)) & 0x1b1b1b1b);
915 m = tp4 & 0x80808080; 934 m = tp4 & 0x80808080;
916 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^ 935 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
917 ((m - (m >> 7)) & 0x1b1b1b1b); 936 ((m - (m >> 7)) & 0x1b1b1b1b);
918 tp9 = tp8 ^ tp1; 937 tp9 = tp8 ^ tp1;
919 tpb = tp9 ^ tp2; 938 tpb = tp9 ^ tp2;
920 tpd = tp9 ^ tp4; 939 tpd = tp9 ^ tp4;
921 tpe = tp8 ^ tp4 ^ tp2; 940 tpe = tp8 ^ tp4 ^ tp2;
922#if defined(ROTATE) 941#if defined(ROTATE)
923 t[i] = tpe ^ ROTATE(tpd,16) ^ 942 t[i] = tpe ^ ROTATE(tpd, 16) ^
924 ROTATE(tp9,8) ^ ROTATE(tpb,24); 943 ROTATE(tp9, 8) ^ ROTATE(tpb, 24);
925#else 944#else
926 t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 945 t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
927 (tp9 >> 24) ^ (tp9 << 8) ^ 946 (tp9 >> 24) ^ (tp9 << 8) ^ (tpb >> 8) ^ (tpb << 24);
928 (tpb >> 8) ^ (tpb << 24);
929#endif 947#endif
930 t[i] ^= rk[4+i]; 948 t[i] ^= rk[4 + i];
931 } 949 }
932 } 950 }
933#else 951#else
934 t[0] = Td0[(s0 ) & 0xff] ^ 952 t[0] = Td0[(s0) & 0xff] ^
935 Td1[(s3 >> 8) & 0xff] ^ 953 Td1[(s3 >> 8) & 0xff] ^
936 Td2[(s2 >> 16) & 0xff] ^ 954 Td2[(s2 >> 16) & 0xff] ^
937 Td3[(s1 >> 24) ] ^ 955 Td3[(s1 >> 24)] ^
938 rk[4]; 956 rk[4];
939 t[1] = Td0[(s1 ) & 0xff] ^ 957 t[1] = Td0[(s1) & 0xff] ^
940 Td1[(s0 >> 8) & 0xff] ^ 958 Td1[(s0 >> 8) & 0xff] ^
941 Td2[(s3 >> 16) & 0xff] ^ 959 Td2[(s3 >> 16) & 0xff] ^
942 Td3[(s2 >> 24) ] ^ 960 Td3[(s2 >> 24)] ^
943 rk[5]; 961 rk[5];
944 t[2] = Td0[(s2 ) & 0xff] ^ 962 t[2] = Td0[(s2) & 0xff] ^
945 Td1[(s1 >> 8) & 0xff] ^ 963 Td1[(s1 >> 8) & 0xff] ^
946 Td2[(s0 >> 16) & 0xff] ^ 964 Td2[(s0 >> 16) & 0xff] ^
947 Td3[(s3 >> 24) ] ^ 965 Td3[(s3 >> 24)] ^
948 rk[6]; 966 rk[6];
949 t[3] = Td0[(s3 ) & 0xff] ^ 967 t[3] = Td0[(s3) & 0xff] ^
950 Td1[(s2 >> 8) & 0xff] ^ 968 Td1[(s2 >> 8) & 0xff] ^
951 Td2[(s1 >> 16) & 0xff] ^ 969 Td2[(s1 >> 16) & 0xff] ^
952 Td3[(s0 >> 24) ] ^ 970 Td3[(s0 >> 24)] ^
953 rk[7]; 971 rk[7];
954#endif 972#endif
955 s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3]; 973 s0 = t[0];
974 s1 = t[1];
975 s2 = t[2];
976 s3 = t[3];
956 977
957 /* 978 /*
958 * Nr - 2 full rounds: 979 * Nr - 2 full rounds:
959 */ 980 */
960 for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) { 981 for (rk += 8, r = key->rounds - 2; r > 0; rk += 4, r--) {
961#if defined(AES_COMPACT_IN_INNER_ROUNDS) 982#if defined(AES_COMPACT_IN_INNER_ROUNDS)
962 t[0] = Td4[(s0 ) & 0xff] ^ 983 t[0] = Td4[(s0) & 0xff] ^
963 Td4[(s3 >> 8) & 0xff] << 8 ^ 984 Td4[(s3 >> 8) & 0xff] << 8 ^
964 Td4[(s2 >> 16) & 0xff] << 16 ^ 985 Td4[(s2 >> 16) & 0xff] << 16 ^
965 Td4[(s1 >> 24) ] << 24; 986 Td4[(s1 >> 24)] << 24;
966 t[1] = Td4[(s1 ) & 0xff] ^ 987 t[1] = Td4[(s1) & 0xff] ^
967 Td4[(s0 >> 8) & 0xff] << 8 ^ 988 Td4[(s0 >> 8) & 0xff] << 8 ^
968 Td4[(s3 >> 16) & 0xff] << 16 ^ 989 Td4[(s3 >> 16) & 0xff] << 16 ^
969 Td4[(s2 >> 24) ] << 24; 990 Td4[(s2 >> 24)] << 24;
970 t[2] = Td4[(s2 ) & 0xff] ^ 991 t[2] = Td4[(s2) & 0xff] ^
971 Td4[(s1 >> 8) & 0xff] << 8 ^ 992 Td4[(s1 >> 8) & 0xff] << 8 ^
972 Td4[(s0 >> 16) & 0xff] << 16 ^ 993 Td4[(s0 >> 16) & 0xff] << 16 ^
973 Td4[(s3 >> 24) ] << 24; 994 Td4[(s3 >> 24)] << 24;
974 t[3] = Td4[(s3 ) & 0xff] ^ 995 t[3] = Td4[(s3) & 0xff] ^
975 Td4[(s2 >> 8) & 0xff] << 8 ^ 996 Td4[(s2 >> 8) & 0xff] << 8 ^
976 Td4[(s1 >> 16) & 0xff] << 16 ^ 997 Td4[(s1 >> 16) & 0xff] << 16 ^
977 Td4[(s0 >> 24) ] << 24; 998 Td4[(s0 >> 24)] << 24;
978 999
979 /* now do the linear transform using words */ 1000 /* now do the linear transform using words */
980 { int i; 1001 {
981 u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m; 1002 int i;
1003 u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
982 1004
983 for (i = 0; i < 4; i++) { 1005 for (i = 0; i < 4; i++) {
984 tp1 = t[i]; 1006 tp1 = t[i];
985 m = tp1 & 0x80808080; 1007 m = tp1 & 0x80808080;
986 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^ 1008 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
987 ((m - (m >> 7)) & 0x1b1b1b1b); 1009 ((m - (m >> 7)) & 0x1b1b1b1b);
988 m = tp2 & 0x80808080; 1010 m = tp2 & 0x80808080;
989 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^ 1011 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
990 ((m - (m >> 7)) & 0x1b1b1b1b); 1012 ((m - (m >> 7)) & 0x1b1b1b1b);
991 m = tp4 & 0x80808080; 1013 m = tp4 & 0x80808080;
992 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^ 1014 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
993 ((m - (m >> 7)) & 0x1b1b1b1b); 1015 ((m - (m >> 7)) & 0x1b1b1b1b);
994 tp9 = tp8 ^ tp1; 1016 tp9 = tp8 ^ tp1;
995 tpb = tp9 ^ tp2; 1017 tpb = tp9 ^ tp2;
996 tpd = tp9 ^ tp4; 1018 tpd = tp9 ^ tp4;
997 tpe = tp8 ^ tp4 ^ tp2; 1019 tpe = tp8 ^ tp4 ^ tp2;
998#if defined(ROTATE) 1020#if defined(ROTATE)
999 t[i] = tpe ^ ROTATE(tpd,16) ^ 1021 t[i] = tpe ^ ROTATE(tpd, 16) ^
1000 ROTATE(tp9,8) ^ ROTATE(tpb,24); 1022 ROTATE(tp9, 8) ^ ROTATE(tpb, 24);
1001#else 1023#else
1002 t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 1024 t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
1003 (tp9 >> 24) ^ (tp9 << 8) ^ 1025 (tp9 >> 24) ^ (tp9 << 8) ^
1004 (tpb >> 8) ^ (tpb << 24); 1026 (tpb >> 8) ^ (tpb << 24);
1005#endif 1027#endif
1006 t[i] ^= rk[i]; 1028 t[i] ^= rk[i];
1029 }
1007 } 1030 }
1008 }
1009#else 1031#else
1010 t[0] = Td0[(s0 ) & 0xff] ^ 1032 t[0] = Td0[(s0) & 0xff] ^
1011 Td1[(s3 >> 8) & 0xff] ^ 1033 Td1[(s3 >> 8) & 0xff] ^
1012 Td2[(s2 >> 16) & 0xff] ^ 1034 Td2[(s2 >> 16) & 0xff] ^
1013 Td3[(s1 >> 24) ] ^ 1035 Td3[(s1 >> 24)] ^
1014 rk[0]; 1036 rk[0];
1015 t[1] = Td0[(s1 ) & 0xff] ^ 1037 t[1] = Td0[(s1) & 0xff] ^
1016 Td1[(s0 >> 8) & 0xff] ^ 1038 Td1[(s0 >> 8) & 0xff] ^
1017 Td2[(s3 >> 16) & 0xff] ^ 1039 Td2[(s3 >> 16) & 0xff] ^
1018 Td3[(s2 >> 24) ] ^ 1040 Td3[(s2 >> 24)] ^
1019 rk[1]; 1041 rk[1];
1020 t[2] = Td0[(s2 ) & 0xff] ^ 1042 t[2] = Td0[(s2) & 0xff] ^
1021 Td1[(s1 >> 8) & 0xff] ^ 1043 Td1[(s1 >> 8) & 0xff] ^
1022 Td2[(s0 >> 16) & 0xff] ^ 1044 Td2[(s0 >> 16) & 0xff] ^
1023 Td3[(s3 >> 24) ] ^ 1045 Td3[(s3 >> 24)] ^
1024 rk[2]; 1046 rk[2];
1025 t[3] = Td0[(s3 ) & 0xff] ^ 1047 t[3] = Td0[(s3) & 0xff] ^
1026 Td1[(s2 >> 8) & 0xff] ^ 1048 Td1[(s2 >> 8) & 0xff] ^
1027 Td2[(s1 >> 16) & 0xff] ^ 1049 Td2[(s1 >> 16) & 0xff] ^
1028 Td3[(s0 >> 24) ] ^ 1050 Td3[(s0 >> 24)] ^
1029 rk[3]; 1051 rk[3];
1030#endif 1052#endif
1031 s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3]; 1053 s0 = t[0];
1032 } 1054 s1 = t[1];
1033 /* 1055 s2 = t[2];
1056 s3 = t[3];
1057 }
1058 /*
1034 * apply last round and 1059 * apply last round and
1035 * map cipher state to byte array block: 1060 * map cipher state to byte array block:
1036 */ 1061 */
1037 prefetch256(Td4); 1062 prefetch256(Td4);
1038 1063
1039 *(u32*)(out+0) = 1064 *(u32*)(out + 0) =
1040 (Td4[(s0 ) & 0xff]) ^ 1065 (Td4[(s0) & 0xff]) ^
1041 (Td4[(s3 >> 8) & 0xff] << 8) ^ 1066 (Td4[(s3 >> 8) & 0xff] << 8) ^
1042 (Td4[(s2 >> 16) & 0xff] << 16) ^ 1067 (Td4[(s2 >> 16) & 0xff] << 16) ^
1043 (Td4[(s1 >> 24) ] << 24) ^ 1068 (Td4[(s1 >> 24)] << 24) ^
1044 rk[0]; 1069 rk[0];
1045 *(u32*)(out+4) = 1070 *(u32*)(out + 4) =
1046 (Td4[(s1 ) & 0xff]) ^ 1071 (Td4[(s1) & 0xff]) ^
1047 (Td4[(s0 >> 8) & 0xff] << 8) ^ 1072 (Td4[(s0 >> 8) & 0xff] << 8) ^
1048 (Td4[(s3 >> 16) & 0xff] << 16) ^ 1073 (Td4[(s3 >> 16) & 0xff] << 16) ^
1049 (Td4[(s2 >> 24) ] << 24) ^ 1074 (Td4[(s2 >> 24)] << 24) ^
1050 rk[1]; 1075 rk[1];
1051 *(u32*)(out+8) = 1076 *(u32*)(out + 8) =
1052 (Td4[(s2 ) & 0xff]) ^ 1077 (Td4[(s2) & 0xff]) ^
1053 (Td4[(s1 >> 8) & 0xff] << 8) ^ 1078 (Td4[(s1 >> 8) & 0xff] << 8) ^
1054 (Td4[(s0 >> 16) & 0xff] << 16) ^ 1079 (Td4[(s0 >> 16) & 0xff] << 16) ^
1055 (Td4[(s3 >> 24) ] << 24) ^ 1080 (Td4[(s3 >> 24)] << 24) ^
1056 rk[2]; 1081 rk[2];
1057 *(u32*)(out+12) = 1082 *(u32*)(out + 12) =
1058 (Td4[(s3 ) & 0xff]) ^ 1083 (Td4[(s3) & 0xff]) ^
1059 (Td4[(s2 >> 8) & 0xff] << 8) ^ 1084 (Td4[(s2 >> 8) & 0xff] << 8) ^
1060 (Td4[(s1 >> 16) & 0xff] << 16) ^ 1085 (Td4[(s1 >> 16) & 0xff] << 16) ^
1061 (Td4[(s0 >> 24) ] << 24) ^ 1086 (Td4[(s0 >> 24)] << 24) ^
1062 rk[3]; 1087 rk[3];
1063} 1088}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 12:10:04 +0000