1 files changed, 65 insertions, 54 deletions
diff --git a/src/lib/libc/crypt/cast.c b/src/lib/libc/crypt/cast.c
index 264138f03e..ea026638d6 100644
--- a/src/lib/libc/crypt/cast.c
+++ b/src/lib/libc/crypt/cast.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: cast.c,v 1.2 1998/07/21 22:42:03 provos Exp $       */
+/*      $OpenBSD: cast.c,v 1.3 2004/11/03 10:38:50 hshoexer Exp $       */
 /*
 *      CAST-128 in C
 *      Written by Steve Reid <sreid@sea-to-sky.net>
@@ -574,15 +574,16 @@ static const u_int32_t cast_sbox8[256] = {
 /***** Encryption Function *****/
-void cast_encrypt(cast_key* key, u_int8_t* inblock, u_int8_t* outblock)
+void
+cast_encrypt(cast_key* key, u_int8_t* inblock, u_int8_t* outblock)
 {
-u_int32_t t, l, r;
+        u_int32_t t, l, r;
        /* Get inblock into l,r */
        l = ((u_int32_t)inblock[0] << 24) | ((u_int32_t)inblock[1] << 16) |
-         ((u_int32_t)inblock[2] << 8) | (u_int32_t)inblock[3];
+            ((u_int32_t)inblock[2] << 8) | (u_int32_t)inblock[3];
        r = ((u_int32_t)inblock[4] << 24) | ((u_int32_t)inblock[5] << 16) |
-         ((u_int32_t)inblock[6] << 8) | (u_int32_t)inblock[7];
+            ((u_int32_t)inblock[6] << 8) | (u_int32_t)inblock[7];
        /* Do the work */
        F1(l, r,  0);
        F2(r, l,  1);
@@ -619,15 +620,16 @@ u_int32_t t, l, r;
 /***** Decryption Function *****/
-void cast_decrypt(cast_key* key, u_int8_t* inblock, u_int8_t* outblock)
+void
+cast_decrypt(cast_key* key, u_int8_t* inblock, u_int8_t* outblock)
 {
-u_int32_t t, l, r;
+        u_int32_t t, l, r;
        /* Get inblock into l,r */
        r = ((u_int32_t)inblock[0] << 24) | ((u_int32_t)inblock[1] << 16) |
-         ((u_int32_t)inblock[2] << 8) | (u_int32_t)inblock[3];
+            ((u_int32_t)inblock[2] << 8) | (u_int32_t)inblock[3];
        l = ((u_int32_t)inblock[4] << 24) | ((u_int32_t)inblock[5] << 16) |
-         ((u_int32_t)inblock[6] << 8) | (u_int32_t)inblock[7];
+            ((u_int32_t)inblock[6] << 8) | (u_int32_t)inblock[7];
        /* Do the work */
        /* Only do full 16 rounds if key length > 80 bits */
        if (key->rounds > 12) {
@@ -664,10 +666,11 @@ u_int32_t t, l, r;
 /***** Key Schedual *****/
-void cast_setkey(cast_key* key, u_int8_t* rawkey, int keybytes)
+void
+cast_setkey(cast_key* key, u_int8_t* rawkey, int keybytes)
 {
-u_int32_t t[4], z[4], x[4];
+        u_int32_t t[4], z[4], x[4];
-int i;
+        int i;
        /* Set number of rounds to 12 or 16, depending on key length */
        key->rounds = (keybytes <= 10 ? 12 : 16);
@@ -683,79 +686,87 @@ int i;
        /* Generate 32 subkeys, four at a time */
        for (i = 0; i < 32; i+=4) {
                switch (i & 4) {
-                 case 0:
+                case 0:
                        t[0] = z[0] = x[0] ^ cast_sbox5[U8b(x[3])] ^
-                         cast_sbox6[U8d(x[3])] ^ cast_sbox7[U8a(x[3])] ^
+                            cast_sbox6[U8d(x[3])] ^ cast_sbox7[U8a(x[3])] ^
-                         cast_sbox8[U8c(x[3])] ^ cast_sbox7[U8a(x[2])];
+                            cast_sbox8[U8c(x[3])] ^ cast_sbox7[U8a(x[2])];
                        t[1] = z[1] = x[2] ^ cast_sbox5[U8a(z[0])] ^
-                         cast_sbox6[U8c(z[0])] ^ cast_sbox7[U8b(z[0])] ^
+                            cast_sbox6[U8c(z[0])] ^ cast_sbox7[U8b(z[0])] ^
-                         cast_sbox8[U8d(z[0])] ^ cast_sbox8[U8c(x[2])];
+                            cast_sbox8[U8d(z[0])] ^ cast_sbox8[U8c(x[2])];
                        t[2] = z[2] = x[3] ^ cast_sbox5[U8d(z[1])] ^
-                         cast_sbox6[U8c(z[1])] ^ cast_sbox7[U8b(z[1])] ^
+                            cast_sbox6[U8c(z[1])] ^ cast_sbox7[U8b(z[1])] ^
-                         cast_sbox8[U8a(z[1])] ^ cast_sbox5[U8b(x[2])];
+                            cast_sbox8[U8a(z[1])] ^ cast_sbox5[U8b(x[2])];
                        t[3] = z[3] = x[1] ^ cast_sbox5[U8c(z[2])] ^
-                         cast_sbox6[U8b(z[2])] ^ cast_sbox7[U8d(z[2])] ^
+                            cast_sbox6[U8b(z[2])] ^ cast_sbox7[U8d(z[2])] ^
-                         cast_sbox8[U8a(z[2])] ^ cast_sbox6[U8d(x[2])];
+                            cast_sbox8[U8a(z[2])] ^ cast_sbox6[U8d(x[2])];
                        break;
-                 case 4:
+                case 4:
                        t[0] = x[0] = z[2] ^ cast_sbox5[U8b(z[1])] ^
-                         cast_sbox6[U8d(z[1])] ^ cast_sbox7[U8a(z[1])] ^
+                            cast_sbox6[U8d(z[1])] ^ cast_sbox7[U8a(z[1])] ^
-                         cast_sbox8[U8c(z[1])] ^ cast_sbox7[U8a(z[0])];
+                            cast_sbox8[U8c(z[1])] ^ cast_sbox7[U8a(z[0])];
                        t[1] = x[1] = z[0] ^ cast_sbox5[U8a(x[0])] ^
-                         cast_sbox6[U8c(x[0])] ^ cast_sbox7[U8b(x[0])] ^
+                            cast_sbox6[U8c(x[0])] ^ cast_sbox7[U8b(x[0])] ^
-                         cast_sbox8[U8d(x[0])] ^ cast_sbox8[U8c(z[0])];
+                            cast_sbox8[U8d(x[0])] ^ cast_sbox8[U8c(z[0])];
                        t[2] = x[2] = z[1] ^ cast_sbox5[U8d(x[1])] ^
-                         cast_sbox6[U8c(x[1])] ^ cast_sbox7[U8b(x[1])] ^
+                            cast_sbox6[U8c(x[1])] ^ cast_sbox7[U8b(x[1])] ^
-                         cast_sbox8[U8a(x[1])] ^ cast_sbox5[U8b(z[0])];
+                            cast_sbox8[U8a(x[1])] ^ cast_sbox5[U8b(z[0])];
                        t[3] = x[3] = z[3] ^ cast_sbox5[U8c(x[2])] ^
-                         cast_sbox6[U8b(x[2])] ^ cast_sbox7[U8d(x[2])] ^
+                            cast_sbox6[U8b(x[2])] ^ cast_sbox7[U8d(x[2])] ^
-                         cast_sbox8[U8a(x[2])] ^ cast_sbox6[U8d(z[0])];
+                            cast_sbox8[U8a(x[2])] ^ cast_sbox6[U8d(z[0])];
                        break;
                }
                switch (i & 12) {
-                 case 0:
+                case 0:
-                 case 12:
+                case 12:
-                        key->xkey[i+0] = cast_sbox5[U8a(t[2])] ^ cast_sbox6[U8b(t[2])] ^
+                        key->xkey[i+0] = cast_sbox5[U8a(t[2])] ^
-                         cast_sbox7[U8d(t[1])] ^ cast_sbox8[U8c(t[1])];
+                            cast_sbox6[U8b(t[2])] ^ cast_sbox7[U8d(t[1])] ^
-                        key->xkey[i+1] = cast_sbox5[U8c(t[2])] ^ cast_sbox6[U8d(t[2])] ^
+                            cast_sbox8[U8c(t[1])];
-                         cast_sbox7[U8b(t[1])] ^ cast_sbox8[U8a(t[1])];
+                        key->xkey[i+1] = cast_sbox5[U8c(t[2])] ^
-                        key->xkey[i+2] = cast_sbox5[U8a(t[3])] ^ cast_sbox6[U8b(t[3])] ^
+                            cast_sbox6[U8d(t[2])] ^ cast_sbox7[U8b(t[1])] ^
-                         cast_sbox7[U8d(t[0])] ^ cast_sbox8[U8c(t[0])];
+                            cast_sbox8[U8a(t[1])];
-                        key->xkey[i+3] = cast_sbox5[U8c(t[3])] ^ cast_sbox6[U8d(t[3])] ^
+                        key->xkey[i+2] = cast_sbox5[U8a(t[3])] ^
-                         cast_sbox7[U8b(t[0])] ^ cast_sbox8[U8a(t[0])];
+                            cast_sbox6[U8b(t[3])] ^ cast_sbox7[U8d(t[0])] ^
+                            cast_sbox8[U8c(t[0])];
+                        key->xkey[i+3] = cast_sbox5[U8c(t[3])] ^
+                            cast_sbox6[U8d(t[3])] ^ cast_sbox7[U8b(t[0])] ^
+                            cast_sbox8[U8a(t[0])];
                        break;
-                 case 4:
+                case 4:
-                 case 8:
+                case 8:
-                        key->xkey[i+0] = cast_sbox5[U8d(t[0])] ^ cast_sbox6[U8c(t[0])] ^
+                        key->xkey[i+0] = cast_sbox5[U8d(t[0])] ^
-                         cast_sbox7[U8a(t[3])] ^ cast_sbox8[U8b(t[3])];
+                            cast_sbox6[U8c(t[0])] ^ cast_sbox7[U8a(t[3])] ^
-                        key->xkey[i+1] = cast_sbox5[U8b(t[0])] ^ cast_sbox6[U8a(t[0])] ^
+                            cast_sbox8[U8b(t[3])];
-                         cast_sbox7[U8c(t[3])] ^ cast_sbox8[U8d(t[3])];
+                        key->xkey[i+1] = cast_sbox5[U8b(t[0])] ^
-                        key->xkey[i+2] = cast_sbox5[U8d(t[1])] ^ cast_sbox6[U8c(t[1])] ^
+                            cast_sbox6[U8a(t[0])] ^ cast_sbox7[U8c(t[3])] ^
-                         cast_sbox7[U8a(t[2])] ^ cast_sbox8[U8b(t[2])];
+                            cast_sbox8[U8d(t[3])];
-                        key->xkey[i+3] = cast_sbox5[U8b(t[1])] ^ cast_sbox6[U8a(t[1])] ^
+                        key->xkey[i+2] = cast_sbox5[U8d(t[1])] ^
-                         cast_sbox7[U8c(t[2])] ^ cast_sbox8[U8d(t[2])];
+                            cast_sbox6[U8c(t[1])] ^ cast_sbox7[U8a(t[2])] ^
+                            cast_sbox8[U8b(t[2])];
+                        key->xkey[i+3] = cast_sbox5[U8b(t[1])] ^
+                            cast_sbox6[U8a(t[1])] ^ cast_sbox7[U8c(t[2])] ^
+                            cast_sbox8[U8d(t[2])];
                        break;
                }
                switch (i & 12) {
-                 case 0:
+                case 0:
                        key->xkey[i+0] ^= cast_sbox5[U8c(z[0])];
                        key->xkey[i+1] ^= cast_sbox6[U8c(z[1])];
                        key->xkey[i+2] ^= cast_sbox7[U8b(z[2])];
                        key->xkey[i+3] ^= cast_sbox8[U8a(z[3])];
                        break;
-                 case 4:
+                case 4:
                        key->xkey[i+0] ^= cast_sbox5[U8a(x[2])];
                        key->xkey[i+1] ^= cast_sbox6[U8b(x[3])];
                        key->xkey[i+2] ^= cast_sbox7[U8d(x[0])];
                        key->xkey[i+3] ^= cast_sbox8[U8d(x[1])];
                        break;
-                 case 8:
+                case 8:
                        key->xkey[i+0] ^= cast_sbox5[U8b(z[2])];
                        key->xkey[i+1] ^= cast_sbox6[U8a(z[3])];
                        key->xkey[i+2] ^= cast_sbox7[U8c(z[0])];
                        key->xkey[i+3] ^= cast_sbox8[U8c(z[1])];
                        break;
-                 case 12:
+                case 12:
                        key->xkey[i+0] ^= cast_sbox5[U8d(x[0])];
                        key->xkey[i+1] ^= cast_sbox6[U8d(x[1])];
                        key->xkey[i+2] ^= cast_sbox7[U8a(x[2])];

diff --git a/src/lib/libc/crypt/cast.c b/src/lib/libc/crypt/cast.c index 264138f03e..ea026638d6 100644 --- a/src/lib/libc/crypt/cast.c +++ b/src/lib/libc/crypt/cast.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: cast.c,v 1.2 1998/07/21 22:42:03 provos Exp $ */	1	/* $OpenBSD: cast.c,v 1.3 2004/11/03 10:38:50 hshoexer Exp $ */
2	/*	2	/*
3	* CAST-128 in C	3	* CAST-128 in C
4	* Written by Steve Reid <sreid@sea-to-sky.net>	4	* Written by Steve Reid <sreid@sea-to-sky.net>
@@ -574,15 +574,16 @@ static const u_int32_t cast_sbox8[256] = {
574		574
575	/*** Encryption Function ***/	575	/*** Encryption Function ***/
576		576
577	void cast_encrypt(cast_key* key, u_int8_t* inblock, u_int8_t* outblock)	577	void
		578	cast_encrypt(cast_key* key, u_int8_t* inblock, u_int8_t* outblock)
578	{	579	{
579	u_int32_t t, l, r;	580	u_int32_t t, l, r;
580		581
581	/* Get inblock into l,r */	582	/* Get inblock into l,r */
582	l = ((u_int32_t)inblock[0] << 24) \| ((u_int32_t)inblock[1] << 16) \|	583	l = ((u_int32_t)inblock[0] << 24) \| ((u_int32_t)inblock[1] << 16) \|
583	((u_int32_t)inblock[2] << 8) \| (u_int32_t)inblock[3];	584	((u_int32_t)inblock[2] << 8) \| (u_int32_t)inblock[3];
584	r = ((u_int32_t)inblock[4] << 24) \| ((u_int32_t)inblock[5] << 16) \|	585	r = ((u_int32_t)inblock[4] << 24) \| ((u_int32_t)inblock[5] << 16) \|
585	((u_int32_t)inblock[6] << 8) \| (u_int32_t)inblock[7];	586	((u_int32_t)inblock[6] << 8) \| (u_int32_t)inblock[7];
586	/* Do the work */	587	/* Do the work */
587	F1(l, r, 0);	588	F1(l, r, 0);
588	F2(r, l, 1);	589	F2(r, l, 1);
@@ -619,15 +620,16 @@ u_int32_t t, l, r;
619		620
620	/*** Decryption Function ***/	621	/*** Decryption Function ***/
621		622
622	void cast_decrypt(cast_key* key, u_int8_t* inblock, u_int8_t* outblock)	623	void
		624	cast_decrypt(cast_key* key, u_int8_t* inblock, u_int8_t* outblock)
623	{	625	{
624	u_int32_t t, l, r;	626	u_int32_t t, l, r;
625		627
626	/* Get inblock into l,r */	628	/* Get inblock into l,r */
627	r = ((u_int32_t)inblock[0] << 24) \| ((u_int32_t)inblock[1] << 16) \|	629	r = ((u_int32_t)inblock[0] << 24) \| ((u_int32_t)inblock[1] << 16) \|
628	((u_int32_t)inblock[2] << 8) \| (u_int32_t)inblock[3];	630	((u_int32_t)inblock[2] << 8) \| (u_int32_t)inblock[3];
629	l = ((u_int32_t)inblock[4] << 24) \| ((u_int32_t)inblock[5] << 16) \|	631	l = ((u_int32_t)inblock[4] << 24) \| ((u_int32_t)inblock[5] << 16) \|
630	((u_int32_t)inblock[6] << 8) \| (u_int32_t)inblock[7];	632	((u_int32_t)inblock[6] << 8) \| (u_int32_t)inblock[7];
631	/* Do the work */	633	/* Do the work */
632	/* Only do full 16 rounds if key length > 80 bits */	634	/* Only do full 16 rounds if key length > 80 bits */
633	if (key->rounds > 12) {	635	if (key->rounds > 12) {
@@ -664,10 +666,11 @@ u_int32_t t, l, r;
664		666
665	/*** Key Schedual ***/	667	/*** Key Schedual ***/
666		668
667	void cast_setkey(cast_key* key, u_int8_t* rawkey, int keybytes)	669	void
		670	cast_setkey(cast_key* key, u_int8_t* rawkey, int keybytes)
668	{	671	{
669	u_int32_t t[4], z[4], x[4];	672	u_int32_t t[4], z[4], x[4];
670	int i;	673	int i;
671		674
672	/* Set number of rounds to 12 or 16, depending on key length */	675	/* Set number of rounds to 12 or 16, depending on key length */
673	key->rounds = (keybytes <= 10 ? 12 : 16);	676	key->rounds = (keybytes <= 10 ? 12 : 16);
@@ -683,79 +686,87 @@ int i;
683	/* Generate 32 subkeys, four at a time */	686	/* Generate 32 subkeys, four at a time */
684	for (i = 0; i < 32; i+=4) {	687	for (i = 0; i < 32; i+=4) {
685	switch (i & 4) {	688	switch (i & 4) {
686	case 0:	689	case 0:
687	t[0] = z[0] = x[0] ^ cast_sbox5[U8b(x[3])] ^	690	t[0] = z[0] = x[0] ^ cast_sbox5[U8b(x[3])] ^
688	cast_sbox6[U8d(x[3])] ^ cast_sbox7[U8a(x[3])] ^	691	cast_sbox6[U8d(x[3])] ^ cast_sbox7[U8a(x[3])] ^
689	cast_sbox8[U8c(x[3])] ^ cast_sbox7[U8a(x[2])];	692	cast_sbox8[U8c(x[3])] ^ cast_sbox7[U8a(x[2])];
690	t[1] = z[1] = x[2] ^ cast_sbox5[U8a(z[0])] ^	693	t[1] = z[1] = x[2] ^ cast_sbox5[U8a(z[0])] ^
691	cast_sbox6[U8c(z[0])] ^ cast_sbox7[U8b(z[0])] ^	694	cast_sbox6[U8c(z[0])] ^ cast_sbox7[U8b(z[0])] ^
692	cast_sbox8[U8d(z[0])] ^ cast_sbox8[U8c(x[2])];	695	cast_sbox8[U8d(z[0])] ^ cast_sbox8[U8c(x[2])];
693	t[2] = z[2] = x[3] ^ cast_sbox5[U8d(z[1])] ^	696	t[2] = z[2] = x[3] ^ cast_sbox5[U8d(z[1])] ^
694	cast_sbox6[U8c(z[1])] ^ cast_sbox7[U8b(z[1])] ^	697	cast_sbox6[U8c(z[1])] ^ cast_sbox7[U8b(z[1])] ^
695	cast_sbox8[U8a(z[1])] ^ cast_sbox5[U8b(x[2])];	698	cast_sbox8[U8a(z[1])] ^ cast_sbox5[U8b(x[2])];
696	t[3] = z[3] = x[1] ^ cast_sbox5[U8c(z[2])] ^	699	t[3] = z[3] = x[1] ^ cast_sbox5[U8c(z[2])] ^
697	cast_sbox6[U8b(z[2])] ^ cast_sbox7[U8d(z[2])] ^	700	cast_sbox6[U8b(z[2])] ^ cast_sbox7[U8d(z[2])] ^
698	cast_sbox8[U8a(z[2])] ^ cast_sbox6[U8d(x[2])];	701	cast_sbox8[U8a(z[2])] ^ cast_sbox6[U8d(x[2])];
699	break;	702	break;
700	case 4:	703	case 4:
701	t[0] = x[0] = z[2] ^ cast_sbox5[U8b(z[1])] ^	704	t[0] = x[0] = z[2] ^ cast_sbox5[U8b(z[1])] ^
702	cast_sbox6[U8d(z[1])] ^ cast_sbox7[U8a(z[1])] ^	705	cast_sbox6[U8d(z[1])] ^ cast_sbox7[U8a(z[1])] ^
703	cast_sbox8[U8c(z[1])] ^ cast_sbox7[U8a(z[0])];	706	cast_sbox8[U8c(z[1])] ^ cast_sbox7[U8a(z[0])];
704	t[1] = x[1] = z[0] ^ cast_sbox5[U8a(x[0])] ^	707	t[1] = x[1] = z[0] ^ cast_sbox5[U8a(x[0])] ^
705	cast_sbox6[U8c(x[0])] ^ cast_sbox7[U8b(x[0])] ^	708	cast_sbox6[U8c(x[0])] ^ cast_sbox7[U8b(x[0])] ^
706	cast_sbox8[U8d(x[0])] ^ cast_sbox8[U8c(z[0])];	709	cast_sbox8[U8d(x[0])] ^ cast_sbox8[U8c(z[0])];
707	t[2] = x[2] = z[1] ^ cast_sbox5[U8d(x[1])] ^	710	t[2] = x[2] = z[1] ^ cast_sbox5[U8d(x[1])] ^
708	cast_sbox6[U8c(x[1])] ^ cast_sbox7[U8b(x[1])] ^	711	cast_sbox6[U8c(x[1])] ^ cast_sbox7[U8b(x[1])] ^
709	cast_sbox8[U8a(x[1])] ^ cast_sbox5[U8b(z[0])];	712	cast_sbox8[U8a(x[1])] ^ cast_sbox5[U8b(z[0])];
710	t[3] = x[3] = z[3] ^ cast_sbox5[U8c(x[2])] ^	713	t[3] = x[3] = z[3] ^ cast_sbox5[U8c(x[2])] ^
711	cast_sbox6[U8b(x[2])] ^ cast_sbox7[U8d(x[2])] ^	714	cast_sbox6[U8b(x[2])] ^ cast_sbox7[U8d(x[2])] ^
712	cast_sbox8[U8a(x[2])] ^ cast_sbox6[U8d(z[0])];	715	cast_sbox8[U8a(x[2])] ^ cast_sbox6[U8d(z[0])];
713	break;	716	break;
714	}	717	}
715	switch (i & 12) {	718	switch (i & 12) {
716	case 0:	719	case 0:
717	case 12:	720	case 12:
718	key->xkey[i+0] = cast_sbox5[U8a(t[2])] ^ cast_sbox6[U8b(t[2])] ^	721	key->xkey[i+0] = cast_sbox5[U8a(t[2])] ^
719	cast_sbox7[U8d(t[1])] ^ cast_sbox8[U8c(t[1])];	722	cast_sbox6[U8b(t[2])] ^ cast_sbox7[U8d(t[1])] ^
720	key->xkey[i+1] = cast_sbox5[U8c(t[2])] ^ cast_sbox6[U8d(t[2])] ^	723	cast_sbox8[U8c(t[1])];
721	cast_sbox7[U8b(t[1])] ^ cast_sbox8[U8a(t[1])];	724	key->xkey[i+1] = cast_sbox5[U8c(t[2])] ^
722	key->xkey[i+2] = cast_sbox5[U8a(t[3])] ^ cast_sbox6[U8b(t[3])] ^	725	cast_sbox6[U8d(t[2])] ^ cast_sbox7[U8b(t[1])] ^
723	cast_sbox7[U8d(t[0])] ^ cast_sbox8[U8c(t[0])];	726	cast_sbox8[U8a(t[1])];
724	key->xkey[i+3] = cast_sbox5[U8c(t[3])] ^ cast_sbox6[U8d(t[3])] ^	727	key->xkey[i+2] = cast_sbox5[U8a(t[3])] ^
725	cast_sbox7[U8b(t[0])] ^ cast_sbox8[U8a(t[0])];	728	cast_sbox6[U8b(t[3])] ^ cast_sbox7[U8d(t[0])] ^
		729	cast_sbox8[U8c(t[0])];
		730	key->xkey[i+3] = cast_sbox5[U8c(t[3])] ^
		731	cast_sbox6[U8d(t[3])] ^ cast_sbox7[U8b(t[0])] ^
		732	cast_sbox8[U8a(t[0])];
726	break;	733	break;
727	case 4:	734	case 4:
728	case 8:	735	case 8:
729	key->xkey[i+0] = cast_sbox5[U8d(t[0])] ^ cast_sbox6[U8c(t[0])] ^	736	key->xkey[i+0] = cast_sbox5[U8d(t[0])] ^
730	cast_sbox7[U8a(t[3])] ^ cast_sbox8[U8b(t[3])];	737	cast_sbox6[U8c(t[0])] ^ cast_sbox7[U8a(t[3])] ^
731	key->xkey[i+1] = cast_sbox5[U8b(t[0])] ^ cast_sbox6[U8a(t[0])] ^	738	cast_sbox8[U8b(t[3])];
732	cast_sbox7[U8c(t[3])] ^ cast_sbox8[U8d(t[3])];	739	key->xkey[i+1] = cast_sbox5[U8b(t[0])] ^
733	key->xkey[i+2] = cast_sbox5[U8d(t[1])] ^ cast_sbox6[U8c(t[1])] ^	740	cast_sbox6[U8a(t[0])] ^ cast_sbox7[U8c(t[3])] ^
734	cast_sbox7[U8a(t[2])] ^ cast_sbox8[U8b(t[2])];	741	cast_sbox8[U8d(t[3])];
735	key->xkey[i+3] = cast_sbox5[U8b(t[1])] ^ cast_sbox6[U8a(t[1])] ^	742	key->xkey[i+2] = cast_sbox5[U8d(t[1])] ^
736	cast_sbox7[U8c(t[2])] ^ cast_sbox8[U8d(t[2])];	743	cast_sbox6[U8c(t[1])] ^ cast_sbox7[U8a(t[2])] ^
		744	cast_sbox8[U8b(t[2])];
		745	key->xkey[i+3] = cast_sbox5[U8b(t[1])] ^
		746	cast_sbox6[U8a(t[1])] ^ cast_sbox7[U8c(t[2])] ^
		747	cast_sbox8[U8d(t[2])];
737	break;	748	break;
738	}	749	}
739	switch (i & 12) {	750	switch (i & 12) {
740	case 0:	751	case 0:
741	key->xkey[i+0] ^= cast_sbox5[U8c(z[0])];	752	key->xkey[i+0] ^= cast_sbox5[U8c(z[0])];
742	key->xkey[i+1] ^= cast_sbox6[U8c(z[1])];	753	key->xkey[i+1] ^= cast_sbox6[U8c(z[1])];
743	key->xkey[i+2] ^= cast_sbox7[U8b(z[2])];	754	key->xkey[i+2] ^= cast_sbox7[U8b(z[2])];
744	key->xkey[i+3] ^= cast_sbox8[U8a(z[3])];	755	key->xkey[i+3] ^= cast_sbox8[U8a(z[3])];
745	break;	756	break;
746	case 4:	757	case 4:
747	key->xkey[i+0] ^= cast_sbox5[U8a(x[2])];	758	key->xkey[i+0] ^= cast_sbox5[U8a(x[2])];
748	key->xkey[i+1] ^= cast_sbox6[U8b(x[3])];	759	key->xkey[i+1] ^= cast_sbox6[U8b(x[3])];
749	key->xkey[i+2] ^= cast_sbox7[U8d(x[0])];	760	key->xkey[i+2] ^= cast_sbox7[U8d(x[0])];
750	key->xkey[i+3] ^= cast_sbox8[U8d(x[1])];	761	key->xkey[i+3] ^= cast_sbox8[U8d(x[1])];
751	break;	762	break;
752	case 8:	763	case 8:
753	key->xkey[i+0] ^= cast_sbox5[U8b(z[2])];	764	key->xkey[i+0] ^= cast_sbox5[U8b(z[2])];
754	key->xkey[i+1] ^= cast_sbox6[U8a(z[3])];	765	key->xkey[i+1] ^= cast_sbox6[U8a(z[3])];
755	key->xkey[i+2] ^= cast_sbox7[U8c(z[0])];	766	key->xkey[i+2] ^= cast_sbox7[U8c(z[0])];
756	key->xkey[i+3] ^= cast_sbox8[U8c(z[1])];	767	key->xkey[i+3] ^= cast_sbox8[U8c(z[1])];
757	break;	768	break;
758	case 12:	769	case 12:
759	key->xkey[i+0] ^= cast_sbox5[U8d(x[0])];	770	key->xkey[i+0] ^= cast_sbox5[U8d(x[0])];
760	key->xkey[i+1] ^= cast_sbox6[U8d(x[1])];	771	key->xkey[i+1] ^= cast_sbox6[U8d(x[1])];
761	key->xkey[i+2] ^= cast_sbox7[U8a(x[2])];	772	key->xkey[i+2] ^= cast_sbox7[U8a(x[2])];