summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/aes/aes_x86core.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/aes/aes_x86core.c')
-rw-r--r--src/lib/libcrypto/aes/aes_x86core.c1417
1 files changed, 721 insertions, 696 deletions
diff --git a/src/lib/libcrypto/aes/aes_x86core.c b/src/lib/libcrypto/aes/aes_x86core.c
index d323e265c0..c5d17b3127 100644
--- a/src/lib/libcrypto/aes/aes_x86core.c
+++ b/src/lib/libcrypto/aes/aes_x86core.c
@@ -59,14 +59,16 @@
59#endif 59#endif
60 60
61#if 1 61#if 1
62static void prefetch256(const void *table) 62static void
63prefetch256(const void *table)
63{ 64{
64 volatile unsigned long *t=(void *)table,ret; 65 volatile unsigned long *t = (void *)table, ret;
65 unsigned long sum; 66 unsigned long sum;
66 int i; 67 int i;
67 68
68 /* 32 is common least cache-line size */ 69 /* 32 is common least cache-line size */
69 for (sum=0,i=0;i<256/sizeof(t[0]);i+=32/sizeof(t[0])) sum ^= t[i]; 70 for (sum = 0, i = 0; i < 256/sizeof(t[0]); i += 32 / sizeof(t[0]))
71 sum ^= t[i];
70 72
71 ret = sum; 73 ret = sum;
72} 74}
@@ -128,350 +130,350 @@ Td4[x] = Si[x].[01];
128#define Td3 (u32)((u64*)((u8*)Td+1)) 130#define Td3 (u32)((u64*)((u8*)Td+1))
129 131
130static const u64 Te[256] = { 132static const u64 Te[256] = {
131 U64(0xa56363c6a56363c6), U64(0x847c7cf8847c7cf8), 133 U64(0xa56363c6a56363c6), U64(0x847c7cf8847c7cf8),
132 U64(0x997777ee997777ee), U64(0x8d7b7bf68d7b7bf6), 134 U64(0x997777ee997777ee), U64(0x8d7b7bf68d7b7bf6),
133 U64(0x0df2f2ff0df2f2ff), U64(0xbd6b6bd6bd6b6bd6), 135 U64(0x0df2f2ff0df2f2ff), U64(0xbd6b6bd6bd6b6bd6),
134 U64(0xb16f6fdeb16f6fde), U64(0x54c5c59154c5c591), 136 U64(0xb16f6fdeb16f6fde), U64(0x54c5c59154c5c591),
135 U64(0x5030306050303060), U64(0x0301010203010102), 137 U64(0x5030306050303060), U64(0x0301010203010102),
136 U64(0xa96767cea96767ce), U64(0x7d2b2b567d2b2b56), 138 U64(0xa96767cea96767ce), U64(0x7d2b2b567d2b2b56),
137 U64(0x19fefee719fefee7), U64(0x62d7d7b562d7d7b5), 139 U64(0x19fefee719fefee7), U64(0x62d7d7b562d7d7b5),
138 U64(0xe6abab4de6abab4d), U64(0x9a7676ec9a7676ec), 140 U64(0xe6abab4de6abab4d), U64(0x9a7676ec9a7676ec),
139 U64(0x45caca8f45caca8f), U64(0x9d82821f9d82821f), 141 U64(0x45caca8f45caca8f), U64(0x9d82821f9d82821f),
140 U64(0x40c9c98940c9c989), U64(0x877d7dfa877d7dfa), 142 U64(0x40c9c98940c9c989), U64(0x877d7dfa877d7dfa),
141 U64(0x15fafaef15fafaef), U64(0xeb5959b2eb5959b2), 143 U64(0x15fafaef15fafaef), U64(0xeb5959b2eb5959b2),
142 U64(0xc947478ec947478e), U64(0x0bf0f0fb0bf0f0fb), 144 U64(0xc947478ec947478e), U64(0x0bf0f0fb0bf0f0fb),
143 U64(0xecadad41ecadad41), U64(0x67d4d4b367d4d4b3), 145 U64(0xecadad41ecadad41), U64(0x67d4d4b367d4d4b3),
144 U64(0xfda2a25ffda2a25f), U64(0xeaafaf45eaafaf45), 146 U64(0xfda2a25ffda2a25f), U64(0xeaafaf45eaafaf45),
145 U64(0xbf9c9c23bf9c9c23), U64(0xf7a4a453f7a4a453), 147 U64(0xbf9c9c23bf9c9c23), U64(0xf7a4a453f7a4a453),
146 U64(0x967272e4967272e4), U64(0x5bc0c09b5bc0c09b), 148 U64(0x967272e4967272e4), U64(0x5bc0c09b5bc0c09b),
147 U64(0xc2b7b775c2b7b775), U64(0x1cfdfde11cfdfde1), 149 U64(0xc2b7b775c2b7b775), U64(0x1cfdfde11cfdfde1),
148 U64(0xae93933dae93933d), U64(0x6a26264c6a26264c), 150 U64(0xae93933dae93933d), U64(0x6a26264c6a26264c),
149 U64(0x5a36366c5a36366c), U64(0x413f3f7e413f3f7e), 151 U64(0x5a36366c5a36366c), U64(0x413f3f7e413f3f7e),
150 U64(0x02f7f7f502f7f7f5), U64(0x4fcccc834fcccc83), 152 U64(0x02f7f7f502f7f7f5), U64(0x4fcccc834fcccc83),
151 U64(0x5c3434685c343468), U64(0xf4a5a551f4a5a551), 153 U64(0x5c3434685c343468), U64(0xf4a5a551f4a5a551),
152 U64(0x34e5e5d134e5e5d1), U64(0x08f1f1f908f1f1f9), 154 U64(0x34e5e5d134e5e5d1), U64(0x08f1f1f908f1f1f9),
153 U64(0x937171e2937171e2), U64(0x73d8d8ab73d8d8ab), 155 U64(0x937171e2937171e2), U64(0x73d8d8ab73d8d8ab),
154 U64(0x5331316253313162), U64(0x3f15152a3f15152a), 156 U64(0x5331316253313162), U64(0x3f15152a3f15152a),
155 U64(0x0c0404080c040408), U64(0x52c7c79552c7c795), 157 U64(0x0c0404080c040408), U64(0x52c7c79552c7c795),
156 U64(0x6523234665232346), U64(0x5ec3c39d5ec3c39d), 158 U64(0x6523234665232346), U64(0x5ec3c39d5ec3c39d),
157 U64(0x2818183028181830), U64(0xa1969637a1969637), 159 U64(0x2818183028181830), U64(0xa1969637a1969637),
158 U64(0x0f05050a0f05050a), U64(0xb59a9a2fb59a9a2f), 160 U64(0x0f05050a0f05050a), U64(0xb59a9a2fb59a9a2f),
159 U64(0x0907070e0907070e), U64(0x3612122436121224), 161 U64(0x0907070e0907070e), U64(0x3612122436121224),
160 U64(0x9b80801b9b80801b), U64(0x3de2e2df3de2e2df), 162 U64(0x9b80801b9b80801b), U64(0x3de2e2df3de2e2df),
161 U64(0x26ebebcd26ebebcd), U64(0x6927274e6927274e), 163 U64(0x26ebebcd26ebebcd), U64(0x6927274e6927274e),
162 U64(0xcdb2b27fcdb2b27f), U64(0x9f7575ea9f7575ea), 164 U64(0xcdb2b27fcdb2b27f), U64(0x9f7575ea9f7575ea),
163 U64(0x1b0909121b090912), U64(0x9e83831d9e83831d), 165 U64(0x1b0909121b090912), U64(0x9e83831d9e83831d),
164 U64(0x742c2c58742c2c58), U64(0x2e1a1a342e1a1a34), 166 U64(0x742c2c58742c2c58), U64(0x2e1a1a342e1a1a34),
165 U64(0x2d1b1b362d1b1b36), U64(0xb26e6edcb26e6edc), 167 U64(0x2d1b1b362d1b1b36), U64(0xb26e6edcb26e6edc),
166 U64(0xee5a5ab4ee5a5ab4), U64(0xfba0a05bfba0a05b), 168 U64(0xee5a5ab4ee5a5ab4), U64(0xfba0a05bfba0a05b),
167 U64(0xf65252a4f65252a4), U64(0x4d3b3b764d3b3b76), 169 U64(0xf65252a4f65252a4), U64(0x4d3b3b764d3b3b76),
168 U64(0x61d6d6b761d6d6b7), U64(0xceb3b37dceb3b37d), 170 U64(0x61d6d6b761d6d6b7), U64(0xceb3b37dceb3b37d),
169 U64(0x7b2929527b292952), U64(0x3ee3e3dd3ee3e3dd), 171 U64(0x7b2929527b292952), U64(0x3ee3e3dd3ee3e3dd),
170 U64(0x712f2f5e712f2f5e), U64(0x9784841397848413), 172 U64(0x712f2f5e712f2f5e), U64(0x9784841397848413),
171 U64(0xf55353a6f55353a6), U64(0x68d1d1b968d1d1b9), 173 U64(0xf55353a6f55353a6), U64(0x68d1d1b968d1d1b9),
172 U64(0x0000000000000000), U64(0x2cededc12cededc1), 174 U64(0x0000000000000000), U64(0x2cededc12cededc1),
173 U64(0x6020204060202040), U64(0x1ffcfce31ffcfce3), 175 U64(0x6020204060202040), U64(0x1ffcfce31ffcfce3),
174 U64(0xc8b1b179c8b1b179), U64(0xed5b5bb6ed5b5bb6), 176 U64(0xc8b1b179c8b1b179), U64(0xed5b5bb6ed5b5bb6),
175 U64(0xbe6a6ad4be6a6ad4), U64(0x46cbcb8d46cbcb8d), 177 U64(0xbe6a6ad4be6a6ad4), U64(0x46cbcb8d46cbcb8d),
176 U64(0xd9bebe67d9bebe67), U64(0x4b3939724b393972), 178 U64(0xd9bebe67d9bebe67), U64(0x4b3939724b393972),
177 U64(0xde4a4a94de4a4a94), U64(0xd44c4c98d44c4c98), 179 U64(0xde4a4a94de4a4a94), U64(0xd44c4c98d44c4c98),
178 U64(0xe85858b0e85858b0), U64(0x4acfcf854acfcf85), 180 U64(0xe85858b0e85858b0), U64(0x4acfcf854acfcf85),
179 U64(0x6bd0d0bb6bd0d0bb), U64(0x2aefefc52aefefc5), 181 U64(0x6bd0d0bb6bd0d0bb), U64(0x2aefefc52aefefc5),
180 U64(0xe5aaaa4fe5aaaa4f), U64(0x16fbfbed16fbfbed), 182 U64(0xe5aaaa4fe5aaaa4f), U64(0x16fbfbed16fbfbed),
181 U64(0xc5434386c5434386), U64(0xd74d4d9ad74d4d9a), 183 U64(0xc5434386c5434386), U64(0xd74d4d9ad74d4d9a),
182 U64(0x5533336655333366), U64(0x9485851194858511), 184 U64(0x5533336655333366), U64(0x9485851194858511),
183 U64(0xcf45458acf45458a), U64(0x10f9f9e910f9f9e9), 185 U64(0xcf45458acf45458a), U64(0x10f9f9e910f9f9e9),
184 U64(0x0602020406020204), U64(0x817f7ffe817f7ffe), 186 U64(0x0602020406020204), U64(0x817f7ffe817f7ffe),
185 U64(0xf05050a0f05050a0), U64(0x443c3c78443c3c78), 187 U64(0xf05050a0f05050a0), U64(0x443c3c78443c3c78),
186 U64(0xba9f9f25ba9f9f25), U64(0xe3a8a84be3a8a84b), 188 U64(0xba9f9f25ba9f9f25), U64(0xe3a8a84be3a8a84b),
187 U64(0xf35151a2f35151a2), U64(0xfea3a35dfea3a35d), 189 U64(0xf35151a2f35151a2), U64(0xfea3a35dfea3a35d),
188 U64(0xc0404080c0404080), U64(0x8a8f8f058a8f8f05), 190 U64(0xc0404080c0404080), U64(0x8a8f8f058a8f8f05),
189 U64(0xad92923fad92923f), U64(0xbc9d9d21bc9d9d21), 191 U64(0xad92923fad92923f), U64(0xbc9d9d21bc9d9d21),
190 U64(0x4838387048383870), U64(0x04f5f5f104f5f5f1), 192 U64(0x4838387048383870), U64(0x04f5f5f104f5f5f1),
191 U64(0xdfbcbc63dfbcbc63), U64(0xc1b6b677c1b6b677), 193 U64(0xdfbcbc63dfbcbc63), U64(0xc1b6b677c1b6b677),
192 U64(0x75dadaaf75dadaaf), U64(0x6321214263212142), 194 U64(0x75dadaaf75dadaaf), U64(0x6321214263212142),
193 U64(0x3010102030101020), U64(0x1affffe51affffe5), 195 U64(0x3010102030101020), U64(0x1affffe51affffe5),
194 U64(0x0ef3f3fd0ef3f3fd), U64(0x6dd2d2bf6dd2d2bf), 196 U64(0x0ef3f3fd0ef3f3fd), U64(0x6dd2d2bf6dd2d2bf),
195 U64(0x4ccdcd814ccdcd81), U64(0x140c0c18140c0c18), 197 U64(0x4ccdcd814ccdcd81), U64(0x140c0c18140c0c18),
196 U64(0x3513132635131326), U64(0x2fececc32fececc3), 198 U64(0x3513132635131326), U64(0x2fececc32fececc3),
197 U64(0xe15f5fbee15f5fbe), U64(0xa2979735a2979735), 199 U64(0xe15f5fbee15f5fbe), U64(0xa2979735a2979735),
198 U64(0xcc444488cc444488), U64(0x3917172e3917172e), 200 U64(0xcc444488cc444488), U64(0x3917172e3917172e),
199 U64(0x57c4c49357c4c493), U64(0xf2a7a755f2a7a755), 201 U64(0x57c4c49357c4c493), U64(0xf2a7a755f2a7a755),
200 U64(0x827e7efc827e7efc), U64(0x473d3d7a473d3d7a), 202 U64(0x827e7efc827e7efc), U64(0x473d3d7a473d3d7a),
201 U64(0xac6464c8ac6464c8), U64(0xe75d5dbae75d5dba), 203 U64(0xac6464c8ac6464c8), U64(0xe75d5dbae75d5dba),
202 U64(0x2b1919322b191932), U64(0x957373e6957373e6), 204 U64(0x2b1919322b191932), U64(0x957373e6957373e6),
203 U64(0xa06060c0a06060c0), U64(0x9881811998818119), 205 U64(0xa06060c0a06060c0), U64(0x9881811998818119),
204 U64(0xd14f4f9ed14f4f9e), U64(0x7fdcdca37fdcdca3), 206 U64(0xd14f4f9ed14f4f9e), U64(0x7fdcdca37fdcdca3),
205 U64(0x6622224466222244), U64(0x7e2a2a547e2a2a54), 207 U64(0x6622224466222244), U64(0x7e2a2a547e2a2a54),
206 U64(0xab90903bab90903b), U64(0x8388880b8388880b), 208 U64(0xab90903bab90903b), U64(0x8388880b8388880b),
207 U64(0xca46468cca46468c), U64(0x29eeeec729eeeec7), 209 U64(0xca46468cca46468c), U64(0x29eeeec729eeeec7),
208 U64(0xd3b8b86bd3b8b86b), U64(0x3c1414283c141428), 210 U64(0xd3b8b86bd3b8b86b), U64(0x3c1414283c141428),
209 U64(0x79dedea779dedea7), U64(0xe25e5ebce25e5ebc), 211 U64(0x79dedea779dedea7), U64(0xe25e5ebce25e5ebc),
210 U64(0x1d0b0b161d0b0b16), U64(0x76dbdbad76dbdbad), 212 U64(0x1d0b0b161d0b0b16), U64(0x76dbdbad76dbdbad),
211 U64(0x3be0e0db3be0e0db), U64(0x5632326456323264), 213 U64(0x3be0e0db3be0e0db), U64(0x5632326456323264),
212 U64(0x4e3a3a744e3a3a74), U64(0x1e0a0a141e0a0a14), 214 U64(0x4e3a3a744e3a3a74), U64(0x1e0a0a141e0a0a14),
213 U64(0xdb494992db494992), U64(0x0a06060c0a06060c), 215 U64(0xdb494992db494992), U64(0x0a06060c0a06060c),
214 U64(0x6c2424486c242448), U64(0xe45c5cb8e45c5cb8), 216 U64(0x6c2424486c242448), U64(0xe45c5cb8e45c5cb8),
215 U64(0x5dc2c29f5dc2c29f), U64(0x6ed3d3bd6ed3d3bd), 217 U64(0x5dc2c29f5dc2c29f), U64(0x6ed3d3bd6ed3d3bd),
216 U64(0xefacac43efacac43), U64(0xa66262c4a66262c4), 218 U64(0xefacac43efacac43), U64(0xa66262c4a66262c4),
217 U64(0xa8919139a8919139), U64(0xa4959531a4959531), 219 U64(0xa8919139a8919139), U64(0xa4959531a4959531),
218 U64(0x37e4e4d337e4e4d3), U64(0x8b7979f28b7979f2), 220 U64(0x37e4e4d337e4e4d3), U64(0x8b7979f28b7979f2),
219 U64(0x32e7e7d532e7e7d5), U64(0x43c8c88b43c8c88b), 221 U64(0x32e7e7d532e7e7d5), U64(0x43c8c88b43c8c88b),
220 U64(0x5937376e5937376e), U64(0xb76d6ddab76d6dda), 222 U64(0x5937376e5937376e), U64(0xb76d6ddab76d6dda),
221 U64(0x8c8d8d018c8d8d01), U64(0x64d5d5b164d5d5b1), 223 U64(0x8c8d8d018c8d8d01), U64(0x64d5d5b164d5d5b1),
222 U64(0xd24e4e9cd24e4e9c), U64(0xe0a9a949e0a9a949), 224 U64(0xd24e4e9cd24e4e9c), U64(0xe0a9a949e0a9a949),
223 U64(0xb46c6cd8b46c6cd8), U64(0xfa5656acfa5656ac), 225 U64(0xb46c6cd8b46c6cd8), U64(0xfa5656acfa5656ac),
224 U64(0x07f4f4f307f4f4f3), U64(0x25eaeacf25eaeacf), 226 U64(0x07f4f4f307f4f4f3), U64(0x25eaeacf25eaeacf),
225 U64(0xaf6565caaf6565ca), U64(0x8e7a7af48e7a7af4), 227 U64(0xaf6565caaf6565ca), U64(0x8e7a7af48e7a7af4),
226 U64(0xe9aeae47e9aeae47), U64(0x1808081018080810), 228 U64(0xe9aeae47e9aeae47), U64(0x1808081018080810),
227 U64(0xd5baba6fd5baba6f), U64(0x887878f0887878f0), 229 U64(0xd5baba6fd5baba6f), U64(0x887878f0887878f0),
228 U64(0x6f25254a6f25254a), U64(0x722e2e5c722e2e5c), 230 U64(0x6f25254a6f25254a), U64(0x722e2e5c722e2e5c),
229 U64(0x241c1c38241c1c38), U64(0xf1a6a657f1a6a657), 231 U64(0x241c1c38241c1c38), U64(0xf1a6a657f1a6a657),
230 U64(0xc7b4b473c7b4b473), U64(0x51c6c69751c6c697), 232 U64(0xc7b4b473c7b4b473), U64(0x51c6c69751c6c697),
231 U64(0x23e8e8cb23e8e8cb), U64(0x7cdddda17cdddda1), 233 U64(0x23e8e8cb23e8e8cb), U64(0x7cdddda17cdddda1),
232 U64(0x9c7474e89c7474e8), U64(0x211f1f3e211f1f3e), 234 U64(0x9c7474e89c7474e8), U64(0x211f1f3e211f1f3e),
233 U64(0xdd4b4b96dd4b4b96), U64(0xdcbdbd61dcbdbd61), 235 U64(0xdd4b4b96dd4b4b96), U64(0xdcbdbd61dcbdbd61),
234 U64(0x868b8b0d868b8b0d), U64(0x858a8a0f858a8a0f), 236 U64(0x868b8b0d868b8b0d), U64(0x858a8a0f858a8a0f),
235 U64(0x907070e0907070e0), U64(0x423e3e7c423e3e7c), 237 U64(0x907070e0907070e0), U64(0x423e3e7c423e3e7c),
236 U64(0xc4b5b571c4b5b571), U64(0xaa6666ccaa6666cc), 238 U64(0xc4b5b571c4b5b571), U64(0xaa6666ccaa6666cc),
237 U64(0xd8484890d8484890), U64(0x0503030605030306), 239 U64(0xd8484890d8484890), U64(0x0503030605030306),
238 U64(0x01f6f6f701f6f6f7), U64(0x120e0e1c120e0e1c), 240 U64(0x01f6f6f701f6f6f7), U64(0x120e0e1c120e0e1c),
239 U64(0xa36161c2a36161c2), U64(0x5f35356a5f35356a), 241 U64(0xa36161c2a36161c2), U64(0x5f35356a5f35356a),
240 U64(0xf95757aef95757ae), U64(0xd0b9b969d0b9b969), 242 U64(0xf95757aef95757ae), U64(0xd0b9b969d0b9b969),
241 U64(0x9186861791868617), U64(0x58c1c19958c1c199), 243 U64(0x9186861791868617), U64(0x58c1c19958c1c199),
242 U64(0x271d1d3a271d1d3a), U64(0xb99e9e27b99e9e27), 244 U64(0x271d1d3a271d1d3a), U64(0xb99e9e27b99e9e27),
243 U64(0x38e1e1d938e1e1d9), U64(0x13f8f8eb13f8f8eb), 245 U64(0x38e1e1d938e1e1d9), U64(0x13f8f8eb13f8f8eb),
244 U64(0xb398982bb398982b), U64(0x3311112233111122), 246 U64(0xb398982bb398982b), U64(0x3311112233111122),
245 U64(0xbb6969d2bb6969d2), U64(0x70d9d9a970d9d9a9), 247 U64(0xbb6969d2bb6969d2), U64(0x70d9d9a970d9d9a9),
246 U64(0x898e8e07898e8e07), U64(0xa7949433a7949433), 248 U64(0x898e8e07898e8e07), U64(0xa7949433a7949433),
247 U64(0xb69b9b2db69b9b2d), U64(0x221e1e3c221e1e3c), 249 U64(0xb69b9b2db69b9b2d), U64(0x221e1e3c221e1e3c),
248 U64(0x9287871592878715), U64(0x20e9e9c920e9e9c9), 250 U64(0x9287871592878715), U64(0x20e9e9c920e9e9c9),
249 U64(0x49cece8749cece87), U64(0xff5555aaff5555aa), 251 U64(0x49cece8749cece87), U64(0xff5555aaff5555aa),
250 U64(0x7828285078282850), U64(0x7adfdfa57adfdfa5), 252 U64(0x7828285078282850), U64(0x7adfdfa57adfdfa5),
251 U64(0x8f8c8c038f8c8c03), U64(0xf8a1a159f8a1a159), 253 U64(0x8f8c8c038f8c8c03), U64(0xf8a1a159f8a1a159),
252 U64(0x8089890980898909), U64(0x170d0d1a170d0d1a), 254 U64(0x8089890980898909), U64(0x170d0d1a170d0d1a),
253 U64(0xdabfbf65dabfbf65), U64(0x31e6e6d731e6e6d7), 255 U64(0xdabfbf65dabfbf65), U64(0x31e6e6d731e6e6d7),
254 U64(0xc6424284c6424284), U64(0xb86868d0b86868d0), 256 U64(0xc6424284c6424284), U64(0xb86868d0b86868d0),
255 U64(0xc3414182c3414182), U64(0xb0999929b0999929), 257 U64(0xc3414182c3414182), U64(0xb0999929b0999929),
256 U64(0x772d2d5a772d2d5a), U64(0x110f0f1e110f0f1e), 258 U64(0x772d2d5a772d2d5a), U64(0x110f0f1e110f0f1e),
257 U64(0xcbb0b07bcbb0b07b), U64(0xfc5454a8fc5454a8), 259 U64(0xcbb0b07bcbb0b07b), U64(0xfc5454a8fc5454a8),
258 U64(0xd6bbbb6dd6bbbb6d), U64(0x3a16162c3a16162c) 260 U64(0xd6bbbb6dd6bbbb6d), U64(0x3a16162c3a16162c)
259}; 261};
260 262
261static const u8 Te4[256] = { 263static const u8 Te4[256] = {
262 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U, 264 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
263 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U, 265 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
264 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U, 266 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
265 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U, 267 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
266 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU, 268 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
267 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U, 269 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
268 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU, 270 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
269 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U, 271 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
270 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U, 272 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
271 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U, 273 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
272 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU, 274 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
273 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU, 275 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
274 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U, 276 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
275 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U, 277 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
276 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U, 278 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
277 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U, 279 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
278 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U, 280 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
279 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U, 281 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
280 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U, 282 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
281 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU, 283 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
282 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU, 284 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
283 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U, 285 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
284 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U, 286 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
285 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U, 287 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
286 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U, 288 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
287 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU, 289 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
288 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU, 290 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
289 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU, 291 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
290 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U, 292 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
291 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU, 293 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
292 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U, 294 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
293 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U 295 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
294}; 296};
295 297
296static const u64 Td[256] = { 298static const u64 Td[256] = {
297 U64(0x50a7f45150a7f451), U64(0x5365417e5365417e), 299 U64(0x50a7f45150a7f451), U64(0x5365417e5365417e),
298 U64(0xc3a4171ac3a4171a), U64(0x965e273a965e273a), 300 U64(0xc3a4171ac3a4171a), U64(0x965e273a965e273a),
299 U64(0xcb6bab3bcb6bab3b), U64(0xf1459d1ff1459d1f), 301 U64(0xcb6bab3bcb6bab3b), U64(0xf1459d1ff1459d1f),
300 U64(0xab58faacab58faac), U64(0x9303e34b9303e34b), 302 U64(0xab58faacab58faac), U64(0x9303e34b9303e34b),
301 U64(0x55fa302055fa3020), U64(0xf66d76adf66d76ad), 303 U64(0x55fa302055fa3020), U64(0xf66d76adf66d76ad),
302 U64(0x9176cc889176cc88), U64(0x254c02f5254c02f5), 304 U64(0x9176cc889176cc88), U64(0x254c02f5254c02f5),
303 U64(0xfcd7e54ffcd7e54f), U64(0xd7cb2ac5d7cb2ac5), 305 U64(0xfcd7e54ffcd7e54f), U64(0xd7cb2ac5d7cb2ac5),
304 U64(0x8044352680443526), U64(0x8fa362b58fa362b5), 306 U64(0x8044352680443526), U64(0x8fa362b58fa362b5),
305 U64(0x495ab1de495ab1de), U64(0x671bba25671bba25), 307 U64(0x495ab1de495ab1de), U64(0x671bba25671bba25),
306 U64(0x980eea45980eea45), U64(0xe1c0fe5de1c0fe5d), 308 U64(0x980eea45980eea45), U64(0xe1c0fe5de1c0fe5d),
307 U64(0x02752fc302752fc3), U64(0x12f04c8112f04c81), 309 U64(0x02752fc302752fc3), U64(0x12f04c8112f04c81),
308 U64(0xa397468da397468d), U64(0xc6f9d36bc6f9d36b), 310 U64(0xa397468da397468d), U64(0xc6f9d36bc6f9d36b),
309 U64(0xe75f8f03e75f8f03), U64(0x959c9215959c9215), 311 U64(0xe75f8f03e75f8f03), U64(0x959c9215959c9215),
310 U64(0xeb7a6dbfeb7a6dbf), U64(0xda595295da595295), 312 U64(0xeb7a6dbfeb7a6dbf), U64(0xda595295da595295),
311 U64(0x2d83bed42d83bed4), U64(0xd3217458d3217458), 313 U64(0x2d83bed42d83bed4), U64(0xd3217458d3217458),
312 U64(0x2969e0492969e049), U64(0x44c8c98e44c8c98e), 314 U64(0x2969e0492969e049), U64(0x44c8c98e44c8c98e),
313 U64(0x6a89c2756a89c275), U64(0x78798ef478798ef4), 315 U64(0x6a89c2756a89c275), U64(0x78798ef478798ef4),
314 U64(0x6b3e58996b3e5899), U64(0xdd71b927dd71b927), 316 U64(0x6b3e58996b3e5899), U64(0xdd71b927dd71b927),
315 U64(0xb64fe1beb64fe1be), U64(0x17ad88f017ad88f0), 317 U64(0xb64fe1beb64fe1be), U64(0x17ad88f017ad88f0),
316 U64(0x66ac20c966ac20c9), U64(0xb43ace7db43ace7d), 318 U64(0x66ac20c966ac20c9), U64(0xb43ace7db43ace7d),
317 U64(0x184adf63184adf63), U64(0x82311ae582311ae5), 319 U64(0x184adf63184adf63), U64(0x82311ae582311ae5),
318 U64(0x6033519760335197), U64(0x457f5362457f5362), 320 U64(0x6033519760335197), U64(0x457f5362457f5362),
319 U64(0xe07764b1e07764b1), U64(0x84ae6bbb84ae6bbb), 321 U64(0xe07764b1e07764b1), U64(0x84ae6bbb84ae6bbb),
320 U64(0x1ca081fe1ca081fe), U64(0x942b08f9942b08f9), 322 U64(0x1ca081fe1ca081fe), U64(0x942b08f9942b08f9),
321 U64(0x5868487058684870), U64(0x19fd458f19fd458f), 323 U64(0x5868487058684870), U64(0x19fd458f19fd458f),
322 U64(0x876cde94876cde94), U64(0xb7f87b52b7f87b52), 324 U64(0x876cde94876cde94), U64(0xb7f87b52b7f87b52),
323 U64(0x23d373ab23d373ab), U64(0xe2024b72e2024b72), 325 U64(0x23d373ab23d373ab), U64(0xe2024b72e2024b72),
324 U64(0x578f1fe3578f1fe3), U64(0x2aab55662aab5566), 326 U64(0x578f1fe3578f1fe3), U64(0x2aab55662aab5566),
325 U64(0x0728ebb20728ebb2), U64(0x03c2b52f03c2b52f), 327 U64(0x0728ebb20728ebb2), U64(0x03c2b52f03c2b52f),
326 U64(0x9a7bc5869a7bc586), U64(0xa50837d3a50837d3), 328 U64(0x9a7bc5869a7bc586), U64(0xa50837d3a50837d3),
327 U64(0xf2872830f2872830), U64(0xb2a5bf23b2a5bf23), 329 U64(0xf2872830f2872830), U64(0xb2a5bf23b2a5bf23),
328 U64(0xba6a0302ba6a0302), U64(0x5c8216ed5c8216ed), 330 U64(0xba6a0302ba6a0302), U64(0x5c8216ed5c8216ed),
329 U64(0x2b1ccf8a2b1ccf8a), U64(0x92b479a792b479a7), 331 U64(0x2b1ccf8a2b1ccf8a), U64(0x92b479a792b479a7),
330 U64(0xf0f207f3f0f207f3), U64(0xa1e2694ea1e2694e), 332 U64(0xf0f207f3f0f207f3), U64(0xa1e2694ea1e2694e),
331 U64(0xcdf4da65cdf4da65), U64(0xd5be0506d5be0506), 333 U64(0xcdf4da65cdf4da65), U64(0xd5be0506d5be0506),
332 U64(0x1f6234d11f6234d1), U64(0x8afea6c48afea6c4), 334 U64(0x1f6234d11f6234d1), U64(0x8afea6c48afea6c4),
333 U64(0x9d532e349d532e34), U64(0xa055f3a2a055f3a2), 335 U64(0x9d532e349d532e34), U64(0xa055f3a2a055f3a2),
334 U64(0x32e18a0532e18a05), U64(0x75ebf6a475ebf6a4), 336 U64(0x32e18a0532e18a05), U64(0x75ebf6a475ebf6a4),
335 U64(0x39ec830b39ec830b), U64(0xaaef6040aaef6040), 337 U64(0x39ec830b39ec830b), U64(0xaaef6040aaef6040),
336 U64(0x069f715e069f715e), U64(0x51106ebd51106ebd), 338 U64(0x069f715e069f715e), U64(0x51106ebd51106ebd),
337 U64(0xf98a213ef98a213e), U64(0x3d06dd963d06dd96), 339 U64(0xf98a213ef98a213e), U64(0x3d06dd963d06dd96),
338 U64(0xae053eddae053edd), U64(0x46bde64d46bde64d), 340 U64(0xae053eddae053edd), U64(0x46bde64d46bde64d),
339 U64(0xb58d5491b58d5491), U64(0x055dc471055dc471), 341 U64(0xb58d5491b58d5491), U64(0x055dc471055dc471),
340 U64(0x6fd406046fd40604), U64(0xff155060ff155060), 342 U64(0x6fd406046fd40604), U64(0xff155060ff155060),
341 U64(0x24fb981924fb9819), U64(0x97e9bdd697e9bdd6), 343 U64(0x24fb981924fb9819), U64(0x97e9bdd697e9bdd6),
342 U64(0xcc434089cc434089), U64(0x779ed967779ed967), 344 U64(0xcc434089cc434089), U64(0x779ed967779ed967),
343 U64(0xbd42e8b0bd42e8b0), U64(0x888b8907888b8907), 345 U64(0xbd42e8b0bd42e8b0), U64(0x888b8907888b8907),
344 U64(0x385b19e7385b19e7), U64(0xdbeec879dbeec879), 346 U64(0x385b19e7385b19e7), U64(0xdbeec879dbeec879),
345 U64(0x470a7ca1470a7ca1), U64(0xe90f427ce90f427c), 347 U64(0x470a7ca1470a7ca1), U64(0xe90f427ce90f427c),
346 U64(0xc91e84f8c91e84f8), U64(0x0000000000000000), 348 U64(0xc91e84f8c91e84f8), U64(0x0000000000000000),
347 U64(0x8386800983868009), U64(0x48ed2b3248ed2b32), 349 U64(0x8386800983868009), U64(0x48ed2b3248ed2b32),
348 U64(0xac70111eac70111e), U64(0x4e725a6c4e725a6c), 350 U64(0xac70111eac70111e), U64(0x4e725a6c4e725a6c),
349 U64(0xfbff0efdfbff0efd), U64(0x5638850f5638850f), 351 U64(0xfbff0efdfbff0efd), U64(0x5638850f5638850f),
350 U64(0x1ed5ae3d1ed5ae3d), U64(0x27392d3627392d36), 352 U64(0x1ed5ae3d1ed5ae3d), U64(0x27392d3627392d36),
351 U64(0x64d90f0a64d90f0a), U64(0x21a65c6821a65c68), 353 U64(0x64d90f0a64d90f0a), U64(0x21a65c6821a65c68),
352 U64(0xd1545b9bd1545b9b), U64(0x3a2e36243a2e3624), 354 U64(0xd1545b9bd1545b9b), U64(0x3a2e36243a2e3624),
353 U64(0xb1670a0cb1670a0c), U64(0x0fe757930fe75793), 355 U64(0xb1670a0cb1670a0c), U64(0x0fe757930fe75793),
354 U64(0xd296eeb4d296eeb4), U64(0x9e919b1b9e919b1b), 356 U64(0xd296eeb4d296eeb4), U64(0x9e919b1b9e919b1b),
355 U64(0x4fc5c0804fc5c080), U64(0xa220dc61a220dc61), 357 U64(0x4fc5c0804fc5c080), U64(0xa220dc61a220dc61),
356 U64(0x694b775a694b775a), U64(0x161a121c161a121c), 358 U64(0x694b775a694b775a), U64(0x161a121c161a121c),
357 U64(0x0aba93e20aba93e2), U64(0xe52aa0c0e52aa0c0), 359 U64(0x0aba93e20aba93e2), U64(0xe52aa0c0e52aa0c0),
358 U64(0x43e0223c43e0223c), U64(0x1d171b121d171b12), 360 U64(0x43e0223c43e0223c), U64(0x1d171b121d171b12),
359 U64(0x0b0d090e0b0d090e), U64(0xadc78bf2adc78bf2), 361 U64(0x0b0d090e0b0d090e), U64(0xadc78bf2adc78bf2),
360 U64(0xb9a8b62db9a8b62d), U64(0xc8a91e14c8a91e14), 362 U64(0xb9a8b62db9a8b62d), U64(0xc8a91e14c8a91e14),
361 U64(0x8519f1578519f157), U64(0x4c0775af4c0775af), 363 U64(0x8519f1578519f157), U64(0x4c0775af4c0775af),
362 U64(0xbbdd99eebbdd99ee), U64(0xfd607fa3fd607fa3), 364 U64(0xbbdd99eebbdd99ee), U64(0xfd607fa3fd607fa3),
363 U64(0x9f2601f79f2601f7), U64(0xbcf5725cbcf5725c), 365 U64(0x9f2601f79f2601f7), U64(0xbcf5725cbcf5725c),
364 U64(0xc53b6644c53b6644), U64(0x347efb5b347efb5b), 366 U64(0xc53b6644c53b6644), U64(0x347efb5b347efb5b),
365 U64(0x7629438b7629438b), U64(0xdcc623cbdcc623cb), 367 U64(0x7629438b7629438b), U64(0xdcc623cbdcc623cb),
366 U64(0x68fcedb668fcedb6), U64(0x63f1e4b863f1e4b8), 368 U64(0x68fcedb668fcedb6), U64(0x63f1e4b863f1e4b8),
367 U64(0xcadc31d7cadc31d7), U64(0x1085634210856342), 369 U64(0xcadc31d7cadc31d7), U64(0x1085634210856342),
368 U64(0x4022971340229713), U64(0x2011c6842011c684), 370 U64(0x4022971340229713), U64(0x2011c6842011c684),
369 U64(0x7d244a857d244a85), U64(0xf83dbbd2f83dbbd2), 371 U64(0x7d244a857d244a85), U64(0xf83dbbd2f83dbbd2),
370 U64(0x1132f9ae1132f9ae), U64(0x6da129c76da129c7), 372 U64(0x1132f9ae1132f9ae), U64(0x6da129c76da129c7),
371 U64(0x4b2f9e1d4b2f9e1d), U64(0xf330b2dcf330b2dc), 373 U64(0x4b2f9e1d4b2f9e1d), U64(0xf330b2dcf330b2dc),
372 U64(0xec52860dec52860d), U64(0xd0e3c177d0e3c177), 374 U64(0xec52860dec52860d), U64(0xd0e3c177d0e3c177),
373 U64(0x6c16b32b6c16b32b), U64(0x99b970a999b970a9), 375 U64(0x6c16b32b6c16b32b), U64(0x99b970a999b970a9),
374 U64(0xfa489411fa489411), U64(0x2264e9472264e947), 376 U64(0xfa489411fa489411), U64(0x2264e9472264e947),
375 U64(0xc48cfca8c48cfca8), U64(0x1a3ff0a01a3ff0a0), 377 U64(0xc48cfca8c48cfca8), U64(0x1a3ff0a01a3ff0a0),
376 U64(0xd82c7d56d82c7d56), U64(0xef903322ef903322), 378 U64(0xd82c7d56d82c7d56), U64(0xef903322ef903322),
377 U64(0xc74e4987c74e4987), U64(0xc1d138d9c1d138d9), 379 U64(0xc74e4987c74e4987), U64(0xc1d138d9c1d138d9),
378 U64(0xfea2ca8cfea2ca8c), U64(0x360bd498360bd498), 380 U64(0xfea2ca8cfea2ca8c), U64(0x360bd498360bd498),
379 U64(0xcf81f5a6cf81f5a6), U64(0x28de7aa528de7aa5), 381 U64(0xcf81f5a6cf81f5a6), U64(0x28de7aa528de7aa5),
380 U64(0x268eb7da268eb7da), U64(0xa4bfad3fa4bfad3f), 382 U64(0x268eb7da268eb7da), U64(0xa4bfad3fa4bfad3f),
381 U64(0xe49d3a2ce49d3a2c), U64(0x0d9278500d927850), 383 U64(0xe49d3a2ce49d3a2c), U64(0x0d9278500d927850),
382 U64(0x9bcc5f6a9bcc5f6a), U64(0x62467e5462467e54), 384 U64(0x9bcc5f6a9bcc5f6a), U64(0x62467e5462467e54),
383 U64(0xc2138df6c2138df6), U64(0xe8b8d890e8b8d890), 385 U64(0xc2138df6c2138df6), U64(0xe8b8d890e8b8d890),
384 U64(0x5ef7392e5ef7392e), U64(0xf5afc382f5afc382), 386 U64(0x5ef7392e5ef7392e), U64(0xf5afc382f5afc382),
385 U64(0xbe805d9fbe805d9f), U64(0x7c93d0697c93d069), 387 U64(0xbe805d9fbe805d9f), U64(0x7c93d0697c93d069),
386 U64(0xa92dd56fa92dd56f), U64(0xb31225cfb31225cf), 388 U64(0xa92dd56fa92dd56f), U64(0xb31225cfb31225cf),
387 U64(0x3b99acc83b99acc8), U64(0xa77d1810a77d1810), 389 U64(0x3b99acc83b99acc8), U64(0xa77d1810a77d1810),
388 U64(0x6e639ce86e639ce8), U64(0x7bbb3bdb7bbb3bdb), 390 U64(0x6e639ce86e639ce8), U64(0x7bbb3bdb7bbb3bdb),
389 U64(0x097826cd097826cd), U64(0xf418596ef418596e), 391 U64(0x097826cd097826cd), U64(0xf418596ef418596e),
390 U64(0x01b79aec01b79aec), U64(0xa89a4f83a89a4f83), 392 U64(0x01b79aec01b79aec), U64(0xa89a4f83a89a4f83),
391 U64(0x656e95e6656e95e6), U64(0x7ee6ffaa7ee6ffaa), 393 U64(0x656e95e6656e95e6), U64(0x7ee6ffaa7ee6ffaa),
392 U64(0x08cfbc2108cfbc21), U64(0xe6e815efe6e815ef), 394 U64(0x08cfbc2108cfbc21), U64(0xe6e815efe6e815ef),
393 U64(0xd99be7bad99be7ba), U64(0xce366f4ace366f4a), 395 U64(0xd99be7bad99be7ba), U64(0xce366f4ace366f4a),
394 U64(0xd4099fead4099fea), U64(0xd67cb029d67cb029), 396 U64(0xd4099fead4099fea), U64(0xd67cb029d67cb029),
395 U64(0xafb2a431afb2a431), U64(0x31233f2a31233f2a), 397 U64(0xafb2a431afb2a431), U64(0x31233f2a31233f2a),
396 U64(0x3094a5c63094a5c6), U64(0xc066a235c066a235), 398 U64(0x3094a5c63094a5c6), U64(0xc066a235c066a235),
397 U64(0x37bc4e7437bc4e74), U64(0xa6ca82fca6ca82fc), 399 U64(0x37bc4e7437bc4e74), U64(0xa6ca82fca6ca82fc),
398 U64(0xb0d090e0b0d090e0), U64(0x15d8a73315d8a733), 400 U64(0xb0d090e0b0d090e0), U64(0x15d8a73315d8a733),
399 U64(0x4a9804f14a9804f1), U64(0xf7daec41f7daec41), 401 U64(0x4a9804f14a9804f1), U64(0xf7daec41f7daec41),
400 U64(0x0e50cd7f0e50cd7f), U64(0x2ff691172ff69117), 402 U64(0x0e50cd7f0e50cd7f), U64(0x2ff691172ff69117),
401 U64(0x8dd64d768dd64d76), U64(0x4db0ef434db0ef43), 403 U64(0x8dd64d768dd64d76), U64(0x4db0ef434db0ef43),
402 U64(0x544daacc544daacc), U64(0xdf0496e4df0496e4), 404 U64(0x544daacc544daacc), U64(0xdf0496e4df0496e4),
403 U64(0xe3b5d19ee3b5d19e), U64(0x1b886a4c1b886a4c), 405 U64(0xe3b5d19ee3b5d19e), U64(0x1b886a4c1b886a4c),
404 U64(0xb81f2cc1b81f2cc1), U64(0x7f5165467f516546), 406 U64(0xb81f2cc1b81f2cc1), U64(0x7f5165467f516546),
405 U64(0x04ea5e9d04ea5e9d), U64(0x5d358c015d358c01), 407 U64(0x04ea5e9d04ea5e9d), U64(0x5d358c015d358c01),
406 U64(0x737487fa737487fa), U64(0x2e410bfb2e410bfb), 408 U64(0x737487fa737487fa), U64(0x2e410bfb2e410bfb),
407 U64(0x5a1d67b35a1d67b3), U64(0x52d2db9252d2db92), 409 U64(0x5a1d67b35a1d67b3), U64(0x52d2db9252d2db92),
408 U64(0x335610e9335610e9), U64(0x1347d66d1347d66d), 410 U64(0x335610e9335610e9), U64(0x1347d66d1347d66d),
409 U64(0x8c61d79a8c61d79a), U64(0x7a0ca1377a0ca137), 411 U64(0x8c61d79a8c61d79a), U64(0x7a0ca1377a0ca137),
410 U64(0x8e14f8598e14f859), U64(0x893c13eb893c13eb), 412 U64(0x8e14f8598e14f859), U64(0x893c13eb893c13eb),
411 U64(0xee27a9ceee27a9ce), U64(0x35c961b735c961b7), 413 U64(0xee27a9ceee27a9ce), U64(0x35c961b735c961b7),
412 U64(0xede51ce1ede51ce1), U64(0x3cb1477a3cb1477a), 414 U64(0xede51ce1ede51ce1), U64(0x3cb1477a3cb1477a),
413 U64(0x59dfd29c59dfd29c), U64(0x3f73f2553f73f255), 415 U64(0x59dfd29c59dfd29c), U64(0x3f73f2553f73f255),
414 U64(0x79ce141879ce1418), U64(0xbf37c773bf37c773), 416 U64(0x79ce141879ce1418), U64(0xbf37c773bf37c773),
415 U64(0xeacdf753eacdf753), U64(0x5baafd5f5baafd5f), 417 U64(0xeacdf753eacdf753), U64(0x5baafd5f5baafd5f),
416 U64(0x146f3ddf146f3ddf), U64(0x86db447886db4478), 418 U64(0x146f3ddf146f3ddf), U64(0x86db447886db4478),
417 U64(0x81f3afca81f3afca), U64(0x3ec468b93ec468b9), 419 U64(0x81f3afca81f3afca), U64(0x3ec468b93ec468b9),
418 U64(0x2c3424382c342438), U64(0x5f40a3c25f40a3c2), 420 U64(0x2c3424382c342438), U64(0x5f40a3c25f40a3c2),
419 U64(0x72c31d1672c31d16), U64(0x0c25e2bc0c25e2bc), 421 U64(0x72c31d1672c31d16), U64(0x0c25e2bc0c25e2bc),
420 U64(0x8b493c288b493c28), U64(0x41950dff41950dff), 422 U64(0x8b493c288b493c28), U64(0x41950dff41950dff),
421 U64(0x7101a8397101a839), U64(0xdeb30c08deb30c08), 423 U64(0x7101a8397101a839), U64(0xdeb30c08deb30c08),
422 U64(0x9ce4b4d89ce4b4d8), U64(0x90c1566490c15664), 424 U64(0x9ce4b4d89ce4b4d8), U64(0x90c1566490c15664),
423 U64(0x6184cb7b6184cb7b), U64(0x70b632d570b632d5), 425 U64(0x6184cb7b6184cb7b), U64(0x70b632d570b632d5),
424 U64(0x745c6c48745c6c48), U64(0x4257b8d04257b8d0) 426 U64(0x745c6c48745c6c48), U64(0x4257b8d04257b8d0)
425}; 427};
426static const u8 Td4[256] = { 428static const u8 Td4[256] = {
427 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U, 429 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
428 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU, 430 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
429 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U, 431 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
430 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU, 432 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
431 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU, 433 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
432 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU, 434 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
433 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U, 435 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
434 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U, 436 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
435 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U, 437 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
436 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U, 438 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
437 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU, 439 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
438 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U, 440 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
439 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU, 441 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
440 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U, 442 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
441 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U, 443 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
442 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU, 444 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
443 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU, 445 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
444 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U, 446 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
445 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U, 447 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
446 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU, 448 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
447 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U, 449 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
448 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU, 450 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
449 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U, 451 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
450 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U, 452 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
451 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U, 453 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
452 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU, 454 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
453 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU, 455 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
454 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU, 456 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
455 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U, 457 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
456 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U, 458 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
457 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U, 459 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
458 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU 460 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU
459}; 461};
460 462
461static const u32 rcon[] = { 463static const u32 rcon[] = {
462 0x00000001U, 0x00000002U, 0x00000004U, 0x00000008U, 464 0x00000001U, 0x00000002U, 0x00000004U, 0x00000008U,
463 0x00000010U, 0x00000020U, 0x00000040U, 0x00000080U, 465 0x00000010U, 0x00000020U, 0x00000040U, 0x00000080U,
464 0x0000001bU, 0x00000036U, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ 466 0x0000001bU, 0x00000036U,
467 /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
465}; 468};
466 469
467/** 470/**
468 * Expand the cipher key into the encryption key schedule. 471 * Expand the cipher key into the encryption key schedule.
469 */ 472 */
470int AES_set_encrypt_key(const unsigned char *userKey, const int bits, 473int
471 AES_KEY *key) { 474AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key) {
472
473 u32 *rk; 475 u32 *rk;
474 int i = 0; 476 int i = 0;
475 u32 temp; 477 u32 temp;
476 478
477 if (!userKey || !key) 479 if (!userKey || !key)
@@ -481,26 +483,26 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
481 483
482 rk = key->rd_key; 484 rk = key->rd_key;
483 485
484 if (bits==128) 486 if (bits == 128)
485 key->rounds = 10; 487 key->rounds = 10;
486 else if (bits==192) 488 else if (bits == 192)
487 key->rounds = 12; 489 key->rounds = 12;
488 else 490 else
489 key->rounds = 14; 491 key->rounds = 14;
490 492
491 rk[0] = GETU32(userKey ); 493 rk[0] = GETU32(userKey);
492 rk[1] = GETU32(userKey + 4); 494 rk[1] = GETU32(userKey + 4);
493 rk[2] = GETU32(userKey + 8); 495 rk[2] = GETU32(userKey + 8);
494 rk[3] = GETU32(userKey + 12); 496 rk[3] = GETU32(userKey + 12);
495 if (bits == 128) { 497 if (bits == 128) {
496 while (1) { 498 while (1) {
497 temp = rk[3]; 499 temp = rk[3];
498 rk[4] = rk[0] ^ 500 rk[4] = rk[0] ^
499 (Te4[(temp >> 8) & 0xff] ) ^ 501 (Te4[(temp >> 8) & 0xff]) ^
500 (Te4[(temp >> 16) & 0xff] << 8) ^ 502 (Te4[(temp >> 16) & 0xff] << 8) ^
501 (Te4[(temp >> 24) ] << 16) ^ 503 (Te4[(temp >> 24)] << 16) ^
502 (Te4[(temp ) & 0xff] << 24) ^ 504 (Te4[(temp) & 0xff] << 24) ^
503 rcon[i]; 505 rcon[i];
504 rk[5] = rk[1] ^ rk[4]; 506 rk[5] = rk[1] ^ rk[4];
505 rk[6] = rk[2] ^ rk[5]; 507 rk[6] = rk[2] ^ rk[5];
506 rk[7] = rk[3] ^ rk[6]; 508 rk[7] = rk[3] ^ rk[6];
@@ -514,21 +516,21 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
514 rk[5] = GETU32(userKey + 20); 516 rk[5] = GETU32(userKey + 20);
515 if (bits == 192) { 517 if (bits == 192) {
516 while (1) { 518 while (1) {
517 temp = rk[ 5]; 519 temp = rk[5];
518 rk[ 6] = rk[ 0] ^ 520 rk[6] = rk[ 0] ^
519 (Te4[(temp >> 8) & 0xff] ) ^ 521 (Te4[(temp >> 8) & 0xff]) ^
520 (Te4[(temp >> 16) & 0xff] << 8) ^ 522 (Te4[(temp >> 16) & 0xff] << 8) ^
521 (Te4[(temp >> 24) ] << 16) ^ 523 (Te4[(temp >> 24)] << 16) ^
522 (Te4[(temp ) & 0xff] << 24) ^ 524 (Te4[(temp) & 0xff] << 24) ^
523 rcon[i]; 525 rcon[i];
524 rk[ 7] = rk[ 1] ^ rk[ 6]; 526 rk[7] = rk[1] ^ rk[6];
525 rk[ 8] = rk[ 2] ^ rk[ 7]; 527 rk[8] = rk[2] ^ rk[7];
526 rk[ 9] = rk[ 3] ^ rk[ 8]; 528 rk[9] = rk[3] ^ rk[8];
527 if (++i == 8) { 529 if (++i == 8) {
528 return 0; 530 return 0;
529 } 531 }
530 rk[10] = rk[ 4] ^ rk[ 9]; 532 rk[10] = rk[4] ^ rk[9];
531 rk[11] = rk[ 5] ^ rk[10]; 533 rk[11] = rk[5] ^ rk[10];
532 rk += 6; 534 rk += 6;
533 } 535 }
534 } 536 }
@@ -536,31 +538,31 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
536 rk[7] = GETU32(userKey + 28); 538 rk[7] = GETU32(userKey + 28);
537 if (bits == 256) { 539 if (bits == 256) {
538 while (1) { 540 while (1) {
539 temp = rk[ 7]; 541 temp = rk[7];
540 rk[ 8] = rk[ 0] ^ 542 rk[8] = rk[0] ^
541 (Te4[(temp >> 8) & 0xff] ) ^ 543 (Te4[(temp >> 8) & 0xff]) ^
542 (Te4[(temp >> 16) & 0xff] << 8) ^ 544 (Te4[(temp >> 16) & 0xff] << 8) ^
543 (Te4[(temp >> 24) ] << 16) ^ 545 (Te4[(temp >> 24)] << 16) ^
544 (Te4[(temp ) & 0xff] << 24) ^ 546 (Te4[(temp) & 0xff] << 24) ^
545 rcon[i]; 547 rcon[i];
546 rk[ 9] = rk[ 1] ^ rk[ 8]; 548 rk[9] = rk[1] ^ rk[8];
547 rk[10] = rk[ 2] ^ rk[ 9]; 549 rk[10] = rk[2] ^ rk[9];
548 rk[11] = rk[ 3] ^ rk[10]; 550 rk[11] = rk[3] ^ rk[10];
549 if (++i == 7) { 551 if (++i == 7) {
550 return 0; 552 return 0;
551 } 553 }
552 temp = rk[11]; 554 temp = rk[11];
553 rk[12] = rk[ 4] ^ 555 rk[12] = rk[4] ^
554 (Te4[(temp ) & 0xff] ) ^ 556 (Te4[(temp) & 0xff]) ^
555 (Te4[(temp >> 8) & 0xff] << 8) ^ 557 (Te4[(temp >> 8) & 0xff] << 8) ^
556 (Te4[(temp >> 16) & 0xff] << 16) ^ 558 (Te4[(temp >> 16) & 0xff] << 16) ^
557 (Te4[(temp >> 24) ] << 24); 559 (Te4[(temp >> 24)] << 24);
558 rk[13] = rk[ 5] ^ rk[12]; 560 rk[13] = rk[5] ^ rk[12];
559 rk[14] = rk[ 6] ^ rk[13]; 561 rk[14] = rk[6] ^ rk[13];
560 rk[15] = rk[ 7] ^ rk[14]; 562 rk[15] = rk[7] ^ rk[14];
561 563
562 rk += 8; 564 rk += 8;
563 } 565 }
564 } 566 }
565 return 0; 567 return 0;
566} 568}
@@ -568,10 +570,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
568/** 570/**
569 * Expand the cipher key into the decryption key schedule. 571 * Expand the cipher key into the decryption key schedule.
570 */ 572 */
571int AES_set_decrypt_key(const unsigned char *userKey, const int bits, 573int
572 AES_KEY *key) { 574AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
573 575{
574 u32 *rk; 576 u32 *rk;
575 int i, j, status; 577 int i, j, status;
576 u32 temp; 578 u32 temp;
577 579
@@ -584,10 +586,18 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
584 586
585 /* invert the order of the round keys: */ 587 /* invert the order of the round keys: */
586 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) { 588 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
587 temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp; 589 temp = rk[i];
588 temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp; 590 rk[i] = rk[j];
589 temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp; 591 rk[j] = temp;
590 temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp; 592 temp = rk[i + 1];
593 rk[i + 1] = rk[j + 1];
594 rk[j + 1] = temp;
595 temp = rk[i + 2];
596 rk[i + 2] = rk[j + 2];
597 rk[j + 2] = temp;
598 temp = rk[i + 3];
599 rk[i + 3] = rk[j + 3];
600 rk[j + 3] = temp;
591 } 601 }
592 /* apply the inverse MixColumn transform to all round keys but the first and the last: */ 602 /* apply the inverse MixColumn transform to all round keys but the first and the last: */
593 for (i = 1; i < (key->rounds); i++) { 603 for (i = 1; i < (key->rounds); i++) {
@@ -599,47 +609,47 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
599 tp1 = rk[j]; 609 tp1 = rk[j];
600 m = tp1 & 0x80808080; 610 m = tp1 & 0x80808080;
601 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^ 611 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
602 ((m - (m >> 7)) & 0x1b1b1b1b); 612 ((m - (m >> 7)) & 0x1b1b1b1b);
603 m = tp2 & 0x80808080; 613 m = tp2 & 0x80808080;
604 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^ 614 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
605 ((m - (m >> 7)) & 0x1b1b1b1b); 615 ((m - (m >> 7)) & 0x1b1b1b1b);
606 m = tp4 & 0x80808080; 616 m = tp4 & 0x80808080;
607 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^ 617 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
608 ((m - (m >> 7)) & 0x1b1b1b1b); 618 ((m - (m >> 7)) & 0x1b1b1b1b);
609 tp9 = tp8 ^ tp1; 619 tp9 = tp8 ^ tp1;
610 tpb = tp9 ^ tp2; 620 tpb = tp9 ^ tp2;
611 tpd = tp9 ^ tp4; 621 tpd = tp9 ^ tp4;
612 tpe = tp8 ^ tp4 ^ tp2; 622 tpe = tp8 ^ tp4 ^ tp2;
613#if defined(ROTATE) 623#if defined(ROTATE)
614 rk[j] = tpe ^ ROTATE(tpd,16) ^ 624 rk[j] = tpe ^ ROTATE(tpd, 16) ^
615 ROTATE(tp9,8) ^ ROTATE(tpb,24); 625 ROTATE(tp9, 8) ^ ROTATE(tpb, 24);
616#else 626#else
617 rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 627 rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
618 (tp9 >> 24) ^ (tp9 << 8) ^ 628 (tp9 >> 24) ^ (tp9 << 8) ^
619 (tpb >> 8) ^ (tpb << 24); 629 (tpb >> 8) ^ (tpb << 24);
620#endif 630#endif
621 } 631 }
622#else 632#else
623 rk[0] = 633 rk[0] =
624 Td0[Te2[(rk[0] ) & 0xff] & 0xff] ^ 634 Td0[Te2[(rk[0]) & 0xff] & 0xff] ^
625 Td1[Te2[(rk[0] >> 8) & 0xff] & 0xff] ^ 635 Td1[Te2[(rk[0] >> 8) & 0xff] & 0xff] ^
626 Td2[Te2[(rk[0] >> 16) & 0xff] & 0xff] ^ 636 Td2[Te2[(rk[0] >> 16) & 0xff] & 0xff] ^
627 Td3[Te2[(rk[0] >> 24) ] & 0xff]; 637 Td3[Te2[(rk[0] >> 24)] & 0xff];
628 rk[1] = 638 rk[1] =
629 Td0[Te2[(rk[1] ) & 0xff] & 0xff] ^ 639 Td0[Te2[(rk[1]) & 0xff] & 0xff] ^
630 Td1[Te2[(rk[1] >> 8) & 0xff] & 0xff] ^ 640 Td1[Te2[(rk[1] >> 8) & 0xff] & 0xff] ^
631 Td2[Te2[(rk[1] >> 16) & 0xff] & 0xff] ^ 641 Td2[Te2[(rk[1] >> 16) & 0xff] & 0xff] ^
632 Td3[Te2[(rk[1] >> 24) ] & 0xff]; 642 Td3[Te2[(rk[1] >> 24)] & 0xff];
633 rk[2] = 643 rk[2] =
634 Td0[Te2[(rk[2] ) & 0xff] & 0xff] ^ 644 Td0[Te2[(rk[2]) & 0xff] & 0xff] ^
635 Td1[Te2[(rk[2] >> 8) & 0xff] & 0xff] ^ 645 Td1[Te2[(rk[2] >> 8) & 0xff] & 0xff] ^
636 Td2[Te2[(rk[2] >> 16) & 0xff] & 0xff] ^ 646 Td2[Te2[(rk[2] >> 16) & 0xff] & 0xff] ^
637 Td3[Te2[(rk[2] >> 24) ] & 0xff]; 647 Td3[Te2[(rk[2] >> 24)] & 0xff];
638 rk[3] = 648 rk[3] =
639 Td0[Te2[(rk[3] ) & 0xff] & 0xff] ^ 649 Td0[Te2[(rk[3]) & 0xff] & 0xff] ^
640 Td1[Te2[(rk[3] >> 8) & 0xff] & 0xff] ^ 650 Td1[Te2[(rk[3] >> 8) & 0xff] & 0xff] ^
641 Td2[Te2[(rk[3] >> 16) & 0xff] & 0xff] ^ 651 Td2[Te2[(rk[3] >> 16) & 0xff] & 0xff] ^
642 Td3[Te2[(rk[3] >> 24) ] & 0xff]; 652 Td3[Te2[(rk[3] >> 24)] & 0xff];
643#endif 653#endif
644 } 654 }
645 return 0; 655 return 0;
@@ -649,9 +659,9 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
649 * Encrypt a single block 659 * Encrypt a single block
650 * in and out can overlap 660 * in and out can overlap
651 */ 661 */
652void AES_encrypt(const unsigned char *in, unsigned char *out, 662void
653 const AES_KEY *key) { 663AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
654 664{
655 const u32 *rk; 665 const u32 *rk;
656 u32 s0, s1, s2, s3, t[4]; 666 u32 s0, s1, s2, s3, t[4];
657 int r; 667 int r;
@@ -663,197 +673,205 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
663 * map byte array block to cipher state 673 * map byte array block to cipher state
664 * and add initial round key: 674 * and add initial round key:
665 */ 675 */
666 s0 = GETU32(in ) ^ rk[0]; 676 s0 = GETU32(in) ^ rk[0];
667 s1 = GETU32(in + 4) ^ rk[1]; 677 s1 = GETU32(in + 4) ^ rk[1];
668 s2 = GETU32(in + 8) ^ rk[2]; 678 s2 = GETU32(in + 8) ^ rk[2];
669 s3 = GETU32(in + 12) ^ rk[3]; 679 s3 = GETU32(in + 12) ^ rk[3];
670 680
671#if defined(AES_COMPACT_IN_OUTER_ROUNDS) 681#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
672 prefetch256(Te4); 682 prefetch256(Te4);
673 683
674 t[0] = Te4[(s0 ) & 0xff] ^ 684 t[0] = Te4[(s0) & 0xff] ^
675 Te4[(s1 >> 8) & 0xff] << 8 ^ 685 Te4[(s1 >> 8) & 0xff] << 8 ^
676 Te4[(s2 >> 16) & 0xff] << 16 ^ 686 Te4[(s2 >> 16) & 0xff] << 16 ^
677 Te4[(s3 >> 24) ] << 24; 687 Te4[(s3 >> 24)] << 24;
678 t[1] = Te4[(s1 ) & 0xff] ^ 688 t[1] = Te4[(s1) & 0xff] ^
679 Te4[(s2 >> 8) & 0xff] << 8 ^ 689 Te4[(s2 >> 8) & 0xff] << 8 ^
680 Te4[(s3 >> 16) & 0xff] << 16 ^ 690 Te4[(s3 >> 16) & 0xff] << 16 ^
681 Te4[(s0 >> 24) ] << 24; 691 Te4[(s0 >> 24)] << 24;
682 t[2] = Te4[(s2 ) & 0xff] ^ 692 t[2] = Te4[(s2) & 0xff] ^
683 Te4[(s3 >> 8) & 0xff] << 8 ^ 693 Te4[(s3 >> 8) & 0xff] << 8 ^
684 Te4[(s0 >> 16) & 0xff] << 16 ^ 694 Te4[(s0 >> 16) & 0xff] << 16 ^
685 Te4[(s1 >> 24) ] << 24; 695 Te4[(s1 >> 24)] << 24;
686 t[3] = Te4[(s3 ) & 0xff] ^ 696 t[3] = Te4[(s3) & 0xff] ^
687 Te4[(s0 >> 8) & 0xff] << 8 ^ 697 Te4[(s0 >> 8) & 0xff] << 8 ^
688 Te4[(s1 >> 16) & 0xff] << 16 ^ 698 Te4[(s1 >> 16) & 0xff] << 16 ^
689 Te4[(s2 >> 24) ] << 24; 699 Te4[(s2 >> 24)] << 24;
690 700
691 /* now do the linear transform using words */ 701 /* now do the linear transform using words */
692 { int i; 702 {
703 int i;
693 u32 r0, r1, r2; 704 u32 r0, r1, r2;
694 705
695 for (i = 0; i < 4; i++) { 706 for (i = 0; i < 4; i++) {
696 r0 = t[i]; 707 r0 = t[i];
697 r1 = r0 & 0x80808080; 708 r1 = r0 & 0x80808080;
698 r2 = ((r0 & 0x7f7f7f7f) << 1) ^ 709 r2 = ((r0 & 0x7f7f7f7f) << 1) ^
699 ((r1 - (r1 >> 7)) & 0x1b1b1b1b); 710 ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
700#if defined(ROTATE) 711#if defined(ROTATE)
701 t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^ 712 t[i] = r2 ^ ROTATE(r2, 24) ^ ROTATE(r0, 24) ^
702 ROTATE(r0,16) ^ ROTATE(r0,8); 713 ROTATE(r0, 16) ^ ROTATE(r0, 8);
703#else 714#else
704 t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^ 715 t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
705 (r0 << 16) ^ (r0 >> 16) ^ 716 (r0 << 16) ^ (r0 >> 16) ^ (r0 << 8) ^ (r0 >> 24);
706 (r0 << 8) ^ (r0 >> 24);
707#endif 717#endif
708 t[i] ^= rk[4+i]; 718 t[i] ^= rk[4 + i];
709 } 719 }
710 } 720 }
711#else 721#else
712 t[0] = Te0[(s0 ) & 0xff] ^ 722 t[0] = Te0[(s0) & 0xff] ^
713 Te1[(s1 >> 8) & 0xff] ^ 723 Te1[(s1 >> 8) & 0xff] ^
714 Te2[(s2 >> 16) & 0xff] ^ 724 Te2[(s2 >> 16) & 0xff] ^
715 Te3[(s3 >> 24) ] ^ 725 Te3[(s3 >> 24)] ^
716 rk[4]; 726 rk[4];
717 t[1] = Te0[(s1 ) & 0xff] ^ 727 t[1] = Te0[(s1) & 0xff] ^
718 Te1[(s2 >> 8) & 0xff] ^ 728 Te1[(s2 >> 8) & 0xff] ^
719 Te2[(s3 >> 16) & 0xff] ^ 729 Te2[(s3 >> 16) & 0xff] ^
720 Te3[(s0 >> 24) ] ^ 730 Te3[(s0 >> 24)] ^
721 rk[5]; 731 rk[5];
722 t[2] = Te0[(s2 ) & 0xff] ^ 732 t[2] = Te0[(s2) & 0xff] ^
723 Te1[(s3 >> 8) & 0xff] ^ 733 Te1[(s3 >> 8) & 0xff] ^
724 Te2[(s0 >> 16) & 0xff] ^ 734 Te2[(s0 >> 16) & 0xff] ^
725 Te3[(s1 >> 24) ] ^ 735 Te3[(s1 >> 24)] ^
726 rk[6]; 736 rk[6];
727 t[3] = Te0[(s3 ) & 0xff] ^ 737 t[3] = Te0[(s3) & 0xff] ^
728 Te1[(s0 >> 8) & 0xff] ^ 738 Te1[(s0 >> 8) & 0xff] ^
729 Te2[(s1 >> 16) & 0xff] ^ 739 Te2[(s1 >> 16) & 0xff] ^
730 Te3[(s2 >> 24) ] ^ 740 Te3[(s2 >> 24)] ^
731 rk[7]; 741 rk[7];
732#endif 742#endif
733 s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3]; 743 s0 = t[0];
744 s1 = t[1];
745 s2 = t[2];
746 s3 = t[3];
734 747
735 /* 748 /*
736 * Nr - 2 full rounds: 749 * Nr - 2 full rounds:
737 */ 750 */
738 for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) { 751 for (rk += 8, r = key->rounds - 2; r > 0; rk += 4, r--) {
739#if defined(AES_COMPACT_IN_INNER_ROUNDS) 752#if defined(AES_COMPACT_IN_INNER_ROUNDS)
740 t[0] = Te4[(s0 ) & 0xff] ^ 753 t[0] = Te4[(s0) & 0xff] ^
741 Te4[(s1 >> 8) & 0xff] << 8 ^ 754 Te4[(s1 >> 8) & 0xff] << 8 ^
742 Te4[(s2 >> 16) & 0xff] << 16 ^ 755 Te4[(s2 >> 16) & 0xff] << 16 ^
743 Te4[(s3 >> 24) ] << 24; 756 Te4[(s3 >> 24)] << 24;
744 t[1] = Te4[(s1 ) & 0xff] ^ 757 t[1] = Te4[(s1) & 0xff] ^
745 Te4[(s2 >> 8) & 0xff] << 8 ^ 758 Te4[(s2 >> 8) & 0xff] << 8 ^
746 Te4[(s3 >> 16) & 0xff] << 16 ^ 759 Te4[(s3 >> 16) & 0xff] << 16 ^
747 Te4[(s0 >> 24) ] << 24; 760 Te4[(s0 >> 24)] << 24;
748 t[2] = Te4[(s2 ) & 0xff] ^ 761 t[2] = Te4[(s2) & 0xff] ^
749 Te4[(s3 >> 8) & 0xff] << 8 ^ 762 Te4[(s3 >> 8) & 0xff] << 8 ^
750 Te4[(s0 >> 16) & 0xff] << 16 ^ 763 Te4[(s0 >> 16) & 0xff] << 16 ^
751 Te4[(s1 >> 24) ] << 24; 764 Te4[(s1 >> 24)] << 24;
752 t[3] = Te4[(s3 ) & 0xff] ^ 765 t[3] = Te4[(s3) & 0xff] ^
753 Te4[(s0 >> 8) & 0xff] << 8 ^ 766 Te4[(s0 >> 8) & 0xff] << 8 ^
754 Te4[(s1 >> 16) & 0xff] << 16 ^ 767 Te4[(s1 >> 16) & 0xff] << 16 ^
755 Te4[(s2 >> 24) ] << 24; 768 Te4[(s2 >> 24)] << 24;
756 769
757 /* now do the linear transform using words */ 770 /* now do the linear transform using words */
758 { int i; 771 {
759 u32 r0, r1, r2; 772 int i;
773 u32 r0, r1, r2;
760 774
761 for (i = 0; i < 4; i++) { 775 for (i = 0; i < 4; i++) {
762 r0 = t[i]; 776 r0 = t[i];
763 r1 = r0 & 0x80808080; 777 r1 = r0 & 0x80808080;
764 r2 = ((r0 & 0x7f7f7f7f) << 1) ^ 778 r2 = ((r0 & 0x7f7f7f7f) << 1) ^
765 ((r1 - (r1 >> 7)) & 0x1b1b1b1b); 779 ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
766#if defined(ROTATE) 780#if defined(ROTATE)
767 t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^ 781 t[i] = r2 ^ ROTATE(r2, 24) ^ ROTATE(r0, 24) ^
768 ROTATE(r0,16) ^ ROTATE(r0,8); 782 ROTATE(r0, 16) ^ ROTATE(r0, 8);
769#else 783#else
770 t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^ 784 t[i] = r2 ^ ((r2 ^ r0) << 24) ^
771 (r0 << 16) ^ (r0 >> 16) ^ 785 ((r2 ^ r0) >> 8) ^
772 (r0 << 8) ^ (r0 >> 24); 786 (r0 << 16) ^ (r0 >> 16) ^
787 (r0 << 8) ^ (r0 >> 24);
773#endif 788#endif
774 t[i] ^= rk[i]; 789 t[i] ^= rk[i];
790 }
775 } 791 }
776 }
777#else 792#else
778 t[0] = Te0[(s0 ) & 0xff] ^ 793 t[0] = Te0[(s0) & 0xff] ^
779 Te1[(s1 >> 8) & 0xff] ^ 794 Te1[(s1 >> 8) & 0xff] ^
780 Te2[(s2 >> 16) & 0xff] ^ 795 Te2[(s2 >> 16) & 0xff] ^
781 Te3[(s3 >> 24) ] ^ 796 Te3[(s3 >> 24)] ^
782 rk[0]; 797 rk[0];
783 t[1] = Te0[(s1 ) & 0xff] ^ 798 t[1] = Te0[(s1) & 0xff] ^
784 Te1[(s2 >> 8) & 0xff] ^ 799 Te1[(s2 >> 8) & 0xff] ^
785 Te2[(s3 >> 16) & 0xff] ^ 800 Te2[(s3 >> 16) & 0xff] ^
786 Te3[(s0 >> 24) ] ^ 801 Te3[(s0 >> 24)] ^
787 rk[1]; 802 rk[1];
788 t[2] = Te0[(s2 ) & 0xff] ^ 803 t[2] = Te0[(s2) & 0xff] ^
789 Te1[(s3 >> 8) & 0xff] ^ 804 Te1[(s3 >> 8) & 0xff] ^
790 Te2[(s0 >> 16) & 0xff] ^ 805 Te2[(s0 >> 16) & 0xff] ^
791 Te3[(s1 >> 24) ] ^ 806 Te3[(s1 >> 24)] ^
792 rk[2]; 807 rk[2];
793 t[3] = Te0[(s3 ) & 0xff] ^ 808 t[3] = Te0[(s3) & 0xff] ^
794 Te1[(s0 >> 8) & 0xff] ^ 809 Te1[(s0 >> 8) & 0xff] ^
795 Te2[(s1 >> 16) & 0xff] ^ 810 Te2[(s1 >> 16) & 0xff] ^
796 Te3[(s2 >> 24) ] ^ 811 Te3[(s2 >> 24)] ^
797 rk[3]; 812 rk[3];
798#endif 813#endif
799 s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3]; 814 s0 = t[0];
800 } 815 s1 = t[1];
801 /* 816 s2 = t[2];
817 s3 = t[3];
818 }
819 /*
802 * apply last round and 820 * apply last round and
803 * map cipher state to byte array block: 821 * map cipher state to byte array block:
804 */ 822 */
805#if defined(AES_COMPACT_IN_OUTER_ROUNDS) 823#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
806 prefetch256(Te4); 824 prefetch256(Te4);
807 825
808 *(u32*)(out+0) = 826 *(u32*)(out + 0) =
809 Te4[(s0 ) & 0xff] ^ 827 Te4[(s0) & 0xff] ^
810 Te4[(s1 >> 8) & 0xff] << 8 ^ 828 Te4[(s1 >> 8) & 0xff] << 8 ^
811 Te4[(s2 >> 16) & 0xff] << 16 ^ 829 Te4[(s2 >> 16) & 0xff] << 16 ^
812 Te4[(s3 >> 24) ] << 24 ^ 830 Te4[(s3 >> 24)] << 24 ^
813 rk[0]; 831 rk[0];
814 *(u32*)(out+4) = 832 *(u32*)(out + 4) =
815 Te4[(s1 ) & 0xff] ^ 833 Te4[(s1) & 0xff] ^
816 Te4[(s2 >> 8) & 0xff] << 8 ^ 834 Te4[(s2 >> 8) & 0xff] << 8 ^
817 Te4[(s3 >> 16) & 0xff] << 16 ^ 835 Te4[(s3 >> 16) & 0xff] << 16 ^
818 Te4[(s0 >> 24) ] << 24 ^ 836 Te4[(s0 >> 24)] << 24 ^
819 rk[1]; 837 rk[1];
820 *(u32*)(out+8) = 838 *(u32*)(out + 8) =
821 Te4[(s2 ) & 0xff] ^ 839 Te4[(s2) & 0xff] ^
822 Te4[(s3 >> 8) & 0xff] << 8 ^ 840 Te4[(s3 >> 8) & 0xff] << 8 ^
823 Te4[(s0 >> 16) & 0xff] << 16 ^ 841 Te4[(s0 >> 16) & 0xff] << 16 ^
824 Te4[(s1 >> 24) ] << 24 ^ 842 Te4[(s1 >> 24)] << 24 ^
825 rk[2]; 843 rk[2];
826 *(u32*)(out+12) = 844 *(u32*)(out + 12) =
827 Te4[(s3 ) & 0xff] ^ 845 Te4[(s3) & 0xff] ^
828 Te4[(s0 >> 8) & 0xff] << 8 ^ 846 Te4[(s0 >> 8) & 0xff] << 8 ^
829 Te4[(s1 >> 16) & 0xff] << 16 ^ 847 Te4[(s1 >> 16) & 0xff] << 16 ^
830 Te4[(s2 >> 24) ] << 24 ^ 848 Te4[(s2 >> 24)] << 24 ^
831 rk[3]; 849 rk[3];
832#else 850#else
833 *(u32*)(out+0) = 851 *(u32*)(out + 0) =
834 (Te2[(s0 ) & 0xff] & 0x000000ffU) ^ 852 (Te2[(s0) & 0xff] & 0x000000ffU) ^
835 (Te3[(s1 >> 8) & 0xff] & 0x0000ff00U) ^ 853 (Te3[(s1 >> 8) & 0xff] & 0x0000ff00U) ^
836 (Te0[(s2 >> 16) & 0xff] & 0x00ff0000U) ^ 854 (Te0[(s2 >> 16) & 0xff] & 0x00ff0000U) ^
837 (Te1[(s3 >> 24) ] & 0xff000000U) ^ 855 (Te1[(s3 >> 24)] & 0xff000000U) ^
838 rk[0]; 856 rk[0];
839 *(u32*)(out+4) = 857 *(u32*)(out + 4) =
840 (Te2[(s1 ) & 0xff] & 0x000000ffU) ^ 858 (Te2[(s1) & 0xff] & 0x000000ffU) ^
841 (Te3[(s2 >> 8) & 0xff] & 0x0000ff00U) ^ 859 (Te3[(s2 >> 8) & 0xff] & 0x0000ff00U) ^
842 (Te0[(s3 >> 16) & 0xff] & 0x00ff0000U) ^ 860 (Te0[(s3 >> 16) & 0xff] & 0x00ff0000U) ^
843 (Te1[(s0 >> 24) ] & 0xff000000U) ^ 861 (Te1[(s0 >> 24)] & 0xff000000U) ^
844 rk[1]; 862 rk[1];
845 *(u32*)(out+8) = 863 *(u32*)(out + 8) =
846 (Te2[(s2 ) & 0xff] & 0x000000ffU) ^ 864 (Te2[(s2) & 0xff] & 0x000000ffU) ^
847 (Te3[(s3 >> 8) & 0xff] & 0x0000ff00U) ^ 865 (Te3[(s3 >> 8) & 0xff] & 0x0000ff00U) ^
848 (Te0[(s0 >> 16) & 0xff] & 0x00ff0000U) ^ 866 (Te0[(s0 >> 16) & 0xff] & 0x00ff0000U) ^
849 (Te1[(s1 >> 24) ] & 0xff000000U) ^ 867 (Te1[(s1 >> 24)] & 0xff000000U) ^
850 rk[2]; 868 rk[2];
851 *(u32*)(out+12) = 869 *(u32*)(out + 12) =
852 (Te2[(s3 ) & 0xff] & 0x000000ffU) ^ 870 (Te2[(s3) & 0xff] & 0x000000ffU) ^
853 (Te3[(s0 >> 8) & 0xff] & 0x0000ff00U) ^ 871 (Te3[(s0 >> 8) & 0xff] & 0x0000ff00U) ^
854 (Te0[(s1 >> 16) & 0xff] & 0x00ff0000U) ^ 872 (Te0[(s1 >> 16) & 0xff] & 0x00ff0000U) ^
855 (Te1[(s2 >> 24) ] & 0xff000000U) ^ 873 (Te1[(s2 >> 24)] & 0xff000000U) ^
856 rk[3]; 874 rk[3];
857#endif 875#endif
858} 876}
859 877
@@ -861,9 +879,9 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
861 * Decrypt a single block 879 * Decrypt a single block
862 * in and out can overlap 880 * in and out can overlap
863 */ 881 */
864void AES_decrypt(const unsigned char *in, unsigned char *out, 882void
865 const AES_KEY *key) { 883AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
866 884{
867 const u32 *rk; 885 const u32 *rk;
868 u32 s0, s1, s2, s3, t[4]; 886 u32 s0, s1, s2, s3, t[4];
869 int r; 887 int r;
@@ -875,7 +893,7 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
875 * map byte array block to cipher state 893 * map byte array block to cipher state
876 * and add initial round key: 894 * and add initial round key:
877 */ 895 */
878 s0 = GETU32(in ) ^ rk[0]; 896 s0 = GETU32(in) ^ rk[0];
879 s1 = GETU32(in + 4) ^ rk[1]; 897 s1 = GETU32(in + 4) ^ rk[1];
880 s2 = GETU32(in + 8) ^ rk[2]; 898 s2 = GETU32(in + 8) ^ rk[2];
881 s3 = GETU32(in + 12) ^ rk[3]; 899 s3 = GETU32(in + 12) ^ rk[3];
@@ -883,181 +901,188 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
883#if defined(AES_COMPACT_IN_OUTER_ROUNDS) 901#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
884 prefetch256(Td4); 902 prefetch256(Td4);
885 903
886 t[0] = Td4[(s0 ) & 0xff] ^ 904 t[0] = Td4[(s0) & 0xff] ^
887 Td4[(s3 >> 8) & 0xff] << 8 ^ 905 Td4[(s3 >> 8) & 0xff] << 8 ^
888 Td4[(s2 >> 16) & 0xff] << 16 ^ 906 Td4[(s2 >> 16) & 0xff] << 16 ^
889 Td4[(s1 >> 24) ] << 24; 907 Td4[(s1 >> 24)] << 24;
890 t[1] = Td4[(s1 ) & 0xff] ^ 908 t[1] = Td4[(s1) & 0xff] ^
891 Td4[(s0 >> 8) & 0xff] << 8 ^ 909 Td4[(s0 >> 8) & 0xff] << 8 ^
892 Td4[(s3 >> 16) & 0xff] << 16 ^ 910 Td4[(s3 >> 16) & 0xff] << 16 ^
893 Td4[(s2 >> 24) ] << 24; 911 Td4[(s2 >> 24)] << 24;
894 t[2] = Td4[(s2 ) & 0xff] ^ 912 t[2] = Td4[(s2) & 0xff] ^
895 Td4[(s1 >> 8) & 0xff] << 8 ^ 913 Td4[(s1 >> 8) & 0xff] << 8 ^
896 Td4[(s0 >> 16) & 0xff] << 16 ^ 914 Td4[(s0 >> 16) & 0xff] << 16 ^
897 Td4[(s3 >> 24) ] << 24; 915 Td4[(s3 >> 24)] << 24;
898 t[3] = Td4[(s3 ) & 0xff] ^ 916 t[3] = Td4[(s3) & 0xff] ^
899 Td4[(s2 >> 8) & 0xff] << 8 ^ 917 Td4[(s2 >> 8) & 0xff] << 8 ^
900 Td4[(s1 >> 16) & 0xff] << 16 ^ 918 Td4[(s1 >> 16) & 0xff] << 16 ^
901 Td4[(s0 >> 24) ] << 24; 919 Td4[(s0 >> 24)] << 24;
902 920
903 /* now do the linear transform using words */ 921 /* now do the linear transform using words */
904 { int i; 922 {
923 int i;
905 u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m; 924 u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
906 925
907 for (i = 0; i < 4; i++) { 926 for (i = 0; i < 4; i++) {
908 tp1 = t[i]; 927 tp1 = t[i];
909 m = tp1 & 0x80808080; 928 m = tp1 & 0x80808080;
910 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^ 929 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
911 ((m - (m >> 7)) & 0x1b1b1b1b); 930 ((m - (m >> 7)) & 0x1b1b1b1b);
912 m = tp2 & 0x80808080; 931 m = tp2 & 0x80808080;
913 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^ 932 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
914 ((m - (m >> 7)) & 0x1b1b1b1b); 933 ((m - (m >> 7)) & 0x1b1b1b1b);
915 m = tp4 & 0x80808080; 934 m = tp4 & 0x80808080;
916 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^ 935 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
917 ((m - (m >> 7)) & 0x1b1b1b1b); 936 ((m - (m >> 7)) & 0x1b1b1b1b);
918 tp9 = tp8 ^ tp1; 937 tp9 = tp8 ^ tp1;
919 tpb = tp9 ^ tp2; 938 tpb = tp9 ^ tp2;
920 tpd = tp9 ^ tp4; 939 tpd = tp9 ^ tp4;
921 tpe = tp8 ^ tp4 ^ tp2; 940 tpe = tp8 ^ tp4 ^ tp2;
922#if defined(ROTATE) 941#if defined(ROTATE)
923 t[i] = tpe ^ ROTATE(tpd,16) ^ 942 t[i] = tpe ^ ROTATE(tpd, 16) ^
924 ROTATE(tp9,8) ^ ROTATE(tpb,24); 943 ROTATE(tp9, 8) ^ ROTATE(tpb, 24);
925#else 944#else
926 t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 945 t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
927 (tp9 >> 24) ^ (tp9 << 8) ^ 946 (tp9 >> 24) ^ (tp9 << 8) ^ (tpb >> 8) ^ (tpb << 24);
928 (tpb >> 8) ^ (tpb << 24);
929#endif 947#endif
930 t[i] ^= rk[4+i]; 948 t[i] ^= rk[4 + i];
931 } 949 }
932 } 950 }
933#else 951#else
934 t[0] = Td0[(s0 ) & 0xff] ^ 952 t[0] = Td0[(s0) & 0xff] ^
935 Td1[(s3 >> 8) & 0xff] ^ 953 Td1[(s3 >> 8) & 0xff] ^
936 Td2[(s2 >> 16) & 0xff] ^ 954 Td2[(s2 >> 16) & 0xff] ^
937 Td3[(s1 >> 24) ] ^ 955 Td3[(s1 >> 24)] ^
938 rk[4]; 956 rk[4];
939 t[1] = Td0[(s1 ) & 0xff] ^ 957 t[1] = Td0[(s1) & 0xff] ^
940 Td1[(s0 >> 8) & 0xff] ^ 958 Td1[(s0 >> 8) & 0xff] ^
941 Td2[(s3 >> 16) & 0xff] ^ 959 Td2[(s3 >> 16) & 0xff] ^
942 Td3[(s2 >> 24) ] ^ 960 Td3[(s2 >> 24)] ^
943 rk[5]; 961 rk[5];
944 t[2] = Td0[(s2 ) & 0xff] ^ 962 t[2] = Td0[(s2) & 0xff] ^
945 Td1[(s1 >> 8) & 0xff] ^ 963 Td1[(s1 >> 8) & 0xff] ^
946 Td2[(s0 >> 16) & 0xff] ^ 964 Td2[(s0 >> 16) & 0xff] ^
947 Td3[(s3 >> 24) ] ^ 965 Td3[(s3 >> 24)] ^
948 rk[6]; 966 rk[6];
949 t[3] = Td0[(s3 ) & 0xff] ^ 967 t[3] = Td0[(s3) & 0xff] ^
950 Td1[(s2 >> 8) & 0xff] ^ 968 Td1[(s2 >> 8) & 0xff] ^
951 Td2[(s1 >> 16) & 0xff] ^ 969 Td2[(s1 >> 16) & 0xff] ^
952 Td3[(s0 >> 24) ] ^ 970 Td3[(s0 >> 24)] ^
953 rk[7]; 971 rk[7];
954#endif 972#endif
955 s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3]; 973 s0 = t[0];
974 s1 = t[1];
975 s2 = t[2];
976 s3 = t[3];
956 977
957 /* 978 /*
958 * Nr - 2 full rounds: 979 * Nr - 2 full rounds:
959 */ 980 */
960 for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) { 981 for (rk += 8, r = key->rounds - 2; r > 0; rk += 4, r--) {
961#if defined(AES_COMPACT_IN_INNER_ROUNDS) 982#if defined(AES_COMPACT_IN_INNER_ROUNDS)
962 t[0] = Td4[(s0 ) & 0xff] ^ 983 t[0] = Td4[(s0) & 0xff] ^
963 Td4[(s3 >> 8) & 0xff] << 8 ^ 984 Td4[(s3 >> 8) & 0xff] << 8 ^
964 Td4[(s2 >> 16) & 0xff] << 16 ^ 985 Td4[(s2 >> 16) & 0xff] << 16 ^
965 Td4[(s1 >> 24) ] << 24; 986 Td4[(s1 >> 24)] << 24;
966 t[1] = Td4[(s1 ) & 0xff] ^ 987 t[1] = Td4[(s1) & 0xff] ^
967 Td4[(s0 >> 8) & 0xff] << 8 ^ 988 Td4[(s0 >> 8) & 0xff] << 8 ^
968 Td4[(s3 >> 16) & 0xff] << 16 ^ 989 Td4[(s3 >> 16) & 0xff] << 16 ^
969 Td4[(s2 >> 24) ] << 24; 990 Td4[(s2 >> 24)] << 24;
970 t[2] = Td4[(s2 ) & 0xff] ^ 991 t[2] = Td4[(s2) & 0xff] ^
971 Td4[(s1 >> 8) & 0xff] << 8 ^ 992 Td4[(s1 >> 8) & 0xff] << 8 ^
972 Td4[(s0 >> 16) & 0xff] << 16 ^ 993 Td4[(s0 >> 16) & 0xff] << 16 ^
973 Td4[(s3 >> 24) ] << 24; 994 Td4[(s3 >> 24)] << 24;
974 t[3] = Td4[(s3 ) & 0xff] ^ 995 t[3] = Td4[(s3) & 0xff] ^
975 Td4[(s2 >> 8) & 0xff] << 8 ^ 996 Td4[(s2 >> 8) & 0xff] << 8 ^
976 Td4[(s1 >> 16) & 0xff] << 16 ^ 997 Td4[(s1 >> 16) & 0xff] << 16 ^
977 Td4[(s0 >> 24) ] << 24; 998 Td4[(s0 >> 24)] << 24;
978 999
979 /* now do the linear transform using words */ 1000 /* now do the linear transform using words */
980 { int i; 1001 {
981 u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m; 1002 int i;
1003 u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
982 1004
983 for (i = 0; i < 4; i++) { 1005 for (i = 0; i < 4; i++) {
984 tp1 = t[i]; 1006 tp1 = t[i];
985 m = tp1 & 0x80808080; 1007 m = tp1 & 0x80808080;
986 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^ 1008 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
987 ((m - (m >> 7)) & 0x1b1b1b1b); 1009 ((m - (m >> 7)) & 0x1b1b1b1b);
988 m = tp2 & 0x80808080; 1010 m = tp2 & 0x80808080;
989 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^ 1011 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
990 ((m - (m >> 7)) & 0x1b1b1b1b); 1012 ((m - (m >> 7)) & 0x1b1b1b1b);
991 m = tp4 & 0x80808080; 1013 m = tp4 & 0x80808080;
992 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^ 1014 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
993 ((m - (m >> 7)) & 0x1b1b1b1b); 1015 ((m - (m >> 7)) & 0x1b1b1b1b);
994 tp9 = tp8 ^ tp1; 1016 tp9 = tp8 ^ tp1;
995 tpb = tp9 ^ tp2; 1017 tpb = tp9 ^ tp2;
996 tpd = tp9 ^ tp4; 1018 tpd = tp9 ^ tp4;
997 tpe = tp8 ^ tp4 ^ tp2; 1019 tpe = tp8 ^ tp4 ^ tp2;
998#if defined(ROTATE) 1020#if defined(ROTATE)
999 t[i] = tpe ^ ROTATE(tpd,16) ^ 1021 t[i] = tpe ^ ROTATE(tpd, 16) ^
1000 ROTATE(tp9,8) ^ ROTATE(tpb,24); 1022 ROTATE(tp9, 8) ^ ROTATE(tpb, 24);
1001#else 1023#else
1002 t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 1024 t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
1003 (tp9 >> 24) ^ (tp9 << 8) ^ 1025 (tp9 >> 24) ^ (tp9 << 8) ^
1004 (tpb >> 8) ^ (tpb << 24); 1026 (tpb >> 8) ^ (tpb << 24);
1005#endif 1027#endif
1006 t[i] ^= rk[i]; 1028 t[i] ^= rk[i];
1029 }
1007 } 1030 }
1008 }
1009#else 1031#else
1010 t[0] = Td0[(s0 ) & 0xff] ^ 1032 t[0] = Td0[(s0) & 0xff] ^
1011 Td1[(s3 >> 8) & 0xff] ^ 1033 Td1[(s3 >> 8) & 0xff] ^
1012 Td2[(s2 >> 16) & 0xff] ^ 1034 Td2[(s2 >> 16) & 0xff] ^
1013 Td3[(s1 >> 24) ] ^ 1035 Td3[(s1 >> 24)] ^
1014 rk[0]; 1036 rk[0];
1015 t[1] = Td0[(s1 ) & 0xff] ^ 1037 t[1] = Td0[(s1) & 0xff] ^
1016 Td1[(s0 >> 8) & 0xff] ^ 1038 Td1[(s0 >> 8) & 0xff] ^
1017 Td2[(s3 >> 16) & 0xff] ^ 1039 Td2[(s3 >> 16) & 0xff] ^
1018 Td3[(s2 >> 24) ] ^ 1040 Td3[(s2 >> 24)] ^
1019 rk[1]; 1041 rk[1];
1020 t[2] = Td0[(s2 ) & 0xff] ^ 1042 t[2] = Td0[(s2) & 0xff] ^
1021 Td1[(s1 >> 8) & 0xff] ^ 1043 Td1[(s1 >> 8) & 0xff] ^
1022 Td2[(s0 >> 16) & 0xff] ^ 1044 Td2[(s0 >> 16) & 0xff] ^
1023 Td3[(s3 >> 24) ] ^ 1045 Td3[(s3 >> 24)] ^
1024 rk[2]; 1046 rk[2];
1025 t[3] = Td0[(s3 ) & 0xff] ^ 1047 t[3] = Td0[(s3) & 0xff] ^
1026 Td1[(s2 >> 8) & 0xff] ^ 1048 Td1[(s2 >> 8) & 0xff] ^
1027 Td2[(s1 >> 16) & 0xff] ^ 1049 Td2[(s1 >> 16) & 0xff] ^
1028 Td3[(s0 >> 24) ] ^ 1050 Td3[(s0 >> 24)] ^
1029 rk[3]; 1051 rk[3];
1030#endif 1052#endif
1031 s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3]; 1053 s0 = t[0];
1032 } 1054 s1 = t[1];
1033 /* 1055 s2 = t[2];
1056 s3 = t[3];
1057 }
1058 /*
1034 * apply last round and 1059 * apply last round and
1035 * map cipher state to byte array block: 1060 * map cipher state to byte array block:
1036 */ 1061 */
1037 prefetch256(Td4); 1062 prefetch256(Td4);
1038 1063
1039 *(u32*)(out+0) = 1064 *(u32*)(out + 0) =
1040 (Td4[(s0 ) & 0xff]) ^ 1065 (Td4[(s0) & 0xff]) ^
1041 (Td4[(s3 >> 8) & 0xff] << 8) ^ 1066 (Td4[(s3 >> 8) & 0xff] << 8) ^
1042 (Td4[(s2 >> 16) & 0xff] << 16) ^ 1067 (Td4[(s2 >> 16) & 0xff] << 16) ^
1043 (Td4[(s1 >> 24) ] << 24) ^ 1068 (Td4[(s1 >> 24)] << 24) ^
1044 rk[0]; 1069 rk[0];
1045 *(u32*)(out+4) = 1070 *(u32*)(out + 4) =
1046 (Td4[(s1 ) & 0xff]) ^ 1071 (Td4[(s1) & 0xff]) ^
1047 (Td4[(s0 >> 8) & 0xff] << 8) ^ 1072 (Td4[(s0 >> 8) & 0xff] << 8) ^
1048 (Td4[(s3 >> 16) & 0xff] << 16) ^ 1073 (Td4[(s3 >> 16) & 0xff] << 16) ^
1049 (Td4[(s2 >> 24) ] << 24) ^ 1074 (Td4[(s2 >> 24)] << 24) ^
1050 rk[1]; 1075 rk[1];
1051 *(u32*)(out+8) = 1076 *(u32*)(out + 8) =
1052 (Td4[(s2 ) & 0xff]) ^ 1077 (Td4[(s2) & 0xff]) ^
1053 (Td4[(s1 >> 8) & 0xff] << 8) ^ 1078 (Td4[(s1 >> 8) & 0xff] << 8) ^
1054 (Td4[(s0 >> 16) & 0xff] << 16) ^ 1079 (Td4[(s0 >> 16) & 0xff] << 16) ^
1055 (Td4[(s3 >> 24) ] << 24) ^ 1080 (Td4[(s3 >> 24)] << 24) ^
1056 rk[2]; 1081 rk[2];
1057 *(u32*)(out+12) = 1082 *(u32*)(out + 12) =
1058 (Td4[(s3 ) & 0xff]) ^ 1083 (Td4[(s3) & 0xff]) ^
1059 (Td4[(s2 >> 8) & 0xff] << 8) ^ 1084 (Td4[(s2 >> 8) & 0xff] << 8) ^
1060 (Td4[(s1 >> 16) & 0xff] << 16) ^ 1085 (Td4[(s1 >> 16) & 0xff] << 16) ^
1061 (Td4[(s0 >> 24) ] << 24) ^ 1086 (Td4[(s0 >> 24)] << 24) ^
1062 rk[3]; 1087 rk[3];
1063} 1088}