summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/whrlpool
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/whrlpool')
-rw-r--r--src/lib/libcrypto/whrlpool/asm/wp-mmx.pl493
-rw-r--r--src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl589
-rw-r--r--src/lib/libcrypto/whrlpool/whrlpool.h38
-rw-r--r--src/lib/libcrypto/whrlpool/wp_block.c655
-rw-r--r--src/lib/libcrypto/whrlpool/wp_dgst.c264
-rw-r--r--src/lib/libcrypto/whrlpool/wp_locl.h3
6 files changed, 0 insertions, 2042 deletions
diff --git a/src/lib/libcrypto/whrlpool/asm/wp-mmx.pl b/src/lib/libcrypto/whrlpool/asm/wp-mmx.pl
deleted file mode 100644
index 32cf16380b..0000000000
--- a/src/lib/libcrypto/whrlpool/asm/wp-mmx.pl
+++ /dev/null
@@ -1,493 +0,0 @@
1#!/usr/bin/env perl
2#
3# ====================================================================
4# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
5# project. Rights for redistribution and usage in source and binary
6# forms are granted according to the OpenSSL license.
7# ====================================================================
8#
9# whirlpool_block_mmx implementation.
10#
11*SCALE=\(2); # 2 or 8, that is the question:-) Value of 8 results
12# in 16KB large table, which is tough on L1 cache, but eliminates
13# unaligned references to it. Value of 2 results in 4KB table, but
14# 7/8 of references to it are unaligned. AMD cores seem to be
15# allergic to the latter, while Intel ones - to former [see the
16# table]. I stick to value of 2 for two reasons: 1. smaller table
17# minimizes cache trashing and thus mitigates the hazard of side-
18# channel leakage similar to AES cache-timing one; 2. performance
19# gap among different µ-archs is smaller.
20#
21# Performance table lists rounded amounts of CPU cycles spent by
22# whirlpool_block_mmx routine on single 64 byte input block, i.e.
23# smaller is better and asymptotic throughput can be estimated by
24# multiplying 64 by CPU clock frequency and dividing by relevant
25# value from the given table:
26#
27# $SCALE=2/8 icc8 gcc3
28# Intel P4 3200/4600 4600(*) 6400
29# Intel PIII 2900/3000 4900 5400
30# AMD K[78] 2500/1800 9900 8200(**)
31#
32# (*) I've sketched even non-MMX assembler, but for the record
33# I've failed to beat the Intel compiler on P4, without using
34# MMX that is...
35# (**) ... on AMD on the other hand non-MMX assembler was observed
36# to perform significantly better, but I figured this MMX
37# implementation is even faster anyway, so why bother? As for
38# pre-MMX AMD core[s], the improvement coefficient is more
39# than likely to vary anyway and I don't know how. But the
40# least I know is that gcc-generated code compiled with
41# -DL_ENDIAN and -DOPENSSL_SMALL_FOOTPRINT [see C module for
42# details] and optimized for Pentium was observed to perform
43# *better* on Pentium 100 than unrolled non-MMX assembler
44# loop... So we just say that I don't know if maintaining
45# non-MMX implementation would actually pay off, but till
46# opposite is proved "unlikely" is assumed.
47
48$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
49push(@INC,"${dir}","${dir}../../perlasm");
50require "x86asm.pl";
51
52&asm_init($ARGV[0],"wp-mmx.pl");
53
54sub L() { &data_byte(@_); }
55sub LL()
56{ if ($SCALE==2) { &data_byte(@_); &data_byte(@_); }
57 elsif ($SCALE==8) { for ($i=0;$i<8;$i++) {
58 &data_byte(@_);
59 unshift(@_,pop(@_));
60 }
61 }
62 else { die "unvalid SCALE value"; }
63}
64
65sub scale()
66{ if ($SCALE==2) { &lea(@_[0],&DWP(0,@_[1],@_[1])); }
67 elsif ($SCALE==8) { &lea(@_[0],&DWP(0,"",@_[1],8)); }
68 else { die "unvalid SCALE value"; }
69}
70
71sub row()
72{ if ($SCALE==2) { ((8-shift)&7); }
73 elsif ($SCALE==8) { (8*shift); }
74 else { die "unvalid SCALE value"; }
75}
76
77$tbl="ebp";
78@mm=("mm0","mm1","mm2","mm3","mm4","mm5","mm6","mm7");
79
80&function_begin_B("whirlpool_block_mmx");
81 &push ("ebp");
82 &push ("ebx");
83 &push ("esi");
84 &push ("edi");
85
86 &mov ("esi",&wparam(0)); # hash value
87 &mov ("edi",&wparam(1)); # input data stream
88 &mov ("ebp",&wparam(2)); # number of chunks in input
89
90 &mov ("eax","esp"); # copy stack pointer
91 &sub ("esp",128+20); # allocate frame
92 &and ("esp",-64); # align for cache-line
93
94 &lea ("ebx",&DWP(128,"esp"));
95 &mov (&DWP(0,"ebx"),"esi"); # save parameter block
96 &mov (&DWP(4,"ebx"),"edi");
97 &mov (&DWP(8,"ebx"),"ebp");
98 &mov (&DWP(16,"ebx"),"eax"); # saved stack pointer
99
100 &call (&label("pic_point"));
101&set_label("pic_point");
102 &blindpop($tbl);
103 &lea ($tbl,&DWP(&label("table")."-".&label("pic_point"),$tbl));
104
105 &xor ("ecx","ecx");
106 &xor ("edx","edx");
107
108 for($i=0;$i<8;$i++) { &movq(@mm[$i],&QWP($i*8,"esi")); } # L=H
109&set_label("outerloop");
110 for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esp"),@mm[$i]); } # K=L
111 for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"edi")); } # L^=inp
112 for($i=0;$i<8;$i++) { &movq(&QWP(64+$i*8,"esp"),@mm[$i]); } # S=L
113
114 &xor ("esi","esi");
115 &mov (&DWP(12,"ebx"),"esi"); # zero round counter
116
117&set_label("round",16);
118 &movq (@mm[0],&QWP(2048*$SCALE,$tbl,"esi",8)); # rc[r]
119 &mov ("eax",&DWP(0,"esp"));
120 &mov ("ebx",&DWP(4,"esp"));
121for($i=0;$i<8;$i++) {
122 my $func = ($i==0)? movq : pxor;
123 &movb (&LB("ecx"),&LB("eax"));
124 &movb (&LB("edx"),&HB("eax"));
125 &scale ("esi","ecx");
126 &scale ("edi","edx");
127 &shr ("eax",16);
128 &pxor (@mm[0],&QWP(&row(0),$tbl,"esi",8));
129 &$func (@mm[1],&QWP(&row(1),$tbl,"edi",8));
130 &movb (&LB("ecx"),&LB("eax"));
131 &movb (&LB("edx"),&HB("eax"));
132 &mov ("eax",&DWP(($i+1)*8,"esp"));
133 &scale ("esi","ecx");
134 &scale ("edi","edx");
135 &$func (@mm[2],&QWP(&row(2),$tbl,"esi",8));
136 &$func (@mm[3],&QWP(&row(3),$tbl,"edi",8));
137 &movb (&LB("ecx"),&LB("ebx"));
138 &movb (&LB("edx"),&HB("ebx"));
139 &scale ("esi","ecx");
140 &scale ("edi","edx");
141 &shr ("ebx",16);
142 &$func (@mm[4],&QWP(&row(4),$tbl,"esi",8));
143 &$func (@mm[5],&QWP(&row(5),$tbl,"edi",8));
144 &movb (&LB("ecx"),&LB("ebx"));
145 &movb (&LB("edx"),&HB("ebx"));
146 &mov ("ebx",&DWP(($i+1)*8+4,"esp"));
147 &scale ("esi","ecx");
148 &scale ("edi","edx");
149 &$func (@mm[6],&QWP(&row(6),$tbl,"esi",8));
150 &$func (@mm[7],&QWP(&row(7),$tbl,"edi",8));
151 push(@mm,shift(@mm));
152}
153
154 for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esp"),@mm[$i]); } # K=L
155
156for($i=0;$i<8;$i++) {
157 &movb (&LB("ecx"),&LB("eax"));
158 &movb (&LB("edx"),&HB("eax"));
159 &scale ("esi","ecx");
160 &scale ("edi","edx");
161 &shr ("eax",16);
162 &pxor (@mm[0],&QWP(&row(0),$tbl,"esi",8));
163 &pxor (@mm[1],&QWP(&row(1),$tbl,"edi",8));
164 &movb (&LB("ecx"),&LB("eax"));
165 &movb (&LB("edx"),&HB("eax"));
166 &mov ("eax",&DWP(64+($i+1)*8,"esp")) if ($i<7);
167 &scale ("esi","ecx");
168 &scale ("edi","edx");
169 &pxor (@mm[2],&QWP(&row(2),$tbl,"esi",8));
170 &pxor (@mm[3],&QWP(&row(3),$tbl,"edi",8));
171 &movb (&LB("ecx"),&LB("ebx"));
172 &movb (&LB("edx"),&HB("ebx"));
173 &scale ("esi","ecx");
174 &scale ("edi","edx");
175 &shr ("ebx",16);
176 &pxor (@mm[4],&QWP(&row(4),$tbl,"esi",8));
177 &pxor (@mm[5],&QWP(&row(5),$tbl,"edi",8));
178 &movb (&LB("ecx"),&LB("ebx"));
179 &movb (&LB("edx"),&HB("ebx"));
180 &mov ("ebx",&DWP(64+($i+1)*8+4,"esp")) if ($i<7);
181 &scale ("esi","ecx");
182 &scale ("edi","edx");
183 &pxor (@mm[6],&QWP(&row(6),$tbl,"esi",8));
184 &pxor (@mm[7],&QWP(&row(7),$tbl,"edi",8));
185 push(@mm,shift(@mm));
186}
187 &lea ("ebx",&DWP(128,"esp"));
188 &mov ("esi",&DWP(12,"ebx")); # pull round counter
189 &add ("esi",1);
190 &cmp ("esi",10);
191 &je (&label("roundsdone"));
192
193 &mov (&DWP(12,"ebx"),"esi"); # update round counter
194 for($i=0;$i<8;$i++) { &movq(&QWP(64+$i*8,"esp"),@mm[$i]); } # S=L
195 &jmp (&label("round"));
196
197&set_label("roundsdone",16);
198 &mov ("esi",&DWP(0,"ebx")); # reload argument block
199 &mov ("edi",&DWP(4,"ebx"));
200 &mov ("eax",&DWP(8,"ebx"));
201
202 for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"edi")); } # L^=inp
203 for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"esi")); } # L^=H
204 for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esi"),@mm[$i]); } # H=L
205
206 &lea ("edi",&DWP(64,"edi")); # inp+=64
207 &sub ("eax",1); # num--
208 &jz (&label("alldone"));
209 &mov (&DWP(4,"ebx"),"edi"); # update argument block
210 &mov (&DWP(8,"ebx"),"eax");
211 &jmp (&label("outerloop"));
212
213&set_label("alldone");
214 &emms ();
215 &mov ("esp",&DWP(16,"ebx")); # restore saved stack pointer
216 &pop ("edi");
217 &pop ("esi");
218 &pop ("ebx");
219 &pop ("ebp");
220 &ret ();
221
222&align(64);
223&set_label("table");
224 &LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8);
225 &LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26);
226 &LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8);
227 &LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb);
228 &LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb);
229 &LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11);
230 &LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09);
231 &LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d);
232 &LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b);
233 &LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff);
234 &LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c);
235 &LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e);
236 &LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96);
237 &LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30);
238 &LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d);
239 &LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8);
240 &LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47);
241 &LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35);
242 &LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37);
243 &LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a);
244 &LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2);
245 &LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c);
246 &LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84);
247 &LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80);
248 &LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5);
249 &LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3);
250 &LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21);
251 &LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c);
252 &LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43);
253 &LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29);
254 &LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d);
255 &LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5);
256 &LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd);
257 &LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8);
258 &LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92);
259 &LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e);
260 &LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13);
261 &LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23);
262 &LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20);
263 &LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44);
264 &LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2);
265 &LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf);
266 &LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c);
267 &LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a);
268 &LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50);
269 &LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9);
270 &LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14);
271 &LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9);
272 &LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c);
273 &LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f);
274 &LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90);
275 &LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07);
276 &LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd);
277 &LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3);
278 &LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d);
279 &LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78);
280 &LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97);
281 &LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02);
282 &LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73);
283 &LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7);
284 &LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6);
285 &LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2);
286 &LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49);
287 &LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56);
288 &LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70);
289 &LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd);
290 &LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb);
291 &LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71);
292 &LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b);
293 &LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf);
294 &LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45);
295 &LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a);
296 &LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4);
297 &LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58);
298 &LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e);
299 &LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f);
300 &LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac);
301 &LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0);
302 &LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef);
303 &LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6);
304 &LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c);
305 &LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12);
306 &LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93);
307 &LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde);
308 &LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6);
309 &LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1);
310 &LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b);
311 &LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f);
312 &LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31);
313 &LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8);
314 &LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9);
315 &LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc);
316 &LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e);
317 &LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b);
318 &LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf);
319 &LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59);
320 &LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2);
321 &LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77);
322 &LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33);
323 &LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4);
324 &LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27);
325 &LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb);
326 &LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89);
327 &LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32);
328 &LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54);
329 &LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d);
330 &LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64);
331 &LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d);
332 &LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d);
333 &LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f);
334 &LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca);
335 &LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7);
336 &LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d);
337 &LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce);
338 &LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f);
339 &LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f);
340 &LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63);
341 &LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a);
342 &LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc);
343 &LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82);
344 &LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a);
345 &LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48);
346 &LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95);
347 &LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf);
348 &LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d);
349 &LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0);
350 &LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91);
351 &LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8);
352 &LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b);
353 &LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);
354 &LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9);
355 &LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e);
356 &LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1);
357 &LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6);
358 &LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28);
359 &LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3);
360 &LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74);
361 &LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe);
362 &LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d);
363 &LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea);
364 &LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57);
365 &LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38);
366 &LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad);
367 &LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4);
368 &LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda);
369 &LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7);
370 &LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb);
371 &LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9);
372 &LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a);
373 &LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03);
374 &LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a);
375 &LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e);
376 &LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60);
377 &LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc);
378 &LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46);
379 &LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f);
380 &LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76);
381 &LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa);
382 &LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36);
383 &LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae);
384 &LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b);
385 &LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85);
386 &LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e);
387 &LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7);
388 &LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55);
389 &LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a);
390 &LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81);
391 &LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52);
392 &LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62);
393 &LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3);
394 &LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10);
395 &LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab);
396 &LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0);
397 &LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5);
398 &LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec);
399 &LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16);
400 &LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94);
401 &LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f);
402 &LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5);
403 &LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98);
404 &LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17);
405 &LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4);
406 &LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1);
407 &LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e);
408 &LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42);
409 &LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34);
410 &LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08);
411 &LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee);
412 &LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61);
413 &LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1);
414 &LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f);
415 &LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24);
416 &LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3);
417 &LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25);
418 &LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22);
419 &LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65);
420 &LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79);
421 &LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69);
422 &LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9);
423 &LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19);
424 &LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe);
425 &LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a);
426 &LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0);
427 &LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99);
428 &LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83);
429 &LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04);
430 &LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66);
431 &LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0);
432 &LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1);
433 &LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd);
434 &LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40);
435 &LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c);
436 &LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18);
437 &LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b);
438 &LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51);
439 &LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05);
440 &LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c);
441 &LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39);
442 &LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa);
443 &LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b);
444 &LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc);
445 &LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e);
446 &LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0);
447 &LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88);
448 &LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67);
449 &LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a);
450 &LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87);
451 &LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1);
452 &LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72);
453 &LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53);
454 &LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01);
455 &LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b);
456 &LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4);
457 &LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3);
458 &LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15);
459 &LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c);
460 &LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5);
461 &LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5);
462 &LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4);
463 &LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba);
464 &LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6);
465 &LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7);
466 &LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06);
467 &LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41);
468 &LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7);
469 &LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f);
470 &LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e);
471 &LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6);
472 &LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2);
473 &LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68);
474 &LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c);
475 &LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed);
476 &LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75);
477 &LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86);
478 &LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b);
479 &LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2);
480
481 &L(0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f); # rc[ROUNDS]
482 &L(0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52);
483 &L(0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35);
484 &L(0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57);
485 &L(0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda);
486 &L(0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85);
487 &L(0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67);
488 &L(0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8);
489 &L(0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e);
490 &L(0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33);
491
492&function_end_B("whirlpool_block_mmx");
493&asm_finish();
diff --git a/src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl b/src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl
deleted file mode 100644
index 87c0843dc1..0000000000
--- a/src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl
+++ /dev/null
@@ -1,589 +0,0 @@
1#!/usr/bin/env perl
2#
3# ====================================================================
4# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
5# project. Rights for redistribution and usage in source and binary
6# forms are granted according to the OpenSSL license.
7# ====================================================================
8#
9# whirlpool_block for x86_64.
10#
11# 2500 cycles per 64-byte input block on AMD64, which is *identical*
12# to 32-bit MMX version executed on same CPU. So why did I bother?
13# Well, it's faster than gcc 3.3.2 generated code by over 50%, and
14# over 80% faster than PathScale 1.4, an "ambitious" commercial
15# compiler. Furthermore it surpasses gcc 3.4.3 by 170% and Sun Studio
16# 10 - by 360%[!]... What is it with x86_64 compilers? It's not the
17# first example when they fail to generate more optimal code, when
18# I believe they had *all* chances to...
19#
20# Note that register and stack frame layout are virtually identical
21# to 32-bit MMX version, except that %r8-15 are used instead of
22# %mm0-8. You can even notice that K[i] and S[i] are loaded to
23# %eax:%ebx as pair of 32-bit values and not as single 64-bit one.
24# This is done in order to avoid 64-bit shift penalties on Intel
25# EM64T core. Speaking of which! I bet it's possible to improve
26# Opteron performance by compressing the table to 2KB and replacing
27# unaligned references with complementary rotations [which would
28# incidentally replace lea instructions], but it would definitely
29# just "kill" EM64T, because it has only 1 shifter/rotator [against
30# 3 on Opteron] and which is *unacceptably* slow with 64-bit
31# operand.
32
33$flavour = shift;
34$output = shift;
35if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
36
37$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
38
39$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
40( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
41( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
42die "can't locate x86_64-xlate.pl";
43
44open STDOUT,"| $^X $xlate $flavour $output";
45
46sub L() { $code.=".byte ".join(',',@_)."\n"; }
47sub LL(){ $code.=".byte ".join(',',@_).",".join(',',@_)."\n"; }
48
49@mm=("%r8","%r9","%r10","%r11","%r12","%r13","%r14","%r15");
50
51$func="whirlpool_block";
52$table=".Ltable";
53
54$code=<<___;
55.text
56
57.globl $func
58.type $func,\@function,3
59.align 16
60$func:
61 push %rbx
62 push %rbp
63 push %r12
64 push %r13
65 push %r14
66 push %r15
67
68 mov %rsp,%r11
69 sub \$128+40,%rsp
70 and \$-64,%rsp
71
72 lea 128(%rsp),%r10
73 mov %rdi,0(%r10) # save parameter block
74 mov %rsi,8(%r10)
75 mov %rdx,16(%r10)
76 mov %r11,32(%r10) # saved stack pointer
77.Lprologue:
78
79 mov %r10,%rbx
80 lea $table(%rip),%rbp
81
82 xor %rcx,%rcx
83 xor %rdx,%rdx
84___
85for($i=0;$i<8;$i++) { $code.="mov $i*8(%rdi),@mm[$i]\n"; } # L=H
86$code.=".Louterloop:\n";
87for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rsp)\n"; } # K=L
88for($i=0;$i<8;$i++) { $code.="xor $i*8(%rsi),@mm[$i]\n"; } # L^=inp
89for($i=0;$i<8;$i++) { $code.="mov @mm[$i],64+$i*8(%rsp)\n"; } # S=L
90$code.=<<___;
91 xor %rsi,%rsi
92 mov %rsi,24(%rbx) # zero round counter
93.align 16
94.Lround:
95 mov 4096(%rbp,%rsi,8),@mm[0] # rc[r]
96 mov 0(%rsp),%eax
97 mov 4(%rsp),%ebx
98___
99for($i=0;$i<8;$i++) {
100 my $func = ($i==0)? "mov" : "xor";
101 $code.=<<___;
102 mov %al,%cl
103 mov %ah,%dl
104 lea (%rcx,%rcx),%rsi
105 lea (%rdx,%rdx),%rdi
106 shr \$16,%eax
107 xor 0(%rbp,%rsi,8),@mm[0]
108 $func 7(%rbp,%rdi,8),@mm[1]
109 mov %al,%cl
110 mov %ah,%dl
111 mov $i*8+8(%rsp),%eax # ($i+1)*8
112 lea (%rcx,%rcx),%rsi
113 lea (%rdx,%rdx),%rdi
114 $func 6(%rbp,%rsi,8),@mm[2]
115 $func 5(%rbp,%rdi,8),@mm[3]
116 mov %bl,%cl
117 mov %bh,%dl
118 lea (%rcx,%rcx),%rsi
119 lea (%rdx,%rdx),%rdi
120 shr \$16,%ebx
121 $func 4(%rbp,%rsi,8),@mm[4]
122 $func 3(%rbp,%rdi,8),@mm[5]
123 mov %bl,%cl
124 mov %bh,%dl
125 mov $i*8+8+4(%rsp),%ebx # ($i+1)*8+4
126 lea (%rcx,%rcx),%rsi
127 lea (%rdx,%rdx),%rdi
128 $func 2(%rbp,%rsi,8),@mm[6]
129 $func 1(%rbp,%rdi,8),@mm[7]
130___
131 push(@mm,shift(@mm));
132}
133for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rsp)\n"; } # K=L
134for($i=0;$i<8;$i++) {
135 $code.=<<___;
136 mov %al,%cl
137 mov %ah,%dl
138 lea (%rcx,%rcx),%rsi
139 lea (%rdx,%rdx),%rdi
140 shr \$16,%eax
141 xor 0(%rbp,%rsi,8),@mm[0]
142 xor 7(%rbp,%rdi,8),@mm[1]
143 mov %al,%cl
144 mov %ah,%dl
145 `"mov 64+$i*8+8(%rsp),%eax" if($i<7);` # 64+($i+1)*8
146 lea (%rcx,%rcx),%rsi
147 lea (%rdx,%rdx),%rdi
148 xor 6(%rbp,%rsi,8),@mm[2]
149 xor 5(%rbp,%rdi,8),@mm[3]
150 mov %bl,%cl
151 mov %bh,%dl
152 lea (%rcx,%rcx),%rsi
153 lea (%rdx,%rdx),%rdi
154 shr \$16,%ebx
155 xor 4(%rbp,%rsi,8),@mm[4]
156 xor 3(%rbp,%rdi,8),@mm[5]
157 mov %bl,%cl
158 mov %bh,%dl
159 `"mov 64+$i*8+8+4(%rsp),%ebx" if($i<7);` # 64+($i+1)*8+4
160 lea (%rcx,%rcx),%rsi
161 lea (%rdx,%rdx),%rdi
162 xor 2(%rbp,%rsi,8),@mm[6]
163 xor 1(%rbp,%rdi,8),@mm[7]
164___
165 push(@mm,shift(@mm));
166}
167$code.=<<___;
168 lea 128(%rsp),%rbx
169 mov 24(%rbx),%rsi # pull round counter
170 add \$1,%rsi
171 cmp \$10,%rsi
172 je .Lroundsdone
173
174 mov %rsi,24(%rbx) # update round counter
175___
176for($i=0;$i<8;$i++) { $code.="mov @mm[$i],64+$i*8(%rsp)\n"; } # S=L
177$code.=<<___;
178 jmp .Lround
179.align 16
180.Lroundsdone:
181 mov 0(%rbx),%rdi # reload argument block
182 mov 8(%rbx),%rsi
183 mov 16(%rbx),%rax
184___
185for($i=0;$i<8;$i++) { $code.="xor $i*8(%rsi),@mm[$i]\n"; } # L^=inp
186for($i=0;$i<8;$i++) { $code.="xor $i*8(%rdi),@mm[$i]\n"; } # L^=H
187for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rdi)\n"; } # H=L
188$code.=<<___;
189 lea 64(%rsi),%rsi # inp+=64
190 sub \$1,%rax # num--
191 jz .Lalldone
192 mov %rsi,8(%rbx) # update parameter block
193 mov %rax,16(%rbx)
194 jmp .Louterloop
195.Lalldone:
196 mov 32(%rbx),%rsi # restore saved pointer
197 mov (%rsi),%r15
198 mov 8(%rsi),%r14
199 mov 16(%rsi),%r13
200 mov 24(%rsi),%r12
201 mov 32(%rsi),%rbp
202 mov 40(%rsi),%rbx
203 lea 48(%rsi),%rsp
204.Lepilogue:
205 ret
206.size $func,.-$func
207
208.align 64
209.type $table,\@object
210$table:
211___
212 &LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8);
213 &LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26);
214 &LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8);
215 &LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb);
216 &LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb);
217 &LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11);
218 &LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09);
219 &LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d);
220 &LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b);
221 &LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff);
222 &LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c);
223 &LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e);
224 &LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96);
225 &LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30);
226 &LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d);
227 &LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8);
228 &LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47);
229 &LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35);
230 &LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37);
231 &LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a);
232 &LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2);
233 &LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c);
234 &LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84);
235 &LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80);
236 &LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5);
237 &LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3);
238 &LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21);
239 &LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c);
240 &LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43);
241 &LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29);
242 &LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d);
243 &LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5);
244 &LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd);
245 &LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8);
246 &LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92);
247 &LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e);
248 &LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13);
249 &LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23);
250 &LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20);
251 &LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44);
252 &LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2);
253 &LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf);
254 &LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c);
255 &LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a);
256 &LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50);
257 &LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9);
258 &LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14);
259 &LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9);
260 &LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c);
261 &LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f);
262 &LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90);
263 &LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07);
264 &LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd);
265 &LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3);
266 &LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d);
267 &LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78);
268 &LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97);
269 &LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02);
270 &LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73);
271 &LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7);
272 &LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6);
273 &LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2);
274 &LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49);
275 &LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56);
276 &LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70);
277 &LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd);
278 &LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb);
279 &LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71);
280 &LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b);
281 &LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf);
282 &LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45);
283 &LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a);
284 &LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4);
285 &LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58);
286 &LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e);
287 &LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f);
288 &LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac);
289 &LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0);
290 &LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef);
291 &LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6);
292 &LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c);
293 &LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12);
294 &LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93);
295 &LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde);
296 &LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6);
297 &LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1);
298 &LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b);
299 &LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f);
300 &LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31);
301 &LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8);
302 &LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9);
303 &LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc);
304 &LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e);
305 &LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b);
306 &LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf);
307 &LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59);
308 &LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2);
309 &LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77);
310 &LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33);
311 &LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4);
312 &LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27);
313 &LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb);
314 &LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89);
315 &LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32);
316 &LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54);
317 &LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d);
318 &LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64);
319 &LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d);
320 &LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d);
321 &LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f);
322 &LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca);
323 &LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7);
324 &LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d);
325 &LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce);
326 &LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f);
327 &LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f);
328 &LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63);
329 &LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a);
330 &LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc);
331 &LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82);
332 &LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a);
333 &LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48);
334 &LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95);
335 &LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf);
336 &LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d);
337 &LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0);
338 &LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91);
339 &LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8);
340 &LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b);
341 &LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);
342 &LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9);
343 &LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e);
344 &LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1);
345 &LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6);
346 &LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28);
347 &LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3);
348 &LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74);
349 &LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe);
350 &LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d);
351 &LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea);
352 &LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57);
353 &LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38);
354 &LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad);
355 &LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4);
356 &LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda);
357 &LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7);
358 &LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb);
359 &LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9);
360 &LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a);
361 &LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03);
362 &LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a);
363 &LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e);
364 &LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60);
365 &LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc);
366 &LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46);
367 &LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f);
368 &LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76);
369 &LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa);
370 &LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36);
371 &LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae);
372 &LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b);
373 &LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85);
374 &LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e);
375 &LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7);
376 &LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55);
377 &LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a);
378 &LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81);
379 &LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52);
380 &LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62);
381 &LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3);
382 &LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10);
383 &LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab);
384 &LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0);
385 &LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5);
386 &LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec);
387 &LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16);
388 &LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94);
389 &LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f);
390 &LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5);
391 &LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98);
392 &LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17);
393 &LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4);
394 &LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1);
395 &LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e);
396 &LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42);
397 &LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34);
398 &LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08);
399 &LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee);
400 &LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61);
401 &LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1);
402 &LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f);
403 &LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24);
404 &LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3);
405 &LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25);
406 &LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22);
407 &LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65);
408 &LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79);
409 &LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69);
410 &LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9);
411 &LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19);
412 &LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe);
413 &LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a);
414 &LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0);
415 &LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99);
416 &LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83);
417 &LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04);
418 &LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66);
419 &LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0);
420 &LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1);
421 &LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd);
422 &LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40);
423 &LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c);
424 &LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18);
425 &LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b);
426 &LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51);
427 &LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05);
428 &LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c);
429 &LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39);
430 &LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa);
431 &LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b);
432 &LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc);
433 &LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e);
434 &LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0);
435 &LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88);
436 &LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67);
437 &LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a);
438 &LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87);
439 &LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1);
440 &LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72);
441 &LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53);
442 &LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01);
443 &LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b);
444 &LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4);
445 &LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3);
446 &LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15);
447 &LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c);
448 &LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5);
449 &LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5);
450 &LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4);
451 &LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba);
452 &LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6);
453 &LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7);
454 &LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06);
455 &LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41);
456 &LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7);
457 &LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f);
458 &LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e);
459 &LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6);
460 &LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2);
461 &LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68);
462 &LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c);
463 &LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed);
464 &LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75);
465 &LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86);
466 &LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b);
467 &LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2);
468
469 &L(0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f); # rc[ROUNDS]
470 &L(0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52);
471 &L(0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35);
472 &L(0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57);
473 &L(0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda);
474 &L(0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85);
475 &L(0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67);
476 &L(0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8);
477 &L(0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e);
478 &L(0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33);
479
480# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
481# CONTEXT *context,DISPATCHER_CONTEXT *disp)
482if ($win64) {
483$rec="%rcx";
484$frame="%rdx";
485$context="%r8";
486$disp="%r9";
487
488$code.=<<___;
489.extern __imp_RtlVirtualUnwind
490.type se_handler,\@abi-omnipotent
491.align 16
492se_handler:
493 push %rsi
494 push %rdi
495 push %rbx
496 push %rbp
497 push %r12
498 push %r13
499 push %r14
500 push %r15
501 pushfq
502 sub \$64,%rsp
503
504 mov 120($context),%rax # pull context->Rax
505 mov 248($context),%rbx # pull context->Rip
506
507 lea .Lprologue(%rip),%r10
508 cmp %r10,%rbx # context->Rip<.Lprologue
509 jb .Lin_prologue
510
511 mov 152($context),%rax # pull context->Rsp
512
513 lea .Lepilogue(%rip),%r10
514 cmp %r10,%rbx # context->Rip>=.Lepilogue
515 jae .Lin_prologue
516
517 mov 128+32(%rax),%rax # pull saved stack pointer
518 lea 48(%rax),%rax
519
520 mov -8(%rax),%rbx
521 mov -16(%rax),%rbp
522 mov -24(%rax),%r12
523 mov -32(%rax),%r13
524 mov -40(%rax),%r14
525 mov -48(%rax),%r15
526 mov %rbx,144($context) # restore context->Rbx
527 mov %rbp,160($context) # restore context->Rbp
528 mov %r12,216($context) # restore context->R12
529 mov %r13,224($context) # restore context->R13
530 mov %r14,232($context) # restore context->R14
531 mov %r15,240($context) # restore context->R15
532
533.Lin_prologue:
534 mov 8(%rax),%rdi
535 mov 16(%rax),%rsi
536 mov %rax,152($context) # restore context->Rsp
537 mov %rsi,168($context) # restore context->Rsi
538 mov %rdi,176($context) # restore context->Rdi
539
540 mov 40($disp),%rdi # disp->ContextRecord
541 mov $context,%rsi # context
542 mov \$154,%ecx # sizeof(CONTEXT)
543 .long 0xa548f3fc # cld; rep movsq
544
545 mov $disp,%rsi
546 xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
547 mov 8(%rsi),%rdx # arg2, disp->ImageBase
548 mov 0(%rsi),%r8 # arg3, disp->ControlPc
549 mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
550 mov 40(%rsi),%r10 # disp->ContextRecord
551 lea 56(%rsi),%r11 # &disp->HandlerData
552 lea 24(%rsi),%r12 # &disp->EstablisherFrame
553 mov %r10,32(%rsp) # arg5
554 mov %r11,40(%rsp) # arg6
555 mov %r12,48(%rsp) # arg7
556 mov %rcx,56(%rsp) # arg8, (NULL)
557 call *__imp_RtlVirtualUnwind(%rip)
558
559 mov \$1,%eax # ExceptionContinueSearch
560 add \$64,%rsp
561 popfq
562 pop %r15
563 pop %r14
564 pop %r13
565 pop %r12
566 pop %rbp
567 pop %rbx
568 pop %rdi
569 pop %rsi
570 ret
571.size se_handler,.-se_handler
572
573.section .pdata
574.align 4
575 .rva .LSEH_begin_$func
576 .rva .LSEH_end_$func
577 .rva .LSEH_info_$func
578
579.section .xdata
580.align 8
581.LSEH_info_$func:
582 .byte 9,0,0,0
583 .rva se_handler
584___
585}
586
587$code =~ s/\`([^\`]*)\`/eval $1/gem;
588print $code;
589close STDOUT;
diff --git a/src/lib/libcrypto/whrlpool/whrlpool.h b/src/lib/libcrypto/whrlpool/whrlpool.h
deleted file mode 100644
index 03c91da115..0000000000
--- a/src/lib/libcrypto/whrlpool/whrlpool.h
+++ /dev/null
@@ -1,38 +0,0 @@
1#ifndef HEADER_WHRLPOOL_H
2#define HEADER_WHRLPOOL_H
3
4#include <openssl/e_os2.h>
5#include <stddef.h>
6
7#ifdef __cplusplus
8extern "C" {
9#endif
10
11#define WHIRLPOOL_DIGEST_LENGTH (512/8)
12#define WHIRLPOOL_BBLOCK 512
13#define WHIRLPOOL_COUNTER (256/8)
14
15typedef struct {
16 union {
17 unsigned char c[WHIRLPOOL_DIGEST_LENGTH];
18 /* double q is here to ensure 64-bit alignment */
19 double q[WHIRLPOOL_DIGEST_LENGTH/sizeof(double)];
20 } H;
21 unsigned char data[WHIRLPOOL_BBLOCK/8];
22 unsigned int bitoff;
23 size_t bitlen[WHIRLPOOL_COUNTER/sizeof(size_t)];
24 } WHIRLPOOL_CTX;
25
26#ifndef OPENSSL_NO_WHIRLPOOL
27int WHIRLPOOL_Init (WHIRLPOOL_CTX *c);
28int WHIRLPOOL_Update (WHIRLPOOL_CTX *c,const void *inp,size_t bytes);
29void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *inp,size_t bits);
30int WHIRLPOOL_Final (unsigned char *md,WHIRLPOOL_CTX *c);
31unsigned char *WHIRLPOOL(const void *inp,size_t bytes,unsigned char *md);
32#endif
33
34#ifdef __cplusplus
35}
36#endif
37
38#endif
diff --git a/src/lib/libcrypto/whrlpool/wp_block.c b/src/lib/libcrypto/whrlpool/wp_block.c
deleted file mode 100644
index 221f6cc59f..0000000000
--- a/src/lib/libcrypto/whrlpool/wp_block.c
+++ /dev/null
@@ -1,655 +0,0 @@
1/**
2 * The Whirlpool hashing function.
3 *
4 * <P>
5 * <b>References</b>
6 *
7 * <P>
8 * The Whirlpool algorithm was developed by
9 * <a href="mailto:pbarreto@scopus.com.br">Paulo S. L. M. Barreto</a> and
10 * <a href="mailto:vincent.rijmen@cryptomathic.com">Vincent Rijmen</a>.
11 *
12 * See
13 * P.S.L.M. Barreto, V. Rijmen,
14 * ``The Whirlpool hashing function,''
15 * NESSIE submission, 2000 (tweaked version, 2001),
16 * <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
17 *
18 * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
19 * Vincent Rijmen. Lookup "reference implementations" on
20 * <http://planeta.terra.com.br/informatica/paulobarreto/>
21 *
22 * =============================================================================
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
25 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
26 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
28 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
29 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
30 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
31 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
32 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
33 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
34 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35 *
36 */
37
38#include "wp_locl.h"
39#include <string.h>
40
41typedef unsigned char u8;
42#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32)
43typedef unsigned __int64 u64;
44#elif defined(__arch64__)
45typedef unsigned long u64;
46#else
47typedef unsigned long long u64;
48#endif
49
50#define ROUNDS 10
51
52#define STRICT_ALIGNMENT
53#if defined(__i386) || defined(__i386__) || \
54 defined(__x86_64) || defined(__x86_64__) || \
55 defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64)
56/* Well, formally there're couple of other architectures, which permit
57 * unaligned loads, specifically those not crossing cache lines, IA-64
58 * and PowerPC... */
59# undef STRICT_ALIGNMENT
60#endif
61
62#undef SMALL_REGISTER_BANK
63#if defined(__i386) || defined(__i386__) || defined(_M_IX86)
64# define SMALL_REGISTER_BANK
65# if defined(WHIRLPOOL_ASM)
66# ifndef OPENSSL_SMALL_FOOTPRINT
67# define OPENSSL_SMALL_FOOTPRINT /* it appears that for elder non-MMX
68 CPUs this is actually faster! */
69# endif
70# define GO_FOR_MMX(ctx,inp,num) do { \
71 extern unsigned long OPENSSL_ia32cap_P; \
72 void whirlpool_block_mmx(void *,const void *,size_t); \
73 if (!(OPENSSL_ia32cap_P & (1<<23))) break; \
74 whirlpool_block_mmx(ctx->H.c,inp,num); return; \
75 } while (0)
76# endif
77#endif
78
79#undef ROTATE
80#if defined(_MSC_VER)
81# if defined(_WIN64) /* applies to both IA-64 and AMD64 */
82# pragma intrinsic(_rotl64)
83# define ROTATE(a,n) _rotl64((a),n)
84# endif
85#elif defined(__GNUC__) && __GNUC__>=2
86# if defined(__x86_64) || defined(__x86_64__)
87# if defined(L_ENDIAN)
88# define ROTATE(a,n) ({ u64 ret; asm ("rolq %1,%0" \
89 : "=r"(ret) : "J"(n),"0"(a) : "cc"); ret; })
90# elif defined(B_ENDIAN)
91 /* Most will argue that x86_64 is always little-endian. Well,
92 * yes, but then we have stratus.com who has modified gcc to
93 * "emulate" big-endian on x86. Is there evidence that they
94 * [or somebody else] won't do same for x86_64? Naturally no.
95 * And this line is waiting ready for that brave soul:-) */
96# define ROTATE(a,n) ({ u64 ret; asm ("rorq %1,%0" \
97 : "=r"(ret) : "J"(n),"0"(a) : "cc"); ret; })
98# endif
99# elif defined(__ia64) || defined(__ia64__)
100# if defined(L_ENDIAN)
101# define ROTATE(a,n) ({ u64 ret; asm ("shrp %0=%1,%1,%2" \
102 : "=r"(ret) : "r"(a),"M"(64-(n))); ret; })
103# elif defined(B_ENDIAN)
104# define ROTATE(a,n) ({ u64 ret; asm ("shrp %0=%1,%1,%2" \
105 : "=r"(ret) : "r"(a),"M"(n)); ret; })
106# endif
107# endif
108#endif
109
110#if defined(OPENSSL_SMALL_FOOTPRINT)
111# if !defined(ROTATE)
112# if defined(L_ENDIAN) /* little-endians have to rotate left */
113# define ROTATE(i,n) ((i)<<(n) ^ (i)>>(64-n))
114# elif defined(B_ENDIAN) /* big-endians have to rotate right */
115# define ROTATE(i,n) ((i)>>(n) ^ (i)<<(64-n))
116# endif
117# endif
118# if defined(ROTATE) && !defined(STRICT_ALIGNMENT)
119# define STRICT_ALIGNMENT /* ensure smallest table size */
120# endif
121#endif
122
123/*
124 * Table size depends on STRICT_ALIGNMENT and whether or not endian-
125 * specific ROTATE macro is defined. If STRICT_ALIGNMENT is not
126 * defined, which is normally the case on x86[_64] CPUs, the table is
127 * 4KB large unconditionally. Otherwise if ROTATE is defined, the
128 * table is 2KB large, and otherwise - 16KB. 2KB table requires a
129 * whole bunch of additional rotations, but I'm willing to "trade,"
130 * because 16KB table certainly trashes L1 cache. I wish all CPUs
131 * could handle unaligned load as 4KB table doesn't trash the cache,
132 * nor does it require additional rotations.
133 */
134/*
135 * Note that every Cn macro expands as two loads: one byte load and
136 * one quadword load. One can argue that that many single-byte loads
137 * is too excessive, as one could load a quadword and "milk" it for
138 * eight 8-bit values instead. Well, yes, but in order to do so *and*
139 * avoid excessive loads you have to accomodate a handful of 64-bit
140 * values in the register bank and issue a bunch of shifts and mask.
141 * It's a tradeoff: loads vs. shift and mask in big register bank[!].
142 * On most CPUs eight single-byte loads are faster and I let other
143 * ones to depend on smart compiler to fold byte loads if beneficial.
144 * Hand-coded assembler would be another alternative:-)
145 */
146#ifdef STRICT_ALIGNMENT
147# if defined(ROTATE)
148# define N 1
149# define LL(c0,c1,c2,c3,c4,c5,c6,c7) c0,c1,c2,c3,c4,c5,c6,c7
150# define C0(K,i) (Cx.q[K.c[(i)*8+0]])
151# define C1(K,i) ROTATE(Cx.q[K.c[(i)*8+1]],8)
152# define C2(K,i) ROTATE(Cx.q[K.c[(i)*8+2]],16)
153# define C3(K,i) ROTATE(Cx.q[K.c[(i)*8+3]],24)
154# define C4(K,i) ROTATE(Cx.q[K.c[(i)*8+4]],32)
155# define C5(K,i) ROTATE(Cx.q[K.c[(i)*8+5]],40)
156# define C6(K,i) ROTATE(Cx.q[K.c[(i)*8+6]],48)
157# define C7(K,i) ROTATE(Cx.q[K.c[(i)*8+7]],56)
158# else
159# define N 8
160# define LL(c0,c1,c2,c3,c4,c5,c6,c7) c0,c1,c2,c3,c4,c5,c6,c7, \
161 c7,c0,c1,c2,c3,c4,c5,c6, \
162 c6,c7,c0,c1,c2,c3,c4,c5, \
163 c5,c6,c7,c0,c1,c2,c3,c4, \
164 c4,c5,c6,c7,c0,c1,c2,c3, \
165 c3,c4,c5,c6,c7,c0,c1,c2, \
166 c2,c3,c4,c5,c6,c7,c0,c1, \
167 c1,c2,c3,c4,c5,c6,c7,c0
168# define C0(K,i) (Cx.q[0+8*K.c[(i)*8+0]])
169# define C1(K,i) (Cx.q[1+8*K.c[(i)*8+1]])
170# define C2(K,i) (Cx.q[2+8*K.c[(i)*8+2]])
171# define C3(K,i) (Cx.q[3+8*K.c[(i)*8+3]])
172# define C4(K,i) (Cx.q[4+8*K.c[(i)*8+4]])
173# define C5(K,i) (Cx.q[5+8*K.c[(i)*8+5]])
174# define C6(K,i) (Cx.q[6+8*K.c[(i)*8+6]])
175# define C7(K,i) (Cx.q[7+8*K.c[(i)*8+7]])
176# endif
177#else
178# define N 2
179# define LL(c0,c1,c2,c3,c4,c5,c6,c7) c0,c1,c2,c3,c4,c5,c6,c7, \
180 c0,c1,c2,c3,c4,c5,c6,c7
181# define C0(K,i) (((u64*)(Cx.c+0))[2*K.c[(i)*8+0]])
182# define C1(K,i) (((u64*)(Cx.c+7))[2*K.c[(i)*8+1]])
183# define C2(K,i) (((u64*)(Cx.c+6))[2*K.c[(i)*8+2]])
184# define C3(K,i) (((u64*)(Cx.c+5))[2*K.c[(i)*8+3]])
185# define C4(K,i) (((u64*)(Cx.c+4))[2*K.c[(i)*8+4]])
186# define C5(K,i) (((u64*)(Cx.c+3))[2*K.c[(i)*8+5]])
187# define C6(K,i) (((u64*)(Cx.c+2))[2*K.c[(i)*8+6]])
188# define C7(K,i) (((u64*)(Cx.c+1))[2*K.c[(i)*8+7]])
189#endif
190
191static const
192union {
193 u8 c[(256*N+ROUNDS)*sizeof(u64)];
194 u64 q[(256*N+ROUNDS)];
195 } Cx = { {
196 /* Note endian-neutral representation:-) */
197 LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8),
198 LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26),
199 LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8),
200 LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb),
201 LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb),
202 LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11),
203 LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09),
204 LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d),
205 LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b),
206 LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff),
207 LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c),
208 LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e),
209 LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96),
210 LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30),
211 LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d),
212 LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8),
213 LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47),
214 LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35),
215 LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37),
216 LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a),
217 LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2),
218 LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c),
219 LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84),
220 LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80),
221 LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5),
222 LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3),
223 LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21),
224 LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c),
225 LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43),
226 LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29),
227 LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d),
228 LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5),
229 LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd),
230 LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8),
231 LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92),
232 LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e),
233 LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13),
234 LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23),
235 LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20),
236 LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44),
237 LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2),
238 LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf),
239 LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c),
240 LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a),
241 LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50),
242 LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9),
243 LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14),
244 LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9),
245 LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c),
246 LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f),
247 LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90),
248 LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07),
249 LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd),
250 LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3),
251 LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d),
252 LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78),
253 LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97),
254 LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02),
255 LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73),
256 LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7),
257 LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6),
258 LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2),
259 LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49),
260 LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56),
261 LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70),
262 LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd),
263 LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb),
264 LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71),
265 LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b),
266 LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf),
267 LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45),
268 LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a),
269 LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4),
270 LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58),
271 LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e),
272 LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f),
273 LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac),
274 LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0),
275 LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef),
276 LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6),
277 LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c),
278 LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12),
279 LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93),
280 LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde),
281 LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6),
282 LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1),
283 LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b),
284 LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f),
285 LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31),
286 LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8),
287 LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9),
288 LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc),
289 LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e),
290 LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b),
291 LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf),
292 LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59),
293 LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2),
294 LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77),
295 LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33),
296 LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4),
297 LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27),
298 LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb),
299 LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89),
300 LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32),
301 LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54),
302 LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d),
303 LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64),
304 LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d),
305 LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d),
306 LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f),
307 LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca),
308 LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7),
309 LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d),
310 LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce),
311 LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f),
312 LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f),
313 LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63),
314 LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a),
315 LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc),
316 LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82),
317 LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a),
318 LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48),
319 LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95),
320 LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf),
321 LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d),
322 LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0),
323 LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91),
324 LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8),
325 LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b),
326 LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00),
327 LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9),
328 LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e),
329 LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1),
330 LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6),
331 LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28),
332 LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3),
333 LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74),
334 LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe),
335 LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d),
336 LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea),
337 LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57),
338 LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38),
339 LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad),
340 LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4),
341 LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda),
342 LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7),
343 LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb),
344 LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9),
345 LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a),
346 LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03),
347 LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a),
348 LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e),
349 LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60),
350 LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc),
351 LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46),
352 LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f),
353 LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76),
354 LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa),
355 LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36),
356 LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae),
357 LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b),
358 LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85),
359 LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e),
360 LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7),
361 LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55),
362 LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a),
363 LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81),
364 LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52),
365 LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62),
366 LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3),
367 LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10),
368 LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab),
369 LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0),
370 LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5),
371 LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec),
372 LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16),
373 LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94),
374 LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f),
375 LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5),
376 LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98),
377 LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17),
378 LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4),
379 LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1),
380 LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e),
381 LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42),
382 LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34),
383 LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08),
384 LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee),
385 LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61),
386 LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1),
387 LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f),
388 LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24),
389 LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3),
390 LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25),
391 LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22),
392 LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65),
393 LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79),
394 LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69),
395 LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9),
396 LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19),
397 LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe),
398 LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a),
399 LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0),
400 LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99),
401 LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83),
402 LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04),
403 LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66),
404 LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0),
405 LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1),
406 LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd),
407 LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40),
408 LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c),
409 LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18),
410 LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b),
411 LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51),
412 LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05),
413 LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c),
414 LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39),
415 LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa),
416 LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b),
417 LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc),
418 LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e),
419 LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0),
420 LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88),
421 LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67),
422 LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a),
423 LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87),
424 LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1),
425 LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72),
426 LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53),
427 LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01),
428 LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b),
429 LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4),
430 LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3),
431 LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15),
432 LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c),
433 LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5),
434 LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5),
435 LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4),
436 LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba),
437 LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6),
438 LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7),
439 LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06),
440 LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41),
441 LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7),
442 LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f),
443 LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e),
444 LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6),
445 LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2),
446 LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68),
447 LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c),
448 LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed),
449 LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75),
450 LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86),
451 LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b),
452 LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2),
453#define RC (&(Cx.q[256*N]))
454 0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f, /* rc[ROUNDS] */
455 0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52,
456 0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35,
457 0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57,
458 0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda,
459 0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85,
460 0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67,
461 0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8,
462 0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e,
463 0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33
464 }
465};
466
467void whirlpool_block(WHIRLPOOL_CTX *ctx,const void *inp,size_t n)
468 {
469 int r;
470 const u8 *p=inp;
471 union { u64 q[8]; u8 c[64]; } S,K,*H=(void *)ctx->H.q;
472
473#ifdef GO_FOR_MMX
474 GO_FOR_MMX(ctx,inp,n);
475#endif
476 do {
477#ifdef OPENSSL_SMALL_FOOTPRINT
478 u64 L[8];
479 int i;
480
481 for (i=0;i<64;i++) S.c[i] = (K.c[i] = H->c[i]) ^ p[i];
482 for (r=0;r<ROUNDS;r++)
483 {
484 for (i=0;i<8;i++)
485 {
486 L[i] = i ? 0 : RC[r];
487 L[i] ^= C0(K,i) ^ C1(K,(i-1)&7) ^
488 C2(K,(i-2)&7) ^ C3(K,(i-3)&7) ^
489 C4(K,(i-4)&7) ^ C5(K,(i-5)&7) ^
490 C6(K,(i-6)&7) ^ C7(K,(i-7)&7);
491 }
492 memcpy (K.q,L,64);
493 for (i=0;i<8;i++)
494 {
495 L[i] ^= C0(S,i) ^ C1(S,(i-1)&7) ^
496 C2(S,(i-2)&7) ^ C3(S,(i-3)&7) ^
497 C4(S,(i-4)&7) ^ C5(S,(i-5)&7) ^
498 C6(S,(i-6)&7) ^ C7(S,(i-7)&7);
499 }
500 memcpy (S.q,L,64);
501 }
502 for (i=0;i<64;i++) H->c[i] ^= S.c[i] ^ p[i];
503#else
504 u64 L0,L1,L2,L3,L4,L5,L6,L7;
505
506#ifdef STRICT_ALIGNMENT
507 if ((size_t)p & 7)
508 {
509 memcpy (S.c,p,64);
510 S.q[0] ^= (K.q[0] = H->q[0]);
511 S.q[1] ^= (K.q[1] = H->q[1]);
512 S.q[2] ^= (K.q[2] = H->q[2]);
513 S.q[3] ^= (K.q[3] = H->q[3]);
514 S.q[4] ^= (K.q[4] = H->q[4]);
515 S.q[5] ^= (K.q[5] = H->q[5]);
516 S.q[6] ^= (K.q[6] = H->q[6]);
517 S.q[7] ^= (K.q[7] = H->q[7]);
518 }
519 else
520#endif
521 {
522 const u64 *pa = (const u64*)p;
523 S.q[0] = (K.q[0] = H->q[0]) ^ pa[0];
524 S.q[1] = (K.q[1] = H->q[1]) ^ pa[1];
525 S.q[2] = (K.q[2] = H->q[2]) ^ pa[2];
526 S.q[3] = (K.q[3] = H->q[3]) ^ pa[3];
527 S.q[4] = (K.q[4] = H->q[4]) ^ pa[4];
528 S.q[5] = (K.q[5] = H->q[5]) ^ pa[5];
529 S.q[6] = (K.q[6] = H->q[6]) ^ pa[6];
530 S.q[7] = (K.q[7] = H->q[7]) ^ pa[7];
531 }
532
533 for(r=0;r<ROUNDS;r++)
534 {
535#ifdef SMALL_REGISTER_BANK
536 L0 = C0(K,0) ^ C1(K,7) ^ C2(K,6) ^ C3(K,5) ^
537 C4(K,4) ^ C5(K,3) ^ C6(K,2) ^ C7(K,1) ^ RC[r];
538 L1 = C0(K,1) ^ C1(K,0) ^ C2(K,7) ^ C3(K,6) ^
539 C4(K,5) ^ C5(K,4) ^ C6(K,3) ^ C7(K,2);
540 L2 = C0(K,2) ^ C1(K,1) ^ C2(K,0) ^ C3(K,7) ^
541 C4(K,6) ^ C5(K,5) ^ C6(K,4) ^ C7(K,3);
542 L3 = C0(K,3) ^ C1(K,2) ^ C2(K,1) ^ C3(K,0) ^
543 C4(K,7) ^ C5(K,6) ^ C6(K,5) ^ C7(K,4);
544 L4 = C0(K,4) ^ C1(K,3) ^ C2(K,2) ^ C3(K,1) ^
545 C4(K,0) ^ C5(K,7) ^ C6(K,6) ^ C7(K,5);
546 L5 = C0(K,5) ^ C1(K,4) ^ C2(K,3) ^ C3(K,2) ^
547 C4(K,1) ^ C5(K,0) ^ C6(K,7) ^ C7(K,6);
548 L6 = C0(K,6) ^ C1(K,5) ^ C2(K,4) ^ C3(K,3) ^
549 C4(K,2) ^ C5(K,1) ^ C6(K,0) ^ C7(K,7);
550 L7 = C0(K,7) ^ C1(K,6) ^ C2(K,5) ^ C3(K,4) ^
551 C4(K,3) ^ C5(K,2) ^ C6(K,1) ^ C7(K,0);
552
553 K.q[0] = L0; K.q[1] = L1; K.q[2] = L2; K.q[3] = L3;
554 K.q[4] = L4; K.q[5] = L5; K.q[6] = L6; K.q[7] = L7;
555
556 L0 ^= C0(S,0) ^ C1(S,7) ^ C2(S,6) ^ C3(S,5) ^
557 C4(S,4) ^ C5(S,3) ^ C6(S,2) ^ C7(S,1);
558 L1 ^= C0(S,1) ^ C1(S,0) ^ C2(S,7) ^ C3(S,6) ^
559 C4(S,5) ^ C5(S,4) ^ C6(S,3) ^ C7(S,2);
560 L2 ^= C0(S,2) ^ C1(S,1) ^ C2(S,0) ^ C3(S,7) ^
561 C4(S,6) ^ C5(S,5) ^ C6(S,4) ^ C7(S,3);
562 L3 ^= C0(S,3) ^ C1(S,2) ^ C2(S,1) ^ C3(S,0) ^
563 C4(S,7) ^ C5(S,6) ^ C6(S,5) ^ C7(S,4);
564 L4 ^= C0(S,4) ^ C1(S,3) ^ C2(S,2) ^ C3(S,1) ^
565 C4(S,0) ^ C5(S,7) ^ C6(S,6) ^ C7(S,5);
566 L5 ^= C0(S,5) ^ C1(S,4) ^ C2(S,3) ^ C3(S,2) ^
567 C4(S,1) ^ C5(S,0) ^ C6(S,7) ^ C7(S,6);
568 L6 ^= C0(S,6) ^ C1(S,5) ^ C2(S,4) ^ C3(S,3) ^
569 C4(S,2) ^ C5(S,1) ^ C6(S,0) ^ C7(S,7);
570 L7 ^= C0(S,7) ^ C1(S,6) ^ C2(S,5) ^ C3(S,4) ^
571 C4(S,3) ^ C5(S,2) ^ C6(S,1) ^ C7(S,0);
572
573 S.q[0] = L0; S.q[1] = L1; S.q[2] = L2; S.q[3] = L3;
574 S.q[4] = L4; S.q[5] = L5; S.q[6] = L6; S.q[7] = L7;
575#else
576 L0 = C0(K,0); L1 = C1(K,0); L2 = C2(K,0); L3 = C3(K,0);
577 L4 = C4(K,0); L5 = C5(K,0); L6 = C6(K,0); L7 = C7(K,0);
578 L0 ^= RC[r];
579
580 L1 ^= C0(K,1); L2 ^= C1(K,1); L3 ^= C2(K,1); L4 ^= C3(K,1);
581 L5 ^= C4(K,1); L6 ^= C5(K,1); L7 ^= C6(K,1); L0 ^= C7(K,1);
582
583 L2 ^= C0(K,2); L3 ^= C1(K,2); L4 ^= C2(K,2); L5 ^= C3(K,2);
584 L6 ^= C4(K,2); L7 ^= C5(K,2); L0 ^= C6(K,2); L1 ^= C7(K,2);
585
586 L3 ^= C0(K,3); L4 ^= C1(K,3); L5 ^= C2(K,3); L6 ^= C3(K,3);
587 L7 ^= C4(K,3); L0 ^= C5(K,3); L1 ^= C6(K,3); L2 ^= C7(K,3);
588
589 L4 ^= C0(K,4); L5 ^= C1(K,4); L6 ^= C2(K,4); L7 ^= C3(K,4);
590 L0 ^= C4(K,4); L1 ^= C5(K,4); L2 ^= C6(K,4); L3 ^= C7(K,4);
591
592 L5 ^= C0(K,5); L6 ^= C1(K,5); L7 ^= C2(K,5); L0 ^= C3(K,5);
593 L1 ^= C4(K,5); L2 ^= C5(K,5); L3 ^= C6(K,5); L4 ^= C7(K,5);
594
595 L6 ^= C0(K,6); L7 ^= C1(K,6); L0 ^= C2(K,6); L1 ^= C3(K,6);
596 L2 ^= C4(K,6); L3 ^= C5(K,6); L4 ^= C6(K,6); L5 ^= C7(K,6);
597
598 L7 ^= C0(K,7); L0 ^= C1(K,7); L1 ^= C2(K,7); L2 ^= C3(K,7);
599 L3 ^= C4(K,7); L4 ^= C5(K,7); L5 ^= C6(K,7); L6 ^= C7(K,7);
600
601 K.q[0] = L0; K.q[1] = L1; K.q[2] = L2; K.q[3] = L3;
602 K.q[4] = L4; K.q[5] = L5; K.q[6] = L6; K.q[7] = L7;
603
604 L0 ^= C0(S,0); L1 ^= C1(S,0); L2 ^= C2(S,0); L3 ^= C3(S,0);
605 L4 ^= C4(S,0); L5 ^= C5(S,0); L6 ^= C6(S,0); L7 ^= C7(S,0);
606
607 L1 ^= C0(S,1); L2 ^= C1(S,1); L3 ^= C2(S,1); L4 ^= C3(S,1);
608 L5 ^= C4(S,1); L6 ^= C5(S,1); L7 ^= C6(S,1); L0 ^= C7(S,1);
609
610 L2 ^= C0(S,2); L3 ^= C1(S,2); L4 ^= C2(S,2); L5 ^= C3(S,2);
611 L6 ^= C4(S,2); L7 ^= C5(S,2); L0 ^= C6(S,2); L1 ^= C7(S,2);
612
613 L3 ^= C0(S,3); L4 ^= C1(S,3); L5 ^= C2(S,3); L6 ^= C3(S,3);
614 L7 ^= C4(S,3); L0 ^= C5(S,3); L1 ^= C6(S,3); L2 ^= C7(S,3);
615
616 L4 ^= C0(S,4); L5 ^= C1(S,4); L6 ^= C2(S,4); L7 ^= C3(S,4);
617 L0 ^= C4(S,4); L1 ^= C5(S,4); L2 ^= C6(S,4); L3 ^= C7(S,4);
618
619 L5 ^= C0(S,5); L6 ^= C1(S,5); L7 ^= C2(S,5); L0 ^= C3(S,5);
620 L1 ^= C4(S,5); L2 ^= C5(S,5); L3 ^= C6(S,5); L4 ^= C7(S,5);
621
622 L6 ^= C0(S,6); L7 ^= C1(S,6); L0 ^= C2(S,6); L1 ^= C3(S,6);
623 L2 ^= C4(S,6); L3 ^= C5(S,6); L4 ^= C6(S,6); L5 ^= C7(S,6);
624
625 L7 ^= C0(S,7); L0 ^= C1(S,7); L1 ^= C2(S,7); L2 ^= C3(S,7);
626 L3 ^= C4(S,7); L4 ^= C5(S,7); L5 ^= C6(S,7); L6 ^= C7(S,7);
627
628 S.q[0] = L0; S.q[1] = L1; S.q[2] = L2; S.q[3] = L3;
629 S.q[4] = L4; S.q[5] = L5; S.q[6] = L6; S.q[7] = L7;
630#endif
631 }
632
633#ifdef STRICT_ALIGNMENT
634 if ((size_t)p & 7)
635 {
636 int i;
637 for(i=0;i<64;i++) H->c[i] ^= S.c[i] ^ p[i];
638 }
639 else
640#endif
641 {
642 const u64 *pa=(const u64 *)p;
643 H->q[0] ^= S.q[0] ^ pa[0];
644 H->q[1] ^= S.q[1] ^ pa[1];
645 H->q[2] ^= S.q[2] ^ pa[2];
646 H->q[3] ^= S.q[3] ^ pa[3];
647 H->q[4] ^= S.q[4] ^ pa[4];
648 H->q[5] ^= S.q[5] ^ pa[5];
649 H->q[6] ^= S.q[6] ^ pa[6];
650 H->q[7] ^= S.q[7] ^ pa[7];
651 }
652#endif
653 p += 64;
654 } while(--n);
655 }
diff --git a/src/lib/libcrypto/whrlpool/wp_dgst.c b/src/lib/libcrypto/whrlpool/wp_dgst.c
deleted file mode 100644
index ee5c5c1bf3..0000000000
--- a/src/lib/libcrypto/whrlpool/wp_dgst.c
+++ /dev/null
@@ -1,264 +0,0 @@
1/**
2 * The Whirlpool hashing function.
3 *
4 * <P>
5 * <b>References</b>
6 *
7 * <P>
8 * The Whirlpool algorithm was developed by
9 * <a href="mailto:pbarreto@scopus.com.br">Paulo S. L. M. Barreto</a> and
10 * <a href="mailto:vincent.rijmen@cryptomathic.com">Vincent Rijmen</a>.
11 *
12 * See
13 * P.S.L.M. Barreto, V. Rijmen,
14 * ``The Whirlpool hashing function,''
15 * NESSIE submission, 2000 (tweaked version, 2001),
16 * <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
17 *
18 * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
19 * Vincent Rijmen. Lookup "reference implementations" on
20 * <http://planeta.terra.com.br/informatica/paulobarreto/>
21 *
22 * =============================================================================
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
25 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
26 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
28 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
29 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
30 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
31 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
32 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
33 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
34 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35 *
36 */
37
38/*
39 * OpenSSL-specific implementation notes.
40 *
41 * WHIRLPOOL_Update as well as one-stroke WHIRLPOOL both expect
42 * number of *bytes* as input length argument. Bit-oriented routine
43 * as specified by authors is called WHIRLPOOL_BitUpdate[!] and
44 * does not have one-stroke counterpart.
45 *
46 * WHIRLPOOL_BitUpdate implements byte-oriented loop, essentially
47 * to serve WHIRLPOOL_Update. This is done for performance.
48 *
49 * Unlike authors' reference implementation, block processing
50 * routine whirlpool_block is designed to operate on multi-block
51 * input. This is done for perfomance.
52 */
53
54#include "wp_locl.h"
55#include <string.h>
56
57int WHIRLPOOL_Init (WHIRLPOOL_CTX *c)
58 {
59 memset (c,0,sizeof(*c));
60 return(1);
61 }
62
63int WHIRLPOOL_Update (WHIRLPOOL_CTX *c,const void *_inp,size_t bytes)
64 {
65 /* Well, largest suitable chunk size actually is
66 * (1<<(sizeof(size_t)*8-3))-64, but below number
67 * is large enough for not to care about excessive
68 * calls to WHIRLPOOL_BitUpdate... */
69 size_t chunk = ((size_t)1)<<(sizeof(size_t)*8-4);
70 const unsigned char *inp = _inp;
71
72 while (bytes>=chunk)
73 {
74 WHIRLPOOL_BitUpdate(c,inp,chunk*8);
75 bytes -= chunk;
76 inp += chunk;
77 }
78 if (bytes)
79 WHIRLPOOL_BitUpdate(c,inp,bytes*8);
80
81 return(1);
82 }
83
84void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *_inp,size_t bits)
85 {
86 size_t n;
87 unsigned int bitoff = c->bitoff,
88 bitrem = bitoff%8,
89 inpgap = (8-(unsigned int)bits%8)&7;
90 const unsigned char *inp=_inp;
91
92 /* This 256-bit increment procedure relies on the size_t
93 * being natural size of CPU register, so that we don't
94 * have to mask the value in order to detect overflows. */
95 c->bitlen[0] += bits;
96 if (c->bitlen[0] < bits) /* overflow */
97 {
98 n = 1;
99 do { c->bitlen[n]++;
100 } while(c->bitlen[n]==0
101 && ++n<(WHIRLPOOL_COUNTER/sizeof(size_t)));
102 }
103
104#ifndef OPENSSL_SMALL_FOOTPRINT
105 reconsider:
106 if (inpgap==0 && bitrem==0) /* byte-oriented loop */
107 {
108 while (bits)
109 {
110 if (bitoff==0 && (n=bits/WHIRLPOOL_BBLOCK))
111 {
112 whirlpool_block(c,inp,n);
113 inp += n*WHIRLPOOL_BBLOCK/8;
114 bits %= WHIRLPOOL_BBLOCK;
115 }
116 else
117 {
118 unsigned int byteoff = bitoff/8;
119
120 bitrem = WHIRLPOOL_BBLOCK - bitoff;/* re-use bitrem */
121 if (bits >= bitrem)
122 {
123 bits -= bitrem;
124 bitrem /= 8;
125 memcpy(c->data+byteoff,inp,bitrem);
126 inp += bitrem;
127 whirlpool_block(c,c->data,1);
128 bitoff = 0;
129 }
130 else
131 {
132 memcpy(c->data+byteoff,inp,bits/8);
133 bitoff += (unsigned int)bits;
134 bits = 0;
135 }
136 c->bitoff = bitoff;
137 }
138 }
139 }
140 else /* bit-oriented loop */
141#endif
142 {
143 /*
144 inp
145 |
146 +-------+-------+-------
147 |||||||||||||||||||||
148 +-------+-------+-------
149 +-------+-------+-------+-------+-------
150 |||||||||||||| c->data
151 +-------+-------+-------+-------+-------
152 |
153 c->bitoff/8
154 */
155 while (bits)
156 {
157 unsigned int byteoff = bitoff/8;
158 unsigned char b;
159
160#ifndef OPENSSL_SMALL_FOOTPRINT
161 if (bitrem==inpgap)
162 {
163 c->data[byteoff++] |= inp[0] & (0xff>>inpgap);
164 inpgap = 8-inpgap;
165 bitoff += inpgap; bitrem = 0; /* bitoff%8 */
166 bits -= inpgap; inpgap = 0; /* bits%8 */
167 inp++;
168 if (bitoff==WHIRLPOOL_BBLOCK)
169 {
170 whirlpool_block(c,c->data,1);
171 bitoff = 0;
172 }
173 c->bitoff = bitoff;
174 goto reconsider;
175 }
176 else
177#endif
178 if (bits>=8)
179 {
180 b = ((inp[0]<<inpgap) | (inp[1]>>(8-inpgap)));
181 b &= 0xff;
182 if (bitrem) c->data[byteoff++] |= b>>bitrem;
183 else c->data[byteoff++] = b;
184 bitoff += 8;
185 bits -= 8;
186 inp++;
187 if (bitoff>=WHIRLPOOL_BBLOCK)
188 {
189 whirlpool_block(c,c->data,1);
190 byteoff = 0;
191 bitoff %= WHIRLPOOL_BBLOCK;
192 }
193 if (bitrem) c->data[byteoff] = b<<(8-bitrem);
194 }
195 else /* remaining less than 8 bits */
196 {
197 b = (inp[0]<<inpgap)&0xff;
198 if (bitrem) c->data[byteoff++] |= b>>bitrem;
199 else c->data[byteoff++] = b;
200 bitoff += (unsigned int)bits;
201 if (bitoff==WHIRLPOOL_BBLOCK)
202 {
203 whirlpool_block(c,c->data,1);
204 byteoff = 0;
205 bitoff %= WHIRLPOOL_BBLOCK;
206 }
207 if (bitrem) c->data[byteoff] = b<<(8-bitrem);
208 bits = 0;
209 }
210 c->bitoff = bitoff;
211 }
212 }
213 }
214
215int WHIRLPOOL_Final (unsigned char *md,WHIRLPOOL_CTX *c)
216 {
217 unsigned int bitoff = c->bitoff,
218 byteoff = bitoff/8;
219 size_t i,j,v;
220 unsigned char *p;
221
222 bitoff %= 8;
223 if (bitoff) c->data[byteoff] |= 0x80>>bitoff;
224 else c->data[byteoff] = 0x80;
225 byteoff++;
226
227 /* pad with zeros */
228 if (byteoff > (WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER))
229 {
230 if (byteoff<WHIRLPOOL_BBLOCK/8)
231 memset(&c->data[byteoff],0,WHIRLPOOL_BBLOCK/8-byteoff);
232 whirlpool_block(c,c->data,1);
233 byteoff = 0;
234 }
235 if (byteoff < (WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER))
236 memset(&c->data[byteoff],0,
237 (WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER)-byteoff);
238 /* smash 256-bit c->bitlen in big-endian order */
239 p = &c->data[WHIRLPOOL_BBLOCK/8-1]; /* last byte in c->data */
240 for(i=0;i<WHIRLPOOL_COUNTER/sizeof(size_t);i++)
241 for(v=c->bitlen[i],j=0;j<sizeof(size_t);j++,v>>=8)
242 *p-- = (unsigned char)(v&0xff);
243
244 whirlpool_block(c,c->data,1);
245
246 if (md) {
247 memcpy(md,c->H.c,WHIRLPOOL_DIGEST_LENGTH);
248 memset(c,0,sizeof(*c));
249 return(1);
250 }
251 return(0);
252 }
253
254unsigned char *WHIRLPOOL(const void *inp, size_t bytes,unsigned char *md)
255 {
256 WHIRLPOOL_CTX ctx;
257 static unsigned char m[WHIRLPOOL_DIGEST_LENGTH];
258
259 if (md == NULL) md=m;
260 WHIRLPOOL_Init(&ctx);
261 WHIRLPOOL_Update(&ctx,inp,bytes);
262 WHIRLPOOL_Final(md,&ctx);
263 return(md);
264 }
diff --git a/src/lib/libcrypto/whrlpool/wp_locl.h b/src/lib/libcrypto/whrlpool/wp_locl.h
deleted file mode 100644
index 94e56a39f1..0000000000
--- a/src/lib/libcrypto/whrlpool/wp_locl.h
+++ /dev/null
@@ -1,3 +0,0 @@
1#include <openssl/whrlpool.h>
2
3void whirlpool_block(WHIRLPOOL_CTX *,const void *,size_t);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 22:05:56 +0000