summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/whrlpool
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/whrlpool')
-rw-r--r--src/lib/libcrypto/whrlpool/asm/wp-mmx.pl493
-rw-r--r--src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl481
-rw-r--r--src/lib/libcrypto/whrlpool/whrlpool.h41
-rw-r--r--src/lib/libcrypto/whrlpool/wp_block.c634
-rw-r--r--src/lib/libcrypto/whrlpool/wp_dgst.c266
-rw-r--r--src/lib/libcrypto/whrlpool/wp_locl.h5
6 files changed, 0 insertions, 1920 deletions
diff --git a/src/lib/libcrypto/whrlpool/asm/wp-mmx.pl b/src/lib/libcrypto/whrlpool/asm/wp-mmx.pl
deleted file mode 100644
index cb2381c22b..0000000000
--- a/src/lib/libcrypto/whrlpool/asm/wp-mmx.pl
+++ /dev/null
@@ -1,493 +0,0 @@
1#!/usr/bin/env perl
2#
3# ====================================================================
4# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
5# project. Rights for redistribution and usage in source and binary
6# forms are granted according to the OpenSSL license.
7# ====================================================================
8#
9# whirlpool_block_mmx implementation.
10#
11*SCALE=\(2); # 2 or 8, that is the question:-) Value of 8 results
12# in 16KB large table, which is tough on L1 cache, but eliminates
13# unaligned references to it. Value of 2 results in 4KB table, but
14# 7/8 of references to it are unaligned. AMD cores seem to be
15# allergic to the latter, while Intel ones - to former [see the
16# table]. I stick to value of 2 for two reasons: 1. smaller table
17# minimizes cache trashing and thus mitigates the hazard of side-
18# channel leakage similar to AES cache-timing one; 2. performance
19# gap among different µ-archs is smaller.
20#
21# Performance table lists rounded amounts of CPU cycles spent by
22# whirlpool_block_mmx routine on single 64 byte input block, i.e.
23# smaller is better and asymptotic throughput can be estimated by
24# multiplying 64 by CPU clock frequency and dividing by relevant
25# value from the given table:
26#
27# $SCALE=2/8 icc8 gcc3
28# Intel P4 3200/4600 4600(*) 6400
29# Intel PIII 2900/3000 4900 5400
30# AMD K[78] 2500/1800 9900 8200(**)
31#
32# (*) I've sketched even non-MMX assembler, but for the record
33# I've failed to beat the Intel compiler on P4, without using
34# MMX that is...
35# (**) ... on AMD on the other hand non-MMX assembler was observed
36# to perform significantly better, but I figured this MMX
37# implementation is even faster anyway, so why bother? As for
38# pre-MMX AMD core[s], the improvement coefficient is more
39# than likely to vary anyway and I don't know how. But the
40# least I know is that gcc-generated code compiled with
41# -DL_ENDIAN and -DOPENSSL_SMALL_FOOTPRINT [see C module for
42# details] and optimized for Pentium was observed to perform
43# *better* on Pentium 100 than unrolled non-MMX assembler
44# loop... So we just say that I don't know if maintaining
45# non-MMX implementation would actually pay off, but till
46# opposite is proved "unlikely" is assumed.
47
48$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
49push(@INC,"${dir}","${dir}../../perlasm");
50require "x86asm.pl";
51
52&asm_init($ARGV[0],"wp-mmx.pl");
53
54sub L() { &data_byte(@_); }
55sub LL()
56{ if ($SCALE==2) { &data_byte(@_); &data_byte(@_); }
57 elsif ($SCALE==8) { for ($i=0;$i<8;$i++) {
58 &data_byte(@_);
59 unshift(@_,pop(@_));
60 }
61 }
62 else { die "unvalid SCALE value"; }
63}
64
65sub scale()
66{ if ($SCALE==2) { &lea(@_[0],&DWP(0,@_[1],@_[1])); }
67 elsif ($SCALE==8) { &lea(@_[0],&DWP(0,"",@_[1],8)); }
68 else { die "unvalid SCALE value"; }
69}
70
71sub row()
72{ if ($SCALE==2) { ((8-shift)&7); }
73 elsif ($SCALE==8) { (8*shift); }
74 else { die "unvalid SCALE value"; }
75}
76
77$tbl="ebp";
78@mm=("mm0","mm1","mm2","mm3","mm4","mm5","mm6","mm7");
79
80&function_begin_B("whirlpool_block_mmx");
81 &push ("ebp");
82 &push ("ebx");
83 &push ("esi");
84 &push ("edi");
85
86 &mov ("esi",&wparam(0)); # hash value
87 &mov ("edi",&wparam(1)); # input data stream
88 &mov ("ebp",&wparam(2)); # number of chunks in input
89
90 &mov ("eax","esp"); # copy stack pointer
91 &sub ("esp",128+20); # allocate frame
92 &and ("esp",-64); # align for cache-line
93
94 &lea ("ebx",&DWP(128,"esp"));
95 &mov (&DWP(0,"ebx"),"esi"); # save parameter block
96 &mov (&DWP(4,"ebx"),"edi");
97 &mov (&DWP(8,"ebx"),"ebp");
98 &mov (&DWP(16,"ebx"),"eax"); # saved stack pointer
99
100 &call (&label("pic_point"));
101&set_label("pic_point");
102 &blindpop($tbl);
103 &lea ($tbl,&DWP(&label("table")."-".&label("pic_point"),$tbl));
104
105 &xor ("ecx","ecx");
106 &xor ("edx","edx");
107
108 for($i=0;$i<8;$i++) { &movq(@mm[$i],&QWP($i*8,"esi")); } # L=H
109&set_label("outerloop");
110 for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esp"),@mm[$i]); } # K=L
111 for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"edi")); } # L^=inp
112 for($i=0;$i<8;$i++) { &movq(&QWP(64+$i*8,"esp"),@mm[$i]); } # S=L
113
114 &xor ("esi","esi");
115 &mov (&DWP(12,"ebx"),"esi"); # zero round counter
116
117&set_label("round",16);
118 &movq (@mm[0],&QWP(2048*$SCALE,$tbl,"esi",8)); # rc[r]
119 &mov ("eax",&DWP(0,"esp"));
120 &mov ("ebx",&DWP(4,"esp"));
121for($i=0;$i<8;$i++) {
122 my $func = ($i==0)? \&movq : \&pxor;
123 &movb (&LB("ecx"),&LB("eax"));
124 &movb (&LB("edx"),&HB("eax"));
125 &scale ("esi","ecx");
126 &scale ("edi","edx");
127 &shr ("eax",16);
128 &pxor (@mm[0],&QWP(&row(0),$tbl,"esi",8));
129 &$func (@mm[1],&QWP(&row(1),$tbl,"edi",8));
130 &movb (&LB("ecx"),&LB("eax"));
131 &movb (&LB("edx"),&HB("eax"));
132 &mov ("eax",&DWP(($i+1)*8,"esp"));
133 &scale ("esi","ecx");
134 &scale ("edi","edx");
135 &$func (@mm[2],&QWP(&row(2),$tbl,"esi",8));
136 &$func (@mm[3],&QWP(&row(3),$tbl,"edi",8));
137 &movb (&LB("ecx"),&LB("ebx"));
138 &movb (&LB("edx"),&HB("ebx"));
139 &scale ("esi","ecx");
140 &scale ("edi","edx");
141 &shr ("ebx",16);
142 &$func (@mm[4],&QWP(&row(4),$tbl,"esi",8));
143 &$func (@mm[5],&QWP(&row(5),$tbl,"edi",8));
144 &movb (&LB("ecx"),&LB("ebx"));
145 &movb (&LB("edx"),&HB("ebx"));
146 &mov ("ebx",&DWP(($i+1)*8+4,"esp"));
147 &scale ("esi","ecx");
148 &scale ("edi","edx");
149 &$func (@mm[6],&QWP(&row(6),$tbl,"esi",8));
150 &$func (@mm[7],&QWP(&row(7),$tbl,"edi",8));
151 push(@mm,shift(@mm));
152}
153
154 for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esp"),@mm[$i]); } # K=L
155
156for($i=0;$i<8;$i++) {
157 &movb (&LB("ecx"),&LB("eax"));
158 &movb (&LB("edx"),&HB("eax"));
159 &scale ("esi","ecx");
160 &scale ("edi","edx");
161 &shr ("eax",16);
162 &pxor (@mm[0],&QWP(&row(0),$tbl,"esi",8));
163 &pxor (@mm[1],&QWP(&row(1),$tbl,"edi",8));
164 &movb (&LB("ecx"),&LB("eax"));
165 &movb (&LB("edx"),&HB("eax"));
166 &mov ("eax",&DWP(64+($i+1)*8,"esp")) if ($i<7);
167 &scale ("esi","ecx");
168 &scale ("edi","edx");
169 &pxor (@mm[2],&QWP(&row(2),$tbl,"esi",8));
170 &pxor (@mm[3],&QWP(&row(3),$tbl,"edi",8));
171 &movb (&LB("ecx"),&LB("ebx"));
172 &movb (&LB("edx"),&HB("ebx"));
173 &scale ("esi","ecx");
174 &scale ("edi","edx");
175 &shr ("ebx",16);
176 &pxor (@mm[4],&QWP(&row(4),$tbl,"esi",8));
177 &pxor (@mm[5],&QWP(&row(5),$tbl,"edi",8));
178 &movb (&LB("ecx"),&LB("ebx"));
179 &movb (&LB("edx"),&HB("ebx"));
180 &mov ("ebx",&DWP(64+($i+1)*8+4,"esp")) if ($i<7);
181 &scale ("esi","ecx");
182 &scale ("edi","edx");
183 &pxor (@mm[6],&QWP(&row(6),$tbl,"esi",8));
184 &pxor (@mm[7],&QWP(&row(7),$tbl,"edi",8));
185 push(@mm,shift(@mm));
186}
187 &lea ("ebx",&DWP(128,"esp"));
188 &mov ("esi",&DWP(12,"ebx")); # pull round counter
189 &add ("esi",1);
190 &cmp ("esi",10);
191 &je (&label("roundsdone"));
192
193 &mov (&DWP(12,"ebx"),"esi"); # update round counter
194 for($i=0;$i<8;$i++) { &movq(&QWP(64+$i*8,"esp"),@mm[$i]); } # S=L
195 &jmp (&label("round"));
196
197&set_label("roundsdone",16);
198 &mov ("esi",&DWP(0,"ebx")); # reload argument block
199 &mov ("edi",&DWP(4,"ebx"));
200 &mov ("eax",&DWP(8,"ebx"));
201
202 for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"edi")); } # L^=inp
203 for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"esi")); } # L^=H
204 for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esi"),@mm[$i]); } # H=L
205
206 &lea ("edi",&DWP(64,"edi")); # inp+=64
207 &sub ("eax",1); # num--
208 &jz (&label("alldone"));
209 &mov (&DWP(4,"ebx"),"edi"); # update argument block
210 &mov (&DWP(8,"ebx"),"eax");
211 &jmp (&label("outerloop"));
212
213&set_label("alldone");
214 &emms ();
215 &mov ("esp",&DWP(16,"ebx")); # restore saved stack pointer
216 &pop ("edi");
217 &pop ("esi");
218 &pop ("ebx");
219 &pop ("ebp");
220 &ret ();
221
222&align(64);
223&set_label("table");
224 &LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8);
225 &LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26);
226 &LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8);
227 &LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb);
228 &LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb);
229 &LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11);
230 &LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09);
231 &LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d);
232 &LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b);
233 &LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff);
234 &LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c);
235 &LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e);
236 &LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96);
237 &LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30);
238 &LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d);
239 &LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8);
240 &LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47);
241 &LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35);
242 &LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37);
243 &LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a);
244 &LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2);
245 &LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c);
246 &LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84);
247 &LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80);
248 &LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5);
249 &LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3);
250 &LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21);
251 &LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c);
252 &LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43);
253 &LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29);
254 &LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d);
255 &LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5);
256 &LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd);
257 &LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8);
258 &LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92);
259 &LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e);
260 &LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13);
261 &LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23);
262 &LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20);
263 &LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44);
264 &LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2);
265 &LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf);
266 &LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c);
267 &LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a);
268 &LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50);
269 &LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9);
270 &LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14);
271 &LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9);
272 &LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c);
273 &LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f);
274 &LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90);
275 &LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07);
276 &LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd);
277 &LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3);
278 &LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d);
279 &LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78);
280 &LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97);
281 &LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02);
282 &LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73);
283 &LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7);
284 &LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6);
285 &LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2);
286 &LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49);
287 &LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56);
288 &LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70);
289 &LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd);
290 &LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb);
291 &LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71);
292 &LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b);
293 &LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf);
294 &LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45);
295 &LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a);
296 &LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4);
297 &LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58);
298 &LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e);
299 &LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f);
300 &LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac);
301 &LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0);
302 &LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef);
303 &LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6);
304 &LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c);
305 &LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12);
306 &LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93);
307 &LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde);
308 &LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6);
309 &LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1);
310 &LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b);
311 &LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f);
312 &LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31);
313 &LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8);
314 &LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9);
315 &LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc);
316 &LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e);
317 &LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b);
318 &LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf);
319 &LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59);
320 &LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2);
321 &LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77);
322 &LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33);
323 &LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4);
324 &LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27);
325 &LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb);
326 &LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89);
327 &LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32);
328 &LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54);
329 &LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d);
330 &LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64);
331 &LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d);
332 &LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d);
333 &LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f);
334 &LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca);
335 &LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7);
336 &LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d);
337 &LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce);
338 &LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f);
339 &LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f);
340 &LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63);
341 &LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a);
342 &LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc);
343 &LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82);
344 &LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a);
345 &LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48);
346 &LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95);
347 &LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf);
348 &LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d);
349 &LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0);
350 &LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91);
351 &LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8);
352 &LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b);
353 &LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);
354 &LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9);
355 &LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e);
356 &LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1);
357 &LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6);
358 &LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28);
359 &LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3);
360 &LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74);
361 &LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe);
362 &LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d);
363 &LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea);
364 &LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57);
365 &LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38);
366 &LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad);
367 &LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4);
368 &LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda);
369 &LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7);
370 &LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb);
371 &LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9);
372 &LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a);
373 &LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03);
374 &LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a);
375 &LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e);
376 &LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60);
377 &LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc);
378 &LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46);
379 &LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f);
380 &LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76);
381 &LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa);
382 &LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36);
383 &LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae);
384 &LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b);
385 &LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85);
386 &LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e);
387 &LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7);
388 &LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55);
389 &LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a);
390 &LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81);
391 &LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52);
392 &LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62);
393 &LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3);
394 &LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10);
395 &LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab);
396 &LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0);
397 &LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5);
398 &LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec);
399 &LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16);
400 &LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94);
401 &LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f);
402 &LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5);
403 &LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98);
404 &LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17);
405 &LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4);
406 &LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1);
407 &LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e);
408 &LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42);
409 &LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34);
410 &LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08);
411 &LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee);
412 &LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61);
413 &LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1);
414 &LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f);
415 &LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24);
416 &LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3);
417 &LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25);
418 &LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22);
419 &LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65);
420 &LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79);
421 &LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69);
422 &LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9);
423 &LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19);
424 &LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe);
425 &LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a);
426 &LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0);
427 &LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99);
428 &LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83);
429 &LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04);
430 &LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66);
431 &LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0);
432 &LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1);
433 &LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd);
434 &LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40);
435 &LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c);
436 &LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18);
437 &LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b);
438 &LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51);
439 &LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05);
440 &LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c);
441 &LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39);
442 &LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa);
443 &LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b);
444 &LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc);
445 &LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e);
446 &LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0);
447 &LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88);
448 &LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67);
449 &LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a);
450 &LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87);
451 &LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1);
452 &LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72);
453 &LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53);
454 &LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01);
455 &LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b);
456 &LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4);
457 &LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3);
458 &LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15);
459 &LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c);
460 &LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5);
461 &LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5);
462 &LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4);
463 &LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba);
464 &LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6);
465 &LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7);
466 &LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06);
467 &LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41);
468 &LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7);
469 &LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f);
470 &LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e);
471 &LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6);
472 &LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2);
473 &LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68);
474 &LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c);
475 &LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed);
476 &LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75);
477 &LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86);
478 &LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b);
479 &LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2);
480
481 &L(0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f); # rc[ROUNDS]
482 &L(0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52);
483 &L(0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35);
484 &L(0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57);
485 &L(0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda);
486 &L(0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85);
487 &L(0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67);
488 &L(0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8);
489 &L(0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e);
490 &L(0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33);
491
492&function_end_B("whirlpool_block_mmx");
493&asm_finish();
diff --git a/src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl b/src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl
deleted file mode 100644
index afadd5d2f1..0000000000
--- a/src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl
+++ /dev/null
@@ -1,481 +0,0 @@
1#!/usr/bin/env perl
2#
3# ====================================================================
4# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
5# project. Rights for redistribution and usage in source and binary
6# forms are granted according to the OpenSSL license.
7# ====================================================================
8#
9# whirlpool_block for x86_64.
10#
11# 2500 cycles per 64-byte input block on AMD64, which is *identical*
12# to 32-bit MMX version executed on same CPU. So why did I bother?
13# Well, it's faster than gcc 3.3.2 generated code by over 50%, and
14# over 80% faster than PathScale 1.4, an "ambitious" commercial
15# compiler. Furthermore it surpasses gcc 3.4.3 by 170% and Sun Studio
16# 10 - by 360%[!]... What is it with x86_64 compilers? It's not the
17# first example when they fail to generate more optimal code, when
18# I believe they had *all* chances to...
19#
20# Note that register and stack frame layout are virtually identical
21# to 32-bit MMX version, except that %r8-15 are used instead of
22# %mm0-8. You can even notice that K[i] and S[i] are loaded to
23# %eax:%ebx as pair of 32-bit values and not as single 64-bit one.
24# This is done in order to avoid 64-bit shift penalties on Intel
25# EM64T core. Speaking of which! I bet it's possible to improve
26# Opteron performance by compressing the table to 2KB and replacing
27# unaligned references with complementary rotations [which would
28# incidentally replace lea instructions], but it would definitely
29# just "kill" EM64T, because it has only 1 shifter/rotator [against
30# 3 on Opteron] and which is *unacceptably* slow with 64-bit
31# operand.
32
33$flavour = shift;
34$output = shift;
35if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
36
37$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
38( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
39( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
40die "can't locate x86_64-xlate.pl";
41
42open OUT,"| \"$^X\" $xlate $flavour $output";
43*STDOUT=*OUT;
44
45sub L() { $code.=".byte ".join(',',@_)."\n"; }
46sub LL(){ $code.=".byte ".join(',',@_).",".join(',',@_)."\n"; }
47
48@mm=("%r8","%r9","%r10","%r11","%r12","%r13","%r14","%r15");
49
50$func="whirlpool_block";
51$table=".Ltable";
52
53$code=<<___;
54.text
55
56.globl $func
57.type $func,\@function,3
58.align 16
59$func:
60 push %rbx
61 push %rbp
62 push %r12
63 push %r13
64 push %r14
65 push %r15
66
67 mov %rsp,%r11
68 sub \$128+40,%rsp
69 and \$-64,%rsp
70
71 lea 128(%rsp),%r10
72 mov %rdi,0(%r10) # save parameter block
73 mov %rsi,8(%r10)
74 mov %rdx,16(%r10)
75 mov %r11,32(%r10) # saved stack pointer
76.Lprologue:
77
78 mov %r10,%rbx
79 lea $table(%rip),%rbp
80
81 xor %rcx,%rcx
82 xor %rdx,%rdx
83___
84for($i=0;$i<8;$i++) { $code.="mov $i*8(%rdi),@mm[$i]\n"; } # L=H
85$code.=".Louterloop:\n";
86for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rsp)\n"; } # K=L
87for($i=0;$i<8;$i++) { $code.="xor $i*8(%rsi),@mm[$i]\n"; } # L^=inp
88for($i=0;$i<8;$i++) { $code.="mov @mm[$i],64+$i*8(%rsp)\n"; } # S=L
89$code.=<<___;
90 xor %rsi,%rsi
91 mov %rsi,24(%rbx) # zero round counter
92.align 16
93.Lround:
94 mov 4096(%rbp,%rsi,8),@mm[0] # rc[r]
95 mov 0(%rsp),%eax
96 mov 4(%rsp),%ebx
97___
98for($i=0;$i<8;$i++) {
99 my $func = ($i==0)? "mov" : "xor";
100 $code.=<<___;
101 mov %al,%cl
102 mov %ah,%dl
103 lea (%rcx,%rcx),%rsi
104 lea (%rdx,%rdx),%rdi
105 shr \$16,%eax
106 xor 0(%rbp,%rsi,8),@mm[0]
107 $func 7(%rbp,%rdi,8),@mm[1]
108 mov %al,%cl
109 mov %ah,%dl
110 mov $i*8+8(%rsp),%eax # ($i+1)*8
111 lea (%rcx,%rcx),%rsi
112 lea (%rdx,%rdx),%rdi
113 $func 6(%rbp,%rsi,8),@mm[2]
114 $func 5(%rbp,%rdi,8),@mm[3]
115 mov %bl,%cl
116 mov %bh,%dl
117 lea (%rcx,%rcx),%rsi
118 lea (%rdx,%rdx),%rdi
119 shr \$16,%ebx
120 $func 4(%rbp,%rsi,8),@mm[4]
121 $func 3(%rbp,%rdi,8),@mm[5]
122 mov %bl,%cl
123 mov %bh,%dl
124 mov $i*8+8+4(%rsp),%ebx # ($i+1)*8+4
125 lea (%rcx,%rcx),%rsi
126 lea (%rdx,%rdx),%rdi
127 $func 2(%rbp,%rsi,8),@mm[6]
128 $func 1(%rbp,%rdi,8),@mm[7]
129___
130 push(@mm,shift(@mm));
131}
132for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rsp)\n"; } # K=L
133for($i=0;$i<8;$i++) {
134 $code.=<<___;
135 mov %al,%cl
136 mov %ah,%dl
137 lea (%rcx,%rcx),%rsi
138 lea (%rdx,%rdx),%rdi
139 shr \$16,%eax
140 xor 0(%rbp,%rsi,8),@mm[0]
141 xor 7(%rbp,%rdi,8),@mm[1]
142 mov %al,%cl
143 mov %ah,%dl
144 `"mov 64+$i*8+8(%rsp),%eax" if($i<7);` # 64+($i+1)*8
145 lea (%rcx,%rcx),%rsi
146 lea (%rdx,%rdx),%rdi
147 xor 6(%rbp,%rsi,8),@mm[2]
148 xor 5(%rbp,%rdi,8),@mm[3]
149 mov %bl,%cl
150 mov %bh,%dl
151 lea (%rcx,%rcx),%rsi
152 lea (%rdx,%rdx),%rdi
153 shr \$16,%ebx
154 xor 4(%rbp,%rsi,8),@mm[4]
155 xor 3(%rbp,%rdi,8),@mm[5]
156 mov %bl,%cl
157 mov %bh,%dl
158 `"mov 64+$i*8+8+4(%rsp),%ebx" if($i<7);` # 64+($i+1)*8+4
159 lea (%rcx,%rcx),%rsi
160 lea (%rdx,%rdx),%rdi
161 xor 2(%rbp,%rsi,8),@mm[6]
162 xor 1(%rbp,%rdi,8),@mm[7]
163___
164 push(@mm,shift(@mm));
165}
166$code.=<<___;
167 lea 128(%rsp),%rbx
168 mov 24(%rbx),%rsi # pull round counter
169 add \$1,%rsi
170 cmp \$10,%rsi
171 je .Lroundsdone
172
173 mov %rsi,24(%rbx) # update round counter
174___
175for($i=0;$i<8;$i++) { $code.="mov @mm[$i],64+$i*8(%rsp)\n"; } # S=L
176$code.=<<___;
177 jmp .Lround
178.align 16
179.Lroundsdone:
180 mov 0(%rbx),%rdi # reload argument block
181 mov 8(%rbx),%rsi
182 mov 16(%rbx),%rax
183___
184for($i=0;$i<8;$i++) { $code.="xor $i*8(%rsi),@mm[$i]\n"; } # L^=inp
185for($i=0;$i<8;$i++) { $code.="xor $i*8(%rdi),@mm[$i]\n"; } # L^=H
186for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rdi)\n"; } # H=L
187$code.=<<___;
188 lea 64(%rsi),%rsi # inp+=64
189 sub \$1,%rax # num--
190 jz .Lalldone
191 mov %rsi,8(%rbx) # update parameter block
192 mov %rax,16(%rbx)
193 jmp .Louterloop
194.Lalldone:
195 mov 32(%rbx),%rsi # restore saved pointer
196 mov (%rsi),%r15
197 mov 8(%rsi),%r14
198 mov 16(%rsi),%r13
199 mov 24(%rsi),%r12
200 mov 32(%rsi),%rbp
201 mov 40(%rsi),%rbx
202 lea 48(%rsi),%rsp
203.Lepilogue:
204 ret
205.size $func,.-$func
206
207.align 64
208.type $table,\@object
209$table:
210___
211 &LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8);
212 &LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26);
213 &LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8);
214 &LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb);
215 &LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb);
216 &LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11);
217 &LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09);
218 &LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d);
219 &LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b);
220 &LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff);
221 &LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c);
222 &LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e);
223 &LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96);
224 &LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30);
225 &LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d);
226 &LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8);
227 &LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47);
228 &LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35);
229 &LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37);
230 &LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a);
231 &LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2);
232 &LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c);
233 &LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84);
234 &LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80);
235 &LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5);
236 &LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3);
237 &LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21);
238 &LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c);
239 &LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43);
240 &LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29);
241 &LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d);
242 &LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5);
243 &LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd);
244 &LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8);
245 &LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92);
246 &LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e);
247 &LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13);
248 &LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23);
249 &LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20);
250 &LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44);
251 &LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2);
252 &LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf);
253 &LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c);
254 &LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a);
255 &LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50);
256 &LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9);
257 &LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14);
258 &LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9);
259 &LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c);
260 &LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f);
261 &LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90);
262 &LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07);
263 &LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd);
264 &LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3);
265 &LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d);
266 &LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78);
267 &LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97);
268 &LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02);
269 &LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73);
270 &LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7);
271 &LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6);
272 &LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2);
273 &LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49);
274 &LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56);
275 &LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70);
276 &LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd);
277 &LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb);
278 &LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71);
279 &LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b);
280 &LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf);
281 &LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45);
282 &LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a);
283 &LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4);
284 &LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58);
285 &LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e);
286 &LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f);
287 &LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac);
288 &LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0);
289 &LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef);
290 &LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6);
291 &LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c);
292 &LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12);
293 &LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93);
294 &LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde);
295 &LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6);
296 &LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1);
297 &LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b);
298 &LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f);
299 &LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31);
300 &LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8);
301 &LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9);
302 &LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc);
303 &LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e);
304 &LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b);
305 &LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf);
306 &LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59);
307 &LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2);
308 &LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77);
309 &LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33);
310 &LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4);
311 &LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27);
312 &LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb);
313 &LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89);
314 &LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32);
315 &LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54);
316 &LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d);
317 &LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64);
318 &LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d);
319 &LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d);
320 &LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f);
321 &LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca);
322 &LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7);
323 &LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d);
324 &LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce);
325 &LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f);
326 &LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f);
327 &LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63);
328 &LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a);
329 &LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc);
330 &LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82);
331 &LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a);
332 &LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48);
333 &LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95);
334 &LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf);
335 &LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d);
336 &LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0);
337 &LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91);
338 &LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8);
339 &LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b);
340 &LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);
341 &LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9);
342 &LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e);
343 &LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1);
344 &LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6);
345 &LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28);
346 &LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3);
347 &LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74);
348 &LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe);
349 &LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d);
350 &LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea);
351 &LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57);
352 &LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38);
353 &LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad);
354 &LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4);
355 &LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda);
356 &LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7);
357 &LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb);
358 &LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9);
359 &LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a);
360 &LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03);
361 &LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a);
362 &LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e);
363 &LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60);
364 &LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc);
365 &LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46);
366 &LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f);
367 &LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76);
368 &LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa);
369 &LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36);
370 &LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae);
371 &LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b);
372 &LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85);
373 &LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e);
374 &LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7);
375 &LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55);
376 &LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a);
377 &LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81);
378 &LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52);
379 &LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62);
380 &LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3);
381 &LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10);
382 &LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab);
383 &LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0);
384 &LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5);
385 &LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec);
386 &LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16);
387 &LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94);
388 &LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f);
389 &LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5);
390 &LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98);
391 &LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17);
392 &LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4);
393 &LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1);
394 &LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e);
395 &LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42);
396 &LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34);
397 &LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08);
398 &LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee);
399 &LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61);
400 &LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1);
401 &LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f);
402 &LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24);
403 &LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3);
404 &LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25);
405 &LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22);
406 &LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65);
407 &LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79);
408 &LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69);
409 &LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9);
410 &LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19);
411 &LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe);
412 &LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a);
413 &LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0);
414 &LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99);
415 &LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83);
416 &LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04);
417 &LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66);
418 &LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0);
419 &LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1);
420 &LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd);
421 &LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40);
422 &LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c);
423 &LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18);
424 &LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b);
425 &LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51);
426 &LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05);
427 &LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c);
428 &LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39);
429 &LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa);
430 &LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b);
431 &LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc);
432 &LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e);
433 &LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0);
434 &LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88);
435 &LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67);
436 &LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a);
437 &LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87);
438 &LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1);
439 &LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72);
440 &LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53);
441 &LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01);
442 &LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b);
443 &LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4);
444 &LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3);
445 &LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15);
446 &LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c);
447 &LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5);
448 &LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5);
449 &LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4);
450 &LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba);
451 &LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6);
452 &LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7);
453 &LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06);
454 &LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41);
455 &LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7);
456 &LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f);
457 &LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e);
458 &LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6);
459 &LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2);
460 &LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68);
461 &LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c);
462 &LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed);
463 &LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75);
464 &LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86);
465 &LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b);
466 &LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2);
467
468 &L(0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f); # rc[ROUNDS]
469 &L(0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52);
470 &L(0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35);
471 &L(0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57);
472 &L(0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda);
473 &L(0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85);
474 &L(0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67);
475 &L(0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8);
476 &L(0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e);
477 &L(0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33);
478
479$code =~ s/\`([^\`]*)\`/eval $1/gem;
480print $code;
481close STDOUT;
diff --git a/src/lib/libcrypto/whrlpool/whrlpool.h b/src/lib/libcrypto/whrlpool/whrlpool.h
deleted file mode 100644
index 875d34f7d3..0000000000
--- a/src/lib/libcrypto/whrlpool/whrlpool.h
+++ /dev/null
@@ -1,41 +0,0 @@
1/* $OpenBSD: whrlpool.h,v 1.5 2014/07/10 22:45:58 jsing Exp $ */
2
3#include <stddef.h>
4
5#ifndef HEADER_WHRLPOOL_H
6#define HEADER_WHRLPOOL_H
7
8#include <openssl/opensslconf.h>
9
10#ifdef __cplusplus
11extern "C" {
12#endif
13
14#define WHIRLPOOL_DIGEST_LENGTH (512/8)
15#define WHIRLPOOL_BBLOCK 512
16#define WHIRLPOOL_COUNTER (256/8)
17
18typedef struct {
19 union {
20 unsigned char c[WHIRLPOOL_DIGEST_LENGTH];
21 /* double q is here to ensure 64-bit alignment */
22 double q[WHIRLPOOL_DIGEST_LENGTH/sizeof(double)];
23 } H;
24 unsigned char data[WHIRLPOOL_BBLOCK/8];
25 unsigned int bitoff;
26 size_t bitlen[WHIRLPOOL_COUNTER/sizeof(size_t)];
27 } WHIRLPOOL_CTX;
28
29#ifndef OPENSSL_NO_WHIRLPOOL
30int WHIRLPOOL_Init (WHIRLPOOL_CTX *c);
31int WHIRLPOOL_Update (WHIRLPOOL_CTX *c,const void *inp,size_t bytes);
32void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *inp,size_t bits);
33int WHIRLPOOL_Final (unsigned char *md,WHIRLPOOL_CTX *c);
34unsigned char *WHIRLPOOL(const void *inp,size_t bytes,unsigned char *md);
35#endif
36
37#ifdef __cplusplus
38}
39#endif
40
41#endif
diff --git a/src/lib/libcrypto/whrlpool/wp_block.c b/src/lib/libcrypto/whrlpool/wp_block.c
deleted file mode 100644
index 9a681c2888..0000000000
--- a/src/lib/libcrypto/whrlpool/wp_block.c
+++ /dev/null
@@ -1,634 +0,0 @@
1/* $OpenBSD: wp_block.c,v 1.10 2016/03/15 20:50:22 krw Exp $ */
2/**
3 * The Whirlpool hashing function.
4 *
5 * <P>
6 * <b>References</b>
7 *
8 * <P>
9 * The Whirlpool algorithm was developed by
10 * <a href="mailto:pbarreto@scopus.com.br">Paulo S. L. M. Barreto</a> and
11 * <a href="mailto:vincent.rijmen@cryptomathic.com">Vincent Rijmen</a>.
12 *
13 * See
14 * P.S.L.M. Barreto, V. Rijmen,
15 * ``The Whirlpool hashing function,''
16 * NESSIE submission, 2000 (tweaked version, 2001),
17 * <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
18 *
19 * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
20 * Vincent Rijmen. Lookup "reference implementations" on
21 * <http://planeta.terra.com.br/informatica/paulobarreto/>
22 *
23 * =============================================================================
24 *
25 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
26 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
27 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
29 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
32 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
33 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
34 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
35 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 *
37 */
38
39#include "wp_locl.h"
40#include <string.h>
41#include <machine/endian.h>
42
43typedef unsigned char u8;
44#if defined(_LP64)
45typedef unsigned long u64;
46#else
47typedef unsigned long long u64;
48#endif
49
50#define ROUNDS 10
51
52#undef SMALL_REGISTER_BANK
53#if defined(__i386) || defined(__i386__) || defined(_M_IX86)
54# define SMALL_REGISTER_BANK
55# if defined(WHIRLPOOL_ASM)
56# ifndef OPENSSL_SMALL_FOOTPRINT
57# define OPENSSL_SMALL_FOOTPRINT /* it appears that for elder non-MMX
58 CPUs this is actually faster! */
59# endif
60# define GO_FOR_MMX(ctx,inp,num) do { \
61 extern unsigned int OPENSSL_ia32cap_P[]; \
62 void whirlpool_block_mmx(void *,const void *,size_t); \
63 if (!(OPENSSL_ia32cap_P[0] & (1<<23))) break; \
64 whirlpool_block_mmx(ctx->H.c,inp,num); return; \
65 } while (0)
66# endif
67#elif defined(__arm__)
68# define SMALL_REGISTER_BANK
69#elif defined(__vax__)
70# define SMALL_REGISTER_BANK
71#endif
72
73#undef ROTATE
74#if defined(__GNUC__) && __GNUC__>=2
75# if defined(__x86_64) || defined(__x86_64__)
76# define ROTATE(a,n) ({ u64 ret; asm ("rolq %1,%0" \
77 : "=r"(ret) : "J"(n),"0"(a) : "cc"); ret; })
78# elif defined(__ia64) || defined(__ia64__)
79# if BYTE_ORDER == LITTLE_ENDIAN
80# define ROTATE(a,n) ({ u64 ret; asm ("shrp %0=%1,%1,%2" \
81 : "=r"(ret) : "r"(a),"M"(64-(n))); ret; })
82# else
83# define ROTATE(a,n) ({ u64 ret; asm ("shrp %0=%1,%1,%2" \
84 : "=r"(ret) : "r"(a),"M"(n)); ret; })
85# endif
86# endif
87#endif
88
89#if defined(OPENSSL_SMALL_FOOTPRINT)
90# if !defined(ROTATE)
91# if BYTE_ORDER == LITTLE_ENDIAN /* little-endians have to rotate left */
92# define ROTATE(i,n) ((i)<<(n) ^ (i)>>(64-n))
93# else /* big-endians have to rotate right */
94# define ROTATE(i,n) ((i)>>(n) ^ (i)<<(64-n))
95# endif
96# endif
97# if defined(ROTATE) && !defined(__STRICT_ALIGNMENT)
98# define __STRICT_ALIGNMENT /* ensure smallest table size */
99# endif
100#endif
101
102/*
103 * Table size depends on __STRICT_ALIGNMENT and whether or not endian-
104 * specific ROTATE macro is defined. If __STRICT_ALIGNMENT is not
105 * defined, which is normally the case on x86[_64] CPUs, the table is
106 * 4KB large unconditionally. Otherwise if ROTATE is defined, the
107 * table is 2KB large, and otherwise - 16KB. 2KB table requires a
108 * whole bunch of additional rotations, but I'm willing to "trade,"
109 * because 16KB table certainly trashes L1 cache. I wish all CPUs
110 * could handle unaligned load as 4KB table doesn't trash the cache,
111 * nor does it require additional rotations.
112 */
113/*
114 * Note that every Cn macro expands as two loads: one byte load and
115 * one quadword load. One can argue that that many single-byte loads
116 * is too excessive, as one could load a quadword and "milk" it for
117 * eight 8-bit values instead. Well, yes, but in order to do so *and*
118 * avoid excessive loads you have to accommodate a handful of 64-bit
119 * values in the register bank and issue a bunch of shifts and mask.
120 * It's a tradeoff: loads vs. shift and mask in big register bank[!].
121 * On most CPUs eight single-byte loads are faster and I let other
122 * ones to depend on smart compiler to fold byte loads if beneficial.
123 * Hand-coded assembler would be another alternative:-)
124 */
125#ifdef __STRICT_ALIGNMENT
126# if defined(ROTATE)
127# define N 1
128# define LL(c0,c1,c2,c3,c4,c5,c6,c7) c0,c1,c2,c3,c4,c5,c6,c7
129# define C0(K,i) (Cx.q[K.c[(i)*8+0]])
130# define C1(K,i) ROTATE(Cx.q[K.c[(i)*8+1]],8)
131# define C2(K,i) ROTATE(Cx.q[K.c[(i)*8+2]],16)
132# define C3(K,i) ROTATE(Cx.q[K.c[(i)*8+3]],24)
133# define C4(K,i) ROTATE(Cx.q[K.c[(i)*8+4]],32)
134# define C5(K,i) ROTATE(Cx.q[K.c[(i)*8+5]],40)
135# define C6(K,i) ROTATE(Cx.q[K.c[(i)*8+6]],48)
136# define C7(K,i) ROTATE(Cx.q[K.c[(i)*8+7]],56)
137# else
138# define N 8
139# define LL(c0,c1,c2,c3,c4,c5,c6,c7) c0,c1,c2,c3,c4,c5,c6,c7, \
140 c7,c0,c1,c2,c3,c4,c5,c6, \
141 c6,c7,c0,c1,c2,c3,c4,c5, \
142 c5,c6,c7,c0,c1,c2,c3,c4, \
143 c4,c5,c6,c7,c0,c1,c2,c3, \
144 c3,c4,c5,c6,c7,c0,c1,c2, \
145 c2,c3,c4,c5,c6,c7,c0,c1, \
146 c1,c2,c3,c4,c5,c6,c7,c0
147# define C0(K,i) (Cx.q[0+8*K.c[(i)*8+0]])
148# define C1(K,i) (Cx.q[1+8*K.c[(i)*8+1]])
149# define C2(K,i) (Cx.q[2+8*K.c[(i)*8+2]])
150# define C3(K,i) (Cx.q[3+8*K.c[(i)*8+3]])
151# define C4(K,i) (Cx.q[4+8*K.c[(i)*8+4]])
152# define C5(K,i) (Cx.q[5+8*K.c[(i)*8+5]])
153# define C6(K,i) (Cx.q[6+8*K.c[(i)*8+6]])
154# define C7(K,i) (Cx.q[7+8*K.c[(i)*8+7]])
155# endif
156#else
157# define N 2
158# define LL(c0,c1,c2,c3,c4,c5,c6,c7) c0,c1,c2,c3,c4,c5,c6,c7, \
159 c0,c1,c2,c3,c4,c5,c6,c7
160# define C0(K,i) (((u64*)(Cx.c+0))[2*K.c[(i)*8+0]])
161# define C1(K,i) (((u64*)(Cx.c+7))[2*K.c[(i)*8+1]])
162# define C2(K,i) (((u64*)(Cx.c+6))[2*K.c[(i)*8+2]])
163# define C3(K,i) (((u64*)(Cx.c+5))[2*K.c[(i)*8+3]])
164# define C4(K,i) (((u64*)(Cx.c+4))[2*K.c[(i)*8+4]])
165# define C5(K,i) (((u64*)(Cx.c+3))[2*K.c[(i)*8+5]])
166# define C6(K,i) (((u64*)(Cx.c+2))[2*K.c[(i)*8+6]])
167# define C7(K,i) (((u64*)(Cx.c+1))[2*K.c[(i)*8+7]])
168#endif
169
170static const
171union {
172 u8 c[(256*N+ROUNDS)*sizeof(u64)];
173 u64 q[(256*N+ROUNDS)];
174 } Cx = { {
175 /* Note endian-neutral representation:-) */
176 LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8),
177 LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26),
178 LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8),
179 LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb),
180 LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb),
181 LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11),
182 LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09),
183 LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d),
184 LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b),
185 LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff),
186 LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c),
187 LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e),
188 LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96),
189 LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30),
190 LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d),
191 LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8),
192 LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47),
193 LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35),
194 LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37),
195 LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a),
196 LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2),
197 LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c),
198 LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84),
199 LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80),
200 LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5),
201 LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3),
202 LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21),
203 LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c),
204 LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43),
205 LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29),
206 LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d),
207 LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5),
208 LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd),
209 LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8),
210 LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92),
211 LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e),
212 LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13),
213 LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23),
214 LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20),
215 LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44),
216 LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2),
217 LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf),
218 LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c),
219 LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a),
220 LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50),
221 LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9),
222 LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14),
223 LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9),
224 LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c),
225 LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f),
226 LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90),
227 LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07),
228 LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd),
229 LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3),
230 LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d),
231 LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78),
232 LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97),
233 LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02),
234 LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73),
235 LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7),
236 LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6),
237 LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2),
238 LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49),
239 LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56),
240 LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70),
241 LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd),
242 LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb),
243 LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71),
244 LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b),
245 LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf),
246 LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45),
247 LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a),
248 LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4),
249 LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58),
250 LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e),
251 LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f),
252 LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac),
253 LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0),
254 LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef),
255 LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6),
256 LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c),
257 LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12),
258 LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93),
259 LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde),
260 LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6),
261 LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1),
262 LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b),
263 LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f),
264 LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31),
265 LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8),
266 LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9),
267 LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc),
268 LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e),
269 LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b),
270 LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf),
271 LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59),
272 LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2),
273 LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77),
274 LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33),
275 LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4),
276 LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27),
277 LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb),
278 LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89),
279 LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32),
280 LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54),
281 LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d),
282 LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64),
283 LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d),
284 LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d),
285 LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f),
286 LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca),
287 LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7),
288 LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d),
289 LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce),
290 LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f),
291 LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f),
292 LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63),
293 LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a),
294 LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc),
295 LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82),
296 LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a),
297 LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48),
298 LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95),
299 LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf),
300 LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d),
301 LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0),
302 LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91),
303 LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8),
304 LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b),
305 LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00),
306 LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9),
307 LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e),
308 LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1),
309 LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6),
310 LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28),
311 LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3),
312 LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74),
313 LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe),
314 LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d),
315 LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea),
316 LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57),
317 LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38),
318 LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad),
319 LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4),
320 LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda),
321 LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7),
322 LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb),
323 LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9),
324 LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a),
325 LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03),
326 LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a),
327 LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e),
328 LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60),
329 LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc),
330 LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46),
331 LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f),
332 LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76),
333 LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa),
334 LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36),
335 LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae),
336 LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b),
337 LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85),
338 LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e),
339 LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7),
340 LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55),
341 LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a),
342 LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81),
343 LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52),
344 LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62),
345 LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3),
346 LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10),
347 LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab),
348 LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0),
349 LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5),
350 LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec),
351 LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16),
352 LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94),
353 LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f),
354 LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5),
355 LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98),
356 LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17),
357 LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4),
358 LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1),
359 LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e),
360 LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42),
361 LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34),
362 LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08),
363 LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee),
364 LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61),
365 LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1),
366 LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f),
367 LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24),
368 LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3),
369 LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25),
370 LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22),
371 LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65),
372 LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79),
373 LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69),
374 LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9),
375 LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19),
376 LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe),
377 LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a),
378 LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0),
379 LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99),
380 LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83),
381 LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04),
382 LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66),
383 LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0),
384 LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1),
385 LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd),
386 LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40),
387 LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c),
388 LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18),
389 LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b),
390 LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51),
391 LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05),
392 LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c),
393 LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39),
394 LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa),
395 LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b),
396 LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc),
397 LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e),
398 LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0),
399 LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88),
400 LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67),
401 LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a),
402 LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87),
403 LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1),
404 LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72),
405 LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53),
406 LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01),
407 LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b),
408 LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4),
409 LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3),
410 LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15),
411 LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c),
412 LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5),
413 LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5),
414 LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4),
415 LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba),
416 LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6),
417 LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7),
418 LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06),
419 LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41),
420 LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7),
421 LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f),
422 LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e),
423 LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6),
424 LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2),
425 LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68),
426 LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c),
427 LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed),
428 LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75),
429 LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86),
430 LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b),
431 LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2),
432#define RC (&(Cx.q[256*N]))
433 0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f, /* rc[ROUNDS] */
434 0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52,
435 0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35,
436 0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57,
437 0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda,
438 0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85,
439 0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67,
440 0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8,
441 0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e,
442 0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33
443 }
444};
445
446void whirlpool_block(WHIRLPOOL_CTX *ctx,const void *inp,size_t n)
447 {
448 int r;
449 const u8 *p=inp;
450 union { u64 q[8]; u8 c[64]; } S,K,*H=(void *)ctx->H.q;
451
452#ifdef GO_FOR_MMX
453 GO_FOR_MMX(ctx,inp,n);
454#endif
455 do {
456#ifdef OPENSSL_SMALL_FOOTPRINT
457 u64 L[8];
458 int i;
459
460 for (i=0;i<64;i++) S.c[i] = (K.c[i] = H->c[i]) ^ p[i];
461 for (r=0;r<ROUNDS;r++)
462 {
463 for (i=0;i<8;i++)
464 {
465 L[i] = i ? 0 : RC[r];
466 L[i] ^= C0(K,i) ^ C1(K,(i-1)&7) ^
467 C2(K,(i-2)&7) ^ C3(K,(i-3)&7) ^
468 C4(K,(i-4)&7) ^ C5(K,(i-5)&7) ^
469 C6(K,(i-6)&7) ^ C7(K,(i-7)&7);
470 }
471 memcpy (K.q,L,64);
472 for (i=0;i<8;i++)
473 {
474 L[i] ^= C0(S,i) ^ C1(S,(i-1)&7) ^
475 C2(S,(i-2)&7) ^ C3(S,(i-3)&7) ^
476 C4(S,(i-4)&7) ^ C5(S,(i-5)&7) ^
477 C6(S,(i-6)&7) ^ C7(S,(i-7)&7);
478 }
479 memcpy (S.q,L,64);
480 }
481 for (i=0;i<64;i++) H->c[i] ^= S.c[i] ^ p[i];
482#else
483 u64 L0,L1,L2,L3,L4,L5,L6,L7;
484
485#ifdef __STRICT_ALIGNMENT
486 if ((size_t)p & 7)
487 {
488 memcpy (S.c,p,64);
489 S.q[0] ^= (K.q[0] = H->q[0]);
490 S.q[1] ^= (K.q[1] = H->q[1]);
491 S.q[2] ^= (K.q[2] = H->q[2]);
492 S.q[3] ^= (K.q[3] = H->q[3]);
493 S.q[4] ^= (K.q[4] = H->q[4]);
494 S.q[5] ^= (K.q[5] = H->q[5]);
495 S.q[6] ^= (K.q[6] = H->q[6]);
496 S.q[7] ^= (K.q[7] = H->q[7]);
497 }
498 else
499#endif
500 {
501 const u64 *pa = (const u64*)p;
502 S.q[0] = (K.q[0] = H->q[0]) ^ pa[0];
503 S.q[1] = (K.q[1] = H->q[1]) ^ pa[1];
504 S.q[2] = (K.q[2] = H->q[2]) ^ pa[2];
505 S.q[3] = (K.q[3] = H->q[3]) ^ pa[3];
506 S.q[4] = (K.q[4] = H->q[4]) ^ pa[4];
507 S.q[5] = (K.q[5] = H->q[5]) ^ pa[5];
508 S.q[6] = (K.q[6] = H->q[6]) ^ pa[6];
509 S.q[7] = (K.q[7] = H->q[7]) ^ pa[7];
510 }
511
512 for(r=0;r<ROUNDS;r++)
513 {
514#ifdef SMALL_REGISTER_BANK
515 L0 = C0(K,0) ^ C1(K,7) ^ C2(K,6) ^ C3(K,5) ^
516 C4(K,4) ^ C5(K,3) ^ C6(K,2) ^ C7(K,1) ^ RC[r];
517 L1 = C0(K,1) ^ C1(K,0) ^ C2(K,7) ^ C3(K,6) ^
518 C4(K,5) ^ C5(K,4) ^ C6(K,3) ^ C7(K,2);
519 L2 = C0(K,2) ^ C1(K,1) ^ C2(K,0) ^ C3(K,7) ^
520 C4(K,6) ^ C5(K,5) ^ C6(K,4) ^ C7(K,3);
521 L3 = C0(K,3) ^ C1(K,2) ^ C2(K,1) ^ C3(K,0) ^
522 C4(K,7) ^ C5(K,6) ^ C6(K,5) ^ C7(K,4);
523 L4 = C0(K,4) ^ C1(K,3) ^ C2(K,2) ^ C3(K,1) ^
524 C4(K,0) ^ C5(K,7) ^ C6(K,6) ^ C7(K,5);
525 L5 = C0(K,5) ^ C1(K,4) ^ C2(K,3) ^ C3(K,2) ^
526 C4(K,1) ^ C5(K,0) ^ C6(K,7) ^ C7(K,6);
527 L6 = C0(K,6) ^ C1(K,5) ^ C2(K,4) ^ C3(K,3) ^
528 C4(K,2) ^ C5(K,1) ^ C6(K,0) ^ C7(K,7);
529 L7 = C0(K,7) ^ C1(K,6) ^ C2(K,5) ^ C3(K,4) ^
530 C4(K,3) ^ C5(K,2) ^ C6(K,1) ^ C7(K,0);
531
532 K.q[0] = L0; K.q[1] = L1; K.q[2] = L2; K.q[3] = L3;
533 K.q[4] = L4; K.q[5] = L5; K.q[6] = L6; K.q[7] = L7;
534
535 L0 ^= C0(S,0) ^ C1(S,7) ^ C2(S,6) ^ C3(S,5) ^
536 C4(S,4) ^ C5(S,3) ^ C6(S,2) ^ C7(S,1);
537 L1 ^= C0(S,1) ^ C1(S,0) ^ C2(S,7) ^ C3(S,6) ^
538 C4(S,5) ^ C5(S,4) ^ C6(S,3) ^ C7(S,2);
539 L2 ^= C0(S,2) ^ C1(S,1) ^ C2(S,0) ^ C3(S,7) ^
540 C4(S,6) ^ C5(S,5) ^ C6(S,4) ^ C7(S,3);
541 L3 ^= C0(S,3) ^ C1(S,2) ^ C2(S,1) ^ C3(S,0) ^
542 C4(S,7) ^ C5(S,6) ^ C6(S,5) ^ C7(S,4);
543 L4 ^= C0(S,4) ^ C1(S,3) ^ C2(S,2) ^ C3(S,1) ^
544 C4(S,0) ^ C5(S,7) ^ C6(S,6) ^ C7(S,5);
545 L5 ^= C0(S,5) ^ C1(S,4) ^ C2(S,3) ^ C3(S,2) ^
546 C4(S,1) ^ C5(S,0) ^ C6(S,7) ^ C7(S,6);
547 L6 ^= C0(S,6) ^ C1(S,5) ^ C2(S,4) ^ C3(S,3) ^
548 C4(S,2) ^ C5(S,1) ^ C6(S,0) ^ C7(S,7);
549 L7 ^= C0(S,7) ^ C1(S,6) ^ C2(S,5) ^ C3(S,4) ^
550 C4(S,3) ^ C5(S,2) ^ C6(S,1) ^ C7(S,0);
551
552 S.q[0] = L0; S.q[1] = L1; S.q[2] = L2; S.q[3] = L3;
553 S.q[4] = L4; S.q[5] = L5; S.q[6] = L6; S.q[7] = L7;
554#else
555 L0 = C0(K,0); L1 = C1(K,0); L2 = C2(K,0); L3 = C3(K,0);
556 L4 = C4(K,0); L5 = C5(K,0); L6 = C6(K,0); L7 = C7(K,0);
557 L0 ^= RC[r];
558
559 L1 ^= C0(K,1); L2 ^= C1(K,1); L3 ^= C2(K,1); L4 ^= C3(K,1);
560 L5 ^= C4(K,1); L6 ^= C5(K,1); L7 ^= C6(K,1); L0 ^= C7(K,1);
561
562 L2 ^= C0(K,2); L3 ^= C1(K,2); L4 ^= C2(K,2); L5 ^= C3(K,2);
563 L6 ^= C4(K,2); L7 ^= C5(K,2); L0 ^= C6(K,2); L1 ^= C7(K,2);
564
565 L3 ^= C0(K,3); L4 ^= C1(K,3); L5 ^= C2(K,3); L6 ^= C3(K,3);
566 L7 ^= C4(K,3); L0 ^= C5(K,3); L1 ^= C6(K,3); L2 ^= C7(K,3);
567
568 L4 ^= C0(K,4); L5 ^= C1(K,4); L6 ^= C2(K,4); L7 ^= C3(K,4);
569 L0 ^= C4(K,4); L1 ^= C5(K,4); L2 ^= C6(K,4); L3 ^= C7(K,4);
570
571 L5 ^= C0(K,5); L6 ^= C1(K,5); L7 ^= C2(K,5); L0 ^= C3(K,5);
572 L1 ^= C4(K,5); L2 ^= C5(K,5); L3 ^= C6(K,5); L4 ^= C7(K,5);
573
574 L6 ^= C0(K,6); L7 ^= C1(K,6); L0 ^= C2(K,6); L1 ^= C3(K,6);
575 L2 ^= C4(K,6); L3 ^= C5(K,6); L4 ^= C6(K,6); L5 ^= C7(K,6);
576
577 L7 ^= C0(K,7); L0 ^= C1(K,7); L1 ^= C2(K,7); L2 ^= C3(K,7);
578 L3 ^= C4(K,7); L4 ^= C5(K,7); L5 ^= C6(K,7); L6 ^= C7(K,7);
579
580 K.q[0] = L0; K.q[1] = L1; K.q[2] = L2; K.q[3] = L3;
581 K.q[4] = L4; K.q[5] = L5; K.q[6] = L6; K.q[7] = L7;
582
583 L0 ^= C0(S,0); L1 ^= C1(S,0); L2 ^= C2(S,0); L3 ^= C3(S,0);
584 L4 ^= C4(S,0); L5 ^= C5(S,0); L6 ^= C6(S,0); L7 ^= C7(S,0);
585
586 L1 ^= C0(S,1); L2 ^= C1(S,1); L3 ^= C2(S,1); L4 ^= C3(S,1);
587 L5 ^= C4(S,1); L6 ^= C5(S,1); L7 ^= C6(S,1); L0 ^= C7(S,1);
588
589 L2 ^= C0(S,2); L3 ^= C1(S,2); L4 ^= C2(S,2); L5 ^= C3(S,2);
590 L6 ^= C4(S,2); L7 ^= C5(S,2); L0 ^= C6(S,2); L1 ^= C7(S,2);
591
592 L3 ^= C0(S,3); L4 ^= C1(S,3); L5 ^= C2(S,3); L6 ^= C3(S,3);
593 L7 ^= C4(S,3); L0 ^= C5(S,3); L1 ^= C6(S,3); L2 ^= C7(S,3);
594
595 L4 ^= C0(S,4); L5 ^= C1(S,4); L6 ^= C2(S,4); L7 ^= C3(S,4);
596 L0 ^= C4(S,4); L1 ^= C5(S,4); L2 ^= C6(S,4); L3 ^= C7(S,4);
597
598 L5 ^= C0(S,5); L6 ^= C1(S,5); L7 ^= C2(S,5); L0 ^= C3(S,5);
599 L1 ^= C4(S,5); L2 ^= C5(S,5); L3 ^= C6(S,5); L4 ^= C7(S,5);
600
601 L6 ^= C0(S,6); L7 ^= C1(S,6); L0 ^= C2(S,6); L1 ^= C3(S,6);
602 L2 ^= C4(S,6); L3 ^= C5(S,6); L4 ^= C6(S,6); L5 ^= C7(S,6);
603
604 L7 ^= C0(S,7); L0 ^= C1(S,7); L1 ^= C2(S,7); L2 ^= C3(S,7);
605 L3 ^= C4(S,7); L4 ^= C5(S,7); L5 ^= C6(S,7); L6 ^= C7(S,7);
606
607 S.q[0] = L0; S.q[1] = L1; S.q[2] = L2; S.q[3] = L3;
608 S.q[4] = L4; S.q[5] = L5; S.q[6] = L6; S.q[7] = L7;
609#endif
610 }
611
612#ifdef __STRICT_ALIGNMENT
613 if ((size_t)p & 7)
614 {
615 int i;
616 for(i=0;i<64;i++) H->c[i] ^= S.c[i] ^ p[i];
617 }
618 else
619#endif
620 {
621 const u64 *pa=(const u64 *)p;
622 H->q[0] ^= S.q[0] ^ pa[0];
623 H->q[1] ^= S.q[1] ^ pa[1];
624 H->q[2] ^= S.q[2] ^ pa[2];
625 H->q[3] ^= S.q[3] ^ pa[3];
626 H->q[4] ^= S.q[4] ^ pa[4];
627 H->q[5] ^= S.q[5] ^ pa[5];
628 H->q[6] ^= S.q[6] ^ pa[6];
629 H->q[7] ^= S.q[7] ^ pa[7];
630 }
631#endif
632 p += 64;
633 } while(--n);
634 }
diff --git a/src/lib/libcrypto/whrlpool/wp_dgst.c b/src/lib/libcrypto/whrlpool/wp_dgst.c
deleted file mode 100644
index 663f2ef5de..0000000000
--- a/src/lib/libcrypto/whrlpool/wp_dgst.c
+++ /dev/null
@@ -1,266 +0,0 @@
1/* $OpenBSD: wp_dgst.c,v 1.4 2014/07/12 11:25:25 miod Exp $ */
2/**
3 * The Whirlpool hashing function.
4 *
5 * <P>
6 * <b>References</b>
7 *
8 * <P>
9 * The Whirlpool algorithm was developed by
10 * <a href="mailto:pbarreto@scopus.com.br">Paulo S. L. M. Barreto</a> and
11 * <a href="mailto:vincent.rijmen@cryptomathic.com">Vincent Rijmen</a>.
12 *
13 * See
14 * P.S.L.M. Barreto, V. Rijmen,
15 * ``The Whirlpool hashing function,''
16 * NESSIE submission, 2000 (tweaked version, 2001),
17 * <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
18 *
19 * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
20 * Vincent Rijmen. Lookup "reference implementations" on
21 * <http://planeta.terra.com.br/informatica/paulobarreto/>
22 *
23 * =============================================================================
24 *
25 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
26 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
27 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
29 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
32 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
33 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
34 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
35 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 *
37 */
38
39/*
40 * OpenSSL-specific implementation notes.
41 *
42 * WHIRLPOOL_Update as well as one-stroke WHIRLPOOL both expect
43 * number of *bytes* as input length argument. Bit-oriented routine
44 * as specified by authors is called WHIRLPOOL_BitUpdate[!] and
45 * does not have one-stroke counterpart.
46 *
47 * WHIRLPOOL_BitUpdate implements byte-oriented loop, essentially
48 * to serve WHIRLPOOL_Update. This is done for performance.
49 *
50 * Unlike authors' reference implementation, block processing
51 * routine whirlpool_block is designed to operate on multi-block
52 * input. This is done for performance.
53 */
54
55#include "wp_locl.h"
56#include <openssl/crypto.h>
57#include <string.h>
58
59int WHIRLPOOL_Init(WHIRLPOOL_CTX *c)
60 {
61 memset (c,0,sizeof(*c));
62 return(1);
63 }
64
65int WHIRLPOOL_Update (WHIRLPOOL_CTX *c,const void *_inp,size_t bytes)
66 {
67 /* Well, largest suitable chunk size actually is
68 * (1<<(sizeof(size_t)*8-3))-64, but below number
69 * is large enough for not to care about excessive
70 * calls to WHIRLPOOL_BitUpdate... */
71 size_t chunk = ((size_t)1)<<(sizeof(size_t)*8-4);
72 const unsigned char *inp = _inp;
73
74 while (bytes>=chunk)
75 {
76 WHIRLPOOL_BitUpdate(c,inp,chunk*8);
77 bytes -= chunk;
78 inp += chunk;
79 }
80 if (bytes)
81 WHIRLPOOL_BitUpdate(c,inp,bytes*8);
82
83 return(1);
84 }
85
86void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *_inp,size_t bits)
87 {
88 size_t n;
89 unsigned int bitoff = c->bitoff,
90 bitrem = bitoff%8,
91 inpgap = (8-(unsigned int)bits%8)&7;
92 const unsigned char *inp=_inp;
93
94 /* This 256-bit increment procedure relies on the size_t
95 * being natural size of CPU register, so that we don't
96 * have to mask the value in order to detect overflows. */
97 c->bitlen[0] += bits;
98 if (c->bitlen[0] < bits) /* overflow */
99 {
100 n = 1;
101 do { c->bitlen[n]++;
102 } while(c->bitlen[n]==0
103 && ++n<(WHIRLPOOL_COUNTER/sizeof(size_t)));
104 }
105
106#ifndef OPENSSL_SMALL_FOOTPRINT
107 reconsider:
108 if (inpgap==0 && bitrem==0) /* byte-oriented loop */
109 {
110 while (bits)
111 {
112 if (bitoff==0 && (n=bits/WHIRLPOOL_BBLOCK))
113 {
114 whirlpool_block(c,inp,n);
115 inp += n*WHIRLPOOL_BBLOCK/8;
116 bits %= WHIRLPOOL_BBLOCK;
117 }
118 else
119 {
120 unsigned int byteoff = bitoff/8;
121
122 bitrem = WHIRLPOOL_BBLOCK - bitoff;/* re-use bitrem */
123 if (bits >= bitrem)
124 {
125 bits -= bitrem;
126 bitrem /= 8;
127 memcpy(c->data+byteoff,inp,bitrem);
128 inp += bitrem;
129 whirlpool_block(c,c->data,1);
130 bitoff = 0;
131 }
132 else
133 {
134 memcpy(c->data+byteoff,inp,bits/8);
135 bitoff += (unsigned int)bits;
136 bits = 0;
137 }
138 c->bitoff = bitoff;
139 }
140 }
141 }
142 else /* bit-oriented loop */
143#endif
144 {
145 /*
146 inp
147 |
148 +-------+-------+-------
149 |||||||||||||||||||||
150 +-------+-------+-------
151 +-------+-------+-------+-------+-------
152 |||||||||||||| c->data
153 +-------+-------+-------+-------+-------
154 |
155 c->bitoff/8
156 */
157 while (bits)
158 {
159 unsigned int byteoff = bitoff/8;
160 unsigned char b;
161
162#ifndef OPENSSL_SMALL_FOOTPRINT
163 if (bitrem==inpgap)
164 {
165 c->data[byteoff++] |= inp[0] & (0xff>>inpgap);
166 inpgap = 8-inpgap;
167 bitoff += inpgap; bitrem = 0; /* bitoff%8 */
168 bits -= inpgap; inpgap = 0; /* bits%8 */
169 inp++;
170 if (bitoff==WHIRLPOOL_BBLOCK)
171 {
172 whirlpool_block(c,c->data,1);
173 bitoff = 0;
174 }
175 c->bitoff = bitoff;
176 goto reconsider;
177 }
178 else
179#endif
180 if (bits>=8)
181 {
182 b = ((inp[0]<<inpgap) | (inp[1]>>(8-inpgap)));
183 b &= 0xff;
184 if (bitrem) c->data[byteoff++] |= b>>bitrem;
185 else c->data[byteoff++] = b;
186 bitoff += 8;
187 bits -= 8;
188 inp++;
189 if (bitoff>=WHIRLPOOL_BBLOCK)
190 {
191 whirlpool_block(c,c->data,1);
192 byteoff = 0;
193 bitoff %= WHIRLPOOL_BBLOCK;
194 }
195 if (bitrem) c->data[byteoff] = b<<(8-bitrem);
196 }
197 else /* remaining less than 8 bits */
198 {
199 b = (inp[0]<<inpgap)&0xff;
200 if (bitrem) c->data[byteoff++] |= b>>bitrem;
201 else c->data[byteoff++] = b;
202 bitoff += (unsigned int)bits;
203 if (bitoff==WHIRLPOOL_BBLOCK)
204 {
205 whirlpool_block(c,c->data,1);
206 byteoff = 0;
207 bitoff %= WHIRLPOOL_BBLOCK;
208 }
209 if (bitrem) c->data[byteoff] = b<<(8-bitrem);
210 bits = 0;
211 }
212 c->bitoff = bitoff;
213 }
214 }
215 }
216
217int WHIRLPOOL_Final (unsigned char *md,WHIRLPOOL_CTX *c)
218 {
219 unsigned int bitoff = c->bitoff,
220 byteoff = bitoff/8;
221 size_t i,j,v;
222 unsigned char *p;
223
224 bitoff %= 8;
225 if (bitoff) c->data[byteoff] |= 0x80>>bitoff;
226 else c->data[byteoff] = 0x80;
227 byteoff++;
228
229 /* pad with zeros */
230 if (byteoff > (WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER))
231 {
232 if (byteoff<WHIRLPOOL_BBLOCK/8)
233 memset(&c->data[byteoff],0,WHIRLPOOL_BBLOCK/8-byteoff);
234 whirlpool_block(c,c->data,1);
235 byteoff = 0;
236 }
237 if (byteoff < (WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER))
238 memset(&c->data[byteoff],0,
239 (WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER)-byteoff);
240 /* smash 256-bit c->bitlen in big-endian order */
241 p = &c->data[WHIRLPOOL_BBLOCK/8-1]; /* last byte in c->data */
242 for(i=0;i<WHIRLPOOL_COUNTER/sizeof(size_t);i++)
243 for(v=c->bitlen[i],j=0;j<sizeof(size_t);j++,v>>=8)
244 *p-- = (unsigned char)(v&0xff);
245
246 whirlpool_block(c,c->data,1);
247
248 if (md) {
249 memcpy(md,c->H.c,WHIRLPOOL_DIGEST_LENGTH);
250 memset(c,0,sizeof(*c));
251 return(1);
252 }
253 return(0);
254 }
255
256unsigned char *WHIRLPOOL(const void *inp, size_t bytes,unsigned char *md)
257 {
258 WHIRLPOOL_CTX ctx;
259 static unsigned char m[WHIRLPOOL_DIGEST_LENGTH];
260
261 if (md == NULL) md=m;
262 WHIRLPOOL_Init(&ctx);
263 WHIRLPOOL_Update(&ctx,inp,bytes);
264 WHIRLPOOL_Final(md,&ctx);
265 return(md);
266 }
diff --git a/src/lib/libcrypto/whrlpool/wp_locl.h b/src/lib/libcrypto/whrlpool/wp_locl.h
deleted file mode 100644
index 7724b57acc..0000000000
--- a/src/lib/libcrypto/whrlpool/wp_locl.h
+++ /dev/null
@@ -1,5 +0,0 @@
1/* $OpenBSD: wp_locl.h,v 1.2 2014/06/12 15:49:31 deraadt Exp $ */
2
3#include <openssl/whrlpool.h>
4
5void whirlpool_block(WHIRLPOOL_CTX *,const void *,size_t);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-08 17:18:42 +0000