digest-kangarootwelve 0.0.2 → 0.3.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (307) hide show
  1. checksums.yaml +5 -5
  2. data/README.md +71 -37
  3. data/Rakefile +7 -9
  4. data/digest-kangarootwelve.gemspec +323 -14
  5. data/ext/digest/kangarootwelve/ext.c +228 -177
  6. data/ext/digest/kangarootwelve/extconf.rb +15 -1
  7. data/ext/digest/kangarootwelve/keccak/armv6m/KangarooTwelve.link.c +1 -0
  8. data/ext/digest/kangarootwelve/keccak/armv6m/KeccakDuplexWidth1600.link.c +1 -0
  9. data/ext/digest/kangarootwelve/keccak/armv6m/KeccakP-1600-SnP.h +36 -0
  10. data/ext/digest/kangarootwelve/{KeccakP-1600-times2-SnP.h → keccak/armv6m/KeccakP-1600-times2-SnP.h} +10 -10
  11. data/ext/digest/kangarootwelve/{KeccakP-1600-times2-on1.c → keccak/armv6m/KeccakP-1600-times2-on1.c} +13 -7
  12. data/ext/digest/kangarootwelve/{KeccakP-1600-times4-SnP.h → keccak/armv6m/KeccakP-1600-times4-SnP.h} +10 -10
  13. data/ext/digest/kangarootwelve/{KeccakP-1600-times4-on1.c → keccak/armv6m/KeccakP-1600-times4-on1.c} +13 -7
  14. data/ext/digest/kangarootwelve/{KeccakP-1600-times8-SnP.h → keccak/armv6m/KeccakP-1600-times8-SnP.h} +10 -10
  15. data/ext/digest/kangarootwelve/{KeccakP-1600-times8-on1.c → keccak/armv6m/KeccakP-1600-times8-on1.c} +13 -7
  16. data/ext/digest/kangarootwelve/keccak/armv6m/KeccakP-1600-u2-32bi-armv6m-le-gcc.s +1334 -0
  17. data/ext/digest/kangarootwelve/keccak/armv6m/KeccakSpongeWidth1600.link.c +1 -0
  18. data/ext/digest/kangarootwelve/{PlSnP-Fallback.inc → keccak/armv6m/PlSnP-Fallback.inc} +11 -7
  19. data/ext/digest/kangarootwelve/keccak/armv6m/ext.link.c +1 -0
  20. data/ext/digest/kangarootwelve/keccak/armv7a/KangarooTwelve.link.c +1 -0
  21. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakDuplexWidth1600.link.c +1 -0
  22. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-SnP.h +37 -0
  23. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-armv7a-le-neon-gcc.s +826 -0
  24. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-inplace-pl2-armv7a-neon-le-gcc.s +1245 -0
  25. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-times2-SnP.h +38 -0
  26. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-times4-SnP.h +45 -0
  27. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-times4-on2.c +38 -0
  28. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-times8-SnP.h +45 -0
  29. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-times8-on2.c +38 -0
  30. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakSpongeWidth1600.link.c +1 -0
  31. data/ext/digest/kangarootwelve/keccak/armv7a/PlSnP-Fallback.inc +287 -0
  32. data/ext/digest/kangarootwelve/keccak/armv7a/ext.link.c +1 -0
  33. data/ext/digest/kangarootwelve/keccak/armv7m/KangarooTwelve.link.c +1 -0
  34. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakDuplexWidth1600.link.c +1 -0
  35. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-SnP.h +36 -0
  36. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-inplace-32bi-armv7m-le-gcc.s +1170 -0
  37. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-times2-SnP.h +45 -0
  38. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-times2-on1.c +37 -0
  39. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-times4-SnP.h +45 -0
  40. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-times4-on1.c +37 -0
  41. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-times8-SnP.h +45 -0
  42. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-times8-on1.c +37 -0
  43. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakSpongeWidth1600.link.c +1 -0
  44. data/ext/digest/kangarootwelve/keccak/armv7m/PlSnP-Fallback.inc +287 -0
  45. data/ext/digest/kangarootwelve/keccak/armv7m/ext.link.c +1 -0
  46. data/ext/digest/kangarootwelve/keccak/armv8a/KangarooTwelve.link.c +1 -0
  47. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakDuplexWidth1600.link.c +1 -0
  48. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-SnP.h +28 -0
  49. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-armv8a-neon.s +537 -0
  50. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-times2-SnP.h +45 -0
  51. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-times2-on1.c +37 -0
  52. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-times4-SnP.h +45 -0
  53. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-times4-on1.c +37 -0
  54. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-times8-SnP.h +45 -0
  55. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-times8-on1.c +37 -0
  56. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakSpongeWidth1600.link.c +1 -0
  57. data/ext/digest/kangarootwelve/keccak/armv8a/PlSnP-Fallback.inc +287 -0
  58. data/ext/digest/kangarootwelve/keccak/armv8a/ext.link.c +1 -0
  59. data/ext/digest/kangarootwelve/keccak/asmx86-64/KangarooTwelve.link.c +1 -0
  60. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakDuplexWidth1600.link.c +1 -0
  61. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-SnP.h +37 -0
  62. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-times2-SnP.h +45 -0
  63. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-times2-on1.c +37 -0
  64. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-times4-SnP.h +45 -0
  65. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-times4-on1.c +37 -0
  66. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-times8-SnP.h +45 -0
  67. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-times8-on1.c +37 -0
  68. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-x86-64-gas.s +1190 -0
  69. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakSpongeWidth1600.link.c +1 -0
  70. data/ext/digest/kangarootwelve/keccak/asmx86-64/PlSnP-Fallback.inc +287 -0
  71. data/ext/digest/kangarootwelve/keccak/asmx86-64/ext.link.c +1 -0
  72. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KangarooTwelve.link.c +1 -0
  73. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakDuplexWidth1600.link.c +1 -0
  74. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-SnP.h +37 -0
  75. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-times2-SnP.h +45 -0
  76. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-times2-on1.c +37 -0
  77. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-times4-SnP.h +45 -0
  78. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-times4-on1.c +37 -0
  79. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-times8-SnP.h +45 -0
  80. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-times8-on1.c +37 -0
  81. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-x86-64-shld-gas.s +1190 -0
  82. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakSpongeWidth1600.link.c +1 -0
  83. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/PlSnP-Fallback.inc +287 -0
  84. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/ext.link.c +1 -0
  85. data/ext/digest/kangarootwelve/keccak/avr8/KangarooTwelve.link.c +1 -0
  86. data/ext/digest/kangarootwelve/keccak/avr8/KeccakDuplexWidth1600.link.c +1 -0
  87. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-SnP.h +37 -0
  88. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-avr8-fast.s +1116 -0
  89. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-times2-SnP.h +45 -0
  90. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-times2-on1.c +37 -0
  91. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-times4-SnP.h +45 -0
  92. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-times4-on1.c +37 -0
  93. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-times8-SnP.h +45 -0
  94. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-times8-on1.c +37 -0
  95. data/ext/digest/kangarootwelve/keccak/avr8/KeccakSpongeWidth1600.link.c +1 -0
  96. data/ext/digest/kangarootwelve/keccak/avr8/PlSnP-Fallback.inc +287 -0
  97. data/ext/digest/kangarootwelve/keccak/avr8/ext.link.c +1 -0
  98. data/ext/digest/kangarootwelve/keccak/bulldozer/KangarooTwelve.link.c +1 -0
  99. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakDuplexWidth1600.link.c +1 -0
  100. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-SnP.h +39 -0
  101. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-XOP-config.h +6 -0
  102. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-XOP.c +473 -0
  103. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-times2-SIMD128.c +954 -0
  104. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-times2-SnP.h +47 -0
  105. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-times4-SnP.h +45 -0
  106. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-times4-on2.c +38 -0
  107. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-times8-SnP.h +45 -0
  108. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-times8-on2.c +38 -0
  109. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-unrolling.macros +302 -0
  110. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakSpongeWidth1600.link.c +1 -0
  111. data/ext/digest/kangarootwelve/keccak/bulldozer/PlSnP-Fallback.inc +287 -0
  112. data/ext/digest/kangarootwelve/keccak/bulldozer/SIMD128-config.h +9 -0
  113. data/ext/digest/kangarootwelve/{SnP-Relaned.h → keccak/bulldozer/SnP-Relaned.h} +13 -7
  114. data/ext/digest/kangarootwelve/keccak/bulldozer/ext.link.c +1 -0
  115. data/ext/digest/kangarootwelve/{KangarooTwelve.c → keccak/common/KangarooTwelve.c} +6 -10
  116. data/ext/digest/kangarootwelve/{KangarooTwelve.h → keccak/common/KangarooTwelve.h} +3 -7
  117. data/ext/digest/kangarootwelve/keccak/common/KeccakDuplex-common.h +37 -0
  118. data/ext/digest/kangarootwelve/keccak/common/KeccakDuplex.inc +192 -0
  119. data/ext/digest/kangarootwelve/keccak/common/KeccakDuplexWidth1600.c +34 -0
  120. data/ext/digest/kangarootwelve/keccak/common/KeccakDuplexWidth1600.h +25 -0
  121. data/ext/digest/kangarootwelve/{KeccakSponge-common.h → keccak/common/KeccakSponge-common.h} +5 -7
  122. data/ext/digest/kangarootwelve/{KeccakSponge.inc → keccak/common/KeccakSponge.inc} +6 -8
  123. data/ext/digest/kangarootwelve/{KeccakSpongeWidth1600.c → keccak/common/KeccakSpongeWidth1600.c} +6 -8
  124. data/ext/digest/kangarootwelve/{KeccakSpongeWidth1600.h → keccak/common/KeccakSpongeWidth1600.h} +5 -7
  125. data/ext/digest/kangarootwelve/{Phases.h → keccak/common/Phases.h} +3 -7
  126. data/ext/digest/kangarootwelve/{align.h → keccak/common/align.h} +5 -7
  127. data/ext/digest/kangarootwelve/{brg_endian.h → keccak/common/brg_endian.h} +0 -0
  128. data/ext/digest/kangarootwelve/keccak/compact/KangarooTwelve.link.c +1 -0
  129. data/ext/digest/kangarootwelve/keccak/compact/KeccakDuplexWidth1600.link.c +1 -0
  130. data/ext/digest/kangarootwelve/{KeccakP-1600-SnP.h → keccak/compact/KeccakP-1600-SnP.h} +7 -10
  131. data/ext/digest/kangarootwelve/{KeccakP-1600-compact64.c → keccak/compact/KeccakP-1600-compact64.c} +11 -7
  132. data/ext/digest/kangarootwelve/keccak/compact/KeccakP-1600-times2-SnP.h +45 -0
  133. data/ext/digest/kangarootwelve/keccak/compact/KeccakP-1600-times2-on1.c +37 -0
  134. data/ext/digest/kangarootwelve/keccak/compact/KeccakP-1600-times4-SnP.h +45 -0
  135. data/ext/digest/kangarootwelve/keccak/compact/KeccakP-1600-times4-on1.c +37 -0
  136. data/ext/digest/kangarootwelve/keccak/compact/KeccakP-1600-times8-SnP.h +45 -0
  137. data/ext/digest/kangarootwelve/keccak/compact/KeccakP-1600-times8-on1.c +37 -0
  138. data/ext/digest/kangarootwelve/keccak/compact/KeccakSpongeWidth1600.link.c +1 -0
  139. data/ext/digest/kangarootwelve/keccak/compact/PlSnP-Fallback.inc +287 -0
  140. data/ext/digest/kangarootwelve/keccak/compact/SnP-Relaned.h +140 -0
  141. data/ext/digest/kangarootwelve/keccak/compact/ext.link.c +1 -0
  142. data/ext/digest/kangarootwelve/keccak/generic32/KangarooTwelve.link.c +1 -0
  143. data/ext/digest/kangarootwelve/keccak/generic32/KeccakDuplexWidth1600.link.c +1 -0
  144. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-SnP.h +38 -0
  145. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-inplace32BI.c +1162 -0
  146. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-times2-SnP.h +45 -0
  147. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-times2-on1.c +37 -0
  148. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-times4-SnP.h +45 -0
  149. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-times4-on1.c +37 -0
  150. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-times8-SnP.h +45 -0
  151. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-times8-on1.c +37 -0
  152. data/ext/digest/kangarootwelve/keccak/generic32/KeccakSpongeWidth1600.link.c +1 -0
  153. data/ext/digest/kangarootwelve/keccak/generic32/PlSnP-Fallback.inc +287 -0
  154. data/ext/digest/kangarootwelve/keccak/generic32/SnP-Relaned.h +140 -0
  155. data/ext/digest/kangarootwelve/keccak/generic32/ext.link.c +1 -0
  156. data/ext/digest/kangarootwelve/keccak/generic32lc/KangarooTwelve.link.c +1 -0
  157. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakDuplexWidth1600.link.c +1 -0
  158. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-SnP.h +38 -0
  159. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-inplace32BI.c +1162 -0
  160. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-times2-SnP.h +45 -0
  161. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-times2-on1.c +37 -0
  162. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-times4-SnP.h +45 -0
  163. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-times4-on1.c +37 -0
  164. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-times8-SnP.h +45 -0
  165. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-times8-on1.c +37 -0
  166. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakSpongeWidth1600.link.c +1 -0
  167. data/ext/digest/kangarootwelve/keccak/generic32lc/PlSnP-Fallback.inc +287 -0
  168. data/ext/digest/kangarootwelve/keccak/generic32lc/SnP-Relaned.h +140 -0
  169. data/ext/digest/kangarootwelve/keccak/generic32lc/ext.link.c +1 -0
  170. data/ext/digest/kangarootwelve/keccak/generic64/KangarooTwelve.link.c +1 -0
  171. data/ext/digest/kangarootwelve/keccak/generic64/KeccakDuplexWidth1600.link.c +1 -0
  172. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-64.macros +2195 -0
  173. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-SnP.h +49 -0
  174. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-opt64-config.h +6 -0
  175. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-opt64.c +541 -0
  176. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-times2-SnP.h +45 -0
  177. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-times2-on1.c +37 -0
  178. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-times4-SnP.h +45 -0
  179. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-times4-on1.c +37 -0
  180. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-times8-SnP.h +45 -0
  181. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-times8-on1.c +37 -0
  182. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-unrolling.macros +302 -0
  183. data/ext/digest/kangarootwelve/keccak/generic64/KeccakSpongeWidth1600.link.c +1 -0
  184. data/ext/digest/kangarootwelve/keccak/generic64/PlSnP-Fallback.inc +287 -0
  185. data/ext/digest/kangarootwelve/keccak/generic64/SnP-Relaned.h +140 -0
  186. data/ext/digest/kangarootwelve/keccak/generic64/ext.link.c +1 -0
  187. data/ext/digest/kangarootwelve/keccak/generic64lc/KangarooTwelve.link.c +1 -0
  188. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakDuplexWidth1600.link.c +1 -0
  189. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-64.macros +2195 -0
  190. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-SnP.h +49 -0
  191. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-opt64-config.h +7 -0
  192. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-opt64.c +541 -0
  193. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-times2-SnP.h +45 -0
  194. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-times2-on1.c +37 -0
  195. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-times4-SnP.h +45 -0
  196. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-times4-on1.c +37 -0
  197. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-times8-SnP.h +45 -0
  198. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-times8-on1.c +37 -0
  199. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-unrolling.macros +302 -0
  200. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakSpongeWidth1600.link.c +1 -0
  201. data/ext/digest/kangarootwelve/keccak/generic64lc/PlSnP-Fallback.inc +287 -0
  202. data/ext/digest/kangarootwelve/keccak/generic64lc/SnP-Relaned.h +140 -0
  203. data/ext/digest/kangarootwelve/keccak/generic64lc/ext.link.c +1 -0
  204. data/ext/digest/kangarootwelve/keccak/haswell/KangarooTwelve.link.c +1 -0
  205. data/ext/digest/kangarootwelve/keccak/haswell/KeccakDuplexWidth1600.link.c +1 -0
  206. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-AVX2.s +993 -0
  207. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-SnP.h +41 -0
  208. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-times2-SIMD128.c +954 -0
  209. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-times2-SnP.h +47 -0
  210. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-times4-SIMD256.c +1303 -0
  211. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-times4-SnP.h +53 -0
  212. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-times8-SnP.h +45 -0
  213. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-times8-on4.c +38 -0
  214. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-unrolling.macros +302 -0
  215. data/ext/digest/kangarootwelve/keccak/haswell/KeccakSpongeWidth1600.link.c +1 -0
  216. data/ext/digest/kangarootwelve/keccak/haswell/PlSnP-Fallback.inc +287 -0
  217. data/ext/digest/kangarootwelve/keccak/haswell/SIMD128-config.h +8 -0
  218. data/ext/digest/kangarootwelve/keccak/haswell/SIMD256-config.h +7 -0
  219. data/ext/digest/kangarootwelve/keccak/haswell/ext.link.c +1 -0
  220. data/ext/digest/kangarootwelve/keccak/nehalem/KangarooTwelve.link.c +1 -0
  221. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakDuplexWidth1600.link.c +1 -0
  222. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-64.macros +2195 -0
  223. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-SnP.h +49 -0
  224. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-opt64-config.h +7 -0
  225. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-opt64.c +541 -0
  226. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-times2-SIMD128.c +954 -0
  227. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-times2-SnP.h +47 -0
  228. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-times4-SnP.h +45 -0
  229. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-times4-on2.c +38 -0
  230. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-times8-SnP.h +45 -0
  231. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-times8-on2.c +38 -0
  232. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-unrolling.macros +302 -0
  233. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakSpongeWidth1600.link.c +1 -0
  234. data/ext/digest/kangarootwelve/keccak/nehalem/PlSnP-Fallback.inc +287 -0
  235. data/ext/digest/kangarootwelve/keccak/nehalem/SIMD128-config.h +8 -0
  236. data/ext/digest/kangarootwelve/keccak/nehalem/SnP-Relaned.h +140 -0
  237. data/ext/digest/kangarootwelve/keccak/nehalem/ext.link.c +1 -0
  238. data/ext/digest/kangarootwelve/keccak/reference/KangarooTwelve.link.c +1 -0
  239. data/ext/digest/kangarootwelve/keccak/reference/KeccakDuplexWidth1600.link.c +1 -0
  240. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-SnP.h +41 -0
  241. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-reference.c +424 -0
  242. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-reference.h +20 -0
  243. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-times2-SnP.h +45 -0
  244. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-times2-on1.c +37 -0
  245. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-times4-SnP.h +45 -0
  246. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-times4-on1.c +37 -0
  247. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-times8-SnP.h +45 -0
  248. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-times8-on1.c +37 -0
  249. data/ext/digest/kangarootwelve/keccak/reference/KeccakSpongeWidth1600.link.c +1 -0
  250. data/ext/digest/kangarootwelve/keccak/reference/PlSnP-Fallback.inc +287 -0
  251. data/ext/digest/kangarootwelve/keccak/reference/displayIntermediateValues.c +176 -0
  252. data/ext/digest/kangarootwelve/keccak/reference/displayIntermediateValues.h +29 -0
  253. data/ext/digest/kangarootwelve/keccak/reference/ext.link.c +1 -0
  254. data/ext/digest/kangarootwelve/keccak/reference32bits/KangarooTwelve.link.c +1 -0
  255. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakDuplexWidth1600.link.c +1 -0
  256. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-SnP.h +41 -0
  257. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-reference.h +20 -0
  258. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-reference32BI.c +612 -0
  259. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-times2-SnP.h +45 -0
  260. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-times2-on1.c +37 -0
  261. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-times4-SnP.h +45 -0
  262. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-times4-on1.c +37 -0
  263. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-times8-SnP.h +45 -0
  264. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-times8-on1.c +37 -0
  265. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakSpongeWidth1600.link.c +1 -0
  266. data/ext/digest/kangarootwelve/keccak/reference32bits/PlSnP-Fallback.inc +287 -0
  267. data/ext/digest/kangarootwelve/keccak/reference32bits/displayIntermediateValues.c +176 -0
  268. data/ext/digest/kangarootwelve/keccak/reference32bits/displayIntermediateValues.h +29 -0
  269. data/ext/digest/kangarootwelve/keccak/reference32bits/ext.link.c +1 -0
  270. data/ext/digest/kangarootwelve/keccak/sandybridge/KangarooTwelve.link.c +1 -0
  271. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakDuplexWidth1600.link.c +1 -0
  272. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-64.macros +2195 -0
  273. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-SnP.h +49 -0
  274. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-opt64-config.h +8 -0
  275. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-opt64.c +541 -0
  276. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-times2-SIMD128.c +954 -0
  277. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-times2-SnP.h +47 -0
  278. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-times4-SnP.h +45 -0
  279. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-times4-on2.c +38 -0
  280. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-times8-SnP.h +45 -0
  281. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-times8-on2.c +38 -0
  282. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-unrolling.macros +302 -0
  283. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakSpongeWidth1600.link.c +1 -0
  284. data/ext/digest/kangarootwelve/keccak/sandybridge/PlSnP-Fallback.inc +287 -0
  285. data/ext/digest/kangarootwelve/keccak/sandybridge/SIMD128-config.h +8 -0
  286. data/ext/digest/kangarootwelve/keccak/sandybridge/SnP-Relaned.h +140 -0
  287. data/ext/digest/kangarootwelve/keccak/sandybridge/ext.link.c +1 -0
  288. data/ext/digest/kangarootwelve/keccak/skylakex/KangarooTwelve.link.c +1 -0
  289. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakDuplexWidth1600.link.c +1 -0
  290. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-AVX512-config.h +6 -0
  291. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-AVX512.c +621 -0
  292. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-SnP.h +42 -0
  293. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-times2-SIMD512.c +852 -0
  294. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-times2-SnP.h +49 -0
  295. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-times4-SIMD512.c +883 -0
  296. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-times4-SnP.h +49 -0
  297. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-times8-SIMD512.c +1473 -0
  298. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-times8-SnP.h +53 -0
  299. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakSpongeWidth1600.link.c +1 -0
  300. data/ext/digest/kangarootwelve/keccak/skylakex/SIMD512-2-config.h +7 -0
  301. data/ext/digest/kangarootwelve/keccak/skylakex/SIMD512-4-config.h +7 -0
  302. data/ext/digest/kangarootwelve/keccak/skylakex/SIMD512-config.h +7 -0
  303. data/ext/digest/kangarootwelve/keccak/skylakex/ext.link.c +1 -0
  304. data/ext/digest/kangarootwelve/utils.h +101 -0
  305. data/lib/digest/kangarootwelve/version.rb +2 -2
  306. data/test/test.rb +68 -31
  307. metadata +305 -27
@@ -0,0 +1 @@
1
+ #include "../../ext.c"
@@ -0,0 +1 @@
1
+ #include "../common/KangarooTwelve.c"
@@ -0,0 +1 @@
1
+ #include "../common/KeccakDuplexWidth1600.c"
@@ -0,0 +1,38 @@
1
+ /*
2
+ Implementation by Ronny Van Keer, hereby denoted as "the implementer".
3
+
4
+ For more information, feedback or questions, please refer to our website:
5
+ https://keccak.team/
6
+
7
+ To the extent possible under law, the implementer has waived all copyright
8
+ and related or neighboring rights to the source code in this file.
9
+ http://creativecommons.org/publicdomain/zero/1.0/
10
+
11
+ ---
12
+
13
+ Please refer to SnP-documentation.h for more details.
14
+ */
15
+
16
+ #ifndef _KeccakP_1600_SnP_h_
17
+ #define _KeccakP_1600_SnP_h_
18
+
19
+ /** For the documentation, see SnP-documentation.h.
20
+ */
21
+
22
+ #define KeccakP1600_implementation "in-place 32-bit optimized implementation"
23
+ #define KeccakP1600_stateSizeInBytes 200
24
+ #define KeccakP1600_stateAlignment 8
25
+
26
+ #define KeccakP1600_StaticInitialize()
27
+ void KeccakP1600_Initialize(void *state);
28
+ void KeccakP1600_AddByte(void *state, unsigned char data, unsigned int offset);
29
+ void KeccakP1600_AddBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length);
30
+ void KeccakP1600_OverwriteBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length);
31
+ void KeccakP1600_OverwriteWithZeroes(void *state, unsigned int byteCount);
32
+ void KeccakP1600_Permute_Nrounds(void *state, unsigned int nrounds);
33
+ void KeccakP1600_Permute_12rounds(void *state);
34
+ void KeccakP1600_Permute_24rounds(void *state);
35
+ void KeccakP1600_ExtractBytes(const void *state, unsigned char *data, unsigned int offset, unsigned int length);
36
+ void KeccakP1600_ExtractAndAddBytes(const void *state, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length);
37
+
38
+ #endif
@@ -0,0 +1,1162 @@
1
+ /*
2
+ Implementation by Ronny Van Keer, hereby denoted as "the implementer".
3
+
4
+ For more information, feedback or questions, please refer to our website:
5
+ https://keccak.team/
6
+
7
+ To the extent possible under law, the implementer has waived all copyright
8
+ and related or neighboring rights to the source code in this file.
9
+ http://creativecommons.org/publicdomain/zero/1.0/
10
+
11
+ ---
12
+
13
+ This file implements Keccak-p[1600] in a SnP-compatible way.
14
+ Please refer to SnP-documentation.h for more details.
15
+
16
+ This implementation comes with KeccakP-1600-SnP.h in the same folder.
17
+ Please refer to LowLevel.build for the exact list of other files it must be combined with.
18
+ */
19
+
20
+ #include <string.h>
21
+ #include "brg_endian.h"
22
+ #include "KeccakP-1600-SnP.h"
23
+ #include "SnP-Relaned.h"
24
+
25
+ typedef unsigned char UINT8;
26
+ typedef unsigned int UINT32;
27
+ /* WARNING: on 8-bit and 16-bit platforms, this should be replaced by: */
28
+ /* typedef unsigned long UINT32; */
29
+
30
+ #define ROL32(a, offset) ((((UINT32)a) << (offset)) ^ (((UINT32)a) >> (32-(offset))))
31
+
32
+ /* Credit to Henry S. Warren, Hacker's Delight, Addison-Wesley, 2002 */
33
+ #define prepareToBitInterleaving(low, high, temp, temp0, temp1) \
34
+ temp0 = (low); \
35
+ temp = (temp0 ^ (temp0 >> 1)) & 0x22222222UL; temp0 = temp0 ^ temp ^ (temp << 1); \
36
+ temp = (temp0 ^ (temp0 >> 2)) & 0x0C0C0C0CUL; temp0 = temp0 ^ temp ^ (temp << 2); \
37
+ temp = (temp0 ^ (temp0 >> 4)) & 0x00F000F0UL; temp0 = temp0 ^ temp ^ (temp << 4); \
38
+ temp = (temp0 ^ (temp0 >> 8)) & 0x0000FF00UL; temp0 = temp0 ^ temp ^ (temp << 8); \
39
+ temp1 = (high); \
40
+ temp = (temp1 ^ (temp1 >> 1)) & 0x22222222UL; temp1 = temp1 ^ temp ^ (temp << 1); \
41
+ temp = (temp1 ^ (temp1 >> 2)) & 0x0C0C0C0CUL; temp1 = temp1 ^ temp ^ (temp << 2); \
42
+ temp = (temp1 ^ (temp1 >> 4)) & 0x00F000F0UL; temp1 = temp1 ^ temp ^ (temp << 4); \
43
+ temp = (temp1 ^ (temp1 >> 8)) & 0x0000FF00UL; temp1 = temp1 ^ temp ^ (temp << 8);
44
+
45
+ #define toBitInterleavingAndXOR(low, high, even, odd, temp, temp0, temp1) \
46
+ prepareToBitInterleaving(low, high, temp, temp0, temp1) \
47
+ even ^= (temp0 & 0x0000FFFF) | (temp1 << 16); \
48
+ odd ^= (temp0 >> 16) | (temp1 & 0xFFFF0000);
49
+
50
+ #define toBitInterleavingAndAND(low, high, even, odd, temp, temp0, temp1) \
51
+ prepareToBitInterleaving(low, high, temp, temp0, temp1) \
52
+ even &= (temp0 & 0x0000FFFF) | (temp1 << 16); \
53
+ odd &= (temp0 >> 16) | (temp1 & 0xFFFF0000);
54
+
55
+ #define toBitInterleavingAndSet(low, high, even, odd, temp, temp0, temp1) \
56
+ prepareToBitInterleaving(low, high, temp, temp0, temp1) \
57
+ even = (temp0 & 0x0000FFFF) | (temp1 << 16); \
58
+ odd = (temp0 >> 16) | (temp1 & 0xFFFF0000);
59
+
60
+ /* Credit to Henry S. Warren, Hacker's Delight, Addison-Wesley, 2002 */
61
+ #define prepareFromBitInterleaving(even, odd, temp, temp0, temp1) \
62
+ temp0 = (even); \
63
+ temp1 = (odd); \
64
+ temp = (temp0 & 0x0000FFFF) | (temp1 << 16); \
65
+ temp1 = (temp0 >> 16) | (temp1 & 0xFFFF0000); \
66
+ temp0 = temp; \
67
+ temp = (temp0 ^ (temp0 >> 8)) & 0x0000FF00UL; temp0 = temp0 ^ temp ^ (temp << 8); \
68
+ temp = (temp0 ^ (temp0 >> 4)) & 0x00F000F0UL; temp0 = temp0 ^ temp ^ (temp << 4); \
69
+ temp = (temp0 ^ (temp0 >> 2)) & 0x0C0C0C0CUL; temp0 = temp0 ^ temp ^ (temp << 2); \
70
+ temp = (temp0 ^ (temp0 >> 1)) & 0x22222222UL; temp0 = temp0 ^ temp ^ (temp << 1); \
71
+ temp = (temp1 ^ (temp1 >> 8)) & 0x0000FF00UL; temp1 = temp1 ^ temp ^ (temp << 8); \
72
+ temp = (temp1 ^ (temp1 >> 4)) & 0x00F000F0UL; temp1 = temp1 ^ temp ^ (temp << 4); \
73
+ temp = (temp1 ^ (temp1 >> 2)) & 0x0C0C0C0CUL; temp1 = temp1 ^ temp ^ (temp << 2); \
74
+ temp = (temp1 ^ (temp1 >> 1)) & 0x22222222UL; temp1 = temp1 ^ temp ^ (temp << 1);
75
+
76
+ #define fromBitInterleaving(even, odd, low, high, temp, temp0, temp1) \
77
+ prepareFromBitInterleaving(even, odd, temp, temp0, temp1) \
78
+ low = temp0; \
79
+ high = temp1;
80
+
81
+ #define fromBitInterleavingAndXOR(even, odd, lowIn, highIn, lowOut, highOut, temp, temp0, temp1) \
82
+ prepareFromBitInterleaving(even, odd, temp, temp0, temp1) \
83
+ lowOut = lowIn ^ temp0; \
84
+ highOut = highIn ^ temp1;
85
+
86
+ void KeccakP1600_SetBytesInLaneToZero(void *state, unsigned int lanePosition, unsigned int offset, unsigned int length)
87
+ {
88
+ UINT8 laneAsBytes[8];
89
+ UINT32 low, high;
90
+ UINT32 temp, temp0, temp1;
91
+ UINT32 *stateAsHalfLanes = (UINT32*)state;
92
+
93
+ memset(laneAsBytes, 0xFF, offset);
94
+ memset(laneAsBytes+offset, 0x00, length);
95
+ memset(laneAsBytes+offset+length, 0xFF, 8-offset-length);
96
+ #if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
97
+ low = *((UINT32*)(laneAsBytes+0));
98
+ high = *((UINT32*)(laneAsBytes+4));
99
+ #else
100
+ low = laneAsBytes[0]
101
+ | ((UINT32)(laneAsBytes[1]) << 8)
102
+ | ((UINT32)(laneAsBytes[2]) << 16)
103
+ | ((UINT32)(laneAsBytes[3]) << 24);
104
+ high = laneAsBytes[4]
105
+ | ((UINT32)(laneAsBytes[5]) << 8)
106
+ | ((UINT32)(laneAsBytes[6]) << 16)
107
+ | ((UINT32)(laneAsBytes[7]) << 24);
108
+ #endif
109
+ toBitInterleavingAndAND(low, high, stateAsHalfLanes[lanePosition*2+0], stateAsHalfLanes[lanePosition*2+1], temp, temp0, temp1);
110
+ }
111
+
112
+ /* ---------------------------------------------------------------- */
113
+
114
+ void KeccakP1600_Initialize(void *state)
115
+ {
116
+ memset(state, 0, 200);
117
+ }
118
+
119
+ /* ---------------------------------------------------------------- */
120
+
121
+ void KeccakP1600_AddByte(void *state, unsigned char byte, unsigned int offset)
122
+ {
123
+ unsigned int lanePosition = offset/8;
124
+ unsigned int offsetInLane = offset%8;
125
+ UINT32 low, high;
126
+ UINT32 temp, temp0, temp1;
127
+ UINT32 *stateAsHalfLanes = (UINT32*)state;
128
+
129
+ if (offsetInLane < 4) {
130
+ low = (UINT32)byte << (offsetInLane*8);
131
+ high = 0;
132
+ }
133
+ else {
134
+ low = 0;
135
+ high = (UINT32)byte << ((offsetInLane-4)*8);
136
+ }
137
+ toBitInterleavingAndXOR(low, high, stateAsHalfLanes[lanePosition*2+0], stateAsHalfLanes[lanePosition*2+1], temp, temp0, temp1);
138
+ }
139
+
140
+ /* ---------------------------------------------------------------- */
141
+
142
+ void KeccakP1600_AddBytesInLane(void *state, unsigned int lanePosition, const unsigned char *data, unsigned int offset, unsigned int length)
143
+ {
144
+ UINT8 laneAsBytes[8];
145
+ UINT32 low, high;
146
+ UINT32 temp, temp0, temp1;
147
+ UINT32 *stateAsHalfLanes = (UINT32*)state;
148
+
149
+ memset(laneAsBytes, 0, 8);
150
+ memcpy(laneAsBytes+offset, data, length);
151
+ #if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
152
+ low = *((UINT32*)(laneAsBytes+0));
153
+ high = *((UINT32*)(laneAsBytes+4));
154
+ #else
155
+ low = laneAsBytes[0]
156
+ | ((UINT32)(laneAsBytes[1]) << 8)
157
+ | ((UINT32)(laneAsBytes[2]) << 16)
158
+ | ((UINT32)(laneAsBytes[3]) << 24);
159
+ high = laneAsBytes[4]
160
+ | ((UINT32)(laneAsBytes[5]) << 8)
161
+ | ((UINT32)(laneAsBytes[6]) << 16)
162
+ | ((UINT32)(laneAsBytes[7]) << 24);
163
+ #endif
164
+ toBitInterleavingAndXOR(low, high, stateAsHalfLanes[lanePosition*2+0], stateAsHalfLanes[lanePosition*2+1], temp, temp0, temp1);
165
+ }
166
+
167
+ /* ---------------------------------------------------------------- */
168
+
169
+ void KeccakP1600_AddLanes(void *state, const unsigned char *data, unsigned int laneCount)
170
+ {
171
+ #if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
172
+ const UINT32 * pI = (const UINT32 *)data;
173
+ UINT32 * pS = (UINT32*)state;
174
+ UINT32 t, x0, x1;
175
+ int i;
176
+ for (i = laneCount-1; i >= 0; --i) {
177
+ #ifdef NO_MISALIGNED_ACCESSES
178
+ UINT32 low;
179
+ UINT32 high;
180
+ memcpy(&low, pI++, 4);
181
+ memcpy(&high, pI++, 4);
182
+ toBitInterleavingAndXOR(low, high, *(pS++), *(pS++), t, x0, x1);
183
+ #else
184
+ toBitInterleavingAndXOR(*(pI++), *(pI++), *(pS++), *(pS++), t, x0, x1)
185
+ #endif
186
+ }
187
+ #else
188
+ unsigned int lanePosition;
189
+ for(lanePosition=0; lanePosition<laneCount; lanePosition++) {
190
+ UINT8 laneAsBytes[8];
191
+ memcpy(laneAsBytes, data+lanePosition*8, 8);
192
+ UINT32 low = laneAsBytes[0]
193
+ | ((UINT32)(laneAsBytes[1]) << 8)
194
+ | ((UINT32)(laneAsBytes[2]) << 16)
195
+ | ((UINT32)(laneAsBytes[3]) << 24);
196
+ UINT32 high = laneAsBytes[4]
197
+ | ((UINT32)(laneAsBytes[5]) << 8)
198
+ | ((UINT32)(laneAsBytes[6]) << 16)
199
+ | ((UINT32)(laneAsBytes[7]) << 24);
200
+ UINT32 even, odd, temp, temp0, temp1;
201
+ UINT32 *stateAsHalfLanes = (UINT32*)state;
202
+ toBitInterleavingAndXOR(low, high, stateAsHalfLanes[lanePosition*2+0], stateAsHalfLanes[lanePosition*2+1], temp, temp0, temp1);
203
+ }
204
+ #endif
205
+ }
206
+
207
+ /* ---------------------------------------------------------------- */
208
+
209
+ void KeccakP1600_AddBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length)
210
+ {
211
+ SnP_AddBytes(state, data, offset, length, KeccakP1600_AddLanes, KeccakP1600_AddBytesInLane, 8);
212
+ }
213
+
214
+ /* ---------------------------------------------------------------- */
215
+
216
+ void KeccakP1600_OverwriteBytesInLane(void *state, unsigned int lanePosition, const unsigned char *data, unsigned int offset, unsigned int length)
217
+ {
218
+ KeccakP1600_SetBytesInLaneToZero(state, lanePosition, offset, length);
219
+ KeccakP1600_AddBytesInLane(state, lanePosition, data, offset, length);
220
+ }
221
+
222
+ /* ---------------------------------------------------------------- */
223
+
224
+ void KeccakP1600_OverwriteLanes(void *state, const unsigned char *data, unsigned int laneCount)
225
+ {
226
+ #if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
227
+ const UINT32 * pI = (const UINT32 *)data;
228
+ UINT32 * pS = (UINT32 *)state;
229
+ UINT32 t, x0, x1;
230
+ int i;
231
+ for (i = laneCount-1; i >= 0; --i) {
232
+ #ifdef NO_MISALIGNED_ACCESSES
233
+ UINT32 low;
234
+ UINT32 high;
235
+ memcpy(&low, pI++, 4);
236
+ memcpy(&high, pI++, 4);
237
+ toBitInterleavingAndSet(low, high, *(pS++), *(pS++), t, x0, x1);
238
+ #else
239
+ toBitInterleavingAndSet(*(pI++), *(pI++), *(pS++), *(pS++), t, x0, x1)
240
+ #endif
241
+ }
242
+ #else
243
+ unsigned int lanePosition;
244
+ for(lanePosition=0; lanePosition<laneCount; lanePosition++) {
245
+ UINT8 laneAsBytes[8];
246
+ memcpy(laneAsBytes, data+lanePosition*8, 8);
247
+ UINT32 low = laneAsBytes[0]
248
+ | ((UINT32)(laneAsBytes[1]) << 8)
249
+ | ((UINT32)(laneAsBytes[2]) << 16)
250
+ | ((UINT32)(laneAsBytes[3]) << 24);
251
+ UINT32 high = laneAsBytes[4]
252
+ | ((UINT32)(laneAsBytes[5]) << 8)
253
+ | ((UINT32)(laneAsBytes[6]) << 16)
254
+ | ((UINT32)(laneAsBytes[7]) << 24);
255
+ UINT32 even, odd, temp, temp0, temp1;
256
+ UINT32 *stateAsHalfLanes = (UINT32*)state;
257
+ toBitInterleavingAndSet(low, high, stateAsHalfLanes[lanePosition*2+0], stateAsHalfLanes[lanePosition*2+1], temp, temp0, temp1);
258
+ }
259
+ #endif
260
+ }
261
+
262
+ /* ---------------------------------------------------------------- */
263
+
264
+ void KeccakP1600_OverwriteBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length)
265
+ {
266
+ SnP_OverwriteBytes(state, data, offset, length, KeccakP1600_OverwriteLanes, KeccakP1600_OverwriteBytesInLane, 8);
267
+ }
268
+
269
+ /* ---------------------------------------------------------------- */
270
+
271
+ void KeccakP1600_OverwriteWithZeroes(void *state, unsigned int byteCount)
272
+ {
273
+ UINT32 *stateAsHalfLanes = (UINT32*)state;
274
+ unsigned int i;
275
+
276
+ for(i=0; i<byteCount/8; i++) {
277
+ stateAsHalfLanes[i*2+0] = 0;
278
+ stateAsHalfLanes[i*2+1] = 0;
279
+ }
280
+ if (byteCount%8 != 0)
281
+ KeccakP1600_SetBytesInLaneToZero(state, byteCount/8, 0, byteCount%8);
282
+ }
283
+
284
+ /* ---------------------------------------------------------------- */
285
+
286
+ void KeccakP1600_ExtractBytesInLane(const void *state, unsigned int lanePosition, unsigned char *data, unsigned int offset, unsigned int length)
287
+ {
288
+ UINT32 *stateAsHalfLanes = (UINT32*)state;
289
+ UINT32 low, high, temp, temp0, temp1;
290
+ UINT8 laneAsBytes[8];
291
+
292
+ fromBitInterleaving(stateAsHalfLanes[lanePosition*2], stateAsHalfLanes[lanePosition*2+1], low, high, temp, temp0, temp1);
293
+ #if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
294
+ *((UINT32*)(laneAsBytes+0)) = low;
295
+ *((UINT32*)(laneAsBytes+4)) = high;
296
+ #else
297
+ laneAsBytes[0] = low & 0xFF;
298
+ laneAsBytes[1] = (low >> 8) & 0xFF;
299
+ laneAsBytes[2] = (low >> 16) & 0xFF;
300
+ laneAsBytes[3] = (low >> 24) & 0xFF;
301
+ laneAsBytes[4] = high & 0xFF;
302
+ laneAsBytes[5] = (high >> 8) & 0xFF;
303
+ laneAsBytes[6] = (high >> 16) & 0xFF;
304
+ laneAsBytes[7] = (high >> 24) & 0xFF;
305
+ #endif
306
+ memcpy(data, laneAsBytes+offset, length);
307
+ }
308
+
309
+ /* ---------------------------------------------------------------- */
310
+
311
+ void KeccakP1600_ExtractLanes(const void *state, unsigned char *data, unsigned int laneCount)
312
+ {
313
+ #if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
314
+ UINT32 * pI = (UINT32 *)data;
315
+ const UINT32 * pS = ( const UINT32 *)state;
316
+ UINT32 t, x0, x1;
317
+ int i;
318
+ for (i = laneCount-1; i >= 0; --i) {
319
+ #ifdef NO_MISALIGNED_ACCESSES
320
+ UINT32 low;
321
+ UINT32 high;
322
+ fromBitInterleaving(*(pS++), *(pS++), low, high, t, x0, x1);
323
+ memcpy(pI++, &low, 4);
324
+ memcpy(pI++, &high, 4);
325
+ #else
326
+ fromBitInterleaving(*(pS++), *(pS++), *(pI++), *(pI++), t, x0, x1)
327
+ #endif
328
+ }
329
+ #else
330
+ unsigned int lanePosition;
331
+ for(lanePosition=0; lanePosition<laneCount; lanePosition++) {
332
+ UINT32 *stateAsHalfLanes = (UINT32*)state;
333
+ UINT32 low, high, temp, temp0, temp1;
334
+ fromBitInterleaving(stateAsHalfLanes[lanePosition*2], stateAsHalfLanes[lanePosition*2+1], low, high, temp, temp0, temp1);
335
+ UINT8 laneAsBytes[8];
336
+ laneAsBytes[0] = low & 0xFF;
337
+ laneAsBytes[1] = (low >> 8) & 0xFF;
338
+ laneAsBytes[2] = (low >> 16) & 0xFF;
339
+ laneAsBytes[3] = (low >> 24) & 0xFF;
340
+ laneAsBytes[4] = high & 0xFF;
341
+ laneAsBytes[5] = (high >> 8) & 0xFF;
342
+ laneAsBytes[6] = (high >> 16) & 0xFF;
343
+ laneAsBytes[7] = (high >> 24) & 0xFF;
344
+ memcpy(data+lanePosition*8, laneAsBytes, 8);
345
+ }
346
+ #endif
347
+ }
348
+
349
+ /* ---------------------------------------------------------------- */
350
+
351
+ void KeccakP1600_ExtractBytes(const void *state, unsigned char *data, unsigned int offset, unsigned int length)
352
+ {
353
+ SnP_ExtractBytes(state, data, offset, length, KeccakP1600_ExtractLanes, KeccakP1600_ExtractBytesInLane, 8);
354
+ }
355
+
356
+ /* ---------------------------------------------------------------- */
357
+
358
+ void KeccakP1600_ExtractAndAddBytesInLane(const void *state, unsigned int lanePosition, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length)
359
+ {
360
+ UINT32 *stateAsHalfLanes = (UINT32*)state;
361
+ UINT32 low, high, temp, temp0, temp1;
362
+ UINT8 laneAsBytes[8];
363
+ unsigned int i;
364
+
365
+ fromBitInterleaving(stateAsHalfLanes[lanePosition*2], stateAsHalfLanes[lanePosition*2+1], low, high, temp, temp0, temp1);
366
+ #if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
367
+ *((UINT32*)(laneAsBytes+0)) = low;
368
+ *((UINT32*)(laneAsBytes+4)) = high;
369
+ #else
370
+ laneAsBytes[0] = low & 0xFF;
371
+ laneAsBytes[1] = (low >> 8) & 0xFF;
372
+ laneAsBytes[2] = (low >> 16) & 0xFF;
373
+ laneAsBytes[3] = (low >> 24) & 0xFF;
374
+ laneAsBytes[4] = high & 0xFF;
375
+ laneAsBytes[5] = (high >> 8) & 0xFF;
376
+ laneAsBytes[6] = (high >> 16) & 0xFF;
377
+ laneAsBytes[7] = (high >> 24) & 0xFF;
378
+ #endif
379
+ for(i=0; i<length; i++)
380
+ output[i] = input[i] ^ laneAsBytes[offset+i];
381
+ }
382
+
383
+ /* ---------------------------------------------------------------- */
384
+
385
+ void KeccakP1600_ExtractAndAddLanes(const void *state, const unsigned char *input, unsigned char *output, unsigned int laneCount)
386
+ {
387
+ #if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
388
+ const UINT32 * pI = (const UINT32 *)input;
389
+ UINT32 * pO = (UINT32 *)output;
390
+ const UINT32 * pS = (const UINT32 *)state;
391
+ UINT32 t, x0, x1;
392
+ int i;
393
+ for (i = laneCount-1; i >= 0; --i) {
394
+ #ifdef NO_MISALIGNED_ACCESSES
395
+ UINT32 low;
396
+ UINT32 high;
397
+ fromBitInterleaving(*(pS++), *(pS++), low, high, t, x0, x1);
398
+ *(pO++) = *(pI++) ^ low;
399
+ *(pO++) = *(pI++) ^ high;
400
+ #else
401
+ fromBitInterleavingAndXOR(*(pS++), *(pS++), *(pI++), *(pI++), *(pO++), *(pO++), t, x0, x1)
402
+ #endif
403
+ }
404
+ #else
405
+ unsigned int lanePosition;
406
+ for(lanePosition=0; lanePosition<laneCount; lanePosition++) {
407
+ UINT32 *stateAsHalfLanes = (UINT32*)state;
408
+ UINT32 low, high, temp, temp0, temp1;
409
+ fromBitInterleaving(stateAsHalfLanes[lanePosition*2], stateAsHalfLanes[lanePosition*2+1], low, high, temp, temp0, temp1);
410
+ UINT8 laneAsBytes[8];
411
+ laneAsBytes[0] = low & 0xFF;
412
+ laneAsBytes[1] = (low >> 8) & 0xFF;
413
+ laneAsBytes[2] = (low >> 16) & 0xFF;
414
+ laneAsBytes[3] = (low >> 24) & 0xFF;
415
+ laneAsBytes[4] = high & 0xFF;
416
+ laneAsBytes[5] = (high >> 8) & 0xFF;
417
+ laneAsBytes[6] = (high >> 16) & 0xFF;
418
+ laneAsBytes[7] = (high >> 24) & 0xFF;
419
+ ((UINT32*)(output+lanePosition*8))[0] = ((UINT32*)(input+lanePosition*8))[0] ^ (*(const UINT32*)(laneAsBytes+0));
420
+ ((UINT32*)(output+lanePosition*8))[1] = ((UINT32*)(input+lanePosition*8))[0] ^ (*(const UINT32*)(laneAsBytes+4));
421
+ }
422
+ #endif
423
+ }
424
+ /* ---------------------------------------------------------------- */
425
+
426
+ void KeccakP1600_ExtractAndAddBytes(const void *state, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length)
427
+ {
428
+ SnP_ExtractAndAddBytes(state, input, output, offset, length, KeccakP1600_ExtractAndAddLanes, KeccakP1600_ExtractAndAddBytesInLane, 8);
429
+ }
430
+
431
+ /* ---------------------------------------------------------------- */
432
+
433
+ static const UINT32 KeccakF1600RoundConstants_int2[2*24+1] =
434
+ {
435
+ 0x00000001UL, 0x00000000UL,
436
+ 0x00000000UL, 0x00000089UL,
437
+ 0x00000000UL, 0x8000008bUL,
438
+ 0x00000000UL, 0x80008080UL,
439
+ 0x00000001UL, 0x0000008bUL,
440
+ 0x00000001UL, 0x00008000UL,
441
+ 0x00000001UL, 0x80008088UL,
442
+ 0x00000001UL, 0x80000082UL,
443
+ 0x00000000UL, 0x0000000bUL,
444
+ 0x00000000UL, 0x0000000aUL,
445
+ 0x00000001UL, 0x00008082UL,
446
+ 0x00000000UL, 0x00008003UL,
447
+ 0x00000001UL, 0x0000808bUL,
448
+ 0x00000001UL, 0x8000000bUL,
449
+ 0x00000001UL, 0x8000008aUL,
450
+ 0x00000001UL, 0x80000081UL,
451
+ 0x00000000UL, 0x80000081UL,
452
+ 0x00000000UL, 0x80000008UL,
453
+ 0x00000000UL, 0x00000083UL,
454
+ 0x00000000UL, 0x80008003UL,
455
+ 0x00000001UL, 0x80008088UL,
456
+ 0x00000000UL, 0x80000088UL,
457
+ 0x00000001UL, 0x00008000UL,
458
+ 0x00000000UL, 0x80008082UL,
459
+ 0x000000FFUL
460
+ };
461
+
462
+ #define KeccakRound0() \
463
+ Cx = Abu0^Agu0^Aku0^Amu0^Asu0; \
464
+ Du1 = Abe1^Age1^Ake1^Ame1^Ase1; \
465
+ Da0 = Cx^ROL32(Du1, 1); \
466
+ Cz = Abu1^Agu1^Aku1^Amu1^Asu1; \
467
+ Du0 = Abe0^Age0^Ake0^Ame0^Ase0; \
468
+ Da1 = Cz^Du0; \
469
+ Cw = Abi0^Agi0^Aki0^Ami0^Asi0; \
470
+ Do0 = Cw^ROL32(Cz, 1); \
471
+ Cy = Abi1^Agi1^Aki1^Ami1^Asi1; \
472
+ Do1 = Cy^Cx; \
473
+ Cx = Aba0^Aga0^Aka0^Ama0^Asa0; \
474
+ De0 = Cx^ROL32(Cy, 1); \
475
+ Cz = Aba1^Aga1^Aka1^Ama1^Asa1; \
476
+ De1 = Cz^Cw; \
477
+ Cy = Abo1^Ago1^Ako1^Amo1^Aso1; \
478
+ Di0 = Du0^ROL32(Cy, 1); \
479
+ Cw = Abo0^Ago0^Ako0^Amo0^Aso0; \
480
+ Di1 = Du1^Cw; \
481
+ Du0 = Cw^ROL32(Cz, 1); \
482
+ Du1 = Cy^Cx; \
483
+ \
484
+ Ba = (Aba0^Da0); \
485
+ Be = ROL32((Age0^De0), 22); \
486
+ Bi = ROL32((Aki1^Di1), 22); \
487
+ Bo = ROL32((Amo1^Do1), 11); \
488
+ Bu = ROL32((Asu0^Du0), 7); \
489
+ Aba0 = Ba ^((~Be)& Bi ); \
490
+ Aba0 ^= *(pRoundConstants++); \
491
+ Age0 = Be ^((~Bi)& Bo ); \
492
+ Aki1 = Bi ^((~Bo)& Bu ); \
493
+ Amo1 = Bo ^((~Bu)& Ba ); \
494
+ Asu0 = Bu ^((~Ba)& Be ); \
495
+ Ba = (Aba1^Da1); \
496
+ Be = ROL32((Age1^De1), 22); \
497
+ Bi = ROL32((Aki0^Di0), 21); \
498
+ Bo = ROL32((Amo0^Do0), 10); \
499
+ Bu = ROL32((Asu1^Du1), 7); \
500
+ Aba1 = Ba ^((~Be)& Bi ); \
501
+ Aba1 ^= *(pRoundConstants++); \
502
+ Age1 = Be ^((~Bi)& Bo ); \
503
+ Aki0 = Bi ^((~Bo)& Bu ); \
504
+ Amo0 = Bo ^((~Bu)& Ba ); \
505
+ Asu1 = Bu ^((~Ba)& Be ); \
506
+ Bi = ROL32((Aka1^Da1), 2); \
507
+ Bo = ROL32((Ame1^De1), 23); \
508
+ Bu = ROL32((Asi1^Di1), 31); \
509
+ Ba = ROL32((Abo0^Do0), 14); \
510
+ Be = ROL32((Agu0^Du0), 10); \
511
+ Aka1 = Ba ^((~Be)& Bi ); \
512
+ Ame1 = Be ^((~Bi)& Bo ); \
513
+ Asi1 = Bi ^((~Bo)& Bu ); \
514
+ Abo0 = Bo ^((~Bu)& Ba ); \
515
+ Agu0 = Bu ^((~Ba)& Be ); \
516
+ Bi = ROL32((Aka0^Da0), 1); \
517
+ Bo = ROL32((Ame0^De0), 22); \
518
+ Bu = ROL32((Asi0^Di0), 30); \
519
+ Ba = ROL32((Abo1^Do1), 14); \
520
+ Be = ROL32((Agu1^Du1), 10); \
521
+ Aka0 = Ba ^((~Be)& Bi ); \
522
+ Ame0 = Be ^((~Bi)& Bo ); \
523
+ Asi0 = Bi ^((~Bo)& Bu ); \
524
+ Abo1 = Bo ^((~Bu)& Ba ); \
525
+ Agu1 = Bu ^((~Ba)& Be ); \
526
+ Bu = ROL32((Asa0^Da0), 9); \
527
+ Ba = ROL32((Abe1^De1), 1); \
528
+ Be = ROL32((Agi0^Di0), 3); \
529
+ Bi = ROL32((Ako1^Do1), 13); \
530
+ Bo = ROL32((Amu0^Du0), 4); \
531
+ Asa0 = Ba ^((~Be)& Bi ); \
532
+ Abe1 = Be ^((~Bi)& Bo ); \
533
+ Agi0 = Bi ^((~Bo)& Bu ); \
534
+ Ako1 = Bo ^((~Bu)& Ba ); \
535
+ Amu0 = Bu ^((~Ba)& Be ); \
536
+ Bu = ROL32((Asa1^Da1), 9); \
537
+ Ba = (Abe0^De0); \
538
+ Be = ROL32((Agi1^Di1), 3); \
539
+ Bi = ROL32((Ako0^Do0), 12); \
540
+ Bo = ROL32((Amu1^Du1), 4); \
541
+ Asa1 = Ba ^((~Be)& Bi ); \
542
+ Abe0 = Be ^((~Bi)& Bo ); \
543
+ Agi1 = Bi ^((~Bo)& Bu ); \
544
+ Ako0 = Bo ^((~Bu)& Ba ); \
545
+ Amu1 = Bu ^((~Ba)& Be ); \
546
+ Be = ROL32((Aga0^Da0), 18); \
547
+ Bi = ROL32((Ake0^De0), 5); \
548
+ Bo = ROL32((Ami1^Di1), 8); \
549
+ Bu = ROL32((Aso0^Do0), 28); \
550
+ Ba = ROL32((Abu1^Du1), 14); \
551
+ Aga0 = Ba ^((~Be)& Bi ); \
552
+ Ake0 = Be ^((~Bi)& Bo ); \
553
+ Ami1 = Bi ^((~Bo)& Bu ); \
554
+ Aso0 = Bo ^((~Bu)& Ba ); \
555
+ Abu1 = Bu ^((~Ba)& Be ); \
556
+ Be = ROL32((Aga1^Da1), 18); \
557
+ Bi = ROL32((Ake1^De1), 5); \
558
+ Bo = ROL32((Ami0^Di0), 7); \
559
+ Bu = ROL32((Aso1^Do1), 28); \
560
+ Ba = ROL32((Abu0^Du0), 13); \
561
+ Aga1 = Ba ^((~Be)& Bi ); \
562
+ Ake1 = Be ^((~Bi)& Bo ); \
563
+ Ami0 = Bi ^((~Bo)& Bu ); \
564
+ Aso1 = Bo ^((~Bu)& Ba ); \
565
+ Abu0 = Bu ^((~Ba)& Be ); \
566
+ Bo = ROL32((Ama1^Da1), 21); \
567
+ Bu = ROL32((Ase0^De0), 1); \
568
+ Ba = ROL32((Abi0^Di0), 31); \
569
+ Be = ROL32((Ago1^Do1), 28); \
570
+ Bi = ROL32((Aku1^Du1), 20); \
571
+ Ama1 = Ba ^((~Be)& Bi ); \
572
+ Ase0 = Be ^((~Bi)& Bo ); \
573
+ Abi0 = Bi ^((~Bo)& Bu ); \
574
+ Ago1 = Bo ^((~Bu)& Ba ); \
575
+ Aku1 = Bu ^((~Ba)& Be ); \
576
+ Bo = ROL32((Ama0^Da0), 20); \
577
+ Bu = ROL32((Ase1^De1), 1); \
578
+ Ba = ROL32((Abi1^Di1), 31); \
579
+ Be = ROL32((Ago0^Do0), 27); \
580
+ Bi = ROL32((Aku0^Du0), 19); \
581
+ Ama0 = Ba ^((~Be)& Bi ); \
582
+ Ase1 = Be ^((~Bi)& Bo ); \
583
+ Abi1 = Bi ^((~Bo)& Bu ); \
584
+ Ago0 = Bo ^((~Bu)& Ba ); \
585
+ Aku0 = Bu ^((~Ba)& Be )
586
+
587
+ #define KeccakRound1() \
588
+ Cx = Asu0^Agu0^Amu0^Abu1^Aku1; \
589
+ Du1 = Age1^Ame0^Abe0^Ake1^Ase1; \
590
+ Da0 = Cx^ROL32(Du1, 1); \
591
+ Cz = Asu1^Agu1^Amu1^Abu0^Aku0; \
592
+ Du0 = Age0^Ame1^Abe1^Ake0^Ase0; \
593
+ Da1 = Cz^Du0; \
594
+ Cw = Aki1^Asi1^Agi0^Ami1^Abi0; \
595
+ Do0 = Cw^ROL32(Cz, 1); \
596
+ Cy = Aki0^Asi0^Agi1^Ami0^Abi1; \
597
+ Do1 = Cy^Cx; \
598
+ Cx = Aba0^Aka1^Asa0^Aga0^Ama1; \
599
+ De0 = Cx^ROL32(Cy, 1); \
600
+ Cz = Aba1^Aka0^Asa1^Aga1^Ama0; \
601
+ De1 = Cz^Cw; \
602
+ Cy = Amo0^Abo1^Ako0^Aso1^Ago0; \
603
+ Di0 = Du0^ROL32(Cy, 1); \
604
+ Cw = Amo1^Abo0^Ako1^Aso0^Ago1; \
605
+ Di1 = Du1^Cw; \
606
+ Du0 = Cw^ROL32(Cz, 1); \
607
+ Du1 = Cy^Cx; \
608
+ \
609
+ Ba = (Aba0^Da0); \
610
+ Be = ROL32((Ame1^De0), 22); \
611
+ Bi = ROL32((Agi1^Di1), 22); \
612
+ Bo = ROL32((Aso1^Do1), 11); \
613
+ Bu = ROL32((Aku1^Du0), 7); \
614
+ Aba0 = Ba ^((~Be)& Bi ); \
615
+ Aba0 ^= *(pRoundConstants++); \
616
+ Ame1 = Be ^((~Bi)& Bo ); \
617
+ Agi1 = Bi ^((~Bo)& Bu ); \
618
+ Aso1 = Bo ^((~Bu)& Ba ); \
619
+ Aku1 = Bu ^((~Ba)& Be ); \
620
+ Ba = (Aba1^Da1); \
621
+ Be = ROL32((Ame0^De1), 22); \
622
+ Bi = ROL32((Agi0^Di0), 21); \
623
+ Bo = ROL32((Aso0^Do0), 10); \
624
+ Bu = ROL32((Aku0^Du1), 7); \
625
+ Aba1 = Ba ^((~Be)& Bi ); \
626
+ Aba1 ^= *(pRoundConstants++); \
627
+ Ame0 = Be ^((~Bi)& Bo ); \
628
+ Agi0 = Bi ^((~Bo)& Bu ); \
629
+ Aso0 = Bo ^((~Bu)& Ba ); \
630
+ Aku0 = Bu ^((~Ba)& Be ); \
631
+ Bi = ROL32((Asa1^Da1), 2); \
632
+ Bo = ROL32((Ake1^De1), 23); \
633
+ Bu = ROL32((Abi1^Di1), 31); \
634
+ Ba = ROL32((Amo1^Do0), 14); \
635
+ Be = ROL32((Agu0^Du0), 10); \
636
+ Asa1 = Ba ^((~Be)& Bi ); \
637
+ Ake1 = Be ^((~Bi)& Bo ); \
638
+ Abi1 = Bi ^((~Bo)& Bu ); \
639
+ Amo1 = Bo ^((~Bu)& Ba ); \
640
+ Agu0 = Bu ^((~Ba)& Be ); \
641
+ Bi = ROL32((Asa0^Da0), 1); \
642
+ Bo = ROL32((Ake0^De0), 22); \
643
+ Bu = ROL32((Abi0^Di0), 30); \
644
+ Ba = ROL32((Amo0^Do1), 14); \
645
+ Be = ROL32((Agu1^Du1), 10); \
646
+ Asa0 = Ba ^((~Be)& Bi ); \
647
+ Ake0 = Be ^((~Bi)& Bo ); \
648
+ Abi0 = Bi ^((~Bo)& Bu ); \
649
+ Amo0 = Bo ^((~Bu)& Ba ); \
650
+ Agu1 = Bu ^((~Ba)& Be ); \
651
+ Bu = ROL32((Ama1^Da0), 9); \
652
+ Ba = ROL32((Age1^De1), 1); \
653
+ Be = ROL32((Asi1^Di0), 3); \
654
+ Bi = ROL32((Ako0^Do1), 13); \
655
+ Bo = ROL32((Abu1^Du0), 4); \
656
+ Ama1 = Ba ^((~Be)& Bi ); \
657
+ Age1 = Be ^((~Bi)& Bo ); \
658
+ Asi1 = Bi ^((~Bo)& Bu ); \
659
+ Ako0 = Bo ^((~Bu)& Ba ); \
660
+ Abu1 = Bu ^((~Ba)& Be ); \
661
+ Bu = ROL32((Ama0^Da1), 9); \
662
+ Ba = (Age0^De0); \
663
+ Be = ROL32((Asi0^Di1), 3); \
664
+ Bi = ROL32((Ako1^Do0), 12); \
665
+ Bo = ROL32((Abu0^Du1), 4); \
666
+ Ama0 = Ba ^((~Be)& Bi ); \
667
+ Age0 = Be ^((~Bi)& Bo ); \
668
+ Asi0 = Bi ^((~Bo)& Bu ); \
669
+ Ako1 = Bo ^((~Bu)& Ba ); \
670
+ Abu0 = Bu ^((~Ba)& Be ); \
671
+ Be = ROL32((Aka1^Da0), 18); \
672
+ Bi = ROL32((Abe1^De0), 5); \
673
+ Bo = ROL32((Ami0^Di1), 8); \
674
+ Bu = ROL32((Ago1^Do0), 28); \
675
+ Ba = ROL32((Asu1^Du1), 14); \
676
+ Aka1 = Ba ^((~Be)& Bi ); \
677
+ Abe1 = Be ^((~Bi)& Bo ); \
678
+ Ami0 = Bi ^((~Bo)& Bu ); \
679
+ Ago1 = Bo ^((~Bu)& Ba ); \
680
+ Asu1 = Bu ^((~Ba)& Be ); \
681
+ Be = ROL32((Aka0^Da1), 18); \
682
+ Bi = ROL32((Abe0^De1), 5); \
683
+ Bo = ROL32((Ami1^Di0), 7); \
684
+ Bu = ROL32((Ago0^Do1), 28); \
685
+ Ba = ROL32((Asu0^Du0), 13); \
686
+ Aka0 = Ba ^((~Be)& Bi ); \
687
+ Abe0 = Be ^((~Bi)& Bo ); \
688
+ Ami1 = Bi ^((~Bo)& Bu ); \
689
+ Ago0 = Bo ^((~Bu)& Ba ); \
690
+ Asu0 = Bu ^((~Ba)& Be ); \
691
+ Bo = ROL32((Aga1^Da1), 21); \
692
+ Bu = ROL32((Ase0^De0), 1); \
693
+ Ba = ROL32((Aki1^Di0), 31); \
694
+ Be = ROL32((Abo1^Do1), 28); \
695
+ Bi = ROL32((Amu1^Du1), 20); \
696
+ Aga1 = Ba ^((~Be)& Bi ); \
697
+ Ase0 = Be ^((~Bi)& Bo ); \
698
+ Aki1 = Bi ^((~Bo)& Bu ); \
699
+ Abo1 = Bo ^((~Bu)& Ba ); \
700
+ Amu1 = Bu ^((~Ba)& Be ); \
701
+ Bo = ROL32((Aga0^Da0), 20); \
702
+ Bu = ROL32((Ase1^De1), 1); \
703
+ Ba = ROL32((Aki0^Di1), 31); \
704
+ Be = ROL32((Abo0^Do0), 27); \
705
+ Bi = ROL32((Amu0^Du0), 19); \
706
+ Aga0 = Ba ^((~Be)& Bi ); \
707
+ Ase1 = Be ^((~Bi)& Bo ); \
708
+ Aki0 = Bi ^((~Bo)& Bu ); \
709
+ Abo0 = Bo ^((~Bu)& Ba ); \
710
+ Amu0 = Bu ^((~Ba)& Be );
711
+
712
+ #define KeccakRound2() \
713
+ Cx = Aku1^Agu0^Abu1^Asu1^Amu1; \
714
+ Du1 = Ame0^Ake0^Age0^Abe0^Ase1; \
715
+ Da0 = Cx^ROL32(Du1, 1); \
716
+ Cz = Aku0^Agu1^Abu0^Asu0^Amu0; \
717
+ Du0 = Ame1^Ake1^Age1^Abe1^Ase0; \
718
+ Da1 = Cz^Du0; \
719
+ Cw = Agi1^Abi1^Asi1^Ami0^Aki1; \
720
+ Do0 = Cw^ROL32(Cz, 1); \
721
+ Cy = Agi0^Abi0^Asi0^Ami1^Aki0; \
722
+ Do1 = Cy^Cx; \
723
+ Cx = Aba0^Asa1^Ama1^Aka1^Aga1; \
724
+ De0 = Cx^ROL32(Cy, 1); \
725
+ Cz = Aba1^Asa0^Ama0^Aka0^Aga0; \
726
+ De1 = Cz^Cw; \
727
+ Cy = Aso0^Amo0^Ako1^Ago0^Abo0; \
728
+ Di0 = Du0^ROL32(Cy, 1); \
729
+ Cw = Aso1^Amo1^Ako0^Ago1^Abo1; \
730
+ Di1 = Du1^Cw; \
731
+ Du0 = Cw^ROL32(Cz, 1); \
732
+ Du1 = Cy^Cx; \
733
+ \
734
+ Ba = (Aba0^Da0); \
735
+ Be = ROL32((Ake1^De0), 22); \
736
+ Bi = ROL32((Asi0^Di1), 22); \
737
+ Bo = ROL32((Ago0^Do1), 11); \
738
+ Bu = ROL32((Amu1^Du0), 7); \
739
+ Aba0 = Ba ^((~Be)& Bi ); \
740
+ Aba0 ^= *(pRoundConstants++); \
741
+ Ake1 = Be ^((~Bi)& Bo ); \
742
+ Asi0 = Bi ^((~Bo)& Bu ); \
743
+ Ago0 = Bo ^((~Bu)& Ba ); \
744
+ Amu1 = Bu ^((~Ba)& Be ); \
745
+ Ba = (Aba1^Da1); \
746
+ Be = ROL32((Ake0^De1), 22); \
747
+ Bi = ROL32((Asi1^Di0), 21); \
748
+ Bo = ROL32((Ago1^Do0), 10); \
749
+ Bu = ROL32((Amu0^Du1), 7); \
750
+ Aba1 = Ba ^((~Be)& Bi ); \
751
+ Aba1 ^= *(pRoundConstants++); \
752
+ Ake0 = Be ^((~Bi)& Bo ); \
753
+ Asi1 = Bi ^((~Bo)& Bu ); \
754
+ Ago1 = Bo ^((~Bu)& Ba ); \
755
+ Amu0 = Bu ^((~Ba)& Be ); \
756
+ Bi = ROL32((Ama0^Da1), 2); \
757
+ Bo = ROL32((Abe0^De1), 23); \
758
+ Bu = ROL32((Aki0^Di1), 31); \
759
+ Ba = ROL32((Aso1^Do0), 14); \
760
+ Be = ROL32((Agu0^Du0), 10); \
761
+ Ama0 = Ba ^((~Be)& Bi ); \
762
+ Abe0 = Be ^((~Bi)& Bo ); \
763
+ Aki0 = Bi ^((~Bo)& Bu ); \
764
+ Aso1 = Bo ^((~Bu)& Ba ); \
765
+ Agu0 = Bu ^((~Ba)& Be ); \
766
+ Bi = ROL32((Ama1^Da0), 1); \
767
+ Bo = ROL32((Abe1^De0), 22); \
768
+ Bu = ROL32((Aki1^Di0), 30); \
769
+ Ba = ROL32((Aso0^Do1), 14); \
770
+ Be = ROL32((Agu1^Du1), 10); \
771
+ Ama1 = Ba ^((~Be)& Bi ); \
772
+ Abe1 = Be ^((~Bi)& Bo ); \
773
+ Aki1 = Bi ^((~Bo)& Bu ); \
774
+ Aso0 = Bo ^((~Bu)& Ba ); \
775
+ Agu1 = Bu ^((~Ba)& Be ); \
776
+ Bu = ROL32((Aga1^Da0), 9); \
777
+ Ba = ROL32((Ame0^De1), 1); \
778
+ Be = ROL32((Abi1^Di0), 3); \
779
+ Bi = ROL32((Ako1^Do1), 13); \
780
+ Bo = ROL32((Asu1^Du0), 4); \
781
+ Aga1 = Ba ^((~Be)& Bi ); \
782
+ Ame0 = Be ^((~Bi)& Bo ); \
783
+ Abi1 = Bi ^((~Bo)& Bu ); \
784
+ Ako1 = Bo ^((~Bu)& Ba ); \
785
+ Asu1 = Bu ^((~Ba)& Be ); \
786
+ Bu = ROL32((Aga0^Da1), 9); \
787
+ Ba = (Ame1^De0); \
788
+ Be = ROL32((Abi0^Di1), 3); \
789
+ Bi = ROL32((Ako0^Do0), 12); \
790
+ Bo = ROL32((Asu0^Du1), 4); \
791
+ Aga0 = Ba ^((~Be)& Bi ); \
792
+ Ame1 = Be ^((~Bi)& Bo ); \
793
+ Abi0 = Bi ^((~Bo)& Bu ); \
794
+ Ako0 = Bo ^((~Bu)& Ba ); \
795
+ Asu0 = Bu ^((~Ba)& Be ); \
796
+ Be = ROL32((Asa1^Da0), 18); \
797
+ Bi = ROL32((Age1^De0), 5); \
798
+ Bo = ROL32((Ami1^Di1), 8); \
799
+ Bu = ROL32((Abo1^Do0), 28); \
800
+ Ba = ROL32((Aku0^Du1), 14); \
801
+ Asa1 = Ba ^((~Be)& Bi ); \
802
+ Age1 = Be ^((~Bi)& Bo ); \
803
+ Ami1 = Bi ^((~Bo)& Bu ); \
804
+ Abo1 = Bo ^((~Bu)& Ba ); \
805
+ Aku0 = Bu ^((~Ba)& Be ); \
806
+ Be = ROL32((Asa0^Da1), 18); \
807
+ Bi = ROL32((Age0^De1), 5); \
808
+ Bo = ROL32((Ami0^Di0), 7); \
809
+ Bu = ROL32((Abo0^Do1), 28); \
810
+ Ba = ROL32((Aku1^Du0), 13); \
811
+ Asa0 = Ba ^((~Be)& Bi ); \
812
+ Age0 = Be ^((~Bi)& Bo ); \
813
+ Ami0 = Bi ^((~Bo)& Bu ); \
814
+ Abo0 = Bo ^((~Bu)& Ba ); \
815
+ Aku1 = Bu ^((~Ba)& Be ); \
816
+ Bo = ROL32((Aka0^Da1), 21); \
817
+ Bu = ROL32((Ase0^De0), 1); \
818
+ Ba = ROL32((Agi1^Di0), 31); \
819
+ Be = ROL32((Amo0^Do1), 28); \
820
+ Bi = ROL32((Abu0^Du1), 20); \
821
+ Aka0 = Ba ^((~Be)& Bi ); \
822
+ Ase0 = Be ^((~Bi)& Bo ); \
823
+ Agi1 = Bi ^((~Bo)& Bu ); \
824
+ Amo0 = Bo ^((~Bu)& Ba ); \
825
+ Abu0 = Bu ^((~Ba)& Be ); \
826
+ Bo = ROL32((Aka1^Da0), 20); \
827
+ Bu = ROL32((Ase1^De1), 1); \
828
+ Ba = ROL32((Agi0^Di1), 31); \
829
+ Be = ROL32((Amo1^Do0), 27); \
830
+ Bi = ROL32((Abu1^Du0), 19); \
831
+ Aka1 = Ba ^((~Be)& Bi ); \
832
+ Ase1 = Be ^((~Bi)& Bo ); \
833
+ Agi0 = Bi ^((~Bo)& Bu ); \
834
+ Amo1 = Bo ^((~Bu)& Ba ); \
835
+ Abu1 = Bu ^((~Ba)& Be );
836
+
837
+ #define KeccakRound3() \
838
+ Cx = Amu1^Agu0^Asu1^Aku0^Abu0; \
839
+ Du1 = Ake0^Abe1^Ame1^Age0^Ase1; \
840
+ Da0 = Cx^ROL32(Du1, 1); \
841
+ Cz = Amu0^Agu1^Asu0^Aku1^Abu1; \
842
+ Du0 = Ake1^Abe0^Ame0^Age1^Ase0; \
843
+ Da1 = Cz^Du0; \
844
+ Cw = Asi0^Aki0^Abi1^Ami1^Agi1; \
845
+ Do0 = Cw^ROL32(Cz, 1); \
846
+ Cy = Asi1^Aki1^Abi0^Ami0^Agi0; \
847
+ Do1 = Cy^Cx; \
848
+ Cx = Aba0^Ama0^Aga1^Asa1^Aka0; \
849
+ De0 = Cx^ROL32(Cy, 1); \
850
+ Cz = Aba1^Ama1^Aga0^Asa0^Aka1; \
851
+ De1 = Cz^Cw; \
852
+ Cy = Ago1^Aso0^Ako0^Abo0^Amo1; \
853
+ Di0 = Du0^ROL32(Cy, 1); \
854
+ Cw = Ago0^Aso1^Ako1^Abo1^Amo0; \
855
+ Di1 = Du1^Cw; \
856
+ Du0 = Cw^ROL32(Cz, 1); \
857
+ Du1 = Cy^Cx; \
858
+ \
859
+ Ba = (Aba0^Da0); \
860
+ Be = ROL32((Abe0^De0), 22); \
861
+ Bi = ROL32((Abi0^Di1), 22); \
862
+ Bo = ROL32((Abo0^Do1), 11); \
863
+ Bu = ROL32((Abu0^Du0), 7); \
864
+ Aba0 = Ba ^((~Be)& Bi ); \
865
+ Aba0 ^= *(pRoundConstants++); \
866
+ Abe0 = Be ^((~Bi)& Bo ); \
867
+ Abi0 = Bi ^((~Bo)& Bu ); \
868
+ Abo0 = Bo ^((~Bu)& Ba ); \
869
+ Abu0 = Bu ^((~Ba)& Be ); \
870
+ Ba = (Aba1^Da1); \
871
+ Be = ROL32((Abe1^De1), 22); \
872
+ Bi = ROL32((Abi1^Di0), 21); \
873
+ Bo = ROL32((Abo1^Do0), 10); \
874
+ Bu = ROL32((Abu1^Du1), 7); \
875
+ Aba1 = Ba ^((~Be)& Bi ); \
876
+ Aba1 ^= *(pRoundConstants++); \
877
+ Abe1 = Be ^((~Bi)& Bo ); \
878
+ Abi1 = Bi ^((~Bo)& Bu ); \
879
+ Abo1 = Bo ^((~Bu)& Ba ); \
880
+ Abu1 = Bu ^((~Ba)& Be ); \
881
+ Bi = ROL32((Aga0^Da1), 2); \
882
+ Bo = ROL32((Age0^De1), 23); \
883
+ Bu = ROL32((Agi0^Di1), 31); \
884
+ Ba = ROL32((Ago0^Do0), 14); \
885
+ Be = ROL32((Agu0^Du0), 10); \
886
+ Aga0 = Ba ^((~Be)& Bi ); \
887
+ Age0 = Be ^((~Bi)& Bo ); \
888
+ Agi0 = Bi ^((~Bo)& Bu ); \
889
+ Ago0 = Bo ^((~Bu)& Ba ); \
890
+ Agu0 = Bu ^((~Ba)& Be ); \
891
+ Bi = ROL32((Aga1^Da0), 1); \
892
+ Bo = ROL32((Age1^De0), 22); \
893
+ Bu = ROL32((Agi1^Di0), 30); \
894
+ Ba = ROL32((Ago1^Do1), 14); \
895
+ Be = ROL32((Agu1^Du1), 10); \
896
+ Aga1 = Ba ^((~Be)& Bi ); \
897
+ Age1 = Be ^((~Bi)& Bo ); \
898
+ Agi1 = Bi ^((~Bo)& Bu ); \
899
+ Ago1 = Bo ^((~Bu)& Ba ); \
900
+ Agu1 = Bu ^((~Ba)& Be ); \
901
+ Bu = ROL32((Aka0^Da0), 9); \
902
+ Ba = ROL32((Ake0^De1), 1); \
903
+ Be = ROL32((Aki0^Di0), 3); \
904
+ Bi = ROL32((Ako0^Do1), 13); \
905
+ Bo = ROL32((Aku0^Du0), 4); \
906
+ Aka0 = Ba ^((~Be)& Bi ); \
907
+ Ake0 = Be ^((~Bi)& Bo ); \
908
+ Aki0 = Bi ^((~Bo)& Bu ); \
909
+ Ako0 = Bo ^((~Bu)& Ba ); \
910
+ Aku0 = Bu ^((~Ba)& Be ); \
911
+ Bu = ROL32((Aka1^Da1), 9); \
912
+ Ba = (Ake1^De0); \
913
+ Be = ROL32((Aki1^Di1), 3); \
914
+ Bi = ROL32((Ako1^Do0), 12); \
915
+ Bo = ROL32((Aku1^Du1), 4); \
916
+ Aka1 = Ba ^((~Be)& Bi ); \
917
+ Ake1 = Be ^((~Bi)& Bo ); \
918
+ Aki1 = Bi ^((~Bo)& Bu ); \
919
+ Ako1 = Bo ^((~Bu)& Ba ); \
920
+ Aku1 = Bu ^((~Ba)& Be ); \
921
+ Be = ROL32((Ama0^Da0), 18); \
922
+ Bi = ROL32((Ame0^De0), 5); \
923
+ Bo = ROL32((Ami0^Di1), 8); \
924
+ Bu = ROL32((Amo0^Do0), 28); \
925
+ Ba = ROL32((Amu0^Du1), 14); \
926
+ Ama0 = Ba ^((~Be)& Bi ); \
927
+ Ame0 = Be ^((~Bi)& Bo ); \
928
+ Ami0 = Bi ^((~Bo)& Bu ); \
929
+ Amo0 = Bo ^((~Bu)& Ba ); \
930
+ Amu0 = Bu ^((~Ba)& Be ); \
931
+ Be = ROL32((Ama1^Da1), 18); \
932
+ Bi = ROL32((Ame1^De1), 5); \
933
+ Bo = ROL32((Ami1^Di0), 7); \
934
+ Bu = ROL32((Amo1^Do1), 28); \
935
+ Ba = ROL32((Amu1^Du0), 13); \
936
+ Ama1 = Ba ^((~Be)& Bi ); \
937
+ Ame1 = Be ^((~Bi)& Bo ); \
938
+ Ami1 = Bi ^((~Bo)& Bu ); \
939
+ Amo1 = Bo ^((~Bu)& Ba ); \
940
+ Amu1 = Bu ^((~Ba)& Be ); \
941
+ Bo = ROL32((Asa0^Da1), 21); \
942
+ Bu = ROL32((Ase0^De0), 1); \
943
+ Ba = ROL32((Asi0^Di0), 31); \
944
+ Be = ROL32((Aso0^Do1), 28); \
945
+ Bi = ROL32((Asu0^Du1), 20); \
946
+ Asa0 = Ba ^((~Be)& Bi ); \
947
+ Ase0 = Be ^((~Bi)& Bo ); \
948
+ Asi0 = Bi ^((~Bo)& Bu ); \
949
+ Aso0 = Bo ^((~Bu)& Ba ); \
950
+ Asu0 = Bu ^((~Ba)& Be ); \
951
+ Bo = ROL32((Asa1^Da0), 20); \
952
+ Bu = ROL32((Ase1^De1), 1); \
953
+ Ba = ROL32((Asi1^Di1), 31); \
954
+ Be = ROL32((Aso1^Do0), 27); \
955
+ Bi = ROL32((Asu1^Du0), 19); \
956
+ Asa1 = Ba ^((~Be)& Bi ); \
957
+ Ase1 = Be ^((~Bi)& Bo ); \
958
+ Asi1 = Bi ^((~Bo)& Bu ); \
959
+ Aso1 = Bo ^((~Bu)& Ba ); \
960
+ Asu1 = Bu ^((~Ba)& Be );
961
+
962
+ void KeccakP1600_Permute_Nrounds(void *state, unsigned int nRounds)
963
+ {
964
+ UINT32 Da0, De0, Di0, Do0, Du0;
965
+ UINT32 Da1, De1, Di1, Do1, Du1;
966
+ UINT32 Ba, Be, Bi, Bo, Bu;
967
+ UINT32 Cx, Cy, Cz, Cw;
968
+ const UINT32 *pRoundConstants = KeccakF1600RoundConstants_int2+(24-nRounds)*2;
969
+ UINT32 *stateAsHalfLanes = (UINT32*)state;
970
+ #define Aba0 stateAsHalfLanes[ 0]
971
+ #define Aba1 stateAsHalfLanes[ 1]
972
+ #define Abe0 stateAsHalfLanes[ 2]
973
+ #define Abe1 stateAsHalfLanes[ 3]
974
+ #define Abi0 stateAsHalfLanes[ 4]
975
+ #define Abi1 stateAsHalfLanes[ 5]
976
+ #define Abo0 stateAsHalfLanes[ 6]
977
+ #define Abo1 stateAsHalfLanes[ 7]
978
+ #define Abu0 stateAsHalfLanes[ 8]
979
+ #define Abu1 stateAsHalfLanes[ 9]
980
+ #define Aga0 stateAsHalfLanes[10]
981
+ #define Aga1 stateAsHalfLanes[11]
982
+ #define Age0 stateAsHalfLanes[12]
983
+ #define Age1 stateAsHalfLanes[13]
984
+ #define Agi0 stateAsHalfLanes[14]
985
+ #define Agi1 stateAsHalfLanes[15]
986
+ #define Ago0 stateAsHalfLanes[16]
987
+ #define Ago1 stateAsHalfLanes[17]
988
+ #define Agu0 stateAsHalfLanes[18]
989
+ #define Agu1 stateAsHalfLanes[19]
990
+ #define Aka0 stateAsHalfLanes[20]
991
+ #define Aka1 stateAsHalfLanes[21]
992
+ #define Ake0 stateAsHalfLanes[22]
993
+ #define Ake1 stateAsHalfLanes[23]
994
+ #define Aki0 stateAsHalfLanes[24]
995
+ #define Aki1 stateAsHalfLanes[25]
996
+ #define Ako0 stateAsHalfLanes[26]
997
+ #define Ako1 stateAsHalfLanes[27]
998
+ #define Aku0 stateAsHalfLanes[28]
999
+ #define Aku1 stateAsHalfLanes[29]
1000
+ #define Ama0 stateAsHalfLanes[30]
1001
+ #define Ama1 stateAsHalfLanes[31]
1002
+ #define Ame0 stateAsHalfLanes[32]
1003
+ #define Ame1 stateAsHalfLanes[33]
1004
+ #define Ami0 stateAsHalfLanes[34]
1005
+ #define Ami1 stateAsHalfLanes[35]
1006
+ #define Amo0 stateAsHalfLanes[36]
1007
+ #define Amo1 stateAsHalfLanes[37]
1008
+ #define Amu0 stateAsHalfLanes[38]
1009
+ #define Amu1 stateAsHalfLanes[39]
1010
+ #define Asa0 stateAsHalfLanes[40]
1011
+ #define Asa1 stateAsHalfLanes[41]
1012
+ #define Ase0 stateAsHalfLanes[42]
1013
+ #define Ase1 stateAsHalfLanes[43]
1014
+ #define Asi0 stateAsHalfLanes[44]
1015
+ #define Asi1 stateAsHalfLanes[45]
1016
+ #define Aso0 stateAsHalfLanes[46]
1017
+ #define Aso1 stateAsHalfLanes[47]
1018
+ #define Asu0 stateAsHalfLanes[48]
1019
+ #define Asu1 stateAsHalfLanes[49]
1020
+
1021
+ nRounds &= 3;
1022
+ switch ( nRounds )
1023
+ {
1024
+ #define I0 Ba
1025
+ #define I1 Be
1026
+ #define T0 Bi
1027
+ #define T1 Bo
1028
+ #define SwapPI13( in0,in1,in2,in3,eo0,eo1,eo2,eo3 ) \
1029
+ I0 = (in0)[0]; I1 = (in0)[1]; \
1030
+ T0 = (in1)[0]; T1 = (in1)[1]; \
1031
+ (in0)[eo0] = T0; (in0)[eo0^1] = T1; \
1032
+ T0 = (in2)[0]; T1 = (in2)[1]; \
1033
+ (in1)[eo1] = T0; (in1)[eo1^1] = T1; \
1034
+ T0 = (in3)[0]; T1 = (in3)[1]; \
1035
+ (in2)[eo2] = T0; (in2)[eo2^1] = T1; \
1036
+ (in3)[eo3] = I0; (in3)[eo3^1] = I1
1037
+ #define SwapPI2( in0,in1,in2,in3 ) \
1038
+ I0 = (in0)[0]; I1 = (in0)[1]; \
1039
+ T0 = (in1)[0]; T1 = (in1)[1]; \
1040
+ (in0)[1] = T0; (in0)[0] = T1; \
1041
+ (in1)[1] = I0; (in1)[0] = I1; \
1042
+ I0 = (in2)[0]; I1 = (in2)[1]; \
1043
+ T0 = (in3)[0]; T1 = (in3)[1]; \
1044
+ (in2)[1] = T0; (in2)[0] = T1; \
1045
+ (in3)[1] = I0; (in3)[0] = I1
1046
+ #define SwapEO( even,odd ) T0 = even; even = odd; odd = T0
1047
+
1048
+ case 1:
1049
+ SwapPI13( &Aga0, &Aka0, &Asa0, &Ama0, 1, 0, 1, 0 );
1050
+ SwapPI13( &Abe0, &Age0, &Ame0, &Ake0, 0, 1, 0, 1 );
1051
+ SwapPI13( &Abi0, &Aki0, &Agi0, &Asi0, 1, 0, 1, 0 );
1052
+ SwapEO( Ami0, Ami1 );
1053
+ SwapPI13( &Abo0, &Amo0, &Aso0, &Ago0, 1, 0, 1, 0 );
1054
+ SwapEO( Ako0, Ako1 );
1055
+ SwapPI13( &Abu0, &Asu0, &Aku0, &Amu0, 0, 1, 0, 1 );
1056
+ break;
1057
+
1058
+ case 2:
1059
+ SwapPI2( &Aga0, &Asa0, &Aka0, &Ama0 );
1060
+ SwapPI2( &Abe0, &Ame0, &Age0, &Ake0 );
1061
+ SwapPI2( &Abi0, &Agi0, &Aki0, &Asi0 );
1062
+ SwapPI2( &Abo0, &Aso0, &Ago0, &Amo0 );
1063
+ SwapPI2( &Abu0, &Aku0, &Amu0, &Asu0 );
1064
+ break;
1065
+
1066
+ case 3:
1067
+ SwapPI13( &Aga0, &Ama0, &Asa0, &Aka0, 0, 1, 0, 1 );
1068
+ SwapPI13( &Abe0, &Ake0, &Ame0, &Age0, 1, 0, 1, 0 );
1069
+ SwapPI13( &Abi0, &Asi0, &Agi0, &Aki0, 0, 1, 0, 1 );
1070
+ SwapEO( Ami0, Ami1 );
1071
+ SwapPI13( &Abo0, &Ago0, &Aso0, &Amo0, 0, 1, 0, 1 );
1072
+ SwapEO( Ako0, Ako1 );
1073
+ SwapPI13( &Abu0, &Amu0, &Aku0, &Asu0, 1, 0, 1, 0 );
1074
+ break;
1075
+ #undef I0
1076
+ #undef I1
1077
+ #undef T0
1078
+ #undef T1
1079
+ #undef SwapPI13
1080
+ #undef SwapPI2
1081
+ #undef SwapEO
1082
+ }
1083
+
1084
+ do
1085
+ {
1086
+ /* Code for 4 rounds, using factor 2 interleaving, 64-bit lanes mapped to 32-bit words */
1087
+ switch ( nRounds )
1088
+ {
1089
+ case 0: KeccakRound0(); /* fall through */
1090
+ case 3: KeccakRound1();
1091
+ case 2: KeccakRound2();
1092
+ case 1: KeccakRound3();
1093
+ }
1094
+ nRounds = 0;
1095
+ }
1096
+ while ( *pRoundConstants != 0xFF );
1097
+
1098
+ #undef Aba0
1099
+ #undef Aba1
1100
+ #undef Abe0
1101
+ #undef Abe1
1102
+ #undef Abi0
1103
+ #undef Abi1
1104
+ #undef Abo0
1105
+ #undef Abo1
1106
+ #undef Abu0
1107
+ #undef Abu1
1108
+ #undef Aga0
1109
+ #undef Aga1
1110
+ #undef Age0
1111
+ #undef Age1
1112
+ #undef Agi0
1113
+ #undef Agi1
1114
+ #undef Ago0
1115
+ #undef Ago1
1116
+ #undef Agu0
1117
+ #undef Agu1
1118
+ #undef Aka0
1119
+ #undef Aka1
1120
+ #undef Ake0
1121
+ #undef Ake1
1122
+ #undef Aki0
1123
+ #undef Aki1
1124
+ #undef Ako0
1125
+ #undef Ako1
1126
+ #undef Aku0
1127
+ #undef Aku1
1128
+ #undef Ama0
1129
+ #undef Ama1
1130
+ #undef Ame0
1131
+ #undef Ame1
1132
+ #undef Ami0
1133
+ #undef Ami1
1134
+ #undef Amo0
1135
+ #undef Amo1
1136
+ #undef Amu0
1137
+ #undef Amu1
1138
+ #undef Asa0
1139
+ #undef Asa1
1140
+ #undef Ase0
1141
+ #undef Ase1
1142
+ #undef Asi0
1143
+ #undef Asi1
1144
+ #undef Aso0
1145
+ #undef Aso1
1146
+ #undef Asu0
1147
+ #undef Asu1
1148
+ }
1149
+
1150
+ /* ---------------------------------------------------------------- */
1151
+
1152
+ void KeccakP1600_Permute_12rounds(void *state)
1153
+ {
1154
+ KeccakP1600_Permute_Nrounds(state, 12);
1155
+ }
1156
+
1157
+ /* ---------------------------------------------------------------- */
1158
+
1159
+ void KeccakP1600_Permute_24rounds(void *state)
1160
+ {
1161
+ KeccakP1600_Permute_Nrounds(state, 24);
1162
+ }