digest-kangarootwelve 0.0.2 → 0.3.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (307) hide show
  1. checksums.yaml +5 -5
  2. data/README.md +71 -37
  3. data/Rakefile +7 -9
  4. data/digest-kangarootwelve.gemspec +323 -14
  5. data/ext/digest/kangarootwelve/ext.c +228 -177
  6. data/ext/digest/kangarootwelve/extconf.rb +15 -1
  7. data/ext/digest/kangarootwelve/keccak/armv6m/KangarooTwelve.link.c +1 -0
  8. data/ext/digest/kangarootwelve/keccak/armv6m/KeccakDuplexWidth1600.link.c +1 -0
  9. data/ext/digest/kangarootwelve/keccak/armv6m/KeccakP-1600-SnP.h +36 -0
  10. data/ext/digest/kangarootwelve/{KeccakP-1600-times2-SnP.h → keccak/armv6m/KeccakP-1600-times2-SnP.h} +10 -10
  11. data/ext/digest/kangarootwelve/{KeccakP-1600-times2-on1.c → keccak/armv6m/KeccakP-1600-times2-on1.c} +13 -7
  12. data/ext/digest/kangarootwelve/{KeccakP-1600-times4-SnP.h → keccak/armv6m/KeccakP-1600-times4-SnP.h} +10 -10
  13. data/ext/digest/kangarootwelve/{KeccakP-1600-times4-on1.c → keccak/armv6m/KeccakP-1600-times4-on1.c} +13 -7
  14. data/ext/digest/kangarootwelve/{KeccakP-1600-times8-SnP.h → keccak/armv6m/KeccakP-1600-times8-SnP.h} +10 -10
  15. data/ext/digest/kangarootwelve/{KeccakP-1600-times8-on1.c → keccak/armv6m/KeccakP-1600-times8-on1.c} +13 -7
  16. data/ext/digest/kangarootwelve/keccak/armv6m/KeccakP-1600-u2-32bi-armv6m-le-gcc.s +1334 -0
  17. data/ext/digest/kangarootwelve/keccak/armv6m/KeccakSpongeWidth1600.link.c +1 -0
  18. data/ext/digest/kangarootwelve/{PlSnP-Fallback.inc → keccak/armv6m/PlSnP-Fallback.inc} +11 -7
  19. data/ext/digest/kangarootwelve/keccak/armv6m/ext.link.c +1 -0
  20. data/ext/digest/kangarootwelve/keccak/armv7a/KangarooTwelve.link.c +1 -0
  21. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakDuplexWidth1600.link.c +1 -0
  22. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-SnP.h +37 -0
  23. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-armv7a-le-neon-gcc.s +826 -0
  24. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-inplace-pl2-armv7a-neon-le-gcc.s +1245 -0
  25. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-times2-SnP.h +38 -0
  26. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-times4-SnP.h +45 -0
  27. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-times4-on2.c +38 -0
  28. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-times8-SnP.h +45 -0
  29. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakP-1600-times8-on2.c +38 -0
  30. data/ext/digest/kangarootwelve/keccak/armv7a/KeccakSpongeWidth1600.link.c +1 -0
  31. data/ext/digest/kangarootwelve/keccak/armv7a/PlSnP-Fallback.inc +287 -0
  32. data/ext/digest/kangarootwelve/keccak/armv7a/ext.link.c +1 -0
  33. data/ext/digest/kangarootwelve/keccak/armv7m/KangarooTwelve.link.c +1 -0
  34. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakDuplexWidth1600.link.c +1 -0
  35. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-SnP.h +36 -0
  36. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-inplace-32bi-armv7m-le-gcc.s +1170 -0
  37. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-times2-SnP.h +45 -0
  38. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-times2-on1.c +37 -0
  39. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-times4-SnP.h +45 -0
  40. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-times4-on1.c +37 -0
  41. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-times8-SnP.h +45 -0
  42. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakP-1600-times8-on1.c +37 -0
  43. data/ext/digest/kangarootwelve/keccak/armv7m/KeccakSpongeWidth1600.link.c +1 -0
  44. data/ext/digest/kangarootwelve/keccak/armv7m/PlSnP-Fallback.inc +287 -0
  45. data/ext/digest/kangarootwelve/keccak/armv7m/ext.link.c +1 -0
  46. data/ext/digest/kangarootwelve/keccak/armv8a/KangarooTwelve.link.c +1 -0
  47. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakDuplexWidth1600.link.c +1 -0
  48. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-SnP.h +28 -0
  49. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-armv8a-neon.s +537 -0
  50. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-times2-SnP.h +45 -0
  51. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-times2-on1.c +37 -0
  52. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-times4-SnP.h +45 -0
  53. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-times4-on1.c +37 -0
  54. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-times8-SnP.h +45 -0
  55. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakP-1600-times8-on1.c +37 -0
  56. data/ext/digest/kangarootwelve/keccak/armv8a/KeccakSpongeWidth1600.link.c +1 -0
  57. data/ext/digest/kangarootwelve/keccak/armv8a/PlSnP-Fallback.inc +287 -0
  58. data/ext/digest/kangarootwelve/keccak/armv8a/ext.link.c +1 -0
  59. data/ext/digest/kangarootwelve/keccak/asmx86-64/KangarooTwelve.link.c +1 -0
  60. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakDuplexWidth1600.link.c +1 -0
  61. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-SnP.h +37 -0
  62. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-times2-SnP.h +45 -0
  63. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-times2-on1.c +37 -0
  64. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-times4-SnP.h +45 -0
  65. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-times4-on1.c +37 -0
  66. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-times8-SnP.h +45 -0
  67. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-times8-on1.c +37 -0
  68. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakP-1600-x86-64-gas.s +1190 -0
  69. data/ext/digest/kangarootwelve/keccak/asmx86-64/KeccakSpongeWidth1600.link.c +1 -0
  70. data/ext/digest/kangarootwelve/keccak/asmx86-64/PlSnP-Fallback.inc +287 -0
  71. data/ext/digest/kangarootwelve/keccak/asmx86-64/ext.link.c +1 -0
  72. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KangarooTwelve.link.c +1 -0
  73. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakDuplexWidth1600.link.c +1 -0
  74. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-SnP.h +37 -0
  75. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-times2-SnP.h +45 -0
  76. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-times2-on1.c +37 -0
  77. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-times4-SnP.h +45 -0
  78. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-times4-on1.c +37 -0
  79. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-times8-SnP.h +45 -0
  80. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-times8-on1.c +37 -0
  81. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakP-1600-x86-64-shld-gas.s +1190 -0
  82. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/KeccakSpongeWidth1600.link.c +1 -0
  83. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/PlSnP-Fallback.inc +287 -0
  84. data/ext/digest/kangarootwelve/keccak/asmx86-64shld/ext.link.c +1 -0
  85. data/ext/digest/kangarootwelve/keccak/avr8/KangarooTwelve.link.c +1 -0
  86. data/ext/digest/kangarootwelve/keccak/avr8/KeccakDuplexWidth1600.link.c +1 -0
  87. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-SnP.h +37 -0
  88. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-avr8-fast.s +1116 -0
  89. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-times2-SnP.h +45 -0
  90. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-times2-on1.c +37 -0
  91. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-times4-SnP.h +45 -0
  92. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-times4-on1.c +37 -0
  93. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-times8-SnP.h +45 -0
  94. data/ext/digest/kangarootwelve/keccak/avr8/KeccakP-1600-times8-on1.c +37 -0
  95. data/ext/digest/kangarootwelve/keccak/avr8/KeccakSpongeWidth1600.link.c +1 -0
  96. data/ext/digest/kangarootwelve/keccak/avr8/PlSnP-Fallback.inc +287 -0
  97. data/ext/digest/kangarootwelve/keccak/avr8/ext.link.c +1 -0
  98. data/ext/digest/kangarootwelve/keccak/bulldozer/KangarooTwelve.link.c +1 -0
  99. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakDuplexWidth1600.link.c +1 -0
  100. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-SnP.h +39 -0
  101. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-XOP-config.h +6 -0
  102. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-XOP.c +473 -0
  103. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-times2-SIMD128.c +954 -0
  104. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-times2-SnP.h +47 -0
  105. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-times4-SnP.h +45 -0
  106. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-times4-on2.c +38 -0
  107. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-times8-SnP.h +45 -0
  108. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-times8-on2.c +38 -0
  109. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakP-1600-unrolling.macros +302 -0
  110. data/ext/digest/kangarootwelve/keccak/bulldozer/KeccakSpongeWidth1600.link.c +1 -0
  111. data/ext/digest/kangarootwelve/keccak/bulldozer/PlSnP-Fallback.inc +287 -0
  112. data/ext/digest/kangarootwelve/keccak/bulldozer/SIMD128-config.h +9 -0
  113. data/ext/digest/kangarootwelve/{SnP-Relaned.h → keccak/bulldozer/SnP-Relaned.h} +13 -7
  114. data/ext/digest/kangarootwelve/keccak/bulldozer/ext.link.c +1 -0
  115. data/ext/digest/kangarootwelve/{KangarooTwelve.c → keccak/common/KangarooTwelve.c} +6 -10
  116. data/ext/digest/kangarootwelve/{KangarooTwelve.h → keccak/common/KangarooTwelve.h} +3 -7
  117. data/ext/digest/kangarootwelve/keccak/common/KeccakDuplex-common.h +37 -0
  118. data/ext/digest/kangarootwelve/keccak/common/KeccakDuplex.inc +192 -0
  119. data/ext/digest/kangarootwelve/keccak/common/KeccakDuplexWidth1600.c +34 -0
  120. data/ext/digest/kangarootwelve/keccak/common/KeccakDuplexWidth1600.h +25 -0
  121. data/ext/digest/kangarootwelve/{KeccakSponge-common.h → keccak/common/KeccakSponge-common.h} +5 -7
  122. data/ext/digest/kangarootwelve/{KeccakSponge.inc → keccak/common/KeccakSponge.inc} +6 -8
  123. data/ext/digest/kangarootwelve/{KeccakSpongeWidth1600.c → keccak/common/KeccakSpongeWidth1600.c} +6 -8
  124. data/ext/digest/kangarootwelve/{KeccakSpongeWidth1600.h → keccak/common/KeccakSpongeWidth1600.h} +5 -7
  125. data/ext/digest/kangarootwelve/{Phases.h → keccak/common/Phases.h} +3 -7
  126. data/ext/digest/kangarootwelve/{align.h → keccak/common/align.h} +5 -7
  127. data/ext/digest/kangarootwelve/{brg_endian.h → keccak/common/brg_endian.h} +0 -0
  128. data/ext/digest/kangarootwelve/keccak/compact/KangarooTwelve.link.c +1 -0
  129. data/ext/digest/kangarootwelve/keccak/compact/KeccakDuplexWidth1600.link.c +1 -0
  130. data/ext/digest/kangarootwelve/{KeccakP-1600-SnP.h → keccak/compact/KeccakP-1600-SnP.h} +7 -10
  131. data/ext/digest/kangarootwelve/{KeccakP-1600-compact64.c → keccak/compact/KeccakP-1600-compact64.c} +11 -7
  132. data/ext/digest/kangarootwelve/keccak/compact/KeccakP-1600-times2-SnP.h +45 -0
  133. data/ext/digest/kangarootwelve/keccak/compact/KeccakP-1600-times2-on1.c +37 -0
  134. data/ext/digest/kangarootwelve/keccak/compact/KeccakP-1600-times4-SnP.h +45 -0
  135. data/ext/digest/kangarootwelve/keccak/compact/KeccakP-1600-times4-on1.c +37 -0
  136. data/ext/digest/kangarootwelve/keccak/compact/KeccakP-1600-times8-SnP.h +45 -0
  137. data/ext/digest/kangarootwelve/keccak/compact/KeccakP-1600-times8-on1.c +37 -0
  138. data/ext/digest/kangarootwelve/keccak/compact/KeccakSpongeWidth1600.link.c +1 -0
  139. data/ext/digest/kangarootwelve/keccak/compact/PlSnP-Fallback.inc +287 -0
  140. data/ext/digest/kangarootwelve/keccak/compact/SnP-Relaned.h +140 -0
  141. data/ext/digest/kangarootwelve/keccak/compact/ext.link.c +1 -0
  142. data/ext/digest/kangarootwelve/keccak/generic32/KangarooTwelve.link.c +1 -0
  143. data/ext/digest/kangarootwelve/keccak/generic32/KeccakDuplexWidth1600.link.c +1 -0
  144. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-SnP.h +38 -0
  145. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-inplace32BI.c +1162 -0
  146. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-times2-SnP.h +45 -0
  147. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-times2-on1.c +37 -0
  148. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-times4-SnP.h +45 -0
  149. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-times4-on1.c +37 -0
  150. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-times8-SnP.h +45 -0
  151. data/ext/digest/kangarootwelve/keccak/generic32/KeccakP-1600-times8-on1.c +37 -0
  152. data/ext/digest/kangarootwelve/keccak/generic32/KeccakSpongeWidth1600.link.c +1 -0
  153. data/ext/digest/kangarootwelve/keccak/generic32/PlSnP-Fallback.inc +287 -0
  154. data/ext/digest/kangarootwelve/keccak/generic32/SnP-Relaned.h +140 -0
  155. data/ext/digest/kangarootwelve/keccak/generic32/ext.link.c +1 -0
  156. data/ext/digest/kangarootwelve/keccak/generic32lc/KangarooTwelve.link.c +1 -0
  157. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakDuplexWidth1600.link.c +1 -0
  158. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-SnP.h +38 -0
  159. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-inplace32BI.c +1162 -0
  160. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-times2-SnP.h +45 -0
  161. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-times2-on1.c +37 -0
  162. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-times4-SnP.h +45 -0
  163. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-times4-on1.c +37 -0
  164. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-times8-SnP.h +45 -0
  165. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakP-1600-times8-on1.c +37 -0
  166. data/ext/digest/kangarootwelve/keccak/generic32lc/KeccakSpongeWidth1600.link.c +1 -0
  167. data/ext/digest/kangarootwelve/keccak/generic32lc/PlSnP-Fallback.inc +287 -0
  168. data/ext/digest/kangarootwelve/keccak/generic32lc/SnP-Relaned.h +140 -0
  169. data/ext/digest/kangarootwelve/keccak/generic32lc/ext.link.c +1 -0
  170. data/ext/digest/kangarootwelve/keccak/generic64/KangarooTwelve.link.c +1 -0
  171. data/ext/digest/kangarootwelve/keccak/generic64/KeccakDuplexWidth1600.link.c +1 -0
  172. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-64.macros +2195 -0
  173. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-SnP.h +49 -0
  174. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-opt64-config.h +6 -0
  175. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-opt64.c +541 -0
  176. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-times2-SnP.h +45 -0
  177. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-times2-on1.c +37 -0
  178. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-times4-SnP.h +45 -0
  179. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-times4-on1.c +37 -0
  180. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-times8-SnP.h +45 -0
  181. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-times8-on1.c +37 -0
  182. data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-unrolling.macros +302 -0
  183. data/ext/digest/kangarootwelve/keccak/generic64/KeccakSpongeWidth1600.link.c +1 -0
  184. data/ext/digest/kangarootwelve/keccak/generic64/PlSnP-Fallback.inc +287 -0
  185. data/ext/digest/kangarootwelve/keccak/generic64/SnP-Relaned.h +140 -0
  186. data/ext/digest/kangarootwelve/keccak/generic64/ext.link.c +1 -0
  187. data/ext/digest/kangarootwelve/keccak/generic64lc/KangarooTwelve.link.c +1 -0
  188. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakDuplexWidth1600.link.c +1 -0
  189. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-64.macros +2195 -0
  190. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-SnP.h +49 -0
  191. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-opt64-config.h +7 -0
  192. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-opt64.c +541 -0
  193. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-times2-SnP.h +45 -0
  194. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-times2-on1.c +37 -0
  195. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-times4-SnP.h +45 -0
  196. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-times4-on1.c +37 -0
  197. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-times8-SnP.h +45 -0
  198. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-times8-on1.c +37 -0
  199. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakP-1600-unrolling.macros +302 -0
  200. data/ext/digest/kangarootwelve/keccak/generic64lc/KeccakSpongeWidth1600.link.c +1 -0
  201. data/ext/digest/kangarootwelve/keccak/generic64lc/PlSnP-Fallback.inc +287 -0
  202. data/ext/digest/kangarootwelve/keccak/generic64lc/SnP-Relaned.h +140 -0
  203. data/ext/digest/kangarootwelve/keccak/generic64lc/ext.link.c +1 -0
  204. data/ext/digest/kangarootwelve/keccak/haswell/KangarooTwelve.link.c +1 -0
  205. data/ext/digest/kangarootwelve/keccak/haswell/KeccakDuplexWidth1600.link.c +1 -0
  206. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-AVX2.s +993 -0
  207. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-SnP.h +41 -0
  208. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-times2-SIMD128.c +954 -0
  209. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-times2-SnP.h +47 -0
  210. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-times4-SIMD256.c +1303 -0
  211. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-times4-SnP.h +53 -0
  212. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-times8-SnP.h +45 -0
  213. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-times8-on4.c +38 -0
  214. data/ext/digest/kangarootwelve/keccak/haswell/KeccakP-1600-unrolling.macros +302 -0
  215. data/ext/digest/kangarootwelve/keccak/haswell/KeccakSpongeWidth1600.link.c +1 -0
  216. data/ext/digest/kangarootwelve/keccak/haswell/PlSnP-Fallback.inc +287 -0
  217. data/ext/digest/kangarootwelve/keccak/haswell/SIMD128-config.h +8 -0
  218. data/ext/digest/kangarootwelve/keccak/haswell/SIMD256-config.h +7 -0
  219. data/ext/digest/kangarootwelve/keccak/haswell/ext.link.c +1 -0
  220. data/ext/digest/kangarootwelve/keccak/nehalem/KangarooTwelve.link.c +1 -0
  221. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakDuplexWidth1600.link.c +1 -0
  222. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-64.macros +2195 -0
  223. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-SnP.h +49 -0
  224. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-opt64-config.h +7 -0
  225. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-opt64.c +541 -0
  226. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-times2-SIMD128.c +954 -0
  227. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-times2-SnP.h +47 -0
  228. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-times4-SnP.h +45 -0
  229. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-times4-on2.c +38 -0
  230. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-times8-SnP.h +45 -0
  231. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-times8-on2.c +38 -0
  232. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakP-1600-unrolling.macros +302 -0
  233. data/ext/digest/kangarootwelve/keccak/nehalem/KeccakSpongeWidth1600.link.c +1 -0
  234. data/ext/digest/kangarootwelve/keccak/nehalem/PlSnP-Fallback.inc +287 -0
  235. data/ext/digest/kangarootwelve/keccak/nehalem/SIMD128-config.h +8 -0
  236. data/ext/digest/kangarootwelve/keccak/nehalem/SnP-Relaned.h +140 -0
  237. data/ext/digest/kangarootwelve/keccak/nehalem/ext.link.c +1 -0
  238. data/ext/digest/kangarootwelve/keccak/reference/KangarooTwelve.link.c +1 -0
  239. data/ext/digest/kangarootwelve/keccak/reference/KeccakDuplexWidth1600.link.c +1 -0
  240. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-SnP.h +41 -0
  241. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-reference.c +424 -0
  242. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-reference.h +20 -0
  243. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-times2-SnP.h +45 -0
  244. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-times2-on1.c +37 -0
  245. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-times4-SnP.h +45 -0
  246. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-times4-on1.c +37 -0
  247. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-times8-SnP.h +45 -0
  248. data/ext/digest/kangarootwelve/keccak/reference/KeccakP-1600-times8-on1.c +37 -0
  249. data/ext/digest/kangarootwelve/keccak/reference/KeccakSpongeWidth1600.link.c +1 -0
  250. data/ext/digest/kangarootwelve/keccak/reference/PlSnP-Fallback.inc +287 -0
  251. data/ext/digest/kangarootwelve/keccak/reference/displayIntermediateValues.c +176 -0
  252. data/ext/digest/kangarootwelve/keccak/reference/displayIntermediateValues.h +29 -0
  253. data/ext/digest/kangarootwelve/keccak/reference/ext.link.c +1 -0
  254. data/ext/digest/kangarootwelve/keccak/reference32bits/KangarooTwelve.link.c +1 -0
  255. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakDuplexWidth1600.link.c +1 -0
  256. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-SnP.h +41 -0
  257. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-reference.h +20 -0
  258. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-reference32BI.c +612 -0
  259. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-times2-SnP.h +45 -0
  260. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-times2-on1.c +37 -0
  261. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-times4-SnP.h +45 -0
  262. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-times4-on1.c +37 -0
  263. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-times8-SnP.h +45 -0
  264. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakP-1600-times8-on1.c +37 -0
  265. data/ext/digest/kangarootwelve/keccak/reference32bits/KeccakSpongeWidth1600.link.c +1 -0
  266. data/ext/digest/kangarootwelve/keccak/reference32bits/PlSnP-Fallback.inc +287 -0
  267. data/ext/digest/kangarootwelve/keccak/reference32bits/displayIntermediateValues.c +176 -0
  268. data/ext/digest/kangarootwelve/keccak/reference32bits/displayIntermediateValues.h +29 -0
  269. data/ext/digest/kangarootwelve/keccak/reference32bits/ext.link.c +1 -0
  270. data/ext/digest/kangarootwelve/keccak/sandybridge/KangarooTwelve.link.c +1 -0
  271. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakDuplexWidth1600.link.c +1 -0
  272. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-64.macros +2195 -0
  273. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-SnP.h +49 -0
  274. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-opt64-config.h +8 -0
  275. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-opt64.c +541 -0
  276. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-times2-SIMD128.c +954 -0
  277. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-times2-SnP.h +47 -0
  278. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-times4-SnP.h +45 -0
  279. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-times4-on2.c +38 -0
  280. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-times8-SnP.h +45 -0
  281. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-times8-on2.c +38 -0
  282. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakP-1600-unrolling.macros +302 -0
  283. data/ext/digest/kangarootwelve/keccak/sandybridge/KeccakSpongeWidth1600.link.c +1 -0
  284. data/ext/digest/kangarootwelve/keccak/sandybridge/PlSnP-Fallback.inc +287 -0
  285. data/ext/digest/kangarootwelve/keccak/sandybridge/SIMD128-config.h +8 -0
  286. data/ext/digest/kangarootwelve/keccak/sandybridge/SnP-Relaned.h +140 -0
  287. data/ext/digest/kangarootwelve/keccak/sandybridge/ext.link.c +1 -0
  288. data/ext/digest/kangarootwelve/keccak/skylakex/KangarooTwelve.link.c +1 -0
  289. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakDuplexWidth1600.link.c +1 -0
  290. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-AVX512-config.h +6 -0
  291. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-AVX512.c +621 -0
  292. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-SnP.h +42 -0
  293. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-times2-SIMD512.c +852 -0
  294. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-times2-SnP.h +49 -0
  295. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-times4-SIMD512.c +883 -0
  296. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-times4-SnP.h +49 -0
  297. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-times8-SIMD512.c +1473 -0
  298. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakP-1600-times8-SnP.h +53 -0
  299. data/ext/digest/kangarootwelve/keccak/skylakex/KeccakSpongeWidth1600.link.c +1 -0
  300. data/ext/digest/kangarootwelve/keccak/skylakex/SIMD512-2-config.h +7 -0
  301. data/ext/digest/kangarootwelve/keccak/skylakex/SIMD512-4-config.h +7 -0
  302. data/ext/digest/kangarootwelve/keccak/skylakex/SIMD512-config.h +7 -0
  303. data/ext/digest/kangarootwelve/keccak/skylakex/ext.link.c +1 -0
  304. data/ext/digest/kangarootwelve/utils.h +101 -0
  305. data/lib/digest/kangarootwelve/version.rb +2 -2
  306. data/test/test.rb +68 -31
  307. metadata +305 -27
data/ext/digest/kangarootwelve/keccak/generic32lc/SnP-Relaned.h ADDED
@@ -0,0 +1,140 @@
1
+ /*
2
+ Implementation by the Keccak Team, namely, Guido Bertoni, Joan Daemen,
3
+ Michaël Peeters, Gilles Van Assche and Ronny Van Keer,
4
+ hereby denoted as "the implementer".
5
+
6
+ For more information, feedback or questions, please refer to our website:
7
+ https://keccak.team/
8
+
9
+ To the extent possible under law, the implementer has waived all copyright
10
+ and related or neighboring rights to the source code in this file.
11
+ http://creativecommons.org/publicdomain/zero/1.0/
12
+
13
+ ---
14
+
15
+ This file contains macros that help implement a permutation in a SnP-compatible way.
16
+ It converts an implementation that implement state input/output functions
17
+ in a lane-oriented fashion (i.e., using SnP_AddLanes() and SnP_AddBytesInLane,
18
+ and similarly for Overwite, Extract and ExtractAndAdd) to the byte-oriented SnP.
19
+ Please refer to SnP-documentation.h for more details.
20
+ */
21
+
22
+ #ifndef _SnP_Relaned_h_
23
+ #define _SnP_Relaned_h_
24
+
25
+ #define SnP_AddBytes(state, data, offset, length, SnP_AddLanes, SnP_AddBytesInLane, SnP_laneLengthInBytes) \
26
+ { \
27
+ if ((offset) == 0) { \
28
+ SnP_AddLanes(state, data, (length)/SnP_laneLengthInBytes); \
29
+ SnP_AddBytesInLane(state, \
30
+ (length)/SnP_laneLengthInBytes, \
31
+ (data)+((length)/SnP_laneLengthInBytes)*SnP_laneLengthInBytes, \
32
+ 0, \
33
+ (length)%SnP_laneLengthInBytes); \
34
+ } \
35
+ else { \
36
+ unsigned int _sizeLeft = (length); \
37
+ unsigned int _lanePosition = (offset)/SnP_laneLengthInBytes; \
38
+ unsigned int _offsetInLane = (offset)%SnP_laneLengthInBytes; \
39
+ const unsigned char *_curData = (data); \
40
+ while(_sizeLeft > 0) { \
41
+ unsigned int _bytesInLane = SnP_laneLengthInBytes - _offsetInLane; \
42
+ if (_bytesInLane > _sizeLeft) \
43
+ _bytesInLane = _sizeLeft; \
44
+ SnP_AddBytesInLane(state, _lanePosition, _curData, _offsetInLane, _bytesInLane); \
45
+ _sizeLeft -= _bytesInLane; \
46
+ _lanePosition++; \
47
+ _offsetInLane = 0; \
48
+ _curData += _bytesInLane; \
49
+ } \
50
+ } \
51
+ }
52
+
53
+ #define SnP_OverwriteBytes(state, data, offset, length, SnP_OverwriteLanes, SnP_OverwriteBytesInLane, SnP_laneLengthInBytes) \
54
+ { \
55
+ if ((offset) == 0) { \
56
+ SnP_OverwriteLanes(state, data, (length)/SnP_laneLengthInBytes); \
57
+ SnP_OverwriteBytesInLane(state, \
58
+ (length)/SnP_laneLengthInBytes, \
59
+ (data)+((length)/SnP_laneLengthInBytes)*SnP_laneLengthInBytes, \
60
+ 0, \
61
+ (length)%SnP_laneLengthInBytes); \
62
+ } \
63
+ else { \
64
+ unsigned int _sizeLeft = (length); \
65
+ unsigned int _lanePosition = (offset)/SnP_laneLengthInBytes; \
66
+ unsigned int _offsetInLane = (offset)%SnP_laneLengthInBytes; \
67
+ const unsigned char *_curData = (data); \
68
+ while(_sizeLeft > 0) { \
69
+ unsigned int _bytesInLane = SnP_laneLengthInBytes - _offsetInLane; \
70
+ if (_bytesInLane > _sizeLeft) \
71
+ _bytesInLane = _sizeLeft; \
72
+ SnP_OverwriteBytesInLane(state, _lanePosition, _curData, _offsetInLane, _bytesInLane); \
73
+ _sizeLeft -= _bytesInLane; \
74
+ _lanePosition++; \
75
+ _offsetInLane = 0; \
76
+ _curData += _bytesInLane; \
77
+ } \
78
+ } \
79
+ }
80
+
81
+ #define SnP_ExtractBytes(state, data, offset, length, SnP_ExtractLanes, SnP_ExtractBytesInLane, SnP_laneLengthInBytes) \
82
+ { \
83
+ if ((offset) == 0) { \
84
+ SnP_ExtractLanes(state, data, (length)/SnP_laneLengthInBytes); \
85
+ SnP_ExtractBytesInLane(state, \
86
+ (length)/SnP_laneLengthInBytes, \
87
+ (data)+((length)/SnP_laneLengthInBytes)*SnP_laneLengthInBytes, \
88
+ 0, \
89
+ (length)%SnP_laneLengthInBytes); \
90
+ } \
91
+ else { \
92
+ unsigned int _sizeLeft = (length); \
93
+ unsigned int _lanePosition = (offset)/SnP_laneLengthInBytes; \
94
+ unsigned int _offsetInLane = (offset)%SnP_laneLengthInBytes; \
95
+ unsigned char *_curData = (data); \
96
+ while(_sizeLeft > 0) { \
97
+ unsigned int _bytesInLane = SnP_laneLengthInBytes - _offsetInLane; \
98
+ if (_bytesInLane > _sizeLeft) \
99
+ _bytesInLane = _sizeLeft; \
100
+ SnP_ExtractBytesInLane(state, _lanePosition, _curData, _offsetInLane, _bytesInLane); \
101
+ _sizeLeft -= _bytesInLane; \
102
+ _lanePosition++; \
103
+ _offsetInLane = 0; \
104
+ _curData += _bytesInLane; \
105
+ } \
106
+ } \
107
+ }
108
+
109
+ #define SnP_ExtractAndAddBytes(state, input, output, offset, length, SnP_ExtractAndAddLanes, SnP_ExtractAndAddBytesInLane, SnP_laneLengthInBytes) \
110
+ { \
111
+ if ((offset) == 0) { \
112
+ SnP_ExtractAndAddLanes(state, input, output, (length)/SnP_laneLengthInBytes); \
113
+ SnP_ExtractAndAddBytesInLane(state, \
114
+ (length)/SnP_laneLengthInBytes, \
115
+ (input)+((length)/SnP_laneLengthInBytes)*SnP_laneLengthInBytes, \
116
+ (output)+((length)/SnP_laneLengthInBytes)*SnP_laneLengthInBytes, \
117
+ 0, \
118
+ (length)%SnP_laneLengthInBytes); \
119
+ } \
120
+ else { \
121
+ unsigned int _sizeLeft = (length); \
122
+ unsigned int _lanePosition = (offset)/SnP_laneLengthInBytes; \
123
+ unsigned int _offsetInLane = (offset)%SnP_laneLengthInBytes; \
124
+ const unsigned char *_curInput = (input); \
125
+ unsigned char *_curOutput = (output); \
126
+ while(_sizeLeft > 0) { \
127
+ unsigned int _bytesInLane = SnP_laneLengthInBytes - _offsetInLane; \
128
+ if (_bytesInLane > _sizeLeft) \
129
+ _bytesInLane = _sizeLeft; \
130
+ SnP_ExtractAndAddBytesInLane(state, _lanePosition, _curInput, _curOutput, _offsetInLane, _bytesInLane); \
131
+ _sizeLeft -= _bytesInLane; \
132
+ _lanePosition++; \
133
+ _offsetInLane = 0; \
134
+ _curInput += _bytesInLane; \
135
+ _curOutput += _bytesInLane; \
136
+ } \
137
+ } \
138
+ }
139
+
140
+ #endif
data/ext/digest/kangarootwelve/keccak/generic32lc/ext.link.c ADDED
@@ -0,0 +1 @@
1
+ #include "../../ext.c"
data/ext/digest/kangarootwelve/keccak/generic64/KangarooTwelve.link.c ADDED
@@ -0,0 +1 @@
1
+ #include "../common/KangarooTwelve.c"
data/ext/digest/kangarootwelve/keccak/generic64/KeccakDuplexWidth1600.link.c ADDED
@@ -0,0 +1 @@
1
+ #include "../common/KeccakDuplexWidth1600.c"
data/ext/digest/kangarootwelve/keccak/generic64/KeccakP-1600-64.macros ADDED
@@ -0,0 +1,2195 @@
1
+ /*
2
+ Implementation by the Keccak Team, namely, Guido Bertoni, Joan Daemen,
3
+ Michaël Peeters, Gilles Van Assche and Ronny Van Keer,
4
+ hereby denoted as "the implementer".
5
+
6
+ For more information, feedback or questions, please refer to our website:
7
+ https://keccak.team/
8
+
9
+ To the extent possible under law, the implementer has waived all copyright
10
+ and related or neighboring rights to the source code in this file.
11
+ http://creativecommons.org/publicdomain/zero/1.0/
12
+ */
13
+
14
+ #define declareABCDE \
15
+ UINT64 Aba, Abe, Abi, Abo, Abu; \
16
+ UINT64 Aga, Age, Agi, Ago, Agu; \
17
+ UINT64 Aka, Ake, Aki, Ako, Aku; \
18
+ UINT64 Ama, Ame, Ami, Amo, Amu; \
19
+ UINT64 Asa, Ase, Asi, Aso, Asu; \
20
+ UINT64 Bba, Bbe, Bbi, Bbo, Bbu; \
21
+ UINT64 Bga, Bge, Bgi, Bgo, Bgu; \
22
+ UINT64 Bka, Bke, Bki, Bko, Bku; \
23
+ UINT64 Bma, Bme, Bmi, Bmo, Bmu; \
24
+ UINT64 Bsa, Bse, Bsi, Bso, Bsu; \
25
+ UINT64 Ca, Ce, Ci, Co, Cu; \
26
+ UINT64 Da, De, Di, Do, Du; \
27
+ UINT64 Eba, Ebe, Ebi, Ebo, Ebu; \
28
+ UINT64 Ega, Ege, Egi, Ego, Egu; \
29
+ UINT64 Eka, Eke, Eki, Eko, Eku; \
30
+ UINT64 Ema, Eme, Emi, Emo, Emu; \
31
+ UINT64 Esa, Ese, Esi, Eso, Esu; \
32
+
33
+ #define prepareTheta \
34
+ Ca = Aba^Aga^Aka^Ama^Asa; \
35
+ Ce = Abe^Age^Ake^Ame^Ase; \
36
+ Ci = Abi^Agi^Aki^Ami^Asi; \
37
+ Co = Abo^Ago^Ako^Amo^Aso; \
38
+ Cu = Abu^Agu^Aku^Amu^Asu; \
39
+
40
+ #ifdef UseBebigokimisa
41
+ /* --- Code for round, with prepare-theta (lane complementing pattern 'bebigokimisa') */
42
+ /* --- 64-bit lanes mapped to 64-bit words */
43
+ #define thetaRhoPiChiIotaPrepareTheta(i, A, E) \
44
+ Da = Cu^ROL64(Ce, 1); \
45
+ De = Ca^ROL64(Ci, 1); \
46
+ Di = Ce^ROL64(Co, 1); \
47
+ Do = Ci^ROL64(Cu, 1); \
48
+ Du = Co^ROL64(Ca, 1); \
49
+ \
50
+ A##ba ^= Da; \
51
+ Bba = A##ba; \
52
+ A##ge ^= De; \
53
+ Bbe = ROL64(A##ge, 44); \
54
+ A##ki ^= Di; \
55
+ Bbi = ROL64(A##ki, 43); \
56
+ A##mo ^= Do; \
57
+ Bbo = ROL64(A##mo, 21); \
58
+ A##su ^= Du; \
59
+ Bbu = ROL64(A##su, 14); \
60
+ E##ba = Bba ^( Bbe | Bbi ); \
61
+ E##ba ^= KeccakF1600RoundConstants[i]; \
62
+ Ca = E##ba; \
63
+ E##be = Bbe ^((~Bbi)| Bbo ); \
64
+ Ce = E##be; \
65
+ E##bi = Bbi ^( Bbo & Bbu ); \
66
+ Ci = E##bi; \
67
+ E##bo = Bbo ^( Bbu | Bba ); \
68
+ Co = E##bo; \
69
+ E##bu = Bbu ^( Bba & Bbe ); \
70
+ Cu = E##bu; \
71
+ \
72
+ A##bo ^= Do; \
73
+ Bga = ROL64(A##bo, 28); \
74
+ A##gu ^= Du; \
75
+ Bge = ROL64(A##gu, 20); \
76
+ A##ka ^= Da; \
77
+ Bgi = ROL64(A##ka, 3); \
78
+ A##me ^= De; \
79
+ Bgo = ROL64(A##me, 45); \
80
+ A##si ^= Di; \
81
+ Bgu = ROL64(A##si, 61); \
82
+ E##ga = Bga ^( Bge | Bgi ); \
83
+ Ca ^= E##ga; \
84
+ E##ge = Bge ^( Bgi & Bgo ); \
85
+ Ce ^= E##ge; \
86
+ E##gi = Bgi ^( Bgo |(~Bgu)); \
87
+ Ci ^= E##gi; \
88
+ E##go = Bgo ^( Bgu | Bga ); \
89
+ Co ^= E##go; \
90
+ E##gu = Bgu ^( Bga & Bge ); \
91
+ Cu ^= E##gu; \
92
+ \
93
+ A##be ^= De; \
94
+ Bka = ROL64(A##be, 1); \
95
+ A##gi ^= Di; \
96
+ Bke = ROL64(A##gi, 6); \
97
+ A##ko ^= Do; \
98
+ Bki = ROL64(A##ko, 25); \
99
+ A##mu ^= Du; \
100
+ Bko = ROL64(A##mu, 8); \
101
+ A##sa ^= Da; \
102
+ Bku = ROL64(A##sa, 18); \
103
+ E##ka = Bka ^( Bke | Bki ); \
104
+ Ca ^= E##ka; \
105
+ E##ke = Bke ^( Bki & Bko ); \
106
+ Ce ^= E##ke; \
107
+ E##ki = Bki ^((~Bko)& Bku ); \
108
+ Ci ^= E##ki; \
109
+ E##ko = (~Bko)^( Bku | Bka ); \
110
+ Co ^= E##ko; \
111
+ E##ku = Bku ^( Bka & Bke ); \
112
+ Cu ^= E##ku; \
113
+ \
114
+ A##bu ^= Du; \
115
+ Bma = ROL64(A##bu, 27); \
116
+ A##ga ^= Da; \
117
+ Bme = ROL64(A##ga, 36); \
118
+ A##ke ^= De; \
119
+ Bmi = ROL64(A##ke, 10); \
120
+ A##mi ^= Di; \
121
+ Bmo = ROL64(A##mi, 15); \
122
+ A##so ^= Do; \
123
+ Bmu = ROL64(A##so, 56); \
124
+ E##ma = Bma ^( Bme & Bmi ); \
125
+ Ca ^= E##ma; \
126
+ E##me = Bme ^( Bmi | Bmo ); \
127
+ Ce ^= E##me; \
128
+ E##mi = Bmi ^((~Bmo)| Bmu ); \
129
+ Ci ^= E##mi; \
130
+ E##mo = (~Bmo)^( Bmu & Bma ); \
131
+ Co ^= E##mo; \
132
+ E##mu = Bmu ^( Bma | Bme ); \
133
+ Cu ^= E##mu; \
134
+ \
135
+ A##bi ^= Di; \
136
+ Bsa = ROL64(A##bi, 62); \
137
+ A##go ^= Do; \
138
+ Bse = ROL64(A##go, 55); \
139
+ A##ku ^= Du; \
140
+ Bsi = ROL64(A##ku, 39); \
141
+ A##ma ^= Da; \
142
+ Bso = ROL64(A##ma, 41); \
143
+ A##se ^= De; \
144
+ Bsu = ROL64(A##se, 2); \
145
+ E##sa = Bsa ^((~Bse)& Bsi ); \
146
+ Ca ^= E##sa; \
147
+ E##se = (~Bse)^( Bsi | Bso ); \
148
+ Ce ^= E##se; \
149
+ E##si = Bsi ^( Bso & Bsu ); \
150
+ Ci ^= E##si; \
151
+ E##so = Bso ^( Bsu | Bsa ); \
152
+ Co ^= E##so; \
153
+ E##su = Bsu ^( Bsa & Bse ); \
154
+ Cu ^= E##su; \
155
+ \
156
+
157
+ /* --- Code for round (lane complementing pattern 'bebigokimisa') */
158
+ /* --- 64-bit lanes mapped to 64-bit words */
159
+ #define thetaRhoPiChiIota(i, A, E) \
160
+ Da = Cu^ROL64(Ce, 1); \
161
+ De = Ca^ROL64(Ci, 1); \
162
+ Di = Ce^ROL64(Co, 1); \
163
+ Do = Ci^ROL64(Cu, 1); \
164
+ Du = Co^ROL64(Ca, 1); \
165
+ \
166
+ A##ba ^= Da; \
167
+ Bba = A##ba; \
168
+ A##ge ^= De; \
169
+ Bbe = ROL64(A##ge, 44); \
170
+ A##ki ^= Di; \
171
+ Bbi = ROL64(A##ki, 43); \
172
+ A##mo ^= Do; \
173
+ Bbo = ROL64(A##mo, 21); \
174
+ A##su ^= Du; \
175
+ Bbu = ROL64(A##su, 14); \
176
+ E##ba = Bba ^( Bbe | Bbi ); \
177
+ E##ba ^= KeccakF1600RoundConstants[i]; \
178
+ E##be = Bbe ^((~Bbi)| Bbo ); \
179
+ E##bi = Bbi ^( Bbo & Bbu ); \
180
+ E##bo = Bbo ^( Bbu | Bba ); \
181
+ E##bu = Bbu ^( Bba & Bbe ); \
182
+ \
183
+ A##bo ^= Do; \
184
+ Bga = ROL64(A##bo, 28); \
185
+ A##gu ^= Du; \
186
+ Bge = ROL64(A##gu, 20); \
187
+ A##ka ^= Da; \
188
+ Bgi = ROL64(A##ka, 3); \
189
+ A##me ^= De; \
190
+ Bgo = ROL64(A##me, 45); \
191
+ A##si ^= Di; \
192
+ Bgu = ROL64(A##si, 61); \
193
+ E##ga = Bga ^( Bge | Bgi ); \
194
+ E##ge = Bge ^( Bgi & Bgo ); \
195
+ E##gi = Bgi ^( Bgo |(~Bgu)); \
196
+ E##go = Bgo ^( Bgu | Bga ); \
197
+ E##gu = Bgu ^( Bga & Bge ); \
198
+ \
199
+ A##be ^= De; \
200
+ Bka = ROL64(A##be, 1); \
201
+ A##gi ^= Di; \
202
+ Bke = ROL64(A##gi, 6); \
203
+ A##ko ^= Do; \
204
+ Bki = ROL64(A##ko, 25); \
205
+ A##mu ^= Du; \
206
+ Bko = ROL64(A##mu, 8); \
207
+ A##sa ^= Da; \
208
+ Bku = ROL64(A##sa, 18); \
209
+ E##ka = Bka ^( Bke | Bki ); \
210
+ E##ke = Bke ^( Bki & Bko ); \
211
+ E##ki = Bki ^((~Bko)& Bku ); \
212
+ E##ko = (~Bko)^( Bku | Bka ); \
213
+ E##ku = Bku ^( Bka & Bke ); \
214
+ \
215
+ A##bu ^= Du; \
216
+ Bma = ROL64(A##bu, 27); \
217
+ A##ga ^= Da; \
218
+ Bme = ROL64(A##ga, 36); \
219
+ A##ke ^= De; \
220
+ Bmi = ROL64(A##ke, 10); \
221
+ A##mi ^= Di; \
222
+ Bmo = ROL64(A##mi, 15); \
223
+ A##so ^= Do; \
224
+ Bmu = ROL64(A##so, 56); \
225
+ E##ma = Bma ^( Bme & Bmi ); \
226
+ E##me = Bme ^( Bmi | Bmo ); \
227
+ E##mi = Bmi ^((~Bmo)| Bmu ); \
228
+ E##mo = (~Bmo)^( Bmu & Bma ); \
229
+ E##mu = Bmu ^( Bma | Bme ); \
230
+ \
231
+ A##bi ^= Di; \
232
+ Bsa = ROL64(A##bi, 62); \
233
+ A##go ^= Do; \
234
+ Bse = ROL64(A##go, 55); \
235
+ A##ku ^= Du; \
236
+ Bsi = ROL64(A##ku, 39); \
237
+ A##ma ^= Da; \
238
+ Bso = ROL64(A##ma, 41); \
239
+ A##se ^= De; \
240
+ Bsu = ROL64(A##se, 2); \
241
+ E##sa = Bsa ^((~Bse)& Bsi ); \
242
+ E##se = (~Bse)^( Bsi | Bso ); \
243
+ E##si = Bsi ^( Bso & Bsu ); \
244
+ E##so = Bso ^( Bsu | Bsa ); \
245
+ E##su = Bsu ^( Bsa & Bse ); \
246
+ \
247
+
248
+ #else /* UseBebigokimisa */
249
+ /* --- Code for round, with prepare-theta */
250
+ /* --- 64-bit lanes mapped to 64-bit words */
251
+ #define thetaRhoPiChiIotaPrepareTheta(i, A, E) \
252
+ Da = Cu^ROL64(Ce, 1); \
253
+ De = Ca^ROL64(Ci, 1); \
254
+ Di = Ce^ROL64(Co, 1); \
255
+ Do = Ci^ROL64(Cu, 1); \
256
+ Du = Co^ROL64(Ca, 1); \
257
+ \
258
+ A##ba ^= Da; \
259
+ Bba = A##ba; \
260
+ A##ge ^= De; \
261
+ Bbe = ROL64(A##ge, 44); \
262
+ A##ki ^= Di; \
263
+ Bbi = ROL64(A##ki, 43); \
264
+ A##mo ^= Do; \
265
+ Bbo = ROL64(A##mo, 21); \
266
+ A##su ^= Du; \
267
+ Bbu = ROL64(A##su, 14); \
268
+ E##ba = Bba ^((~Bbe)& Bbi ); \
269
+ E##ba ^= KeccakF1600RoundConstants[i]; \
270
+ Ca = E##ba; \
271
+ E##be = Bbe ^((~Bbi)& Bbo ); \
272
+ Ce = E##be; \
273
+ E##bi = Bbi ^((~Bbo)& Bbu ); \
274
+ Ci = E##bi; \
275
+ E##bo = Bbo ^((~Bbu)& Bba ); \
276
+ Co = E##bo; \
277
+ E##bu = Bbu ^((~Bba)& Bbe ); \
278
+ Cu = E##bu; \
279
+ \
280
+ A##bo ^= Do; \
281
+ Bga = ROL64(A##bo, 28); \
282
+ A##gu ^= Du; \
283
+ Bge = ROL64(A##gu, 20); \
284
+ A##ka ^= Da; \
285
+ Bgi = ROL64(A##ka, 3); \
286
+ A##me ^= De; \
287
+ Bgo = ROL64(A##me, 45); \
288
+ A##si ^= Di; \
289
+ Bgu = ROL64(A##si, 61); \
290
+ E##ga = Bga ^((~Bge)& Bgi ); \
291
+ Ca ^= E##ga; \
292
+ E##ge = Bge ^((~Bgi)& Bgo ); \
293
+ Ce ^= E##ge; \
294
+ E##gi = Bgi ^((~Bgo)& Bgu ); \
295
+ Ci ^= E##gi; \
296
+ E##go = Bgo ^((~Bgu)& Bga ); \
297
+ Co ^= E##go; \
298
+ E##gu = Bgu ^((~Bga)& Bge ); \
299
+ Cu ^= E##gu; \
300
+ \
301
+ A##be ^= De; \
302
+ Bka = ROL64(A##be, 1); \
303
+ A##gi ^= Di; \
304
+ Bke = ROL64(A##gi, 6); \
305
+ A##ko ^= Do; \
306
+ Bki = ROL64(A##ko, 25); \
307
+ A##mu ^= Du; \
308
+ Bko = ROL64(A##mu, 8); \
309
+ A##sa ^= Da; \
310
+ Bku = ROL64(A##sa, 18); \
311
+ E##ka = Bka ^((~Bke)& Bki ); \
312
+ Ca ^= E##ka; \
313
+ E##ke = Bke ^((~Bki)& Bko ); \
314
+ Ce ^= E##ke; \
315
+ E##ki = Bki ^((~Bko)& Bku ); \
316
+ Ci ^= E##ki; \
317
+ E##ko = Bko ^((~Bku)& Bka ); \
318
+ Co ^= E##ko; \
319
+ E##ku = Bku ^((~Bka)& Bke ); \
320
+ Cu ^= E##ku; \
321
+ \
322
+ A##bu ^= Du; \
323
+ Bma = ROL64(A##bu, 27); \
324
+ A##ga ^= Da; \
325
+ Bme = ROL64(A##ga, 36); \
326
+ A##ke ^= De; \
327
+ Bmi = ROL64(A##ke, 10); \
328
+ A##mi ^= Di; \
329
+ Bmo = ROL64(A##mi, 15); \
330
+ A##so ^= Do; \
331
+ Bmu = ROL64(A##so, 56); \
332
+ E##ma = Bma ^((~Bme)& Bmi ); \
333
+ Ca ^= E##ma; \
334
+ E##me = Bme ^((~Bmi)& Bmo ); \
335
+ Ce ^= E##me; \
336
+ E##mi = Bmi ^((~Bmo)& Bmu ); \
337
+ Ci ^= E##mi; \
338
+ E##mo = Bmo ^((~Bmu)& Bma ); \
339
+ Co ^= E##mo; \
340
+ E##mu = Bmu ^((~Bma)& Bme ); \
341
+ Cu ^= E##mu; \
342
+ \
343
+ A##bi ^= Di; \
344
+ Bsa = ROL64(A##bi, 62); \
345
+ A##go ^= Do; \
346
+ Bse = ROL64(A##go, 55); \
347
+ A##ku ^= Du; \
348
+ Bsi = ROL64(A##ku, 39); \
349
+ A##ma ^= Da; \
350
+ Bso = ROL64(A##ma, 41); \
351
+ A##se ^= De; \
352
+ Bsu = ROL64(A##se, 2); \
353
+ E##sa = Bsa ^((~Bse)& Bsi ); \
354
+ Ca ^= E##sa; \
355
+ E##se = Bse ^((~Bsi)& Bso ); \
356
+ Ce ^= E##se; \
357
+ E##si = Bsi ^((~Bso)& Bsu ); \
358
+ Ci ^= E##si; \
359
+ E##so = Bso ^((~Bsu)& Bsa ); \
360
+ Co ^= E##so; \
361
+ E##su = Bsu ^((~Bsa)& Bse ); \
362
+ Cu ^= E##su; \
363
+ \
364
+
365
+ /* --- Code for round */
366
+ /* --- 64-bit lanes mapped to 64-bit words */
367
+ #define thetaRhoPiChiIota(i, A, E) \
368
+ Da = Cu^ROL64(Ce, 1); \
369
+ De = Ca^ROL64(Ci, 1); \
370
+ Di = Ce^ROL64(Co, 1); \
371
+ Do = Ci^ROL64(Cu, 1); \
372
+ Du = Co^ROL64(Ca, 1); \
373
+ \
374
+ A##ba ^= Da; \
375
+ Bba = A##ba; \
376
+ A##ge ^= De; \
377
+ Bbe = ROL64(A##ge, 44); \
378
+ A##ki ^= Di; \
379
+ Bbi = ROL64(A##ki, 43); \
380
+ A##mo ^= Do; \
381
+ Bbo = ROL64(A##mo, 21); \
382
+ A##su ^= Du; \
383
+ Bbu = ROL64(A##su, 14); \
384
+ E##ba = Bba ^((~Bbe)& Bbi ); \
385
+ E##ba ^= KeccakF1600RoundConstants[i]; \
386
+ E##be = Bbe ^((~Bbi)& Bbo ); \
387
+ E##bi = Bbi ^((~Bbo)& Bbu ); \
388
+ E##bo = Bbo ^((~Bbu)& Bba ); \
389
+ E##bu = Bbu ^((~Bba)& Bbe ); \
390
+ \
391
+ A##bo ^= Do; \
392
+ Bga = ROL64(A##bo, 28); \
393
+ A##gu ^= Du; \
394
+ Bge = ROL64(A##gu, 20); \
395
+ A##ka ^= Da; \
396
+ Bgi = ROL64(A##ka, 3); \
397
+ A##me ^= De; \
398
+ Bgo = ROL64(A##me, 45); \
399
+ A##si ^= Di; \
400
+ Bgu = ROL64(A##si, 61); \
401
+ E##ga = Bga ^((~Bge)& Bgi ); \
402
+ E##ge = Bge ^((~Bgi)& Bgo ); \
403
+ E##gi = Bgi ^((~Bgo)& Bgu ); \
404
+ E##go = Bgo ^((~Bgu)& Bga ); \
405
+ E##gu = Bgu ^((~Bga)& Bge ); \
406
+ \
407
+ A##be ^= De; \
408
+ Bka = ROL64(A##be, 1); \
409
+ A##gi ^= Di; \
410
+ Bke = ROL64(A##gi, 6); \
411
+ A##ko ^= Do; \
412
+ Bki = ROL64(A##ko, 25); \
413
+ A##mu ^= Du; \
414
+ Bko = ROL64(A##mu, 8); \
415
+ A##sa ^= Da; \
416
+ Bku = ROL64(A##sa, 18); \
417
+ E##ka = Bka ^((~Bke)& Bki ); \
418
+ E##ke = Bke ^((~Bki)& Bko ); \
419
+ E##ki = Bki ^((~Bko)& Bku ); \
420
+ E##ko = Bko ^((~Bku)& Bka ); \
421
+ E##ku = Bku ^((~Bka)& Bke ); \
422
+ \
423
+ A##bu ^= Du; \
424
+ Bma = ROL64(A##bu, 27); \
425
+ A##ga ^= Da; \
426
+ Bme = ROL64(A##ga, 36); \
427
+ A##ke ^= De; \
428
+ Bmi = ROL64(A##ke, 10); \
429
+ A##mi ^= Di; \
430
+ Bmo = ROL64(A##mi, 15); \
431
+ A##so ^= Do; \
432
+ Bmu = ROL64(A##so, 56); \
433
+ E##ma = Bma ^((~Bme)& Bmi ); \
434
+ E##me = Bme ^((~Bmi)& Bmo ); \
435
+ E##mi = Bmi ^((~Bmo)& Bmu ); \
436
+ E##mo = Bmo ^((~Bmu)& Bma ); \
437
+ E##mu = Bmu ^((~Bma)& Bme ); \
438
+ \
439
+ A##bi ^= Di; \
440
+ Bsa = ROL64(A##bi, 62); \
441
+ A##go ^= Do; \
442
+ Bse = ROL64(A##go, 55); \
443
+ A##ku ^= Du; \
444
+ Bsi = ROL64(A##ku, 39); \
445
+ A##ma ^= Da; \
446
+ Bso = ROL64(A##ma, 41); \
447
+ A##se ^= De; \
448
+ Bsu = ROL64(A##se, 2); \
449
+ E##sa = Bsa ^((~Bse)& Bsi ); \
450
+ E##se = Bse ^((~Bsi)& Bso ); \
451
+ E##si = Bsi ^((~Bso)& Bsu ); \
452
+ E##so = Bso ^((~Bsu)& Bsa ); \
453
+ E##su = Bsu ^((~Bsa)& Bse ); \
454
+ \
455
+
456
+ #endif /* UseBebigokimisa */
457
+
458
+ #define copyFromState(X, state) \
459
+ X##ba = state[ 0]; \
460
+ X##be = state[ 1]; \
461
+ X##bi = state[ 2]; \
462
+ X##bo = state[ 3]; \
463
+ X##bu = state[ 4]; \
464
+ X##ga = state[ 5]; \
465
+ X##ge = state[ 6]; \
466
+ X##gi = state[ 7]; \
467
+ X##go = state[ 8]; \
468
+ X##gu = state[ 9]; \
469
+ X##ka = state[10]; \
470
+ X##ke = state[11]; \
471
+ X##ki = state[12]; \
472
+ X##ko = state[13]; \
473
+ X##ku = state[14]; \
474
+ X##ma = state[15]; \
475
+ X##me = state[16]; \
476
+ X##mi = state[17]; \
477
+ X##mo = state[18]; \
478
+ X##mu = state[19]; \
479
+ X##sa = state[20]; \
480
+ X##se = state[21]; \
481
+ X##si = state[22]; \
482
+ X##so = state[23]; \
483
+ X##su = state[24]; \
484
+
485
+ #define copyToState(state, X) \
486
+ state[ 0] = X##ba; \
487
+ state[ 1] = X##be; \
488
+ state[ 2] = X##bi; \
489
+ state[ 3] = X##bo; \
490
+ state[ 4] = X##bu; \
491
+ state[ 5] = X##ga; \
492
+ state[ 6] = X##ge; \
493
+ state[ 7] = X##gi; \
494
+ state[ 8] = X##go; \
495
+ state[ 9] = X##gu; \
496
+ state[10] = X##ka; \
497
+ state[11] = X##ke; \
498
+ state[12] = X##ki; \
499
+ state[13] = X##ko; \
500
+ state[14] = X##ku; \
501
+ state[15] = X##ma; \
502
+ state[16] = X##me; \
503
+ state[17] = X##mi; \
504
+ state[18] = X##mo; \
505
+ state[19] = X##mu; \
506
+ state[20] = X##sa; \
507
+ state[21] = X##se; \
508
+ state[22] = X##si; \
509
+ state[23] = X##so; \
510
+ state[24] = X##su; \
511
+
512
+ #define copyStateVariables(X, Y) \
513
+ X##ba = Y##ba; \
514
+ X##be = Y##be; \
515
+ X##bi = Y##bi; \
516
+ X##bo = Y##bo; \
517
+ X##bu = Y##bu; \
518
+ X##ga = Y##ga; \
519
+ X##ge = Y##ge; \
520
+ X##gi = Y##gi; \
521
+ X##go = Y##go; \
522
+ X##gu = Y##gu; \
523
+ X##ka = Y##ka; \
524
+ X##ke = Y##ke; \
525
+ X##ki = Y##ki; \
526
+ X##ko = Y##ko; \
527
+ X##ku = Y##ku; \
528
+ X##ma = Y##ma; \
529
+ X##me = Y##me; \
530
+ X##mi = Y##mi; \
531
+ X##mo = Y##mo; \
532
+ X##mu = Y##mu; \
533
+ X##sa = Y##sa; \
534
+ X##se = Y##se; \
535
+ X##si = Y##si; \
536
+ X##so = Y##so; \
537
+ X##su = Y##su; \
538
+
539
+ #define copyFromStateAndAdd(X, state, input, laneCount) \
540
+ if (laneCount < 16) { \
541
+ if (laneCount < 8) { \
542
+ if (laneCount < 4) { \
543
+ if (laneCount < 2) { \
544
+ if (laneCount < 1) { \
545
+ X##ba = state[ 0]; \
546
+ } \
547
+ else { \
548
+ X##ba = state[ 0]^input[ 0]; \
549
+ } \
550
+ X##be = state[ 1]; \
551
+ X##bi = state[ 2]; \
552
+ } \
553
+ else { \
554
+ X##ba = state[ 0]^input[ 0]; \
555
+ X##be = state[ 1]^input[ 1]; \
556
+ if (laneCount < 3) { \
557
+ X##bi = state[ 2]; \
558
+ } \
559
+ else { \
560
+ X##bi = state[ 2]^input[ 2]; \
561
+ } \
562
+ } \
563
+ X##bo = state[ 3]; \
564
+ X##bu = state[ 4]; \
565
+ X##ga = state[ 5]; \
566
+ X##ge = state[ 6]; \
567
+ } \
568
+ else { \
569
+ X##ba = state[ 0]^input[ 0]; \
570
+ X##be = state[ 1]^input[ 1]; \
571
+ X##bi = state[ 2]^input[ 2]; \
572
+ X##bo = state[ 3]^input[ 3]; \
573
+ if (laneCount < 6) { \
574
+ if (laneCount < 5) { \
575
+ X##bu = state[ 4]; \
576
+ } \
577
+ else { \
578
+ X##bu = state[ 4]^input[ 4]; \
579
+ } \
580
+ X##ga = state[ 5]; \
581
+ X##ge = state[ 6]; \
582
+ } \
583
+ else { \
584
+ X##bu = state[ 4]^input[ 4]; \
585
+ X##ga = state[ 5]^input[ 5]; \
586
+ if (laneCount < 7) { \
587
+ X##ge = state[ 6]; \
588
+ } \
589
+ else { \
590
+ X##ge = state[ 6]^input[ 6]; \
591
+ } \
592
+ } \
593
+ } \
594
+ X##gi = state[ 7]; \
595
+ X##go = state[ 8]; \
596
+ X##gu = state[ 9]; \
597
+ X##ka = state[10]; \
598
+ X##ke = state[11]; \
599
+ X##ki = state[12]; \
600
+ X##ko = state[13]; \
601
+ X##ku = state[14]; \
602
+ } \
603
+ else { \
604
+ X##ba = state[ 0]^input[ 0]; \
605
+ X##be = state[ 1]^input[ 1]; \
606
+ X##bi = state[ 2]^input[ 2]; \
607
+ X##bo = state[ 3]^input[ 3]; \
608
+ X##bu = state[ 4]^input[ 4]; \
609
+ X##ga = state[ 5]^input[ 5]; \
610
+ X##ge = state[ 6]^input[ 6]; \
611
+ X##gi = state[ 7]^input[ 7]; \
612
+ if (laneCount < 12) { \
613
+ if (laneCount < 10) { \
614
+ if (laneCount < 9) { \
615
+ X##go = state[ 8]; \
616
+ } \
617
+ else { \
618
+ X##go = state[ 8]^input[ 8]; \
619
+ } \
620
+ X##gu = state[ 9]; \
621
+ X##ka = state[10]; \
622
+ } \
623
+ else { \
624
+ X##go = state[ 8]^input[ 8]; \
625
+ X##gu = state[ 9]^input[ 9]; \
626
+ if (laneCount < 11) { \
627
+ X##ka = state[10]; \
628
+ } \
629
+ else { \
630
+ X##ka = state[10]^input[10]; \
631
+ } \
632
+ } \
633
+ X##ke = state[11]; \
634
+ X##ki = state[12]; \
635
+ X##ko = state[13]; \
636
+ X##ku = state[14]; \
637
+ } \
638
+ else { \
639
+ X##go = state[ 8]^input[ 8]; \
640
+ X##gu = state[ 9]^input[ 9]; \
641
+ X##ka = state[10]^input[10]; \
642
+ X##ke = state[11]^input[11]; \
643
+ if (laneCount < 14) { \
644
+ if (laneCount < 13) { \
645
+ X##ki = state[12]; \
646
+ } \
647
+ else { \
648
+ X##ki = state[12]^input[12]; \
649
+ } \
650
+ X##ko = state[13]; \
651
+ X##ku = state[14]; \
652
+ } \
653
+ else { \
654
+ X##ki = state[12]^input[12]; \
655
+ X##ko = state[13]^input[13]; \
656
+ if (laneCount < 15) { \
657
+ X##ku = state[14]; \
658
+ } \
659
+ else { \
660
+ X##ku = state[14]^input[14]; \
661
+ } \
662
+ } \
663
+ } \
664
+ } \
665
+ X##ma = state[15]; \
666
+ X##me = state[16]; \
667
+ X##mi = state[17]; \
668
+ X##mo = state[18]; \
669
+ X##mu = state[19]; \
670
+ X##sa = state[20]; \
671
+ X##se = state[21]; \
672
+ X##si = state[22]; \
673
+ X##so = state[23]; \
674
+ X##su = state[24]; \
675
+ } \
676
+ else { \
677
+ X##ba = state[ 0]^input[ 0]; \
678
+ X##be = state[ 1]^input[ 1]; \
679
+ X##bi = state[ 2]^input[ 2]; \
680
+ X##bo = state[ 3]^input[ 3]; \
681
+ X##bu = state[ 4]^input[ 4]; \
682
+ X##ga = state[ 5]^input[ 5]; \
683
+ X##ge = state[ 6]^input[ 6]; \
684
+ X##gi = state[ 7]^input[ 7]; \
685
+ X##go = state[ 8]^input[ 8]; \
686
+ X##gu = state[ 9]^input[ 9]; \
687
+ X##ka = state[10]^input[10]; \
688
+ X##ke = state[11]^input[11]; \
689
+ X##ki = state[12]^input[12]; \
690
+ X##ko = state[13]^input[13]; \
691
+ X##ku = state[14]^input[14]; \
692
+ X##ma = state[15]^input[15]; \
693
+ if (laneCount < 24) { \
694
+ if (laneCount < 20) { \
695
+ if (laneCount < 18) { \
696
+ if (laneCount < 17) { \
697
+ X##me = state[16]; \
698
+ } \
699
+ else { \
700
+ X##me = state[16]^input[16]; \
701
+ } \
702
+ X##mi = state[17]; \
703
+ X##mo = state[18]; \
704
+ } \
705
+ else { \
706
+ X##me = state[16]^input[16]; \
707
+ X##mi = state[17]^input[17]; \
708
+ if (laneCount < 19) { \
709
+ X##mo = state[18]; \
710
+ } \
711
+ else { \
712
+ X##mo = state[18]^input[18]; \
713
+ } \
714
+ } \
715
+ X##mu = state[19]; \
716
+ X##sa = state[20]; \
717
+ X##se = state[21]; \
718
+ X##si = state[22]; \
719
+ } \
720
+ else { \
721
+ X##me = state[16]^input[16]; \
722
+ X##mi = state[17]^input[17]; \
723
+ X##mo = state[18]^input[18]; \
724
+ X##mu = state[19]^input[19]; \
725
+ if (laneCount < 22) { \
726
+ if (laneCount < 21) { \
727
+ X##sa = state[20]; \
728
+ } \
729
+ else { \
730
+ X##sa = state[20]^input[20]; \
731
+ } \
732
+ X##se = state[21]; \
733
+ X##si = state[22]; \
734
+ } \
735
+ else { \
736
+ X##sa = state[20]^input[20]; \
737
+ X##se = state[21]^input[21]; \
738
+ if (laneCount < 23) { \
739
+ X##si = state[22]; \
740
+ } \
741
+ else { \
742
+ X##si = state[22]^input[22]; \
743
+ } \
744
+ } \
745
+ } \
746
+ X##so = state[23]; \
747
+ X##su = state[24]; \
748
+ } \
749
+ else { \
750
+ X##me = state[16]^input[16]; \
751
+ X##mi = state[17]^input[17]; \
752
+ X##mo = state[18]^input[18]; \
753
+ X##mu = state[19]^input[19]; \
754
+ X##sa = state[20]^input[20]; \
755
+ X##se = state[21]^input[21]; \
756
+ X##si = state[22]^input[22]; \
757
+ X##so = state[23]^input[23]; \
758
+ if (laneCount < 25) { \
759
+ X##su = state[24]; \
760
+ } \
761
+ else { \
762
+ X##su = state[24]^input[24]; \
763
+ } \
764
+ } \
765
+ }
766
+
767
+ #define addInput(X, input, laneCount) \
768
+ if (laneCount == 21) { \
769
+ X##ba ^= input[ 0]; \
770
+ X##be ^= input[ 1]; \
771
+ X##bi ^= input[ 2]; \
772
+ X##bo ^= input[ 3]; \
773
+ X##bu ^= input[ 4]; \
774
+ X##ga ^= input[ 5]; \
775
+ X##ge ^= input[ 6]; \
776
+ X##gi ^= input[ 7]; \
777
+ X##go ^= input[ 8]; \
778
+ X##gu ^= input[ 9]; \
779
+ X##ka ^= input[10]; \
780
+ X##ke ^= input[11]; \
781
+ X##ki ^= input[12]; \
782
+ X##ko ^= input[13]; \
783
+ X##ku ^= input[14]; \
784
+ X##ma ^= input[15]; \
785
+ X##me ^= input[16]; \
786
+ X##mi ^= input[17]; \
787
+ X##mo ^= input[18]; \
788
+ X##mu ^= input[19]; \
789
+ X##sa ^= input[20]; \
790
+ } \
791
+ else if (laneCount < 16) { \
792
+ if (laneCount < 8) { \
793
+ if (laneCount < 4) { \
794
+ if (laneCount < 2) { \
795
+ if (laneCount < 1) { \
796
+ } \
797
+ else { \
798
+ X##ba ^= input[ 0]; \
799
+ } \
800
+ } \
801
+ else { \
802
+ X##ba ^= input[ 0]; \
803
+ X##be ^= input[ 1]; \
804
+ if (laneCount < 3) { \
805
+ } \
806
+ else { \
807
+ X##bi ^= input[ 2]; \
808
+ } \
809
+ } \
810
+ } \
811
+ else { \
812
+ X##ba ^= input[ 0]; \
813
+ X##be ^= input[ 1]; \
814
+ X##bi ^= input[ 2]; \
815
+ X##bo ^= input[ 3]; \
816
+ if (laneCount < 6) { \
817
+ if (laneCount < 5) { \
818
+ } \
819
+ else { \
820
+ X##bu ^= input[ 4]; \
821
+ } \
822
+ } \
823
+ else { \
824
+ X##bu ^= input[ 4]; \
825
+ X##ga ^= input[ 5]; \
826
+ if (laneCount < 7) { \
827
+ } \
828
+ else { \
829
+ X##ge ^= input[ 6]; \
830
+ } \
831
+ } \
832
+ } \
833
+ } \
834
+ else { \
835
+ X##ba ^= input[ 0]; \
836
+ X##be ^= input[ 1]; \
837
+ X##bi ^= input[ 2]; \
838
+ X##bo ^= input[ 3]; \
839
+ X##bu ^= input[ 4]; \
840
+ X##ga ^= input[ 5]; \
841
+ X##ge ^= input[ 6]; \
842
+ X##gi ^= input[ 7]; \
843
+ if (laneCount < 12) { \
844
+ if (laneCount < 10) { \
845
+ if (laneCount < 9) { \
846
+ } \
847
+ else { \
848
+ X##go ^= input[ 8]; \
849
+ } \
850
+ } \
851
+ else { \
852
+ X##go ^= input[ 8]; \
853
+ X##gu ^= input[ 9]; \
854
+ if (laneCount < 11) { \
855
+ } \
856
+ else { \
857
+ X##ka ^= input[10]; \
858
+ } \
859
+ } \
860
+ } \
861
+ else { \
862
+ X##go ^= input[ 8]; \
863
+ X##gu ^= input[ 9]; \
864
+ X##ka ^= input[10]; \
865
+ X##ke ^= input[11]; \
866
+ if (laneCount < 14) { \
867
+ if (laneCount < 13) { \
868
+ } \
869
+ else { \
870
+ X##ki ^= input[12]; \
871
+ } \
872
+ } \
873
+ else { \
874
+ X##ki ^= input[12]; \
875
+ X##ko ^= input[13]; \
876
+ if (laneCount < 15) { \
877
+ } \
878
+ else { \
879
+ X##ku ^= input[14]; \
880
+ } \
881
+ } \
882
+ } \
883
+ } \
884
+ } \
885
+ else { \
886
+ X##ba ^= input[ 0]; \
887
+ X##be ^= input[ 1]; \
888
+ X##bi ^= input[ 2]; \
889
+ X##bo ^= input[ 3]; \
890
+ X##bu ^= input[ 4]; \
891
+ X##ga ^= input[ 5]; \
892
+ X##ge ^= input[ 6]; \
893
+ X##gi ^= input[ 7]; \
894
+ X##go ^= input[ 8]; \
895
+ X##gu ^= input[ 9]; \
896
+ X##ka ^= input[10]; \
897
+ X##ke ^= input[11]; \
898
+ X##ki ^= input[12]; \
899
+ X##ko ^= input[13]; \
900
+ X##ku ^= input[14]; \
901
+ X##ma ^= input[15]; \
902
+ if (laneCount < 24) { \
903
+ if (laneCount < 20) { \
904
+ if (laneCount < 18) { \
905
+ if (laneCount < 17) { \
906
+ } \
907
+ else { \
908
+ X##me ^= input[16]; \
909
+ } \
910
+ } \
911
+ else { \
912
+ X##me ^= input[16]; \
913
+ X##mi ^= input[17]; \
914
+ if (laneCount < 19) { \
915
+ } \
916
+ else { \
917
+ X##mo ^= input[18]; \
918
+ } \
919
+ } \
920
+ } \
921
+ else { \
922
+ X##me ^= input[16]; \
923
+ X##mi ^= input[17]; \
924
+ X##mo ^= input[18]; \
925
+ X##mu ^= input[19]; \
926
+ if (laneCount < 22) { \
927
+ if (laneCount < 21) { \
928
+ } \
929
+ else { \
930
+ X##sa ^= input[20]; \
931
+ } \
932
+ } \
933
+ else { \
934
+ X##sa ^= input[20]; \
935
+ X##se ^= input[21]; \
936
+ if (laneCount < 23) { \
937
+ } \
938
+ else { \
939
+ X##si ^= input[22]; \
940
+ } \
941
+ } \
942
+ } \
943
+ } \
944
+ else { \
945
+ X##me ^= input[16]; \
946
+ X##mi ^= input[17]; \
947
+ X##mo ^= input[18]; \
948
+ X##mu ^= input[19]; \
949
+ X##sa ^= input[20]; \
950
+ X##se ^= input[21]; \
951
+ X##si ^= input[22]; \
952
+ X##so ^= input[23]; \
953
+ if (laneCount < 25) { \
954
+ } \
955
+ else { \
956
+ X##su ^= input[24]; \
957
+ } \
958
+ } \
959
+ }
960
+
961
+ #ifdef UseBebigokimisa
962
+
963
+ #define copyToStateAndOutput(X, state, output, laneCount) \
964
+ if (laneCount < 16) { \
965
+ if (laneCount < 8) { \
966
+ if (laneCount < 4) { \
967
+ if (laneCount < 2) { \
968
+ state[ 0] = X##ba; \
969
+ if (laneCount >= 1) { \
970
+ output[ 0] = X##ba; \
971
+ } \
972
+ state[ 1] = X##be; \
973
+ state[ 2] = X##bi; \
974
+ } \
975
+ else { \
976
+ state[ 0] = X##ba; \
977
+ output[ 0] = X##ba; \
978
+ state[ 1] = X##be; \
979
+ output[ 1] = ~X##be; \
980
+ state[ 2] = X##bi; \
981
+ if (laneCount >= 3) { \
982
+ output[ 2] = ~X##bi; \
983
+ } \
984
+ } \
985
+ state[ 3] = X##bo; \
986
+ state[ 4] = X##bu; \
987
+ state[ 5] = X##ga; \
988
+ state[ 6] = X##ge; \
989
+ } \
990
+ else { \
991
+ state[ 0] = X##ba; \
992
+ output[ 0] = X##ba; \
993
+ state[ 1] = X##be; \
994
+ output[ 1] = ~X##be; \
995
+ state[ 2] = X##bi; \
996
+ output[ 2] = ~X##bi; \
997
+ state[ 3] = X##bo; \
998
+ output[ 3] = X##bo; \
999
+ if (laneCount < 6) { \
1000
+ state[ 4] = X##bu; \
1001
+ if (laneCount >= 5) { \
1002
+ output[ 4] = X##bu; \
1003
+ } \
1004
+ state[ 5] = X##ga; \
1005
+ state[ 6] = X##ge; \
1006
+ } \
1007
+ else { \
1008
+ state[ 4] = X##bu; \
1009
+ output[ 4] = X##bu; \
1010
+ state[ 5] = X##ga; \
1011
+ output[ 5] = X##ga; \
1012
+ state[ 6] = X##ge; \
1013
+ if (laneCount >= 7) { \
1014
+ output[ 6] = X##ge; \
1015
+ } \
1016
+ } \
1017
+ } \
1018
+ state[ 7] = X##gi; \
1019
+ state[ 8] = X##go; \
1020
+ state[ 9] = X##gu; \
1021
+ state[10] = X##ka; \
1022
+ state[11] = X##ke; \
1023
+ state[12] = X##ki; \
1024
+ state[13] = X##ko; \
1025
+ state[14] = X##ku; \
1026
+ } \
1027
+ else { \
1028
+ state[ 0] = X##ba; \
1029
+ output[ 0] = X##ba; \
1030
+ state[ 1] = X##be; \
1031
+ output[ 1] = ~X##be; \
1032
+ state[ 2] = X##bi; \
1033
+ output[ 2] = ~X##bi; \
1034
+ state[ 3] = X##bo; \
1035
+ output[ 3] = X##bo; \
1036
+ state[ 4] = X##bu; \
1037
+ output[ 4] = X##bu; \
1038
+ state[ 5] = X##ga; \
1039
+ output[ 5] = X##ga; \
1040
+ state[ 6] = X##ge; \
1041
+ output[ 6] = X##ge; \
1042
+ state[ 7] = X##gi; \
1043
+ output[ 7] = X##gi; \
1044
+ if (laneCount < 12) { \
1045
+ if (laneCount < 10) { \
1046
+ state[ 8] = X##go; \
1047
+ if (laneCount >= 9) { \
1048
+ output[ 8] = ~X##go; \
1049
+ } \
1050
+ state[ 9] = X##gu; \
1051
+ state[10] = X##ka; \
1052
+ } \
1053
+ else { \
1054
+ state[ 8] = X##go; \
1055
+ output[ 8] = ~X##go; \
1056
+ state[ 9] = X##gu; \
1057
+ output[ 9] = X##gu; \
1058
+ state[10] = X##ka; \
1059
+ if (laneCount >= 11) { \
1060
+ output[10] = X##ka; \
1061
+ } \
1062
+ } \
1063
+ state[11] = X##ke; \
1064
+ state[12] = X##ki; \
1065
+ state[13] = X##ko; \
1066
+ state[14] = X##ku; \
1067
+ } \
1068
+ else { \
1069
+ state[ 8] = X##go; \
1070
+ output[ 8] = ~X##go; \
1071
+ state[ 9] = X##gu; \
1072
+ output[ 9] = X##gu; \
1073
+ state[10] = X##ka; \
1074
+ output[10] = X##ka; \
1075
+ state[11] = X##ke; \
1076
+ output[11] = X##ke; \
1077
+ if (laneCount < 14) { \
1078
+ state[12] = X##ki; \
1079
+ if (laneCount >= 13) { \
1080
+ output[12] = ~X##ki; \
1081
+ } \
1082
+ state[13] = X##ko; \
1083
+ state[14] = X##ku; \
1084
+ } \
1085
+ else { \
1086
+ state[12] = X##ki; \
1087
+ output[12] = ~X##ki; \
1088
+ state[13] = X##ko; \
1089
+ output[13] = X##ko; \
1090
+ state[14] = X##ku; \
1091
+ if (laneCount >= 15) { \
1092
+ output[14] = X##ku; \
1093
+ } \
1094
+ } \
1095
+ } \
1096
+ } \
1097
+ state[15] = X##ma; \
1098
+ state[16] = X##me; \
1099
+ state[17] = X##mi; \
1100
+ state[18] = X##mo; \
1101
+ state[19] = X##mu; \
1102
+ state[20] = X##sa; \
1103
+ state[21] = X##se; \
1104
+ state[22] = X##si; \
1105
+ state[23] = X##so; \
1106
+ state[24] = X##su; \
1107
+ } \
1108
+ else { \
1109
+ state[ 0] = X##ba; \
1110
+ output[ 0] = X##ba; \
1111
+ state[ 1] = X##be; \
1112
+ output[ 1] = ~X##be; \
1113
+ state[ 2] = X##bi; \
1114
+ output[ 2] = ~X##bi; \
1115
+ state[ 3] = X##bo; \
1116
+ output[ 3] = X##bo; \
1117
+ state[ 4] = X##bu; \
1118
+ output[ 4] = X##bu; \
1119
+ state[ 5] = X##ga; \
1120
+ output[ 5] = X##ga; \
1121
+ state[ 6] = X##ge; \
1122
+ output[ 6] = X##ge; \
1123
+ state[ 7] = X##gi; \
1124
+ output[ 7] = X##gi; \
1125
+ state[ 8] = X##go; \
1126
+ output[ 8] = ~X##go; \
1127
+ state[ 9] = X##gu; \
1128
+ output[ 9] = X##gu; \
1129
+ state[10] = X##ka; \
1130
+ output[10] = X##ka; \
1131
+ state[11] = X##ke; \
1132
+ output[11] = X##ke; \
1133
+ state[12] = X##ki; \
1134
+ output[12] = ~X##ki; \
1135
+ state[13] = X##ko; \
1136
+ output[13] = X##ko; \
1137
+ state[14] = X##ku; \
1138
+ output[14] = X##ku; \
1139
+ state[15] = X##ma; \
1140
+ output[15] = X##ma; \
1141
+ if (laneCount < 24) { \
1142
+ if (laneCount < 20) { \
1143
+ if (laneCount < 18) { \
1144
+ state[16] = X##me; \
1145
+ if (laneCount >= 17) { \
1146
+ output[16] = X##me; \
1147
+ } \
1148
+ state[17] = X##mi; \
1149
+ state[18] = X##mo; \
1150
+ } \
1151
+ else { \
1152
+ state[16] = X##me; \
1153
+ output[16] = X##me; \
1154
+ state[17] = X##mi; \
1155
+ output[17] = ~X##mi; \
1156
+ state[18] = X##mo; \
1157
+ if (laneCount >= 19) { \
1158
+ output[18] = X##mo; \
1159
+ } \
1160
+ } \
1161
+ state[19] = X##mu; \
1162
+ state[20] = X##sa; \
1163
+ state[21] = X##se; \
1164
+ state[22] = X##si; \
1165
+ } \
1166
+ else { \
1167
+ state[16] = X##me; \
1168
+ output[16] = X##me; \
1169
+ state[17] = X##mi; \
1170
+ output[17] = ~X##mi; \
1171
+ state[18] = X##mo; \
1172
+ output[18] = X##mo; \
1173
+ state[19] = X##mu; \
1174
+ output[19] = X##mu; \
1175
+ if (laneCount < 22) { \
1176
+ state[20] = X##sa; \
1177
+ if (laneCount >= 21) { \
1178
+ output[20] = ~X##sa; \
1179
+ } \
1180
+ state[21] = X##se; \
1181
+ state[22] = X##si; \
1182
+ } \
1183
+ else { \
1184
+ state[20] = X##sa; \
1185
+ output[20] = ~X##sa; \
1186
+ state[21] = X##se; \
1187
+ output[21] = X##se; \
1188
+ state[22] = X##si; \
1189
+ if (laneCount >= 23) { \
1190
+ output[22] = X##si; \
1191
+ } \
1192
+ } \
1193
+ } \
1194
+ state[23] = X##so; \
1195
+ state[24] = X##su; \
1196
+ } \
1197
+ else { \
1198
+ state[16] = X##me; \
1199
+ output[16] = X##me; \
1200
+ state[17] = X##mi; \
1201
+ output[17] = ~X##mi; \
1202
+ state[18] = X##mo; \
1203
+ output[18] = X##mo; \
1204
+ state[19] = X##mu; \
1205
+ output[19] = X##mu; \
1206
+ state[20] = X##sa; \
1207
+ output[20] = ~X##sa; \
1208
+ state[21] = X##se; \
1209
+ output[21] = X##se; \
1210
+ state[22] = X##si; \
1211
+ output[22] = X##si; \
1212
+ state[23] = X##so; \
1213
+ output[23] = X##so; \
1214
+ state[24] = X##su; \
1215
+ if (laneCount >= 25) { \
1216
+ output[24] = X##su; \
1217
+ } \
1218
+ } \
1219
+ }
1220
+
1221
+ #define output(X, output, laneCount) \
1222
+ if (laneCount < 16) { \
1223
+ if (laneCount < 8) { \
1224
+ if (laneCount < 4) { \
1225
+ if (laneCount < 2) { \
1226
+ if (laneCount >= 1) { \
1227
+ output[ 0] = X##ba; \
1228
+ } \
1229
+ } \
1230
+ else { \
1231
+ output[ 0] = X##ba; \
1232
+ output[ 1] = ~X##be; \
1233
+ if (laneCount >= 3) { \
1234
+ output[ 2] = ~X##bi; \
1235
+ } \
1236
+ } \
1237
+ } \
1238
+ else { \
1239
+ output[ 0] = X##ba; \
1240
+ output[ 1] = ~X##be; \
1241
+ output[ 2] = ~X##bi; \
1242
+ output[ 3] = X##bo; \
1243
+ if (laneCount < 6) { \
1244
+ if (laneCount >= 5) { \
1245
+ output[ 4] = X##bu; \
1246
+ } \
1247
+ } \
1248
+ else { \
1249
+ output[ 4] = X##bu; \
1250
+ output[ 5] = X##ga; \
1251
+ if (laneCount >= 7) { \
1252
+ output[ 6] = X##ge; \
1253
+ } \
1254
+ } \
1255
+ } \
1256
+ } \
1257
+ else { \
1258
+ output[ 0] = X##ba; \
1259
+ output[ 1] = ~X##be; \
1260
+ output[ 2] = ~X##bi; \
1261
+ output[ 3] = X##bo; \
1262
+ output[ 4] = X##bu; \
1263
+ output[ 5] = X##ga; \
1264
+ output[ 6] = X##ge; \
1265
+ output[ 7] = X##gi; \
1266
+ if (laneCount < 12) { \
1267
+ if (laneCount < 10) { \
1268
+ if (laneCount >= 9) { \
1269
+ output[ 8] = ~X##go; \
1270
+ } \
1271
+ } \
1272
+ else { \
1273
+ output[ 8] = ~X##go; \
1274
+ output[ 9] = X##gu; \
1275
+ if (laneCount >= 11) { \
1276
+ output[10] = X##ka; \
1277
+ } \
1278
+ } \
1279
+ } \
1280
+ else { \
1281
+ output[ 8] = ~X##go; \
1282
+ output[ 9] = X##gu; \
1283
+ output[10] = X##ka; \
1284
+ output[11] = X##ke; \
1285
+ if (laneCount < 14) { \
1286
+ if (laneCount >= 13) { \
1287
+ output[12] = ~X##ki; \
1288
+ } \
1289
+ } \
1290
+ else { \
1291
+ output[12] = ~X##ki; \
1292
+ output[13] = X##ko; \
1293
+ if (laneCount >= 15) { \
1294
+ output[14] = X##ku; \
1295
+ } \
1296
+ } \
1297
+ } \
1298
+ } \
1299
+ } \
1300
+ else { \
1301
+ output[ 0] = X##ba; \
1302
+ output[ 1] = ~X##be; \
1303
+ output[ 2] = ~X##bi; \
1304
+ output[ 3] = X##bo; \
1305
+ output[ 4] = X##bu; \
1306
+ output[ 5] = X##ga; \
1307
+ output[ 6] = X##ge; \
1308
+ output[ 7] = X##gi; \
1309
+ output[ 8] = ~X##go; \
1310
+ output[ 9] = X##gu; \
1311
+ output[10] = X##ka; \
1312
+ output[11] = X##ke; \
1313
+ output[12] = ~X##ki; \
1314
+ output[13] = X##ko; \
1315
+ output[14] = X##ku; \
1316
+ output[15] = X##ma; \
1317
+ if (laneCount < 24) { \
1318
+ if (laneCount < 20) { \
1319
+ if (laneCount < 18) { \
1320
+ if (laneCount >= 17) { \
1321
+ output[16] = X##me; \
1322
+ } \
1323
+ } \
1324
+ else { \
1325
+ output[16] = X##me; \
1326
+ output[17] = ~X##mi; \
1327
+ if (laneCount >= 19) { \
1328
+ output[18] = X##mo; \
1329
+ } \
1330
+ } \
1331
+ } \
1332
+ else { \
1333
+ output[16] = X##me; \
1334
+ output[17] = ~X##mi; \
1335
+ output[18] = X##mo; \
1336
+ output[19] = X##mu; \
1337
+ if (laneCount < 22) { \
1338
+ if (laneCount >= 21) { \
1339
+ output[20] = ~X##sa; \
1340
+ } \
1341
+ } \
1342
+ else { \
1343
+ output[20] = ~X##sa; \
1344
+ output[21] = X##se; \
1345
+ if (laneCount >= 23) { \
1346
+ output[22] = X##si; \
1347
+ } \
1348
+ } \
1349
+ } \
1350
+ } \
1351
+ else { \
1352
+ output[16] = X##me; \
1353
+ output[17] = ~X##mi; \
1354
+ output[18] = X##mo; \
1355
+ output[19] = X##mu; \
1356
+ output[20] = ~X##sa; \
1357
+ output[21] = X##se; \
1358
+ output[22] = X##si; \
1359
+ output[23] = X##so; \
1360
+ if (laneCount >= 25) { \
1361
+ output[24] = X##su; \
1362
+ } \
1363
+ } \
1364
+ }
1365
+
1366
+ #define wrapOne(X, input, output, index, name) \
1367
+ X##name ^= input[index]; \
1368
+ output[index] = X##name;
1369
+
1370
+ #define wrapOneInvert(X, input, output, index, name) \
1371
+ X##name ^= input[index]; \
1372
+ output[index] = ~X##name;
1373
+
1374
+ #define unwrapOne(X, input, output, index, name) \
1375
+ output[index] = input[index] ^ X##name; \
1376
+ X##name ^= output[index];
1377
+
1378
+ #define unwrapOneInvert(X, input, output, index, name) \
1379
+ output[index] = ~(input[index] ^ X##name); \
1380
+ X##name ^= output[index]; \
1381
+
1382
+ #else /* UseBebigokimisa */
1383
+
1384
+ #define copyToStateAndOutput(X, state, output, laneCount) \
1385
+ if (laneCount < 16) { \
1386
+ if (laneCount < 8) { \
1387
+ if (laneCount < 4) { \
1388
+ if (laneCount < 2) { \
1389
+ state[ 0] = X##ba; \
1390
+ if (laneCount >= 1) { \
1391
+ output[ 0] = X##ba; \
1392
+ } \
1393
+ state[ 1] = X##be; \
1394
+ state[ 2] = X##bi; \
1395
+ } \
1396
+ else { \
1397
+ state[ 0] = X##ba; \
1398
+ output[ 0] = X##ba; \
1399
+ state[ 1] = X##be; \
1400
+ output[ 1] = X##be; \
1401
+ state[ 2] = X##bi; \
1402
+ if (laneCount >= 3) { \
1403
+ output[ 2] = X##bi; \
1404
+ } \
1405
+ } \
1406
+ state[ 3] = X##bo; \
1407
+ state[ 4] = X##bu; \
1408
+ state[ 5] = X##ga; \
1409
+ state[ 6] = X##ge; \
1410
+ } \
1411
+ else { \
1412
+ state[ 0] = X##ba; \
1413
+ output[ 0] = X##ba; \
1414
+ state[ 1] = X##be; \
1415
+ output[ 1] = X##be; \
1416
+ state[ 2] = X##bi; \
1417
+ output[ 2] = X##bi; \
1418
+ state[ 3] = X##bo; \
1419
+ output[ 3] = X##bo; \
1420
+ if (laneCount < 6) { \
1421
+ state[ 4] = X##bu; \
1422
+ if (laneCount >= 5) { \
1423
+ output[ 4] = X##bu; \
1424
+ } \
1425
+ state[ 5] = X##ga; \
1426
+ state[ 6] = X##ge; \
1427
+ } \
1428
+ else { \
1429
+ state[ 4] = X##bu; \
1430
+ output[ 4] = X##bu; \
1431
+ state[ 5] = X##ga; \
1432
+ output[ 5] = X##ga; \
1433
+ state[ 6] = X##ge; \
1434
+ if (laneCount >= 7) { \
1435
+ output[ 6] = X##ge; \
1436
+ } \
1437
+ } \
1438
+ } \
1439
+ state[ 7] = X##gi; \
1440
+ state[ 8] = X##go; \
1441
+ state[ 9] = X##gu; \
1442
+ state[10] = X##ka; \
1443
+ state[11] = X##ke; \
1444
+ state[12] = X##ki; \
1445
+ state[13] = X##ko; \
1446
+ state[14] = X##ku; \
1447
+ } \
1448
+ else { \
1449
+ state[ 0] = X##ba; \
1450
+ output[ 0] = X##ba; \
1451
+ state[ 1] = X##be; \
1452
+ output[ 1] = X##be; \
1453
+ state[ 2] = X##bi; \
1454
+ output[ 2] = X##bi; \
1455
+ state[ 3] = X##bo; \
1456
+ output[ 3] = X##bo; \
1457
+ state[ 4] = X##bu; \
1458
+ output[ 4] = X##bu; \
1459
+ state[ 5] = X##ga; \
1460
+ output[ 5] = X##ga; \
1461
+ state[ 6] = X##ge; \
1462
+ output[ 6] = X##ge; \
1463
+ state[ 7] = X##gi; \
1464
+ output[ 7] = X##gi; \
1465
+ if (laneCount < 12) { \
1466
+ if (laneCount < 10) { \
1467
+ state[ 8] = X##go; \
1468
+ if (laneCount >= 9) { \
1469
+ output[ 8] = X##go; \
1470
+ } \
1471
+ state[ 9] = X##gu; \
1472
+ state[10] = X##ka; \
1473
+ } \
1474
+ else { \
1475
+ state[ 8] = X##go; \
1476
+ output[ 8] = X##go; \
1477
+ state[ 9] = X##gu; \
1478
+ output[ 9] = X##gu; \
1479
+ state[10] = X##ka; \
1480
+ if (laneCount >= 11) { \
1481
+ output[10] = X##ka; \
1482
+ } \
1483
+ } \
1484
+ state[11] = X##ke; \
1485
+ state[12] = X##ki; \
1486
+ state[13] = X##ko; \
1487
+ state[14] = X##ku; \
1488
+ } \
1489
+ else { \
1490
+ state[ 8] = X##go; \
1491
+ output[ 8] = X##go; \
1492
+ state[ 9] = X##gu; \
1493
+ output[ 9] = X##gu; \
1494
+ state[10] = X##ka; \
1495
+ output[10] = X##ka; \
1496
+ state[11] = X##ke; \
1497
+ output[11] = X##ke; \
1498
+ if (laneCount < 14) { \
1499
+ state[12] = X##ki; \
1500
+ if (laneCount >= 13) { \
1501
+ output[12]= X##ki; \
1502
+ } \
1503
+ state[13] = X##ko; \
1504
+ state[14] = X##ku; \
1505
+ } \
1506
+ else { \
1507
+ state[12] = X##ki; \
1508
+ output[12]= X##ki; \
1509
+ state[13] = X##ko; \
1510
+ output[13] = X##ko; \
1511
+ state[14] = X##ku; \
1512
+ if (laneCount >= 15) { \
1513
+ output[14] = X##ku; \
1514
+ } \
1515
+ } \
1516
+ } \
1517
+ } \
1518
+ state[15] = X##ma; \
1519
+ state[16] = X##me; \
1520
+ state[17] = X##mi; \
1521
+ state[18] = X##mo; \
1522
+ state[19] = X##mu; \
1523
+ state[20] = X##sa; \
1524
+ state[21] = X##se; \
1525
+ state[22] = X##si; \
1526
+ state[23] = X##so; \
1527
+ state[24] = X##su; \
1528
+ } \
1529
+ else { \
1530
+ state[ 0] = X##ba; \
1531
+ output[ 0] = X##ba; \
1532
+ state[ 1] = X##be; \
1533
+ output[ 1] = X##be; \
1534
+ state[ 2] = X##bi; \
1535
+ output[ 2] = X##bi; \
1536
+ state[ 3] = X##bo; \
1537
+ output[ 3] = X##bo; \
1538
+ state[ 4] = X##bu; \
1539
+ output[ 4] = X##bu; \
1540
+ state[ 5] = X##ga; \
1541
+ output[ 5] = X##ga; \
1542
+ state[ 6] = X##ge; \
1543
+ output[ 6] = X##ge; \
1544
+ state[ 7] = X##gi; \
1545
+ output[ 7] = X##gi; \
1546
+ state[ 8] = X##go; \
1547
+ output[ 8] = X##go; \
1548
+ state[ 9] = X##gu; \
1549
+ output[ 9] = X##gu; \
1550
+ state[10] = X##ka; \
1551
+ output[10] = X##ka; \
1552
+ state[11] = X##ke; \
1553
+ output[11] = X##ke; \
1554
+ state[12] = X##ki; \
1555
+ output[12]= X##ki; \
1556
+ state[13] = X##ko; \
1557
+ output[13] = X##ko; \
1558
+ state[14] = X##ku; \
1559
+ output[14] = X##ku; \
1560
+ state[15] = X##ma; \
1561
+ output[15] = X##ma; \
1562
+ if (laneCount < 24) { \
1563
+ if (laneCount < 20) { \
1564
+ if (laneCount < 18) { \
1565
+ state[16] = X##me; \
1566
+ if (laneCount >= 17) { \
1567
+ output[16] = X##me; \
1568
+ } \
1569
+ state[17] = X##mi; \
1570
+ state[18] = X##mo; \
1571
+ } \
1572
+ else { \
1573
+ state[16] = X##me; \
1574
+ output[16] = X##me; \
1575
+ state[17] = X##mi; \
1576
+ output[17] = X##mi; \
1577
+ state[18] = X##mo; \
1578
+ if (laneCount >= 19) { \
1579
+ output[18] = X##mo; \
1580
+ } \
1581
+ } \
1582
+ state[19] = X##mu; \
1583
+ state[20] = X##sa; \
1584
+ state[21] = X##se; \
1585
+ state[22] = X##si; \
1586
+ } \
1587
+ else { \
1588
+ state[16] = X##me; \
1589
+ output[16] = X##me; \
1590
+ state[17] = X##mi; \
1591
+ output[17] = X##mi; \
1592
+ state[18] = X##mo; \
1593
+ output[18] = X##mo; \
1594
+ state[19] = X##mu; \
1595
+ output[19] = X##mu; \
1596
+ if (laneCount < 22) { \
1597
+ state[20] = X##sa; \
1598
+ if (laneCount >= 21) { \
1599
+ output[20] = X##sa; \
1600
+ } \
1601
+ state[21] = X##se; \
1602
+ state[22] = X##si; \
1603
+ } \
1604
+ else { \
1605
+ state[20] = X##sa; \
1606
+ output[20] = X##sa; \
1607
+ state[21] = X##se; \
1608
+ output[21] = X##se; \
1609
+ state[22] = X##si; \
1610
+ if (laneCount >= 23) { \
1611
+ output[22] = X##si; \
1612
+ } \
1613
+ } \
1614
+ } \
1615
+ state[23] = X##so; \
1616
+ state[24] = X##su; \
1617
+ } \
1618
+ else { \
1619
+ state[16] = X##me; \
1620
+ output[16] = X##me; \
1621
+ state[17] = X##mi; \
1622
+ output[17] = X##mi; \
1623
+ state[18] = X##mo; \
1624
+ output[18] = X##mo; \
1625
+ state[19] = X##mu; \
1626
+ output[19] = X##mu; \
1627
+ state[20] = X##sa; \
1628
+ output[20] = X##sa; \
1629
+ state[21] = X##se; \
1630
+ output[21] = X##se; \
1631
+ state[22] = X##si; \
1632
+ output[22] = X##si; \
1633
+ state[23] = X##so; \
1634
+ output[23] = X##so; \
1635
+ state[24] = X##su; \
1636
+ if (laneCount >= 25) { \
1637
+ output[24] = X##su; \
1638
+ } \
1639
+ } \
1640
+ }
1641
+
1642
+ #define output(X, output, laneCount) \
1643
+ if (laneCount < 16) { \
1644
+ if (laneCount < 8) { \
1645
+ if (laneCount < 4) { \
1646
+ if (laneCount < 2) { \
1647
+ if (laneCount >= 1) { \
1648
+ output[ 0] = X##ba; \
1649
+ } \
1650
+ } \
1651
+ else { \
1652
+ output[ 0] = X##ba; \
1653
+ output[ 1] = X##be; \
1654
+ if (laneCount >= 3) { \
1655
+ output[ 2] = X##bi; \
1656
+ } \
1657
+ } \
1658
+ } \
1659
+ else { \
1660
+ output[ 0] = X##ba; \
1661
+ output[ 1] = X##be; \
1662
+ output[ 2] = X##bi; \
1663
+ output[ 3] = X##bo; \
1664
+ if (laneCount < 6) { \
1665
+ if (laneCount >= 5) { \
1666
+ output[ 4] = X##bu; \
1667
+ } \
1668
+ } \
1669
+ else { \
1670
+ output[ 4] = X##bu; \
1671
+ output[ 5] = X##ga; \
1672
+ if (laneCount >= 7) { \
1673
+ output[ 6] = X##ge; \
1674
+ } \
1675
+ } \
1676
+ } \
1677
+ } \
1678
+ else { \
1679
+ output[ 0] = X##ba; \
1680
+ output[ 1] = X##be; \
1681
+ output[ 2] = X##bi; \
1682
+ output[ 3] = X##bo; \
1683
+ output[ 4] = X##bu; \
1684
+ output[ 5] = X##ga; \
1685
+ output[ 6] = X##ge; \
1686
+ output[ 7] = X##gi; \
1687
+ if (laneCount < 12) { \
1688
+ if (laneCount < 10) { \
1689
+ if (laneCount >= 9) { \
1690
+ output[ 8] = X##go; \
1691
+ } \
1692
+ } \
1693
+ else { \
1694
+ output[ 8] = X##go; \
1695
+ output[ 9] = X##gu; \
1696
+ if (laneCount >= 11) { \
1697
+ output[10] = X##ka; \
1698
+ } \
1699
+ } \
1700
+ } \
1701
+ else { \
1702
+ output[ 8] = X##go; \
1703
+ output[ 9] = X##gu; \
1704
+ output[10] = X##ka; \
1705
+ output[11] = X##ke; \
1706
+ if (laneCount < 14) { \
1707
+ if (laneCount >= 13) { \
1708
+ output[12] = X##ki; \
1709
+ } \
1710
+ } \
1711
+ else { \
1712
+ output[12] = X##ki; \
1713
+ output[13] = X##ko; \
1714
+ if (laneCount >= 15) { \
1715
+ output[14] = X##ku; \
1716
+ } \
1717
+ } \
1718
+ } \
1719
+ } \
1720
+ } \
1721
+ else { \
1722
+ output[ 0] = X##ba; \
1723
+ output[ 1] = X##be; \
1724
+ output[ 2] = X##bi; \
1725
+ output[ 3] = X##bo; \
1726
+ output[ 4] = X##bu; \
1727
+ output[ 5] = X##ga; \
1728
+ output[ 6] = X##ge; \
1729
+ output[ 7] = X##gi; \
1730
+ output[ 8] = X##go; \
1731
+ output[ 9] = X##gu; \
1732
+ output[10] = X##ka; \
1733
+ output[11] = X##ke; \
1734
+ output[12] = X##ki; \
1735
+ output[13] = X##ko; \
1736
+ output[14] = X##ku; \
1737
+ output[15] = X##ma; \
1738
+ if (laneCount < 24) { \
1739
+ if (laneCount < 20) { \
1740
+ if (laneCount < 18) { \
1741
+ if (laneCount >= 17) { \
1742
+ output[16] = X##me; \
1743
+ } \
1744
+ } \
1745
+ else { \
1746
+ output[16] = X##me; \
1747
+ output[17] = X##mi; \
1748
+ if (laneCount >= 19) { \
1749
+ output[18] = X##mo; \
1750
+ } \
1751
+ } \
1752
+ } \
1753
+ else { \
1754
+ output[16] = X##me; \
1755
+ output[17] = X##mi; \
1756
+ output[18] = X##mo; \
1757
+ output[19] = X##mu; \
1758
+ if (laneCount < 22) { \
1759
+ if (laneCount >= 21) { \
1760
+ output[20] = X##sa; \
1761
+ } \
1762
+ } \
1763
+ else { \
1764
+ output[20] = X##sa; \
1765
+ output[21] = X##se; \
1766
+ if (laneCount >= 23) { \
1767
+ output[22] = X##si; \
1768
+ } \
1769
+ } \
1770
+ } \
1771
+ } \
1772
+ else { \
1773
+ output[16] = X##me; \
1774
+ output[17] = X##mi; \
1775
+ output[18] = X##mo; \
1776
+ output[19] = X##mu; \
1777
+ output[20] = X##sa; \
1778
+ output[21] = X##se; \
1779
+ output[22] = X##si; \
1780
+ output[23] = X##so; \
1781
+ if (laneCount >= 25) { \
1782
+ output[24] = X##su; \
1783
+ } \
1784
+ } \
1785
+ }
1786
+
1787
+ #define wrapOne(X, input, output, index, name) \
1788
+ X##name ^= input[index]; \
1789
+ output[index] = X##name;
1790
+
1791
+ #define wrapOneInvert(X, input, output, index, name) \
1792
+ X##name ^= input[index]; \
1793
+ output[index] = X##name;
1794
+
1795
+ #define unwrapOne(X, input, output, index, name) \
1796
+ output[index] = input[index] ^ X##name; \
1797
+ X##name ^= output[index];
1798
+
1799
+ #define unwrapOneInvert(X, input, output, index, name) \
1800
+ output[index] = input[index] ^ X##name; \
1801
+ X##name ^= output[index];
1802
+
1803
+ #endif
1804
+
1805
+ #define wrap(X, input, output, laneCount, trailingBits) \
1806
+ if (laneCount < 16) { \
1807
+ if (laneCount < 8) { \
1808
+ if (laneCount < 4) { \
1809
+ if (laneCount < 2) { \
1810
+ if (laneCount < 1) { \
1811
+ X##ba ^= trailingBits; \
1812
+ } \
1813
+ else { \
1814
+ wrapOne(X, input, output, 0, ba) \
1815
+ X##be ^= trailingBits; \
1816
+ } \
1817
+ } \
1818
+ else { \
1819
+ wrapOne(X, input, output, 0, ba) \
1820
+ wrapOneInvert(X, input, output, 1, be) \
1821
+ if (laneCount < 3) { \
1822
+ X##bi ^= trailingBits; \
1823
+ } \
1824
+ else { \
1825
+ wrapOneInvert(X, input, output, 2, bi) \
1826
+ X##bo ^= trailingBits; \
1827
+ } \
1828
+ } \
1829
+ } \
1830
+ else { \
1831
+ wrapOne(X, input, output, 0, ba) \
1832
+ wrapOneInvert(X, input, output, 1, be) \
1833
+ wrapOneInvert(X, input, output, 2, bi) \
1834
+ wrapOne(X, input, output, 3, bo) \
1835
+ if (laneCount < 6) { \
1836
+ if (laneCount < 5) { \
1837
+ X##bu ^= trailingBits; \
1838
+ } \
1839
+ else { \
1840
+ wrapOne(X, input, output, 4, bu) \
1841
+ X##ga ^= trailingBits; \
1842
+ } \
1843
+ } \
1844
+ else { \
1845
+ wrapOne(X, input, output, 4, bu) \
1846
+ wrapOne(X, input, output, 5, ga) \
1847
+ if (laneCount < 7) { \
1848
+ X##ge ^= trailingBits; \
1849
+ } \
1850
+ else { \
1851
+ wrapOne(X, input, output, 6, ge) \
1852
+ X##gi ^= trailingBits; \
1853
+ } \
1854
+ } \
1855
+ } \
1856
+ } \
1857
+ else { \
1858
+ wrapOne(X, input, output, 0, ba) \
1859
+ wrapOneInvert(X, input, output, 1, be) \
1860
+ wrapOneInvert(X, input, output, 2, bi) \
1861
+ wrapOne(X, input, output, 3, bo) \
1862
+ wrapOne(X, input, output, 4, bu) \
1863
+ wrapOne(X, input, output, 5, ga) \
1864
+ wrapOne(X, input, output, 6, ge) \
1865
+ wrapOne(X, input, output, 7, gi) \
1866
+ if (laneCount < 12) { \
1867
+ if (laneCount < 10) { \
1868
+ if (laneCount < 9) { \
1869
+ X##go ^= trailingBits; \
1870
+ } \
1871
+ else { \
1872
+ wrapOneInvert(X, input, output, 8, go) \
1873
+ X##gu ^= trailingBits; \
1874
+ } \
1875
+ } \
1876
+ else { \
1877
+ wrapOneInvert(X, input, output, 8, go) \
1878
+ wrapOne(X, input, output, 9, gu) \
1879
+ if (laneCount < 11) { \
1880
+ X##ka ^= trailingBits; \
1881
+ } \
1882
+ else { \
1883
+ wrapOne(X, input, output, 10, ka) \
1884
+ X##ke ^= trailingBits; \
1885
+ } \
1886
+ } \
1887
+ } \
1888
+ else { \
1889
+ wrapOneInvert(X, input, output, 8, go) \
1890
+ wrapOne(X, input, output, 9, gu) \
1891
+ wrapOne(X, input, output, 10, ka) \
1892
+ wrapOne(X, input, output, 11, ke) \
1893
+ if (laneCount < 14) { \
1894
+ if (laneCount < 13) { \
1895
+ X##ki ^= trailingBits; \
1896
+ } \
1897
+ else { \
1898
+ wrapOneInvert(X, input, output, 12, ki) \
1899
+ X##ko ^= trailingBits; \
1900
+ } \
1901
+ } \
1902
+ else { \
1903
+ wrapOneInvert(X, input, output, 12, ki) \
1904
+ wrapOne(X, input, output, 13, ko) \
1905
+ if (laneCount < 15) { \
1906
+ X##ku ^= trailingBits; \
1907
+ } \
1908
+ else { \
1909
+ wrapOne(X, input, output, 14, ku) \
1910
+ X##ma ^= trailingBits; \
1911
+ } \
1912
+ } \
1913
+ } \
1914
+ } \
1915
+ } \
1916
+ else { \
1917
+ wrapOne(X, input, output, 0, ba) \
1918
+ wrapOneInvert(X, input, output, 1, be) \
1919
+ wrapOneInvert(X, input, output, 2, bi) \
1920
+ wrapOne(X, input, output, 3, bo) \
1921
+ wrapOne(X, input, output, 4, bu) \
1922
+ wrapOne(X, input, output, 5, ga) \
1923
+ wrapOne(X, input, output, 6, ge) \
1924
+ wrapOne(X, input, output, 7, gi) \
1925
+ wrapOneInvert(X, input, output, 8, go) \
1926
+ wrapOne(X, input, output, 9, gu) \
1927
+ wrapOne(X, input, output, 10, ka) \
1928
+ wrapOne(X, input, output, 11, ke) \
1929
+ wrapOneInvert(X, input, output, 12, ki) \
1930
+ wrapOne(X, input, output, 13, ko) \
1931
+ wrapOne(X, input, output, 14, ku) \
1932
+ wrapOne(X, input, output, 15, ma) \
1933
+ if (laneCount < 24) { \
1934
+ if (laneCount < 20) { \
1935
+ if (laneCount < 18) { \
1936
+ if (laneCount < 17) { \
1937
+ X##me ^= trailingBits; \
1938
+ } \
1939
+ else { \
1940
+ wrapOne(X, input, output, 16, me) \
1941
+ X##mi ^= trailingBits; \
1942
+ } \
1943
+ } \
1944
+ else { \
1945
+ wrapOne(X, input, output, 16, me) \
1946
+ wrapOneInvert(X, input, output, 17, mi) \
1947
+ if (laneCount < 19) { \
1948
+ X##mo ^= trailingBits; \
1949
+ } \
1950
+ else { \
1951
+ wrapOne(X, input, output, 18, mo) \
1952
+ X##mu ^= trailingBits; \
1953
+ } \
1954
+ } \
1955
+ } \
1956
+ else { \
1957
+ wrapOne(X, input, output, 16, me) \
1958
+ wrapOneInvert(X, input, output, 17, mi) \
1959
+ wrapOne(X, input, output, 18, mo) \
1960
+ wrapOne(X, input, output, 19, mu) \
1961
+ if (laneCount < 22) { \
1962
+ if (laneCount < 21) { \
1963
+ X##sa ^= trailingBits; \
1964
+ } \
1965
+ else { \
1966
+ wrapOneInvert(X, input, output, 20, sa) \
1967
+ X##se ^= trailingBits; \
1968
+ } \
1969
+ } \
1970
+ else { \
1971
+ wrapOneInvert(X, input, output, 20, sa) \
1972
+ wrapOne(X, input, output, 21, se) \
1973
+ if (laneCount < 23) { \
1974
+ X##si ^= trailingBits; \
1975
+ } \
1976
+ else { \
1977
+ wrapOne(X, input, output, 22, si) \
1978
+ X##so ^= trailingBits; \
1979
+ } \
1980
+ } \
1981
+ } \
1982
+ } \
1983
+ else { \
1984
+ wrapOne(X, input, output, 16, me) \
1985
+ wrapOneInvert(X, input, output, 17, mi) \
1986
+ wrapOne(X, input, output, 18, mo) \
1987
+ wrapOne(X, input, output, 19, mu) \
1988
+ wrapOneInvert(X, input, output, 20, sa) \
1989
+ wrapOne(X, input, output, 21, se) \
1990
+ wrapOne(X, input, output, 22, si) \
1991
+ wrapOne(X, input, output, 23, so) \
1992
+ if (laneCount < 25) { \
1993
+ X##su ^= trailingBits; \
1994
+ } \
1995
+ else { \
1996
+ wrapOne(X, input, output, 24, su) \
1997
+ } \
1998
+ } \
1999
+ }
2000
+
2001
+ #define unwrap(X, input, output, laneCount, trailingBits) \
2002
+ if (laneCount < 16) { \
2003
+ if (laneCount < 8) { \
2004
+ if (laneCount < 4) { \
2005
+ if (laneCount < 2) { \
2006
+ if (laneCount < 1) { \
2007
+ X##ba ^= trailingBits; \
2008
+ } \
2009
+ else { \
2010
+ unwrapOne(X, input, output, 0, ba) \
2011
+ X##be ^= trailingBits; \
2012
+ } \
2013
+ } \
2014
+ else { \
2015
+ unwrapOne(X, input, output, 0, ba) \
2016
+ unwrapOneInvert(X, input, output, 1, be) \
2017
+ if (laneCount < 3) { \
2018
+ X##bi ^= trailingBits; \
2019
+ } \
2020
+ else { \
2021
+ unwrapOneInvert(X, input, output, 2, bi) \
2022
+ X##bo ^= trailingBits; \
2023
+ } \
2024
+ } \
2025
+ } \
2026
+ else { \
2027
+ unwrapOne(X, input, output, 0, ba) \
2028
+ unwrapOneInvert(X, input, output, 1, be) \
2029
+ unwrapOneInvert(X, input, output, 2, bi) \
2030
+ unwrapOne(X, input, output, 3, bo) \
2031
+ if (laneCount < 6) { \
2032
+ if (laneCount < 5) { \
2033
+ X##bu ^= trailingBits; \
2034
+ } \
2035
+ else { \
2036
+ unwrapOne(X, input, output, 4, bu) \
2037
+ X##ga ^= trailingBits; \
2038
+ } \
2039
+ } \
2040
+ else { \
2041
+ unwrapOne(X, input, output, 4, bu) \
2042
+ unwrapOne(X, input, output, 5, ga) \
2043
+ if (laneCount < 7) { \
2044
+ X##ge ^= trailingBits; \
2045
+ } \
2046
+ else { \
2047
+ unwrapOne(X, input, output, 6, ge) \
2048
+ X##gi ^= trailingBits; \
2049
+ } \
2050
+ } \
2051
+ } \
2052
+ } \
2053
+ else { \
2054
+ unwrapOne(X, input, output, 0, ba) \
2055
+ unwrapOneInvert(X, input, output, 1, be) \
2056
+ unwrapOneInvert(X, input, output, 2, bi) \
2057
+ unwrapOne(X, input, output, 3, bo) \
2058
+ unwrapOne(X, input, output, 4, bu) \
2059
+ unwrapOne(X, input, output, 5, ga) \
2060
+ unwrapOne(X, input, output, 6, ge) \
2061
+ unwrapOne(X, input, output, 7, gi) \
2062
+ if (laneCount < 12) { \
2063
+ if (laneCount < 10) { \
2064
+ if (laneCount < 9) { \
2065
+ X##go ^= trailingBits; \
2066
+ } \
2067
+ else { \
2068
+ unwrapOneInvert(X, input, output, 8, go) \
2069
+ X##gu ^= trailingBits; \
2070
+ } \
2071
+ } \
2072
+ else { \
2073
+ unwrapOneInvert(X, input, output, 8, go) \
2074
+ unwrapOne(X, input, output, 9, gu) \
2075
+ if (laneCount < 11) { \
2076
+ X##ka ^= trailingBits; \
2077
+ } \
2078
+ else { \
2079
+ unwrapOne(X, input, output, 10, ka) \
2080
+ X##ke ^= trailingBits; \
2081
+ } \
2082
+ } \
2083
+ } \
2084
+ else { \
2085
+ unwrapOneInvert(X, input, output, 8, go) \
2086
+ unwrapOne(X, input, output, 9, gu) \
2087
+ unwrapOne(X, input, output, 10, ka) \
2088
+ unwrapOne(X, input, output, 11, ke) \
2089
+ if (laneCount < 14) { \
2090
+ if (laneCount < 13) { \
2091
+ X##ki ^= trailingBits; \
2092
+ } \
2093
+ else { \
2094
+ unwrapOneInvert(X, input, output, 12, ki) \
2095
+ X##ko ^= trailingBits; \
2096
+ } \
2097
+ } \
2098
+ else { \
2099
+ unwrapOneInvert(X, input, output, 12, ki) \
2100
+ unwrapOne(X, input, output, 13, ko) \
2101
+ if (laneCount < 15) { \
2102
+ X##ku ^= trailingBits; \
2103
+ } \
2104
+ else { \
2105
+ unwrapOne(X, input, output, 14, ku) \
2106
+ X##ma ^= trailingBits; \
2107
+ } \
2108
+ } \
2109
+ } \
2110
+ } \
2111
+ } \
2112
+ else { \
2113
+ unwrapOne(X, input, output, 0, ba) \
2114
+ unwrapOneInvert(X, input, output, 1, be) \
2115
+ unwrapOneInvert(X, input, output, 2, bi) \
2116
+ unwrapOne(X, input, output, 3, bo) \
2117
+ unwrapOne(X, input, output, 4, bu) \
2118
+ unwrapOne(X, input, output, 5, ga) \
2119
+ unwrapOne(X, input, output, 6, ge) \
2120
+ unwrapOne(X, input, output, 7, gi) \
2121
+ unwrapOneInvert(X, input, output, 8, go) \
2122
+ unwrapOne(X, input, output, 9, gu) \
2123
+ unwrapOne(X, input, output, 10, ka) \
2124
+ unwrapOne(X, input, output, 11, ke) \
2125
+ unwrapOneInvert(X, input, output, 12, ki) \
2126
+ unwrapOne(X, input, output, 13, ko) \
2127
+ unwrapOne(X, input, output, 14, ku) \
2128
+ unwrapOne(X, input, output, 15, ma) \
2129
+ if (laneCount < 24) { \
2130
+ if (laneCount < 20) { \
2131
+ if (laneCount < 18) { \
2132
+ if (laneCount < 17) { \
2133
+ X##me ^= trailingBits; \
2134
+ } \
2135
+ else { \
2136
+ unwrapOne(X, input, output, 16, me) \
2137
+ X##mi ^= trailingBits; \
2138
+ } \
2139
+ } \
2140
+ else { \
2141
+ unwrapOne(X, input, output, 16, me) \
2142
+ unwrapOneInvert(X, input, output, 17, mi) \
2143
+ if (laneCount < 19) { \
2144
+ X##mo ^= trailingBits; \
2145
+ } \
2146
+ else { \
2147
+ unwrapOne(X, input, output, 18, mo) \
2148
+ X##mu ^= trailingBits; \
2149
+ } \
2150
+ } \
2151
+ } \
2152
+ else { \
2153
+ unwrapOne(X, input, output, 16, me) \
2154
+ unwrapOneInvert(X, input, output, 17, mi) \
2155
+ unwrapOne(X, input, output, 18, mo) \
2156
+ unwrapOne(X, input, output, 19, mu) \
2157
+ if (laneCount < 22) { \
2158
+ if (laneCount < 21) { \
2159
+ X##sa ^= trailingBits; \
2160
+ } \
2161
+ else { \
2162
+ unwrapOneInvert(X, input, output, 20, sa) \
2163
+ X##se ^= trailingBits; \
2164
+ } \
2165
+ } \
2166
+ else { \
2167
+ unwrapOneInvert(X, input, output, 20, sa) \
2168
+ unwrapOne(X, input, output, 21, se) \
2169
+ if (laneCount < 23) { \
2170
+ X##si ^= trailingBits; \
2171
+ } \
2172
+ else { \
2173
+ unwrapOne(X, input, output, 22, si) \
2174
+ X##so ^= trailingBits; \
2175
+ } \
2176
+ } \
2177
+ } \
2178
+ } \
2179
+ else { \
2180
+ unwrapOne(X, input, output, 16, me) \
2181
+ unwrapOneInvert(X, input, output, 17, mi) \
2182
+ unwrapOne(X, input, output, 18, mo) \
2183
+ unwrapOne(X, input, output, 19, mu) \
2184
+ unwrapOneInvert(X, input, output, 20, sa) \
2185
+ unwrapOne(X, input, output, 21, se) \
2186
+ unwrapOne(X, input, output, 22, si) \
2187
+ unwrapOne(X, input, output, 23, so) \
2188
+ if (laneCount < 25) { \
2189
+ X##su ^= trailingBits; \
2190
+ } \
2191
+ else { \
2192
+ unwrapOne(X, input, output, 24, su) \
2193
+ } \
2194
+ } \
2195
+ }