RubyGems - sleeping_kangaroo12 - Versions diffs - 0.0.1 - Mend

sleeping_kangaroo12 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (284) hide show

data/ext/xkcp/lib/low/KeccakP-1600/ARM/KeccakP-1600-u1-32bi-armv6m-le-armcc.s ADDED Viewed

@@ -0,0 +1,1338 @@
+;
+; The eXtended Keccak Code Package (XKCP)
+; https://github.com/XKCP/XKCP
+;
+; The Keccak-p permutations, designed by Guido Bertoni, Joan Daemen, Michaël Peeters and Gilles Van Assche.
+;
+; Implementation by Ronny Van Keer, hereby denoted as "the implementer".
+;
+; For more information, feedback or questions, please refer to the Keccak Team website:
+; https://keccak.team/
+;
+; To the extent possible under law, the implementer has waived all copyright
+; and related or neighboring rights to the source code in this file.
+; http://creativecommons.org/publicdomain/zero/1.0/
+;
+; ---
+;
+; This file implements Keccak-p[1600] in a SnP-compatible way.
+; Please refer to SnP-documentation.h for more details.
+;
+; This implementation comes with KeccakP-1600-SnP.h in the same folder.
+; Please refer to LowLevel.build for the exact list of other files it must be combined with.
+;
+; WARNING: This implementation assumes a little endian CPU with ARMv6M architecture (e.g., Cortex-M0) and the ARMCC compiler.
+    PRESERVE8
+    THUMB
+    AREA    |.text|, CODE, READONLY
+    ; Credit: Henry S. Warren, Hacker's Delight, Addison-Wesley, 2002
+    MACRO
+    toBitInterleaving   $in0,$in1,$out0,$out1,$t,$tt,$pMask
+    mov     $out0, $in0
+    ldr     $t, [$pMask, #0]
+    ands    $out0, $out0, $t
+    lsrs    $t, $out0, #1
+    orrs    $out0, $out0, $t
+    ldr     $t, [$pMask, #4]
+    ands    $out0, $out0, $t
+    lsrs    $t, $out0, #2
+    orrs    $out0, $out0, $t
+    ldr     $t, [$pMask, #8]
+    ands    $out0, $out0, $t
+    lsrs    $t, $out0, #4
+    orrs    $out0, $out0, $t
+    ldr     $t, [$pMask, #12]
+    ands    $out0, $out0, $t
+    lsrs    $t, $out0, #8
+    orrs    $out0, $out0, $t
+    mov     $out1, $in1
+    ldr     $t, [$pMask, #0]
+    ands    $out1, $out1, $t
+    lsrs    $t, $out1, #1
+    orrs    $out1, $out1, $t
+    ldr     $t, [$pMask, #4]
+    ands    $out1, $out1, $t
+    lsrs    $t, $out1, #2
+    orrs    $out1, $out1, $t
+    ldr     $t, [$pMask, #8]
+    ands    $out1, $out1, $t
+    lsrs    $t, $out1, #4
+    orrs    $out1, $out1, $t
+    ldr     $t, [$pMask, #12]
+    ands    $out1, $out1, $t
+    lsrs    $t, $out1, #8
+    orrs    $out1, $out1, $t
+    lsls    $out0, $out0, #16
+    lsrs    $out0, $out0, #16
+    lsls    $out1, $out1, #16
+    orrs    $out0, $out0, $out1
+    mov     $out1, $in0
+    ldr     $t, [$pMask, #16]
+    ands    $out1, $out1, $t
+    lsls    $t, $out1, #1
+    orrs    $out1, $out1, $t
+    ldr     $t, [$pMask, #20]
+    ands    $out1, $out1, $t
+    lsls    $t, $out1, #2
+    orrs    $out1, $out1, $t
+    ldr     $t, [$pMask, #24]
+    ands    $out1, $out1, $t
+    lsls    $t, $out1, #4
+    orrs    $out1, $out1, $t
+    ldr     $t, [$pMask, #28]
+    ands    $out1, $out1, $t
+    lsls    $t, $out1, #8
+    orrs    $out1, $out1, $t
+    mov     $tt, $in1
+    ldr     $t, [$pMask, #16]
+    ands    $tt, $tt, $t
+    lsls    $t, $tt, #1
+    orrs    $tt, $tt, $t
+    ldr     $t, [$pMask, #20]
+    ands    $tt, $tt, $t
+    lsls    $t, $tt, #2
+    orrs    $tt, $tt, $t
+    ldr     $t, [$pMask, #24]
+    ands    $tt, $tt, $t
+    lsls    $t, $tt, #4
+    orrs    $tt, $tt, $t
+    ldr     $t, [$pMask, #28]
+    ands    $tt, $tt, $t
+    lsls    $t, $tt, #8
+    orrs    $tt, $tt, $t
+    lsrs    $out1,$out1, #16
+    lsrs    $tt, $tt, #16
+    lsls    $tt, $tt, #16
+    orrs    $out1,$out1,$tt
+    MEND
+    ; Credit: Henry S. Warren, Hacker's Delight, Addison-Wesley, 2002
+    MACRO
+    fromBitInterleavingStep $x, $t, $tt, $pMask, $maskofs, $shift
+    ; t = (x ^ (x >> shift)) & mask;  x = x ^ t ^ (t << shift);
+    lsrs    $t, $x, #$shift
+    eors    $t, $t, $x
+    ldr     $tt, [$pMask, #$maskofs]
+    ands    $t, $t, $tt
+    eors    $x, $x, $t
+    lsls    $t, $t, #$shift
+    eors    $x, $x, $t
+    MEND
+    MACRO
+    fromBitInterleaving     $x0, $x1, $t, $tt, $pMask
+    movs    $t, $x0                 ; t = x0
+    lsls    $x0, $x0, #16           ; x0 = (x0 & 0x0000FFFF) | (x1 << 16);
+    lsrs    $x0, $x0, #16
+    lsls    $tt, $x1, #16
+    orrs    $x0, $x0, $tt
+    lsrs    $x1, $x1, #16           ;   x1 = (t >> 16) | (x1 & 0xFFFF0000);
+    lsls    $x1, $x1, #16
+    lsrs    $t, $t, #16
+    orrs    $x1, $x1, $t
+    fromBitInterleavingStep $x0, $t, $tt, $pMask, 0, 8
+    fromBitInterleavingStep $x0, $t, $tt, $pMask, 4, 4
+    fromBitInterleavingStep $x0, $t, $tt, $pMask, 8, 2
+    fromBitInterleavingStep $x0, $t, $tt, $pMask, 12, 1
+    fromBitInterleavingStep $x1, $t, $tt, $pMask, 0, 8
+    fromBitInterleavingStep $x1, $t, $tt, $pMask, 4, 4
+    fromBitInterleavingStep $x1, $t, $tt, $pMask, 8, 2
+    fromBitInterleavingStep $x1, $t, $tt, $pMask, 12, 1
+    MEND
+; --- offsets in state
+_ba0    equ  0*4
+_ba1    equ  1*4
+_be0    equ  2*4
+_be1    equ  3*4
+_bi0    equ  4*4
+_bi1    equ  5*4
+_bo0    equ  6*4
+_bo1    equ  7*4
+_bu0    equ  8*4
+_bu1    equ  9*4
+_ga0    equ 10*4
+_ga1    equ 11*4
+_ge0    equ 12*4
+_ge1    equ 13*4
+_gi0    equ 14*4
+_gi1    equ 15*4
+_go0    equ 16*4
+_go1    equ 17*4
+_gu0    equ 18*4
+_gu1    equ 19*4
+_ka0    equ 20*4
+_ka1    equ 21*4
+_ke0    equ 22*4
+_ke1    equ 23*4
+_ki0    equ 24*4
+_ki1    equ 25*4
+_ko0    equ 26*4
+_ko1    equ 27*4
+_ku0    equ 28*4
+_ku1    equ 29*4
+_ma0    equ 30*4
+_ma1    equ 31*4
+_me0    equ 32*4
+_me1    equ 33*4
+_mi0    equ 34*4
+_mi1    equ 35*4
+_mo0    equ 36*4
+_mo1    equ 37*4
+_mu0    equ 38*4
+_mu1    equ 39*4
+_sa0    equ 40*4
+_sa1    equ 41*4
+_se0    equ 42*4
+_se1    equ 43*4
+_si0    equ 44*4
+_si1    equ 45*4
+_so0    equ 46*4
+_so1    equ 47*4
+_su0    equ 48*4
+_su1    equ 49*4
+; --- offsets on stack
+mEs     equ 0       ; Secondary state
+mD      equ 25*2*4
+mDo0    equ mD+0*4
+mDo1    equ mD+1*4
+mDu0    equ mD+2*4
+mDu1    equ mD+3*4
+mRC     equ mD+4*4
+mRfu    equ mD+5*4
+mSize   equ mD+6*4
+; --- macros
+    MACRO
+    xor5    $result,$b,$g,$k,$m,$s
+    ldr     $result, [r0, #$b]
+    ldr     r6, [r0, #$g]
+    eors    $result, $result, r6
+    ldr     r6, [r0, #$k]
+    eors    $result, $result, r6
+    ldr     r6, [r5, #$m-_ma0]
+    eors    $result, $result, r6
+    ldr     r6, [r5, #$s-_ma0]
+    eors    $result, $result, r6
+    MEND
+    MACRO
+    te0m    $oD, $rCp0, $rCn1
+    rors    $rCn1, $rCn1, r4
+    eors    $rCn1, $rCn1, $rCp0
+    str     $rCn1, [sp, #$oD]
+    MEND
+    MACRO
+    te1m    $oD, $rCp1, $rCn0
+    eors    $rCn0, $rCn0, $rCp1
+    str     $rCn0, [sp, #$oD]
+    MEND
+    MACRO
+    te0r    $rD, $rCp0, $rCn1
+    rors    $rCn1, $rCn1, r4
+    eors    $rCn1, $rCn1, $rCp0
+    mov     $rD, $rCn1
+    MEND
+    MACRO
+    te1r    $rD, $rCp1, $rCn0
+    eors    $rCn0, $rCn0, $rCp1
+    mov     $rD, $rCn0
+    MEND
+    MACRO   ; Theta Rho Pi  (1 half-lane)
+    trp1    $b, $ofS, $orD, $fD, $rot
+    ldr     $b, [r0, #$ofS]
+    if      $fD != 0
+    mov     r6, $orD
+    else
+    ldr     r6, [sp, #$orD]
+    endif
+    eors    $b, $b, r6
+    if      $rot != 0
+    movs    r6, #32-$rot
+    rors    $b, $b, r6
+    endif
+    MEND
+    MACRO   ; Theta Rho Pi  (5 even half-lanes)
+    trp5e   $oS0, $orD0, $fD0, $oR0, $oS1, $orD1, $fD1, $oR1, $oS2, $orD2, $fD2, $oR2, $oS3, $orD3, $fD3, $oR3, $oS4, $orD4, $fD4, $oR4
+    trp1    r1, $oS0, $orD0, $fD0, $oR0
+    trp1    r2, $oS1, $orD1, $fD1, $oR1
+    trp1    r3, $oS2, $orD2, $fD2, $oR2
+    adds    r0, r0, #_ma0
+    trp1    r4, $oS3-_ma0, $orD3, $fD3, $oR3
+    trp1    r5, $oS4-_ma0, $orD4, $fD4, $oR4
+    MEND
+    MACRO   ; Theta Rho Pi  (5 odd half-lanes)
+    trp5o   $oS0, $orD0, $fD0, $oR0, $oS1, $orD1, $fD1, $oR1, $oS2, $orD2, $fD2, $oR2, $oS3, $orD3, $fD3, $oR3, $oS4, $orD4, $fD4, $oR4
+    trp1    r4, $oS3-_ma0, $orD3, $fD3, $oR3
+    trp1    r5, $oS4-_ma0, $orD4, $fD4, $oR4
+    subs    r0, r0, #_ma0
+    trp1    r1, $oS0, $orD0, $fD0, $oR0
+    trp1    r2, $oS1, $orD1, $fD1, $oR1
+    trp1    r3, $oS2, $orD2, $fD2, $oR2
+    MEND
+    MACRO   ; Chi Iota  (1 half-lane)
+    chio1   $oOut, $ax0, $ax1, $ax2, $iota, $useax2
+    if $useax2 != 0
+    bics    $ax2, $ax2, $ax1            ; A[x+2] = A[x+2] & ~A[x+1]
+    eors    $ax2, $ax2, $ax0            ; A[x+2] = A[x+2] ^ A[x]
+    if $iota != 0xFF
+    ldr     r1, [sp, #mRC]
+    ldr     r4, [r1, #$iota]
+    eors    $ax2, $ax2, r4
+    endif
+    str     $ax2, [r7, #$oOut]
+    else
+    mov     r6, $ax2                   ; T1 = A[x+2]
+    bics    r6, r6, $ax1              ; T1 = T1 & ~A[x+1]
+    eors    r6, r6, $ax0              ; T1 = T1 ^ A[x]
+    str     r6, [r7, #$oOut]
+    endif
+    MEND
+    MACRO   ; Chi Iota  (5 half-lanes)
+    chio5   $oOut, $iota
+    chio1   $oOut+8*4, r5, r1, r2, 0xFF, 0
+    chio1   $oOut+6*4, r4, r5, r1, 0xFF, 0
+    chio1   $oOut+4*4, r3, r4, r5, 0xFF, 1
+    chio1   $oOut+2*4, r2, r3, r4, 0xFF, 1
+    chio1   $oOut+0*4, r1, r2, r3, $iota, 1
+    MEND
+;----------------------------------------------------------------------------
+;
+; void KeccakP1600_StaticInitialize( void )
+;
+    ALIGN
+    EXPORT  KeccakP1600_StaticInitialize
+KeccakP1600_StaticInitialize   PROC
+    bx      lr
+    ENDP
+;----------------------------------------------------------------------------
+;
+; void KeccakP1600_Initialize(void *state)
+;
+    ALIGN
+    EXPORT  KeccakP1600_Initialize
+KeccakP1600_Initialize   PROC
+    push    {r4 - r5}
+    movs    r1, #0
+    movs    r2, #0
+    movs    r3, #0
+    movs    r4, #0
+    movs    r5, #0
+    stmia   r0!, { r1 - r5 }
+    stmia   r0!, { r1 - r5 }
+    stmia   r0!, { r1 - r5 }
+    stmia   r0!, { r1 - r5 }
+    stmia   r0!, { r1 - r5 }
+    stmia   r0!, { r1 - r5 }
+    stmia   r0!, { r1 - r5 }
+    stmia   r0!, { r1 - r5 }
+    stmia   r0!, { r1 - r5 }
+    stmia   r0!, { r1 - r5 }
+    pop     {r4 - r5}
+    bx      lr
+    ENDP
+; ----------------------------------------------------------------------------
+;
+;  void KeccakP1600_AddByte(void *state, unsigned char byte, unsigned int offset)
+;
+    ALIGN
+    EXPORT  KeccakP1600_AddByte
+KeccakP1600_AddByte   PROC
+    push    {r4 - r7}
+    mov     r4, r8
+    mov     r5, r9
+    push    {r4 - r5}
+    lsrs    r4, r2, #3                              ; offset &= ~7
+    lsls    r4, r4, #3
+    adds    r0, r0, r4                              ; add whole lane offset to state pointer
+    lsls    r2, r2, #29                             ; offset &= 7 (part not lane aligned)
+    lsrs    r2, r2, #29
+    adr     r7, KeccakP1600_AddBytes_ToBitInterleavingConstants
+    movs    r4, #0
+    movs    r5, #0
+    push    { r4 - r5 }
+    add     r2, r2, sp
+    strb    r1, [r2]
+    pop     { r4 - r5 }
+    mov     r8, r4
+    mov     r9, r5
+    toBitInterleaving   r8, r9, r4, r5, r6, r2, r7
+    ldr     r6, [r0]
+    eors    r4, r4, r6
+    ldr     r6, [r0, #4]
+    eors    r5, r5, r6
+    stmia   r0!, { r4, r5 }
+    pop     {r4 - r5}
+    mov     r8, r4
+    mov     r9, r5
+    pop     {r4 - r7}
+    bx      lr
+    ENDP
+;----------------------------------------------------------------------------
+;
+; void KeccakP1600_AddBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length)
+;
+    ALIGN
+    EXPORT  KeccakP1600_AddBytes
+KeccakP1600_AddBytes   PROC
+    cmp     r3, #0                                  ; if length != 0
+    beq     KeccakP1600_AddBytes_Exit1
+    push    {r4 - r6, lr}                           ; then
+    mov     r4, r8
+    mov     r5, r9
+    mov     r6, r10
+    push    {r4 - r7}
+    lsrs    r4, r2, #3                              ; offset &= ~7
+    lsls    r4, r4, #3
+    adds    r0, r0, r4                              ; add whole lane offset to state pointer
+    lsls    r2, r2, #29                             ; offset &= 7 (part not lane aligned)
+    lsrs    r2, r2, #29
+    beq     KeccakP1600_AddBytes_CheckLanes ; if offset != 0
+    movs    r4, r3                                  ; then, do remaining bytes in first lane
+    movs    r5, #8
+    subs    r5, r2                                  ; max size in lane = 8 - offset
+    cmp     r4, r5
+    ble     KeccakP1600_AddBytes_BytesAlign
+    movs    r4, r5
+KeccakP1600_AddBytes_BytesAlign
+    subs    r3, r3, r4                              ; size left
+    mov     r10, r3
+    movs    r3, r4
+    adr     r7, KeccakP1600_AddBytes_ToBitInterleavingConstants
+    bl      __KeccakP1600_AddBytesInLane
+    mov     r3, r10
+KeccakP1600_AddBytes_CheckLanes
+    lsrs    r2, r3, #3                              ; if length >= 8
+    beq     KeccakP1600_AddBytes_Bytes
+    mov     r10, r3
+    adr     r3, KeccakP1600_AddBytes_ToBitInterleavingConstants
+    bl      __KeccakP1600_AddLanes
+    mov     r3, r10
+    lsls    r3, r3, #29
+    lsrs    r3, r3, #29
+KeccakP1600_AddBytes_Bytes
+    cmp     r3, #0
+    beq     KeccakP1600_AddBytes_Exit
+    movs    r2, #0
+    adr     r7, KeccakP1600_AddBytes_ToBitInterleavingConstants
+    bl      __KeccakP1600_AddBytesInLane
+KeccakP1600_AddBytes_Exit
+    pop     {r4 - r7}
+    mov     r8, r4
+    mov     r9, r5
+    mov     r10, r6
+    pop     {r4 - r6, pc}
+KeccakP1600_AddBytes_Exit1
+    bx      lr
+    nop
+KeccakP1600_AddBytes_ToBitInterleavingConstants
+    dcd     0x55555555
+    dcd     0x33333333
+    dcd     0x0F0F0F0F
+    dcd     0x00FF00FF
+    dcd     0xAAAAAAAA
+    dcd     0xCCCCCCCC
+    dcd     0xF0F0F0F0
+    dcd     0xFF00FF00
+    ENDP
+;----------------------------------------------------------------------------
+;
+; __KeccakP1600_AddLanes
+;
+; Input:
+;  r0 state pointer
+;  r1 data pointer
+;  r2 laneCount
+;  r3 to bit interleaving constants pointer
+;
+; Output:
+;  r0 state pointer next lane
+;  r1 data pointer next byte to input
+;
+;  Changed: r2-r9
+;
+    ALIGN
+__KeccakP1600_AddLanes   PROC
+    lsls    r4, r1, #30
+    bne     __KeccakP1600_AddLanes_LoopUnaligned
+__KeccakP1600_AddLanes_LoopAligned
+    ldmia   r1!, {r6,r7}
+    mov     r8, r6
+    mov     r9, r7
+    toBitInterleaving   r8, r9, r6, r7, r5, r4, r3
+    ldr     r5, [r0]
+    eors    r6, r6, r5
+    ldr     r5, [r0, #4]
+    eors    r7, r7, r5
+    stmia   r0!, {r6,r7}
+    subs    r2, r2, #1
+    bne     __KeccakP1600_AddLanes_LoopAligned
+    bx      lr
+__KeccakP1600_AddLanes_LoopUnaligned
+    ldrb    r6, [r1, #0]
+    ldrb    r4, [r1, #1]
+    lsls    r4, r4, #8
+    orrs    r6, r6, r4
+    ldrb    r4, [r1, #2]
+    lsls    r4, r4, #16
+    orrs    r6, r6, r4
+    ldrb    r4, [r1, #3]
+    lsls    r4, r4, #24
+    orrs    r6, r6, r4
+    ldrb    r7, [r1, #4]
+    ldrb    r4, [r1, #5]
+    lsls    r4, r4, #8
+    orrs    r7, r7, r4
+    ldrb    r4, [r1, #6]
+    lsls    r4, r4, #16
+    orrs    r7, r7, r4
+    ldrb    r4, [r1, #7]
+    lsls    r4, r4, #24
+    orrs    r7, r7, r4
+    adds    r1, r1, #8
+    mov     r8, r6
+    mov     r9, r7
+    toBitInterleaving   r8, r9, r6, r7, r5, r4, r3
+    ldr     r5, [r0]
+    eors    r6, r6, r5
+    ldr     r5, [r0, #4]
+    eors    r7, r7, r5
+    stmia   r0!, {r6, r7}
+    subs    r2, r2, #1
+    bne     __KeccakP1600_AddLanes_LoopUnaligned
+    bx      lr
+    ENDP
+;----------------------------------------------------------------------------
+;
+; __KeccakP1600_AddBytesInLane
+;
+; Input:
+;  r0 state pointer
+;  r1 data pointer
+;  r2 offset in lane
+;  r3 length
+;  r7 to bit interleaving constants pointer
+;
+; Output:
+;  r0 state pointer next lane
+;  r1 data pointer next byte to input
+;
+;  Changed: r2-r9
+;
+    ALIGN
+__KeccakP1600_AddBytesInLane   PROC
+    movs    r4, #0
+    movs    r5, #0
+    push    { r4 - r5 }
+    add     r2, r2, sp
+__KeccakP1600_AddBytesInLane_Loop
+    ldrb    r5, [r1]
+    strb    r5, [r2]
+    adds    r1, r1, #1
+    adds    r2, r2, #1
+    subs    r3, r3, #1
+    bne     __KeccakP1600_AddBytesInLane_Loop
+    pop     { r4 - r5 }
+    mov     r8, r4
+    mov     r9, r5
+    toBitInterleaving   r8, r9, r4, r5, r6, r2, r7
+    ldr     r6, [r0]
+    eors    r4, r4, r6
+    ldr     r6, [r0, #4]
+    eors    r5, r5, r6
+    stmia   r0!, { r4, r5 }
+    bx      lr
+    ENDP
+;----------------------------------------------------------------------------
+;
+; void KeccakP1600_OverwriteBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length)
+;
+    ALIGN
+    EXPORT  KeccakP1600_OverwriteBytes
+KeccakP1600_OverwriteBytes   PROC
+    cmp     r3, #0                                  ; if length != 0
+    beq     KeccakP1600_OverwriteBytes_Exit1
+    push    {r4 - r6, lr}                           ; then
+    mov     r4, r8
+    mov     r5, r9
+    mov     r6, r10
+    push    {r4 - r7}
+    lsrs    r4, r2, #3                              ; offset &= ~7
+    lsls    r4, r4, #3
+    adds    r0, r0, r4                              ; add whole lane offset to state pointer
+    lsls    r2, r2, #29                             ; offset &= 7 (part not lane aligned)
+    lsrs    r2, r2, #29
+    beq     KeccakP1600_OverwriteBytes_CheckLanes   ; if offset != 0
+    movs    r4, r3                                  ; then, do remaining bytes in first lane
+    movs    r5, #8
+    subs    r5, r2                                  ; max size in lane = 8 - offset
+    cmp     r4, r5
+    ble     KeccakP1600_OverwriteBytes_BytesAlign
+    movs    r4, r5
+KeccakP1600_OverwriteBytes_BytesAlign
+    subs    r3, r3, r4                              ; size left
+    mov     r10, r3
+    movs    r3, r4
+    adr     r7, KeccakP1600_OverwriteBytes_ToBitInterleavingConstants
+    bl      __KeccakP1600_OverwriteBytesInLane
+    mov     r3, r10
+KeccakP1600_OverwriteBytes_CheckLanes
+    lsrs    r2, r3, #3                              ; if length >= 8
+    beq     KeccakP1600_OverwriteBytes_Bytes
+    mov     r10, r3
+    adr     r3, KeccakP1600_OverwriteBytes_ToBitInterleavingConstants
+    bl      __KeccakP1600_OverwriteLanes
+    mov     r3, r10
+    lsls    r3, r3, #29
+    lsrs    r3, r3, #29
+KeccakP1600_OverwriteBytes_Bytes
+    cmp     r3, #0
+    beq     KeccakP1600_OverwriteBytes_Exit
+    movs    r2, #0
+    adr     r7, KeccakP1600_OverwriteBytes_ToBitInterleavingConstants
+    bl      __KeccakP1600_OverwriteBytesInLane
+KeccakP1600_OverwriteBytes_Exit
+    pop     {r4 - r7}
+    mov     r8, r4
+    mov     r9, r5
+    mov     r10, r6
+    pop     {r4 - r6, pc}
+KeccakP1600_OverwriteBytes_Exit1
+    bx      lr
+    nop
+KeccakP1600_OverwriteBytes_ToBitInterleavingConstants
+    dcd     0x55555555
+    dcd     0x33333333
+    dcd     0x0F0F0F0F
+    dcd     0x00FF00FF
+    dcd     0xAAAAAAAA
+    dcd     0xCCCCCCCC
+    dcd     0xF0F0F0F0
+    dcd     0xFF00FF00
+    ENDP
+;----------------------------------------------------------------------------
+;
+; __KeccakP1600_OverwriteLanes
+;
+; Input:
+;  r0 state pointer
+;  r1 data pointer
+;  r2 laneCount
+;  r3 to bit interleaving constants pointer
+;
+; Output:
+;  r0 state pointer next lane
+;  r1 data pointer next byte to input
+;
+;  Changed: r2-r9
+;
+    ALIGN
+__KeccakP1600_OverwriteLanes   PROC
+    lsls    r4, r1, #30
+    bne     __KeccakP1600_OverwriteLanes_LoopUnaligned
+__KeccakP1600_OverwriteLanes_LoopAligned
+    ldmia   r1!, {r6,r7}
+    mov     r8, r6
+    mov     r9, r7
+    toBitInterleaving   r8, r9, r6, r7, r5, r4, r3
+    stmia   r0!, {r6,r7}
+    subs    r2, r2, #1
+    bne     __KeccakP1600_OverwriteLanes_LoopAligned
+    bx      lr
+__KeccakP1600_OverwriteLanes_LoopUnaligned
+    ldrb    r6, [r1, #0]
+    ldrb    r4, [r1, #1]
+    lsls    r4, r4, #8
+    orrs    r6, r6, r4
+    ldrb    r4, [r1, #2]
+    lsls    r4, r4, #16
+    orrs    r6, r6, r4
+    ldrb    r4, [r1, #3]
+    lsls    r4, r4, #24
+    orrs    r6, r6, r4
+    ldrb    r7, [r1, #4]
+    ldrb    r4, [r1, #5]
+    lsls    r4, r4, #8
+    orrs    r7, r7, r4
+    ldrb    r4, [r1, #6]
+    lsls    r4, r4, #16
+    orrs    r7, r7, r4
+    ldrb    r4, [r1, #7]
+    lsls    r4, r4, #24
+    orrs    r7, r7, r4
+    adds    r1, r1, #8
+    mov     r8, r6
+    mov     r9, r7
+    toBitInterleaving   r8, r9, r6, r7, r5, r4, r3
+    stmia   r0!, {r6, r7}
+    subs    r2, r2, #1
+    bne     __KeccakP1600_OverwriteLanes_LoopUnaligned
+    bx      lr
+    ENDP
+;----------------------------------------------------------------------------
+;
+; __KeccakP1600_OverwriteBytesInLane
+;
+; Input:
+;  r0 state pointer
+;  r1 data pointer
+;  r2 offset in lane
+;  r3 length
+;  r7 to bit interleaving constants pointer
+;
+; Output:
+;  r0 state pointer next lane
+;  r1 data pointer next byte to input
+;
+;  Changed: r2-r9
+;
+    ALIGN
+__KeccakP1600_OverwriteBytesInLane   PROC
+    movs    r4, #0
+    movs    r5, #0
+    push    { r4 - r5 }
+    lsls    r6, r2, #2
+    add     r2, r2, sp
+    movs    r4, #0x0F                       ;r4 mask to wipe nibbles(bit interleaved bytes) in state
+    lsls    r4, r4, r6
+    movs    r6, r4
+__KeccakP1600_OverwriteBytesInLane_Loop
+    orrs    r6, r6, r4
+    lsls    r4, r4, #4
+    ldrb    r5, [r1]
+    strb    r5, [r2]
+    adds    r1, r1, #1
+    adds    r2, r2, #1
+    subs    r3, r3, #1
+    bne     __KeccakP1600_OverwriteBytesInLane_Loop
+    pop     { r4 - r5 }
+    mov     r8, r4
+    mov     r9, r5
+    toBitInterleaving   r8, r9, r4, r5, r3, r2, r7
+    ldr     r3, [r0]
+    bics    r3, r3, r6
+    eors    r4, r4, r3
+    ldr     r3, [r0, #4]
+    bics    r3, r3, r6
+    eors    r5, r5, r3
+    stmia   r0!, { r4, r5 }
+    bx      lr
+    ENDP
+;----------------------------------------------------------------------------
+;
+; void KeccakP1600_OverwriteWithZeroes(void *state, unsigned int byteCount)
+;
+    ALIGN
+    EXPORT  KeccakP1600_OverwriteWithZeroes
+KeccakP1600_OverwriteWithZeroes PROC
+    push    {r4 - r5}
+    lsrs    r2, r1, #3
+    beq     KeccakP1600_OverwriteWithZeroes_Bytes
+    movs    r4, #0
+    movs    r5, #0
+KeccakP1600_OverwriteWithZeroes_LoopLanes
+    stm     r0!, { r4, r5 }
+    subs    r2, r2, #1
+    bne     KeccakP1600_OverwriteWithZeroes_LoopLanes
+KeccakP1600_OverwriteWithZeroes_Bytes
+    lsls    r1, r1, #32-3
+    beq     KeccakP1600_OverwriteWithZeroes_Exit
+    lsrs    r1, r1, #32-3
+    movs    r3, #0x0F                       ;r2 already zero, r3 = mask to wipe nibbles(bit interleaved bytes) in state
+KeccakP1600_OverwriteWithZeroes_LoopBytes
+    orrs    r2, r2, r3
+    lsls    r3, r3, #4
+    subs    r1, r1, #1
+    bne     KeccakP1600_OverwriteWithZeroes_LoopBytes
+    ldr     r4, [r0]
+    ldr     r5, [r0, #4]
+    bics    r4, r4, r2
+    bics    r5, r5, r2
+    stm     r0!, { r4, r5 }
+KeccakP1600_OverwriteWithZeroes_Exit
+    pop     {r4 - r5}
+    bx      lr
+    ENDP
+;----------------------------------------------------------------------------
+;
+; void KeccakP1600_ExtractBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length)
+;
+    ALIGN
+    EXPORT  KeccakP1600_ExtractBytes
+KeccakP1600_ExtractBytes   PROC
+    cmp     r3, #0                                  ; if length != 0
+    beq     KeccakP1600_ExtractBytes_Exit1
+    push    {r4 - r6, lr}                           ; then
+    mov     r4, r8
+    push    {r4, r7}
+    lsrs    r4, r2, #3                              ; offset &= ~7
+    lsls    r4, r4, #3
+    adds    r0, r0, r4                              ; add whole lane offset to state pointer
+    lsls    r2, r2, #29                             ; offset &= 7 (part not lane aligned)
+    lsrs    r2, r2, #29
+    beq     KeccakP1600_ExtractBytes_CheckLanes ; if offset != 0
+    movs    r4, r3                                  ; then, do remaining bytes in first lane
+    movs    r5, #8
+    subs    r5, r2                                  ; max size in lane = 8 - offset
+    cmp     r4, r5
+    ble     KeccakP1600_ExtractBytes_BytesAlign
+    movs    r4, r5
+KeccakP1600_ExtractBytes_BytesAlign
+    subs    r3, r3, r4                              ; size left
+    mov     r8, r3
+    movs    r3, r4
+    adr     r7, KeccakP1600_ExtractBytes_FromBitInterleavingConstants
+    bl      __KeccakP1600_ExtractBytesInLane
+    mov     r3, r8
+KeccakP1600_ExtractBytes_CheckLanes
+    lsrs    r2, r3, #3                              ; if length >= 8
+    beq     KeccakP1600_ExtractBytes_Bytes
+    mov     r8, r3
+    adr     r3, KeccakP1600_ExtractBytes_FromBitInterleavingConstants
+    bl      __KeccakP1600_ExtractLanes
+    mov     r3, r8
+    lsls    r3, r3, #29
+    lsrs    r3, r3, #29
+KeccakP1600_ExtractBytes_Bytes
+    cmp     r3, #0
+    beq     KeccakP1600_ExtractBytes_Exit
+    movs    r2, #0
+    adr     r7, KeccakP1600_ExtractBytes_FromBitInterleavingConstants
+    bl      __KeccakP1600_ExtractBytesInLane
+KeccakP1600_ExtractBytes_Exit
+    pop     {r4,r7}
+    mov     r8, r4
+    pop     {r4 - r6, pc}
+KeccakP1600_ExtractBytes_Exit1
+    bx      lr
+    nop
+KeccakP1600_ExtractBytes_FromBitInterleavingConstants
+    dcd     0x0000FF00
+    dcd     0x00F000F0
+    dcd     0x0C0C0C0C
+    dcd     0x22222222
+    ENDP
+;----------------------------------------------------------------------------
+;
+; __KeccakP1600_ExtractLanes
+;
+; Input:
+;  r0 state pointer
+;  r1 data pointer
+;  r2 laneCount
+;  r3 from bit interleaving constants pointer
+;
+; Output:
+;  r0 state pointer next lane
+;  r1 data pointer next byte to output
+;
+;  Changed: r2-r7
+;
+    ALIGN
+__KeccakP1600_ExtractLanes   PROC
+    lsls    r4, r1, #30
+    bne     __KeccakP1600_ExtractLanes_LoopUnaligned
+__KeccakP1600_ExtractLanes_LoopAligned
+    ldmia   r0!, {r6,r7}
+    fromBitInterleaving r6, r7, r5, r4, r3
+    stmia   r1!, {r6,r7}
+    subs    r2, r2, #1
+    bne     __KeccakP1600_ExtractLanes_LoopAligned
+    bx      lr
+__KeccakP1600_ExtractLanes_LoopUnaligned
+    ldmia   r0!, {r6,r7}
+    fromBitInterleaving r6, r7, r5, r4, r3
+    strb    r6, [r1, #0]
+    lsrs    r6, r6, #8
+    strb    r6, [r1, #1]
+    lsrs    r6, r6, #8
+    strb    r6, [r1, #2]
+    lsrs    r6, r6, #8
+    strb    r6, [r1, #3]
+    strb    r7, [r1, #4]
+    lsrs    r7, r7, #8
+    strb    r7, [r1, #5]
+    lsrs    r7, r7, #8
+    strb    r7, [r1, #6]
+    lsrs    r7, r7, #8
+    strb    r7, [r1, #7]
+    adds    r1, r1, #8
+    subs    r2, r2, #1
+    bne     __KeccakP1600_ExtractLanes_LoopUnaligned
+    bx      lr
+    ENDP
+;----------------------------------------------------------------------------
+;
+; __KeccakP1600_ExtractBytesInLane
+;
+; Input:
+;  r0 state pointer
+;  r1 data pointer
+;  r2 offset in lane
+;  r3 length
+;  r7 from bit interleaving constants pointer
+;
+; Output:
+;  r0 state pointer next lane
+;  r1 data pointer next byte to output
+;
+;  Changed: r2-r7
+;
+    ALIGN
+__KeccakP1600_ExtractBytesInLane   PROC
+    ldmia   r0!, {r4,r5}
+    push    {r0, r3}
+    fromBitInterleaving r4, r5, r0, r3, r7
+    pop     {r0, r3}
+    push    {r4, r5}
+    mov     r4, sp
+    adds    r4, r4, r2
+__KeccakP1600_ExtractBytesInLane_Loop
+    ldrb    r2, [r4]
+    adds    r4, r4, #1
+    strb    r2, [r1]
+    adds    r1, r1, #1
+    subs    r3, r3, #1
+    bne     __KeccakP1600_ExtractBytesInLane_Loop
+    add     sp, #8
+    bx      lr
+    ENDP
+;----------------------------------------------------------------------------
+;
+;  void KeccakP1600_ExtractAndAddBytes(void *state, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length)
+;
+    ALIGN
+    EXPORT  KeccakP1600_ExtractAndAddBytes
+KeccakP1600_ExtractAndAddBytes   PROC
+    push    {r3 - r7, lr}
+    mov     r4, r8
+    mov     r5, r9
+    push    {r4 - r5}
+    mov     r9, r2
+    mov     r2, r3
+    ldr     r3, [sp, #8*4]
+    cmp     r3, #0                                  ; if length != 0
+    beq     KeccakP1600_ExtractAndAddBytes_Exit
+    lsrs    r4, r2, #3                              ; offset &= ~7
+    lsls    r4, r4, #3
+    adds    r0, r0, r4                              ; add whole lane offset to state pointer
+    lsls    r2, r2, #29                             ; offset &= 7 (part not lane aligned)
+    lsrs    r2, r2, #29
+    beq     KeccakP1600_ExtractAndAddBytes_CheckLanes   ; if offset != 0
+    movs    r4, r3                                  ; then, do remaining bytes in first lane
+    movs    r5, #8
+    subs    r5, r2                                  ; max size in lane = 8 - offset
+    cmp     r4, r5
+    ble     KeccakP1600_ExtractAndAddBytes_BytesAlign
+    movs    r4, r5
+KeccakP1600_ExtractAndAddBytes_BytesAlign
+    subs    r3, r3, r4                              ; size left
+    mov     r8, r3
+    movs    r3, r4
+    adr     r7, KeccakP1600_ExtractAndAddBytes_FromBitInterleavingConstants
+    bl      __KeccakP1600_ExtractAndAddBytesInLane
+    mov     r3, r8
+KeccakP1600_ExtractAndAddBytes_CheckLanes
+    lsrs    r2, r3, #3                              ; if length >= 8
+    beq     KeccakP1600_ExtractAndAddBytes_Bytes
+    mov     r8, r3
+    adr     r3, KeccakP1600_ExtractAndAddBytes_FromBitInterleavingConstants
+    bl      __KeccakP1600_ExtractAndAddLanes
+    mov     r3, r8
+    lsls    r3, r3, #29
+    lsrs    r3, r3, #29
+KeccakP1600_ExtractAndAddBytes_Bytes
+    cmp     r3, #0
+    beq     KeccakP1600_ExtractAndAddBytes_Exit
+    movs    r2, #0
+    adr     r7, KeccakP1600_ExtractAndAddBytes_FromBitInterleavingConstants
+    bl      __KeccakP1600_ExtractAndAddBytesInLane
+KeccakP1600_ExtractAndAddBytes_Exit
+    pop     {r4 - r5}
+    mov     r8, r4
+    mov     r9, r5
+    pop     {r3 - r7, pc}
+    ALIGN
+KeccakP1600_ExtractAndAddBytes_FromBitInterleavingConstants
+    dcd     0x0000FF00
+    dcd     0x00F000F0
+    dcd     0x0C0C0C0C
+    dcd     0x22222222
+    ENDP
+;----------------------------------------------------------------------------
+;
+; __KeccakP1600_ExtractAndAddLanes
+;
+; Input:
+;  r0 state pointer
+;  r1 in pointer
+;  r2 laneCount
+;  r3 from bit interleaving constants pointer
+;  r9 out pointer
+;
+; Output:
+;  r0 state pointer next lane
+;  r1 in pointer (next lane)
+;  r9 out pointer (next lane)
+;
+;  Changed: r2-r7
+;
+    ALIGN
+__KeccakP1600_ExtractAndAddLanes   PROC
+    lsls    r4, r1, #30
+    bne     __KeccakP1600_ExtractAndAddLanes_LoopUnaligned
+    mov     r4, r9
+    lsls    r4, r4, #30
+    bne     __KeccakP1600_ExtractAndAddLanes_LoopUnaligned
+__KeccakP1600_ExtractAndAddLanes_LoopAligned
+    ldmia   r0!, {r6,r7}
+    fromBitInterleaving r6, r7, r5, r4, r3
+    mov     r4, r9
+    ldm     r1!, {r5}
+    eors    r6, r6, r5
+    ldm     r1!, {r5}
+    eors    r7, r7, r5
+    stmia   r4!, {r6,r7}
+    mov     r9, r4
+    subs    r2, r2, #1
+    bne     __KeccakP1600_ExtractAndAddLanes_LoopAligned
+    bx      lr
+__KeccakP1600_ExtractAndAddLanes_LoopUnaligned
+    ldmia   r0!, {r6,r7}
+    fromBitInterleaving r6, r7, r5, r4, r3
+    mov     r4, r9
+    ldrb    r5, [r1, #0]
+    eors    r5, r5, r6
+    strb    r5, [r4, #0]
+    lsrs    r6, r6, #8
+    ldrb    r5, [r1, #1]
+    eors    r5, r5, r6
+    strb    r5, [r4, #1]
+    lsrs    r6, r6, #8
+    ldrb    r5, [r1, #2]
+    eors    r5, r5, r6
+    strb    r5, [r4, #2]
+    lsrs    r6, r6, #8
+    ldrb    r5, [r1, #3]
+    eors    r5, r5, r6
+    strb    r5, [r4, #3]
+    ldrb    r5, [r1, #4]
+    eors    r5, r5, r7
+    strb    r5, [r4, #4]
+    lsrs    r7, r7, #8
+    ldrb    r5, [r1, #5]
+    eors    r5, r5, r7
+    strb    r5, [r4, #5]
+    lsrs    r7, r7, #8
+    ldrb    r5, [r1, #6]
+    eors    r5, r5, r7
+    strb    r5, [r4, #6]
+    lsrs    r7, r7, #8
+    ldrb    r5, [r1, #7]
+    eors    r5, r5, r7
+    strb    r5, [r4, #7]
+    adds    r1, r1, #8
+    adds    r4, r4, #8
+    mov     r9, r4
+    subs    r2, r2, #1
+    bne     __KeccakP1600_ExtractAndAddLanes_LoopUnaligned
+    bx      lr
+    ENDP
+;----------------------------------------------------------------------------
+;
+; __KeccakP1600_ExtractAndAddBytesInLane
+;
+; Input:
+;  r0 state pointer
+;  r1 data pointer
+;  r2 offset in lane
+;  r3 length
+;  r7 from bit interleaving constants pointer
+;  r9 out pointer
+;
+; Output:
+;  r0 state pointer next lane
+;  r1 in pointer (next byte)
+;  r9 out pointer (next byte)
+;
+;  Changed: r2-r7
+;
+    ALIGN
+__KeccakP1600_ExtractAndAddBytesInLane   PROC
+    ldmia   r0!, {r4,r5}
+    push    {r0, r3}
+    fromBitInterleaving r4, r5, r0, r3, r7
+    pop     {r0, r3}
+    push    {r4, r5}
+    mov     r4, sp
+    adds    r4, r4, r2
+    mov     r6, r9
+__KeccakP1600_ExtractAndAddBytesInLane_Loop
+    ldrb    r2, [r4]
+    adds    r4, r4, #1
+    ldrb    r5, [r1]
+    eors    r2, r2, r5
+    strb    r2, [r6]
+    adds    r1, r1, #1
+    adds    r6, r6, #1
+    subs    r3, r3, #1
+    bne     __KeccakP1600_ExtractAndAddBytesInLane_Loop
+    add     sp, #8
+    mov     r9, r6
+    bx      lr
+    ENDP
+; ----------------------------------------------------------------------------
+;
+;  void KeccakP1600_Permute_Nrounds(void *state, unsigned int nrounds)
+;
+    ALIGN
+    EXPORT  KeccakP1600_Permute_Nrounds
+KeccakP1600_Permute_Nrounds   PROC
+    movs    r2, r1
+    lsls    r3, r2, #3
+    adr     r1, KeccakP1600_Permute_RoundConstants0
+    subs    r1, r1, r3
+    lsls    r2, r2, #31
+    bne     KeccakP1600_Permute_NroundsOdd
+    b       KeccakP1600_Permute
+KeccakP1600_Permute_NroundsOdd
+    push    { r4 - r6, lr }         ; odd number of rounds, copy primary to secondary state
+    mov     r2, r8
+    mov     r3, r9
+    mov     r4, r10
+    mov     r5, r11
+    mov     r6, r12
+    push    { r2 - r7 }
+    sub     sp, #mSize
+    str     r1, [sp, #mRC]
+    add     r7, sp, #mEs
+    ldm     r0!, {r1-r5}
+    stm     r7!, {r1-r5}
+    ldm     r0!, {r1-r5}
+    stm     r7!, {r1-r5}
+    ldm     r0!, {r1-r5}
+    stm     r7!, {r1-r5}
+    ldm     r0!, {r1-r5}
+    stm     r7!, {r1-r5}
+    ldm     r0!, {r1-r5}
+    stm     r7!, {r1-r5}
+    ldm     r0!, {r1-r5}
+    stm     r7!, {r1-r5}
+    ldm     r0!, {r1-r5}
+    stm     r7!, {r1-r5}
+    ldm     r0!, {r1-r5}
+    stm     r7!, {r1-r5}
+    ldm     r0!, {r1-r5}
+    stm     r7!, {r1-r5}
+    ldm     r0!, {r1-r5}
+    stm     r7!, {r1-r5}
+    mov     r7, r0
+    subs    r7, r7, #25*2*4
+    add     r0, sp, #mEs
+    b       KeccakP1600_Permute_RoundLoop1
+    ENDP
+; ----------------------------------------------------------------------------
+;
+;  void KeccakP1600_Permute_12rounds( void *state )
+;
+    ALIGN
+    EXPORT  KeccakP1600_Permute_12rounds
+KeccakP1600_Permute_12rounds   PROC
+    adr     r1, KeccakP1600_Permute_RoundConstants12
+    b       KeccakP1600_Permute
+    ENDP
+; ----------------------------------------------------------------------------
+;
+;  void KeccakP1600_Permute_24rounds( void *state )
+;
+    ALIGN
+    EXPORT  KeccakP1600_Permute_24rounds
+KeccakP1600_Permute_24rounds   PROC
+    adr     r1, KeccakP1600_Permute_RoundConstants24
+    b       KeccakP1600_Permute
+    ENDP
+    ALIGN
+KeccakP1600_Permute_RoundConstants24
+    ;       0           1
+    dcd     0x00000001, 0x00000000
+    dcd     0x00000000, 0x00000089
+    dcd     0x00000000, 0x8000008b
+    dcd     0x00000000, 0x80008080
+    dcd     0x00000001, 0x0000008b
+    dcd     0x00000001, 0x00008000
+    dcd     0x00000001, 0x80008088
+    dcd     0x00000001, 0x80000082
+    dcd     0x00000000, 0x0000000b
+    dcd     0x00000000, 0x0000000a
+    dcd     0x00000001, 0x00008082
+    dcd     0x00000000, 0x00008003
+KeccakP1600_Permute_RoundConstants12
+    dcd     0x00000001, 0x0000808b
+    dcd     0x00000001, 0x8000000b
+    dcd     0x00000001, 0x8000008a
+    dcd     0x00000001, 0x80000081
+    dcd     0x00000000, 0x80000081
+    dcd     0x00000000, 0x80000008
+    dcd     0x00000000, 0x00000083
+    dcd     0x00000000, 0x80008003
+    dcd     0x00000001, 0x80008088
+    dcd     0x00000000, 0x80000088
+    dcd     0x00000001, 0x00008000
+    dcd     0x00000000, 0x80008082
+KeccakP1600_Permute_RoundConstants0
+    dcd     0x000000FF  ;terminator
+;----------------------------------------------------------------------------
+;
+; void KeccakP1600_Permute( void *state, void * rc )
+;
+    ALIGN
+KeccakP1600_Permute   PROC
+    push    { r4 - r6, lr }
+    mov     r2, r8
+    mov     r3, r9
+    mov     r4, r10
+    mov     r5, r11
+    mov     r6, r12
+    push    { r2 - r7 }
+    sub     sp, #mSize
+    add     r7, sp, #mEs
+KeccakP1600_Permute_RoundLoop
+    str     r1, [sp, #mRC]
+KeccakP1600_Permute_RoundLoop1
+    ; prepare Theta
+    movs    r4, #31
+    movs    r5, #_ma0
+    adds    r5, r5, r0
+    xor5    r1, _be1, _ge1, _ke1, _me1, _se1
+    xor5    r2, _bu0, _gu0, _ku0, _mu0, _su0
+    mov     r6, r1
+    te0r    r8, r2, r6
+    xor5    r3, _bi1, _gi1, _ki1, _mi1, _si1
+    te1m    mDo1, r3, r2
+    xor5    r2, _ba0, _ga0, _ka0, _ma0, _sa0
+    te0r    r10, r2, r3
+    xor5    r3, _bo1, _go1, _ko1, _mo1, _so1
+    te1m    mDu1, r3, r2
+    xor5    r2, _be0, _ge0, _ke0, _me0, _se0
+    te0r    r12, r2, r3
+    xor5    r3, _bu1, _gu1, _ku1, _mu1, _su1
+    te1r    r9, r3, r2
+    xor5    r2, _bi0, _gi0, _ki0, _mi0, _si0
+    te0m    mDo0, r2, r3
+    xor5    r3, _ba1, _ga1, _ka1, _ma1, _sa1
+    te1r    r11, r3, r2
+    xor5    r2, _bo0, _go0, _ko0, _mo0, _so0
+    te0m    mDu0, r2, r3
+    te1r    lr, r1, r2
+    adds    r7, r7, #_ma0
+    trp5e   _bi0, r12, 1, 31, _go1, mDo1, 0, 28, _ku1, mDu1, 0, 20, _ma1, r9, 1, 21, _se0, r10, 1,  1
+    chio5   _sa0-_ma0, 0xFF
+    trp5o   _bi1, lr, 1, 31, _go0, mDo0, 0, 27, _ku0, mDu0, 0, 19, _ma0, r8, 1, 20, _se1, r11, 1,  1
+    chio5   _sa1-_ma0, 0xFF
+    trp5e   _bu1, mDu1, 0, 14, _ga0, r8, 1, 18, _ke0, r10, 1,  5, _mi1, lr, 1,  8, _so0, mDo0, 0, 28
+    chio5   _ma0-_ma0, 0xFF
+    trp5o   _bu0, mDu0, 0, 13, _ga1, r9, 1, 18, _ke1, r11, 1,  5, _mi0, r12, 1,  7, _so1, mDo1, 0, 28
+    chio5   _ma1-_ma0, 0xFF
+    subs    r7, r7, #_ma0
+    trp5e   _be1, r11, 1,  1, _gi0, r12, 1,  3, _ko1, mDo1, 0, 13, _mu0, mDu0, 0,  4, _sa0, r8, 1,  9
+    chio5   _ka0, 0xFF
+    trp5o   _be0, r10, 1,  0, _gi1, lr, 1,  3, _ko0, mDo0, 0, 12, _mu1, mDu1, 0,  4, _sa1, r9, 1,  9
+    chio5   _ka1, 0xFF
+    trp5e   _bo0, mDo0, 0, 14, _gu0, mDu0, 0, 10, _ka1, r9, 1,  2, _me1, r11, 1, 23, _si1, lr, 1, 31
+    chio5   _ga0, 0xFF
+    trp5o   _bo1, mDo1, 0, 14, _gu1, mDu1, 0, 10, _ka0, r8, 1,  1, _me0, r10, 1, 22, _si0, r12, 1, 30
+    chio5   _ga1, 0xFF
+    trp5e   _ba0, r8, 1,  0, _ge0, r10, 1, 22, _ki1, lr, 1, 22, _mo1, mDo1, 0, 11, _su0, mDu0, 0,  7
+    chio5   _ba0, 0
+    trp5o   _ba1, r9, 1,  0, _ge1, r11, 1, 22, _ki0, r12, 1, 21, _mo0, mDo0, 0, 10, _su1, mDu1, 0,  7
+    chio5   _ba1, 4
+    adds    r1, r1, #8        ; Update pointer RC
+    ldr     r6, [r1]          ; Check terminator
+    cmp     r6, #0xFF
+    beq     KeccakP1600_Permute_Done
+    mov     r6, r0       ; Swap in/out state
+    mov     r0, r7
+    mov     r7, r6
+    b       KeccakP1600_Permute_RoundLoop
+KeccakP1600_Permute_Done
+    mov     r0, r7  ; restore initial state pointer (FastLoop functions may use it)
+    add     sp, #mSize
+    pop     { r1 - r5, r7 }
+    mov     r8, r1
+    mov     r9, r2
+    mov     r10, r3
+    mov     r11, r4
+    mov     r12, r5
+    pop     { r4 - r6, pc }
+    ENDP
+    END