sleeping_kangaroo12 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/README.md +127 -0
- data/ext/Rakefile +73 -0
- data/ext/binding/sleeping_kangaroo12.c +39 -0
- data/ext/config/xkcp.build +17 -0
- data/ext/xkcp/LICENSE +1 -0
- data/ext/xkcp/Makefile +15 -0
- data/ext/xkcp/Makefile.build +200 -0
- data/ext/xkcp/README.markdown +296 -0
- data/ext/xkcp/lib/HighLevel.build +143 -0
- data/ext/xkcp/lib/LowLevel.build +757 -0
- data/ext/xkcp/lib/common/align.h +33 -0
- data/ext/xkcp/lib/common/brg_endian.h +143 -0
- data/ext/xkcp/lib/high/KangarooTwelve/KangarooTwelve.c +301 -0
- data/ext/xkcp/lib/high/KangarooTwelve/KangarooTwelve.h +97 -0
- data/ext/xkcp/lib/high/Keccak/FIPS202/KeccakHash.c +81 -0
- data/ext/xkcp/lib/high/Keccak/FIPS202/KeccakHash.h +125 -0
- data/ext/xkcp/lib/high/Keccak/FIPS202/SimpleFIPS202.c +48 -0
- data/ext/xkcp/lib/high/Keccak/FIPS202/SimpleFIPS202.h +79 -0
- data/ext/xkcp/lib/high/Keccak/KeccakDuplex.c +81 -0
- data/ext/xkcp/lib/high/Keccak/KeccakDuplex.h +73 -0
- data/ext/xkcp/lib/high/Keccak/KeccakDuplex.inc +195 -0
- data/ext/xkcp/lib/high/Keccak/KeccakSponge.c +111 -0
- data/ext/xkcp/lib/high/Keccak/KeccakSponge.h +76 -0
- data/ext/xkcp/lib/high/Keccak/KeccakSponge.inc +314 -0
- data/ext/xkcp/lib/high/Keccak/PRG/KeccakPRG.c +61 -0
- data/ext/xkcp/lib/high/Keccak/PRG/KeccakPRG.h +67 -0
- data/ext/xkcp/lib/high/Keccak/PRG/KeccakPRG.inc +128 -0
- data/ext/xkcp/lib/high/Keccak/SP800-185/SP800-185.c +93 -0
- data/ext/xkcp/lib/high/Keccak/SP800-185/SP800-185.h +599 -0
- data/ext/xkcp/lib/high/Keccak/SP800-185/SP800-185.inc +573 -0
- data/ext/xkcp/lib/high/Ketje/Ketjev2.c +87 -0
- data/ext/xkcp/lib/high/Ketje/Ketjev2.h +88 -0
- data/ext/xkcp/lib/high/Ketje/Ketjev2.inc +274 -0
- data/ext/xkcp/lib/high/Keyak/Keyakv2.c +132 -0
- data/ext/xkcp/lib/high/Keyak/Keyakv2.h +217 -0
- data/ext/xkcp/lib/high/Keyak/Keyakv2.inc +81 -0
- data/ext/xkcp/lib/high/Keyak/Motorist.inc +953 -0
- data/ext/xkcp/lib/high/Kravatte/Kravatte.c +533 -0
- data/ext/xkcp/lib/high/Kravatte/Kravatte.h +115 -0
- data/ext/xkcp/lib/high/Kravatte/KravatteModes.c +557 -0
- data/ext/xkcp/lib/high/Kravatte/KravatteModes.h +247 -0
- data/ext/xkcp/lib/high/Xoodyak/Cyclist.h +66 -0
- data/ext/xkcp/lib/high/Xoodyak/Cyclist.inc +336 -0
- data/ext/xkcp/lib/high/Xoodyak/Xoodyak-parameters.h +26 -0
- data/ext/xkcp/lib/high/Xoodyak/Xoodyak.c +55 -0
- data/ext/xkcp/lib/high/Xoodyak/Xoodyak.h +35 -0
- data/ext/xkcp/lib/high/Xoofff/Xoofff.c +634 -0
- data/ext/xkcp/lib/high/Xoofff/Xoofff.h +147 -0
- data/ext/xkcp/lib/high/Xoofff/XoofffModes.c +483 -0
- data/ext/xkcp/lib/high/Xoofff/XoofffModes.h +241 -0
- data/ext/xkcp/lib/high/common/Phases.h +25 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARM/KeccakP-1600-SnP.h +41 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARM/KeccakP-1600-inplace-32bi-armv6m-le-armcc.s +1666 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARM/KeccakP-1600-inplace-32bi-armv6m-le-gcc.s +1655 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARM/KeccakP-1600-inplace-32bi-armv7a-le-armcc.s +1268 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARM/KeccakP-1600-inplace-32bi-armv7a-le-gcc.s +1264 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARM/KeccakP-1600-inplace-32bi-armv7m-le-armcc.s +1178 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARM/KeccakP-1600-inplace-32bi-armv7m-le-gcc.s +1175 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARM/KeccakP-1600-u1-32bi-armv6m-le-armcc.s +1338 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARM/KeccakP-1600-u1-32bi-armv6m-le-gcc.s +1336 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARM/KeccakP-1600-u2-32bi-armv6m-le-armcc.s +1343 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARM/KeccakP-1600-u2-32bi-armv6m-le-gcc.s +1339 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARMv7A-NEON/KeccakP-1600-SnP.h +42 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARMv7A-NEON/KeccakP-1600-armv7a-le-neon-armcc.s +823 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARMv7A-NEON/KeccakP-1600-armv7a-le-neon-gcc.s +831 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARMv8A/KeccakP-1600-SnP.h +31 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ARMv8A/KeccakP-1600-armv8a-neon.s +540 -0
- data/ext/xkcp/lib/low/KeccakP-1600/AVR8/KeccakP-1600-SnP.h +42 -0
- data/ext/xkcp/lib/low/KeccakP-1600/AVR8/KeccakP-1600-avr8-compact.s +733 -0
- data/ext/xkcp/lib/low/KeccakP-1600/AVR8/KeccakP-1600-avr8-fast.s +1121 -0
- data/ext/xkcp/lib/low/KeccakP-1600/AVX2/KeccakP-1600-AVX2.s +1100 -0
- data/ext/xkcp/lib/low/KeccakP-1600/AVX2/KeccakP-1600-SnP.h +52 -0
- data/ext/xkcp/lib/low/KeccakP-1600/AVX512/C/KeccakP-1600-AVX512.c +623 -0
- data/ext/xkcp/lib/low/KeccakP-1600/AVX512/C/KeccakP-1600-SnP.h +47 -0
- data/ext/xkcp/lib/low/KeccakP-1600/AVX512/C/u12/KeccakP-1600-AVX512-config.h +6 -0
- data/ext/xkcp/lib/low/KeccakP-1600/AVX512/C/u6/KeccakP-1600-AVX512-config.h +6 -0
- data/ext/xkcp/lib/low/KeccakP-1600/AVX512/C/ua/KeccakP-1600-AVX512-config.h +6 -0
- data/ext/xkcp/lib/low/KeccakP-1600/AVX512/KeccakP-1600-AVX512.s +1031 -0
- data/ext/xkcp/lib/low/KeccakP-1600/AVX512/KeccakP-1600-SnP.h +53 -0
- data/ext/xkcp/lib/low/KeccakP-1600/XOP/KeccakP-1600-SnP.h +44 -0
- data/ext/xkcp/lib/low/KeccakP-1600/XOP/KeccakP-1600-XOP.c +476 -0
- data/ext/xkcp/lib/low/KeccakP-1600/XOP/u6/KeccakP-1600-XOP-config.h +6 -0
- data/ext/xkcp/lib/low/KeccakP-1600/XOP/ua/KeccakP-1600-XOP-config.h +6 -0
- data/ext/xkcp/lib/low/KeccakP-1600/common/KeccakP-1600-64.macros +748 -0
- data/ext/xkcp/lib/low/KeccakP-1600/common/KeccakP-1600-unrolling.macros +305 -0
- data/ext/xkcp/lib/low/KeccakP-1600/compact/KeccakP-1600-SnP.h +40 -0
- data/ext/xkcp/lib/low/KeccakP-1600/compact/KeccakP-1600-compact64.c +420 -0
- data/ext/xkcp/lib/low/KeccakP-1600/plain-32bits-inplace/KeccakP-1600-SnP.h +43 -0
- data/ext/xkcp/lib/low/KeccakP-1600/plain-32bits-inplace/KeccakP-1600-inplace32BI.c +1163 -0
- data/ext/xkcp/lib/low/KeccakP-1600/plain-64bits/KeccakP-1600-SnP.h +54 -0
- data/ext/xkcp/lib/low/KeccakP-1600/plain-64bits/KeccakP-1600-opt64.c +565 -0
- data/ext/xkcp/lib/low/KeccakP-1600/plain-64bits/lcu6/KeccakP-1600-opt64-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-1600/plain-64bits/lcua/KeccakP-1600-opt64-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-1600/plain-64bits/lcua-shld/KeccakP-1600-opt64-config.h +8 -0
- data/ext/xkcp/lib/low/KeccakP-1600/plain-64bits/u6/KeccakP-1600-opt64-config.h +6 -0
- data/ext/xkcp/lib/low/KeccakP-1600/plain-64bits/ua/KeccakP-1600-opt64-config.h +6 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ref-32bits/KeccakP-1600-SnP.h +44 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ref-32bits/KeccakP-1600-reference.h +23 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ref-32bits/KeccakP-1600-reference32BI.c +625 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ref-64bits/KeccakP-1600-SnP.h +44 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ref-64bits/KeccakP-1600-reference.c +440 -0
- data/ext/xkcp/lib/low/KeccakP-1600/ref-64bits/KeccakP-1600-reference.h +23 -0
- data/ext/xkcp/lib/low/KeccakP-1600/x86-64/KeccakP-1600-SnP.h +42 -0
- data/ext/xkcp/lib/low/KeccakP-1600/x86-64/KeccakP-1600-x86-64-gas.s +1196 -0
- data/ext/xkcp/lib/low/KeccakP-1600/x86-64/KeccakP-1600-x86-64-gas_Apple.s +1124 -0
- data/ext/xkcp/lib/low/KeccakP-1600/x86-64/KeccakP-1600-x86-64-shld-gas.s +1196 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/ARMv7A-NEON/KeccakP-1600-inplace-pl2-armv7a-neon-le-armcc.s +1392 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/ARMv7A-NEON/KeccakP-1600-inplace-pl2-armv7a-neon-le-gcc.s +1394 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/ARMv7A-NEON/KeccakP-1600-times2-SnP.h +42 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/AVX512/AVX512u12/SIMD512-2-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/AVX512/AVX512u4/SIMD512-2-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/AVX512/AVX512ufull/SIMD512-2-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/AVX512/KeccakP-1600-times2-SIMD512.c +850 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/AVX512/KeccakP-1600-times2-SnP.h +51 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/SIMD128/KeccakP-1600-times2-SIMD128.c +957 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/SIMD128/KeccakP-1600-times2-SnP.h +49 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/SIMD128/SSSE3-u2/SIMD128-config.h +8 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/SIMD128/SSSE3-ua/SIMD128-config.h +8 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/SIMD128/XOP-u2/SIMD128-config.h +9 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/SIMD128/XOP-ua/SIMD128-config.h +9 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/fallback-on1/KeccakP-1600-times2-SnP.h +45 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times2/fallback-on1/KeccakP-1600-times2-on1.c +37 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times4/AVX2/KeccakP-1600-times4-SIMD256.c +1321 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times4/AVX2/KeccakP-1600-times4-SnP.h +55 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times4/AVX2/u12/SIMD256-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times4/AVX2/u6/SIMD256-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times4/AVX2/ua/SIMD256-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times4/AVX512/AVX512u12/SIMD512-4-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times4/AVX512/AVX512u4/SIMD512-4-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times4/AVX512/AVX512ufull/SIMD512-4-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times4/AVX512/KeccakP-1600-times4-SIMD512.c +881 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times4/AVX512/KeccakP-1600-times4-SnP.h +51 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times4/fallback-on1/KeccakP-1600-times4-SnP.h +45 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times4/fallback-on1/KeccakP-1600-times4-on1.c +37 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times4/fallback-on2/KeccakP-1600-times4-SnP.h +45 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times4/fallback-on2/KeccakP-1600-times4-on2.c +38 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times8/AVX512/KeccakP-1600-times8-SIMD512.c +1615 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times8/AVX512/KeccakP-1600-times8-SnP.h +57 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times8/AVX512/u12/SIMD512-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times8/AVX512/u4/SIMD512-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times8/AVX512/ua/SIMD512-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times8/fallback-on1/KeccakP-1600-times8-SnP.h +45 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times8/fallback-on1/KeccakP-1600-times8-on1.c +37 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times8/fallback-on2/KeccakP-1600-times8-SnP.h +45 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times8/fallback-on2/KeccakP-1600-times8-on2.c +38 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times8/fallback-on4/KeccakP-1600-times8-SnP.h +45 -0
- data/ext/xkcp/lib/low/KeccakP-1600-times8/fallback-on4/KeccakP-1600-times8-on4.c +38 -0
- data/ext/xkcp/lib/low/KeccakP-200/ARM/KeccakP-200-SnP.h +41 -0
- data/ext/xkcp/lib/low/KeccakP-200/ARM/KeccakP-200-armv6m-le-armcc.s +442 -0
- data/ext/xkcp/lib/low/KeccakP-200/ARM/KeccakP-200-armv6m-le-gcc.s +446 -0
- data/ext/xkcp/lib/low/KeccakP-200/ARM/KeccakP-200-armv7m-le-armcc.s +419 -0
- data/ext/xkcp/lib/low/KeccakP-200/ARM/KeccakP-200-armv7m-le-gcc.s +427 -0
- data/ext/xkcp/lib/low/KeccakP-200/AVR8/KeccakP-200-SnP.h +41 -0
- data/ext/xkcp/lib/low/KeccakP-200/AVR8/KeccakP-200-avr8-fast.s +647 -0
- data/ext/xkcp/lib/low/KeccakP-200/compact/KeccakP-200-SnP.h +39 -0
- data/ext/xkcp/lib/low/KeccakP-200/compact/KeccakP-200-compact.c +190 -0
- data/ext/xkcp/lib/low/KeccakP-200/ref/KeccakP-200-SnP.h +43 -0
- data/ext/xkcp/lib/low/KeccakP-200/ref/KeccakP-200-reference.c +412 -0
- data/ext/xkcp/lib/low/KeccakP-200/ref/KeccakP-200-reference.h +23 -0
- data/ext/xkcp/lib/low/KeccakP-400/ARM/KeccakP-400-SnP.h +41 -0
- data/ext/xkcp/lib/low/KeccakP-400/ARM/KeccakP-400-armv6m-le-armcc.s +454 -0
- data/ext/xkcp/lib/low/KeccakP-400/ARM/KeccakP-400-armv6m-le-gcc.s +458 -0
- data/ext/xkcp/lib/low/KeccakP-400/ARM/KeccakP-400-armv7m-le-armcc.s +455 -0
- data/ext/xkcp/lib/low/KeccakP-400/ARM/KeccakP-400-armv7m-le-gcc.s +458 -0
- data/ext/xkcp/lib/low/KeccakP-400/AVR8/KeccakP-400-SnP.h +41 -0
- data/ext/xkcp/lib/low/KeccakP-400/AVR8/KeccakP-400-avr8-fast.s +728 -0
- data/ext/xkcp/lib/low/KeccakP-400/ref/KeccakP-400-SnP.h +43 -0
- data/ext/xkcp/lib/low/KeccakP-400/ref/KeccakP-400-reference.c +414 -0
- data/ext/xkcp/lib/low/KeccakP-400/ref/KeccakP-400-reference.h +23 -0
- data/ext/xkcp/lib/low/KeccakP-800/ARM/KeccakP-800-SnP.h +42 -0
- data/ext/xkcp/lib/low/KeccakP-800/ARM/KeccakP-800-u1-armv6m-le-armcc.s +527 -0
- data/ext/xkcp/lib/low/KeccakP-800/ARM/KeccakP-800-u1-armv6m-le-gcc.s +533 -0
- data/ext/xkcp/lib/low/KeccakP-800/ARM/KeccakP-800-u2-armv6m-le-armcc.s +528 -0
- data/ext/xkcp/lib/low/KeccakP-800/ARM/KeccakP-800-u2-armv6m-le-gcc.s +534 -0
- data/ext/xkcp/lib/low/KeccakP-800/ARM/KeccakP-800-u2-armv7a-le-armcc.s +521 -0
- data/ext/xkcp/lib/low/KeccakP-800/ARM/KeccakP-800-u2-armv7a-le-gcc.s +527 -0
- data/ext/xkcp/lib/low/KeccakP-800/ARM/KeccakP-800-u2-armv7m-le-armcc.s +517 -0
- data/ext/xkcp/lib/low/KeccakP-800/ARM/KeccakP-800-u2-armv7m-le-gcc.s +523 -0
- data/ext/xkcp/lib/low/KeccakP-800/ARM/KeccakP-800-uf-armv7m-le-armcc.s +550 -0
- data/ext/xkcp/lib/low/KeccakP-800/ARM/KeccakP-800-uf-armv7m-le-gcc.s +556 -0
- data/ext/xkcp/lib/low/KeccakP-800/ARMv8A/KeccakP-800-SnP.h +32 -0
- data/ext/xkcp/lib/low/KeccakP-800/ARMv8A/KeccakP-800-armv8a-neon.s +432 -0
- data/ext/xkcp/lib/low/KeccakP-800/AVR8/KeccakP-800-SnP.h +42 -0
- data/ext/xkcp/lib/low/KeccakP-800/AVR8/KeccakP-800-avr8-fast.s +929 -0
- data/ext/xkcp/lib/low/KeccakP-800/compact/KeccakP-800-SnP.h +40 -0
- data/ext/xkcp/lib/low/KeccakP-800/compact/KeccakP-800-compact.c +244 -0
- data/ext/xkcp/lib/low/KeccakP-800/plain/KeccakP-800-SnP.h +46 -0
- data/ext/xkcp/lib/low/KeccakP-800/plain/KeccakP-800-opt32-bis.macros +184 -0
- data/ext/xkcp/lib/low/KeccakP-800/plain/KeccakP-800-opt32.c +454 -0
- data/ext/xkcp/lib/low/KeccakP-800/plain/KeccakP-800-opt32.macros +459 -0
- data/ext/xkcp/lib/low/KeccakP-800/plain/KeccakP-800-unrolling-bis.macros +83 -0
- data/ext/xkcp/lib/low/KeccakP-800/plain/KeccakP-800-unrolling.macros +88 -0
- data/ext/xkcp/lib/low/KeccakP-800/plain/lcu2/KeccakP-800-opt32-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-800/plain/lcua/KeccakP-800-opt32-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-800/plain/u2/KeccakP-800-opt32-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-800/plain/ua/KeccakP-800-opt32-config.h +7 -0
- data/ext/xkcp/lib/low/KeccakP-800/ref/KeccakP-800-SnP.h +44 -0
- data/ext/xkcp/lib/low/KeccakP-800/ref/KeccakP-800-reference.c +437 -0
- data/ext/xkcp/lib/low/KeccakP-800/ref/KeccakP-800-reference.h +23 -0
- data/ext/xkcp/lib/low/Ketje/OptimizedAsmARM/Ket.h +57 -0
- data/ext/xkcp/lib/low/Ketje/OptimizedAsmARM/KetjeJr-armv7m-le-armcc.s +475 -0
- data/ext/xkcp/lib/low/Ketje/OptimizedAsmARM/KetjeJr-armv7m-le-gcc.s +480 -0
- data/ext/xkcp/lib/low/Ketje/OptimizedAsmARM/KetjeSr-armv7m-le-armcc.s +590 -0
- data/ext/xkcp/lib/low/Ketje/OptimizedAsmARM/KetjeSr-armv7m-le-gcc.s +590 -0
- data/ext/xkcp/lib/low/Ketje/OptimizedLE/Ket.c +126 -0
- data/ext/xkcp/lib/low/Ketje/OptimizedLE/Ket.h +68 -0
- data/ext/xkcp/lib/low/Ketje/OptimizedLE/Ket.inc +174 -0
- data/ext/xkcp/lib/low/Ketje/SnP-compliant/Ket.c +80 -0
- data/ext/xkcp/lib/low/Ketje/SnP-compliant/Ket.h +68 -0
- data/ext/xkcp/lib/low/Ketje/SnP-compliant/Ket.inc +142 -0
- data/ext/xkcp/lib/low/Xoodoo/ARM/Xoodoo-SnP.h +55 -0
- data/ext/xkcp/lib/low/Xoodoo/ARM/Xoodoo-u1-armv6m-le-armcc.s +1086 -0
- data/ext/xkcp/lib/low/Xoodoo/ARM/Xoodoo-u1-armv6m-le-gcc.s +1092 -0
- data/ext/xkcp/lib/low/Xoodoo/ARM/Xoodoo-uf-armv6-le-armcc.s +721 -0
- data/ext/xkcp/lib/low/Xoodoo/ARM/Xoodoo-uf-armv6-le-gcc.s +726 -0
- data/ext/xkcp/lib/low/Xoodoo/ARM/Xoodoo-uf-armv7m-le-armcc.s +723 -0
- data/ext/xkcp/lib/low/Xoodoo/ARM/Xoodoo-uf-armv7m-le-gcc.s +729 -0
- data/ext/xkcp/lib/low/Xoodoo/ARM/Xoodyak-u1-armv6m-le-armcc.s +1164 -0
- data/ext/xkcp/lib/low/Xoodoo/ARM/Xoodyak-u1-armv6m-le-gcc.s +1165 -0
- data/ext/xkcp/lib/low/Xoodoo/ARM/Xoodyak-uf-armv6-le-armcc.s +562 -0
- data/ext/xkcp/lib/low/Xoodoo/ARM/Xoodyak-uf-armv6-le-gcc.s +563 -0
- data/ext/xkcp/lib/low/Xoodoo/ARM/Xoodyak-uf-armv7m-le-armcc.s +563 -0
- data/ext/xkcp/lib/low/Xoodoo/ARM/Xoodyak-uf-armv7m-le-gcc.s +565 -0
- data/ext/xkcp/lib/low/Xoodoo/ARMv7A-NEON/Xoodoo-SnP.h +55 -0
- data/ext/xkcp/lib/low/Xoodoo/ARMv7A-NEON/Xoodoo-uf-armv7a-neon-le-armcc.s +476 -0
- data/ext/xkcp/lib/low/Xoodoo/ARMv7A-NEON/Xoodoo-uf-armv7a-neon-le-gcc.s +485 -0
- data/ext/xkcp/lib/low/Xoodoo/ARMv7A-NEON/Xoodyak-uf-armv7a-neon-le-armcc.s +362 -0
- data/ext/xkcp/lib/low/Xoodoo/ARMv7A-NEON/Xoodyak-uf-armv7a-neon-le-gcc.s +367 -0
- data/ext/xkcp/lib/low/Xoodoo/AVR8/Xoodoo-SnP.h +43 -0
- data/ext/xkcp/lib/low/Xoodoo/AVR8/Xoodoo-avr8-u1.s +1341 -0
- data/ext/xkcp/lib/low/Xoodoo/AVX512/Xoodoo-SIMD512.c +581 -0
- data/ext/xkcp/lib/low/Xoodoo/AVX512/Xoodoo-SnP.h +58 -0
- data/ext/xkcp/lib/low/Xoodoo/AVX512/Xoodyak-full-block-SIMD512.c +332 -0
- data/ext/xkcp/lib/low/Xoodoo/SSE2/Xoodoo-SIMD128.c +329 -0
- data/ext/xkcp/lib/low/Xoodoo/SSE2/Xoodoo-SnP.h +53 -0
- data/ext/xkcp/lib/low/Xoodoo/SSE2/Xoodyak-full-block-SIMD128.c +355 -0
- data/ext/xkcp/lib/low/Xoodoo/Xoodoo.h +79 -0
- data/ext/xkcp/lib/low/Xoodoo/plain/Xoodoo-SnP.h +56 -0
- data/ext/xkcp/lib/low/Xoodoo/plain/Xoodoo-optimized.c +399 -0
- data/ext/xkcp/lib/low/Xoodoo/plain/Xoodyak-full-blocks.c +127 -0
- data/ext/xkcp/lib/low/Xoodoo/ref/Xoodoo-SnP.h +43 -0
- data/ext/xkcp/lib/low/Xoodoo/ref/Xoodoo-reference.c +253 -0
- data/ext/xkcp/lib/low/Xoodoo-times16/AVX512/Xoodoo-times16-SIMD512.c +1044 -0
- data/ext/xkcp/lib/low/Xoodoo-times16/AVX512/Xoodoo-times16-SnP.h +49 -0
- data/ext/xkcp/lib/low/Xoodoo-times16/fallback-on1/Xoodoo-times16-SnP.h +45 -0
- data/ext/xkcp/lib/low/Xoodoo-times16/fallback-on1/Xoodoo-times16-on1.c +37 -0
- data/ext/xkcp/lib/low/Xoodoo-times4/ARMv7A-NEON/Xoodoo-times4-ARMv7A.s +1587 -0
- data/ext/xkcp/lib/low/Xoodoo-times4/ARMv7A-NEON/Xoodoo-times4-SnP.h +48 -0
- data/ext/xkcp/lib/low/Xoodoo-times4/AVX512/Xoodoo-times4-SIMD512.c +1202 -0
- data/ext/xkcp/lib/low/Xoodoo-times4/AVX512/Xoodoo-times4-SnP.h +48 -0
- data/ext/xkcp/lib/low/Xoodoo-times4/SSSE3/Xoodoo-times4-SIMD128.c +484 -0
- data/ext/xkcp/lib/low/Xoodoo-times4/SSSE3/Xoodoo-times4-SnP.h +44 -0
- data/ext/xkcp/lib/low/Xoodoo-times4/fallback-on1/Xoodoo-times4-SnP.h +45 -0
- data/ext/xkcp/lib/low/Xoodoo-times4/fallback-on1/Xoodoo-times4-on1.c +37 -0
- data/ext/xkcp/lib/low/Xoodoo-times8/AVX2/Xoodoo-times8-SIMD256.c +939 -0
- data/ext/xkcp/lib/low/Xoodoo-times8/AVX2/Xoodoo-times8-SnP.h +49 -0
- data/ext/xkcp/lib/low/Xoodoo-times8/AVX512/Xoodoo-times8-SIMD512.c +1216 -0
- data/ext/xkcp/lib/low/Xoodoo-times8/AVX512/Xoodoo-times8-SnP.h +48 -0
- data/ext/xkcp/lib/low/Xoodoo-times8/fallback-on1/Xoodoo-times8-SnP.h +45 -0
- data/ext/xkcp/lib/low/Xoodoo-times8/fallback-on1/Xoodoo-times8-on1.c +37 -0
- data/ext/xkcp/lib/low/common/PlSnP-Fallback.inc +290 -0
- data/ext/xkcp/lib/low/common/SnP-Relaned.h +141 -0
- data/ext/xkcp/support/Build/ExpandProducts.xsl +79 -0
- data/ext/xkcp/support/Build/ToGlobalMakefile.xsl +206 -0
- data/ext/xkcp/support/Build/ToOneTarget.xsl +89 -0
- data/ext/xkcp/support/Build/ToTargetConfigFile.xsl +37 -0
- data/ext/xkcp/support/Build/ToTargetMakefile.xsl +298 -0
- data/ext/xkcp/support/Build/ToVCXProj.xsl +198 -0
- data/ext/xkcp/support/Kernel-PMU/Kernel-pmu.md +133 -0
- data/ext/xkcp/support/Kernel-PMU/Makefile +8 -0
- data/ext/xkcp/support/Kernel-PMU/enable_arm_pmu.c +129 -0
- data/ext/xkcp/support/Kernel-PMU/load-module +1 -0
- data/ext/xkcp/util/KeccakSum/KeccakSum.c +394 -0
- data/ext/xkcp/util/KeccakSum/base64.c +86 -0
- data/ext/xkcp/util/KeccakSum/base64.h +12 -0
- data/lib/sleeping_kangaroo12/binding.rb +15 -0
- data/lib/sleeping_kangaroo12/build/loader.rb +40 -0
- data/lib/sleeping_kangaroo12/build/platform.rb +37 -0
- data/lib/sleeping_kangaroo12/build.rb +4 -0
- data/lib/sleeping_kangaroo12/digest.rb +103 -0
- data/lib/sleeping_kangaroo12/version.rb +5 -0
- data/lib/sleeping_kangaroo12.rb +7 -0
- metadata +372 -0
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
/*
|
|
2
|
+
The eXtended Keccak Code Package (XKCP)
|
|
3
|
+
https://github.com/XKCP/XKCP
|
|
4
|
+
|
|
5
|
+
Implementation by Andre Moraes
|
|
6
|
+
|
|
7
|
+
---
|
|
8
|
+
|
|
9
|
+
Please refer to SnP-documentation.h for more details.
|
|
10
|
+
*/
|
|
11
|
+
|
|
12
|
+
#ifndef _KeccakP_1600_SnP_h_
|
|
13
|
+
#define _KeccakP_1600_SnP_h_
|
|
14
|
+
|
|
15
|
+
#define KeccakP1600_implementation "64-bit optimized ARMv8a assembler implementation"
|
|
16
|
+
#define KeccakP1600_stateSizeInBytes 200
|
|
17
|
+
#define KeccakP1600_stateAlignment 64
|
|
18
|
+
|
|
19
|
+
#define KeccakP1600_StaticInitialize()
|
|
20
|
+
void KeccakP1600_Initialize(void *state);
|
|
21
|
+
void KeccakP1600_AddByte(void *state, unsigned char data, unsigned int offset);
|
|
22
|
+
void KeccakP1600_AddBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length);
|
|
23
|
+
void KeccakP1600_OverwriteBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length);
|
|
24
|
+
void KeccakP1600_OverwriteWithZeroes(void *state, unsigned int byteCount);
|
|
25
|
+
void KeccakP1600_Permute_Nrounds(void *state, unsigned int nrounds);
|
|
26
|
+
void KeccakP1600_Permute_12rounds(void *state);
|
|
27
|
+
void KeccakP1600_Permute_24rounds(void *state);
|
|
28
|
+
void KeccakP1600_ExtractBytes(const void *state, unsigned char *data, unsigned int offset, unsigned int length);
|
|
29
|
+
void KeccakP1600_ExtractAndAddBytes(const void *state, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length);
|
|
30
|
+
|
|
31
|
+
#endif
|
|
@@ -0,0 +1,540 @@
|
|
|
1
|
+
// The eXtended Keccak Code Package (XKCP)
|
|
2
|
+
// https://github.com/XKCP/XKCP
|
|
3
|
+
//
|
|
4
|
+
// Implementation by Andre Moraes
|
|
5
|
+
//
|
|
6
|
+
// This file implements Keccak-p[1600] in a SnP-compatible way.
|
|
7
|
+
// Please refer to SnP-documentation.h for more details.
|
|
8
|
+
//
|
|
9
|
+
// This implementation comes with KeccakP-1600-SnP.h in the same folder.
|
|
10
|
+
// Please refer to LowLevel.build for the exact list of other files it must be combined with.
|
|
11
|
+
|
|
12
|
+
// INFO: Tested on Cortex-A53(odroid-c2), using gcc.
|
|
13
|
+
// WARNING: These functions work only on little endian CPU with ARMv8a + NEON architecture
|
|
14
|
+
// WARNING: State must be 512 bit (64 bytes) aligned.
|
|
15
|
+
// WARNING: Don't use V8-V15 or X19-X28 since we aren't saving them
|
|
16
|
+
|
|
17
|
+
// Note that byte order, same as the Keyakv2 Convection:
|
|
18
|
+
// v19 = A[0] || A[4]
|
|
19
|
+
// v19.2d[0] = A[0]
|
|
20
|
+
// v19.2d[1] = A[4]
|
|
21
|
+
|
|
22
|
+
// Register-Lane Lookup
|
|
23
|
+
// v19 = A[0] || A[4]
|
|
24
|
+
// v20 = A[1] || A[5]
|
|
25
|
+
// v21 = A[2] || A[6]
|
|
26
|
+
// v22 = A[3] || A[7]
|
|
27
|
+
|
|
28
|
+
// v23 = A[8] || A[12]
|
|
29
|
+
// v24 = A[9] || A[13]
|
|
30
|
+
// v25 = A[10] || A[14]
|
|
31
|
+
// v26 = A[11] || A[15]
|
|
32
|
+
|
|
33
|
+
// v27 = A[16] || A[20]
|
|
34
|
+
// v28 = A[17] || A[21]
|
|
35
|
+
// v29 = A[18] || A[22]
|
|
36
|
+
// v30 = A[19] || A[23]
|
|
37
|
+
|
|
38
|
+
// v31 = A[24] || ?????
|
|
39
|
+
|
|
40
|
+
// Transpose
|
|
41
|
+
// trn1 v0.2d, v19.2d, v20.2d
|
|
42
|
+
// trn2 v2.2d, v19.2d, v20.2d
|
|
43
|
+
// v0 = A[0] || A[1]
|
|
44
|
+
// v1 = A[4] || A[5]
|
|
45
|
+
|
|
46
|
+
// Extract
|
|
47
|
+
// ext v0.16b, v19.16b, v20.16b, #8
|
|
48
|
+
// v0 = A[4] || A[1]
|
|
49
|
+
|
|
50
|
+
.macro LoadState
|
|
51
|
+
ld4 { v19.2d, v20.2d, v21.2d, v22.2d }, [x0], #64
|
|
52
|
+
ld4 { v23.2d, v24.2d, v25.2d, v26.2d }, [x0], #64
|
|
53
|
+
ld4 { v27.2d, v28.2d, v29.2d, v30.2d }, [x0], #64
|
|
54
|
+
ld1 { v31.d }[0], [x0], #8
|
|
55
|
+
sub x0, x0, #200
|
|
56
|
+
movi v16.2d, #0
|
|
57
|
+
.endm
|
|
58
|
+
|
|
59
|
+
.macro StoreState
|
|
60
|
+
st4 { v19.2d, v20.2d, v21.2d, v22.2d }, [x0], #64
|
|
61
|
+
st4 { v23.2d, v24.2d, v25.2d, v26.2d }, [x0], #64
|
|
62
|
+
st4 { v27.2d, v28.2d, v29.2d, v30.2d }, [x0], #64
|
|
63
|
+
st1 { v31.d }[0], [x0], #8
|
|
64
|
+
.endm
|
|
65
|
+
|
|
66
|
+
.macro RhoPi dst, src, sav, rot
|
|
67
|
+
ror \src, \src, #64-\rot
|
|
68
|
+
mov \sav, \dst
|
|
69
|
+
mov \dst, \src
|
|
70
|
+
.endm
|
|
71
|
+
|
|
72
|
+
// NEON has no BIT-wise vector rotate operation
|
|
73
|
+
.macro ROTL64 dst, src, rot
|
|
74
|
+
.if (\rot & 7) != 0 // Bit-wise rotation
|
|
75
|
+
shl \dst\().2d, \src\().2d, #\rot
|
|
76
|
+
sri \dst\().2d, \src\().2d, #64-\rot
|
|
77
|
+
.else // Byte-wise rotation, we can use EXT
|
|
78
|
+
ext \dst\().16b, \src\().16b, \src\().16b, #\rot/8
|
|
79
|
+
.endif
|
|
80
|
+
.endm
|
|
81
|
+
|
|
82
|
+
.macro KeccakRound
|
|
83
|
+
// Theta - Build new lanes
|
|
84
|
+
eor v0.16b, v19.16b, v25.16b // v0 = (A[0] ^ A[10]) || (A[4] ^ A[14])
|
|
85
|
+
eor v1.16b, v20.16b, v26.16b // v1 = (A[1] ^ A[11]) || (A[5] ^ A[15])
|
|
86
|
+
eor v2.16b, v21.16b, v28.16b // v2 = (A[2] ^ A[17]) || (A[6] ^ A[21])
|
|
87
|
+
eor v3.16b, v22.16b, v23.16b // v3 = (A[3] ^ A[8]) || (A[7] ^ A[12])
|
|
88
|
+
eor v4.16b, v24.16b, v30.16b // v4 = (A[9] ^ A[19]) || (A[13] ^ A[23])
|
|
89
|
+
|
|
90
|
+
eor v1.16b, v1.16b, v27.16b // v1 = (A[1] ^ A[11] ^ A[16]) || (A[5] ^ A[15] ^ A[20])
|
|
91
|
+
eor v3.16b, v3.16b, v29.16b // v3 = (A[3] ^ A[8] ^ A[18]) || (A[7] ^ A[12] ^ A[22])
|
|
92
|
+
|
|
93
|
+
trn1 v5.2d, v0.2d, v1.2d // v5 = (A[0] ^ A[10]) || (A[1] ^ A[11] ^ A[16])
|
|
94
|
+
trn2 v6.2d, v1.2d, v2.2d // v6 = (A[5] ^ A[15] ^ A[20]) || (A[6] ^ A[21])
|
|
95
|
+
eor v1.16b, v5.16b, v6.16b // v1 = B[0] || B[1]
|
|
96
|
+
|
|
97
|
+
ext v5.16b, v4.16b, v2.16b, #8 // v5 = (A[13] ^ A[23]) || (A[2] ^ A[17])
|
|
98
|
+
eor v3.16b, v3.16b, v5.16b // v3 = B[3] || B[2]
|
|
99
|
+
|
|
100
|
+
mov v5.2d[0], v0.2d[1] // v5 = (A[4] ^ A[14]) || ????
|
|
101
|
+
eor v4.16b, v4.16b, v5.16b // v4 = (A[9] ^ A[19] ^ A[4] ^ A[14]) || ????
|
|
102
|
+
eor v4.16b, v4.16b, v31.16b // v4 = B[4] || ????
|
|
103
|
+
|
|
104
|
+
ext v2.16b, v1.16b, v1.16b, #8 // v2 = B[1] || B[0]
|
|
105
|
+
mov v4.2d[1], v3.2d[0] // v4 = B[4] || B[3]
|
|
106
|
+
trn2 v0.2d, v3.2d, v1.2d // v0 = B[2] || B[1]
|
|
107
|
+
|
|
108
|
+
ROTL64 v5, v2, 1 // v5 = ROTL64(B[1], 1) || ROTL64(B[0], 1)
|
|
109
|
+
ROTL64 v6, v3, 1 // v6 = ROTL64(B[3], 1) || ROTL64(B[2], 1)
|
|
110
|
+
ROTL64 v7, v4, 1 // v7 = ROTL64(B[4], 1) || ROTL64(B[3], 1)
|
|
111
|
+
|
|
112
|
+
eor v18.16b, v4.16b, v5.16b // v18 = B[4] ^ ROTL64(B[1], 1) || B[3] ^ ROTL64(B[0], 1)
|
|
113
|
+
eor v2.16b, v2.16b, v6.16b // v2 = B[1] ^ ROTL64(B[3], 1) || B[0] ^ ROTL64(B[2], 1)
|
|
114
|
+
eor v0.16b, v0.16b, v7.16b // v0 = B[2] ^ ROTL64(B[4], 1) || B[1] ^ ROTL64(B[3], 1)
|
|
115
|
+
|
|
116
|
+
ext v7.16b, v5.16b, v7.16b, #8 // v7 = ROTL64(B[0], 1) || ROTL64(B[4], 1)
|
|
117
|
+
eor v7.16b, v3.16b, v7.16b // v7 = B[3] ^ ROTL64(B[0], 1) || B[2] ^ ROTL64(B[4], 1)
|
|
118
|
+
|
|
119
|
+
ext v6.16b, v6.16b, v5.16b, #8 // v6 = ROTL64(B[2], 1) || ROTL64(B[1], 1)
|
|
120
|
+
trn1 v4.2d, v1.2d, v4.2d // v4 = B[0] || B[4]
|
|
121
|
+
eor v6.16b, v4.16b, v6.16b // v6 = B[0] ^ ROTL64(B[2], 1) || B[4] ^ ROTL64(B[1], 1)
|
|
122
|
+
|
|
123
|
+
// Theta - Apply lanes
|
|
124
|
+
eor v19.16b, v19.16b, v18.16b // A[0] ^= B[4] ^ ROTL64(B[1], 1), A[4] ^= B[3] ^ ROTL64(B[0], 1)
|
|
125
|
+
eor v20.16b, v20.16b, v6.16b // A[1] ^= B[0] ^ ROTL64(B[2], 1), A[5] ^= B[4] ^ ROTL64(B[1], 1)
|
|
126
|
+
eor v21.16b, v21.16b, v2.16b // A[2] ^= B[1] ^ ROTL64(B[3], 1), A[6] ^= B[0] ^ ROTL64(B[2], 1)
|
|
127
|
+
eor v22.16b, v22.16b, v0.16b // A[3] ^= B[2] ^ ROTL64(B[4], 1), A[7] ^= B[1] ^ ROTL64(B[3], 1)
|
|
128
|
+
eor v23.16b, v23.16b, v0.16b // A[8] ^= B[2] ^ ROTL64(B[4], 1), A[12] ^= B[1] ^ ROTL64(B[3], 1)
|
|
129
|
+
eor v24.16b, v24.16b, v7.16b // A[9] ^= B[3] ^ ROTL64(B[0], 1), A[13] ^= B[2] ^ ROTL64(B[4], 1)
|
|
130
|
+
eor v25.16b, v25.16b, v18.16b // A[10] ^= B[4] ^ ROTL64(B[1], 1), A[14] ^= B[3] ^ ROTL64(B[0], 1)
|
|
131
|
+
eor v26.16b, v26.16b, v6.16b // A[11] ^= B[0] ^ ROTL64(B[2], 1), A[15] ^= B[4] ^ ROTL64(B[1], 1)
|
|
132
|
+
eor v27.16b, v27.16b, v6.16b // A[16] ^= B[0] ^ ROTL64(B[2], 1), A[20] ^= B[4] ^ ROTL64(B[1], 1)
|
|
133
|
+
eor v28.16b, v28.16b, v2.16b // A[17] ^= B[1] ^ ROTL64(B[3], 1), A[21] ^= B[0] ^ ROTL64(B[2], 1)
|
|
134
|
+
eor v29.16b, v29.16b, v0.16b // A[18] ^= B[2] ^ ROTL64(B[4], 1), A[22] ^= B[1] ^ ROTL64(B[3], 1)
|
|
135
|
+
eor v30.16b, v30.16b, v7.16b // A[19] ^= B[3] ^ ROTL64(B[0], 1), A[23] ^= B[2] ^ ROTL64(B[4], 1)
|
|
136
|
+
eor v31.16b, v31.16b, v7.16b // A[24] ^= B[3] ^ ROTL64(B[0], 1), ????
|
|
137
|
+
|
|
138
|
+
// Rho Pi
|
|
139
|
+
mov x11, v20.2d[0] // x11 = A[1]
|
|
140
|
+
|
|
141
|
+
RhoPi v25.2d[0], x11, x10, 1 // A[10] = ROTL64(A[1], 1)
|
|
142
|
+
RhoPi v22.2d[1], x10, x11, 3 // A[7] = ROTL64(A[10], 3)
|
|
143
|
+
RhoPi v26.2d[0], x11, x10, 6 // A[11] = ROTL64(A[7], 6)
|
|
144
|
+
RhoPi v28.2d[0], x10, x11, 10 // A[17] = ROTL64(A[11], 10)
|
|
145
|
+
RhoPi v29.2d[0], x11, x10, 15 // A[18] = ROTL64(A[17], 15)
|
|
146
|
+
RhoPi v22.2d[0], x10, x11, 21 // A[3] = ROTL64(A[18], 21)
|
|
147
|
+
RhoPi v20.2d[1], x11, x10, 28 // A[5] = ROTL64(A[3], 28)
|
|
148
|
+
RhoPi v27.2d[0], x10, x11, 36 // A[16] = ROTL64(A[5], 36)
|
|
149
|
+
RhoPi v23.2d[0], x11, x10, 45 // A[8] = ROTL64(A[16], 45)
|
|
150
|
+
RhoPi v28.2d[1], x10, x11, 55 // A[21] = ROTL64(A[8], 55)
|
|
151
|
+
RhoPi v31.2d[0], x11, x10, 2 // A[24] = ROTL64(A[21], 2)
|
|
152
|
+
RhoPi v19.2d[1], x10, x11, 14 // A[4] = ROTL64(A[24], 14)
|
|
153
|
+
RhoPi v26.2d[1], x11, x10, 27 // A[15] = ROTL64(A[4], 27)
|
|
154
|
+
RhoPi v30.2d[1], x10, x11, 41 // A[23] = ROTL64(A[15], 41)
|
|
155
|
+
RhoPi v30.2d[0], x11, x10, 56 // A[19] = ROTL64(A[23], 56)
|
|
156
|
+
RhoPi v24.2d[1], x10, x11, 8 // A[13] = ROTL64(A[19], 8)
|
|
157
|
+
RhoPi v23.2d[1], x11, x10, 25 // A[12] = ROTL64(A[13], 25)
|
|
158
|
+
RhoPi v21.2d[0], x10, x11, 43 // A[2] = ROTL64(A[12], 43)
|
|
159
|
+
RhoPi v27.2d[1], x11, x10, 62 // A[20] = ROTL64(A[2], 62)
|
|
160
|
+
RhoPi v25.2d[1], x10, x11, 18 // A[14] = ROTL64(A[20], 18)
|
|
161
|
+
RhoPi v29.2d[1], x11, x10, 39 // A[22] = ROTL64(A[14], 39)
|
|
162
|
+
RhoPi v24.2d[0], x10, x11, 61 // A[9] = ROTL64(A[22], 61)
|
|
163
|
+
RhoPi v21.2d[1], x11, x10, 20 // A[6] = ROTL64(A[9], 20)
|
|
164
|
+
|
|
165
|
+
ror x10, x10, #20
|
|
166
|
+
mov v20.2d[0], x10 // A[1] = ROTL64(A[6], 44)
|
|
167
|
+
|
|
168
|
+
// Chi - Some lanes are applied earlier so we can reuse registers
|
|
169
|
+
ext v18.16b, v26.16b, v31.16b, #8 // v18 = A[15] || A[24]
|
|
170
|
+
bic v6.16b, v27.16b, v18.16b // v6 = ~A[15] & A[16] || ~A[24] & A[20]
|
|
171
|
+
|
|
172
|
+
ext v17.16b, v26.16b, v31.16b, #8 // v17 = A[15] || A[24]
|
|
173
|
+
bic v5.16b, v17.16b, v30.16b // v5 = ~A[19] & A[15] || ~A[23] & A[24]
|
|
174
|
+
|
|
175
|
+
bic v3.16b, v30.16b, v29.16b // v3 = ~A[18] & A[19] || ~A[22] & A[23]
|
|
176
|
+
|
|
177
|
+
eor v30.16b, v30.16b, v6.16b // A[19] ^= ~A[15] & A[16], A[23] ^= ~A[24] & A[20]
|
|
178
|
+
|
|
179
|
+
trn1 v18.2d, v26.2d, v25.2d // v18 = A[11] || A[10]
|
|
180
|
+
ext v17.16b, v23.16b, v26.16b, #8 // v17 = A[12] || A[11]
|
|
181
|
+
bic v7.16b, v17.16b, v18.16b // v7 = ~A[11] & A[12] || ~A[10] & A[11]
|
|
182
|
+
|
|
183
|
+
trn2 v18.2d, v20.2d, v25.2d // v18 = A[5] || A[14]
|
|
184
|
+
ext v17.16b, v21.16b, v25.16b, #8 // v17 = A[6] || A[10]
|
|
185
|
+
bic v6.16b, v17.16b, v18.16b // v6 = ~A[5] & A[6] || ~A[14] & A[10]
|
|
186
|
+
|
|
187
|
+
trn1 v18.2d, v20.2d, v19.2d // v18 = A[1] || A[0]
|
|
188
|
+
trn1 v17.2d, v21.2d, v20.2d // v17 = A[2] || A[1]
|
|
189
|
+
bic v1.16b, v17.16b, v18.16b // v1 = ~A[1] & A[2] || ~A[0] & A[1]
|
|
190
|
+
|
|
191
|
+
ext v18.16b, v19.16b, v23.16b, #8 // v18 = A[4] || A[8]
|
|
192
|
+
trn1 v17.2d, v19.2d, v24.2d // v17 = A[0] || A[9]
|
|
193
|
+
bic v0.16b, v17.16b, v18.16b // v0 = ~A[4] & A[0] || ~A[8] & A[9]
|
|
194
|
+
|
|
195
|
+
ext v18.16b, v23.16b, v27.16b, #8 // v18 = A[12] || A[16]
|
|
196
|
+
ext v17.16b, v24.16b, v28.16b, #8 // v17 = A[13] || A[17]
|
|
197
|
+
bic v4.16b, v17.16b, v18.16b // v4 = ~A[12] & A[13] || ~A[16] & A[17]
|
|
198
|
+
|
|
199
|
+
mov v18.2d[0], v27.2d[1] // v18 = A[20] || ????
|
|
200
|
+
mov v17.2d[0], v28.2d[1] // v17 = A[21] || ????
|
|
201
|
+
bic v2.16b, v17.16b, v18.16b // v2 = ~A[20] & A[21] || ????
|
|
202
|
+
eor v31.16b, v31.16b, v2.16b // A[24] ^= ~A[20] & A[21], ????
|
|
203
|
+
|
|
204
|
+
bic v2.16b, v29.16b, v28.16b // v2 = ~A[17] & A[18] || ~A[21] & A[22]
|
|
205
|
+
eor v27.16b, v27.16b, v2.16b // A[16] ^= ~A[17] & A[18], A[20] ^= ~A[21] & A[22]
|
|
206
|
+
|
|
207
|
+
bic v2.16b, v22.16b, v21.16b // v2 = ~A[2] & A[3] || ~A[6] & A[7]
|
|
208
|
+
|
|
209
|
+
eor v28.16b, v28.16b, v3.16b // A[17] ^= ~A[18] & A[19], A[21] ^= ~A[22] & A[23]
|
|
210
|
+
eor v29.16b, v29.16b, v5.16b // A[18] ^= ~A[19] & A[15], A[22] ^= ~A[23] & A[24]
|
|
211
|
+
|
|
212
|
+
ext v17.16b, v19.16b, v23.16b, #8 // v17 = A[4] || A[8]
|
|
213
|
+
bic v3.16b, v17.16b, v22.16b // v3 = ~A[3] & A[4] || ~A[7] & A[8]
|
|
214
|
+
|
|
215
|
+
trn2 v17.2d, v20.2d, v25.2d // v17 = A[5] || A[14]
|
|
216
|
+
bic v5.16b, v17.16b, v24.16b // v5 = ~A[9] & A[5] || ~A[13] & A[14]
|
|
217
|
+
|
|
218
|
+
// Chi - Apply remaining lanes
|
|
219
|
+
eor v19.16b, v19.16b, v1.16b // A[0] ^= ~A[1] & A[2], A[4] ^= ~A[0] & A[1]
|
|
220
|
+
eor v20.16b, v20.16b, v2.16b // A[1] ^= ~A[2] & A[3], A[5] ^= ~A[6] & A[7]
|
|
221
|
+
eor v21.16b, v21.16b, v3.16b // A[2] ^= ~A[3] & A[4], A[6] ^= ~A[7] & A[8]
|
|
222
|
+
eor v22.16b, v22.16b, v0.16b // A[3] ^= ~A[4] & A[0], A[7] ^= ~A[8] & A[9]
|
|
223
|
+
eor v23.16b, v23.16b, v5.16b // A[8] ^= ~A[9] & A[5], A[12] ^= ~A[13] & A[14]
|
|
224
|
+
eor v24.16b, v24.16b, v6.16b // A[9] ^= ~A[5] & A[6], A[13] ^= ~A[14] & A[10]
|
|
225
|
+
eor v25.16b, v25.16b, v7.16b // A[10] ^= ~A[11] & A[12], A[14] ^= ~A[10] & A[11]
|
|
226
|
+
eor v26.16b, v26.16b, v4.16b // A[11] ^= ~A[12] & A[13], A[15] ^= ~A[16] & A[17]
|
|
227
|
+
|
|
228
|
+
// Iota
|
|
229
|
+
ld1 { v16.d }[0], [x1], #8
|
|
230
|
+
eor v19.16b, v19.16b, v16.16b
|
|
231
|
+
.endm
|
|
232
|
+
|
|
233
|
+
.align 8
|
|
234
|
+
KeccakP1600_Permute_RoundConstants24:
|
|
235
|
+
.quad 0x0000000000000001
|
|
236
|
+
.quad 0x0000000000008082
|
|
237
|
+
.quad 0x800000000000808a
|
|
238
|
+
.quad 0x8000000080008000
|
|
239
|
+
.quad 0x000000000000808b
|
|
240
|
+
.quad 0x0000000080000001
|
|
241
|
+
.quad 0x8000000080008081
|
|
242
|
+
.quad 0x8000000000008009
|
|
243
|
+
.quad 0x000000000000008a
|
|
244
|
+
.quad 0x0000000000000088
|
|
245
|
+
.quad 0x0000000080008009
|
|
246
|
+
.quad 0x000000008000000a
|
|
247
|
+
KeccakP1600_Permute_RoundConstants12:
|
|
248
|
+
.quad 0x000000008000808b
|
|
249
|
+
.quad 0x800000000000008b
|
|
250
|
+
.quad 0x8000000000008089
|
|
251
|
+
.quad 0x8000000000008003
|
|
252
|
+
.quad 0x8000000000008002
|
|
253
|
+
.quad 0x8000000000000080
|
|
254
|
+
.quad 0x000000000000800a
|
|
255
|
+
.quad 0x800000008000000a
|
|
256
|
+
.quad 0x8000000080008081
|
|
257
|
+
.quad 0x8000000000008080
|
|
258
|
+
.quad 0x0000000080000001
|
|
259
|
+
.quad 0x8000000080008008
|
|
260
|
+
KeccakP1600_Permute_RoundConstants0:
|
|
261
|
+
|
|
262
|
+
//----------------------------------------------------------------------------
|
|
263
|
+
//
|
|
264
|
+
// void KeccakP1600_Initialize(void *state)
|
|
265
|
+
//
|
|
266
|
+
.align 8
|
|
267
|
+
.global KeccakP1600_Initialize
|
|
268
|
+
KeccakP1600_Initialize:
|
|
269
|
+
movi v0.2d, #0
|
|
270
|
+
movi v1.2d, #0
|
|
271
|
+
movi v2.2d, #0
|
|
272
|
+
movi v3.2d, #0
|
|
273
|
+
st4 { v0.2d, v1.2d, v2.2d, v3.2d }, [x0], #64 // Clear 8lanes=64 bytes at a time
|
|
274
|
+
st4 { v0.2d, v1.2d, v2.2d, v3.2d }, [x0], #64
|
|
275
|
+
st4 { v0.2d, v1.2d, v2.2d, v3.2d }, [x0], #64
|
|
276
|
+
st1 { v0.d }[0], [x0], #8
|
|
277
|
+
ret
|
|
278
|
+
|
|
279
|
+
|
|
280
|
+
// ----------------------------------------------------------------------------
|
|
281
|
+
//
|
|
282
|
+
// void KeccakP1600_AddByte(void *state, unsigned char byte, unsigned int offset)
|
|
283
|
+
//
|
|
284
|
+
.align 8
|
|
285
|
+
.global KeccakP1600_AddByte
|
|
286
|
+
KeccakP1600_AddByte:
|
|
287
|
+
ldrb w3, [x0, x2]
|
|
288
|
+
eor w3, w3, w1
|
|
289
|
+
strb w3, [x0, x2]
|
|
290
|
+
ret
|
|
291
|
+
|
|
292
|
+
|
|
293
|
+
// ----------------------------------------------------------------------------
|
|
294
|
+
//
|
|
295
|
+
// void KeccakP1600_AddBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length)
|
|
296
|
+
//
|
|
297
|
+
.align 8
|
|
298
|
+
.global KeccakP1600_AddBytes
|
|
299
|
+
KeccakP1600_AddBytes:
|
|
300
|
+
add x0, x0, x2
|
|
301
|
+
subs w4, w3, #1
|
|
302
|
+
b.cc KeccakP1600_AddBytes_Exit // length 0, move along
|
|
303
|
+
KeccakP1600_AddBytes_8LanesLoop: // Go 8 lanes=64 bytes at a time
|
|
304
|
+
subs w3, w3, #64
|
|
305
|
+
b.cc KeccakP1600_AddBytes_Lanes // Jump if length is negative
|
|
306
|
+
ld4 { v0.2d, v1.2d, v2.2d, v3.2d }, [x0]
|
|
307
|
+
ld4 { v4.2d, v5.2d, v6.2d, v7.2d }, [x1], #64
|
|
308
|
+
eor v0.16b, v0.16b, v4.16b
|
|
309
|
+
eor v1.16b, v1.16b, v5.16b
|
|
310
|
+
eor v2.16b, v2.16b, v6.16b
|
|
311
|
+
eor v3.16b, v3.16b, v7.16b
|
|
312
|
+
st4 { v0.2d, v1.2d, v2.2d, v3.2d }, [x0], #64
|
|
313
|
+
b KeccakP1600_AddBytes_8LanesLoop
|
|
314
|
+
KeccakP1600_AddBytes_Lanes: // If length ever becomes negative, we have to fix it
|
|
315
|
+
add w3, w3, #64
|
|
316
|
+
KeccakP1600_AddBytes_LanesLoop: // Same thing but go 1 lanes=8 bytes at a time
|
|
317
|
+
subs w3, w3, #8
|
|
318
|
+
b.cc KeccakP1600_AddBytes_Bytes
|
|
319
|
+
ld1 { v0.d }[0], [x0]
|
|
320
|
+
ld1 { v4.d }[0], [x1], #8
|
|
321
|
+
eor v0.8b, v0.8b, v4.8b
|
|
322
|
+
st1 { v0.d }[0], [x0], #8
|
|
323
|
+
b KeccakP1600_AddBytes_LanesLoop
|
|
324
|
+
KeccakP1600_AddBytes_Bytes:
|
|
325
|
+
add w3, w3, #8
|
|
326
|
+
KeccakP1600_AddBytes_BytesLoop: // Same thing but go 1 byte at a time
|
|
327
|
+
subs w3, w3, #1
|
|
328
|
+
b.cc KeccakP1600_AddBytes_Exit
|
|
329
|
+
ldrb w4, [x0]
|
|
330
|
+
ldrb w5, [x1], #1
|
|
331
|
+
eor w4, w4, w5
|
|
332
|
+
strb w4, [x0], #1
|
|
333
|
+
b KeccakP1600_AddBytes_BytesLoop
|
|
334
|
+
KeccakP1600_AddBytes_Exit:
|
|
335
|
+
ret
|
|
336
|
+
|
|
337
|
+
// ----------------------------------------------------------------------------
|
|
338
|
+
//
|
|
339
|
+
// void KeccakP1600_OverwriteBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length)
|
|
340
|
+
//
|
|
341
|
+
.align 8
|
|
342
|
+
.global KeccakP1600_OverwriteBytes
|
|
343
|
+
KeccakP1600_OverwriteBytes:
|
|
344
|
+
add x0, x0, x2
|
|
345
|
+
subs w4, w3, #1
|
|
346
|
+
b.cc KeccakP1600_OverwriteBytes_Exit
|
|
347
|
+
KeccakP1600_OverwriteBytes_8LanesLoop:
|
|
348
|
+
subs w3, w3, #64
|
|
349
|
+
b.cc KeccakP1600_OverwriteBytes_Lanes
|
|
350
|
+
ld4 { v0.2d, v1.2d, v2.2d, v3.2d }, [x1], #64
|
|
351
|
+
st4 { v0.2d, v1.2d, v2.2d, v3.2d }, [x0], #64
|
|
352
|
+
b KeccakP1600_OverwriteBytes_8LanesLoop
|
|
353
|
+
KeccakP1600_OverwriteBytes_Lanes:
|
|
354
|
+
add w3, w3, #64
|
|
355
|
+
KeccakP1600_OverwriteBytes_LanesLoop:
|
|
356
|
+
subs w3, w3, #8
|
|
357
|
+
b.cc KeccakP1600_OverwriteBytes_Bytes
|
|
358
|
+
ld1 { v0.d }[0], [x1], #8
|
|
359
|
+
st1 { v0.d }[0], [x0], #8
|
|
360
|
+
b KeccakP1600_OverwriteBytes_LanesLoop
|
|
361
|
+
KeccakP1600_OverwriteBytes_Bytes:
|
|
362
|
+
add w3, w3, #8
|
|
363
|
+
KeccakP1600_OverwriteBytes_BytesLoop:
|
|
364
|
+
subs w3, w3, #1
|
|
365
|
+
b.cc KeccakP1600_OverwriteBytes_Exit
|
|
366
|
+
ldrb w4, [x1], #1
|
|
367
|
+
strb w4, [x0], #1
|
|
368
|
+
b KeccakP1600_OverwriteBytes_BytesLoop
|
|
369
|
+
KeccakP1600_OverwriteBytes_Exit:
|
|
370
|
+
ret
|
|
371
|
+
|
|
372
|
+
|
|
373
|
+
//----------------------------------------------------------------------------
|
|
374
|
+
//
|
|
375
|
+
// void KeccakP1600_OverwriteWithZeroes(void *state, unsigned int byteCount)
|
|
376
|
+
//
|
|
377
|
+
.align 8
|
|
378
|
+
.global KeccakP1600_OverwriteWithZeroes
|
|
379
|
+
KeccakP1600_OverwriteWithZeroes:
|
|
380
|
+
subs w2, w1, #1
|
|
381
|
+
b.cc KeccakP1600_OverwriteWithZeroes_Exit
|
|
382
|
+
movi v0.2d, #0
|
|
383
|
+
movi v1.2d, #0
|
|
384
|
+
movi v2.2d, #0
|
|
385
|
+
movi v3.2d, #0
|
|
386
|
+
mov w2, #0
|
|
387
|
+
KeccakP1600_OverwriteWithZeroes_8LanesLoop:
|
|
388
|
+
subs w1, w1, #64
|
|
389
|
+
b.cc KeccakP1600_OverwriteWithZeroes_Lanes
|
|
390
|
+
st4 { v0.2d, v1.2d, v2.2d, v3.2d }, [x0], #64
|
|
391
|
+
b KeccakP1600_OverwriteWithZeroes_8LanesLoop
|
|
392
|
+
KeccakP1600_OverwriteWithZeroes_Lanes:
|
|
393
|
+
add w1, w1, #64
|
|
394
|
+
KeccakP1600_OverwriteWithZeroes_LanesLoop:
|
|
395
|
+
subs w1, w1, #8
|
|
396
|
+
b.cc KeccakP1600_OverwriteWithZeroes_Bytes
|
|
397
|
+
st1 { v0.d }[0], [x0], #8
|
|
398
|
+
b KeccakP1600_OverwriteWithZeroes_LanesLoop
|
|
399
|
+
KeccakP1600_OverwriteWithZeroes_Bytes:
|
|
400
|
+
add w1, w1, #8
|
|
401
|
+
KeccakP1600_OverwriteWithZeroes_LoopBytes:
|
|
402
|
+
subs w1, w1, #1
|
|
403
|
+
b.cc KeccakP1600_OverwriteWithZeroes_Exit
|
|
404
|
+
strb w2, [x0], #1
|
|
405
|
+
b KeccakP1600_OverwriteWithZeroes_LoopBytes
|
|
406
|
+
KeccakP1600_OverwriteWithZeroes_Exit:
|
|
407
|
+
ret
|
|
408
|
+
|
|
409
|
+
|
|
410
|
+
// ----------------------------------------------------------------------------
|
|
411
|
+
//
|
|
412
|
+
// void KeccakP1600_ExtractBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length)
|
|
413
|
+
//
|
|
414
|
+
.align 8
|
|
415
|
+
.global KeccakP1600_ExtractBytes
|
|
416
|
+
KeccakP1600_ExtractBytes:
|
|
417
|
+
add x0, x0, x2
|
|
418
|
+
subs w4, w3, #1
|
|
419
|
+
b.cc KeccakP1600_ExtractBytes_Exit
|
|
420
|
+
KeccakP1600_ExtractBytes_8LanesLoop:
|
|
421
|
+
subs w3, w3, #64
|
|
422
|
+
b.cc KeccakP1600_ExtractBytes_Lanes
|
|
423
|
+
ld4 { v0.2d, v1.2d, v2.2d, v3.2d }, [x0], #64
|
|
424
|
+
st4 { v0.2d, v1.2d, v2.2d, v3.2d }, [x1], #64
|
|
425
|
+
b KeccakP1600_ExtractBytes_8LanesLoop
|
|
426
|
+
KeccakP1600_ExtractBytes_Lanes:
|
|
427
|
+
add w3, w3, #64
|
|
428
|
+
KeccakP1600_ExtractBytes_LanesLoop:
|
|
429
|
+
subs w3, w3, #8
|
|
430
|
+
b.cc KeccakP1600_ExtractBytes_Bytes
|
|
431
|
+
ld1 { v0.d }[0], [x0], #8
|
|
432
|
+
st1 { v0.d }[0], [x1], #8
|
|
433
|
+
b KeccakP1600_ExtractBytes_LanesLoop
|
|
434
|
+
KeccakP1600_ExtractBytes_Bytes:
|
|
435
|
+
add w3, w3, #8
|
|
436
|
+
KeccakP1600_ExtractBytes_BytesLoop:
|
|
437
|
+
subs w3, w3, #1
|
|
438
|
+
b.cc KeccakP1600_ExtractBytes_Exit
|
|
439
|
+
ldrb w4, [x0], #1
|
|
440
|
+
strb w4, [x1], #1
|
|
441
|
+
b KeccakP1600_ExtractBytes_BytesLoop
|
|
442
|
+
KeccakP1600_ExtractBytes_Exit:
|
|
443
|
+
ret
|
|
444
|
+
|
|
445
|
+
|
|
446
|
+
// ----------------------------------------------------------------------------
|
|
447
|
+
//
|
|
448
|
+
// void KeccakP800_ExtractAndAddBytes(void *state, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length)
|
|
449
|
+
//
|
|
450
|
+
.align 8
|
|
451
|
+
.global KeccakP1600_ExtractAndAddBytes
|
|
452
|
+
KeccakP1600_ExtractAndAddBytes:
|
|
453
|
+
add x0, x0, x3
|
|
454
|
+
subs w5, w4, #1
|
|
455
|
+
b.cc KeccakP1600_ExtractAndAddBytes_Exit
|
|
456
|
+
KeccakP1600_ExtractAndAddBytes_8LanesLoop:
|
|
457
|
+
subs w4, w4, #64
|
|
458
|
+
b.cc KeccakP1600_ExtractAndAddBytes_Lanes
|
|
459
|
+
ld4 { v0.2d, v1.2d, v2.2d, v3.2d }, [x0], #64
|
|
460
|
+
ld4 { v4.2d, v5.2d, v6.2d, v7.2d }, [x1], #64
|
|
461
|
+
eor v0.16b, v0.16b, v4.16b
|
|
462
|
+
eor v1.16b, v1.16b, v5.16b
|
|
463
|
+
eor v2.16b, v2.16b, v6.16b
|
|
464
|
+
eor v3.16b, v3.16b, v7.16b
|
|
465
|
+
st4 { v0.2d, v1.2d, v2.2d, v3.2d }, [x2], #64
|
|
466
|
+
b KeccakP1600_ExtractAndAddBytes_8LanesLoop
|
|
467
|
+
KeccakP1600_ExtractAndAddBytes_Lanes:
|
|
468
|
+
add w4, w4, #64
|
|
469
|
+
KeccakP1600_ExtractAndAddBytes_LanesLoop:
|
|
470
|
+
subs w4, w4, #8
|
|
471
|
+
b.cc KeccakP1600_ExtractAndAddBytes_Bytes
|
|
472
|
+
ld1 { v0.d }[0], [x0], #8
|
|
473
|
+
ld1 { v4.d }[0], [x1], #8
|
|
474
|
+
eor v0.8b, v0.8b, v4.8b
|
|
475
|
+
st1 { v0.d }[0], [x2], #8
|
|
476
|
+
b KeccakP1600_ExtractAndAddBytes_LanesLoop
|
|
477
|
+
KeccakP1600_ExtractAndAddBytes_Bytes:
|
|
478
|
+
add w4, w4, #8
|
|
479
|
+
KeccakP1600_ExtractAndAddBytes_BytesLoop:
|
|
480
|
+
subs w4, w4, #1
|
|
481
|
+
b.cc KeccakP1600_ExtractAndAddBytes_Exit
|
|
482
|
+
ldrb w5, [x0], #1
|
|
483
|
+
ldrb w6, [x1], #1
|
|
484
|
+
eor w5, w5, w6
|
|
485
|
+
strb w5, [x2], #1
|
|
486
|
+
b KeccakP1600_ExtractAndAddBytes_BytesLoop
|
|
487
|
+
KeccakP1600_ExtractAndAddBytes_Exit:
|
|
488
|
+
ret
|
|
489
|
+
|
|
490
|
+
// ----------------------------------------------------------------------------
|
|
491
|
+
//
|
|
492
|
+
// void KeccakP1600_Permute_Nrounds( void *state, unsigned int nrounds )
|
|
493
|
+
//
|
|
494
|
+
.align 8
|
|
495
|
+
.global KeccakP1600_Permute_Nrounds
|
|
496
|
+
KeccakP1600_Permute_Nrounds:
|
|
497
|
+
mov x2, x1
|
|
498
|
+
adr x1, KeccakP1600_Permute_RoundConstants0
|
|
499
|
+
lsl x3, x2, #3
|
|
500
|
+
sub x1, x1, x3
|
|
501
|
+
b KeccakP1600_Permute
|
|
502
|
+
|
|
503
|
+
// ----------------------------------------------------------------------------
|
|
504
|
+
//
|
|
505
|
+
// void KeccakP1600_Permute_12rounds( void *state )
|
|
506
|
+
//
|
|
507
|
+
.align 8
|
|
508
|
+
.global KeccakP1600_Permute_12rounds
|
|
509
|
+
KeccakP1600_Permute_12rounds:
|
|
510
|
+
adr x1, KeccakP1600_Permute_RoundConstants12
|
|
511
|
+
mov x2, #12
|
|
512
|
+
b KeccakP1600_Permute
|
|
513
|
+
|
|
514
|
+
|
|
515
|
+
// ----------------------------------------------------------------------------
|
|
516
|
+
//
|
|
517
|
+
// void KeccakP1600_Permute_24rounds( void *state )
|
|
518
|
+
//
|
|
519
|
+
.align 8
|
|
520
|
+
.global KeccakP1600_Permute_24rounds
|
|
521
|
+
KeccakP1600_Permute_24rounds:
|
|
522
|
+
adr x1, KeccakP1600_Permute_RoundConstants24
|
|
523
|
+
mov x2, #24
|
|
524
|
+
b KeccakP1600_Permute
|
|
525
|
+
|
|
526
|
+
//----------------------------------------------------------------------------
|
|
527
|
+
//
|
|
528
|
+
// void KeccakP1600_Permute( void *state, uint64_t *rc, unsigned int nrounds )
|
|
529
|
+
//
|
|
530
|
+
.align 8
|
|
531
|
+
.global KeccakP1600_Permute
|
|
532
|
+
KeccakP1600_Permute:
|
|
533
|
+
LoadState
|
|
534
|
+
KeccakP1600_Permute_RoundLoop:
|
|
535
|
+
KeccakRound
|
|
536
|
+
subs w2, w2, #1
|
|
537
|
+
bne KeccakP1600_Permute_RoundLoop
|
|
538
|
+
KeccakP1600_Permute_Exit:
|
|
539
|
+
StoreState
|
|
540
|
+
ret
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
/*
|
|
2
|
+
The eXtended Keccak Code Package (XKCP)
|
|
3
|
+
https://github.com/XKCP/XKCP
|
|
4
|
+
|
|
5
|
+
The Keccak-p permutations, designed by Guido Bertoni, Joan Daemen, Michaël Peeters and Gilles Van Assche.
|
|
6
|
+
|
|
7
|
+
Implementation by Ronny Van Keer, hereby denoted as "the implementer".
|
|
8
|
+
|
|
9
|
+
For more information, feedback or questions, please refer to the Keccak Team website:
|
|
10
|
+
https://keccak.team/
|
|
11
|
+
|
|
12
|
+
To the extent possible under law, the implementer has waived all copyright
|
|
13
|
+
and related or neighboring rights to the source code in this file.
|
|
14
|
+
http://creativecommons.org/publicdomain/zero/1.0/
|
|
15
|
+
|
|
16
|
+
---
|
|
17
|
+
|
|
18
|
+
Please refer to SnP-documentation.h for more details.
|
|
19
|
+
*/
|
|
20
|
+
|
|
21
|
+
#ifndef _KeccakP_1600_SnP_h_
|
|
22
|
+
#define _KeccakP_1600_SnP_h_
|
|
23
|
+
|
|
24
|
+
#define KeccakP1600_implementation "8-bit optimized AVR assembler implementation"
|
|
25
|
+
#define KeccakP1600_stateSizeInBytes 200
|
|
26
|
+
#define KeccakP1600_stateAlignment 8
|
|
27
|
+
|
|
28
|
+
void KeccakP1600_StaticInitialize( void );
|
|
29
|
+
/* #define KeccakP1600_StaticInitialize() */
|
|
30
|
+
void KeccakP1600_Initialize(void *state);
|
|
31
|
+
void KeccakP1600_AddByte(void *state, unsigned char data, unsigned int offset);
|
|
32
|
+
/* #define KeccakP1600_AddByte(argS, argData, argOffset) ((unsigned char*)argS)[argOffset] ^= (argData) */
|
|
33
|
+
void KeccakP1600_AddBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length);
|
|
34
|
+
void KeccakP1600_OverwriteBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length);
|
|
35
|
+
void KeccakP1600_OverwriteWithZeroes(void *state, unsigned int byteCount);
|
|
36
|
+
void KeccakP1600_Permute_Nrounds(void *state, unsigned int nrounds);
|
|
37
|
+
void KeccakP1600_Permute_12rounds(void *state);
|
|
38
|
+
void KeccakP1600_Permute_24rounds(void *state);
|
|
39
|
+
void KeccakP1600_ExtractBytes(const void *state, unsigned char *data, unsigned int offset, unsigned int length);
|
|
40
|
+
void KeccakP1600_ExtractAndAddBytes(const void *state, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length);
|
|
41
|
+
|
|
42
|
+
#endif
|