Browse files

supercop-20120210

  • Loading branch information...
1 parent 40e284d commit 014334bea301bbf3d97d37a529fec50c55f8af54 Daniel J. Bernstein committed with Feb 10, 2012
Showing with 6,579 additions and 111,140 deletions.
  1. +1 −0 crypto_hash/bblake256/checksum
  2. +1 −0 crypto_hash/bblake256/description
  3. +2 −0 crypto_hash/bblake256/designers
  4. +1 −0 crypto_hash/bblake256/regs/api.h
  5. +392 −0 crypto_hash/bblake256/regs/hash.c
  6. +2 −0 crypto_hash/bblake256/regs/implementors
  7. 0 crypto_hash/bblake256/sha3
  8. +1 −0 crypto_hash/bblake256/sse2/api.h
  9. +2 −0 crypto_hash/bblake256/sse2/architectures
  10. +489 −0 crypto_hash/bblake256/sse2/hash.c
  11. +2 −0 crypto_hash/bblake256/sse2/implementors
  12. +1 −0 crypto_hash/bblake256/ssse3/api.h
  13. +2 −0 crypto_hash/bblake256/ssse3/architectures
  14. +474 −0 crypto_hash/bblake256/ssse3/hash.c
  15. +1 −0 crypto_hash/bblake256/ssse3/implementors
  16. +1 −2 crypto_hash/keccak/inplace32bi-armv7m/architectures
  17. +1 −2 crypto_hash/keccakc1024/inplace32bi-armv7m/architectures
  18. +1 −2 crypto_hash/keccakc256/inplace32bi-armv7m/architectures
  19. +1 −2 crypto_hash/keccakc448/inplace32bi-armv7m/architectures
  20. +1 −2 crypto_hash/keccakc512/inplace32bi-armv7m/architectures
  21. +1 −2 crypto_hash/keccakc768/inplace32bi-armv7m/architectures
  22. +41 −0 crypto_sign/ed25519/ref10/Makefile
  23. +3 −0 crypto_sign/ed25519/ref10/api.h
  24. +1,344 −0 crypto_sign/ed25519/ref10/base.h
  25. +65 −0 crypto_sign/ed25519/ref10/base.py
  26. +40 −0 crypto_sign/ed25519/ref10/base2.h
  27. +60 −0 crypto_sign/ed25519/ref10/base2.py
  28. +1 −0 crypto_sign/ed25519/ref10/d.h
  29. +28 −0 crypto_sign/ed25519/ref10/d.py
  30. +1 −0 crypto_sign/ed25519/ref10/d2.h
  31. +28 −0 crypto_sign/ed25519/ref10/d2.py
  32. +56 −0 crypto_sign/ed25519/ref10/fe.h
  33. +19 −0 crypto_sign/ed25519/ref10/fe_0.c
  34. +19 −0 crypto_sign/ed25519/ref10/fe_1.c
  35. +57 −0 crypto_sign/ed25519/ref10/fe_add.c
  36. +63 −0 crypto_sign/ed25519/ref10/fe_cmov.c
  37. +29 −0 crypto_sign/ed25519/ref10/fe_copy.c
  38. +73 −0 crypto_sign/ed25519/ref10/fe_frombytes.c
  39. +14 −0 crypto_sign/ed25519/ref10/fe_invert.c
  40. +16 −0 crypto_sign/ed25519/ref10/fe_isnegative.c
  41. +19 −0 crypto_sign/ed25519/ref10/fe_isnonzero.c
  42. +253 −0 crypto_sign/ed25519/ref10/fe_mul.c
  43. +45 −0 crypto_sign/ed25519/ref10/fe_neg.c
  44. +13 −0 crypto_sign/ed25519/ref10/fe_pow22523.c
  45. +149 −0 crypto_sign/ed25519/ref10/fe_sq.c
  46. +160 −0 crypto_sign/ed25519/ref10/fe_sq2.c
  47. +57 −0 crypto_sign/ed25519/ref10/fe_sub.c
  48. +119 −0 crypto_sign/ed25519/ref10/fe_tobytes.c
  49. +95 −0 crypto_sign/ed25519/ref10/ge.h
  50. +11 −0 crypto_sign/ed25519/ref10/ge_add.c
  51. +97 −0 crypto_sign/ed25519/ref10/ge_add.h
  52. +49 −0 crypto_sign/ed25519/ref10/ge_add.q
  53. +96 −0 crypto_sign/ed25519/ref10/ge_double_scalarmult.c
  54. +50 −0 crypto_sign/ed25519/ref10/ge_frombytes.c
  55. +11 −0 crypto_sign/ed25519/ref10/ge_madd.c
  56. +88 −0 crypto_sign/ed25519/ref10/ge_madd.h
  57. +46 −0 crypto_sign/ed25519/ref10/ge_madd.q
  58. +11 −0 crypto_sign/ed25519/ref10/ge_msub.c
  59. +88 −0 crypto_sign/ed25519/ref10/ge_msub.h
  60. +46 −0 crypto_sign/ed25519/ref10/ge_msub.q
  61. +12 −0 crypto_sign/ed25519/ref10/ge_p1p1_to_p2.c
  62. +13 −0 crypto_sign/ed25519/ref10/ge_p1p1_to_p3.c
  63. +8 −0 crypto_sign/ed25519/ref10/ge_p2_0.c
  64. +11 −0 crypto_sign/ed25519/ref10/ge_p2_dbl.c
  65. +73 −0 crypto_sign/ed25519/ref10/ge_p2_dbl.h
  66. +41 −0 crypto_sign/ed25519/ref10/ge_p2_dbl.q
  67. +9 −0 crypto_sign/ed25519/ref10/ge_p3_0.c
  68. +12 −0 crypto_sign/ed25519/ref10/ge_p3_dbl.c
  69. +17 −0 crypto_sign/ed25519/ref10/ge_p3_to_cached.c
  70. +12 −0 crypto_sign/ed25519/ref10/ge_p3_to_p2.c
  71. +14 −0 crypto_sign/ed25519/ref10/ge_p3_tobytes.c
  72. +8 −0 crypto_sign/ed25519/ref10/ge_precomp_0.c
  73. +105 −0 crypto_sign/ed25519/ref10/ge_scalarmult_base.c
  74. +11 −0 crypto_sign/ed25519/ref10/ge_sub.c
  75. +97 −0 crypto_sign/ed25519/ref10/ge_sub.h
  76. +49 −0 crypto_sign/ed25519/ref10/ge_sub.q
  77. +14 −0 crypto_sign/ed25519/ref10/ge_tobytes.c
  78. +22 −0 crypto_sign/ed25519/ref10/keypair.c
  79. +40 −0 crypto_sign/ed25519/ref10/open.c
  80. +160 −0 crypto_sign/ed25519/ref10/pow22523.h
  81. +61 −0 crypto_sign/ed25519/ref10/pow22523.q
  82. +160 −0 crypto_sign/ed25519/ref10/pow225521.h
  83. +61 −0 crypto_sign/ed25519/ref10/pow225521.q
  84. +4 −0 crypto_sign/ed25519/ref10/q2h.sh
  85. +15 −0 crypto_sign/ed25519/ref10/sc.h
  86. +368 −0 crypto_sign/ed25519/ref10/sc_muladd.c
  87. +275 −0 crypto_sign/ed25519/ref10/sc_reduce.c
  88. +38 −0 crypto_sign/ed25519/ref10/sign.c
  89. +1 −0 crypto_sign/ed25519/ref10/sqrtm1.h
  90. +28 −0 crypto_sign/ed25519/ref10/sqrtm1.py
  91. +2 −2 data-run
  92. +1 −1 do
  93. +0 −26,003 gmp-5.0.2/ChangeLog
  94. +0 −431 gmp-5.0.2/Makefile.am
  95. +0 −1,451 gmp-5.0.2/Makefile.in
  96. +0 −586 gmp-5.0.2/NEWS
  97. +0 −3,872 gmp-5.0.2/acinclude.m4
  98. +0 −8,683 gmp-5.0.2/aclocal.m4
  99. +0 −848 gmp-5.0.2/config.guess
  100. +0 −586 gmp-5.0.2/config.in
  101. +0 −143 gmp-5.0.2/config.sub
  102. +0 −31,289 gmp-5.0.2/configure
  103. +0 −3,406 gmp-5.0.2/configure.in
  104. +0 −528 gmp-5.0.2/cxx/Makefile.in
  105. +0 −720 gmp-5.0.2/demos/Makefile.in
  106. +0 −566 gmp-5.0.2/demos/calc/Makefile.in
  107. +0 −572 gmp-5.0.2/demos/expr/Makefile.in
  108. +0 −375 gmp-5.0.2/demos/factorize.c
  109. +0 −68 gmp-5.0.2/demos/isprime.c
  110. +0 −712 gmp-5.0.2/doc/Makefile.in
  111. +0 −178 gmp-5.0.2/doc/gmp.info
  112. +0 −7,084 gmp-5.0.2/doc/gmp.info-1
  113. +0 −3,514 gmp-5.0.2/doc/gmp.info-2
  114. +0 −10,615 gmp-5.0.2/doc/gmp.texi
  115. +0 −4 gmp-5.0.2/doc/stamp-vti
  116. +0 −4 gmp-5.0.2/doc/version.texi
  117. +0 −2,280 gmp-5.0.2/gmp-h.in
  118. +0 −4,660 gmp-5.0.2/gmp-impl.h
  119. +0 −1,947 gmp-5.0.2/longlong.h
Sorry, we could not display the entire diff because too many files (2,941) changed.
View
1 crypto_hash/bblake256/checksum
@@ -0,0 +1 @@
+f1f92c5e0c48941b4c630dec5ca42afa02f2ce89c7f34f8a6047b12703f7996a
View
1 crypto_hash/bblake256/description
@@ -0,0 +1 @@
+BBLAKE-256: BLAKE-256(BLAKE-256(0,m0,m2,m4,...),BLAKE-256(1,m1,m3,m5,...))
View
2 crypto_hash/bblake256/designers
@@ -0,0 +1,2 @@
+BLAKE-256: see crypto_hash/blake256
+Mindless 2-way tree mode: Daniel J. Bernstein
View
1 crypto_hash/bblake256/regs/api.h
@@ -0,0 +1 @@
+#define CRYPTO_BYTES 32
View
392 crypto_hash/bblake256/regs/hash.c
@@ -0,0 +1,392 @@
+#include <string.h>
+#include <stdio.h>
+#include "crypto_hash.h"
+#include "crypto_uint64.h"
+#include "crypto_uint32.h"
+#include "crypto_uint8.h"
+
+typedef crypto_uint64 u64;
+typedef crypto_uint32 u32;
+typedef crypto_uint8 u8;
+
+#define U8TO32(p) \
+ (((u32)((p)[0]) << 24) | ((u32)((p)[1]) << 16) | \
+ ((u32)((p)[2]) << 8) | ((u32)((p)[3]) ))
+#define U32TO8(p, v) \
+ (p)[0] = (u8)((v) >> 24); (p)[1] = (u8)((v) >> 16); \
+ (p)[2] = (u8)((v) >> 8); (p)[3] = (u8)((v) );
+
+typedef struct {
+ u32 h[8], s[4], t[2];
+ int buflen, nullt;
+ u8 buf[64];
+} state;
+
+static const u32 cst[16] = {
+ 0x243F6A88,0x85A308D3,0x13198A2E,0x03707344,
+ 0xA4093822,0x299F31D0,0x082EFA98,0xEC4E6C89,
+ 0x452821E6,0x38D01377,0xBE5466CF,0x34E90C6C,
+ 0xC0AC29B7,0xC97C50DD,0x3F84D5B5,0xB5470917};
+
+static const u8 padding[] =
+ {0x80,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
+
+#define ROT(x,n) (((x)<<(32-n))|( (x)>>(n)))
+
+void blake256_compress( state *S, const u8 *block )
+{
+ u32 m0;
+ u32 m1;
+ u32 m2;
+ u32 m3;
+ u32 m4;
+ u32 m5;
+ u32 m6;
+ u32 m7;
+ u32 m8;
+ u32 m9;
+ u32 m10;
+ u32 m11;
+ u32 m12;
+ u32 m13;
+ u32 m14;
+ u32 m15;
+ u32 v0;
+ u32 v1;
+ u32 v2;
+ u32 v3;
+ u32 v4;
+ u32 v5;
+ u32 v6;
+ u32 v7;
+ u32 v8;
+ u32 v9;
+ u32 v10;
+ u32 v11;
+ u32 v12;
+ u32 v13;
+ u32 v14;
+ u32 v15;
+
+ m0 = U8TO32(block + 0);
+ m1 = U8TO32(block + 4);
+ m2 = U8TO32(block + 8);
+ m3 = U8TO32(block + 12);
+ m4 = U8TO32(block + 16);
+ m5 = U8TO32(block + 20);
+ m6 = U8TO32(block + 24);
+ m7 = U8TO32(block + 28);
+ m8 = U8TO32(block + 32);
+ m9 = U8TO32(block + 36);
+ m10 = U8TO32(block + 40);
+ m11 = U8TO32(block + 44);
+ m12 = U8TO32(block + 48);
+ m13 = U8TO32(block + 52);
+ m14 = U8TO32(block + 56);
+ m15 = U8TO32(block + 60);
+ v0 = S->h[0];
+ v1 = S->h[1];
+ v2 = S->h[2];
+ v3 = S->h[3];
+ v4 = S->h[4];
+ v5 = S->h[5];
+ v6 = S->h[6];
+ v7 = S->h[7];
+ v8 = S->s[0] ^ 0x243F6A88;
+ v9 = S->s[1] ^ 0x85A308D3;
+ v10 = S->s[2] ^ 0x13198A2E;
+ v11 = S->s[3] ^ 0x03707344;
+ v12 = 0xA4093822;
+ v13 = 0x299F31D0;
+ v14 = 0x082EFA98;
+ v15 = 0xEC4E6C89;
+ if (S->nullt == 0) {
+ v12 ^= S->t[0];
+ v13 ^= S->t[0];
+ v14 ^= S->t[1];
+ v15 ^= S->t[1];
+ }
+
+#define ROUND(m0,c0,m1,c1,m2,c2,m3,c3,m4,c4,m5,c5,m6,c6,m7,c7,m8,c8,m9,c9,m10,c10,m11,c11,m12,c12,m13,c13,m14,c14,m15,c15) \
+ v0 += m0 ^ c0; \
+ v0 += v4; \
+ v12 ^= v0; \
+ v12 = ROT( v12,16); \
+ v8 += v12; \
+ v4 ^= v8; \
+ v4 = ROT( v4,12); \
+ v1 += m2 ^ c2; \
+ v1 += v5; \
+ v13 ^= v1; \
+ v13 = ROT( v13,16); \
+ v9 += v13; \
+ v5 ^= v9; \
+ v5 = ROT( v5,12); \
+ v2 += m4 ^ c4; \
+ v2 += v6; \
+ v14 ^= v2; \
+ v14 = ROT( v14,16); \
+ v10 += v14; \
+ v6 ^= v10; \
+ v6 = ROT( v6,12); \
+ v3 += m6 ^ c6; \
+ v3 += v7; \
+ v15 ^= v3; \
+ v15 = ROT( v15,16); \
+ v11 += v15; \
+ v7 ^= v11; \
+ v7 = ROT( v7,12); \
+ v2 += m5 ^ c5; \
+ v2 += v6; \
+ v14 ^= v2; \
+ v14 = ROT( v14, 8); \
+ v10 += v14; \
+ v6 ^= v10; \
+ v6 = ROT( v6, 7); \
+ v3 += m7 ^ c7; \
+ v3 += v7; \
+ v15 ^= v3; \
+ v15 = ROT( v15, 8); \
+ v11 += v15; \
+ v7 ^= v11; \
+ v7 = ROT( v7, 7); \
+ v1 += m3 ^ c3; \
+ v1 += v5; \
+ v13 ^= v1; \
+ v13 = ROT( v13, 8); \
+ v9 += v13; \
+ v5 ^= v9; \
+ v5 = ROT( v5, 7); \
+ v0 += m1 ^ c1; \
+ v0 += v4; \
+ v12 ^= v0; \
+ v12 = ROT( v12, 8); \
+ v8 += v12; \
+ v4 ^= v8; \
+ v4 = ROT( v4, 7); \
+ v0 += m8 ^ c8; \
+ v0 += v5; \
+ v15 ^= v0; \
+ v15 = ROT( v15,16); \
+ v10 += v15; \
+ v5 ^= v10; \
+ v5 = ROT( v5,12); \
+ v1 += m10 ^ c10; \
+ v1 += v6; \
+ v12 ^= v1; \
+ v12 = ROT( v12,16); \
+ v11 += v12; \
+ v6 ^= v11; \
+ v6 = ROT( v6,12); \
+ v2 += m12 ^ c12; \
+ v2 += v7; \
+ v13 ^= v2; \
+ v13 = ROT( v13,16); \
+ v8 += v13; \
+ v7 ^= v8; \
+ v7 = ROT( v7,12); \
+ v3 += m14 ^ c14; \
+ v3 += v4; \
+ v14 ^= v3; \
+ v14 = ROT( v14,16); \
+ v9 += v14; \
+ v4 ^= v9; \
+ v4 = ROT( v4,12); \
+ v2 += m13 ^ c13; \
+ v2 += v7; \
+ v13 ^= v2; \
+ v13 = ROT( v13, 8); \
+ v8 += v13; \
+ v7 ^= v8; \
+ v7 = ROT( v7, 7); \
+ v3 += m15 ^ c15; \
+ v3 += v4; \
+ v14 ^= v3; \
+ v14 = ROT( v14, 8); \
+ v9 += v14; \
+ v4 ^= v9; \
+ v4 = ROT( v4, 7); \
+ v1 += m11 ^ c11; \
+ v1 += v6; \
+ v12 ^= v1; \
+ v12 = ROT( v12, 8); \
+ v11 += v12; \
+ v6 ^= v11; \
+ v6 = ROT( v6, 7); \
+ v0 += m9 ^ c9; \
+ v0 += v5; \
+ v15 ^= v0; \
+ v15 = ROT( v15, 8); \
+ v10 += v15; \
+ v5 ^= v10; \
+ v5 = ROT( v5, 7); \
+
+ ROUND(m0,cst[1],m1,cst[0],m2,cst[3],m3,cst[2],m4,cst[5],m5,cst[4],m6,cst[7],m7,cst[6],m8,cst[9],m9,cst[8],m10,cst[11],m11,cst[10],m12,cst[13],m13,cst[12],m14,cst[15],m15,cst[14])
+ ROUND(m14,cst[10],m10,cst[14],m4,cst[8],m8,cst[4],m9,cst[15],m15,cst[9],m13,cst[6],m6,cst[13],m1,cst[12],m12,cst[1],m0,cst[2],m2,cst[0],m11,cst[7],m7,cst[11],m5,cst[3],m3,cst[5])
+ ROUND(m11,cst[8],m8,cst[11],m12,cst[0],m0,cst[12],m5,cst[2],m2,cst[5],m15,cst[13],m13,cst[15],m10,cst[14],m14,cst[10],m3,cst[6],m6,cst[3],m7,cst[1],m1,cst[7],m9,cst[4],m4,cst[9])
+ ROUND(m7,cst[9],m9,cst[7],m3,cst[1],m1,cst[3],m13,cst[12],m12,cst[13],m11,cst[14],m14,cst[11],m2,cst[6],m6,cst[2],m5,cst[10],m10,cst[5],m4,cst[0],m0,cst[4],m15,cst[8],m8,cst[15])
+ ROUND(m9,cst[0],m0,cst[9],m5,cst[7],m7,cst[5],m2,cst[4],m4,cst[2],m10,cst[15],m15,cst[10],m14,cst[1],m1,cst[14],m11,cst[12],m12,cst[11],m6,cst[8],m8,cst[6],m3,cst[13],m13,cst[3])
+ ROUND(m2,cst[12],m12,cst[2],m6,cst[10],m10,cst[6],m0,cst[11],m11,cst[0],m8,cst[3],m3,cst[8],m4,cst[13],m13,cst[4],m7,cst[5],m5,cst[7],m15,cst[14],m14,cst[15],m1,cst[9],m9,cst[1])
+ ROUND(m12,cst[5],m5,cst[12],m1,cst[15],m15,cst[1],m14,cst[13],m13,cst[14],m4,cst[10],m10,cst[4],m0,cst[7],m7,cst[0],m6,cst[3],m3,cst[6],m9,cst[2],m2,cst[9],m8,cst[11],m11,cst[8])
+ ROUND(m13,cst[11],m11,cst[13],m7,cst[14],m14,cst[7],m12,cst[1],m1,cst[12],m3,cst[9],m9,cst[3],m5,cst[0],m0,cst[5],m15,cst[4],m4,cst[15],m8,cst[6],m6,cst[8],m2,cst[10],m10,cst[2])
+ ROUND(m6,cst[15],m15,cst[6],m14,cst[9],m9,cst[14],m11,cst[3],m3,cst[11],m0,cst[8],m8,cst[0],m12,cst[2],m2,cst[12],m13,cst[7],m7,cst[13],m1,cst[4],m4,cst[1],m10,cst[5],m5,cst[10])
+ ROUND(m10,cst[2],m2,cst[10],m8,cst[4],m4,cst[8],m7,cst[6],m6,cst[7],m1,cst[5],m5,cst[1],m15,cst[11],m11,cst[15],m9,cst[14],m14,cst[9],m3,cst[12],m12,cst[3],m13,cst[0],m0,cst[13])
+ ROUND(m0,cst[1],m1,cst[0],m2,cst[3],m3,cst[2],m4,cst[5],m5,cst[4],m6,cst[7],m7,cst[6],m8,cst[9],m9,cst[8],m10,cst[11],m11,cst[10],m12,cst[13],m13,cst[12],m14,cst[15],m15,cst[14])
+ ROUND(m14,cst[10],m10,cst[14],m4,cst[8],m8,cst[4],m9,cst[15],m15,cst[9],m13,cst[6],m6,cst[13],m1,cst[12],m12,cst[1],m0,cst[2],m2,cst[0],m11,cst[7],m7,cst[11],m5,cst[3],m3,cst[5])
+ ROUND(m11,cst[8],m8,cst[11],m12,cst[0],m0,cst[12],m5,cst[2],m2,cst[5],m15,cst[13],m13,cst[15],m10,cst[14],m14,cst[10],m3,cst[6],m6,cst[3],m7,cst[1],m1,cst[7],m9,cst[4],m4,cst[9])
+ ROUND(m7,cst[9],m9,cst[7],m3,cst[1],m1,cst[3],m13,cst[12],m12,cst[13],m11,cst[14],m14,cst[11],m2,cst[6],m6,cst[2],m5,cst[10],m10,cst[5],m4,cst[0],m0,cst[4],m15,cst[8],m8,cst[15])
+
+ v0 ^= v8;
+ v1 ^= v9;
+ v2 ^= v10;
+ v3 ^= v11;
+ v4 ^= v12;
+ v5 ^= v13;
+ v6 ^= v14;
+ v7 ^= v15;
+
+ v0 ^= S->s[0];
+ v1 ^= S->s[1];
+ v2 ^= S->s[2];
+ v3 ^= S->s[3];
+ v4 ^= S->s[0];
+ v5 ^= S->s[1];
+ v6 ^= S->s[2];
+ v7 ^= S->s[3];
+
+ S->h[0] ^= v0;
+ S->h[1] ^= v1;
+ S->h[2] ^= v2;
+ S->h[3] ^= v3;
+ S->h[4] ^= v4;
+ S->h[5] ^= v5;
+ S->h[6] ^= v6;
+ S->h[7] ^= v7;
+}
+
+
+void blake256_init( state *S ) {
+
+ S->h[0]=0x6A09E667;
+ S->h[1]=0xBB67AE85;
+ S->h[2]=0x3C6EF372;
+ S->h[3]=0xA54FF53A;
+ S->h[4]=0x510E527F;
+ S->h[5]=0x9B05688C;
+ S->h[6]=0x1F83D9AB;
+ S->h[7]=0x5BE0CD19;
+ S->t[0]=S->t[1]=S->buflen=S->nullt=0;
+ S->s[0]=S->s[1]=S->s[2]=S->s[3] =0;
+}
+
+
+void blake256_update( state *S, const u8 *data, u64 datalen ) {
+
+ int left=S->buflen >> 3;
+ int fill=64 - left;
+
+ if( left && ( ((datalen >> 3) & 0x3F) >= fill ) ) {
+ memcpy( (void*) (S->buf + left), (void*) data, fill );
+ S->t[0] += 512;
+ if (S->t[0] == 0) S->t[1]++;
+ blake256_compress( S, S->buf );
+ data += fill;
+ datalen -= (fill << 3);
+ left = 0;
+ }
+
+ while( datalen >= 512 ) {
+ S->t[0] += 512;
+ if (S->t[0] == 0) S->t[1]++;
+ blake256_compress( S, data );
+ data += 64;
+ datalen -= 512;
+ }
+
+ if( datalen > 0 ) {
+ memcpy( (void*) (S->buf + left), (void*) data, datalen>>3 );
+ S->buflen = (left<<3) + datalen;
+ }
+ else S->buflen=0;
+}
+
+
+void blake256_final( state *S, u8 *digest ) {
+
+ u8 msglen[8], zo=0x01, oo=0x81;
+ u32 lo=S->t[0] + S->buflen, hi=S->t[1];
+ if ( lo < S->buflen ) hi++;
+ U32TO8( msglen + 0, hi );
+ U32TO8( msglen + 4, lo );
+
+ if ( S->buflen == 440 ) { /* one padding byte */
+ S->t[0] -= 8;
+ blake256_update( S, &oo, 8 );
+ }
+ else {
+ if ( S->buflen < 440 ) { /* enough space to fill the block */
+ if ( !S->buflen ) S->nullt=1;
+ S->t[0] -= 440 - S->buflen;
+ blake256_update( S, padding, 440 - S->buflen );
+ }
+ else { /* need 2 compressions */
+ S->t[0] -= 512 - S->buflen;
+ blake256_update( S, padding, 512 - S->buflen );
+ S->t[0] -= 440;
+ blake256_update( S, padding+1, 440 );
+ S->nullt = 1;
+ }
+ blake256_update( S, &zo, 8 );
+ S->t[0] -= 8;
+ }
+ S->t[0] -= 64;
+ blake256_update( S, msglen, 64 );
+
+ U32TO8( digest + 0, S->h[0]);
+ U32TO8( digest + 4, S->h[1]);
+ U32TO8( digest + 8, S->h[2]);
+ U32TO8( digest +12, S->h[3]);
+ U32TO8( digest +16, S->h[4]);
+ U32TO8( digest +20, S->h[5]);
+ U32TO8( digest +24, S->h[6]);
+ U32TO8( digest +28, S->h[7]);
+}
+
+static const unsigned char block0[64] = {0};
+static const unsigned char block1[64] = {1};
+
+int crypto_hash( unsigned char *out, const unsigned char *in, unsigned long long inlen )
+{
+ state S;
+ state S0;
+ state S1;
+ unsigned char out0[crypto_hash_BYTES];
+ unsigned char out1[crypto_hash_BYTES];
+
+ blake256_init(&S0);
+ blake256_init(&S1);
+ blake256_update(&S0,block0,64*8);
+ blake256_update(&S1,block1,64*8);
+ for (;;) {
+ if (inlen < 64) {
+ blake256_update(&S0,in,inlen*8);
+ break;
+ }
+ blake256_update(&S0,in,64*8); in += 64; inlen -= 64;
+ if (inlen < 64) {
+ blake256_update(&S1,in,inlen*8);
+ break;
+ }
+ blake256_update(&S1,in,64*8); in += 64; inlen -= 64;
+ }
+ blake256_final(&S0,out0);
+ blake256_final(&S1,out1);
+
+ blake256_init(&S);
+ blake256_update(&S,out0,crypto_hash_BYTES*8);
+ blake256_update(&S,out1,crypto_hash_BYTES*8);
+ blake256_final(&S,out);
+
+ return 0;
+}
View
2 crypto_hash/bblake256/regs/implementors
@@ -0,0 +1,2 @@
+based on: blake256/regs
+tree mode: Daniel J. Bernstein
View
0 crypto_hash/bblake256/sha3
No changes.
View
1 crypto_hash/bblake256/sse2/api.h
@@ -0,0 +1 @@
+#define CRYPTO_BYTES 32
View
2 crypto_hash/bblake256/sse2/architectures
@@ -0,0 +1,2 @@
+amd64
+x86
View
489 crypto_hash/bblake256/sse2/hash.c
@@ -0,0 +1,489 @@
+#include <string.h>
+#include <stdio.h>
+#include <emmintrin.h>
+#include "crypto_hash.h"
+#include "crypto_uint64.h"
+#include "crypto_uint32.h"
+#include "crypto_uint8.h"
+
+typedef crypto_uint64 u64;
+typedef crypto_uint32 u32;
+typedef crypto_uint8 u8;
+
+#define U8TO32(p) \
+ (((u32)((p)[0]) << 24) | ((u32)((p)[1]) << 16) | \
+ ((u32)((p)[2]) << 8) | ((u32)((p)[3]) ))
+#define U32TO8(p, v) \
+ (p)[0] = (u8)((v) >> 24); (p)[1] = (u8)((v) >> 16); \
+ (p)[2] = (u8)((v) >> 8); (p)[3] = (u8)((v) );
+
+#define LOADU(p) _mm_loadu_si128( (__m128i *)(p) )
+#define BSWAP32(r) do { \
+ r = _mm_shufflehi_epi16(r, _MM_SHUFFLE(2, 3, 0, 1)); \
+ r = _mm_shufflelo_epi16(r, _MM_SHUFFLE(2, 3, 0, 1)); \
+ r = _mm_xor_si128(_mm_slli_epi16(r, 8), _mm_srli_epi16(r, 8)); \
+} while(0)
+
+typedef struct {
+ u32 h[8], s[4], t[2];
+ int buflen, nullt;
+ u8 buf[64];
+} state;
+
+const u8 sigma[][16] = {
+ { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15 },
+ {14,10, 4, 8, 9,15,13, 6, 1,12, 0, 2,11, 7, 5, 3 },
+ {11, 8,12, 0, 5, 2,15,13,10,14, 3, 6, 7, 1, 9, 4 },
+ { 7, 9, 3, 1,13,12,11,14, 2, 6, 5,10, 4, 0,15, 8 },
+ { 9, 0, 5, 7, 2, 4,10,15,14, 1,11,12, 6, 8, 3,13 },
+ { 2,12, 6,10, 0,11, 8, 3, 4,13, 7, 5,15,14, 1, 9 },
+ {12, 5, 1,15,14,13, 4,10, 0, 7, 6, 3, 9, 2, 8,11 },
+ {13,11, 7,14,12, 1, 3, 9, 5, 0,15, 4, 8, 6, 2,10 },
+ { 6,15,14, 9,11, 3, 0, 8,12, 2,13, 7, 1, 4,10, 5 },
+ {10, 2, 8, 4, 7, 6, 1, 5,15,11, 9,14, 3,12,13 ,0 },
+ { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15 },
+ {14,10, 4, 8, 9,15,13, 6, 1,12, 0, 2,11, 7, 5, 3 },
+ {11, 8,12, 0, 5, 2,15,13,10,14, 3, 6, 7, 1, 9, 4 },
+ { 7, 9, 3, 1,13,12,11,14, 2, 6, 5,10, 4, 0,15, 8 },
+ { 9, 0, 5, 7, 2, 4,10,15,14, 1,11,12, 6, 8, 3,13 },
+ { 2,12, 6,10, 0,11, 8, 3, 4,13, 7, 5,15,14, 1, 9 },
+ {12, 5, 1,15,14,13, 4,10, 0, 7, 6, 3, 9, 2, 8,11 },
+ {13,11, 7,14,12, 1, 3, 9, 5, 0,15, 4, 8, 6, 2,10 },
+ { 6,15,14, 9,11, 3, 0, 8,12, 2,13, 7, 1, 4,10, 5 },
+ {10, 2, 8, 4, 7, 6, 1, 5,15,11, 9,14, 3,12,13 ,0 }};
+
+const u32 cst[16] = {
+ 0x243F6A88,0x85A308D3,0x13198A2E,0x03707344,
+ 0xA4093822,0x299F31D0,0x082EFA98,0xEC4E6C89,
+ 0x452821E6,0x38D01377,0xBE5466CF,0x34E90C6C,
+ 0xC0AC29B7,0xC97C50DD,0x3F84D5B5,0xB5470917};
+
+const u8 padding[] =
+ {0x80,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
+
+static const int sig[][16] = {
+ { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } ,
+ { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } ,
+ { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } ,
+ { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } ,
+ { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } ,
+ { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } ,
+ { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } ,
+ { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } ,
+ { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } ,
+ { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } ,
+ { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } ,
+ { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } ,
+ { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } ,
+ { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 }
+};
+
+static const u32 z[16] = {
+ 0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344,
+ 0xA4093822, 0x299F31D0, 0x082EFA98, 0xEC4E6C89,
+ 0x452821E6, 0x38D01377, 0xBE5466CF, 0x34E90C6C,
+ 0xC0AC29B7, 0xC97C50DD, 0x3F84D5B5, 0xB5470917
+};
+
+#define down1(r,m,row1,row2,row3,row4,buf1,buf2) \
+ buf1 = _mm_set_epi32(m.u32[sig[r][ 6]], \
+ m.u32[sig[r][ 4]], \
+ m.u32[sig[r][ 2]], \
+ m.u32[sig[r][ 0]]); \
+ buf2 = _mm_set_epi32(z[sig[r][ 7]], \
+ z[sig[r][ 5]], \
+ z[sig[r][ 3]], \
+ z[sig[r][ 1]]); \
+ buf1 = _mm_xor_si128( buf1, buf2); \
+ row1 = _mm_add_epi32( row1, buf1); \
+ row1 = _mm_add_epi32( row1, row2 ); \
+ row4 = _mm_xor_si128( row4, row1 ); \
+ row4 = _mm_xor_si128(_mm_srli_epi32( row4, 16 ),_mm_slli_epi32( row4, 16 )); \
+ row3 = _mm_add_epi32( row3, row4 ); \
+ row2 = _mm_xor_si128( row2, row3 ); \
+ row2 = _mm_xor_si128(_mm_srli_epi32( row2, 12 ),_mm_slli_epi32( row2, 20 )); \
+
+
+#define down2(r,m,row1,row2,row3,row4,buf1,buf2) \
+ buf1 = _mm_set_epi32(z[sig[r][ 6]], \
+ z[sig[r][ 4]], \
+ z[sig[r][ 2]], \
+ z[sig[r][ 0]]); \
+ buf2 = _mm_set_epi32(m.u32[sig[r][ 7]], \
+ m.u32[sig[r][ 5]], \
+ m.u32[sig[r][ 3]], \
+ m.u32[sig[r][ 1]]); \
+ buf1 = _mm_xor_si128( buf1, buf2); \
+ row1 = _mm_add_epi32( row1, buf1); \
+ row1 = _mm_add_epi32( row1, row2 ); \
+ row4 = _mm_xor_si128( row4, row1 ); \
+ row4 = _mm_xor_si128(_mm_srli_epi32( row4, 8 ),_mm_slli_epi32( row4, 24 )); \
+ row3 = _mm_add_epi32( row3, row4 ); \
+ row2 = _mm_xor_si128( row2, row3 ); \
+ row2 = _mm_xor_si128(_mm_srli_epi32( row2, 7 ),_mm_slli_epi32( row2, 25 )); \
+ row4 = _mm_shuffle_epi32( row4, _MM_SHUFFLE(2,1,0,3) ); \
+ row3 = _mm_shuffle_epi32( row3, _MM_SHUFFLE(1,0,3,2) ); \
+ row2 = _mm_shuffle_epi32( row2, _MM_SHUFFLE(0,3,2,1) ); \
+
+
+#define diag1(r,m,row1,row2,row3,row4,buf1,buf2) \
+ buf1 = _mm_set_epi32(m.u32[sig[r][14]], \
+ m.u32[sig[r][12]], \
+ m.u32[sig[r][10]], \
+ m.u32[sig[r][ 8]]); \
+ buf2 = _mm_set_epi32(z[sig[r][15]], \
+ z[sig[r][13]], \
+ z[sig[r][11]], \
+ z[sig[r][ 9]]); \
+ buf1 = _mm_xor_si128( buf1, buf2); \
+ row1 = _mm_add_epi32( row1, buf1); \
+ row1 = _mm_add_epi32( row1, row2 ); \
+ row4 = _mm_xor_si128( row4, row1 ); \
+ row4 = _mm_xor_si128(_mm_srli_epi32( row4, 16 ),_mm_slli_epi32( row4, 16 )); \
+ row3 = _mm_add_epi32( row3, row4 ); \
+ row2 = _mm_xor_si128( row2, row3 ); \
+ row2 = _mm_xor_si128(_mm_srli_epi32( row2, 12 ),_mm_slli_epi32( row2, 20 )); \
+
+
+#define diag2(r,m,row1,row2,row3,row4,buf1,buf2) \
+ buf1 = _mm_set_epi32(z[sig[r][14]], \
+ z[sig[r][12]], \
+ z[sig[r][10]], \
+ z[sig[r][ 8]]); \
+ buf2 = _mm_set_epi32(m.u32[sig[r][15]], \
+ m.u32[sig[r][13]], \
+ m.u32[sig[r][11]], \
+ m.u32[sig[r][ 9]]); \
+ buf1 = _mm_xor_si128( buf1, buf2); \
+ row1 = _mm_add_epi32( row1, buf1); \
+ row1 = _mm_add_epi32( row1, row2 ); \
+ row4 = _mm_xor_si128( row4, row1 ); \
+ row4 = _mm_xor_si128(_mm_srli_epi32( row4, 8 ),_mm_slli_epi32( row4, 24 )); \
+ row3 = _mm_add_epi32( row3, row4 ); \
+ row2 = _mm_xor_si128( row2, row3 ); \
+ row2 = _mm_xor_si128(_mm_srli_epi32( row2, 7 ),_mm_slli_epi32( row2, 25 )); \
+ row4 = _mm_shuffle_epi32( row4, _MM_SHUFFLE(0,3,2,1) ); \
+ row3 = _mm_shuffle_epi32( row3, _MM_SHUFFLE(1,0,3,2) ); \
+ row2 = _mm_shuffle_epi32( row2, _MM_SHUFFLE(2,1,0,3) ); \
+
+#define round(r,m,row1,row2,row3,row4,buf1,buf2) \
+ down1(r,m,row1,row2,row3,row4,buf1,buf2) \
+ down2(r,m,row1,row2,row3,row4,buf1,buf2) \
+ diag1(r,m,row1,row2,row3,row4,buf1,buf2) \
+ diag2(r,m,row1,row2,row3,row4,buf1,buf2)
+
+
+static void blake256_compress( state * state, const u8 * datablock ) {
+
+ __m128i row1,row2,row3,row4;
+ __m128i buf1,buf2;
+
+ union {
+ u32 u32[16];
+ __m128i u128[4];
+ } m;
+ u64 t;
+
+ m.u128[0] = LOADU(datablock + 0);
+ m.u128[1] = LOADU(datablock + 16);
+ m.u128[2] = LOADU(datablock + 32);
+ m.u128[3] = LOADU(datablock + 48);
+
+ BSWAP32(m.u128[0]);
+ BSWAP32(m.u128[1]);
+ BSWAP32(m.u128[2]);
+ BSWAP32(m.u128[3]);
+
+ row1 = _mm_set_epi32(state->h[ 3], state->h[ 2],
+ state->h[ 1], state->h[ 0]);
+ row2 = _mm_set_epi32(state->h[ 7], state->h[ 6],
+ state->h[ 5], state->h[ 4]);
+ row3 = _mm_set_epi32(0x03707344, 0x13198A2E, 0x85A308D3, 0x243F6A88);
+
+ if (state->nullt)
+ row4 = _mm_set_epi32(0xEC4E6C89, 0x082EFA98, 0x299F31D0, 0xA4093822);
+ else
+ row4 = _mm_set_epi32(0xEC4E6C89^state->t[1], 0x082EFA98^state->t[1],
+ 0x299F31D0^state->t[0], 0xA4093822^state->t[0]);
+
+ round( 0,m,row1,row2,row3,row4,buf1,buf2);
+ round( 1,m,row1,row2,row3,row4,buf1,buf2);
+ round( 2,m,row1,row2,row3,row4,buf1,buf2);
+ round( 3,m,row1,row2,row3,row4,buf1,buf2);
+ round( 4,m,row1,row2,row3,row4,buf1,buf2);
+ round( 5,m,row1,row2,row3,row4,buf1,buf2);
+ round( 6,m,row1,row2,row3,row4,buf1,buf2);
+ round( 7,m,row1,row2,row3,row4,buf1,buf2);
+ round( 8,m,row1,row2,row3,row4,buf1,buf2);
+ round( 9,m,row1,row2,row3,row4,buf1,buf2);
+ round(10,m,row1,row2,row3,row4,buf1,buf2);
+ round(11,m,row1,row2,row3,row4,buf1,buf2);
+ round(12,m,row1,row2,row3,row4,buf1,buf2);
+ round(13,m,row1,row2,row3,row4,buf1,buf2);
+
+ _mm_store_si128( (__m128i *)m.u32, _mm_xor_si128(row1,row3));
+ state->h[0] ^= m.u32[ 0];
+ state->h[1] ^= m.u32[ 1];
+ state->h[2] ^= m.u32[ 2];
+ state->h[3] ^= m.u32[ 3];
+ _mm_store_si128( (__m128i *)m.u32, _mm_xor_si128(row2,row4));
+ state->h[4] ^= m.u32[ 0];
+ state->h[5] ^= m.u32[ 1];
+ state->h[6] ^= m.u32[ 2];
+ state->h[7] ^= m.u32[ 3];
+}
+
+static void blake256_compress2(
+ state * xstate, const u8 * xdatablock,
+ state * ystate, const u8 * ydatablock
+)
+{
+ __m128i xrow1,xrow2,xrow3,xrow4;
+ __m128i xbuf1,xbuf2;
+ __m128i yrow1,yrow2,yrow3,yrow4;
+ __m128i ybuf1,ybuf2;
+
+ union {
+ u32 u32[16];
+ __m128i u128[4];
+ } xm, ym;
+ u64 t;
+
+ xm.u128[0] = LOADU(xdatablock + 0);
+ xm.u128[1] = LOADU(xdatablock + 16);
+ xm.u128[2] = LOADU(xdatablock + 32);
+ xm.u128[3] = LOADU(xdatablock + 48);
+ ym.u128[0] = LOADU(ydatablock + 0);
+ ym.u128[1] = LOADU(ydatablock + 16);
+ ym.u128[2] = LOADU(ydatablock + 32);
+ ym.u128[3] = LOADU(ydatablock + 48);
+
+ BSWAP32(xm.u128[0]);
+ BSWAP32(xm.u128[1]);
+ BSWAP32(xm.u128[2]);
+ BSWAP32(xm.u128[3]);
+ BSWAP32(ym.u128[0]);
+ BSWAP32(ym.u128[1]);
+ BSWAP32(ym.u128[2]);
+ BSWAP32(ym.u128[3]);
+
+ xrow1 = _mm_set_epi32(xstate->h[ 3], xstate->h[ 2],
+ xstate->h[ 1], xstate->h[ 0]);
+ xrow2 = _mm_set_epi32(xstate->h[ 7], xstate->h[ 6],
+ xstate->h[ 5], xstate->h[ 4]);
+ xrow3 = _mm_set_epi32(0x03707344, 0x13198A2E, 0x85A308D3, 0x243F6A88);
+
+ if (xstate->nullt)
+ xrow4 = _mm_set_epi32(0xEC4E6C89, 0x082EFA98, 0x299F31D0, 0xA4093822);
+ else
+ xrow4 = _mm_set_epi32(0xEC4E6C89^xstate->t[1], 0x082EFA98^xstate->t[1],
+ 0x299F31D0^xstate->t[0], 0xA4093822^xstate->t[0]);
+
+ yrow1 = _mm_set_epi32(ystate->h[ 3], ystate->h[ 2],
+ ystate->h[ 1], ystate->h[ 0]);
+ yrow2 = _mm_set_epi32(ystate->h[ 7], ystate->h[ 6],
+ ystate->h[ 5], ystate->h[ 4]);
+ yrow3 = _mm_set_epi32(0x03707344, 0x13198A2E, 0x85A308D3, 0x243F6A88);
+
+ if (ystate->nullt)
+ yrow4 = _mm_set_epi32(0xEC4E6C89, 0x082EFA98, 0x299F31D0, 0xA4093822);
+ else
+ yrow4 = _mm_set_epi32(0xEC4E6C89^ystate->t[1], 0x082EFA98^ystate->t[1],
+ 0x299F31D0^ystate->t[0], 0xA4093822^ystate->t[0]);
+
+#define roundround(r) \
+ down1( r,xm,xrow1,xrow2,xrow3,xrow4,xbuf1,xbuf2) \
+ down1( r,ym,yrow1,yrow2,yrow3,yrow4,ybuf1,ybuf2) \
+ down2( r,xm,xrow1,xrow2,xrow3,xrow4,xbuf1,xbuf2) \
+ down2( r,ym,yrow1,yrow2,yrow3,yrow4,ybuf1,ybuf2) \
+ diag1( r,xm,xrow1,xrow2,xrow3,xrow4,xbuf1,xbuf2) \
+ diag1( r,ym,yrow1,yrow2,yrow3,yrow4,ybuf1,ybuf2) \
+ diag2( r,xm,xrow1,xrow2,xrow3,xrow4,xbuf1,xbuf2) \
+ diag2( r,ym,yrow1,yrow2,yrow3,yrow4,ybuf1,ybuf2)
+
+ roundround( 0)
+ roundround( 1)
+ roundround( 2)
+ roundround( 3)
+ roundround( 4)
+ roundround( 5)
+ roundround( 6)
+ roundround( 7)
+ roundround( 8)
+ roundround( 9)
+ roundround(10)
+ roundround(11)
+ roundround(12)
+ roundround(13)
+
+ _mm_store_si128( (__m128i *)xm.u32, _mm_xor_si128(xrow1,xrow3));
+ xstate->h[0] ^= xm.u32[ 0];
+ xstate->h[1] ^= xm.u32[ 1];
+ xstate->h[2] ^= xm.u32[ 2];
+ xstate->h[3] ^= xm.u32[ 3];
+ _mm_store_si128( (__m128i *)xm.u32, _mm_xor_si128(xrow2,xrow4));
+ xstate->h[4] ^= xm.u32[ 0];
+ xstate->h[5] ^= xm.u32[ 1];
+ xstate->h[6] ^= xm.u32[ 2];
+ xstate->h[7] ^= xm.u32[ 3];
+
+ _mm_store_si128( (__m128i *)ym.u32, _mm_xor_si128(yrow1,yrow3));
+ ystate->h[0] ^= ym.u32[ 0];
+ ystate->h[1] ^= ym.u32[ 1];
+ ystate->h[2] ^= ym.u32[ 2];
+ ystate->h[3] ^= ym.u32[ 3];
+ _mm_store_si128( (__m128i *)ym.u32, _mm_xor_si128(yrow2,yrow4));
+ ystate->h[4] ^= ym.u32[ 0];
+ ystate->h[5] ^= ym.u32[ 1];
+ ystate->h[6] ^= ym.u32[ 2];
+ ystate->h[7] ^= ym.u32[ 3];
+}
+
+void blake256_init( state *S ) {
+ S->h[0]=0x6A09E667;
+ S->h[1]=0xBB67AE85;
+ S->h[2]=0x3C6EF372;
+ S->h[3]=0xA54FF53A;
+ S->h[4]=0x510E527F;
+ S->h[5]=0x9B05688C;
+ S->h[6]=0x1F83D9AB;
+ S->h[7]=0x5BE0CD19;
+ S->t[0]=S->t[1]=S->buflen=S->nullt=0;
+ S->s[0]=S->s[1]=S->s[2]=S->s[3] =0;
+}
+
+void blake256_init0( state *S ) {
+ S->h[0]=0xb5bfb2f9;
+ S->h[1]=0x14cfcc63;
+ S->h[2]=0xb85c549c;
+ S->h[3]=0xc9b4184e;
+ S->h[4]=0x67dfc6ce;
+ S->h[5]=0x29e9904b;
+ S->h[6]=0xd59ee74e;
+ S->h[7]=0xfaa9c653;
+ S->t[0]=512;
+ S->t[1]=S->buflen=S->nullt=0;
+ S->s[0]=S->s[1]=S->s[2]=S->s[3] =0;
+}
+
+void blake256_init1( state *S ) {
+ S->h[0]=0x3174b284;
+ S->h[1]=0x24796e24;
+ S->h[2]=0x9fc2eecc;
+ S->h[3]=0x236cb48c;
+ S->h[4]=0x15f7a368;
+ S->h[5]=0x4fe6923e;
+ S->h[6]=0x04fad360;
+ S->h[7]=0x76aeea3a;
+ S->t[0]=512;
+ S->t[1]=S->buflen=S->nullt=0;
+ S->s[0]=S->s[1]=S->s[2]=S->s[3] =0;
+}
+
+
+void blake256_update( state *S, const u8 *data, u64 datalen ) {
+
+ int left=S->buflen >> 3;
+ int fill=64 - left;
+
+ if( left && ( ((datalen >> 3) & 0x3F) >= fill ) ) {
+ memcpy( (void*) (S->buf + left), (void*) data, fill );
+ S->t[0] += 512;
+ if (S->t[0] == 0) S->t[1]++;
+ blake256_compress( S, S->buf );
+ data += fill;
+ datalen -= (fill << 3);
+ left = 0;
+ }
+
+ while( datalen >= 512 ) {
+ S->t[0] += 512;
+ if (S->t[0] == 0) S->t[1]++;
+ blake256_compress( S, data );
+ data += 64;
+ datalen -= 512;
+ }
+
+ if( datalen > 0 ) {
+ memcpy( (void*) (S->buf + left), (void*) data, datalen>>3 );
+ S->buflen = (left<<3) + datalen;
+ }
+ else S->buflen=0;
+}
+
+
+void blake256_final( state *S, u8 *digest ) {
+
+ u8 msglen[8], zo=0x01, oo=0x81;
+ u32 lo=S->t[0] + S->buflen, hi=S->t[1];
+ if ( lo < S->buflen ) hi++;
+ U32TO8( msglen + 0, hi );
+ U32TO8( msglen + 4, lo );
+
+ if ( S->buflen == 440 ) { /* one padding byte */
+ S->t[0] -= 8;
+ blake256_update( S, &oo, 8 );
+ }
+ else {
+ if ( S->buflen < 440 ) { /* enough space to fill the block */
+ if ( !S->buflen ) S->nullt=1;
+ S->t[0] -= 440 - S->buflen;
+ blake256_update( S, padding, 440 - S->buflen );
+ }
+ else { /* need 2 compressions */
+ S->t[0] -= 512 - S->buflen;
+ blake256_update( S, padding, 512 - S->buflen );
+ S->t[0] -= 440;
+ blake256_update( S, padding+1, 440 );
+ S->nullt = 1;
+ }
+ blake256_update( S, &zo, 8 );
+ S->t[0] -= 8;
+ }
+ S->t[0] -= 64;
+ blake256_update( S, msglen, 64 );
+
+ U32TO8( digest + 0, S->h[0]);
+ U32TO8( digest + 4, S->h[1]);
+ U32TO8( digest + 8, S->h[2]);
+ U32TO8( digest +12, S->h[3]);
+ U32TO8( digest +16, S->h[4]);
+ U32TO8( digest +20, S->h[5]);
+ U32TO8( digest +24, S->h[6]);
+ U32TO8( digest +28, S->h[7]);
+}
+
+
+int crypto_hash( unsigned char *out, const unsigned char *in, unsigned long long inlen )
+{
+ state S0;
+ state S1;
+ unsigned char out0[crypto_hash_BYTES];
+ unsigned char out1[crypto_hash_BYTES];
+
+ blake256_init0(&S0);
+ blake256_init1(&S1);
+ while (inlen >= 128) {
+ if (!(S0.t[0] += 512)) ++S0.t[1];
+ if (!(S1.t[0] += 512)) ++S1.t[1];
+ blake256_compress2(&S0,in,&S1,in + 64);
+ in += 128;
+ inlen -= 128;
+ }
+ if (inlen >= 64) {
+ blake256_update(&S0,in,64*8); in += 64; inlen -= 64;
+ blake256_update(&S1,in,inlen*8);
+ } else {
+ blake256_update(&S0,in,inlen*8);
+ }
+ blake256_final(&S0,out0);
+ blake256_final(&S1,out1);
+
+ blake256_init(&S0);
+ blake256_update(&S0,out0,crypto_hash_BYTES*8);
+ blake256_update(&S0,out1,crypto_hash_BYTES*8);
+ blake256_final(&S0,out);
+
+ return 0;
+}
View
2 crypto_hash/bblake256/sse2/implementors
@@ -0,0 +1,2 @@
+based on: blake256/sse2
+tree mode: Daniel J. Bernstein
View
1 crypto_hash/bblake256/ssse3/api.h
@@ -0,0 +1 @@
+#define CRYPTO_BYTES 32
View
2 crypto_hash/bblake256/ssse3/architectures
@@ -0,0 +1,2 @@
+amd64
+x86
View
474 crypto_hash/bblake256/ssse3/hash.c
@@ -0,0 +1,474 @@
+#include <string.h>
+#include <stdio.h>
+#include <tmmintrin.h>
+#include "crypto_hash.h"
+#include "crypto_uint64.h"
+#include "crypto_uint32.h"
+#include "crypto_uint8.h"
+
+typedef crypto_uint64 u64;
+typedef crypto_uint32 u32;
+typedef crypto_uint8 u8;
+
+#define U8TO32(p) \
+ (((u32)((p)[0]) << 24) | ((u32)((p)[1]) << 16) | \
+ ((u32)((p)[2]) << 8) | ((u32)((p)[3]) ))
+#define U32TO8(p, v) \
+ (p)[0] = (u8)((v) >> 24); (p)[1] = (u8)((v) >> 16); \
+ (p)[2] = (u8)((v) >> 8); (p)[3] = (u8)((v) );
+
+typedef struct {
+ u32 h[8], s[4], t[2];
+ int buflen, nullt;
+ u8 buf[64];
+} state;
+
+const u8 sigma[][16] = {
+ { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15 },
+ {14,10, 4, 8, 9,15,13, 6, 1,12, 0, 2,11, 7, 5, 3 },
+ {11, 8,12, 0, 5, 2,15,13,10,14, 3, 6, 7, 1, 9, 4 },
+ { 7, 9, 3, 1,13,12,11,14, 2, 6, 5,10, 4, 0,15, 8 },
+ { 9, 0, 5, 7, 2, 4,10,15,14, 1,11,12, 6, 8, 3,13 },
+ { 2,12, 6,10, 0,11, 8, 3, 4,13, 7, 5,15,14, 1, 9 },
+ {12, 5, 1,15,14,13, 4,10, 0, 7, 6, 3, 9, 2, 8,11 },
+ {13,11, 7,14,12, 1, 3, 9, 5, 0,15, 4, 8, 6, 2,10 },
+ { 6,15,14, 9,11, 3, 0, 8,12, 2,13, 7, 1, 4,10, 5 },
+ {10, 2, 8, 4, 7, 6, 1, 5,15,11, 9,14, 3,12,13 ,0 },
+ { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15 },
+ {14,10, 4, 8, 9,15,13, 6, 1,12, 0, 2,11, 7, 5, 3 },
+ {11, 8,12, 0, 5, 2,15,13,10,14, 3, 6, 7, 1, 9, 4 },
+ { 7, 9, 3, 1,13,12,11,14, 2, 6, 5,10, 4, 0,15, 8 },
+ { 9, 0, 5, 7, 2, 4,10,15,14, 1,11,12, 6, 8, 3,13 },
+ { 2,12, 6,10, 0,11, 8, 3, 4,13, 7, 5,15,14, 1, 9 },
+ {12, 5, 1,15,14,13, 4,10, 0, 7, 6, 3, 9, 2, 8,11 },
+ {13,11, 7,14,12, 1, 3, 9, 5, 0,15, 4, 8, 6, 2,10 },
+ { 6,15,14, 9,11, 3, 0, 8,12, 2,13, 7, 1, 4,10, 5 },
+ {10, 2, 8, 4, 7, 6, 1, 5,15,11, 9,14, 3,12,13 ,0 }};
+
+const u32 cst[16] = {
+ 0x243F6A88,0x85A308D3,0x13198A2E,0x03707344,
+ 0xA4093822,0x299F31D0,0x082EFA98,0xEC4E6C89,
+ 0x452821E6,0x38D01377,0xBE5466CF,0x34E90C6C,
+ 0xC0AC29B7,0xC97C50DD,0x3F84D5B5,0xB5470917};
+
+const u8 padding[] =
+ {0x80,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
+ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
+
+static const int sig[][16] = {
+ { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } ,
+ { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } ,
+ { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } ,
+ { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } ,
+ { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } ,
+ { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } ,
+ { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } ,
+ { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } ,
+ { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } ,
+ { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } ,
+ { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } ,
+ { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } ,
+ { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } ,
+ { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 }
+};
+
+static const u32 z[16] = {
+ 0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344,
+ 0xA4093822, 0x299F31D0, 0x082EFA98, 0xEC4E6C89,
+ 0x452821E6, 0x38D01377, 0xBE5466CF, 0x34E90C6C,
+ 0xC0AC29B7, 0xC97C50DD, 0x3F84D5B5, 0xB5470917
+};
+
+#define down1(r,m,row1,row2,row3,row4,buf1,buf2) \
+ buf1 = _mm_set_epi32(m.u32[sig[r][ 6]], \
+ m.u32[sig[r][ 4]], \
+ m.u32[sig[r][ 2]], \
+ m.u32[sig[r][ 0]]); \
+ buf2 = _mm_set_epi32(z[sig[r][ 7]], \
+ z[sig[r][ 5]], \
+ z[sig[r][ 3]], \
+ z[sig[r][ 1]]); \
+ buf1 = _mm_xor_si128( buf1, buf2); \
+ row1 = _mm_add_epi32( row1, buf1); \
+ row1 = _mm_add_epi32( row1, row2 ); \
+ row4 = _mm_xor_si128( row4, row1 ); \
+ row4 = _mm_shuffle_epi8(row4, r16); \
+ row3 = _mm_add_epi32( row3, row4 ); \
+ row2 = _mm_xor_si128( row2, row3 ); \
+ row2 = _mm_xor_si128(_mm_srli_epi32( row2, 12 ),_mm_slli_epi32( row2, 20 )); \
+
+
+#define down2(r,m,row1,row2,row3,row4,buf1,buf2) \
+ buf1 = _mm_set_epi32(m.u32[sig[r][ 7]], \
+ m.u32[sig[r][ 5]], \
+ m.u32[sig[r][ 3]], \
+ m.u32[sig[r][ 1]]); \
+ buf2 = _mm_set_epi32(z[sig[r][ 6]], \
+ z[sig[r][ 4]], \
+ z[sig[r][ 2]], \
+ z[sig[r][ 0]]); \
+ buf1 = _mm_xor_si128( buf1, buf2); \
+ row1 = _mm_add_epi32( row1, buf1); \
+ row1 = _mm_add_epi32( row1, row2 ); \
+ row4 = _mm_xor_si128( row4, row1 ); \
+ row4 = _mm_shuffle_epi8(row4, r8); \
+ row3 = _mm_add_epi32( row3, row4 ); \
+ row2 = _mm_xor_si128( row2, row3 ); \
+ row2 = _mm_xor_si128(_mm_srli_epi32( row2, 7 ),_mm_slli_epi32( row2, 25 )); \
+ row4 = _mm_shuffle_epi32( row4, _MM_SHUFFLE(2,1,0,3) ); \
+ row3 = _mm_shuffle_epi32( row3, _MM_SHUFFLE(1,0,3,2) ); \
+ row2 = _mm_shuffle_epi32( row2, _MM_SHUFFLE(0,3,2,1) ); \
+
+
+#define diag1(r,m,row1,row2,row3,row4,buf1,buf2) \
+ buf1 = _mm_set_epi32(m.u32[sig[r][14]], \
+ m.u32[sig[r][12]], \
+ m.u32[sig[r][10]], \
+ m.u32[sig[r][ 8]]); \
+ buf2 = _mm_set_epi32(z[sig[r][15]], \
+ z[sig[r][13]], \
+ z[sig[r][11]], \
+ z[sig[r][ 9]]); \
+ buf1 = _mm_xor_si128( buf1, buf2); \
+ row1 = _mm_add_epi32( row1, buf1); \
+ row1 = _mm_add_epi32( row1, row2 ); \
+ row4 = _mm_xor_si128( row4, row1 ); \
+ row4 = _mm_shuffle_epi8(row4, r16); \
+ row3 = _mm_add_epi32( row3, row4 ); \
+ row2 = _mm_xor_si128( row2, row3 ); \
+ row2 = _mm_xor_si128(_mm_srli_epi32( row2, 12 ),_mm_slli_epi32( row2, 20 )); \
+
+
+#define diag2(r,m,row1,row2,row3,row4,buf1,buf2) \
+ buf1 = _mm_set_epi32(m.u32[sig[r][15]], \
+ m.u32[sig[r][13]], \
+ m.u32[sig[r][11]], \
+ m.u32[sig[r][ 9]]); \
+ buf2 = _mm_set_epi32(z[sig[r][14]], \
+ z[sig[r][12]], \
+ z[sig[r][10]], \
+ z[sig[r][ 8]]); \
+ buf1 = _mm_xor_si128( buf1, buf2); \
+ row1 = _mm_add_epi32( row1, buf1); \
+ row1 = _mm_add_epi32( row1, row2 ); \
+ row4 = _mm_xor_si128( row4, row1 ); \
+ row4 = _mm_shuffle_epi8(row4, r8); \
+ row3 = _mm_add_epi32( row3, row4 ); \
+ row2 = _mm_xor_si128( row2, row3 ); \
+ row2 = _mm_xor_si128(_mm_srli_epi32( row2, 7 ),_mm_slli_epi32( row2, 25 )); \
+ row4 = _mm_shuffle_epi32( row4, _MM_SHUFFLE(0,3,2,1) ); \
+ row3 = _mm_shuffle_epi32( row3, _MM_SHUFFLE(1,0,3,2) ); \
+ row2 = _mm_shuffle_epi32( row2, _MM_SHUFFLE(2,1,0,3) ); \
+
+#define round(r,m,row1,row2,row3,row4,buf1,buf2) \
+ down1(r,m,row1,row2,row3,row4,buf1,buf2) \
+ down2(r,m,row1,row2,row3,row4,buf1,buf2) \
+ diag1(r,m,row1,row2,row3,row4,buf1,buf2) \
+ diag2(r,m,row1,row2,row3,row4,buf1,buf2)
+
+
+static void blake256_compress( state * state, const u8 * datablock ) {
+
+ __m128i row1,row2,row3,row4;
+ __m128i buf1,buf2;
+ const __m128i r8 = _mm_set_epi8(12,15,14,13,8,11,10,9,4,7,6,5,0,3,2,1);
+ const __m128i r16 = _mm_set_epi8(13,12,15,14,9,8,11,10,5,4,7,6,1,0,3,2);
+ const __m128i u8to32 = _mm_set_epi8(12, 13, 14, 15, 8, 9, 10, 11, 4, 5, 6, 7, 0, 1, 2, 3);
+
+ union {
+ u32 u32[16];
+ __m128i u128[4];
+ } m;
+ u64 t;
+
+ m.u128[0] = _mm_shuffle_epi8(_mm_loadu_si128((__m128i*)(datablock + 00)), u8to32);
+ m.u128[1] = _mm_shuffle_epi8(_mm_loadu_si128((__m128i*)(datablock + 16)), u8to32);
+ m.u128[2] = _mm_shuffle_epi8(_mm_loadu_si128((__m128i*)(datablock + 32)), u8to32);
+ m.u128[3] = _mm_shuffle_epi8(_mm_loadu_si128((__m128i*)(datablock + 48)), u8to32);
+
+ row1 = _mm_set_epi32(state->h[ 3], state->h[ 2],
+ state->h[ 1], state->h[ 0]);
+ row2 = _mm_set_epi32(state->h[ 7], state->h[ 6],
+ state->h[ 5], state->h[ 4]);
+ row3 = _mm_set_epi32(0x03707344, 0x13198A2E, 0x85A308D3, 0x243F6A88);
+
+ if (state->nullt)
+ row4 = _mm_set_epi32(0xEC4E6C89, 0x082EFA98, 0x299F31D0, 0xA4093822);
+ else
+ row4 = _mm_set_epi32(0xEC4E6C89^state->t[1], 0x082EFA98^state->t[1],
+ 0x299F31D0^state->t[0], 0xA4093822^state->t[0]);
+
+ round( 0,m,row1,row2,row3,row4,buf1,buf2);
+ round( 1,m,row1,row2,row3,row4,buf1,buf2);
+ round( 2,m,row1,row2,row3,row4,buf1,buf2);
+ round( 3,m,row1,row2,row3,row4,buf1,buf2);
+ round( 4,m,row1,row2,row3,row4,buf1,buf2);
+ round( 5,m,row1,row2,row3,row4,buf1,buf2);
+ round( 6,m,row1,row2,row3,row4,buf1,buf2);
+ round( 7,m,row1,row2,row3,row4,buf1,buf2);
+ round( 8,m,row1,row2,row3,row4,buf1,buf2);
+ round( 9,m,row1,row2,row3,row4,buf1,buf2);
+ round(10,m,row1,row2,row3,row4,buf1,buf2);
+ round(11,m,row1,row2,row3,row4,buf1,buf2);
+ round(12,m,row1,row2,row3,row4,buf1,buf2);
+ round(13,m,row1,row2,row3,row4,buf1,buf2);
+
+ _mm_store_si128( (__m128i *)m.u32, _mm_xor_si128(row1,row3));
+ state->h[0] ^= m.u32[ 0];
+ state->h[1] ^= m.u32[ 1];
+ state->h[2] ^= m.u32[ 2];
+ state->h[3] ^= m.u32[ 3];
+ _mm_store_si128( (__m128i *)m.u32, _mm_xor_si128(row2,row4));
+ state->h[4] ^= m.u32[ 0];
+ state->h[5] ^= m.u32[ 1];
+ state->h[6] ^= m.u32[ 2];
+ state->h[7] ^= m.u32[ 3];
+}
+
+static void blake256_compress2(
+ state * xstate, const u8 * xdatablock,
+ state * ystate, const u8 * ydatablock
+)
+{
+ __m128i xrow1,xrow2,xrow3,xrow4;
+ __m128i xbuf1,xbuf2;
+ __m128i yrow1,yrow2,yrow3,yrow4;
+ __m128i ybuf1,ybuf2;
+ const __m128i r8 = _mm_set_epi8(12,15,14,13,8,11,10,9,4,7,6,5,0,3,2,1);
+ const __m128i r16 = _mm_set_epi8(13,12,15,14,9,8,11,10,5,4,7,6,1,0,3,2);
+ const __m128i u8to32 = _mm_set_epi8(12, 13, 14, 15, 8, 9, 10, 11, 4, 5, 6, 7, 0, 1, 2, 3);
+
+ union {
+ u32 u32[16];
+ __m128i u128[4];
+ } xm, ym;
+ u64 t;
+
+ xm.u128[0] = _mm_shuffle_epi8(_mm_loadu_si128((__m128i*)(xdatablock + 00)), u8to32);
+ xm.u128[1] = _mm_shuffle_epi8(_mm_loadu_si128((__m128i*)(xdatablock + 16)), u8to32);
+ xm.u128[2] = _mm_shuffle_epi8(_mm_loadu_si128((__m128i*)(xdatablock + 32)), u8to32);
+ xm.u128[3] = _mm_shuffle_epi8(_mm_loadu_si128((__m128i*)(xdatablock + 48)), u8to32);
+ ym.u128[0] = _mm_shuffle_epi8(_mm_loadu_si128((__m128i*)(ydatablock + 00)), u8to32);
+ ym.u128[1] = _mm_shuffle_epi8(_mm_loadu_si128((__m128i*)(ydatablock + 16)), u8to32);
+ ym.u128[2] = _mm_shuffle_epi8(_mm_loadu_si128((__m128i*)(ydatablock + 32)), u8to32);
+ ym.u128[3] = _mm_shuffle_epi8(_mm_loadu_si128((__m128i*)(ydatablock + 48)), u8to32);
+
+ xrow1 = _mm_set_epi32(xstate->h[ 3], xstate->h[ 2],
+ xstate->h[ 1], xstate->h[ 0]);
+ xrow2 = _mm_set_epi32(xstate->h[ 7], xstate->h[ 6],
+ xstate->h[ 5], xstate->h[ 4]);
+ xrow3 = _mm_set_epi32(0x03707344, 0x13198A2E, 0x85A308D3, 0x243F6A88);
+
+ if (xstate->nullt)
+ xrow4 = _mm_set_epi32(0xEC4E6C89, 0x082EFA98, 0x299F31D0, 0xA4093822);
+ else
+ xrow4 = _mm_set_epi32(0xEC4E6C89^xstate->t[1], 0x082EFA98^xstate->t[1],
+ 0x299F31D0^xstate->t[0], 0xA4093822^xstate->t[0]);
+
+ yrow1 = _mm_set_epi32(ystate->h[ 3], ystate->h[ 2],
+ ystate->h[ 1], ystate->h[ 0]);
+ yrow2 = _mm_set_epi32(ystate->h[ 7], ystate->h[ 6],
+ ystate->h[ 5], ystate->h[ 4]);
+ yrow3 = _mm_set_epi32(0x03707344, 0x13198A2E, 0x85A308D3, 0x243F6A88);
+
+ if (ystate->nullt)
+ yrow4 = _mm_set_epi32(0xEC4E6C89, 0x082EFA98, 0x299F31D0, 0xA4093822);
+ else
+ yrow4 = _mm_set_epi32(0xEC4E6C89^ystate->t[1], 0x082EFA98^ystate->t[1],
+ 0x299F31D0^ystate->t[0], 0xA4093822^ystate->t[0]);
+
+#define roundround(r) \
+ down1( r,xm,xrow1,xrow2,xrow3,xrow4,xbuf1,xbuf2) \
+ down1( r,ym,yrow1,yrow2,yrow3,yrow4,ybuf1,ybuf2) \
+ down2( r,xm,xrow1,xrow2,xrow3,xrow4,xbuf1,xbuf2) \
+ down2( r,ym,yrow1,yrow2,yrow3,yrow4,ybuf1,ybuf2) \
+ diag1( r,xm,xrow1,xrow2,xrow3,xrow4,xbuf1,xbuf2) \
+ diag1( r,ym,yrow1,yrow2,yrow3,yrow4,ybuf1,ybuf2) \
+ diag2( r,xm,xrow1,xrow2,xrow3,xrow4,xbuf1,xbuf2) \
+ diag2( r,ym,yrow1,yrow2,yrow3,yrow4,ybuf1,ybuf2)
+
+ roundround( 0)
+ roundround( 1)
+ roundround( 2)
+ roundround( 3)
+ roundround( 4)
+ roundround( 5)
+ roundround( 6)
+ roundround( 7)
+ roundround( 8)
+ roundround( 9)
+ roundround(10)
+ roundround(11)
+ roundround(12)
+ roundround(13)
+
+ _mm_store_si128( (__m128i *)xm.u32, _mm_xor_si128(xrow1,xrow3));
+ xstate->h[0] ^= xm.u32[ 0];
+ xstate->h[1] ^= xm.u32[ 1];
+ xstate->h[2] ^= xm.u32[ 2];
+ xstate->h[3] ^= xm.u32[ 3];
+ _mm_store_si128( (__m128i *)xm.u32, _mm_xor_si128(xrow2,xrow4));
+ xstate->h[4] ^= xm.u32[ 0];
+ xstate->h[5] ^= xm.u32[ 1];
+ xstate->h[6] ^= xm.u32[ 2];
+ xstate->h[7] ^= xm.u32[ 3];
+
+ _mm_store_si128( (__m128i *)ym.u32, _mm_xor_si128(yrow1,yrow3));
+ ystate->h[0] ^= ym.u32[ 0];
+ ystate->h[1] ^= ym.u32[ 1];
+ ystate->h[2] ^= ym.u32[ 2];
+ ystate->h[3] ^= ym.u32[ 3];
+ _mm_store_si128( (__m128i *)ym.u32, _mm_xor_si128(yrow2,yrow4));
+ ystate->h[4] ^= ym.u32[ 0];
+ ystate->h[5] ^= ym.u32[ 1];
+ ystate->h[6] ^= ym.u32[ 2];
+ ystate->h[7] ^= ym.u32[ 3];
+}
+
+void blake256_init( state *S ) {
+ S->h[0]=0x6A09E667;
+ S->h[1]=0xBB67AE85;
+ S->h[2]=0x3C6EF372;
+ S->h[3]=0xA54FF53A;
+ S->h[4]=0x510E527F;
+ S->h[5]=0x9B05688C;
+ S->h[6]=0x1F83D9AB;
+ S->h[7]=0x5BE0CD19;
+ S->t[0]=S->t[1]=S->buflen=S->nullt=0;
+ S->s[0]=S->s[1]=S->s[2]=S->s[3] =0;
+}
+
+void blake256_init0( state *S ) {
+ S->h[0]=0xb5bfb2f9;
+ S->h[1]=0x14cfcc63;
+ S->h[2]=0xb85c549c;
+ S->h[3]=0xc9b4184e;
+ S->h[4]=0x67dfc6ce;
+ S->h[5]=0x29e9904b;
+ S->h[6]=0xd59ee74e;
+ S->h[7]=0xfaa9c653;
+ S->t[0]=512;
+ S->t[1]=S->buflen=S->nullt=0;
+ S->s[0]=S->s[1]=S->s[2]=S->s[3] =0;
+}
+
+void blake256_init1( state *S ) {
+ S->h[0]=0x3174b284;
+ S->h[1]=0x24796e24;
+ S->h[2]=0x9fc2eecc;
+ S->h[3]=0x236cb48c;
+ S->h[4]=0x15f7a368;
+ S->h[5]=0x4fe6923e;
+ S->h[6]=0x04fad360;
+ S->h[7]=0x76aeea3a;
+ S->t[0]=512;
+ S->t[1]=S->buflen=S->nullt=0;
+ S->s[0]=S->s[1]=S->s[2]=S->s[3] =0;
+}
+
+
+void blake256_update( state *S, const u8 *data, u64 datalen ) {
+
+ int left=S->buflen >> 3;
+ int fill=64 - left;
+
+ if( left && ( ((datalen >> 3) & 0x3F) >= fill ) ) {
+ memcpy( (void*) (S->buf + left), (void*) data, fill );
+ S->t[0] += 512;
+ if (S->t[0] == 0) S->t[1]++;
+ blake256_compress( S, S->buf );
+ data += fill;
+ datalen -= (fill << 3);
+ left = 0;
+ }
+
+ while( datalen >= 512 ) {
+ S->t[0] += 512;
+ if (S->t[0] == 0) S->t[1]++;
+ blake256_compress( S, data );
+ data += 64;
+ datalen -= 512;
+ }
+
+ if( datalen > 0 ) {
+ memcpy( (void*) (S->buf + left), (void*) data, datalen>>3 );
+ S->buflen = (left<<3) + datalen;
+ }
+ else S->buflen=0;
+}
+
+
+void blake256_final( state *S, u8 *digest ) {
+
+ u8 msglen[8], zo=0x01, oo=0x81;
+ u32 lo=S->t[0] + S->buflen, hi=S->t[1];
+ if ( lo < S->buflen ) hi++;
+ U32TO8( msglen + 0, hi );
+ U32TO8( msglen + 4, lo );
+
+ if ( S->buflen == 440 ) { /* one padding byte */
+ S->t[0] -= 8;
+ blake256_update( S, &oo, 8 );
+ }
+ else {
+ if ( S->buflen < 440 ) { /* enough space to fill the block */
+ if ( !S->buflen ) S->nullt=1;
+ S->t[0] -= 440 - S->buflen;
+ blake256_update( S, padding, 440 - S->buflen );
+ }
+ else { /* need 2 compressions */
+ S->t[0] -= 512 - S->buflen;
+ blake256_update( S, padding, 512 - S->buflen );
+ S->t[0] -= 440;
+ blake256_update( S, padding+1, 440 );
+ S->nullt = 1;
+ }
+ blake256_update( S, &zo, 8 );
+ S->t[0] -= 8;
+ }
+ S->t[0] -= 64;
+ blake256_update( S, msglen, 64 );
+
+ U32TO8( digest + 0, S->h[0]);
+ U32TO8( digest + 4, S->h[1]);
+ U32TO8( digest + 8, S->h[2]);
+ U32TO8( digest +12, S->h[3]);
+ U32TO8( digest +16, S->h[4]);
+ U32TO8( digest +20, S->h[5]);
+ U32TO8( digest +24, S->h[6]);
+ U32TO8( digest +28, S->h[7]);
+}
+
+
+int crypto_hash( unsigned char *out, const unsigned char *in, unsigned long long inlen )
+{
+ state S0;
+ state S1;
+ unsigned char out0[crypto_hash_BYTES];
+ unsigned char out1[crypto_hash_BYTES];
+
+ blake256_init0(&S0);
+ blake256_init1(&S1);
+ while (inlen >= 128) {
+ if (!(S0.t[0] += 512)) ++S0.t[1];
+ if (!(S1.t[0] += 512)) ++S1.t[1];
+ blake256_compress2(&S0,in,&S1,in + 64);
+ in += 128;
+ inlen -= 128;
+ }
+ if (inlen >= 64) {
+ blake256_update(&S0,in,64*8); in += 64; inlen -= 64;
+ blake256_update(&S1,in,inlen*8);
+ } else {
+ blake256_update(&S0,in,inlen*8);
+ }
+ blake256_final(&S0,out0);
+ blake256_final(&S1,out1);
+
+ blake256_init(&S0);
+ blake256_update(&S0,out0,crypto_hash_BYTES*8);
+ blake256_update(&S0,out1,crypto_hash_BYTES*8);
+ blake256_final(&S0,out);
+
+ return 0;
+}
View
1 crypto_hash/bblake256/ssse3/implementors
@@ -0,0 +1 @@
+based on: bblake256/sse2, blake256/ssse3
View
3 crypto_hash/keccak/inplace32bi-armv7m/architectures
@@ -1,2 +1 @@
-arm
-armeabi
+thumb
View
3 crypto_hash/keccakc1024/inplace32bi-armv7m/architectures
@@ -1,2 +1 @@
-arm
-armeabi
+thumb
View
3 crypto_hash/keccakc256/inplace32bi-armv7m/architectures
@@ -1,2 +1 @@
-arm
-armeabi
+thumb
View
3 crypto_hash/keccakc448/inplace32bi-armv7m/architectures
@@ -1,2 +1 @@
-arm
-armeabi
+thumb
View
3 crypto_hash/keccakc512/inplace32bi-armv7m/architectures
@@ -1,2 +1 @@
-arm
-armeabi
+thumb
View
3 crypto_hash/keccakc768/inplace32bi-armv7m/architectures
@@ -1,2 +1 @@
-arm
-armeabi
+thumb
View
41 crypto_sign/ed25519/ref10/Makefile
@@ -0,0 +1,41 @@
+all: d.h d2.h sqrtm1.h base.h base2.h \
+ge_add.h ge_sub.h \
+ge_madd.h ge_msub.h \
+ge_p2_dbl.h \
+pow225521.h pow22523.h
+
+d.h: d.py
+ python d.py > d.h
+
+d2.h: d2.py
+ python d2.py > d2.h
+
+sqrtm1.h: sqrtm1.py
+ python sqrtm1.py > sqrtm1.h
+
+base.h: base.py
+ python base.py > base.h
+
+base2.h: base2.py
+ python base2.py > base2.h
+
+ge_add.h: ge_add.q q2h.sh
+ ./q2h.sh < ge_add.q > ge_add.h
+
+ge_sub.h: ge_sub.q q2h.sh
+ ./q2h.sh < ge_sub.q > ge_sub.h
+
+ge_madd.h: ge_madd.q q2h.sh
+ ./q2h.sh < ge_madd.q > ge_madd.h
+
+ge_msub.h: ge_msub.q q2h.sh
+ ./q2h.sh < ge_msub.q > ge_msub.h
+
+ge_p2_dbl.h: ge_p2_dbl.q q2h.sh
+ ./q2h.sh < ge_p2_dbl.q > ge_p2_dbl.h
+
+pow22523.h: pow22523.q q2h.sh
+ ./q2h.sh < pow22523.q > pow22523.h
+
+pow225521.h: pow225521.q q2h.sh
+ ./q2h.sh < pow225521.q > pow225521.h
View
3 crypto_sign/ed25519/ref10/api.h
@@ -0,0 +1,3 @@
+#define CRYPTO_SECRETKEYBYTES 64
+#define CRYPTO_PUBLICKEYBYTES 32
+#define CRYPTO_BYTES 64
View
1,344 crypto_sign/ed25519/ref10/base.h
@@ -0,0 +1,1344 @@
+{
+ {
+ { 25967493,-14356035,29566456,3660896,-12694345,4014787,27544626,-11754271,-6079156,2047605 },
+ { -12545711,934262,-2722910,3049990,-727428,9406986,12720692,5043384,19500929,-15469378 },
+ { -8738181,4489570,9688441,-14785194,10184609,-12363380,29287919,11864899,-24514362,-4438546 },
+ },
+ {
+ { -12815894,-12976347,-21581243,11784320,-25355658,-2750717,-11717903,-3814571,-358445,-10211303 },
+ { -21703237,6903825,27185491,6451973,-29577724,-9554005,-15616551,11189268,-26829678,-5319081 },
+ { 26966642,11152617,32442495,15396054,14353839,-12752335,-3128826,-9541118,-15472047,-4166697 },
+ },
+ {
+ { 15636291,-9688557,24204773,-7912398,616977,-16685262,27787600,-14772189,28944400,-1550024 },
+ { 16568933,4717097,-11556148,-1102322,15682896,-11807043,16354577,-11775962,7689662,11199574 },
+ { 30464156,-5976125,-11779434,-15670865,23220365,15915852,7512774,10017326,-17749093,-9920357 },
+ },
+ {
+ { -17036878,13921892,10945806,-6033431,27105052,-16084379,-28926210,15006023,3284568,-6276540 },
+ { 23599295,-8306047,-11193664,-7687416,13236774,10506355,7464579,9656445,13059162,10374397 },
+ { 7798556,16710257,3033922,2874086,28997861,2835604,32406664,-3839045,-641708,-101325 },
+ },
+ {
+ { 10861363,11473154,27284546,1981175,-30064349,12577861,32867885,14515107,-15438304,10819380 },
+ { 4708026,6336745,20377586,9066809,-11272109,6594696,-25653668,12483688,-12668491,5581306 },
+ { 19563160,16186464,-29386857,4097519,10237984,-4348115,28542350,13850243,-23678021,-15815942 },
+ },
+ {
+ { -15371964,-12862754,32573250,4720197,-26436522,5875511,-19188627,-15224819,-9818940,-12085777 },
+ { -8549212,109983,15149363,2178705,22900618,4543417,3044240,-15689887,1762328,14866737 },
+ { -18199695,-15951423,-10473290,1707278,-17185920,3916101,-28236412,3959421,27914454,4383652 },
+ },
+ {
+ { 5153746,9909285,1723747,-2777874,30523605,5516873,19480852,5230134,-23952439,-15175766 },
+ { -30269007,-3463509,7665486,10083793,28475525,1649722,20654025,16520125,30598449,7715701 },
+ { 28881845,14381568,9657904,3680757,-20181635,7843316,-31400660,1370708,29794553,-1409300 },
+ },
+ {
+ { 14499471,-2729599,-33191113,-4254652,28494862,14271267,30290735,10876454,-33154098,2381726 },
+ { -7195431,-2655363,-14730155,462251,-27724326,3941372,-6236617,3696005,-32300832,15351955 },
+ { 27431194,8222322,16448760,-3907995,-18707002,11938355,-32961401,-2970515,29551813,10109425 },
+ },
+},
+{
+ {
+ { -13657040,-13155431,-31283750,11777098,21447386,6519384,-2378284,-1627556,10092783,-4764171 },
+ { 27939166,14210322,4677035,16277044,-22964462,-12398139,-32508754,12005538,-17810127,12803510 },
+ { 17228999,-15661624,-1233527,300140,-1224870,-11714777,30364213,-9038194,18016357,4397660 },
+ },
+ {
+ { -10958843,-7690207,4776341,-14954238,27850028,-15602212,-26619106,14544525,-17477504,982639 },
+ { 29253598,15796703,-2863982,-9908884,10057023,3163536,7332899,-4120128,-21047696,9934963 },
+ { 5793303,16271923,-24131614,-10116404,29188560,1206517,-14747930,4559895,-30123922,-10897950 },
+ },
+ {
+ { -27643952,-11493006,16282657,-11036493,28414021,-15012264,24191034,4541697,-13338309,5500568 },
+ { 12650548,-1497113,9052871,11355358,-17680037,-8400164,-17430592,12264343,10874051,13524335 },
+ { 25556948,-3045990,714651,2510400,23394682,-10415330,33119038,5080568,-22528059,5376628 },
+ },
+ {
+ { -26088264,-4011052,-17013699,-3537628,-6726793,1920897,-22321305,-9447443,4535768,1569007 },
+ { -2255422,14606630,-21692440,-8039818,28430649,8775819,-30494562,3044290,31848280,12543772 },
+ { -22028579,2943893,-31857513,6777306,13784462,-4292203,-27377195,-2062731,7718482,14474653 },
+ },
+ {
+ { 2385315,2454213,-22631320,46603,-4437935,-15680415,656965,-7236665,24316168,-5253567 },
+ { 13741529,10911568,-33233417,-8603737,-20177830,-1033297,33040651,-13424532,-20729456,8321686 },
+ { 21060490,-2212744,15712757,-4336099,1639040,10656336,23845965,-11874838,-9984458,608372 },
+ },
+ {
+ { -13672732,-15087586,-10889693,-7557059,-6036909,11305547,1123968,-6780577,27229399,23887 },
+ { -23244140,-294205,-11744728,14712571,-29465699,-2029617,12797024,-6440308,-1633405,16678954 },
+ { -29500620,4770662,-16054387,14001338,7830047,9564805,-1508144,-4795045,-17169265,4904953 },
+ },
+ {
+ { 24059557,14617003,19037157,-15039908,19766093,-14906429,5169211,16191880,2128236,-4326833 },
+ { -16981152,4124966,-8540610,-10653797,30336522,-14105247,-29806336,916033,-6882542,-2986532 },
+ { -22630907,12419372,-7134229,-7473371,-16478904,16739175,285431,2763829,15736322,4143876 },
+ },
+ {
+ { 2379352,11839345,-4110402,-5988665,11274298,794957,212801,-14594663,23527084,-16458268 },
+ { 33431127,-11130478,-17838966,-15626900,8909499,8376530,-32625340,4087881,-15188911,-14416214 },
+ { 1767683,7197987,-13205226,-2022635,-13091350,448826,5799055,4357868,-4774191,-16323038 },
+ },
+},
+{
+ {
+ { 6721966,13833823,-23523388,-1551314,26354293,-11863321,23365147,-3949732,7390890,2759800 },
+ { 4409041,2052381,23373853,10530217,7676779,-12885954,21302353,-4264057,1244380,-12919645 },
+ { -4421239,7169619,4982368,-2957590,30256825,-2777540,14086413,9208236,15886429,16489664 },
+ },
+ {
+ { 1996075,10375649,14346367,13311202,-6874135,-16438411,-13693198,398369,-30606455,-712933 },
+ { -25307465,9795880,-2777414,14878809,-33531835,14780363,13348553,12076947,-30836462,5113182 },
+ { -17770784,11797796,31950843,13929123,-25888302,12288344,-30341101,-7336386,13847711,5387222 },
+ },
+ {
+ { -18582163,-3416217,17824843,-2340966,22744343,-10442611,8763061,3617786,-19600662,10370991 },
+ { 20246567,-14369378,22358229,-543712,18507283,-10413996,14554437,-8746092,32232924,16763880 },
+ { 9648505,10094563,26416693,14745928,-30374318,-6472621,11094161,15689506,3140038,-16510092 },
+ },
+ {
+ { -16160072,5472695,31895588,4744994,8823515,10365685,-27224800,9448613,-28774454,366295 },
+ { 19153450,11523972,-11096490,-6503142,-24647631,5420647,28344573,8041113,719605,11671788 },
+ { 8678025,2694440,-6808014,2517372,4964326,11152271,-15432916,-15266516,27000813,-10195553 },
+ },
+ {
+ { -15157904,7134312,8639287,-2814877,-7235688,10421742,564065,5336097,6750977,-14521026 },
+ { 11836410,-3979488,26297894,16080799,23455045,15735944,1695823,-8819122,8169720,16220347 },
+ { -18115838,8653647,17578566,-6092619,-8025777,-16012763,-11144307,-2627664,-5990708,-14166033 },
+ },
+ {
+ { -23308498,-10968312,15213228,-10081214,-30853605,-11050004,27884329,2847284,2655861,1738395 },
+ { -27537433,-14253021,-25336301,-8002780,-9370762,8129821,21651608,-3239336,-19087449,-11005278 },
+ { 1533110,3437855,23735889,459276,29970501,11335377,26030092,5821408,10478196,8544890 },
+ },
+ {
+ { 32173121,-16129311,24896207,3921497,22579056,-3410854,19270449,12217473,17789017,-3395995 },
+ { -30552961,-2228401,-15578829,-10147201,13243889,517024,15479401,-3853233,30460520,1052596 },
+ { -11614875,13323618,32618793,8175907,-15230173,12596687,27491595,-4612359,3179268,-9478891 },
+ },
+ {
+ { 31947069,-14366651,-4640583,-15339921,-15125977,-6039709,-14756777,-16411740,19072640,-9511060 },
+ { 11685058,11822410,3158003,-13952594,33402194,-4165066,5977896,-5215017,473099,5040608 },
+ { -20290863,8198642,-27410132,11602123,1290375,-2799760,28326862,1721092,-19558642,-3131606 },
+ },
+},
+{
+ {
+ { 7881532,10687937,7578723,7738378,-18951012,-2553952,21820786,8076149,-27868496,11538389 },
+ { -19935666,3899861,18283497,-6801568,-15728660,-11249211,8754525,7446702,-5676054,5797016 },
+ { -11295600,-3793569,-15782110,-7964573,12708869,-8456199,2014099,-9050574,-2369172,-5877341 },
+ },
+ {
+ { -22472376,-11568741,-27682020,1146375,18956691,16640559,1192730,-3714199,15123619,10811505 },
+ { 14352098,-3419715,-18942044,10822655,32750596,4699007,-70363,15776356,-28886779,-11974553 },
+ { -28241164,-8072475,-4978962,-5315317,29416931,1847569,-20654173,-16484855,4714547,-9600655 },
+ },
+ {
+ { 15200332,8368572,19679101,15970074,-31872674,1959451,24611599,-4543832,-11745876,12340220 },
+ { 12876937,-10480056,33134381,6590940,-6307776,14872440,9613953,8241152,15370987,9608631 },
+ { -4143277,-12014408,8446281,-391603,4407738,13629032,-7724868,15866074,-28210621,-8814099 },
+ },
+ {
+ { 26660628,-15677655,8393734,358047,-7401291,992988,-23904233,858697,20571223,8420556 },
+ { 14620715,13067227,-15447274,8264467,14106269,15080814,33531827,12516406,-21574435,-12476749 },
+ { 236881,10476226,57258,-14677024,6472998,2466984,17258519,7256740,8791136,15069930 },
+ },
+ {
+ { 1276410,-9371918,22949635,-16322807,-23493039,-5702186,14711875,4874229,-30663140,-2331391 },
+ { 5855666,4990204,-13711848,7294284,-7804282,1924647,-1423175,-7912378,-33069337,9234253 },
+ { 20590503,-9018988,31529744,-7352666,-2706834,10650548,31559055,-11609587,18979186,13396066 },
+ },
+ {
+ { 24474287,4968103,22267082,4407354,24063882,-8325180,-18816887,13594782,33514650,7021958 },
+ { -11566906,-6565505,-21365085,15928892,-26158305,4315421,-25948728,-3916677,-21480480,12868082 },
+ { -28635013,13504661,19988037,-2132761,21078225,6443208,-21446107,2244500,-12455797,-8089383 },
+ },
+ {
+ { -30595528,13793479,-5852820,319136,-25723172,-6263899,33086546,8957937,-15233648,5540521 },
+ { -11630176,-11503902,-8119500,-7643073,2620056,1022908,-23710744,-1568984,-16128528,-14962807 },
+ { 23152971,775386,27395463,14006635,-9701118,4649512,1689819,892185,-11513277,-15205948 },
+ },
+ {
+ { 9770129,9586738,26496094,4324120,1556511,-3550024,27453819,4763127,-19179614,5867134 },
+ { -32765025,1927590,31726409,-4753295,23962434,-16019500,27846559,5931263,-29749703,-16108455 },
+ { 27461885,-2977536,22380810,1815854,-23033753,-3031938,7283490,-15148073,-19526700,7734629 },
+ },
+},
+{
+ {
+ { -8010264,-9590817,-11120403,6196038,29344158,-13430885,7585295,-3176626,18549497,15302069 },
+ { -32658337,-6171222,-7672793,-11051681,6258878,13504381,10458790,-6418461,-8872242,8424746 },
+ { 24687205,8613276,-30667046,-3233545,1863892,-1830544,19206234,7134917,-11284482,-828919 },
+ },
+ {
+ { 11334899,-9218022,8025293,12707519,17523892,-10476071,10243738,-14685461,-5066034,16498837 },
+ { 8911542,6887158,-9584260,-6958590,11145641,-9543680,17303925,-14124238,6536641,10543906 },
+ { -28946384,15479763,-17466835,568876,-1497683,11223454,-2669190,-16625574,-27235709,8876771 },
+ },
+ {
+ { -25742899,-12566864,-15649966,-846607,-33026686,-796288,-33481822,15824474,-604426,-9039817 },
+ { 10330056,70051,7957388,-9002667,9764902,15609756,27698697,-4890037,1657394,3084098 },
+ { 10477963,-7470260,12119566,-13250805,29016247,-5365589,31280319,14396151,-30233575,15272409 },
+ },
+ {
+ { -12288309,3169463,28813183,16658753,25116432,-5630466,-25173957,-12636138,-25014757,1950504 },
+ { -26180358,9489187,11053416,-14746161,-31053720,5825630,-8384306,-8767532,15341279,8373727 },
+ { 28685821,7759505,-14378516,-12002860,-31971820,4079242,298136,-10232602,-2878207,15190420 },
+ },
+ {
+ { -32932876,13806336,-14337485,-15794431,-24004620,10940928,8669718,2742393,-26033313,-6875003 },
+ { -1580388,-11729417,-25979658,-11445023,-17411874,-10912854,9291594,-16247779,-12154742,6048605 },
+ { -30305315,14843444,1539301,11864366,20201677,1900163,13934231,5128323,11213262,9168384 },
+ },
+ {
+ { -26280513,11007847,19408960,-940758,-18592965,-4328580,-5088060,-11105150,20470157,-16398701 },
+ { -23136053,9282192,14855179,-15390078,-7362815,-14408560,-22783952,14461608,14042978,5230683 },
+ { 29969567,-2741594,-16711867,-8552442,9175486,-2468974,21556951,3506042,-5933891,-12449708 },
+ },
+ {
+ { -3144746,8744661,19704003,4581278,-20430686,6830683,-21284170,8971513,-28539189,15326563 },
+ { -19464629,10110288,-17262528,-3503892,-23500387,1355669,-15523050,15300988,-20514118,9168260 },
+ { -5353335,4488613,-23803248,16314347,7780487,-15638939,-28948358,9601605,33087103,-9011387 },
+ },
+ {
+ { -19443170,-15512900,-20797467,-12445323,-29824447,10229461,-27444329,-15000531,-5996870,15664672 },
+ { 23294591,-16632613,-22650781,-8470978,27844204,11461195,13099750,-2460356,18151676,13417686 },
+ { -24722913,-4176517,-31150679,5988919,-26858785,6685065,1661597,-12551441,15271676,-15452665 },
+ },
+},
+{
+ {
+ { 11433042,-13228665,8239631,-5279517,-1985436,-725718,-18698764,2167544,-6921301,-13440182 },
+ { -31436171,15575146,30436815,12192228,-22463353,9395379,-9917708,-8638997,12215110,12028277 },
+ { 14098400,6555944,23007258,5757252,-15427832,-12950502,30123440,4617780,-16900089,-655628 },
+ },
+ {
+ { -4026201,-15240835,11893168,13718664,-14809462,1847385,-15819999,10154009,23973261,-12684474 },
+ { -26531820,-3695990,-1908898,2534301,-31870557,-16550355,18341390,-11419951,32013174,-10103539 },
+ { -25479301,10876443,-11771086,-14625140,-12369567,1838104,21911214,6354752,4425632,-837822 },
+ },
+ {
+ { -10433389,-14612966,22229858,-3091047,-13191166,776729,-17415375,-12020462,4725005,14044970 },
+ { 19268650,-7304421,1555349,8692754,-21474059,-9910664,6347390,-1411784,-19522291,-16109756 },
+ { -24864089,12986008,-10898878,-5558584,-11312371,-148526,19541418,8180106,9282262,10282508 },
+ },
+ {
+ { -26205082,4428547,-8661196,-13194263,4098402,-14165257,15522535,8372215,5542595,-10702683 },
+ { -10562541,14895633,26814552,-16673850,-17480754,-2489360,-2781891,6993761,-18093885,10114655 },
+ { -20107055,-929418,31422704,10427861,-7110749,6150669,-29091755,-11529146,25953725,-106158 },
+ },
+ {
+ { -4234397,-8039292,-9119125,3046000,2101609,-12607294,19390020,6094296,-3315279,12831125 },
+ { -15998678,7578152,5310217,14408357,-33548620,-224739,31575954,6326196,7381791,-2421839 },
+ { -20902779,3296811,24736065,-16328389,18374254,7318640,6295303,8082724,-15362489,12339664 },
+ },
+ {
+ { 27724736,2291157,6088201,-14184798,1792727,5857634,13848414,15768922,25091167,14856294 },
+ { -18866652,8331043,24373479,8541013,-701998,-9269457,12927300,-12695493,-22182473,-9012899 },
+ { -11423429,-5421590,11632845,3405020,30536730,-11674039,-27260765,13866390,30146206,9142070 },
+ },
+ {
+ { 3924129,-15307516,-13817122,-10054960,12291820,-668366,-27702774,9326384,-8237858,4171294 },
+ { -15921940,16037937,6713787,16606682,-21612135,2790944,26396185,3731949,345228,-5462949 },
+ { -21327538,13448259,25284571,1143661,20614966,-8849387,2031539,-12391231,-16253183,-13582083 },
+ },
+ {
+ { 31016211,-16722429,26371392,-14451233,-5027349,14854137,17477601,3842657,28012650,-16405420 },
+ { -5075835,9368966,-8562079,-4600902,-15249953,6970560,-9189873,16292057,-8867157,3507940 },
+ { 29439664,3537914,23333589,6997794,-17555561,-11018068,-15209202,-15051267,-9164929,6580396 },
+ },
+},
+{
+ {
+ { -12185861,-7679788,16438269,10826160,-8696817,-6235611,17860444,-9273846,-2095802,9304567 },
+ { 20714564,-4336911,29088195,7406487,11426967,-5095705,14792667,-14608617,5289421,-477127 },
+ { -16665533,-10650790,-6160345,-13305760,9192020,-1802462,17271490,12349094,26939669,-3752294 },
+ },
+ {
+ { -12889898,9373458,31595848,16374215,21471720,13221525,-27283495,-12348559,-3698806,117887 },
+ { 22263325,-6560050,3984570,-11174646,-15114008,-566785,28311253,5358056,-23319780,541964 },
+ { 16259219,3261970,2309254,-15534474,-16885711,-4581916,24134070,-16705829,-13337066,-13552195 },
+ },
+ {
+ { 9378160,-13140186,-22845982,-12745264,28198281,-7244098,-2399684,-717351,690426,14876244 },
+ { 24977353,-314384,-8223969,-13465086,28432343,-1176353,-13068804,-12297348,-22380984,6618999 },
+ { -1538174,11685646,12944378,13682314,-24389511,-14413193,8044829,-13817328,32239829,-5652762 },
+ },
+ {
+ { -18603066,4762990,-926250,8885304,-28412480,-3187315,9781647,-10350059,32779359,5095274 },
+ { -33008130,-5214506,-32264887,-3685216,9460461,-9327423,-24601656,14506724,21639561,-2630236 },
+ { -16400943,-13112215,25239338,15531969,3987758,-4499318,-1289502,-6863535,17874574,558605 },
+ },
+ {
+ { -13600129,10240081,9171883,16131053,-20869254,9599700,33499487,5080151,2085892,5119761 },
+ { -22205145,-2519528,-16381601,414691,-25019550,2170430,30634760,-8363614,-31999993,-5759884 },
+ { -6845704,15791202,8550074,-1312654,29928809,-12092256,27534430,-7192145,-22351378,12961482 },
+ },
+ {
+ { -24492060,-9570771,10368194,11582341,-23397293,-2245287,16533930,8206996,-30194652,-5159638 },
+ { -11121496,-3382234,2307366,6362031,-135455,8868177,-16835630,7031275,7589640,8945490 },
+ { -32152748,8917967,6661220,-11677616,-1192060,-15793393,7251489,-11182180,24099109,-14456170 },
+ },
+ {
+ { 5019558,-7907470,4244127,-14714356,-26933272,6453165,-19118182,-13289025,-6231896,-10280736 },
+ { 10853594,10721687,26480089,5861829,-22995819,1972175,-1866647,-10557898,-3363451,-6441124 },
+ { -17002408,5906790,221599,-6563147,7828208,-13248918,24362661,-2008168,-13866408,7421392 },
+ },
+ {
+ { 8139927,-6546497,32257646,-5890546,30375719,1886181,-21175108,15441252,28826358,-4123029 },
+ { 6267086,9695052,7709135,-16603597,-32869068,-1886135,14795160,-7840124,13746021,-1742048 },
+ { 28584902,7787108,-6732942,-15050729,22846041,-7571236,-3181936,-363524,4771362,-8419958 },
+ },
+},
+{
+ {
+ { 24949256,6376279,-27466481,-8174608,-18646154,-9930606,33543569,-12141695,3569627,11342593 },
+ { 26514989,4740088,27912651,3697550,19331575,-11472339,6809886,4608608,7325975,-14801071 },
+ { -11618399,-14554430,-24321212,7655128,-1369274,5214312,-27400540,10258390,-17646694,-8186692 },
+ },
+ {
+ { 11431204,15823007,26570245,14329124,18029990,4796082,-31446179,15580664,9280358,-3973687 },
+ { -160783,-10326257,-22855316,-4304997,-20861367,-13621002,-32810901,-11181622,-15545091,4387441 },
+ { -20799378,12194512,3937617,-5805892,-27154820,9340370,-24513992,8548137,20617071,-7482001 },
+ },
+ {
+ { -938825,-3930586,-8714311,16124718,24603125,-6225393,-13775352,-11875822,24345683,10325460 },
+ { -19855277,-1568885,-22202708,8714034,14007766,6928528,16318175,-1010689,4766743,3552007 },
+ { -21751364,-16730916,1351763,-803421,-4009670,3950935,3217514,14481909,10988822,-3994762 },
+ },
+ {
+ { 15564307,-14311570,3101243,5684148,30446780,-8051356,12677127,-6505343,-8295852,13296005 },
+ { -9442290,6624296,-30298964,-11913677,-4670981,-2057379,31521204,9614054,-30000824,12074674 },
+ { 4771191,-135239,14290749,-13089852,27992298,14998318,-1413936,-1556716,29832613,-16391035 },
+ },
+ {
+ { 7064884,-7541174,-19161962,-5067537,-18891269,-2912736,25825242,5293297,-27122660,13101590 },
+ { -2298563,2439670,-7466610,1719965,-27267541,-16328445,32512469,-5317593,-30356070,-4190957 },
+ { -30006540,10162316,-33180176,3981723,-16482138,-13070044,14413974,9515896,19568978,9628812 },
+ },
+ {
+ { 33053803,199357,15894591,1583059,27380243,-4580435,-17838894,-6106839,-6291786,3437740 },
+ { -18978877,3884493,19469877,12726490,15913552,13614290,-22961733,70104,7463304,4176122 },
+ { -27124001,10659917,11482427,-16070381,12771467,-6635117,-32719404,-5322751,24216882,5944158 },
+ },
+ {
+ { 8894125,7450974,-2664149,-9765752,-28080517,-12389115,19345746,14680796,11632993,5847885 },
+ { 26942781,-2315317,9129564,-4906607,26024105,11769399,-11518837,6367194,-9727230,4782140 },
+ { 19916461,-4828410,-22910704,-11414391,25606324,-5972441,33253853,8220911,6358847,-1873857 },
+ },
+ {
+ { 801428,-2081702,16569428,11065167,29875704,96627,7908388,-4480480,-13538503,1387155 },
+ { 19646058,5720633,-11416706,12814209,11607948,12749789,14147075,15156355,-21866831,11835260 },
+ { 19299512,1155910,28703737,14890794,2925026,7269399,26121523,15467869,-26560550,5052483 },
+ },
+},
+{
+ {
+ { -3017432,10058206,1980837,3964243,22160966,12322533,-6431123,-12618185,12228557,-7003677 },
+ { 32944382,14922211,-22844894,5188528,21913450,-8719943,4001465,13238564,-6114803,8653815 },
+ { 22865569,-4652735,27603668,-12545395,14348958,8234005,24808405,5719875,28483275,2841751 },
+ },
+ {
+ { -16420968,-1113305,-327719,-12107856,21886282,-15552774,-1887966,-315658,19932058,-12739203 },
+ { -11656086,10087521,-8864888,-5536143,-19278573,-3055912,3999228,13239134,-4777469,-13910208 },
+ { 1382174,-11694719,17266790,9194690,-13324356,9720081,20403944,11284705,-14013818,3093230 },
+ },
+ {
+ { 16650921,-11037932,-1064178,1570629,-8329746,7352753,-302424,16271225,-24049421,-6691850 },
+ { -21911077,-5927941,-4611316,-5560156,-31744103,-10785293,24123614,15193618,-21652117,-16739389 },
+ { -9935934,-4289447,-25279823,4372842,2087473,10399484,31870908,14690798,17361620,11864968 },
+ },
+ {
+ { -11307610,6210372,13206574,5806320,-29017692,-13967200,-12331205,-7486601,-25578460,-16240689 },
+ { 14668462,-12270235,26039039,15305210,25515617,4542480,10453892,6577524,9145645,-6443880 },
+ { 5974874,3053895,-9433049,-10385191,-31865124,3225009,-7972642,3936128,-5652273,-3050304 },
+ },
+ {
+ { 30625386,-4729400,-25555961,-12792866,-20484575,7695099,17097188,-16303496,-27999779,1803632 },
+ { -3553091,9865099,-5228566,4272701,-5673832,-16689700,14911344,12196514,-21405489,7047412 },
+ { 20093277,9920966,-11138194,-5343857,13161587,12044805,-32856851,4124601,-32343828,-10257566 },
+ },
+ {
+ { -20788824,14084654,-13531713,7842147,19119038,-13822605,4752377,-8714640,-21679658,2288038 },
+ { -26819236,-3283715,29965059,3039786,-14473765,2540457,29457502,14625692,-24819617,12570232 },
+ { -1063558,-11551823,16920318,12494842,1278292,-5869109,-21159943,-3498680,-11974704,4724943 },
+ },
+ {
+ { 17960970,-11775534,-4140968,-9702530,-8876562,-1410617,-12907383,-8659932,-29576300,1903856 },
+ { 23134274,-14279132,-10681997,-1611936,20684485,15770816,-12989750,3190296,26955097,14109738 },
+ { 15308788,5320727,-30113809,-14318877,22902008,7767164,29425325,-11277562,31960942,11934971 },
+ },
+ {
+ { -27395711,8435796,4109644,12222639,-24627868,14818669,20638173,4875028,10491392,1379718 },
+ { -13159415,9197841,3875503,-8936108,-1383712,-5879801,33518459,16176658,21432314,12180697 },
+ { -11787308,11500838,13787581,-13832590,-22430679,10140205,1465425,12689540,-10301319,-13872883 },
+ },
+},
+{
+ {
+ { 5414091,-15386041,-21007664,9643570,12834970,1186149,-2622916,-1342231,26128231,6032912 },
+ { -26337395,-13766162,32496025,-13653919,17847801,-12669156,3604025,8316894,-25875034,-10437358 },
+ { 3296484,6223048,24680646,-12246460,-23052020,5903205,-8862297,-4639164,12376617,3188849 },
+ },
+ {
+ { 29190488,-14659046,27549113,-1183516,3520066,-10697301,32049515,-7309113,-16109234,-9852307 },
+ { -14744486,-9309156,735818,-598978,-20407687,-5057904,25246078,-15795669,18640741,-960977 },
+ { -6928835,-16430795,10361374,5642961,4910474,12345252,-31638386,-494430,10530747,1053335 },
+ },
+ {
+ { -29265967,-14186805,-13538216,-12117373,-19457059,-10655384,-31462369,-2948985,24018831,15026644 },
+ { -22592535,-3145277,-2289276,5953843,-13440189,9425631,25310643,13003497,-2314791,-15145616 },
+ { -27419985,-603321,-8043984,-1669117,-26092265,13987819,-27297622,187899,-23166419,-2531735 },
+ },
+ {
+ { -21744398,-13810475,1844840,5021428,-10434399,-15911473,9716667,16266922,-5070217,726099 },
+ { 29370922,-6053998,7334071,-15342259,9385287,2247707,-13661962,-4839461,30007388,-15823341 },
+ { -936379,16086691,23751945,-543318,-1167538,-5189036,9137109,730663,9835848,4555336 },
+ },
+ {
+ { -23376435,1410446,-22253753,-12899614,30867635,15826977,17693930,544696,-11985298,12422646 },
+ { 31117226,-12215734,-13502838,6561947,-9876867,-12757670,-5118685,-4096706,29120153,13924425 },
+ { -17400879,-14233209,19675799,-2734756,-11006962,-5858820,-9383939,-11317700,7240931,-237388 },
+ },
+ {
+ { -31361739,-11346780,-15007447,-5856218,-22453340,-12152771,1222336,4389483,3293637,-15551743 },
+ { -16684801,-14444245,11038544,11054958,-13801175,-3338533,-24319580,7733547,12796905,-6335822 },
+ { -8759414,-10817836,-25418864,10783769,-30615557,-9746811,-28253339,3647836,3222231,-11160462 },
+ },
+ {
+ { 18606113,1693100,-25448386,-15170272,4112353,10045021,23603893,-2048234,-7550776,2484985 },
+ { 9255317,-3131197,-12156162,-1004256,13098013,-9214866,16377220,-2102812,-19802075,-3034702 },
+ { -22729289,7496160,-5742199,11329249,19991973,-3347502,-31718148,9936966,-30097688,-10618797 },
+ },
+ {
+ { 21878590,-5001297,4338336,13643897,-3036865,13160960,19708896,5415497,-7360503,-4109293 },
+ { 27736861,10103576,12500508,8502413,-3413016,-9633558,10436918,-1550276,-23659143,-8132100 },
+ { 19492550,-12104365,-29681976,-852630,-3208171,12403437,30066266,8367329,13243957,8709688 },
+ },
+},
+{
+ {
+ { 12015105,2801261,28198131,10151021,24818120,-4743133,-11194191,-5645734,5150968,7274186 },
+ { 2831366,-12492146,1478975,6122054,23825128,-12733586,31097299,6083058,31021603,-9793610 },
+ { -2529932,-2229646,445613,10720828,-13849527,-11505937,-23507731,16354465,15067285,-14147707 },
+ },
+ {
+ { 7840942,14037873,-33364863,15934016,-728213,-3642706,21403988,1057586,-19379462,-12403220 },
+ { 915865,-16469274,15608285,-8789130,-24357026,6060030,-17371319,8410997,-7220461,16527025 },
+ { 32922597,-556987,20336074,-16184568,10903705,-5384487,16957574,52992,23834301,6588044 },
+ },
+ {
+ { 32752030,11232950,3381995,-8714866,22652988,-10744103,17159699,16689107,-20314580,-1305992 },
+ { -4689649,9166776,-25710296,-10847306,11576752,12733943,7924251,-2752281,1976123,-7249027 },
+ { 21251222,16309901,-2983015,-6783122,30810597,12967303,156041,-3371252,12331345,-8237197 },
+ },
+ {
+ { 8651614,-4477032,-16085636,-4996994,13002507,2950805,29054427,-5106970,10008136,-4667901 },
+ { 31486080,15114593,-14261250,12951354,14369431,-7387845,16347321,-13662089,8684155,-10532952 },
+ { 19443825,11385320,24468943,-9659068,-23919258,2187569,-26263207,-6086921,31316348,14219878 },
+ },
+ {
+ { -28594490,1193785,32245219,11392485,31092169,15722801,27146014,6992409,29126555,9207390 },
+ { 32382935,1110093,18477781,11028262,-27411763,-7548111,-4980517,10843782,-7957600,-14435730 },
+ { 2814918,7836403,27519878,-7868156,-20894015,-11553689,-21494559,8550130,28346258,1994730 },
+ },
+ {
+ { -19578299,8085545,-14000519,-3948622,2785838,-16231307,-19516951,7174894,22628102,8115180 },
+ { -30405132,955511,-11133838,-15078069,-32447087,-13278079,-25651578,3317160,-9943017,930272 },
+ { -15303681,-6833769,28856490,1357446,23421993,1057177,24091212,-1388970,-22765376,-10650715 },
+ },
+ {
+ { -22751231,-5303997,-12907607,-12768866,-15811511,-7797053,-14839018,-16554220,-1867018,8398970 },
+ { -31969310,2106403,-4736360,1362501,12813763,16200670,22981545,-6291273,18009408,-15772772 },
+ { -17220923,-9545221,-27784654,14166835,29815394,7444469,29551787,-3727419,19288549,1325865 },
+ },
+ {
+ { 15100157,-15835752,-23923978,-1005098,-26450192,15509408,12376730,-3479146,33166107,-8042750 },
+ { 20909231,13023121,-9209752,16251778,-5778415,-8094914,12412151,10018715,2213263,-13878373 },
+ { 32529814,-11074689,30361439,-16689753,-9135940,1513226,22922121,6382134,-5766928,8371348 },
+ },
+},
+{
+ {
+ { 9923462,11271500,12616794,3544722,-29998368,-1721626,12891687,-8193132,-26442943,10486144 },
+ { -22597207,-7012665,8587003,-8257861,4084309,-12970062,361726,2610596,-23921530,-11455195 },
+ { 5408411,-1136691,-4969122,10561668,24145918,14240566,31319731,-4235541,19985175,-3436086 },
+ },
+ {
+ { -13994457,16616821,14549246,3341099,32155958,13648976,-17577068,8849297,65030,8370684 },
+ { -8320926,-12049626,31204563,5839400,-20627288,-1057277,-19442942,6922164,12743482,-9800518 },
+ { -2361371,12678785,28815050,4759974,-23893047,4884717,23783145,11038569,18800704,255233 },
+ },
+ {
+ { -5269658,-1773886,13957886,7990715,23132995,728773,13393847,9066957,19258688,-14753793 },
+ { -2936654,-10827535,-10432089,14516793,-3640786,4372541,-31934921,2209390,-1524053,2055794 },
+ { 580882,16705327,5468415,-2683018,-30926419,-14696000,-7203346,-8994389,-30021019,7394435 },
+ },
+ {
+ { 23838809,1822728,-15738443,15242727,8318092,-3733104,-21672180,-3492205,-4821741,14799921 },
+ { 13345610,9759151,3371034,-16137791,16353039,8577942,31129804,13496856,-9056018,7402518 },