diff -Nru cl-ironclad-0.43/benchmark/benchmark-implementation.lisp cl-ironclad-0.45/benchmark/benchmark-implementation.lisp --- cl-ironclad-0.43/benchmark/benchmark-implementation.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/benchmark/benchmark-implementation.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -77,6 +77,7 @@ (ironclad:gmac 32) (ironclad:hmac 32) (ironclad:poly1305 32) + (ironclad:siphash 16) (ironclad:skein-mac 64))) (key (ironclad:random-data key-length)) (iv (case mac-name diff -Nru cl-ironclad-0.43/debian/changelog cl-ironclad-0.45/debian/changelog --- cl-ironclad-0.43/debian/changelog 2018-10-19 20:17:58.000000000 +0000 +++ cl-ironclad-0.45/debian/changelog 2019-02-21 11:23:45.000000000 +0000 @@ -1,3 +1,28 @@ +cl-ironclad (0.45-1) unstable; urgency=medium + + * New upstream version 0.45 + * Add new Depends on cl-bordeaux-threads + * Add missing Depends on cl-flexi-streams (for ironclad-text) + * Load the ironclad-text system in the autopkgtest + + -- Sébastien Villemot Thu, 21 Feb 2019 12:23:45 +0100 + +cl-ironclad (0.44-2) unstable; urgency=medium + + * d/copyright: fix license name (it's BSD-3-clause, not Expat) + * Bump to debhelper compat level 12 + * Bump to S-V 4.3.0 + + -- Sébastien Villemot Sat, 09 Feb 2019 16:04:27 +0100 + +cl-ironclad (0.44-1) unstable; urgency=medium + + * New upstream release + * Set M-A foreign + * Migrate to new way of specifying debhelper compat level + + -- Sébastien Villemot Sun, 18 Nov 2018 11:23:09 +0100 + cl-ironclad (0.43-1) unstable; urgency=medium * New upstream release diff -Nru cl-ironclad-0.43/debian/compat cl-ironclad-0.45/debian/compat --- cl-ironclad-0.43/debian/compat 2018-10-19 19:17:20.000000000 +0000 +++ cl-ironclad-0.45/debian/compat 1970-01-01 00:00:00.000000000 +0000 @@ -1 +0,0 @@ -11 \ No newline at end of file diff -Nru cl-ironclad-0.43/debian/control cl-ironclad-0.45/debian/control --- cl-ironclad-0.43/debian/control 2018-10-19 20:17:58.000000000 +0000 +++ cl-ironclad-0.45/debian/control 2019-02-21 11:23:45.000000000 +0000 @@ -3,8 +3,8 @@ Priority: optional Maintainer: Debian Common Lisp Team Uploaders: Sébastien Villemot -Build-Depends: debhelper (>= 11) -Standards-Version: 4.2.1 +Build-Depends: debhelper-compat (= 12) +Standards-Version: 4.3.0 Homepage: https://github.com/sharplispers/ironclad Vcs-Git: https://salsa.debian.org/common-lisp-team/cl-ironclad.git Vcs-Browser: https://salsa.debian.org/common-lisp-team/cl-ironclad @@ -12,7 +12,11 @@ Package: cl-ironclad Architecture: all -Depends: ${misc:Depends}, cl-nibbles +Multi-Arch: foreign +Depends: ${misc:Depends}, + cl-nibbles, + cl-bordeaux-threads, + cl-flexi-streams Recommends: cl-rt Description: cryptographic toolkit written in Common Lisp Ironclad is a cryptography library written entirely in Common Lisp. It diff -Nru cl-ironclad-0.43/debian/copyright cl-ironclad-0.45/debian/copyright --- cl-ironclad-0.43/debian/copyright 2018-10-19 20:01:52.000000000 +0000 +++ cl-ironclad-0.45/debian/copyright 2019-02-09 15:01:51.000000000 +0000 @@ -5,11 +5,11 @@ Files: * Copyright: 2004-2008, Nathan Froyd -License: Expat +License: BSD-3-clause Files: src/digests/whirlpool.lisp Copyright: 2009-2012, Nathan Froyd -License: Expat +License: BSD-3-clause Comment: The file contains the original 'All rights reserved.' mention from the C version of the code written by Peter Gijsels, but is a complete new work @@ -21,7 +21,7 @@ Files: src/ciphers/arcfour.lisp Copyright: 2005 Tim Daly Jr -License: Expat +License: BSD-3-clause Files: debian/* Copyright: 2014 Dimitri Fontaine @@ -40,7 +40,7 @@ . 0. You just DO WHAT THE FUCK YOU WANT TO. -License: Expat +License: BSD-3-clause Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: . diff -Nru cl-ironclad-0.43/debian/tests/runtests.lisp cl-ironclad-0.45/debian/tests/runtests.lisp --- cl-ironclad-0.43/debian/tests/runtests.lisp 2018-10-19 20:07:44.000000000 +0000 +++ cl-ironclad-0.45/debian/tests/runtests.lisp 2019-02-21 11:23:45.000000000 +0000 @@ -1,7 +1,8 @@ (require "asdf") (let ((asdf:*user-cache* (uiop:getenv "AUTOPKGTEST_TMP"))) ; Store FASL in some temporary dir - (asdf:load-system "ironclad/tests")) + (asdf:load-system "ironclad/tests") + (asdf:load-system "ironclad-text")) ;; Can't use ASDF:TEST-SYSTEM, its return value is meaningless (unless (rtest:do-tests) diff -Nru cl-ironclad-0.43/doc/ironclad.html cl-ironclad-0.45/doc/ironclad.html --- cl-ironclad-0.43/doc/ironclad.html 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/doc/ironclad.html 2019-02-18 14:08:52.000000000 +0000 @@ -1,7 +1,7 @@ - + Ironclad @@ -56,7 +56,7 @@

Table of Contents

-
-

Warning

+
+

Warnings

Ironclad should not be considered safe against side channel attacks. @@ -87,15 +87,46 @@ integers and arithmetic functions of Common Lisp implementations are usually not safe against side channel attacks.

+ + +

+Ironclad's digest, MAC and cipher objects should not be considered thread +safe. +

+ +

+Creating a digest, a MAC or a cipher object and using it in several threads at +the same time can lead to an undefined result. If you need to do that, you must +put locks in your application where necessary. +

+ + +

+Ironclad's pseudo random number generation should only be considered thread +safe with bordeaux-threads. +

+ +

+If you have a multi-threaded application in which you want to use functions +requiring some random numbers (key derivation, key generation, public key +encryption, signature, etc.) in several threads, each of these threads must have +its own PRNG, or they might generate the same "random" numbers. If the threads +are created using the bordeaux-threads library (or by a library using +bordeaux-threads, like lparallel), this is done automatically. However, if +you are using the threading functions of your Common Lisp implementation +directly, you have to bind the *prng* special variable to a new PRNG in each +thread. There is an example showing how it can be done in the section about +make-prng. +

-
-

Installation

+
+

Installation

-The current version of Ironclad is 0.43. It can be downloaded -at https://github.com/sharplispers/ironclad/archive/v0.43.tar.gz. +The current version of Ironclad is 0.45. It can be downloaded +at https://github.com/sharplispers/ironclad/archive/v0.45.tar.gz. If you are feeling adventurous, you can download a bleeding-edge version at https://github.com/sharplispers/ironclad.

@@ -141,11 +172,19 @@ added to the above list. If the tests do not all pass, you have found a bug; please report it.

+ +

+By default, Ironclad uses some implementation dependent low-level code to make +some functions run much faster (currently, some assembly for SBCL and CCL, some +C code for ECL). If for some reason you want to disable these optimisations and +use the generic Lisp code, it can be achieved by commenting out the +(pushnew :ironclad-assembly *features*) line in the src/package.lisp file. +

-
-

License

+
+

License

Ironclad is released under a MIT-like license; you can do pretty much @@ -154,11 +193,11 @@

-
-

Ciphers

+
+

Ciphers

-
(make-cipher name &key key mode initialization-vector padding tweak) => cipher
+
(make-cipher name &key key mode initialization-vector padding tweak) => cipher
@@ -167,7 +206,7 @@

-name denotes the encryption algorithm to use. list-all-ciphers will tell you +name denotes the encryption algorithm to use. list-all-ciphers will tell you the names of all supported ciphers. They are:

    @@ -183,6 +222,9 @@
  • chacha/8
  • des
  • idea
    • +
  • kalyna128
    • +
  • kalyna256
    • +
  • kalyna512
  • kuznyechik
  • misty1
  • rc2
    • @@ -193,6 +235,7 @@
  • salsa20/8
  • seed
  • serpent
    • +
  • sm4
  • sosemanuk
  • square
  • tea
    • @@ -224,7 +267,7 @@
  • ecb
  • cbc
  • ofb
    • -
  • cfb (note that Ironclad's CFB mode is n-bit CFB, where n is the block-length of the cipher)
    • +
  • cfb (note that Ironclad's CFB mode is n-bit CFB, where n is the block-length of the cipher)
  • cfb8 (this seems to be the mode other crypto packages call CFB)
  • ctr
@@ -238,7 +281,7 @@

initialization-vector (IV) should be supplied only if mode requires one. initialization-vector should be a (simple-array (unsigned-byte 8) (*)). -The supplied IV should be the same length as the block-length of name. +The supplied IV should be the same length as the block-length of name. The Chacha and Salsa20 stream ciphers also use an initialization vector (nonce). It should be 8 bytes long for Chacha and Salsa20, and 24 bytes long for XChacha and XSalsa20. @@ -250,8 +293,8 @@

-If padding is supplied, the specified padding method will be used by encrypt -and decrypt to handle short blocks when the :handle-final-block argument is +If padding is supplied, the specified padding method will be used by encrypt +and decrypt to handle short blocks when the :handle-final-block argument is supplied. padding will only be used if the mode is ECB or CBC. The possible values for padding are :pkcs7, :ansi-x923 and :iso-7816-4.

@@ -263,7 +306,7 @@
-
(encrypt cipher plaintext ciphertext &key plaintext-start plaintext-end ciphertext-start handle-final-block) => n-bytes-consumed, n-bytes-produced
+
(encrypt cipher plaintext ciphertext &key plaintext-start plaintext-end ciphertext-start handle-final-block) => n-bytes-consumed, n-bytes-produced
@@ -275,7 +318,7 @@
-
(decrypt cipher ciphertext plaintext &key ciphertext-start ciphertext-end plaintext-start handle-final-block) => n-bytes-consumed, n-bytes-produced
+
(decrypt cipher ciphertext plaintext &key ciphertext-start ciphertext-end plaintext-start handle-final-block) => n-bytes-consumed, n-bytes-produced
@@ -287,11 +330,11 @@
-
(encrypt-in-place cipher text &key start end) => n-bytes-consumed, n-bytes-produced
+
(encrypt-in-place cipher text &key start end) => n-bytes-consumed, n-bytes-produced
-
(decrypt-in-place cipher text &key start end) => n-bytes-consumed, n-bytes-produced
+
(decrypt-in-place cipher text &key start end) => n-bytes-consumed, n-bytes-produced
@@ -305,17 +348,17 @@

-Note: encrypt-in-place and decrypt-in-place do not support -a handle-final-block parameter as encrypt and decrypt do. If you +Note: encrypt-in-place and decrypt-in-place do not support +a handle-final-block parameter as encrypt and decrypt do. If you need the functionality that handle-final-block provides, then you -need to use encrypt and decrypt. +need to use encrypt and decrypt.

Note: n-bytes-consumed and n-bytes-produced may not always be equal to the length of the data specified in the call to -encrypt-in-place or decrypt-in-place. This subtlely is also present in -encrypt or decrypt. +encrypt-in-place or decrypt-in-place. This subtlely is also present in +encrypt or decrypt.

@@ -341,32 +384,32 @@

-
-

Inquiry functions

-
+
+

Inquiry functions

+
-
(list-all-ciphers) => list
+
(list-all-ciphers) => list

-Returns a list of cipher-names that may be validly passed to make-cipher. +Returns a list of cipher-names that may be validly passed to make-cipher.

-
(cipher-supported-p name) => boolean
+
(cipher-supported-p name) => boolean

-Returns t if name would be in the list returned by list-all-ciphers, +Returns t if name would be in the list returned by list-all-ciphers, nil otherwise.

-
(key-lengths cipher) => list
+
(key-lengths cipher) => list
@@ -376,7 +419,7 @@
-
(block-length cipher) => number
+
(block-length cipher) => number
@@ -387,9 +430,9 @@
-
-

Key stream position

-
+
+

Key stream position

+

Block ciphers in CTR mode and some stream ciphers have the ability to change the current position within the key stream in constant time instead of having to @@ -397,21 +440,21 @@

-
(keystream-position cipher &optional position) => number or boolean
+
(keystream-position cipher &optional position) => number or boolean

Return or change the current position within the key stream of a cipher. -When position is not supplied, keystream-position returns the current position +When position is not supplied, keystream-position returns the current position in the key stream, or nil if it can't be determined. When position is supplied, the key stream position of the cipher is set to that position if -possible. keystream-position returns t if the repositioning is performed +possible. keystream-position returns t if the repositioning is performed successfully, or nil otherwise.

-keystream-position can be used with the following ciphers: +keystream-position can be used with the following ciphers:

  • all the block ciphers (aes, twofish, etc.) in CTR mode
    • @@ -432,8 +475,8 @@
-
-

Digests

+
+

Digests

Digest functions, also known as hash functions, produce fixed-length @@ -461,14 +504,14 @@

-
(make-digest digest-name &rest keys &key &allow-other-keys) => digester
+
(make-digest digest-name &rest keys &key &allow-other-keys) => digester

Returns a digest object. digest-name is a keyword naming the algorithm you wish digester to use. The supported digest names can be found -by calling list-all-digests. They are: +by calling list-all-digests. They are:

  • adler32
    • @@ -494,6 +537,8 @@
  • keccak/224
  • keccak/256
  • keccak/384
    • +
  • kupyna
    • +
  • kupyna/256
  • md2
  • md4
  • md5
    • @@ -523,6 +568,7 @@
  • skein512/224
  • skein512/256
  • skein512/384
    • +
  • sm3
  • streebog
  • streebog/256
  • tiger
    • @@ -531,7 +577,7 @@

-Like for make-cipher, digest-name should be a symbol in the +Like for make-cipher, digest-name should be a symbol in the keyword or ironclad packages.

@@ -547,7 +593,7 @@
-
(update-digest digester thing &key &allow-other-keys) => (values)
+
(update-digest digester thing &key &allow-other-keys) => (values)
@@ -587,14 +633,14 @@ Update the internal state of digester with the contents of stream, which must respond to read-byte or read-sequence with a (simple-array (unsigned-byte 8) (*)) and return digester. It -differs from digest-stream, below, in that you may need to digest data +differs from digest-stream, below, in that you may need to digest data before or after the contents of stream (this happens, for instance, when signing the contents of some file).

-
(produce-digest digester &key digest digest-start) => digest
+
(produce-digest digester &key digest digest-start) => digest
@@ -605,19 +651,19 @@

If digest is provided, the computed digest will be placed into digest starting at digest-start. digest must be a -(simple-array (unsigned-byte 8) (*)). An insufficient-buffer-space +(simple-array (unsigned-byte 8) (*)). An insufficient-buffer-space error will be signaled if there is insufficient space in digest.

-
-

High-level convenience functions

-
+
+

High-level convenience functions

+

Several high-level convenience functions that encapsulate common -sequences of make-digest, update-digest and produce-digest are +sequences of make-digest, update-digest and produce-digest are provided by Ironclad as well. They come in two flavors: the first -takes a digest name as would be provided to make-digest. The second +takes a digest name as would be provided to make-digest. The second way to call these functions is to provide an actual digest object as the first argument. So one can say:

@@ -636,12 +682,12 @@

-The second form comes in handy if you plan on reusing the digest object. +The second form comes in handy if you plan on reusing the digest object.

-
(digest-sequence digest-spec sequence &rest args &key start end digest digest-start) => digest
+
(digest-sequence digest-spec sequence &rest args &key start end digest digest-start) => digest
@@ -649,12 +695,12 @@ Returns the digest of the subsequence of sequence bounded by start and end, according to digest-name. sequence must be a (simple-array (unsigned-byte 8) (*)). digest and digest-start -are as in produce-digest. +are as in produce-digest.

-
(digest-stream digest-spec stream &rest args &key buffer start end digest digest-start) => digest
+
(digest-stream digest-spec stream &rest args &key buffer start end digest digest-start) => digest
@@ -663,7 +709,7 @@ stream. read-byte must be a legal operation on stream and return an (unsigned-byte 8). In a similar fashion, read-sequence on stream must support reading into a (simple-array (unsigned-byte 8) (*)). -digest and digest-start are as in produce-digest. +digest and digest-start are as in produce-digest.

@@ -674,13 +720,13 @@

-
(digest-file digest-spec pathname &rest args &key buffer start end digest digest-start) => digest
+
(digest-file digest-spec pathname &rest args &key buffer start end digest digest-start) => digest

Returns the digest of the contents of the file named by pathname. -digest and digest-start are as in produce-digest. +digest and digest-start are as in produce-digest.

@@ -691,32 +737,32 @@

-
-

Inquiry functions

-
+
+

Inquiry functions

+
-
(list-all-digests) => list
+
(list-all-digests) => list

-Returns a list whose elements may be validly passed to make-digest. +Returns a list whose elements may be validly passed to make-digest.

-
(digest-supported-p name) => boolean
+
(digest-supported-p name) => boolean

-Returns t if name would be in the list returned by list-all-digests, +Returns t if name would be in the list returned by list-all-digests, nil otherwise.

-
(digest-length digest) => number
+
(digest-length digest) => number
@@ -727,9 +773,9 @@
-
-

Miscellaneous

-
+
+

Miscellaneous

+

Ironclad digests are CLOS objects; the interesting thing about this for most purposes is that functions like reinitialize-instance are @@ -754,9 +800,9 @@

-
-

Tree hashes

-
+
+

Tree hashes

+

Ironclad supports tree hashes, as described in Tree Hash EXchange format. You create tree hashes as if you were creating a digest: @@ -802,8 +848,8 @@

-
-

Message authentication codes

+
+

Message authentication codes

A message authentication code is a cryptographic function of some data @@ -820,20 +866,21 @@

  • CMAC, specified in RFC 4493 and NIST document 800-38B
  • GMAC, specified in NIST document 800-38D
  • Blake2 and Blake2s MAC
    • -
  • Poly1305 MAC
    • +
  • Poly1305
    • +
  • SipHash
  • Skein MAC
    • -
    (make-mac mac-name key &rest args) => mac
+
    (make-mac mac-name key &rest args) => mac

    Return a MAC object initialized with a secret key. mac-name is a keyword naming the algorithm you wish mac to use. The supported -MACs can be found by calling list-all-macs. They are: +MACs can be found by calling list-all-macs. They are:

    • blake2-mac
      • @@ -842,11 +889,12 @@
    • gmac
    • hmac
    • poly1305
      • +
    • siphash
    • skein-mac

    -Like for make-digest, mac-name should be a symbol in the keyword +Like for make-digest, mac-name should be a symbol in the keyword or ironclad packages.

    @@ -861,35 +909,42 @@ (make-mac :gmac key cipher-name initialization-vector) (make-mac :hmac key digest-name) (make-mac :poly1305 key) +(make-mac :siphash key &key compression-rounds finalization-rounds digest-length) (make-mac :skein-mac key &key block-length digest-length)

    -When making a Blake2 MAC, the length of the key passed to make-mac +When making a Blake2 MAC, the length of the key passed to make-mac must be 64 bytes.

    -When making a Blake2s MAC, the length of the key passed to make-mac +When making a Blake2s MAC, the length of the key passed to make-mac must be 32 bytes.

    -When making a CMAC, cipher-name must have a block-length of either -8 or 16; this restriction is satisfied by many ciphers in Ironclad -with the notable exception of stream ciphers. key must be an -acceptable key for cipher-name. +When making a CMAC, cipher-name must have a block-length of either 8, 16, 32, +64 or 128; this restriction is satisfied by many ciphers in Ironclad with the +notable exception of stream ciphers. key must be an acceptable key for +cipher-name.

    -When making a GMAC, cipher-name must have a block-length of 16. key must be +When making a GMAC, cipher-name must have a block-length of 16. key must be an acceptable key for cipher-name. The length of initialization-vector must be 12 bytes.

    -When making a Poly1305, the length of the key passed to make-mac -must be 32 bytes. +When making a Poly1305 MAC, the length of the key passed to make-mac must be +32 bytes. +

    + +

    +When making a SipHash MAC, the length of the key passed to make-mac must be 16 +bytes. digest-length is 8 by default, but it can also be set to 16. By +default, compression-rounds is 2 and finalization-rounds is 4.

    @@ -911,12 +966,12 @@

    -The :key argument is the secret key, as provided to make-mac. +The :key argument is the secret key, as provided to make-mac.

    -
    (update-mac mac thing &key &allow-other-keys) => (values)
+
    (update-mac mac thing &key &allow-other-keys) => (values)
    @@ -949,7 +1004,7 @@
    -
    (produce-mac mac &key digest digest-start) => digest
+
    (produce-mac mac &key digest digest-start) => digest
    @@ -962,56 +1017,57 @@

    If digest is provided, the computed digest will be placed into digest starting at digest-start. digest must be a -(simple-array (unsigned-byte 8) (*)). An insufficient-buffer-space +(simple-array (unsigned-byte 8) (*)). An insufficient-buffer-space error will be signaled if there is insufficient space in digest.

    -The length of the digest returned by produce-mac is determined by the -kind of MAC and the extra arguments passed to make-mac: +The length of the digest returned by produce-mac is determined by the +kind of MAC and the extra arguments passed to make-mac:

    • blake2-mac: from 1 to 64 bytes (64 by default)
    • blake2s-mac: from 1 to 32 bytes (32 by default)
      • -
    • cmac: block-length of the cipher-name passed to make-mac
      • +
    • cmac: block-length of the cipher-name passed to make-mac
    • gmac: 16 bytes
      • -
    • hmac: digest-length of the digest-name passed to make-mac
      • +
    • hmac: digest-length of the digest-name passed to make-mac
    • poly1305: 16 bytes
      • -
    • skein-mac: digest-length passed to make-mac (64 by default)
      • +
    • siphash: digest-length passed to make-mac (8 by default)
      • +
    • skein-mac: digest-length passed to make-mac (64 by default)
    -
    -

    Inquiry functions

    -
    +
    +

    Inquiry functions

    +
    -
    (list-all-macs) => list
+
    (list-all-macs) => list

    -Returns a list whose elements may be validly passed to make-mac. +Returns a list whose elements may be validly passed to make-mac.

    -
    (mac-supported-p name) => boolean
+
    (mac-supported-p name) => boolean

    -Returns t if name would be in the list returned by list-all-macs, +Returns t if name would be in the list returned by list-all-macs, nil otherwise.

    -
    -

    Authenticated encryption

    +
    +

    Authenticated encryption

    -
    (make-authenticated-encryption-mode name &rest args) => mode
+
    (make-authenticated-encryption-mode name &rest args) => mode
    @@ -1021,10 +1077,11 @@

    -name denotes the mode to use. list-all-authenticated-encryption-modes will +name denotes the mode to use. list-all-authenticated-encryption-modes will tell you the names of all the supported modes. They are:

      +
    • eax (Encrypt then authenticate then translate)
    • etm (Encrypt then MAC)
    • gcm (Galois counter mode)
    @@ -1038,6 +1095,7 @@ 

    +(make-authenticated-encryption-mode :eax &key tag cipher-name key initialization-vector)
 (make-authenticated-encryption-mode :etm &key tag cipher mac)
 (make-authenticated-encryption-mode :gcm &key tag cipher-name key initialization-vector)
    @@ -1046,23 +1104,27 @@ If tag is specified, it will be used at the end of decryption (when the handle-final-block flag is t) to check the authenticity of the data. A bad-authentication-tag error will be signaled if the data is not authentic. -If you don't specify it, you will have to call produce-tag after decryption and -check that the tags match (e.g. using constant-time-equal). +If you don't specify it, you will have to call produce-tag after decryption and +check that the tags match (e.g. using constant-time-equal). +

    + +

    +When using EAX, key must be a suitable key for the chosen cipher-name.

    -When using ETM, cipher must be a cipher object created by make-cipher. -mac must be a mac object created by make-mac. +When using ETM, cipher must be a cipher object created by make-cipher. +mac must be a mac object created by make-mac.

    -When using GCM, cipher-name must have a block-length of 16 bytes. key must be a suitable key +When using GCM, cipher-name must have a block-length of 16 bytes. key must be a suitable key for the chosen cipher. The length of initialization-vector must be 12 bytes.

    -
    (process-associated-data mode data &key start end) => (values)
+
    (process-associated-data mode data &key start end) => (values)
    @@ -1073,8 +1135,8 @@

    -An authenticated encryption object can be used with the encrypt, decrypt, -encrypt-message and decrypt-message functions. +An authenticated encryption object can be used with the encrypt, decrypt, +encrypt-message and decrypt-message functions. 

    @@ -1086,7 +1148,7 @@
 
 
 
    
-
    (produce-tag mode &key tag tag-start) => tag
+
    (produce-tag mode &key tag tag-start) => tag
 
    
 
    
 
@@ -1094,40 +1156,40 @@
 Return the authentication tag of the data processed by mode so far. If tag
 is provided, the computed tag will be placed into tag starting at tag-start.
 tag must be a (simple-array (unsigned-byte 8) (*)). An
-insufficient-buffer-space error will be signaled if there is insufficient space
+insufficient-buffer-space error will be signaled if there is insufficient space
 in tag.
    -
    -

    Inquiry functions

    -
    +
    +

    Inquiry functions

    +
    -
    (list-all-authenticated-encryption-modes) => list
+
    (list-all-authenticated-encryption-modes) => list

    Returns a list whose elements may be validly passed to -make-authenticated-encryption-mode. +make-authenticated-encryption-mode.

    -
    (authenticated-encryption-mode-supported-p name) => boolean
+
    (authenticated-encryption-mode-supported-p name) => boolean

    Returns t if name would be in the list returned by -list-all-authenticated-encryption-modes nil otherwise. +list-all-authenticated-encryption-modes nil otherwise.

    -
    -

    Key derivation functions

    +
    +

    Key derivation functions

    Ironclad comes with a few key derivation functions: @@ -1141,12 +1203,12 @@

    -
    (derive-key kdf passphrase salt iteration-count key-length) => digest
+
    (derive-key kdf passphrase salt iteration-count key-length) => digest

    -Given a key derivation function object (produced by make-kdf), +Given a key derivation function object (produced by make-kdf), a password and salt (both must be of type (simple-array (unsigned-byte 8) (*))), and number of iterations, returns the password digest as a byte array of length key-length. @@ -1158,7 +1220,7 @@

    -
    (make-kdf kind &key digest n r p block-count additional-key additional-data) => kdf
+
    (make-kdf kind &key digest n r p block-count additional-key additional-data) => kdf
    @@ -1179,14 +1241,14 @@

    The default Scrypt parameters are N = 4096, r = 8, and p = 2. Please note that depending on the values of N and r, -derive-key may not be able to allocate sufficient space for its +derive-key may not be able to allocate sufficient space for its temporary arrays.

    -
    -

    PBKDF convenience functions

    -
    +
    +

    PBKDF convenience functions

    +

    Ironclad comes with convenience functions for using PBKDF1 and PBKDF2 to store passwords. @@ -1194,7 +1256,7 @@

    -
    (pbkdf2-hash-password password &key salt digest iterations) => password
+
    (pbkdf2-hash-password password &key salt digest iterations) => password
    @@ -1206,7 +1268,7 @@
    -
    (pbkdf2-hash-password-to-combined-string password &key salt digest iterations) => password
+
    (pbkdf2-hash-password-to-combined-string password &key salt digest iterations) => password
    @@ -1218,21 +1280,21 @@
    -
    (pbkdf2-check-password password combined-salt-and-digest) => boolean
+
    (pbkdf2-check-password password combined-salt-and-digest) => boolean

    Given a password byte vector and a combined salt and digest string -produced by pbkdf2-hash-password-to-combined-string, checks whether +produced by pbkdf2-hash-password-to-combined-string, checks whether the password is valid.

    -
    -

    Public key cryptography

    +
    +

    Public key cryptography

    Ironclad includes support for a few public key cryptography algorithms. @@ -1267,11 +1329,11 @@

    -
    -

    Key pair generation

    -
    +
    +

    Key pair generation

    +
    -
    (generate-key-pair kind &key num-bits &allow-other-keys) => private-key, public-key
+
    (generate-key-pair kind &key num-bits &allow-other-keys) => private-key, public-key
    @@ -1294,11 +1356,11 @@
    -
    -

    Key construction

    -
    +
    +

    Key construction

    +
    -
    (make-public-key kind &key &allow-other-keys) => public-key
+
    (make-public-key kind &key &allow-other-keys) => public-key
    @@ -1320,7 +1382,7 @@
    -
    (make-private-key kind &key &allow-other-keys) => private-key
+
    (make-private-key kind &key &allow-other-keys) => private-key
    @@ -1372,43 +1434,43 @@
    -
    -

    Key destructuring

    -
    +
    +

    Key destructuring

    +

    -The destructure-public-key and destructure-private-key functions can +The destructure-public-key and destructure-private-key functions can be useful if you need to store keys somewhere for future use.

    -
    (destructure-public-key public-key) => plist
+
    (destructure-public-key public-key) => plist

    Return the elements of a public key in a plist. The indicators of the -plist match the &key arguments of the make-public-key method. +plist match the &key arguments of the make-public-key method.

    -
    (destructure-private-key private-key) => plist
+
    (destructure-private-key private-key) => plist

    Return the elements of a private key in a plist. The indicators of the -plist match the &key arguments of the make-private-key method. +plist match the &key arguments of the make-private-key method.

    -
    -

    Digital signatures

    -
    +
    +

    Digital signatures

    +
    -
    (sign-message key message &key start end &allow-other-keys) => signature
+
    (sign-message key message &key start end &allow-other-keys) => signature
    @@ -1419,14 +1481,14 @@

    -Note: The sign-message does not perform the hashing of the data. You +Note: The sign-message does not perform the hashing of the data. You should hash your data using your favorite hash function, and then use -this hash as the message passed to sign-message. +this hash as the message passed to sign-message.

    -
    (verify-signature key message signature &key start end &allow-other-keys) => boolean
+
    (verify-signature key message signature &key start end &allow-other-keys) => boolean
    @@ -1437,9 +1499,9 @@

    -
    -

    Padding

    -
    +
    +

    Padding

    +

    To be secure, RSA signature requires the message to be padded. The pss key parameter is provided to pad (or unpad) the message @@ -1460,22 +1522,22 @@

    -
    -

    Format of signatures

    -
    +
    +

    Format of signatures

    +

    -sign-message returns signatures as octet vectors. When the signature +sign-message returns signatures as octet vectors. When the signature contains several values (e.g. the R and S values of DSA signatures), the octet vector is the concatenation of these values (e.g. the first half of the vector is the R value, the second half is the S value). -You can use the make-signature and destructure-signature functions if +You can use the make-signature and destructure-signature functions if you need access to the elements of a signature (e.g. to use a different kind of serialization).

    -
    (make-signature kind &key &allow-other-keys) => signature
+
    (make-signature kind &key &allow-other-keys) => signature
    @@ -1510,23 +1572,23 @@
    -
    (destructure-signature kind signature) => plist
+
    (destructure-signature kind signature) => plist

    Return the elements of a signature in a plist. The indicators of the -plist match the &key arguments of the make-signature method. +plist match the &key arguments of the make-signature method.

    -
    -

    Encryption and decryption

    -
    +
    +

    Encryption and decryption

    +
    -
    (encrypt-message key message &key start end &allow-other-keys) => encrypted-message
+
    (encrypt-message key message &key start end &allow-other-keys) => encrypted-message
    @@ -1537,7 +1599,7 @@
    -
    (decrypt-message key message &key start end n-bits &allow-other-keys) => decrypted-message
+
    (decrypt-message key message &key start end n-bits &allow-other-keys) => decrypted-message
    @@ -1550,9 +1612,9 @@

    -
    -

    Padding

    -
    +
    +

    Padding

    +

    To be secure, RSA encryption requires the message to be padded. The oaep key parameter is provided to pad (or unpad) the message during @@ -1573,23 +1635,23 @@

    -
    -

    Format of messages

    -
    +
    +

    Format of messages

    +

    -encrypt-message returns encrypted messages as octet vectors. When the +encrypt-message returns encrypted messages as octet vectors. When the message contains several values (e.g. the C1 and C2 values of Elgamal messages), the octet vector is the concatenation of these values (e.g. the first half of the vector is the big-endian representation of the C1 value, the second half is the C2 value). You can use the -make-message and destructure-message functions if you need access to +make-message and destructure-message functions if you need access to the elements of a message (e.g. to use a different kind of serialization).

    -
    (make-message kind &key &allow-other-keys) => message
+
    (make-message kind &key &allow-other-keys) => message
    @@ -1616,23 +1678,23 @@
    -
    (destructure-message kind message) => plist
+
    (destructure-message kind message) => plist

    Return the elements of a message in a plist. The indicators of the -plist match the &key arguments of the make-message method. +plist match the &key arguments of the make-message method.

    -
    -

    Diffie-Hellman key exchange

    -
    +
    +

    Diffie-Hellman key exchange

    +
    -
    (diffie-hellman private-key public-key) => bytes
+
    (diffie-hellman private-key public-key) => bytes
    @@ -1645,8 +1707,8 @@
    -
    -

    Pseudo-random number generation

    +
    +

    Pseudo-random number generation

    The *prng* special variable indicates which pseudo-random number @@ -1667,7 +1729,7 @@

    -
    (make-prng name &key seed) => prng
+
    (make-prng name &key seed) => prng
    @@ -1676,7 +1738,7 @@

    -name denotes the style of PRNG to use. list-all-prngs will tell you +name denotes the style of PRNG to use. list-all-prngs will tell you the names of all supported PRNGs. Currently supported PRNGs are:

      @@ -1704,13 +1766,33 @@

      -You should very rarely need to call make-prng; the default OS-provided -PRNG should be appropriate in nearly all cases. +In single-threaded applications, you should very rarely need to call make-prng; +the default OS-provided PRNG should be appropriate in nearly all cases.

      +

      +In multi-threaded applications, each thread that will use functions requiring +random data must have its own PRNG, or several threads might generate the same +"random" data. If the threads are created using the bordeaux-threads library +(or by a library using bordeaux-threads, like lparallel), this is done +automatically. However, if you are using the threading functions of your Common +Lisp implementation directly, you have to bind the *prng* special variable to +a new PRNG in each thread. For example: +

      + +
      +(make-thread (lambda ()
+               (let ((crypto:*prng* (crypto:make-prng :os)))
+                 (forms-for-thread-1))))
+
+(make-thread (lambda ()
+               (let ((crypto:*prng* (crypto:make-prng :os)))
+                 (forms-for-thread-2))))
+
      +
      -
      (list-all-prngs) => list
+
      (list-all-prngs) => list
      @@ -1720,7 +1802,7 @@
      -
      (random-data num-bytes &optional prng) => bytes
+
      (random-data num-bytes &optional prng) => bytes
      @@ -1731,7 +1813,7 @@
      -
      (random-bits num-bits &optional prng) => integer
+
      (random-bits num-bits &optional prng) => integer
      @@ -1741,19 +1823,19 @@
      -
      (strong-random limit &optional prng) => number
+
      (strong-random limit &optional prng) => number

      -A drop-in replacement for common-lisp:random, strong-random +A drop-in replacement for common-lisp:random, strong-random generates a number (an integer if limit is an integer and a float if it is a float) between 0 and limit - 1 in an unbiased fashion.

      -
      (read-os-random-seed source &optional prng) => reseed-count
+
      (read-os-random-seed source &optional prng) => reseed-count
      @@ -1770,14 +1852,14 @@
      -
      (read-seed path &optional prng) => t
+
      (read-seed path &optional prng) => t

      Read enough bytes from path to reseed prng, then generate a pseudo-random seed and write it back to path. If path doesn't -exist, calls read-os-random-seed to get a truly random seed from the +exist, calls read-os-random-seed to get a truly random seed from the OS. Note that reseeding does not reset the generator's state to the seed value; rather, it combines the generator's state with the seed to form a new state. @@ -1785,7 +1867,7 @@

      -
      (write-seed path &optional prng) => t
+
      (write-seed path &optional prng) => t
      @@ -1794,11 +1876,11 @@

    -
    -

    Example

    -
    +
    +

    Example

    +
    -(random-data 16)
+(crypto:random-data 16)
 => #(61 145 133 130 220 200 90 86 0 101 62 169 0 40 101 78)
 
 (crypto:strong-random 16)
@@ -1810,9 +1892,9 @@
    -
    -

    Fortuna

    -
    +
    +

    Fortuna

    +

    You should only use the Fortuna PRNG if your OS does not provided a sufficiently-good PRNG. If you use a Unix or Unix-like OS (e.g. @@ -1841,7 +1923,7 @@

    Fortuna automatically feeds entropy from the pools back into its -random state when random-data is called, using a method designed to +random state when random-data is called, using a method designed to make it resistant to various avenues of attack; even in case of generator compromise it will return to a safe state within a bounded time. @@ -1861,7 +1943,7 @@

    -
    (add-random-event source pool-id event &optional prng) => pool-length
+
    (add-random-event source pool-id event &optional prng) => pool-length
    @@ -1887,8 +1969,8 @@
    -
    -

    Gray streams

    +
    +

    Gray streams

    Ironclad includes support for several convenient stream abstractions @@ -1897,9 +1979,9 @@

    -
    -

    Octet streams

    -
    +
    +

    Octet streams

    +

    Octet streams are very similar to Common Lisp's string-stream except they deal in octets instead of characters. @@ -1907,7 +1989,7 @@

    -
    (make-octet-input-stream buffer &optional start end) => octet-input-stream
+
    (make-octet-input-stream buffer &optional start end) => octet-input-stream
    @@ -1917,7 +1999,7 @@
    -
    (make-octet-output-stream) => octet-output-stream
+
    (make-octet-output-stream) => octet-output-stream
    @@ -1927,7 +2009,7 @@
    -
    (get-output-stream-octets stream) => octet-vector
+
    (get-output-stream-octets stream) => octet-vector
    @@ -1938,7 +2020,7 @@
    -
    (with-octet-input-stream ((var buffer &optional (start 0) end) &body body))
+
    (with-octet-input-stream ((var buffer &optional (start 0) end) &body body))
    @@ -1950,7 +2032,7 @@
    -
    (with-octet-output-stream ((var) &body body)) => bytes
+
    (with-octet-output-stream ((var) &body body)) => bytes
    @@ -1958,14 +2040,14 @@ Within body, var is bound to an octet output stream. After all the forms in body have been executed, the data that has been written to var (and that hasn't been consumed by a call to -get-output-stream-octets within body) is returned. +get-output-stream-octets within body) is returned.

    -
    -

    Digest streams

    -
    +
    +

    Digest streams

    +

    Digest streams compute a digest of the data written to them according to a specific digest algorithm. @@ -1989,7 +2071,7 @@

    -
    (make-digesting-stream digest &rest args) => stream
+
    (make-digesting-stream digest &rest args) => stream
    @@ -1997,18 +2079,18 @@ Make a stream that computes a digest of the data written to it according to the algorithm digest. The parameters that can be used by some algorithms can be specified as args. -produce-digest may be used to obtain a digest of all the data written +produce-digest may be used to obtain a digest of all the data written to the stream.

    -Note: Calling produce-digest on a digest stream does not alter +Note: Calling produce-digest on a digest stream does not alter the internal state of the digest.

    -
    (with-digesting-stream (var digest-name &rest args) &body body) => digest
+
    (with-digesting-stream (var digest-name &rest args) &body body) => digest
    @@ -2021,9 +2103,9 @@
    -
    -

    Cipher streams

    -
    +
    +

    Cipher streams

    +

    Cipher streams encrypt or decrypt the data written to or read from them according to a specific cipher algorithm. @@ -2031,7 +2113,7 @@

    -
    (make-encrypting-stream stream cipher mode key &key initialization-vector direction) => stream
+
    (make-encrypting-stream stream cipher mode key &key initialization-vector direction) => stream
    @@ -2047,7 +2129,7 @@
    -
    (make-decrypting-stream stream cipher mode key &key initialization-vector direction) => stream
+
    (make-decrypting-stream stream cipher mode key &key initialization-vector direction) => stream
    @@ -2064,12 +2146,12 @@

    Note: Only stream ciphers and block ciphers in CTR, CFB, CFB8 or OFB mode are -supported by make-encrypting-stream and make-decrypting-stream. +supported by make-encrypting-stream and make-decrypting-stream.

    -
    (with-encrypting-stream ((var stream cipher mode key &key initialization-vector direction) &body body))
+
    (with-encrypting-stream ((var stream cipher mode key &key initialization-vector direction) &body body))
    @@ -2080,7 +2162,7 @@
    -
    (with-decrypting-stream ((var stream cipher mode key &key initialization-vector direction) &body body))
+
    (with-decrypting-stream ((var stream cipher mode key &key initialization-vector direction) &body body))
    @@ -2091,16 +2173,16 @@
    -
    -

    MAC streams

    -
    +
    +

    MAC streams

    +

    MAC streams compute a message authentication code of the data written to them according to a specific MAC algorithm.

    -
    (make-authenticating-stream mac key &rest args) => stream
+
    (make-authenticating-stream mac key &rest args) => stream
    @@ -2108,12 +2190,12 @@ Make a stream that computes a MAC of the data written to it according to the algorithm mac initialized with a key. The parameters used to create the MAC can be specified as args. -produce-mac may be used to obtain a MAC of all the data written to the +produce-mac may be used to obtain a MAC of all the data written to the stream.

    -Note: Calling produce-mac on a MAC stream does not alter the +Note: Calling produce-mac on a MAC stream does not alter the internal state of the MAC.

    @@ -2144,7 +2226,7 @@
    -
    (with-authenticating-stream (var mac-name key &rest args) &body body) => mac
+
    (with-authenticating-stream (var mac-name key &rest args) &body body) => mac
    @@ -2158,11 +2240,11 @@
    -
    -

    Utility functions

    +
    +

    Utility functions

    -
    (ub16ref/le vector index) => value
+
    (ub16ref/le vector index) => value
 (ub32ref/le vector index) => value
 (ub64ref/le vector index) => value
 
    
@@ -2177,7 +2259,7 @@
 
 
 
    
-
    (ub16ref/be vector index) => value
+
    (ub16ref/be vector index) => value
 (ub32ref/be vector index) => value
 (ub64ref/be vector index) => value
 
    
@@ -2189,41 +2271,41 @@
 
 
 
    
-
    (byte-array-to-hex-string vector &key start end element-type) => string
+
    (byte-array-to-hex-string vector &key start end element-type) => string
 (hex-string-to-byte-array string &key start end) => string
 (ascii-string-to-byte-array string &key start end) => vector
 
    
 
    
 
 
    
-byte-array-to-hex-string converts the bytes of vector between
+byte-array-to-hex-string converts the bytes of vector between
 start and end into a hexadecimal string. It is useful for
 converting digests to a more readable form. element-type indicates
 the element-type of the returned string.
 
    
 
 
    
-hex-string-to-byte-array parses a substring of string delimited
+hex-string-to-byte-array parses a substring of string delimited
 start and end of hexadecimal digits into a byte array.
 
    
 
 
    
-ascii-string-to-byte-array is provided as a quick and dirty way to
-convert a string to a byte array suitable for feeding to update-digest
-or encrypt. Care should be taken to ensure that the provided string is
+ascii-string-to-byte-array is provided as a quick and dirty way to
+convert a string to a byte array suitable for feeding to update-digest
+or encrypt. Care should be taken to ensure that the provided string is
 actually an ASCII string. start and end have their usual
 interpretations.
 
    
 
 
 
    
-
    (octets-to-integer octet-vec &key start end big-endian n-bits) => number
+
    (octets-to-integer octet-vec &key start end big-endian n-bits) => number
 (integer-to-octets bignum &key n-bits big-endian) => vector
 
    
 
    
 
 
    
-octets-to-integer converts the bytes of octet-vec between start
+octets-to-integer converts the bytes of octet-vec between start
 and end to an integer as though the bytes denoted a number in
 base 256. big-endian is a boolean indicating whether the bytes are
 to be read in big-endian or little-endian order. n-bits specifies
@@ -2232,12 +2314,12 @@
 
    
 
 
    
-integer-to-octets is the reverse operation.
+integer-to-octets is the reverse operation.
 
    
 
 
 
    
-
    (expt-mod n exponent modulus) => number
+
    (expt-mod n exponent modulus) => number
 (expt-mod/unsafe n exponent modulus) => number
 
    
 
    
@@ -2245,15 +2327,15 @@
 
    
 Raises n to the exponent power modulo modulus in a more
 efficient fashion than (mod (expt n exponent) modulus).
-expt-mod is using the Montgomery ladder algorithm to be more robust
+expt-mod is using the Montgomery ladder algorithm to be more robust
 against timing attacks.
-expt-mod/unsafe runs faster than expt-mod but is not safe against
+expt-mod/unsafe runs faster than expt-mod but is not safe against
 timing attacks; don't use it on secret data.
 
    
 
 
 
    
-
    make-random-salt &optional size => bytes
+
    make-random-salt &optional size => bytes
 
    
 
    
 
@@ -2264,7 +2346,7 @@
 
 
 
    
-
    constant-time-equal data1 data2 => boolean
+
    constant-time-equal data1 data2 => boolean
 
    
 
    
 
@@ -2277,11 +2359,11 @@
    -
    -

    Conditions

    +
    +

    Conditions

    -
    ironclad-error
+
    ironclad-error
    @@ -2292,152 +2374,152 @@
    -
    initialization-vector-not-supplied
+
    initialization-vector-not-supplied

    -This error is signaled by make-cipher when an initialization vector is +This error is signaled by make-cipher when an initialization vector is not provided and the requested mode requires an initialization vector.

    -
    invalid-initialization-vector
+
    invalid-initialization-vector

    This error is signaled when an invalid initialization vector is -supplied to make-cipher (e.g. when the length of the initialization +supplied to make-cipher (e.g. when the length of the initialization vector does not match the block length of the cipher).

    -
    invalid-key-length
+
    invalid-key-length

    -This error is signaled when the key provided to make-cipher is not of +This error is signaled when the key provided to make-cipher is not of an acceptable length for the requested cipher.

    -
    unsupported-cipher
+
    unsupported-cipher

    -This error is signaled when the cipher-name provided to make-cipher -is not cipher-supported-p. +This error is signaled when the cipher-name provided to make-cipher +is not cipher-supported-p.

    -
    unsupported-mode
+
    unsupported-mode

    This error is signaled when the mode provided to -make-cipher is not mode-supported-p. +make-cipher is not mode-supported-p.

    -
    unsupported-padding
+
    unsupported-padding

    -This error is signaled when the padding provided to make-cipher is not +This error is signaled when the padding provided to make-cipher is not supported.

    -
    unsupported-digest
+
    unsupported-digest

    This error is signaled when the digest-name provided to -make-digest is not digest-supported-p. +make-digest is not digest-supported-p.

    -
    unsupported-mac
+
    unsupported-mac

    This error is signaled when the mac-name provided to -make-mac is not mac-supported-p. +make-mac is not mac-supported-p.

    -
    insufficient-buffer-space
+
    insufficient-buffer-space

    This error is signaled when Ironclad needs to stuff some data into -a buffer (e.g. when the user provides digest to produce-digest and +a buffer (e.g. when the user provides digest to produce-digest and there is insufficient space).

    -
    key-not-supplied
+
    key-not-supplied

    This error is signaled when a :key argument is not provided -to make-cipher. +to make-cipher.

    -
    unsupported-kdf
+
    unsupported-kdf

    This error is signaled when an invalid KDF name is provided -to make-kdf. +to make-kdf.

    -
    unsupported-scrypt-cost-factors
+
    unsupported-scrypt-cost-factors

    This error is signaled when invalid Scrypt cost factors are provided -to make-kdf. +to make-kdf.

    -
    unsupported-argon2i-cost-factors
+
    unsupported-argon2i-cost-factors

    This error is signaled when invalid Argon2i parameters are provided -to make-kdf. +to make-kdf.

    -
    invalid-padding
+
    invalid-padding
    @@ -2448,84 +2530,84 @@
    -
    invalid-mac-parameter
+
    invalid-mac-parameter

    This error is signaled when an invalid parameter is provided -to make-mac. +to make-mac.

    -
    invalid-signature-length
+
    invalid-signature-length

    This error is signaled when a signature with an invalid length is provided -to verify-signature or destructure-signature. +to verify-signature or destructure-signature.

    -
    invalid-message-length
+
    invalid-message-length

    This error is signaled when a message with an invalid length is provided -to encrypt-message, decrypt-message or destructure-message. +to encrypt-message, decrypt-message or destructure-message.

    -
    missing-key-parameter
+
    missing-key-parameter

    This error is signaled when it is determined that a parameter is -missing in a call to make-public-key or make-private-key. +missing in a call to make-public-key or make-private-key.

    -
    missing-message-parameter
+
    missing-message-parameter

    This error is signaled when it is determined that a parameter is -missing in a call to make-message. +missing in a call to make-message.

    -
    missing-signature-parameter
+
    missing-signature-parameter

    This error is signaled when it is determined that a parameter is -missing in a call to make-signature. +missing in a call to make-signature.

    -
    incompatible-keys
+
    incompatible-keys

    This error is signaled when incompatible keys are provided to -diffie-hellman. +diffie-hellman.

    -
    invalid-curve-point
+
    invalid-curve-point
    @@ -2535,18 +2617,18 @@
    -
    invalid-public-key-length
+
    invalid-public-key-length

    This error is signaled when a public key with an invalid length is -provided to verify-signature. +provided to verify-signature.

    -
    oaep-decoding-error
+
    oaep-decoding-error
    @@ -2556,18 +2638,18 @@
    -
    unsupported-authenticated-encryption-mode
+
    unsupported-authenticated-encryption-mode

    This error is signaled when an invalid mode name is provided to -make-authenticated-encryption-mode. +make-authenticated-encryption-mode.

    -
    bad-authentication-tag
+
    bad-authentication-tag
    diff -Nru cl-ironclad-0.43/ironclad.asd cl-ironclad-0.45/ironclad.asd --- cl-ironclad-0.43/ironclad.asd 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/ironclad.asd 2019-02-18 14:08:52.000000000 +0000 @@ -8,13 +8,13 @@ (defclass ironclad-source-file (cl-source-file) ()) (defsystem "ironclad" - :version "0.43" + :version "0.45" :author "Nathan Froyd " :maintainer "Guillaume LE VAILLANT " :description "A cryptographic toolkit written in pure Common Lisp" :license "BSD 3-Clause" :default-component-class ironclad-source-file - :depends-on (#+sbcl "sb-rotate-byte" #+sbcl "sb-posix" "nibbles") + :depends-on (#+sbcl "sb-rotate-byte" #+sbcl "sb-posix" "nibbles" "bordeaux-threads") :in-order-to ((test-op (test-op "ironclad/tests"))) :components ((:static-file "LICENSE") (:static-file "NEWS") @@ -23,7 +23,7 @@ (:module "doc" :components ((:html-file "ironclad"))) (:module "src" - :components ((:file "common" :depends-on ("ccl-opt" "macro-utils" "package" "sbcl-opt")) + :components ((:file "common" :depends-on ("macro-utils" "opt" "package")) (:file "conditions" :depends-on ("package")) (:file "generic" :depends-on ("package")) (:file "macro-utils" :depends-on ("package")) @@ -32,16 +32,14 @@ (:file "octet-stream" :depends-on ("ciphers" "common" "conditions" "digests" "macs" "package")) (:file "package") (:file "util" :depends-on ("conditions" "package")) - (:module "ccl-opt" - :depends-on ("package") - :components ((:file "x86oid-vm"))) (:module "aead" :depends-on ("ciphers" "common" "conditions" "generic" "macro-utils" "macs" "package" "util") :components ((:file "aead") + (:file "eax" :depends-on ("aead")) (:file "etm" :depends-on ("aead")) (:file "gcm" :depends-on ("aead")))) (:module "ciphers" - :depends-on ("common" "conditions" "generic" "macro-utils" "package" "sbcl-opt") + :depends-on ("common" "conditions" "generic" "macro-utils" "opt" "package") :components ((:file "aes" :depends-on ("cipher")) (:file "arcfour" :depends-on ("cipher")) (:file "aria" :depends-on ("cipher")) @@ -53,6 +51,7 @@ (:file "des" :depends-on ("cipher")) (:file "idea" :depends-on ("cipher")) (:file "keystream" :depends-on ("cipher" "chacha" "modes" "salsa20")) + (:file "kalyna" :depends-on ("cipher")) (:file "kuznyechik" :depends-on ("cipher")) (:file "make-cipher" :depends-on ("cipher" "padding")) (:file "misty1" :depends-on ("cipher")) @@ -64,6 +63,7 @@ (:file "salsa20" :depends-on ("cipher")) (:file "seed" :depends-on ("cipher")) (:file "serpent" :depends-on ("cipher")) + (:file "sm4" :depends-on ("cipher")) (:file "sosemanuk" :depends-on ("cipher")) (:file "square" :depends-on ("cipher")) (:file "tea" :depends-on ("cipher")) @@ -74,7 +74,7 @@ (:file "xsalsa20" :depends-on ("cipher" "salsa20")) (:file "xtea" :depends-on ("cipher")))) (:module "digests" - :depends-on ("ciphers" "common" "conditions" "generic" "macro-utils" "package" "sbcl-opt") + :depends-on ("ciphers" "common" "conditions" "generic" "macro-utils" "opt" "package") :components ((:file "adler32" :depends-on ("digest")) (:file "blake2" :depends-on ("digest")) (:file "blake2s" :depends-on ("digest")) @@ -83,6 +83,7 @@ (:file "digest") (:file "groestl" :depends-on ("digest")) (:file "jh" :depends-on ("digest")) + (:file "kupyna" :depends-on ("digest")) (:file "md2" :depends-on ("digest")) (:file "md4" :depends-on ("digest")) (:file "md5" :depends-on ("digest")) @@ -94,6 +95,7 @@ (:file "sha3" :depends-on ("digest")) (:file "sha512" :depends-on ("digest")) (:file "skein" :depends-on ("digest")) + (:file "sm3" :depends-on ("digest")) (:file "streebog" :depends-on ("digest")) (:file "tiger" :depends-on ("digest")) (:file "tree-hash" :depends-on ("digest")) @@ -106,7 +108,7 @@ (:file "pkcs5" :depends-on ("kdf-common")) (:file "scrypt" :depends-on ("kdf-common" "pkcs5")))) (:module "macs" - :depends-on ("ciphers" "common" "conditions" "digests" "generic" "package" "sbcl-opt") + :depends-on ("ciphers" "common" "conditions" "digests" "generic" "opt" "package") :components ((:file "blake2-mac" :depends-on ("mac")) (:file "blake2s-mac" :depends-on ("mac")) (:file "cmac" :depends-on ("mac")) @@ -114,7 +116,21 @@ (:file "gmac" :depends-on ("mac")) (:file "mac") (:file "poly1305" :depends-on ("mac")) + (:file "siphash" :depends-on ("mac")) (:file "skein-mac" :depends-on ("mac")))) + (:module "opt" + :depends-on ("macro-utils" "package") + :components ((:module "ccl" + :if-feature :ccl + :components ((:file "x86oid-vm"))) + (:module "ecl" + :if-feature :ecl + :components ((:file "c-functions"))) + (:module "sbcl" + :if-feature :sbcl + :components ((:file "cpu-features" :depends-on ("fndb" "x86oid-vm")) + (:file "fndb") + (:file "x86oid-vm" :depends-on ("fndb")))))) (:module "prng" :depends-on ("ciphers" "conditions" "digests" "generic" "package") :components ((:file "fortuna" :depends-on ("prng" "generator")) @@ -131,12 +147,7 @@ (:file "elgamal" :depends-on ("pkcs1" "public-key")) (:file "pkcs1" :depends-on ("public-key")) (:file "public-key") - (:file "rsa" :depends-on ("pkcs1" "public-key")))) - (:module "sbcl-opt" - :depends-on ("macro-utils" "package") - :components ((:file "cpu-features" :depends-on ("fndb" "x86oid-vm")) - (:file "fndb") - (:file "x86oid-vm" :depends-on ("fndb")))))))) + (:file "rsa" :depends-on ("pkcs1" "public-key")))))))) (macrolet ((do-silently (&body body) `(handler-bind ((style-warning #'muffle-warning) @@ -172,7 +183,7 @@ (defsystem "ironclad/tests" :depends-on ("ironclad" "rt") - :version "0.43" + :version "0.45" :in-order-to ((test-op (load-op "ironclad/tests"))) :perform (test-op (o s) (or (funcall (intern "DO-TESTS" (find-package "RTEST"))) @@ -185,6 +196,7 @@ (:file "padding") ;; aead (:file "aead") + (:test-vector-file "eax") (:test-vector-file "etm") (:test-vector-file "gcm") ;; ciphers @@ -206,6 +218,9 @@ (:test-vector-file "ctr") (:test-vector-file "des") (:test-vector-file "idea") + (:test-vector-file "kalyna128") + (:test-vector-file "kalyna256") + (:test-vector-file "kalyna512") (:test-vector-file "kuznyechik") (:test-vector-file "misty1") (:test-vector-file "xor") @@ -218,6 +233,7 @@ (:test-vector-file "salsa20-8") (:test-vector-file "seed") (:test-vector-file "serpent") + (:test-vector-file "sm4") (:test-vector-file "sosemanuk") (:test-vector-file "square") (:test-vector-file "tea") @@ -257,6 +273,8 @@ (:test-vector-file "keccak-224") (:test-vector-file "keccak-256") (:test-vector-file "keccak-384") + (:test-vector-file "kupyna") + (:test-vector-file "kupyna-256") (:test-vector-file "md2") (:test-vector-file "md4") (:test-vector-file "md5") @@ -286,6 +304,7 @@ (:test-vector-file "skein512-224") (:test-vector-file "skein512-256") (:test-vector-file "skein512-384") + (:test-vector-file "sm3") (:test-vector-file "streebog") (:test-vector-file "streebog-256") (:test-vector-file "tiger") @@ -303,6 +322,7 @@ (:test-vector-file "hmac") (:test-vector-file "gmac") (:test-vector-file "poly1305") + (:test-vector-file "siphash") (:test-vector-file "skein-mac") ;; prng (:file "prng-tests") diff -Nru cl-ironclad-0.43/NEWS cl-ironclad-0.45/NEWS --- cl-ironclad-0.43/NEWS 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/NEWS 2019-02-18 14:08:52.000000000 +0000 @@ -1,5 +1,36 @@ -*- mode: outline -*- +* Version 0.45, released 2019-02-18 + +** bug fixes + +Pseudo-random number generation is now thread safe, but only when the threads +are created with the bordeaux-threads library. + +** new features + +Added the SM3 digest (GM/T 0004-2012). + +Added the SM4 cipher (GM/T 0002-2012). + +Added the SipHash MAC. + +* Version 0.44, released 2018-11-03 + +** new features + +Added the EAX authenticated encryption scheme. + +Added support of 256, 512 and 1024 bit block ciphers to CMAC. + +Added the Kalyna128, Kalyna256 and Kalyna512 block ciphers (DSTU 7624:2014) + +Added the Kupyna and Kupyna/256 digests (DSTU 7564:2014) + +Some optimizations for Chacha and Salsa for ECL. + +Some optimizations for Poly1305 for ECL. + * Version 0.43, released 2018-09-14 ** new features diff -Nru cl-ironclad-0.43/README.org cl-ironclad-0.45/README.org --- cl-ironclad-0.43/README.org 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/README.org 2019-02-18 14:08:52.000000000 +0000 @@ -39,7 +39,7 @@ #+TOC: headlines 1 -* Warning +* Warnings :PROPERTIES: :CUSTOM_ID: warning :END: @@ -52,13 +52,36 @@ integers and arithmetic functions of Common Lisp implementations are usually not safe against side channel attacks. + +*Ironclad's digest, MAC and cipher objects should not be considered thread +safe.* + +Creating a digest, a MAC or a cipher object and using it in several threads at +the same time can lead to an undefined result. If you need to do that, you must +put locks in your application where necessary. + + +*Ironclad's pseudo random number generation should only be considered thread +safe with bordeaux-threads.* + +If you have a multi-threaded application in which you want to use functions +requiring some random numbers (key derivation, key generation, public key +encryption, signature, etc.) in several threads, each of these threads must have +its own PRNG, or they might generate the same "random" numbers. If the threads +are created using the *bordeaux-threads* library (or by a library using +*bordeaux-threads*, like *lparallel*), this is done automatically. However, if +you are using the threading functions of your Common Lisp implementation +directly, you have to bind the ~*prng*~ special variable to a new PRNG in each +thread. There is an example showing how it can be done in the section about +[[make-prng][make-prng]]. + * Installation :PROPERTIES: :CUSTOM_ID: installation :END: -The current version of Ironclad is 0.43. It can be downloaded -at [[https://github.com/sharplispers/ironclad/archive/v0.43.tar.gz]]. +The current version of Ironclad is 0.45. It can be downloaded +at [[https://github.com/sharplispers/ironclad/archive/v0.45.tar.gz]]. If you are feeling adventurous, you can download a bleeding-edge version at [[https://github.com/sharplispers/ironclad]]. @@ -92,6 +115,12 @@ added to the above list. If the tests do not all pass, you have found a bug; please report it. +By default, Ironclad uses some implementation dependent low-level code to make +some functions run much faster (currently, some assembly for SBCL and CCL, some +C code for ECL). If for some reason you want to disable these optimisations and +use the generic Lisp code, it can be achieved by commenting out the +~(pushnew :ironclad-assembly *features*)~ line in the /src/package.lisp/ file. + * License :PROPERTIES: :CUSTOM_ID: license @@ -126,6 +155,9 @@ - chacha/8 - des - idea + - kalyna128 + - kalyna256 + - kalyna512 - kuznyechik - misty1 - rc2 @@ -136,6 +168,7 @@ - salsa20/8 - seed - serpent + - sm4 - sosemanuk - square - tea @@ -373,6 +406,8 @@ - keccak/224 - keccak/256 - keccak/384 + - kupyna + - kupyna/256 - md2 - md4 - md5 @@ -402,6 +437,7 @@ - skein512/224 - skein512/256 - skein512/384 + - sm3 - streebog - streebog/256 - tiger @@ -632,7 +668,8 @@ - CMAC, specified in [[http://www.ietf.org/rfc/rfc4493.txt][RFC 4493]] and NIST document 800-38B - GMAC, specified in NIST document 800-38D - Blake2 and Blake2s MAC - - Poly1305 MAC + - Poly1305 + - SipHash - Skein MAC @@ -650,6 +687,7 @@ - gmac - hmac - poly1305 + - siphash - skein-mac Like for [[make-digest][make-digest]], /mac-name/ should be a symbol in the ~keyword~ @@ -664,6 +702,7 @@ (make-mac :gmac key cipher-name initialization-vector) (make-mac :hmac key digest-name) (make-mac :poly1305 key) +(make-mac :siphash key &key compression-rounds finalization-rounds digest-length) (make-mac :skein-mac key &key block-length digest-length) #+END_EXAMPLE @@ -673,17 +712,21 @@ When making a Blake2s MAC, the length of the /key/ passed to [[make-mac][make-mac]] must be 32 bytes. -When making a CMAC, /cipher-name/ must have a [[block-length][block-length]] of either -8 or 16; this restriction is satisfied by many ciphers in Ironclad -with the notable exception of stream ciphers. /key/ must be an -acceptable key for /cipher-name/. +When making a CMAC, /cipher-name/ must have a [[block-length][block-length]] of either 8, 16, 32, +64 or 128; this restriction is satisfied by many ciphers in Ironclad with the +notable exception of stream ciphers. /key/ must be an acceptable key for +/cipher-name/. When making a GMAC, /cipher-name/ must have a [[block-length][block-length]] of 16. /key/ must be an acceptable key for /cipher-name/. The length of /initialization-vector/ must be 12 bytes. -When making a Poly1305, the length of the /key/ passed to [[make-mac][make-mac]] -must be 32 bytes. +When making a Poly1305 MAC, the length of the /key/ passed to [[make-mac][make-mac]] must be +32 bytes. + +When making a SipHash MAC, the length of the /key/ passed to [[make-mac][make-mac]] must be 16 +bytes. /digest-length/ is 8 by default, but it can also be set to 16. By +default, /compression-rounds/ is 2 and /finalization-rounds/ is 4. When making a Skein MAC, /block-length/ can be 32 (to use the Skein256 hash function internally), 64 (to use Skein512) or 128 (to use @@ -752,6 +795,7 @@ - gmac: 16 bytes - hmac: [[digest-length][digest-length]] of the /digest-name/ passed to [[make-mac][make-mac]] - poly1305: 16 bytes + - siphash: /digest-length/ passed to [[make-mac][make-mac]] (8 by default) - skein-mac: /digest-length/ passed to [[make-mac][make-mac]] (64 by default) ** Inquiry functions @@ -787,6 +831,7 @@ /name/ denotes the mode to use. [[list-all-authenticated-encryption-modes][list-all-authenticated-encryption-modes]] will tell you the names of all the supported modes. They are: + - eax (Encrypt then authenticate then translate) - etm (Encrypt then MAC) - gcm (Galois counter mode) @@ -795,6 +840,7 @@ /args/ depends on the chosen authenticated encryption mode. #+BEGIN_EXAMPLE +(make-authenticated-encryption-mode :eax &key tag cipher-name key initialization-vector) (make-authenticated-encryption-mode :etm &key tag cipher mac) (make-authenticated-encryption-mode :gcm &key tag cipher-name key initialization-vector) #+END_EXAMPLE @@ -805,6 +851,8 @@ If you don't specify it, you will have to call [[produce-tag][produce-tag]] after decryption and check that the tags match (e.g. using [[constant-time-equal][constant-time-equal]]). +When using EAX, /key/ must be a suitable key for the chosen /cipher-name/. + When using ETM, /cipher/ must be a cipher object created by [[make-cipher][make-cipher]]. /mac/ must be a mac object created by [[make-mac][make-mac]]. @@ -1292,8 +1340,26 @@ (over-writing the old seed). Finally, if it is a byte vector, it will be used to seed the PRNG. -You should very rarely need to call [[make-prng][make-prng]]; the default OS-provided -PRNG should be appropriate in nearly all cases. +In single-threaded applications, you should very rarely need to call [[make-prng][make-prng]]; +the default OS-provided PRNG should be appropriate in nearly all cases. + +In multi-threaded applications, each thread that will use functions requiring +random data must have its own PRNG, or several threads might generate the same +"random" data. If the threads are created using the *bordeaux-threads* library +(or by a library using *bordeaux-threads*, like *lparallel*), this is done +automatically. However, if you are using the threading functions of your Common +Lisp implementation directly, you have to bind the ~*prng*~ special variable to +a new PRNG in each thread. For example: + +#+BEGIN_EXAMPLE +(make-thread (lambda () + (let ((crypto:*prng* (crypto:make-prng :os))) + (forms-for-thread-1)))) + +(make-thread (lambda () + (let ((crypto:*prng* (crypto:make-prng :os))) + (forms-for-thread-2)))) +#+END_EXAMPLE #+NAME: list-all-prngs @@ -1367,7 +1433,7 @@ ** Example #+BEGIN_EXAMPLE -(random-data 16) +(crypto:random-data 16) => #(61 145 133 130 220 200 90 86 0 101 62 169 0 40 101 78) (crypto:strong-random 16) diff -Nru cl-ironclad-0.43/src/aead/eax.lisp cl-ironclad-0.45/src/aead/eax.lisp --- cl-ironclad-0.43/src/aead/eax.lisp 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/src/aead/eax.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,130 @@ +;;;; -*- mode: lisp; indent-tabs-mode: nil -*- +;;;; eax.lisp -- Encrypt then authenticate then translate + +(in-package :crypto) + + +(defclass eax (aead-mode) + ((cipher :accessor eax-cipher + :initform nil) + (mac-n :accessor eax-mac-n + :initform nil) + (mac-h :accessor eax-mac-h + :initform nil) + (mac-c :accessor eax-mac-c + :initform nil))) + +(defmethod shared-initialize :after ((mode eax) slot-names &rest initargs &key key cipher-name initialization-vector &allow-other-keys) + (declare (ignore slot-names initargs)) + (let* ((mac-n (if (or (null (eax-mac-n mode)) cipher-name) + (make-mac :cmac key cipher-name) + (reinitialize-instance (eax-mac-n mode) :key key))) + (mac-h (if (or (null (eax-mac-h mode)) cipher-name) + (make-mac :cmac key cipher-name) + (reinitialize-instance (eax-mac-h mode) :key key))) + (mac-c (if (or (null (eax-mac-c mode)) cipher-name) + (make-mac :cmac key cipher-name) + (reinitialize-instance (eax-mac-c mode) :key key))) + (block-length (block-length (or cipher-name (eax-cipher mode)))) + (buffer (make-array block-length + :element-type '(unsigned-byte 8) + :initial-element 0))) + (update-mac mac-n buffer) + (update-mac mac-n initialization-vector) + (setf (aref buffer (1- (length buffer))) 1) + (update-mac mac-h buffer) + (setf (aref buffer (1- (length buffer))) 2) + (update-mac mac-c buffer) + (let* ((n (produce-mac mac-n)) + (cipher (if (or (null (eax-cipher mode)) cipher-name) + (make-cipher cipher-name + :key key + :mode :ctr + :initialization-vector n) + (reinitialize-instance (eax-cipher mode) + :key key + :mode :ctr + :initialization-vector n)))) + (setf (eax-mac-n mode) mac-n + (eax-mac-h mode) mac-h + (eax-mac-c mode) mac-c + (eax-cipher mode) cipher))) + mode) + +(defmethod process-associated-data ((mode eax) data &key (start 0) end) + (let* ((end (or end (length data))) + (length (- end start))) + (update-mac (eax-mac-h mode) data :start start :end end))) + +(defmethod produce-tag ((mode eax) &key tag (tag-start 0)) + (let* ((n (produce-mac (eax-mac-n mode))) + (h (produce-mac (eax-mac-h mode))) + (c (produce-mac (eax-mac-c mode))) + (block-length (length c))) + (etypecase tag + (simple-octet-vector + (when (> block-length (- (length tag) tag-start)) + (error 'insufficient-buffer-space + :buffer tag + :start tag-start + :length block-length)) + (xor-block block-length n 0 c 0 c 0) + (xor-block block-length h 0 c 0 tag tag-start) + tag) + (null + (xor-block block-length n 0 c 0 c 0) + (xor-block block-length h 0 c 0 c 0) + c)))) + +(defmethod encrypt ((mode eax) plaintext ciphertext &key (plaintext-start 0) plaintext-end (ciphertext-start 0) handle-final-block) + (declare (ignore handle-final-block)) + (let ((cipher (eax-cipher mode)) + (mac-c (eax-mac-c mode)) + (plaintext-end (or plaintext-end (length plaintext)))) + (multiple-value-bind (consumed-bytes produced-bytes) + (encrypt cipher plaintext ciphertext + :plaintext-start plaintext-start :plaintext-end plaintext-end + :ciphertext-start ciphertext-start) + (update-mac mac-c ciphertext + :start ciphertext-start :end (+ ciphertext-start produced-bytes)) + (values consumed-bytes produced-bytes)))) + +(defmethod decrypt ((mode eax) ciphertext plaintext &key (ciphertext-start 0) ciphertext-end (plaintext-start 0) handle-final-block) + (let ((cipher (eax-cipher mode)) + (mac-c (eax-mac-c mode)) + (ciphertext-end (or ciphertext-end (length ciphertext)))) + (update-mac mac-c ciphertext + :start ciphertext-start :end ciphertext-end) + (multiple-value-bind (consumed-bytes produced-bytes) + (decrypt cipher ciphertext plaintext + :ciphertext-start ciphertext-start :ciphertext-end ciphertext-end + :plaintext-start plaintext-start) + (when (and handle-final-block (tag mode)) + (let ((correct-tag (tag mode)) + (tag (produce-tag mode))) + (unless (constant-time-equal tag correct-tag) + (error 'bad-authentication-tag)))) + (values consumed-bytes produced-bytes)))) + +(defmethod encrypt-message ((mode eax) message &key (start 0) end associated-data (associated-data-start 0) associated-data-end &allow-other-keys) + (let* ((length (- (or end (length message)) start)) + (encrypted-message (make-array length :element-type '(unsigned-byte 8)))) + (when associated-data + (process-associated-data mode associated-data + :start associated-data-start :end associated-data-end)) + (encrypt mode message encrypted-message + :plaintext-start start :plaintext-end end) + encrypted-message)) + +(defmethod decrypt-message ((mode eax) message &key (start 0) end associated-data (associated-data-start 0) associated-data-end &allow-other-keys) + (let* ((length (- (or end (length message)) start)) + (decrypted-message (make-array length :element-type '(unsigned-byte 8)))) + (when associated-data + (process-associated-data mode associated-data + :start associated-data-start :end associated-data-end)) + (decrypt mode message decrypted-message + :plaintext-start start :plaintext-end end + :handle-final-block t) + decrypted-message)) + +(defaead eax) diff -Nru cl-ironclad-0.43/src/ccl-opt/x86oid-vm.lisp cl-ironclad-0.45/src/ccl-opt/x86oid-vm.lisp --- cl-ironclad-0.43/src/ccl-opt/x86oid-vm.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/ccl-opt/x86oid-vm.lisp 1970-01-01 00:00:00.000000000 +0000 @@ -1,180 +0,0 @@ -;;;; -*- mode: lisp; indent-tabs-mode: nil -*- -#+ccl -(in-package :ccl) - -#+(and ccl x86-64) -(progn - (defx86lapfunction mod32+ ((a arg_y) (b arg_z)) - (unbox-fixnum a imm0) - (unbox-fixnum b imm1) - (addl (% imm1.l) (% imm0.l)) - (box-fixnum imm0 arg_z) - (single-value-return)) - - (defx86lapfunction mod32- ((a arg_y) (b arg_z)) - (unbox-fixnum a imm0) - (unbox-fixnum b imm1) - (subl (% imm1.l) (% imm0.l)) - (box-fixnum imm0 arg_z) - (single-value-return)) - - (defx86lapfunction mod32* ((a arg_y) (b arg_z)) - (unbox-fixnum a imm0) - (unbox-fixnum b imm1) - (imull (% imm1.l) (% imm0.l)) - (box-fixnum imm0 arg_z) - (single-value-return)) - - (defx86lapfunction mod32ash ((number arg_y) (count arg_z)) - (unbox-fixnum number imm0) - (unbox-fixnum count imm2) - (testb (% imm2.b) (% imm2.b)) - (js :right) - (shll (% imm2.b) (% imm0.l)) - (jmp :end) - :right - (negb (% imm2.b)) - (shrl (% imm2.b) (% imm0.l)) - :end - (box-fixnum imm0 arg_z) - (single-value-return)) - - (defx86lapfunction mod32lognot ((number arg_z)) - (unbox-fixnum number imm0) - (notl (% imm0.l)) - (box-fixnum imm0 arg_z) - (single-value-return)) - - (defx86lapfunction rol32 ((number arg_y) (count arg_z)) - (unbox-fixnum number imm0) - (unbox-fixnum count imm2) - (roll (% imm2.b) (% imm0.l)) - (box-fixnum imm0 arg_z) - (single-value-return)) - - (defx86lapfunction ror32 ((number arg_y) (count arg_z)) - (unbox-fixnum number imm0) - (unbox-fixnum count imm2) - (rorl (% imm2.b) (% imm0.l)) - (box-fixnum imm0 arg_z) - (single-value-return)) - - (defx86lapfunction %set-bignum-to-fixnum ((bignum arg_y) (fixnum arg_z)) - (unbox-fixnum fixnum imm0) - (movq (% imm0) (@ x8664::misc-data-offset (% bignum))) - (retq)) - - (defun bignumize (number) - (if (fixnump number) - (let ((result (allocate-typed-vector :bignum 2))) - (%set-bignum-to-fixnum result number) - result) - number)) - - (defun normalize-bignum-3 (number) - (cond ((logbitp 31 (bignum-ref number 1)) number) - (t (%set-bignum-length 2 number) - (or (%maybe-fixnum-from-one-or-two-digit-bignum number) - number)))) - - (defx86lapfunction %mod64+ ((result arg_x) (a arg_y) (b arg_z)) - (movq (@ x8664::misc-data-offset (% a)) (% imm0)) - (movq (@ x8664::misc-data-offset (% b)) (% imm1)) - (addq (% imm0) (% imm1)) - (movq (% imm1) (@ x8664::misc-data-offset (% result))) - (retq)) - - (defun mod64+ (a b) - (declare (type (unsigned-byte 64) a b)) - (let ((result (allocate-typed-vector :bignum 3))) - (%mod64+ result (bignumize a) (bignumize b)) - (normalize-bignum-3 result))) - - (defx86lapfunction %mod64- ((result arg_x) (a arg_y) (b arg_z)) - (movq (@ x8664::misc-data-offset (% a)) (% imm0)) - (movq (@ x8664::misc-data-offset (% b)) (% imm1)) - (subq (% imm1) (% imm0)) - (movq (% imm0) (@ x8664::misc-data-offset (% result))) - (retq)) - - (defun mod64- (a b) - (declare (type (unsigned-byte 64) a b)) - (let ((result (allocate-typed-vector :bignum 3))) - (%mod64- result (bignumize a) (bignumize b)) - (normalize-bignum-3 result))) - - (defx86lapfunction %mod64* ((result arg_x) (a arg_y) (b arg_z)) - (movq (@ x8664::misc-data-offset (% a)) (% imm0)) - (movq (@ x8664::misc-data-offset (% b)) (% imm1)) - (imulq (% imm0) (% imm1)) - (movq (% imm1) (@ x8664::misc-data-offset (% result))) - (retq)) - - (defun mod64* (a b) - (declare (type (unsigned-byte 64) a b)) - (let ((result (allocate-typed-vector :bignum 3))) - (%mod64* result (bignumize a) (bignumize b)) - (normalize-bignum-3 result))) - - (defx86lapfunction %mod64ash ((result arg_x) (number arg_y) (count arg_z)) - (movq (@ x8664::misc-data-offset (% number)) (% imm0)) - (unbox-fixnum count imm2) - (testb (% imm2.b) (% imm2.b)) - (js :right) - (shlq (% imm2.b) (% imm0)) - (jmp :end) - :right - (negb (% imm2.b)) - (shrq (% imm2.b) (% imm0)) - :end - (movq (% imm0) (@ x8664::misc-data-offset (% result))) - (retq)) - - (defun mod64ash (number count) - (declare (type (unsigned-byte 64) number) - (type (integer -63 63) count)) - (let ((result (allocate-typed-vector :bignum 3))) - (%mod64ash result (bignumize number) count) - (normalize-bignum-3 result))) - - (defx86lapfunction %mod64lognot ((result arg_y) (number arg_z)) - (movq (@ x8664::misc-data-offset (% number)) (% imm0)) - (notq (% imm0)) - (movq (% imm0) (@ x8664::misc-data-offset (% result))) - (retq)) - - (defun mod64lognot (number) - (declare (type (unsigned-byte 64) number)) - (let ((result (allocate-typed-vector :bignum 3))) - (%mod64lognot result (bignumize number)) - (normalize-bignum-3 result))) - - (defx86lapfunction %rol64 ((result arg_x) (number arg_y) (count arg_z)) - (movq (@ x8664::misc-data-offset (% number)) (% imm0)) - (unbox-fixnum count imm2) - (rolq (% imm2.b) (% imm0)) - (movq (% imm0) (@ x8664::misc-data-offset (% result))) - (retq)) - - (defun rol64 (number count) - (declare (optimize (speed 3) (space 0) (safety 0) (debug 0)) - (type (unsigned-byte 64) number) - (type (integer 0 64) count)) - (let ((result (allocate-typed-vector :bignum 3))) - (%rol64 result (bignumize number) count) - (normalize-bignum-3 result))) - - (defx86lapfunction %ror64 ((result arg_x) (number arg_y) (count arg_z)) - (movq (@ x8664::misc-data-offset (% number)) (% imm0)) - (unbox-fixnum count imm2) - (rorq (% imm2.b) (% imm0)) - (movq (% imm0) (@ x8664::misc-data-offset (% result))) - (retq)) - - (defun ror64 (number count) - (declare (optimize (speed 3) (space 0) (safety 0) (debug 0)) - (type (unsigned-byte 64) number) - (type (integer 0 64) count)) - (let ((result (allocate-typed-vector :bignum 3))) - (%ror64 result (bignumize number) count) - (normalize-bignum-3 result)))) diff -Nru cl-ironclad-0.43/src/ciphers/chacha.lisp cl-ironclad-0.45/src/ciphers/chacha.lisp --- cl-ironclad-0.43/src/ciphers/chacha.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/ciphers/chacha.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -18,9 +18,11 @@ (declare (type chacha-keystream-buffer buffer)) (declare (type chacha-state state)) (declare (optimize speed)) - #+(and sbcl x86-64) + #+(or (and ecl ironclad-assembly) + (and sbcl x86-64 ironclad-assembly)) (x-chacha-core n-rounds buffer state) - #-(and sbcl x86-64) + #-(or (and ecl ironclad-assembly) + (and sbcl x86-64 ironclad-assembly)) (let ((x (make-array 16 :element-type '(unsigned-byte 32)))) (declare (dynamic-extent x)) (replace x state) diff -Nru cl-ironclad-0.43/src/ciphers/kalyna.lisp cl-ironclad-0.45/src/ciphers/kalyna.lisp --- cl-ironclad-0.43/src/ciphers/kalyna.lisp 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/src/ciphers/kalyna.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,3510 @@ +;;;; -*- mode: lisp; indent-tabs-mode: nil -*- +;;;; kalyna.lisp -- implementation of the Kalyna block ciphers (DSTU 7624:2014) + +(in-package :crypto) + + +;;; +;;; Constants +;;; + +(eval-when (:compile-toplevel :load-toplevel :execute) + (defconst +kalyna-t+ + (make-array '(8 256) + :element-type '(unsigned-byte 64) + :initial-contents '((#xa832a829d77f9aa8 #x4352432297d41143 + #x5f3e5fc2df80615f #x061e063014121806 + #x6bda6b7f670cb16b #x75bc758f2356c975 + #x6cc16c477519ad6c #x592059f2cb927959 + #x71a871af3b4ad971 #xdf84dfb6f8275bdf + #x87a1874c35b22687 #x95fb95dc59cc6e95 + #x174b17b872655c17 #xf017f0d31aeae7f0 + #xd89fd88eea3247d8 #x092d0948363f2409 + #x6dc46d4f731ea96d #xf318f3cb10e3ebf3 + #x1d691de84e53741d #xcbc0cb16804b0bcb + #xc9cac9068c4503c9 #x4d644d52b3fe294d + #x2c9c2c7de8c4b02c #xaf29af11c56a86af + #x798079ef0b72f979 #xe047e0537a9aa7e0 + #x97f197cc55c26697 #xfd2efdbb34c9d3fd + #x6fce6f5f7f10a16f #x4b7a4b62a7ec314b + #x454c451283c60945 #x39dd39d596afe439 + #x3ec63eed84baf83e #xdd8edda6f42953dd + #xa315a371ed4eb6a3 #x4f6e4f42bff0214f + #xb45eb4c99f2beab4 #xb654b6d99325e2b6 + #x9ac89aa47be1529a #x0e360e70242a380e + #x1f631ff8425d7c1f #xbf79bf91a51ac6bf + #x154115a87e6b5415 #xe142e15b7c9da3e1 + #x49704972abe23949 #xd2bdd2ded6046fd2 + #x93e593ec4dde7693 #xc6f9c67eae683fc6 + #x92e092e44bd97292 #x72a772b73143d572 + #x9edc9e8463fd429e #x61f8612f5b3a9961 + #xd1b2d1c6dc0d63d1 #x63f2633f57349163 + #xfa35fa8326dccffa #xee71ee235eb09fee + #xf403f4f302f6f7f4 #x197d19c8564f6419 + #xd5a6d5e6c41173d5 #xad23ad01c9648ead + #x582558facd957d58 #xa40ea449ff5baaa4 + #xbb6dbbb1bd06d6bb #xa11fa161e140bea1 + #xdc8bdcaef22e57dc #xf21df2c316e4eff2 + #x83b5836c2dae3683 #x37eb37a5b285dc37 + #x4257422a91d31542 #xe453e4736286b7e4 + #x7a8f7af7017bf57a #x32fa328dac9ec832 + #x9cd69c946ff34a9c #xccdbcc2e925e17cc + #xab3dab31dd7696ab #x4a7f4a6aa1eb354a + #x8f898f0c058a068f #x6ecb6e577917a56e + #x04140420181c1004 #x27bb2725d2f59c27 + #x2e962e6de4cab82e #xe75ce76b688fbbe7 + #xe24de2437694afe2 #x5a2f5aeac19b755a + #x96f496c453c56296 #x164e16b074625816 + #x23af2305cae98c23 #x2b872b45fad1ac2b + #xc2edc25eb6742fc2 #x65ec650f43268965 + #x66e36617492f8566 #x0f330f78222d3c0f + #xbc76bc89af13cabc #xa937a921d1789ea9 + #x474647028fc80147 #x415841329bda1941 + #x34e434bdb88cd034 #x4875487aade53d48 + #xfc2bfcb332ced7fc #xb751b7d19522e6b7 + #x6adf6a77610bb56a #x88928834179f1a88 + #xa50ba541f95caea5 #x530253a2f7a45153 + #x86a4864433b52286 #xf93af99b2cd5c3f9 + #x5b2a5be2c79c715b #xdb90db96e03b4bdb + #x38d838dd90a8e038 #x7b8a7bff077cf17b + #xc3e8c356b0732bc3 #x1e661ef0445a781e + #x22aa220dccee8822 #x33ff3385aa99cc33 + #x24b4243dd8fc9024 #x2888285df0d8a028 + #x36ee36adb482d836 #xc7fcc776a86f3bc7 + #xb240b2f98b39f2b2 #x3bd73bc59aa1ec3b + #x8e8c8e04038d028e #x77b6779f2f58c177 + #xba68bab9bb01d2ba #xf506f5fb04f1f3f5 + #x144414a0786c5014 #x9fd99f8c65fa469f + #x0828084030382008 #x551c5592e3b64955 + #x9bcd9bac7de6569b #x4c614c5ab5f92d4c + #xfe21fea33ec0dffe #x60fd60275d3d9d60 + #x5c315cdad5896d5c #xda95da9ee63c4fda + #x187818c050486018 #x4643460a89cf0546 + #xcddecd26945913cd #x7d947dcf136ee97d + #x21a52115c6e78421 #xb04ab0e98737fab0 + #x3fc33fe582bdfc3f #x1b771bd85a416c1b + #x8997893c11981e89 #xff24ffab38c7dbff + #xeb60eb0b40ab8beb #x84ae84543fbb2a84 + #x69d0696f6b02b969 #x3ad23acd9ca6e83a + #x9dd39d9c69f44e9d #xd7acd7f6c81f7bd7 + #xd3b8d3d6d0036bd3 #x70ad70a73d4ddd70 + #x67e6671f4f288167 #x405d403a9ddd1d40 + #xb55bb5c1992ceeb5 #xde81debefe205fde + #x5d345dd2d38e695d #x30f0309da090c030 + #x91ef91fc41d07e91 #xb14fb1e18130feb1 + #x788578e70d75fd78 #x1155118866774411 + #x0105010806070401 #xe556e57b6481b3e5 + #x0000000000000000 #x68d568676d05bd68 + #x98c298b477ef5a98 #xa01aa069e747baa0 + #xc5f6c566a46133c5 #x020a02100c0e0802 + #xa604a659f355a2a6 #x74b974872551cd74 + #x2d992d75eec3b42d #x0b270b583a312c0b + #xa210a279eb49b2a2 #x76b37697295fc576 + #xb345b3f18d3ef6b3 #xbe7cbe99a31dc2be + #xced1ce3e9e501fce #xbd73bd81a914cebd + #xae2cae19c36d82ae #xe96ae91b4ca583e9 + #x8a988a241b91128a #x31f53195a697c431 + #x1c6c1ce04854701c #xec7bec3352be97ec + #xf112f1db1cede3f1 #x99c799bc71e85e99 + #x94fe94d45fcb6a94 #xaa38aa39db7192aa + #xf609f6e30ef8fff6 #x26be262dd4f29826 + #x2f932f65e2cdbc2f #xef74ef2b58b79bef + #xe86fe8134aa287e8 #x8c868c140f830a8c + #x35e135b5be8bd435 #x030f03180a090c03 + #xd4a3d4eec21677d4 #x7f9e7fdf1f60e17f + #xfb30fb8b20dbcbfb #x051105281e1b1405 + #xc1e2c146bc7d23c1 #x5e3b5ecad987655e + #x90ea90f447d77a90 #x20a0201dc0e08020 + #x3dc93df58eb3f43d #x82b082642ba93282 + #xf70cf7eb08fffbf7 #xea65ea0346ac8fea + #x0a220a503c36280a #x0d390d682e23340d + #x7e9b7ed71967e57e #xf83ff8932ad2c7f8 + #x500d50bafdad5d50 #x1a721ad05c46681a + #xc4f3c46ea26637c4 #x071b073812151c07 + #x57165782efb84157 #xb862b8a9b70fdab8 + #x3ccc3cfd88b4f03c #x62f7623751339562 + #xe348e34b7093abe3 #xc8cfc80e8a4207c8 + #xac26ac09cf638aac #x520752aaf1a35552 + #x64e9640745218d64 #x1050108060704010 + #xd0b7d0ceda0a67d0 #xd99ad986ec3543d9 + #x135f13986a794c13 #x0c3c0c602824300c + #x125a12906c7e4812 #x298d2955f6dfa429 + #x510851b2fbaa5951 #xb967b9a1b108deb9 + #xcfd4cf3698571bcf #xd6a9d6fece187fd6 + #x73a273bf3744d173 #x8d838d1c09840e8d + #x81bf817c21a03e81 #x5419549ae5b14d54 + #xc0e7c04eba7a27c0 #xed7eed3b54b993ed + #x4e6b4e4ab9f7254e #x4449441a85c10d44 + #xa701a751f552a6a7 #x2a822a4dfcd6a82a + #x85ab855c39bc2e85 #x25b12535defb9425 + #xe659e6636e88bfe6 #xcac5ca1e864c0fca + #x7c917cc71569ed7c #x8b9d8b2c1d96168b + #x5613568ae9bf4556 #x80ba807427a73a80) + (#xd1ce3e9e501fcece #x6dbbb1bd06d6bbbb + #x60eb0b40ab8bebeb #xe092e44bd9729292 + #x65ea0346ac8feaea #xc0cb16804b0bcbcb + #x5f13986a794c1313 #xe2c146bc7d23c1c1 + #x6ae91b4ca583e9e9 #xd23acd9ca6e83a3a + #xa9d6fece187fd6d6 #x40b2f98b39f2b2b2 + #xbdd2ded6046fd2d2 #xea90f447d77a9090 + #x4b17b872655c1717 #x3ff8932ad2c7f8f8 + #x57422a91d3154242 #x4115a87e6b541515 + #x13568ae9bf455656 #x5eb4c99f2beab4b4 + #xec650f4326896565 #x6c1ce04854701c1c + #x928834179f1a8888 #x52432297d4114343 + #xf6c566a46133c5c5 #x315cdad5896d5c5c + #xee36adb482d83636 #x68bab9bb01d2baba + #x06f5fb04f1f3f5f5 #x165782efb8415757 + #xe6671f4f28816767 #x838d1c09840e8d8d + #xf53195a697c43131 #x09f6e30ef8fff6f6 + #xe9640745218d6464 #x2558facd957d5858 + #xdc9e8463fd429e9e #x03f4f302f6f7f4f4 + #xaa220dccee882222 #x38aa39db7192aaaa + #xbc758f2356c97575 #x330f78222d3c0f0f + #x0a02100c0e080202 #x4fb1e18130feb1b1 + #x84dfb6f8275bdfdf #xc46d4f731ea96d6d + #xa273bf3744d17373 #x644d52b3fe294d4d + #x917cc71569ed7c7c #xbe262dd4f2982626 + #x962e6de4cab82e2e #x0cf7eb08fffbf7f7 + #x2808403038200808 #x345dd2d38e695d5d + #x49441a85c10d4444 #xc63eed84baf83e3e + #xd99f8c65fa469f9f #x4414a0786c501414 + #xcfc80e8a4207c8c8 #x2cae19c36d82aeae + #x19549ae5b14d5454 #x5010806070401010 + #x9fd88eea3247d8d8 #x76bc89af13cabcbc + #x721ad05c46681a1a #xda6b7f670cb16b6b + #xd0696f6b02b96969 #x18f3cb10e3ebf3f3 + #x73bd81a914cebdbd #xff3385aa99cc3333 + #x3dab31dd7696abab #x35fa8326dccffafa + #xb2d1c6dc0d63d1d1 #xcd9bac7de6569b9b + #xd568676d05bd6868 #x6b4e4ab9f7254e4e + #x4e16b07462581616 #xfb95dc59cc6e9595 + #xef91fc41d07e9191 #x71ee235eb09feeee + #x614c5ab5f92d4c4c #xf2633f5734916363 + #x8c8e04038d028e8e #x2a5be2c79c715b5b + #xdbcc2e925e17cccc #xcc3cfd88b4f03c3c + #x7d19c8564f641919 #x1fa161e140bea1a1 + #xbf817c21a03e8181 #x704972abe2394949 + #x8a7bff077cf17b7b #x9ad986ec3543d9d9 + #xce6f5f7f10a16f6f #xeb37a5b285dc3737 + #xfd60275d3d9d6060 #xc5ca1e864c0fcaca + #x5ce76b688fbbe7e7 #x872b45fad1ac2b2b + #x75487aade53d4848 #x2efdbb34c9d3fdfd + #xf496c453c5629696 #x4c451283c6094545 + #x2bfcb332ced7fcfc #x5841329bda194141 + #x5a12906c7e481212 #x390d682e23340d0d + #x8079ef0b72f97979 #x56e57b6481b3e5e5 + #x97893c11981e8989 #x868c140f830a8c8c + #x48e34b7093abe3e3 #xa0201dc0e0802020 + #xf0309da090c03030 #x8bdcaef22e57dcdc + #x51b7d19522e6b7b7 #xc16c477519ad6c6c + #x7f4a6aa1eb354a4a #x5bb5c1992ceeb5b5 + #xc33fe582bdfc3f3f #xf197cc55c2669797 + #xa3d4eec21677d4d4 #xf762375133956262 + #x992d75eec3b42d2d #x1e06301412180606 + #x0ea449ff5baaa4a4 #x0ba541f95caea5a5 + #xb5836c2dae368383 #x3e5fc2df80615f5f + #x822a4dfcd6a82a2a #x95da9ee63c4fdada + #xcac9068c4503c9c9 #x0000000000000000 + #x9b7ed71967e57e7e #x10a279eb49b2a2a2 + #x1c5592e3b6495555 #x79bf91a51ac6bfbf + #x5511886677441111 #xa6d5e6c41173d5d5 + #xd69c946ff34a9c9c #xd4cf3698571bcfcf + #x360e70242a380e0e #x220a503c36280a0a + #xc93df58eb3f43d3d #x0851b2fbaa595151 + #x947dcf136ee97d7d #xe593ec4dde769393 + #x771bd85a416c1b1b #x21fea33ec0dffefe + #xf3c46ea26637c4c4 #x4647028fc8014747 + #x2d0948363f240909 #xa4864433b5228686 + #x270b583a312c0b0b #x898f0c058a068f8f + #xd39d9c69f44e9d9d #xdf6a77610bb56a6a + #x1b073812151c0707 #x67b9a1b108deb9b9 + #x4ab0e98737fab0b0 #xc298b477ef5a9898 + #x7818c05048601818 #xfa328dac9ec83232 + #xa871af3b4ad97171 #x7a4b62a7ec314b4b + #x74ef2b58b79befef #xd73bc59aa1ec3b3b + #xad70a73d4ddd7070 #x1aa069e747baa0a0 + #x53e4736286b7e4e4 #x5d403a9ddd1d4040 + #x24ffab38c7dbffff #xe8c356b0732bc3c3 + #x37a921d1789ea9a9 #x59e6636e88bfe6e6 + #x8578e70d75fd7878 #x3af99b2cd5c3f9f9 + #x9d8b2c1d96168b8b #x43460a89cf054646 + #xba807427a73a8080 #x661ef0445a781e1e + #xd838dd90a8e03838 #x42e15b7c9da3e1e1 + #x62b8a9b70fdab8b8 #x32a829d77f9aa8a8 + #x47e0537a9aa7e0e0 #x3c0c602824300c0c + #xaf2305cae98c2323 #xb37697295fc57676 + #x691de84e53741d1d #xb12535defb942525 + #xb4243dd8fc902424 #x1105281e1b140505 + #x12f1db1cede3f1f1 #xcb6e577917a56e6e + #xfe94d45fcb6a9494 #x88285df0d8a02828 + #xc89aa47be1529a9a #xae84543fbb2a8484 + #x6fe8134aa287e8e8 #x15a371ed4eb6a3a3 + #x6e4f42bff0214f4f #xb6779f2f58c17777 + #xb8d3d6d0036bd3d3 #xab855c39bc2e8585 + #x4de2437694afe2e2 #x0752aaf1a3555252 + #x1df2c316e4eff2f2 #xb082642ba9328282 + #x0d50bafdad5d5050 #x8f7af7017bf57a7a + #x932f65e2cdbc2f2f #xb974872551cd7474 + #x0253a2f7a4515353 #x45b3f18d3ef6b3b3 + #xf8612f5b3a996161 #x29af11c56a86afaf + #xdd39d596afe43939 #xe135b5be8bd43535 + #x81debefe205fdede #xdecd26945913cdcd + #x631ff8425d7c1f1f #xc799bc71e85e9999 + #x26ac09cf638aacac #x23ad01c9648eadad + #xa772b73143d57272 #x9c2c7de8c4b02c2c + #x8edda6f42953dddd #xb7d0ceda0a67d0d0 + #xa1874c35b2268787 #x7cbe99a31dc2bebe + #x3b5ecad987655e5e #x04a659f355a2a6a6 + #x7bec3352be97ecec #x140420181c100404 + #xf9c67eae683fc6c6 #x0f03180a090c0303 + #xe434bdb88cd03434 #x30fb8b20dbcbfbfb + #x90db96e03b4bdbdb #x2059f2cb92795959 + #x54b6d99325e2b6b6 #xedc25eb6742fc2c2 + #x0501080607040101 #x17f0d31aeae7f0f0 + #x2f5aeac19b755a5a #x7eed3b54b993eded + #x01a751f552a6a7a7 #xe36617492f856666 + #xa52115c6e7842121 #x9e7fdf1f60e17f7f + #x988a241b91128a8a #xbb2725d2f59c2727 + #xfcc776a86f3bc7c7 #xe7c04eba7a27c0c0 + #x8d2955f6dfa42929 #xacd7f6c81f7bd7d7) + (#x93ec4dde769393e5 #xd986ec3543d9d99a + #x9aa47be1529a9ac8 #xb5c1992ceeb5b55b + #x98b477ef5a9898c2 #x220dccee882222aa + #x451283c60945454c #xfcb332ced7fcfc2b + #xbab9bb01d2baba68 #x6a77610bb56a6adf + #xdfb6f8275bdfdf84 #x02100c0e0802020a + #x9f8c65fa469f9fd9 #xdcaef22e57dcdc8b + #x51b2fbaa59515108 #x59f2cb9279595920 + #x4a6aa1eb354a4a7f #x17b872655c17174b + #x2b45fad1ac2b2b87 #xc25eb6742fc2c2ed + #x94d45fcb6a9494fe #xf4f302f6f7f4f403 + #xbbb1bd06d6bbbb6d #xa371ed4eb6a3a315 + #x62375133956262f7 #xe4736286b7e4e453 + #x71af3b4ad97171a8 #xd4eec21677d4d4a3 + #xcd26945913cdcdde #x70a73d4ddd7070ad + #x16b074625816164e #xe15b7c9da3e1e142 + #x4972abe239494970 #x3cfd88b4f03c3ccc + #xc04eba7a27c0c0e7 #xd88eea3247d8d89f + #x5cdad5896d5c5c31 #x9bac7de6569b9bcd + #xad01c9648eadad23 #x855c39bc2e8585ab + #x53a2f7a451535302 #xa161e140bea1a11f + #x7af7017bf57a7a8f #xc80e8a4207c8c8cf + #x2d75eec3b42d2d99 #xe0537a9aa7e0e047 + #xd1c6dc0d63d1d1b2 #x72b73143d57272a7 + #xa659f355a2a6a604 #x2c7de8c4b02c2c9c + #xc46ea26637c4c4f3 #xe34b7093abe3e348 + #x7697295fc57676b3 #x78e70d75fd787885 + #xb7d19522e6b7b751 #xb4c99f2beab4b45e + #x0948363f2409092d #x3bc59aa1ec3b3bd7 + #x0e70242a380e0e36 #x41329bda19414158 + #x4c5ab5f92d4c4c61 #xdebefe205fdede81 + #xb2f98b39f2b2b240 #x90f447d77a9090ea + #x2535defb942525b1 #xa541f95caea5a50b + #xd7f6c81f7bd7d7ac #x03180a090c03030f + #x1188667744111155 #x0000000000000000 + #xc356b0732bc3c3e8 #x2e6de4cab82e2e96 + #x92e44bd9729292e0 #xef2b58b79befef74 + #x4e4ab9f7254e4e6b #x12906c7e4812125a + #x9d9c69f44e9d9dd3 #x7dcf136ee97d7d94 + #xcb16804b0bcbcbc0 #x35b5be8bd43535e1 + #x1080607040101050 #xd5e6c41173d5d5a6 + #x4f42bff0214f4f6e #x9e8463fd429e9edc + #x4d52b3fe294d4d64 #xa921d1789ea9a937 + #x5592e3b64955551c #xc67eae683fc6c6f9 + #xd0ceda0a67d0d0b7 #x7bff077cf17b7b8a + #x18c0504860181878 #x97cc55c2669797f1 + #xd3d6d0036bd3d3b8 #x36adb482d83636ee + #xe6636e88bfe6e659 #x487aade53d484875 + #x568ae9bf45565613 #x817c21a03e8181bf + #x8f0c058a068f8f89 #x779f2f58c17777b6 + #xcc2e925e17ccccdb #x9c946ff34a9c9cd6 + #xb9a1b108deb9b967 #xe2437694afe2e24d + #xac09cf638aacac26 #xb8a9b70fdab8b862 + #x2f65e2cdbc2f2f93 #x15a87e6b54151541 + #xa449ff5baaa4a40e #x7cc71569ed7c7c91 + #xda9ee63c4fdada95 #x38dd90a8e03838d8 + #x1ef0445a781e1e66 #x0b583a312c0b0b27 + #x05281e1b14050511 #xd6fece187fd6d6a9 + #x14a0786c50141444 #x6e577917a56e6ecb + #x6c477519ad6c6cc1 #x7ed71967e57e7e9b + #x6617492f856666e3 #xfdbb34c9d3fdfd2e + #xb1e18130feb1b14f #xe57b6481b3e5e556 + #x60275d3d9d6060fd #xaf11c56a86afaf29 + #x5ecad987655e5e3b #x3385aa99cc3333ff + #x874c35b2268787a1 #xc9068c4503c9c9ca + #xf0d31aeae7f0f017 #x5dd2d38e695d5d34 + #x6d4f731ea96d6dc4 #x3fe582bdfc3f3fc3 + #x8834179f1a888892 #x8d1c09840e8d8d83 + #xc776a86f3bc7c7fc #xf7eb08fffbf7f70c + #x1de84e53741d1d69 #xe91b4ca583e9e96a + #xec3352be97ecec7b #xed3b54b993eded7e + #x807427a73a8080ba #x2955f6dfa429298d + #x2725d2f59c2727bb #xcf3698571bcfcfd4 + #x99bc71e85e9999c7 #xa829d77f9aa8a832 + #x50bafdad5d50500d #x0f78222d3c0f0f33 + #x37a5b285dc3737eb #x243dd8fc902424b4 + #x285df0d8a0282888 #x309da090c03030f0 + #x95dc59cc6e9595fb #xd2ded6046fd2d2bd + #x3eed84baf83e3ec6 #x5be2c79c715b5b2a + #x403a9ddd1d40405d #x836c2dae368383b5 + #xb3f18d3ef6b3b345 #x696f6b02b96969d0 + #x5782efb841575716 #x1ff8425d7c1f1f63 + #x073812151c07071b #x1ce04854701c1c6c + #x8a241b91128a8a98 #xbc89af13cabcbc76 + #x201dc0e0802020a0 #xeb0b40ab8bebeb60 + #xce3e9e501fceced1 #x8e04038d028e8e8c + #xab31dd7696abab3d #xee235eb09feeee71 + #x3195a697c43131f5 #xa279eb49b2a2a210 + #x73bf3744d17373a2 #xf99b2cd5c3f9f93a + #xca1e864c0fcacac5 #x3acd9ca6e83a3ad2 + #x1ad05c46681a1a72 #xfb8b20dbcbfbfb30 + #x0d682e23340d0d39 #xc146bc7d23c1c1e2 + #xfea33ec0dffefe21 #xfa8326dccffafa35 + #xf2c316e4eff2f21d #x6f5f7f10a16f6fce + #xbd81a914cebdbd73 #x96c453c5629696f4 + #xdda6f42953dddd8e #x432297d411434352 + #x52aaf1a355525207 #xb6d99325e2b6b654 + #x0840303820080828 #xf3cb10e3ebf3f318 + #xae19c36d82aeae2c #xbe99a31dc2bebe7c + #x19c8564f6419197d #x893c11981e898997 + #x328dac9ec83232fa #x262dd4f2982626be + #xb0e98737fab0b04a #xea0346ac8feaea65 + #x4b62a7ec314b4b7a #x640745218d6464e9 + #x84543fbb2a8484ae #x82642ba9328282b0 + #x6b7f670cb16b6bda #xf5fb04f1f3f5f506 + #x79ef0b72f9797980 #xbf91a51ac6bfbf79 + #x0108060704010105 #x5fc2df80615f5f3e + #x758f2356c97575bc #x633f5734916363f2 + #x1bd85a416c1b1b77 #x2305cae98c2323af + #x3df58eb3f43d3dc9 #x68676d05bd6868d5 + #x2a4dfcd6a82a2a82 #x650f4326896565ec + #xe8134aa287e8e86f #x91fc41d07e9191ef + #xf6e30ef8fff6f609 #xffab38c7dbffff24 + #x13986a794c13135f #x58facd957d585825 + #xf1db1cede3f1f112 #x47028fc801474746 + #x0a503c36280a0a22 #x7fdf1f60e17f7f9e + #xc566a46133c5c5f6 #xa751f552a6a7a701 + #xe76b688fbbe7e75c #x612f5b3a996161f8 + #x5aeac19b755a5a2f #x063014121806061e + #x460a89cf05464643 #x441a85c10d444449 + #x422a91d315424257 #x0420181c10040414 + #xa069e747baa0a01a #xdb96e03b4bdbdb90 + #x39d596afe43939dd #x864433b5228686a4 + #x549ae5b14d545419 #xaa39db7192aaaa38 + #x8c140f830a8c8c86 #x34bdb88cd03434e4 + #x2115c6e7842121a5 #x8b2c1d96168b8b9d + #xf8932ad2c7f8f83f #x0c602824300c0c3c + #x74872551cd7474b9 #x671f4f28816767e6) + (#x676d05bd6868d568 #x1c09840e8d8d838d + #x1e864c0fcacac5ca #x52b3fe294d4d644d + #xbf3744d17373a273 #x62a7ec314b4b7a4b + #x4ab9f7254e4e6b4e #x4dfcd6a82a2a822a + #xeec21677d4d4a3d4 #xaaf1a35552520752 + #x2dd4f2982626be26 #xf18d3ef6b3b345b3 + #x9ae5b14d54541954 #xf0445a781e1e661e + #xc8564f6419197d19 #xf8425d7c1f1f631f + #x0dccee882222aa22 #x180a090c03030f03 + #x0a89cf0546464346 #xf58eb3f43d3dc93d + #x75eec3b42d2d992d #x6aa1eb354a4a7f4a + #xa2f7a45153530253 #x6c2dae368383b583 + #x986a794c13135f13 #x241b91128a8a988a + #xd19522e6b7b751b7 #xe6c41173d5d5a6d5 + #x35defb942525b125 #xef0b72f979798079 + #xfb04f1f3f5f506f5 #x81a914cebdbd73bd + #xfacd957d58582558 #x65e2cdbc2f2f932f + #x682e23340d0d390d #x100c0e0802020a02 + #x3b54b993eded7eed #xb2fbaa5951510851 + #x8463fd429e9edc9e #x8866774411115511 + #xc316e4eff2f21df2 #xed84baf83e3ec63e + #x92e3b64955551c55 #xcad987655e5e3b5e + #xc6dc0d63d1d1b2d1 #xb074625816164e16 + #xfd88b4f03c3ccc3c #x17492f856666e366 + #xa73d4ddd7070ad70 #xd2d38e695d5d345d + #xcb10e3ebf3f318f3 #x1283c60945454c45 + #x3a9ddd1d40405d40 #x2e925e17ccccdbcc + #x134aa287e8e86fe8 #xd45fcb6a9494fe94 + #x8ae9bf4556561356 #x4030382008082808 + #x3e9e501fceced1ce #xd05c46681a1a721a + #xcd9ca6e83a3ad23a #xded6046fd2d2bdd2 + #x5b7c9da3e1e142e1 #xb6f8275bdfdf84df + #xc1992ceeb5b55bb5 #xdd90a8e03838d838 + #x577917a56e6ecb6e #x70242a380e0e360e + #x7b6481b3e5e556e5 #xf302f6f7f4f403f4 + #x9b2cd5c3f9f93af9 #x4433b5228686a486 + #x1b4ca583e9e96ae9 #x42bff0214f4f6e4f + #xfece187fd6d6a9d6 #x5c39bc2e8585ab85 + #x05cae98c2323af23 #x3698571bcfcfd4cf + #x8dac9ec83232fa32 #xbc71e85e9999c799 + #x95a697c43131f531 #xa0786c5014144414 + #x19c36d82aeae2cae #x235eb09feeee71ee + #x0e8a4207c8c8cfc8 #x7aade53d48487548 + #xd6d0036bd3d3b8d3 #x9da090c03030f030 + #x61e140bea1a11fa1 #xe44bd9729292e092 + #x329bda1941415841 #xe18130feb1b14fb1 + #xc050486018187818 #x6ea26637c4c4f3c4 + #x7de8c4b02c2c9c2c #xaf3b4ad97171a871 + #xb73143d57272a772 #x1a85c10d44444944 + #xa87e6b5415154115 #xbb34c9d3fdfd2efd + #xa5b285dc3737eb37 #x99a31dc2bebe7cbe + #xc2df80615f5f3e5f #x39db7192aaaa38aa + #xac7de6569b9bcd9b #x34179f1a88889288 + #x8eea3247d8d89fd8 #x31dd7696abab3dab + #x3c11981e89899789 #x946ff34a9c9cd69c + #x8326dccffafa35fa #x275d3d9d6060fd60 + #x0346ac8feaea65ea #x89af13cabcbc76bc + #x375133956262f762 #x602824300c0c3c0c + #x3dd8fc902424b424 #x59f355a2a6a604a6 + #x29d77f9aa8a832a8 #x3352be97ecec7bec + #x1f4f28816767e667 #x1dc0e0802020a020 + #x96e03b4bdbdb90db #xc71569ed7c7c917c + #x5df0d8a028288828 #xa6f42953dddd8edd + #x09cf638aacac26ac #xe2c79c715b5b2a5b + #xbdb88cd03434e434 #xd71967e57e7e9b7e + #x8060704010105010 #xdb1cede3f1f112f1 + #xff077cf17b7b8a7b #x0c058a068f8f898f + #x3f5734916363f263 #x69e747baa0a01aa0 + #x281e1b1405051105 #xa47be1529a9ac89a + #x2297d41143435243 #x9f2f58c17777b677 + #x15c6e7842121a521 #x91a51ac6bfbf79bf + #x25d2f59c2727bb27 #x48363f2409092d09 + #x56b0732bc3c3e8c3 #x8c65fa469f9fd99f + #xd99325e2b6b654b6 #xf6c81f7bd7d7acd7 + #x55f6dfa429298d29 #x5eb6742fc2c2edc2 + #x0b40ab8bebeb60eb #x4eba7a27c0c0e7c0 + #x49ff5baaa4a40ea4 #x2c1d96168b8b9d8b + #x140f830a8c8c868c #xe84e53741d1d691d + #x8b20dbcbfbfb30fb #xab38c7dbffff24ff + #x46bc7d23c1c1e2c1 #xf98b39f2b2b240b2 + #xcc55c2669797f197 #x6de4cab82e2e962e + #x932ad2c7f8f83ff8 #x0f4326896565ec65 + #xe30ef8fff6f609f6 #x8f2356c97575bc75 + #x3812151c07071b07 #x20181c1004041404 + #x72abe23949497049 #x85aa99cc3333ff33 + #x736286b7e4e453e4 #x86ec3543d9d99ad9 + #xa1b108deb9b967b9 #xceda0a67d0d0b7d0 + #x2a91d31542425742 #x76a86f3bc7c7fcc7 + #x477519ad6c6cc16c #xf447d77a9090ea90 + #x0000000000000000 #x04038d028e8e8c8e + #x5f7f10a16f6fce6f #xbafdad5d50500d50 + #x0806070401010501 #x66a46133c5c5f6c5 + #x9ee63c4fdada95da #x028fc80147474647 + #xe582bdfc3f3fc33f #x26945913cdcddecd + #x6f6b02b96969d069 #x79eb49b2a2a210a2 + #x437694afe2e24de2 #xf7017bf57a7a8f7a + #x51f552a6a7a701a7 #x7eae683fc6c6f9c6 + #xec4dde769393e593 #x78222d3c0f0f330f + #x503c36280a0a220a #x3014121806061e06 + #x636e88bfe6e659e6 #x45fad1ac2b2b872b + #xc453c5629696f496 #x71ed4eb6a3a315a3 + #xe04854701c1c6c1c #x11c56a86afaf29af + #x77610bb56a6adf6a #x906c7e4812125a12 + #x543fbb2a8484ae84 #xd596afe43939dd39 + #x6b688fbbe7e75ce7 #xe98737fab0b04ab0 + #x642ba9328282b082 #xeb08fffbf7f70cf7 + #xa33ec0dffefe21fe #x9c69f44e9d9dd39d + #x4c35b2268787a187 #xdad5896d5c5c315c + #x7c21a03e8181bf81 #xb5be8bd43535e135 + #xbefe205fdede81de #xc99f2beab4b45eb4 + #x41f95caea5a50ba5 #xb332ced7fcfc2bfc + #x7427a73a8080ba80 #x2b58b79befef74ef + #x16804b0bcbcbc0cb #xb1bd06d6bbbb6dbb + #x7f670cb16b6bda6b #x97295fc57676b376 + #xb9bb01d2baba68ba #xeac19b755a5a2f5a + #xcf136ee97d7d947d #xe70d75fd78788578 + #x583a312c0b0b270b #xdc59cc6e9595fb95 + #x4b7093abe3e348e3 #x01c9648eadad23ad + #x872551cd7474b974 #xb477ef5a9898c298 + #xc59aa1ec3b3bd73b #xadb482d83636ee36 + #x0745218d6464e964 #x4f731ea96d6dc46d + #xaef22e57dcdc8bdc #xd31aeae7f0f017f0 + #xf2cb927959592059 #x21d1789ea9a937a9 + #x5ab5f92d4c4c614c #xb872655c17174b17 + #xdf1f60e17f7f9e7f #xfc41d07e9191ef91 + #xa9b70fdab8b862b8 #x068c4503c9c9cac9 + #x82efb84157571657 #xd85a416c1b1b771b + #x537a9aa7e0e047e0 #x2f5b3a996161f861) + (#xd77f9aa8a832a829 #x97d4114343524322 + #xdf80615f5f3e5fc2 #x14121806061e0630 + #x670cb16b6bda6b7f #x2356c97575bc758f + #x7519ad6c6cc16c47 #xcb927959592059f2 + #x3b4ad97171a871af #xf8275bdfdf84dfb6 + #x35b2268787a1874c #x59cc6e9595fb95dc + #x72655c17174b17b8 #x1aeae7f0f017f0d3 + #xea3247d8d89fd88e #x363f2409092d0948 + #x731ea96d6dc46d4f #x10e3ebf3f318f3cb + #x4e53741d1d691de8 #x804b0bcbcbc0cb16 + #x8c4503c9c9cac906 #xb3fe294d4d644d52 + #xe8c4b02c2c9c2c7d #xc56a86afaf29af11 + #x0b72f979798079ef #x7a9aa7e0e047e053 + #x55c2669797f197cc #x34c9d3fdfd2efdbb + #x7f10a16f6fce6f5f #xa7ec314b4b7a4b62 + #x83c60945454c4512 #x96afe43939dd39d5 + #x84baf83e3ec63eed #xf42953dddd8edda6 + #xed4eb6a3a315a371 #xbff0214f4f6e4f42 + #x9f2beab4b45eb4c9 #x9325e2b6b654b6d9 + #x7be1529a9ac89aa4 #x242a380e0e360e70 + #x425d7c1f1f631ff8 #xa51ac6bfbf79bf91 + #x7e6b5415154115a8 #x7c9da3e1e142e15b + #xabe2394949704972 #xd6046fd2d2bdd2de + #x4dde769393e593ec #xae683fc6c6f9c67e + #x4bd9729292e092e4 #x3143d57272a772b7 + #x63fd429e9edc9e84 #x5b3a996161f8612f + #xdc0d63d1d1b2d1c6 #x5734916363f2633f + #x26dccffafa35fa83 #x5eb09feeee71ee23 + #x02f6f7f4f403f4f3 #x564f6419197d19c8 + #xc41173d5d5a6d5e6 #xc9648eadad23ad01 + #xcd957d58582558fa #xff5baaa4a40ea449 + #xbd06d6bbbb6dbbb1 #xe140bea1a11fa161 + #xf22e57dcdc8bdcae #x16e4eff2f21df2c3 + #x2dae368383b5836c #xb285dc3737eb37a5 + #x91d315424257422a #x6286b7e4e453e473 + #x017bf57a7a8f7af7 #xac9ec83232fa328d + #x6ff34a9c9cd69c94 #x925e17ccccdbcc2e + #xdd7696abab3dab31 #xa1eb354a4a7f4a6a + #x058a068f8f898f0c #x7917a56e6ecb6e57 + #x181c100404140420 #xd2f59c2727bb2725 + #xe4cab82e2e962e6d #x688fbbe7e75ce76b + #x7694afe2e24de243 #xc19b755a5a2f5aea + #x53c5629696f496c4 #x74625816164e16b0 + #xcae98c2323af2305 #xfad1ac2b2b872b45 + #xb6742fc2c2edc25e #x4326896565ec650f + #x492f856666e36617 #x222d3c0f0f330f78 + #xaf13cabcbc76bc89 #xd1789ea9a937a921 + #x8fc8014747464702 #x9bda194141584132 + #xb88cd03434e434bd #xade53d484875487a + #x32ced7fcfc2bfcb3 #x9522e6b7b751b7d1 + #x610bb56a6adf6a77 #x179f1a8888928834 + #xf95caea5a50ba541 #xf7a45153530253a2 + #x33b5228686a48644 #x2cd5c3f9f93af99b + #xc79c715b5b2a5be2 #xe03b4bdbdb90db96 + #x90a8e03838d838dd #x077cf17b7b8a7bff + #xb0732bc3c3e8c356 #x445a781e1e661ef0 + #xccee882222aa220d #xaa99cc3333ff3385 + #xd8fc902424b4243d #xf0d8a0282888285d + #xb482d83636ee36ad #xa86f3bc7c7fcc776 + #x8b39f2b2b240b2f9 #x9aa1ec3b3bd73bc5 + #x038d028e8e8c8e04 #x2f58c17777b6779f + #xbb01d2baba68bab9 #x04f1f3f5f506f5fb + #x786c5014144414a0 #x65fa469f9fd99f8c + #x3038200808280840 #xe3b64955551c5592 + #x7de6569b9bcd9bac #xb5f92d4c4c614c5a + #x3ec0dffefe21fea3 #x5d3d9d6060fd6027 + #xd5896d5c5c315cda #xe63c4fdada95da9e + #x50486018187818c0 #x89cf05464643460a + #x945913cdcddecd26 #x136ee97d7d947dcf + #xc6e7842121a52115 #x8737fab0b04ab0e9 + #x82bdfc3f3fc33fe5 #x5a416c1b1b771bd8 + #x11981e898997893c #x38c7dbffff24ffab + #x40ab8bebeb60eb0b #x3fbb2a8484ae8454 + #x6b02b96969d0696f #x9ca6e83a3ad23acd + #x69f44e9d9dd39d9c #xc81f7bd7d7acd7f6 + #xd0036bd3d3b8d3d6 #x3d4ddd7070ad70a7 + #x4f28816767e6671f #x9ddd1d40405d403a + #x992ceeb5b55bb5c1 #xfe205fdede81debe + #xd38e695d5d345dd2 #xa090c03030f0309d + #x41d07e9191ef91fc #x8130feb1b14fb1e1 + #x0d75fd78788578e7 #x6677441111551188 + #x0607040101050108 #x6481b3e5e556e57b + #x0000000000000000 #x6d05bd6868d56867 + #x77ef5a9898c298b4 #xe747baa0a01aa069 + #xa46133c5c5f6c566 #x0c0e0802020a0210 + #xf355a2a6a604a659 #x2551cd7474b97487 + #xeec3b42d2d992d75 #x3a312c0b0b270b58 + #xeb49b2a2a210a279 #x295fc57676b37697 + #x8d3ef6b3b345b3f1 #xa31dc2bebe7cbe99 + #x9e501fceced1ce3e #xa914cebdbd73bd81 + #xc36d82aeae2cae19 #x4ca583e9e96ae91b + #x1b91128a8a988a24 #xa697c43131f53195 + #x4854701c1c6c1ce0 #x52be97ecec7bec33 + #x1cede3f1f112f1db #x71e85e9999c799bc + #x5fcb6a9494fe94d4 #xdb7192aaaa38aa39 + #x0ef8fff6f609f6e3 #xd4f2982626be262d + #xe2cdbc2f2f932f65 #x58b79befef74ef2b + #x4aa287e8e86fe813 #x0f830a8c8c868c14 + #xbe8bd43535e135b5 #x0a090c03030f0318 + #xc21677d4d4a3d4ee #x1f60e17f7f9e7fdf + #x20dbcbfbfb30fb8b #x1e1b140505110528 + #xbc7d23c1c1e2c146 #xd987655e5e3b5eca + #x47d77a9090ea90f4 #xc0e0802020a0201d + #x8eb3f43d3dc93df5 #x2ba9328282b08264 + #x08fffbf7f70cf7eb #x46ac8feaea65ea03 + #x3c36280a0a220a50 #x2e23340d0d390d68 + #x1967e57e7e9b7ed7 #x2ad2c7f8f83ff893 + #xfdad5d50500d50ba #x5c46681a1a721ad0 + #xa26637c4c4f3c46e #x12151c07071b0738 + #xefb8415757165782 #xb70fdab8b862b8a9 + #x88b4f03c3ccc3cfd #x5133956262f76237 + #x7093abe3e348e34b #x8a4207c8c8cfc80e + #xcf638aacac26ac09 #xf1a35552520752aa + #x45218d6464e96407 #x6070401010501080 + #xda0a67d0d0b7d0ce #xec3543d9d99ad986 + #x6a794c13135f1398 #x2824300c0c3c0c60 + #x6c7e4812125a1290 #xf6dfa429298d2955 + #xfbaa5951510851b2 #xb108deb9b967b9a1 + #x98571bcfcfd4cf36 #xce187fd6d6a9d6fe + #x3744d17373a273bf #x09840e8d8d838d1c + #x21a03e8181bf817c #xe5b14d545419549a + #xba7a27c0c0e7c04e #x54b993eded7eed3b + #xb9f7254e4e6b4e4a #x85c10d444449441a + #xf552a6a7a701a751 #xfcd6a82a2a822a4d + #x39bc2e8585ab855c #xdefb942525b12535 + #x6e88bfe6e659e663 #x864c0fcacac5ca1e + #x1569ed7c7c917cc7 #x1d96168b8b9d8b2c + #xe9bf45565613568a #x27a73a8080ba8074) + (#x501fceced1ce3e9e #x06d6bbbb6dbbb1bd + #xab8bebeb60eb0b40 #xd9729292e092e44b + #xac8feaea65ea0346 #x4b0bcbcbc0cb1680 + #x794c13135f13986a #x7d23c1c1e2c146bc + #xa583e9e96ae91b4c #xa6e83a3ad23acd9c + #x187fd6d6a9d6fece #x39f2b2b240b2f98b + #x046fd2d2bdd2ded6 #xd77a9090ea90f447 + #x655c17174b17b872 #xd2c7f8f83ff8932a + #xd315424257422a91 #x6b5415154115a87e + #xbf45565613568ae9 #x2beab4b45eb4c99f + #x26896565ec650f43 #x54701c1c6c1ce048 + #x9f1a888892883417 #xd411434352432297 + #x6133c5c5f6c566a4 #x896d5c5c315cdad5 + #x82d83636ee36adb4 #x01d2baba68bab9bb + #xf1f3f5f506f5fb04 #xb8415757165782ef + #x28816767e6671f4f #x840e8d8d838d1c09 + #x97c43131f53195a6 #xf8fff6f609f6e30e + #x218d6464e9640745 #x957d58582558facd + #xfd429e9edc9e8463 #xf6f7f4f403f4f302 + #xee882222aa220dcc #x7192aaaa38aa39db + #x56c97575bc758f23 #x2d3c0f0f330f7822 + #x0e0802020a02100c #x30feb1b14fb1e181 + #x275bdfdf84dfb6f8 #x1ea96d6dc46d4f73 + #x44d17373a273bf37 #xfe294d4d644d52b3 + #x69ed7c7c917cc715 #xf2982626be262dd4 + #xcab82e2e962e6de4 #xfffbf7f70cf7eb08 + #x3820080828084030 #x8e695d5d345dd2d3 + #xc10d444449441a85 #xbaf83e3ec63eed84 + #xfa469f9fd99f8c65 #x6c5014144414a078 + #x4207c8c8cfc80e8a #x6d82aeae2cae19c3 + #xb14d545419549ae5 #x7040101050108060 + #x3247d8d89fd88eea #x13cabcbc76bc89af + #x46681a1a721ad05c #x0cb16b6bda6b7f67 + #x02b96969d0696f6b #xe3ebf3f318f3cb10 + #x14cebdbd73bd81a9 #x99cc3333ff3385aa + #x7696abab3dab31dd #xdccffafa35fa8326 + #x0d63d1d1b2d1c6dc #xe6569b9bcd9bac7d + #x05bd6868d568676d #xf7254e4e6b4e4ab9 + #x625816164e16b074 #xcc6e9595fb95dc59 + #xd07e9191ef91fc41 #xb09feeee71ee235e + #xf92d4c4c614c5ab5 #x34916363f2633f57 + #x8d028e8e8c8e0403 #x9c715b5b2a5be2c7 + #x5e17ccccdbcc2e92 #xb4f03c3ccc3cfd88 + #x4f6419197d19c856 #x40bea1a11fa161e1 + #xa03e8181bf817c21 #xe2394949704972ab + #x7cf17b7b8a7bff07 #x3543d9d99ad986ec + #x10a16f6fce6f5f7f #x85dc3737eb37a5b2 + #x3d9d6060fd60275d #x4c0fcacac5ca1e86 + #x8fbbe7e75ce76b68 #xd1ac2b2b872b45fa + #xe53d484875487aad #xc9d3fdfd2efdbb34 + #xc5629696f496c453 #xc60945454c451283 + #xced7fcfc2bfcb332 #xda1941415841329b + #x7e4812125a12906c #x23340d0d390d682e + #x72f979798079ef0b #x81b3e5e556e57b64 + #x981e898997893c11 #x830a8c8c868c140f + #x93abe3e348e34b70 #xe0802020a0201dc0 + #x90c03030f0309da0 #x2e57dcdc8bdcaef2 + #x22e6b7b751b7d195 #x19ad6c6cc16c4775 + #xeb354a4a7f4a6aa1 #x2ceeb5b55bb5c199 + #xbdfc3f3fc33fe582 #xc2669797f197cc55 + #x1677d4d4a3d4eec2 #x33956262f7623751 + #xc3b42d2d992d75ee #x121806061e063014 + #x5baaa4a40ea449ff #x5caea5a50ba541f9 + #xae368383b5836c2d #x80615f5f3e5fc2df + #xd6a82a2a822a4dfc #x3c4fdada95da9ee6 + #x4503c9c9cac9068c #x0000000000000000 + #x67e57e7e9b7ed719 #x49b2a2a210a279eb + #xb64955551c5592e3 #x1ac6bfbf79bf91a5 + #x7744111155118866 #x1173d5d5a6d5e6c4 + #xf34a9c9cd69c946f #x571bcfcfd4cf3698 + #x2a380e0e360e7024 #x36280a0a220a503c + #xb3f43d3dc93df58e #xaa5951510851b2fb + #x6ee97d7d947dcf13 #xde769393e593ec4d + #x416c1b1b771bd85a #xc0dffefe21fea33e + #x6637c4c4f3c46ea2 #xc80147474647028f + #x3f2409092d094836 #xb5228686a4864433 + #x312c0b0b270b583a #x8a068f8f898f0c05 + #xf44e9d9dd39d9c69 #x0bb56a6adf6a7761 + #x151c07071b073812 #x08deb9b967b9a1b1 + #x37fab0b04ab0e987 #xef5a9898c298b477 + #x486018187818c050 #x9ec83232fa328dac + #x4ad97171a871af3b #xec314b4b7a4b62a7 + #xb79befef74ef2b58 #xa1ec3b3bd73bc59a + #x4ddd7070ad70a73d #x47baa0a01aa069e7 + #x86b7e4e453e47362 #xdd1d40405d403a9d + #xc7dbffff24ffab38 #x732bc3c3e8c356b0 + #x789ea9a937a921d1 #x88bfe6e659e6636e + #x75fd78788578e70d #xd5c3f9f93af99b2c + #x96168b8b9d8b2c1d #xcf05464643460a89 + #xa73a8080ba807427 #x5a781e1e661ef044 + #xa8e03838d838dd90 #x9da3e1e142e15b7c + #x0fdab8b862b8a9b7 #x7f9aa8a832a829d7 + #x9aa7e0e047e0537a #x24300c0c3c0c6028 + #xe98c2323af2305ca #x5fc57676b3769729 + #x53741d1d691de84e #xfb942525b12535de + #xfc902424b4243dd8 #x1b1405051105281e + #xede3f1f112f1db1c #x17a56e6ecb6e5779 + #xcb6a9494fe94d45f #xd8a0282888285df0 + #xe1529a9ac89aa47b #xbb2a8484ae84543f + #xa287e8e86fe8134a #x4eb6a3a315a371ed + #xf0214f4f6e4f42bf #x58c17777b6779f2f + #x036bd3d3b8d3d6d0 #xbc2e8585ab855c39 + #x94afe2e24de24376 #xa35552520752aaf1 + #xe4eff2f21df2c316 #xa9328282b082642b + #xad5d50500d50bafd #x7bf57a7a8f7af701 + #xcdbc2f2f932f65e2 #x51cd7474b9748725 + #xa45153530253a2f7 #x3ef6b3b345b3f18d + #x3a996161f8612f5b #x6a86afaf29af11c5 + #xafe43939dd39d596 #x8bd43535e135b5be + #x205fdede81debefe #x5913cdcddecd2694 + #x5d7c1f1f631ff842 #xe85e9999c799bc71 + #x638aacac26ac09cf #x648eadad23ad01c9 + #x43d57272a772b731 #xc4b02c2c9c2c7de8 + #x2953dddd8edda6f4 #x0a67d0d0b7d0ceda + #xb2268787a1874c35 #x1dc2bebe7cbe99a3 + #x87655e5e3b5ecad9 #x55a2a6a604a659f3 + #xbe97ecec7bec3352 #x1c10040414042018 + #x683fc6c6f9c67eae #x090c03030f03180a + #x8cd03434e434bdb8 #xdbcbfbfb30fb8b20 + #x3b4bdbdb90db96e0 #x927959592059f2cb + #x25e2b6b654b6d993 #x742fc2c2edc25eb6 + #x0704010105010806 #xeae7f0f017f0d31a + #x9b755a5a2f5aeac1 #xb993eded7eed3b54 + #x52a6a7a701a751f5 #x2f856666e3661749 + #xe7842121a52115c6 #x60e17f7f9e7fdf1f + #x91128a8a988a241b #xf59c2727bb2725d2 + #x6f3bc7c7fcc776a8 #x7a27c0c0e7c04eba + #xdfa429298d2955f6 #x1f7bd7d7acd7f6c8) + (#x769393e593ec4dde #x43d9d99ad986ec35 + #x529a9ac89aa47be1 #xeeb5b55bb5c1992c + #x5a9898c298b477ef #x882222aa220dccee + #x0945454c451283c6 #xd7fcfc2bfcb332ce + #xd2baba68bab9bb01 #xb56a6adf6a77610b + #x5bdfdf84dfb6f827 #x0802020a02100c0e + #x469f9fd99f8c65fa #x57dcdc8bdcaef22e + #x5951510851b2fbaa #x7959592059f2cb92 + #x354a4a7f4a6aa1eb #x5c17174b17b87265 + #xac2b2b872b45fad1 #x2fc2c2edc25eb674 + #x6a9494fe94d45fcb #xf7f4f403f4f302f6 + #xd6bbbb6dbbb1bd06 #xb6a3a315a371ed4e + #x956262f762375133 #xb7e4e453e4736286 + #xd97171a871af3b4a #x77d4d4a3d4eec216 + #x13cdcddecd269459 #xdd7070ad70a73d4d + #x5816164e16b07462 #xa3e1e142e15b7c9d + #x394949704972abe2 #xf03c3ccc3cfd88b4 + #x27c0c0e7c04eba7a #x47d8d89fd88eea32 + #x6d5c5c315cdad589 #x569b9bcd9bac7de6 + #x8eadad23ad01c964 #x2e8585ab855c39bc + #x5153530253a2f7a4 #xbea1a11fa161e140 + #xf57a7a8f7af7017b #x07c8c8cfc80e8a42 + #xb42d2d992d75eec3 #xa7e0e047e0537a9a + #x63d1d1b2d1c6dc0d #xd57272a772b73143 + #xa2a6a604a659f355 #xb02c2c9c2c7de8c4 + #x37c4c4f3c46ea266 #xabe3e348e34b7093 + #xc57676b37697295f #xfd78788578e70d75 + #xe6b7b751b7d19522 #xeab4b45eb4c99f2b + #x2409092d0948363f #xec3b3bd73bc59aa1 + #x380e0e360e70242a #x1941415841329bda + #x2d4c4c614c5ab5f9 #x5fdede81debefe20 + #xf2b2b240b2f98b39 #x7a9090ea90f447d7 + #x942525b12535defb #xaea5a50ba541f95c + #x7bd7d7acd7f6c81f #x0c03030f03180a09 + #x4411115511886677 #x0000000000000000 + #x2bc3c3e8c356b073 #xb82e2e962e6de4ca + #x729292e092e44bd9 #x9befef74ef2b58b7 + #x254e4e6b4e4ab9f7 #x4812125a12906c7e + #x4e9d9dd39d9c69f4 #xe97d7d947dcf136e + #x0bcbcbc0cb16804b #xd43535e135b5be8b + #x4010105010806070 #x73d5d5a6d5e6c411 + #x214f4f6e4f42bff0 #x429e9edc9e8463fd + #x294d4d644d52b3fe #x9ea9a937a921d178 + #x4955551c5592e3b6 #x3fc6c6f9c67eae68 + #x67d0d0b7d0ceda0a #xf17b7b8a7bff077c + #x6018187818c05048 #x669797f197cc55c2 + #x6bd3d3b8d3d6d003 #xd83636ee36adb482 + #xbfe6e659e6636e88 #x3d484875487aade5 + #x45565613568ae9bf #x3e8181bf817c21a0 + #x068f8f898f0c058a #xc17777b6779f2f58 + #x17ccccdbcc2e925e #x4a9c9cd69c946ff3 + #xdeb9b967b9a1b108 #xafe2e24de2437694 + #x8aacac26ac09cf63 #xdab8b862b8a9b70f + #xbc2f2f932f65e2cd #x5415154115a87e6b + #xaaa4a40ea449ff5b #xed7c7c917cc71569 + #x4fdada95da9ee63c #xe03838d838dd90a8 + #x781e1e661ef0445a #x2c0b0b270b583a31 + #x1405051105281e1b #x7fd6d6a9d6fece18 + #x5014144414a0786c #xa56e6ecb6e577917 + #xad6c6cc16c477519 #xe57e7e9b7ed71967 + #x856666e36617492f #xd3fdfd2efdbb34c9 + #xfeb1b14fb1e18130 #xb3e5e556e57b6481 + #x9d6060fd60275d3d #x86afaf29af11c56a + #x655e5e3b5ecad987 #xcc3333ff3385aa99 + #x268787a1874c35b2 #x03c9c9cac9068c45 + #xe7f0f017f0d31aea #x695d5d345dd2d38e + #xa96d6dc46d4f731e #xfc3f3fc33fe582bd + #x1a8888928834179f #x0e8d8d838d1c0984 + #x3bc7c7fcc776a86f #xfbf7f70cf7eb08ff + #x741d1d691de84e53 #x83e9e96ae91b4ca5 + #x97ecec7bec3352be #x93eded7eed3b54b9 + #x3a8080ba807427a7 #xa429298d2955f6df + #x9c2727bb2725d2f5 #x1bcfcfd4cf369857 + #x5e9999c799bc71e8 #x9aa8a832a829d77f + #x5d50500d50bafdad #x3c0f0f330f78222d + #xdc3737eb37a5b285 #x902424b4243dd8fc + #xa0282888285df0d8 #xc03030f0309da090 + #x6e9595fb95dc59cc #x6fd2d2bdd2ded604 + #xf83e3ec63eed84ba #x715b5b2a5be2c79c + #x1d40405d403a9ddd #x368383b5836c2dae + #xf6b3b345b3f18d3e #xb96969d0696f6b02 + #x415757165782efb8 #x7c1f1f631ff8425d + #x1c07071b07381215 #x701c1c6c1ce04854 + #x128a8a988a241b91 #xcabcbc76bc89af13 + #x802020a0201dc0e0 #x8bebeb60eb0b40ab + #x1fceced1ce3e9e50 #x028e8e8c8e04038d + #x96abab3dab31dd76 #x9feeee71ee235eb0 + #xc43131f53195a697 #xb2a2a210a279eb49 + #xd17373a273bf3744 #xc3f9f93af99b2cd5 + #x0fcacac5ca1e864c #xe83a3ad23acd9ca6 + #x681a1a721ad05c46 #xcbfbfb30fb8b20db + #x340d0d390d682e23 #x23c1c1e2c146bc7d + #xdffefe21fea33ec0 #xcffafa35fa8326dc + #xeff2f21df2c316e4 #xa16f6fce6f5f7f10 + #xcebdbd73bd81a914 #x629696f496c453c5 + #x53dddd8edda6f429 #x11434352432297d4 + #x5552520752aaf1a3 #xe2b6b654b6d99325 + #x2008082808403038 #xebf3f318f3cb10e3 + #x82aeae2cae19c36d #xc2bebe7cbe99a31d + #x6419197d19c8564f #x1e898997893c1198 + #xc83232fa328dac9e #x982626be262dd4f2 + #xfab0b04ab0e98737 #x8feaea65ea0346ac + #x314b4b7a4b62a7ec #x8d6464e964074521 + #x2a8484ae84543fbb #x328282b082642ba9 + #xb16b6bda6b7f670c #xf3f5f506f5fb04f1 + #xf979798079ef0b72 #xc6bfbf79bf91a51a + #x0401010501080607 #x615f5f3e5fc2df80 + #xc97575bc758f2356 #x916363f2633f5734 + #x6c1b1b771bd85a41 #x8c2323af2305cae9 + #xf43d3dc93df58eb3 #xbd6868d568676d05 + #xa82a2a822a4dfcd6 #x896565ec650f4326 + #x87e8e86fe8134aa2 #x7e9191ef91fc41d0 + #xfff6f609f6e30ef8 #xdbffff24ffab38c7 + #x4c13135f13986a79 #x7d58582558facd95 + #xe3f1f112f1db1ced #x0147474647028fc8 + #x280a0a220a503c36 #xe17f7f9e7fdf1f60 + #x33c5c5f6c566a461 #xa6a7a701a751f552 + #xbbe7e75ce76b688f #x996161f8612f5b3a + #x755a5a2f5aeac19b #x1806061e06301412 + #x05464643460a89cf #x0d444449441a85c1 + #x15424257422a91d3 #x100404140420181c + #xbaa0a01aa069e747 #x4bdbdb90db96e03b + #xe43939dd39d596af #x228686a4864433b5 + #x4d545419549ae5b1 #x92aaaa38aa39db71 + #x0a8c8c868c140f83 #xd03434e434bdb88c + #x842121a52115c6e7 #x168b8b9d8b2c1d96 + #xc7f8f83ff8932ad2 #x300c0c3c0c602824 + #xcd7474b974872551 #x816767e6671f4f28) + (#x6868d568676d05bd #x8d8d838d1c09840e + #xcacac5ca1e864c0f #x4d4d644d52b3fe29 + #x7373a273bf3744d1 #x4b4b7a4b62a7ec31 + #x4e4e6b4e4ab9f725 #x2a2a822a4dfcd6a8 + #xd4d4a3d4eec21677 #x52520752aaf1a355 + #x2626be262dd4f298 #xb3b345b3f18d3ef6 + #x545419549ae5b14d #x1e1e661ef0445a78 + #x19197d19c8564f64 #x1f1f631ff8425d7c + #x2222aa220dccee88 #x03030f03180a090c + #x464643460a89cf05 #x3d3dc93df58eb3f4 + #x2d2d992d75eec3b4 #x4a4a7f4a6aa1eb35 + #x53530253a2f7a451 #x8383b5836c2dae36 + #x13135f13986a794c #x8a8a988a241b9112 + #xb7b751b7d19522e6 #xd5d5a6d5e6c41173 + #x2525b12535defb94 #x79798079ef0b72f9 + #xf5f506f5fb04f1f3 #xbdbd73bd81a914ce + #x58582558facd957d #x2f2f932f65e2cdbc + #x0d0d390d682e2334 #x02020a02100c0e08 + #xeded7eed3b54b993 #x51510851b2fbaa59 + #x9e9edc9e8463fd42 #x1111551188667744 + #xf2f21df2c316e4ef #x3e3ec63eed84baf8 + #x55551c5592e3b649 #x5e5e3b5ecad98765 + #xd1d1b2d1c6dc0d63 #x16164e16b0746258 + #x3c3ccc3cfd88b4f0 #x6666e36617492f85 + #x7070ad70a73d4ddd #x5d5d345dd2d38e69 + #xf3f318f3cb10e3eb #x45454c451283c609 + #x40405d403a9ddd1d #xccccdbcc2e925e17 + #xe8e86fe8134aa287 #x9494fe94d45fcb6a + #x565613568ae9bf45 #x0808280840303820 + #xceced1ce3e9e501f #x1a1a721ad05c4668 + #x3a3ad23acd9ca6e8 #xd2d2bdd2ded6046f + #xe1e142e15b7c9da3 #xdfdf84dfb6f8275b + #xb5b55bb5c1992cee #x3838d838dd90a8e0 + #x6e6ecb6e577917a5 #x0e0e360e70242a38 + #xe5e556e57b6481b3 #xf4f403f4f302f6f7 + #xf9f93af99b2cd5c3 #x8686a4864433b522 + #xe9e96ae91b4ca583 #x4f4f6e4f42bff021 + #xd6d6a9d6fece187f #x8585ab855c39bc2e + #x2323af2305cae98c #xcfcfd4cf3698571b + #x3232fa328dac9ec8 #x9999c799bc71e85e + #x3131f53195a697c4 #x14144414a0786c50 + #xaeae2cae19c36d82 #xeeee71ee235eb09f + #xc8c8cfc80e8a4207 #x484875487aade53d + #xd3d3b8d3d6d0036b #x3030f0309da090c0 + #xa1a11fa161e140be #x9292e092e44bd972 + #x41415841329bda19 #xb1b14fb1e18130fe + #x18187818c0504860 #xc4c4f3c46ea26637 + #x2c2c9c2c7de8c4b0 #x7171a871af3b4ad9 + #x7272a772b73143d5 #x444449441a85c10d + #x15154115a87e6b54 #xfdfd2efdbb34c9d3 + #x3737eb37a5b285dc #xbebe7cbe99a31dc2 + #x5f5f3e5fc2df8061 #xaaaa38aa39db7192 + #x9b9bcd9bac7de656 #x8888928834179f1a + #xd8d89fd88eea3247 #xabab3dab31dd7696 + #x898997893c11981e #x9c9cd69c946ff34a + #xfafa35fa8326dccf #x6060fd60275d3d9d + #xeaea65ea0346ac8f #xbcbc76bc89af13ca + #x6262f76237513395 #x0c0c3c0c60282430 + #x2424b4243dd8fc90 #xa6a604a659f355a2 + #xa8a832a829d77f9a #xecec7bec3352be97 + #x6767e6671f4f2881 #x2020a0201dc0e080 + #xdbdb90db96e03b4b #x7c7c917cc71569ed + #x282888285df0d8a0 #xdddd8edda6f42953 + #xacac26ac09cf638a #x5b5b2a5be2c79c71 + #x3434e434bdb88cd0 #x7e7e9b7ed71967e5 + #x1010501080607040 #xf1f112f1db1cede3 + #x7b7b8a7bff077cf1 #x8f8f898f0c058a06 + #x6363f2633f573491 #xa0a01aa069e747ba + #x05051105281e1b14 #x9a9ac89aa47be152 + #x434352432297d411 #x7777b6779f2f58c1 + #x2121a52115c6e784 #xbfbf79bf91a51ac6 + #x2727bb2725d2f59c #x09092d0948363f24 + #xc3c3e8c356b0732b #x9f9fd99f8c65fa46 + #xb6b654b6d99325e2 #xd7d7acd7f6c81f7b + #x29298d2955f6dfa4 #xc2c2edc25eb6742f + #xebeb60eb0b40ab8b #xc0c0e7c04eba7a27 + #xa4a40ea449ff5baa #x8b8b9d8b2c1d9616 + #x8c8c868c140f830a #x1d1d691de84e5374 + #xfbfb30fb8b20dbcb #xffff24ffab38c7db + #xc1c1e2c146bc7d23 #xb2b240b2f98b39f2 + #x9797f197cc55c266 #x2e2e962e6de4cab8 + #xf8f83ff8932ad2c7 #x6565ec650f432689 + #xf6f609f6e30ef8ff #x7575bc758f2356c9 + #x07071b073812151c #x0404140420181c10 + #x4949704972abe239 #x3333ff3385aa99cc + #xe4e453e4736286b7 #xd9d99ad986ec3543 + #xb9b967b9a1b108de #xd0d0b7d0ceda0a67 + #x424257422a91d315 #xc7c7fcc776a86f3b + #x6c6cc16c477519ad #x9090ea90f447d77a + #x0000000000000000 #x8e8e8c8e04038d02 + #x6f6fce6f5f7f10a1 #x50500d50bafdad5d + #x0101050108060704 #xc5c5f6c566a46133 + #xdada95da9ee63c4f #x47474647028fc801 + #x3f3fc33fe582bdfc #xcdcddecd26945913 + #x6969d0696f6b02b9 #xa2a210a279eb49b2 + #xe2e24de2437694af #x7a7a8f7af7017bf5 + #xa7a701a751f552a6 #xc6c6f9c67eae683f + #x9393e593ec4dde76 #x0f0f330f78222d3c + #x0a0a220a503c3628 #x06061e0630141218 + #xe6e659e6636e88bf #x2b2b872b45fad1ac + #x9696f496c453c562 #xa3a315a371ed4eb6 + #x1c1c6c1ce0485470 #xafaf29af11c56a86 + #x6a6adf6a77610bb5 #x12125a12906c7e48 + #x8484ae84543fbb2a #x3939dd39d596afe4 + #xe7e75ce76b688fbb #xb0b04ab0e98737fa + #x8282b082642ba932 #xf7f70cf7eb08fffb + #xfefe21fea33ec0df #x9d9dd39d9c69f44e + #x8787a1874c35b226 #x5c5c315cdad5896d + #x8181bf817c21a03e #x3535e135b5be8bd4 + #xdede81debefe205f #xb4b45eb4c99f2bea + #xa5a50ba541f95cae #xfcfc2bfcb332ced7 + #x8080ba807427a73a #xefef74ef2b58b79b + #xcbcbc0cb16804b0b #xbbbb6dbbb1bd06d6 + #x6b6bda6b7f670cb1 #x7676b37697295fc5 + #xbaba68bab9bb01d2 #x5a5a2f5aeac19b75 + #x7d7d947dcf136ee9 #x78788578e70d75fd + #x0b0b270b583a312c #x9595fb95dc59cc6e + #xe3e348e34b7093ab #xadad23ad01c9648e + #x7474b974872551cd #x9898c298b477ef5a + #x3b3bd73bc59aa1ec #x3636ee36adb482d8 + #x6464e9640745218d #x6d6dc46d4f731ea9 + #xdcdc8bdcaef22e57 #xf0f017f0d31aeae7 + #x59592059f2cb9279 #xa9a937a921d1789e + #x4c4c614c5ab5f92d #x17174b17b872655c + #x7f7f9e7fdf1f60e1 #x9191ef91fc41d07e + #xb8b862b8a9b70fda #xc9c9cac9068c4503 + #x5757165782efb841 #x1b1b771bd85a416c + #xe0e047e0537a9aa7 #x6161f8612f5b3a99)))) + + (defconst +kalyna-it+ + (make-array '(8 256) + :element-type '(unsigned-byte 64) + :initial-contents '((#x7826942b9f5f8a9a #x210f43c934970c53 + #x5f028fdd9d0551b8 #x14facd82b494c83b + #x2b72ab886edd68c0 #xa6a87e5bff19d9b4 + #xa29ae571db6443ea #x039b2c911be8e5b6 + #xd9275dcb5fd32cc6 #x10c856a890e95265 + #x7d96e085b27ab85d #x31c71561a47e5e36 + #x74702455f3d83978 #xe8e048aafbad72f0 + #x9b39db4437e03460 #x75f2cbd1fa8091e1 + #x1ab5bee9caa336f6 #x8395a6b8eff34fb9 + #x64b872fd63316b1d #xe1068c7aba0ff3d5 + #xeecb1095cd60a581 #xbc1dc0b235baef42 + #xf04c355623be0929 #xb252b3d94b8d118f + #x18ac7dfcd8137bd9 #xbbb477090a2f90aa + #x8625d216c2d67d7e #x66a1b1e871812632 + #x6f4775383023a717 #x92df1f947642b545 + #xe962a72ef2f5da69 #x8bf18deca7096605 + #xc86de4e7c662d63a #xaafece25939e6a56 + #x5c99a34c86edb40e #x52d6d027f8da4ac3 + #x6b75ee12145e3d49 #x54fd8818ce179db2 + #xa3180af5d23ceb73 #xbe0403a7270aa26d + #xfe03463d5d89f7e4 #xf1cedad22ae6a1b0 + #xd143769f1729057a #xc7a07808b10d806e + #xfc1a85284f39bacb #xa4b1bd4eeda9949b + #x0bff07c55312cc0a #xef49ff11c4380d18 + #xc392e32295701a30 #x7f8f2390a0caf572 + #x62932ac255fcbc6c #xc9ef0b63cf3a7ea3 + #xf9aaf186621c880c #x818c65adfd430296 + #x325c39f0bf96bb80 #x0c56b07e6c87b3e2 + #x4bf8425f29919983 #xb5fb046274186e67 + #x462c1da54c4e82f8 #x90c6dc8164f2f86a + #xf8281e026b442095 #x6af701961d0695d0 + #x5766a489d5ff7804 #xf3d719c73856ec9f + #xad57799eac0b15be #x1b37516dc3fb9e6f + #xc009cfb38e98ff86 #x9576a82f49d7caad + #xe6af3bc1859a8c3d #x208dac4d3dcfa4ca + #x8ddad5d391c4b174 #x8e41f9428a2c54c2 + #x6cdc59a92bcb42a1 #xe53417509e72698b + #xd0c1991b1e71ade3 #x8217493ce6abe720 + #xd4f302313a0c37bd #x5e806059945df921 + #x73d993eecc4d4690 #xf5fc41f80e9b3bee + #x13537a398b01b7d3 #x53543fa3f182e25a + #x2d59f3b75810bfb1 #x35f58e4b8003c468 + #x886aa17dbce183b3 #x4c51f5e41604e66b + #x98a2f7d52c08d1d6 #xa101c9e0c08ca65c + #x4007459a7a835589 #xcc5f7fcde21f4c64 + #xa965e2b488768fe0 #x12d195bd82591f4a + #x2f4030a24aa0f29e #x56e44b0ddca7d09d + #x914433056daa50f3 #x37ec4d5e92b38947 + #xe31f4f6fa8bfbefa #x50cf1332ea6a07ec + #x6d5eb62d2293ea38 #x09e6c4d041a28125 + #x8fc316c68374fc5b #x421e868f683318a6 + #xe08463feb3575b4c #x3821d1b1e5dcdf13 + #xed503c04d6884037 #xd35ab58a05994855 + #x976f6b3a5b678782 #x6ec59abc397b0f8e + #x5929d7e2abc886c9 #xa53352cae4f13c02 + #x89e84ef9b5b92b2a #x1761e113af7c2d8d + #x28e9871975358d76 #xdc97296572f61e01 + #x67235e6c78d98eab #x3d91a51fc8f9edd4 + #x68eec2830fb6d8ff #xfbb3329370acc523 + #x062b583f36cdd771 #x15782206bdcc60a2 + #x16e30e97a6248514 #x79a47baf96072203 + #xf7e582ed1c2b76c1 #xde8eea706046532e + #xaf4eba8bbebb5891 #x08642b5448fa29bc + #x24bf376719b23e94 #x231680dc2627417c + #x0dd45ffa65df1b7b #x1d1c0952f536491e + #xff81a9b954d15f7d #x992018512550794f + #x71c050fbdefd0bbf #xc18b203787c0571f + #x253dd8e310ea960d #xeb7b643be0459746 + #x0219c31512b04d2f #xc43b5499aae565d8 + #xeaf98bbfe91d3fdf #x3a3812a4f76c923c + #x4dd31a601f5c4ef2 #xa8e70d30812e2779 + #x800e8a29f41baa0f #x1c9ee6d6fc6ee187 + #x5d1b4cc88fb51c97 #x610806534e1459da + #xf255f643310e4406 #xd2d85a0e0cc1e0cc + #x0182ef840958a899 #x7e0dcc14a9925deb + #x653a9d796a69c384 #x4e4836f104b4ab44 + #x4fcad9750dec03dd #xcddd9049eb47e4fd + #x0e4f736b7e37fecd #x4185aa1e73dbfd10 + #x725b7c6ac515ee09 #x8a736268ae51ce9c + #xc5b9bb1da3bdcd41 #x7bbdb8ba84b76f2c + #xdabc715a443bc970 #xe29da0eba1e71663 + #x935df0107f1a1ddc #x608ae9d7474cf143 + #xd571edb533549f24 #xa0832664c9d40ec5 + #xfd986aac46611252 #x4435deb05efecfd7 + #x0000000000000000 #x2cdb1c3351481728 + #x94f447ab408f6234 #x45b7313457a6674e + #xb82f5b9811c7751c #x8c583a57989c19ed + #xdd15c6e17baeb698 #x696c2d0706ee7066 + #x3f88660ada49a0fb #xf47eae7c07c39377 + #x05b074ae2d2532c7 #xb3d05c5d42d5b916 + #x39a33e35ec84778a #x0fcd9cef776f5654 + #xacd5961aa553bd27 #x5b3014f7b978cbe6 + #x347761cf895b6cf1 #xc622978cb85528f7 + #xb7e2c77766a82348 #x77eb08c4e830dcce + #xb9adb41c189fdd85 #x114ab92c99b1fafc + #x26a6f4720b0273bb #x1e8725c3eedeaca8 + #x2af0440c6785c059 #x04329b2a247d9a5e + #xd7682ea021e4d20b #x7c140f01bb2210c4 + #x96ed84be523f2f1b #xca7427f2d4d29b15 + #x47aef22145162a61 #xa72a91dff641712d + #x5ab2fb73b020637f #xcbf6c876dd8a338c + #x6311c5465ca414f5 #x07a9b7bb3f957fe8 + #xe72dd4458cc224a4 #x9d12837b012de311 + #x843c1103d0663051 #x0a7de8415a4a6493 + #xd6eac12428bc7a92 #x9c906cff08754b88 + #x7042bf7fd7a5a326 #xbd9f2f363ce247db + #xb66028f36ff08bd1 #x192e9278d14bd340 + #x9f0b406e139dae3e #x1f05ca47e7860431 + #x85befe87d93e98c8 #x439c690b616bb03f + #xba36988d03773833 #x87a73d92cb8ed5e7 + #xaecc550fb7e3f008 #xc2100ca69c28b2a9 + #x9abb34c03eb89cf9 #x49e1814a3b21d4ac + #xecd2d380dfd0e8ae #x296b689d7c6d25ef + #x3c134a9bc1a1454d #xcfc4535cf9f7a9d2 + #x557f679cc74f352b #xb479ebe67d40c6fe + #xf6676d691573de58 #x9e89afea1ac506a7 + #xd8a5b24f568b845f #x48636ece32797c35 + #xdf0c05f4691efbb7 #xe4b6f8d4972ac112 + #xfa31dd1779f46dba #xbf86ec232e520af4 + #x3e0a898ed3110862 #x7a3f573e8defc7b5 + #x27241bf6025adb22 #x58ab3866a2902e50 + #x3bbafd20fe343aa5 #x3045fae5ad26f6af + #x2ec2df2643f85a07 #x22946f582f7fe9e5 + #x366ea2da9beb21de #x4a7aaddb20c9311a + #xb1c99f485065f439 #xb04b70cc593d5ca0 + #xab7c21a19ac6c2cf #x33ded674b6ce1319 + #xce46bcd8f0af014b #xdb3e9ede4d6361e9 + #x7669e740e1687457 #x514dfcb6e332af75) + (#x1f4f6fa8bfbefae3 #xf0440c6785c0592a + #x1dc0b235baef42bc #x22978cb85528f7c6 + #xcedad22ae6a1b0f1 #x180af5d23ceb73a3 + #x946f582f7fe9e522 #xe44b0ddca7d09d56 + #x906cff08754b889c #x9f2f363ce247dbbd + #xa1b1e87181263266 #x21d1b1e5dcdf1338 + #x31dd1779f46dbafa #x4b70cc593d5ca0b0 + #xd719c73856ec9ff3 #x8725c3eedeaca81e + #x71edb533549f24d5 #x12837b012de3119d + #x3dd8e310ea960d25 #x29d7e2abc886c959 + #xb477090a2f90aabb #x45fae5ad26f6af30 + #x9ee6d6fc6ee1871c #xbefe87d93e98c885 + #xe30e97a624851416 #xd6d027f8da4ac352 + #xcc550fb7e3f008ae #x5ab58a05994855d3 + #x806059945df9215e #x82ef840958a89901 + #x4ab92c99b1fafc11 #x281e026b442095f8 + #x62a72ef2f5da69e9 #x8b203787c0571fc1 + #x4f736b7e37fecd0e #xab3866a2902e5058 + #x6ea2da9beb21de36 #xf447ab408f623494 + #x235e6c78d98eab67 #x11c5465ca414f563 + #xd31a601f5c4ef24d #xa2f7d52c08d1d698 + #x85aa1e73dbfd1041 #xdc59a92bcb42a16c + #x59f3b75810bfb12d #xe2c77766a82348b7 + #xb9bb1da3bdcd41c5 #x96e085b27ab85d7d + #x99a34c86edb40e5c #x66a489d5ff780457 + #x95a6b8eff34fb983 #x7f679cc74f352b55 + #x7de8415a4a64930a #x9b2c911be8e5b603 + #x4836f104b4ab444e #xdb1c33514817282c + #x15c6e17baeb698dd #xed84be523f2f1b96 + #xe1814a3b21d4ac49 #x503c04d6884037ed + #x4c355623be0929f0 #x3b5499aae565d8c4 + #x0a898ed31108623e #xb074ae2d2532c705 + #x028fdd9d0551b85f #xf58e4b8003c46835 + #x3352cae4f13c02a5 #x6c2d0706ee706669 + #x7c21a19ac6c2cfab #x19c31512b04d2f02 + #xa6f4720b0273bb26 #x05ca47e78604311f + #x46bcd8f0af014bce #x1e868f683318a642 + #x5c39f0bf96bb8032 #x79ebe67d40c6feb4 + #xff07c55312cc0a0b #xaef22145162a6147 + #xc1991b1e71ade3d0 #xded674b6ce131933 + #x7aaddb20c9311a4a #x4dfcb6e332af7551 + #x6de4e7c662d63ac8 #xbf376719b23e9424 + #x07459a7a83558940 #xac7dfcd8137bd918 + #xdf1f947642b54592 #x17493ce6abe72082 + #xfc41f80e9b3beef5 #xe70d30812e2779a8 + #xd993eecc4d469073 #x65e2b488768fe0a9 + #xd2d380dfd0e8aeec #xe6c4d041a2812509 + #x068c7aba0ff3d5e1 #x51f5e41604e66b4c + #x41f9428a2c54c28e #x537a398b01b7d313 + #x782206bdcc60a215 #x89afea1ac506a79e + #x8ae9d7474cf14360 #xf6c876dd8a338ccb + #x43769f1729057ad1 #x8dac4d3dcfa4ca20 + #xb7313457a6674e45 #x2018512550794f99 + #xbb34c03eb89cf99a #xbafd20fe343aa53b + #x03463d5d89f7e4fe #x42bf7fd7a5a32670 + #x3f573e8defc7b57a #xadb41c189fdd85b9 + #xcad9750dec03dd4f #x0f43c934970c5321 + #x2f5b9811c7751cb8 #xd85a0e0cc1e0ccd2 + #xe048aafbad72f0e8 #xf18deca70966058b + #xdd9049eb47e4fdcd #xa87e5bff19d9b4a6 + #x5df0107f1a1ddc93 #xd195bd82591f4a12 + #x0c05f4691efbb7df #x8463feb3575b4ce0 + #x55f643310e4406f2 #xb6f8d4972ac112e4 + #x4030a24aa0f29e2f #xfd8818ce179db254 + #x3c1103d066305184 #x682ea021e4d20bd7 + #x81a9b954d15f7dff #x275dcb5fd32cc6d9 + #xfacd82b494c83b14 #x4433056daa50f391 + #xe9871975358d7628 #xeac12428bc7a92d6 + #x1a85284f39bacbfc #xf8425f299199834b + #x676d691573de58f6 #xd05c5d42d5b916b3 + #x8eea706046532ede #xfb046274186e67b5 + #x134a9bc1a1454d3c #x57799eac0b15bead + #x241bf6025adb2227 #x72ab886edd68c02b + #x9ae571db6443eaa2 #xc050fbdefd0bbf71 + #xa5b24f568b845fd8 #xe84ef9b5b92b2a89 + #x6f6b3a5b67878297 #xc6dc8164f2f86a90 + #x7eae7c07c39377f4 #x5eb62d2293ea386d + #x8c65adfd43029681 #x2dd4458cc224a4e7 + #xfece25939e6a56aa #xcd9cef776f56540f + #xa33e35ec84778a39 #xc2df2643f85a072e + #xbc715a443bc970da #xa07808b10d806ec7 + #x36988d03773833ba #x1680dc2627417c23 + #xcb1095cd60a581ee #xbdb8ba84b76f2c7b + #x702455f3d8397874 #x35deb05efecfd744 + #x8f2390a0caf5727f #xb1bd4eeda9949ba4 + #x39db4437e034609b #xe582ed1c2b76c1f7 + #xc4535cf9f7a9d2cf #xb2fb73b020637f5a + #x583a57989c19ed8c #x25d216c2d67d7e86 + #x0806534e1459da61 #x6b689d7c6d25ef29 + #x0dcc14a9925deb7e #xc99f485065f439b1 + #xa9b7bb3f957fe807 #x2a91dff641712da7 + #x1c0952f536491e1d #x75ee12145e3d496b + #xf98bbfe91d3fdfea #x92e32295701a30c3 + #x3e9ede4d6361e9db #x76a82f49d7caad95 + #x9da0eba1e71663e2 #x09cfb38e98ff86c0 + #x9c690b616bb03f43 #xdad5d391c4b1748d + #x3812a4f76c923c3a #x5f7fcde21f4c64cc + #x6aa17dbce183b388 #xeec2830fb6d8ff68 + #x736268ae51ce9c8a #xa47baf9607220379 + #x543fa3f182e25a53 #x4eba8bbebb5891af + #x2e9278d14bd34019 #x69e740e168745776 + #x37516dc3fb9e6f1b #xb3329370acc523fb + #x3a9d796a69c38465 #x7761cf895b6cf134 + #x0000000000000000 #x88660ada49a0fb3f + #xb5bee9caa336f61a #x5b7c6ac515ee0972 + #x52b3d94b8d118fb2 #x329b2a247d9a5e04 + #x0e8a29f41baa0f80 #x642b5448fa29bc08 + #x7b643be0459746eb #xd45ffa65df1b7b0d + #xeb08c4e830dcce77 #xf2cbd1fa8091e175 + #xf302313a0c37bdd4 #x91a51fc8f9edd43d + #xef0b63cf3a7ea3c9 #xc316c68374fc5b8f + #x01c9e0c08ca65ca1 #x3417509e72698be5 + #x4775383023a7176f #x636ece32797c3548 + #x1b4cc88fb51c975d #x140f01bb2210c47c + #x7427f2d4d29b15ca #xa73d92cb8ed5e787 + #xc71561a47e5e3631 #xaaf186621c880cf9 + #x6028f36ff08bd1b6 #x97296572f61e01dc + #xc59abc397b0f8e6e #xec4d5e92b3894737 + #xb872fd63316b1d64 #xaf3bc1859a8c3de6 + #x0403a7270aa26dbe #x26942b9f5f8a9a78 + #x86ec232e520af4bf #x49ff11c4380d18ef + #xf701961d0695d06a #x56b07e6c87b3e20c + #xd5961aa553bd27ac #x61e113af7c2d8d17 + #x100ca69c28b2a9c2 #xcf1332ea6a07ec50 + #xc856a890e9526510 #x2b583f36cdd77106 + #x932ac255fcbc6c62 #x0b406e139dae3e9f + #x832664c9d40ec5a0 #x3014f7b978cbe65b + #x2c1da54c4e82f846 #x986aac46611252fd) + (#x679cc74f352b557f #x376719b23e9424bf + #xcc14a9925deb7e0d #xb07e6c87b3e20c56 + #xa17dbce183b3886a #xee12145e3d496b75 + #x406e139dae3e9f0b #x942b9f5f8a9a7826 + #xb24f568b845fd8a5 #xdf2643f85a072ec2 + #x8c7aba0ff3d5e106 #x0b63cf3a7ea3c9ef + #x12a4f76c923c3a38 #x8bbfe91d3fdfeaf9 + #x9278d14bd340192e #xca47e78604311f05 + #x07c55312cc0a0bff #xcfb38e98ff86c009 + #x991b1e71ade3d0c1 #x16c68374fc5b8fc3 + #x39f0bf96bb80325c #x3d92cb8ed5e787a7 + #xac4d3dcfa4ca208d #xfae5ad26f6af3045 + #x63feb3575b4ce084 #x28f36ff08bd1b660 + #xc6e17baeb698dd15 #x84be523f2f1b96ed + #x3c04d6884037ed50 #xce25939e6a56aafe + #xa34c86edb40e5c99 #xebe67d40c6feb479 + #x27f2d4d29b15ca74 #x6d691573de58f667 + #x329370acc523fbb3 #x2c911be8e5b6039b + #x871975358d7628e9 #x550fb7e3f008aecc + #x7e5bff19d9b4a6a8 #xf8d4972ac112e4b6 + #xd1b1e5dcdf133821 #xfcb6e332af75514d + #x1e026b442095f828 #x1f947642b54592df + #x5e6c78d98eab6723 #x17509e72698be534 + #x2ac255fcbc6c6293 #x95bd82591f4a12d1 + #x799eac0b15bead57 #xf0107f1a1ddc935d + #xd674b6ce131933de #xf5e41604e66b4c51 + #x8818ce179db254fd #x03a7270aa26dbe04 + #x1c33514817282cdb #x2f363ce247dbbd9f + #xa72ef2f5da69e962 #x93eecc4d469073d9 + #xb92c99b1fafc114a #x77090a2f90aabbb4 + #x0ca69c28b2a9c210 #xc9e0c08ca65ca101 + #x4b0ddca7d09d56e4 #x988d03773833ba36 + #x06534e1459da6108 #x3a57989c19ed8c58 + #x0952f536491e1d1c #x0af5d23ceb73a318 + #x0d30812e2779a8e7 #xd7e2abc886c95929 + #xa51fc8f9edd43d91 #x690b616bb03f439c + #x516dc3fb9e6f1b37 #xa489d5ff78045766 + #x52cae4f13c02a533 #x4cc88fb51c975d1b + #x459a7a8355894007 #x9d796a69c384653a + #x313457a6674e45b7 #x4a9bc1a1454d3c13 + #x6268ae51ce9c8a73 #xfe87d93e98c885be + #xff11c4380d18ef49 #x8deca70966058bf1 + #xdeb05efecfd74435 #xd027f8da4ac352d6 + #xf186621c880cf9aa #x43c934970c53210f + #xbee9caa336f61ab5 #x56a890e9526510c8 + #xe8415a4a64930a7d #xe32295701a30c392 + #x3e35ec84778a39a3 #x4f6fa8bfbefae31f + #x5dcb5fd32cc6d927 #x9f485065f439b1c9 + #x1095cd60a581eecb #x978cb85528f7c622 + #x7baf9607220379a4 #xd216c2d67d7e8625 + #xe4e7c662d63ac86d #xb62d2293ea386d5e + #x8a29f41baa0f800e #x5ffa65df1b7b0dd4 + #x61cf895b6cf13477 #xa6b8eff34fb98395 + #x814a3b21d4ac49e1 #xaddb20c9311a4a7a + #x74ae2d2532c705b0 #x30a24aa0f29e2f40 + #x91dff641712da72a #x9049eb47e4fdcddd + #x493ce6abe7208217 #x36f104b4ab444e48 + #xf22145162a6147ae #x5c5d42d5b916b3d0 + #xf7d52c08d1d698a2 #x7a398b01b7d31353 + #x6cff08754b889c90 #x14f7b978cbe65b30 + #xc4d041a2812509e6 #xe085b27ab85d7d96 + #xc0b235baef42bc1d #x868f683318a6421e + #xea706046532ede8e #x4ef9b5b92b2a89e8 + #xdc8164f2f86a90c6 #x2455f3d839787470 + #x5499aae565d8c43b #x59a92bcb42a16cdc + #xa9b954d15f7dff81 #xae7c07c39377f47e + #x01961d0695d06af7 #xdb4437e034609b39 + #x3bc1859a8c3de6af #xaa1e73dbfd104185 + #x7dfcd8137bd918ac #x80dc2627417c2316 + #xd9750dec03dd4fca #xc5465ca414f56311 + #x203787c0571fc18b #xd5d391c4b1748dda + #xc2830fb6d8ff68ee #xbcd8f0af014bce46 + #xa0eba1e71663e29d #xfb73b020637f5ab2 + #x7c6ac515ee09725b #x0000000000000000 + #xc876dd8a338ccbf6 #x9cef776f56540fcd + #x47ab408f623494f4 #xcbd1fa8091e175f2 + #x9abc397b0f8e6ec5 #xb58a05994855d35a + #x4d5e92b3894737ec #x961aa553bd27acd5 + #xc31512b04d2f0219 #xe6d6fc6ee1871c9e + #xe2b488768fe0a965 #xb3d94b8d118fb252 + #x440c6785c0592af0 #x25c3eedeaca81e87 + #x583f36cdd771062b #x2d0706ee7066696c + #x425f299199834bf8 #xfd20fe343aa53bba + #xf643310e4406f255 #xdad22ae6a1b0f1ce + #x1da54c4e82f8462c #x355623be0929f04c + #x769f1729057ad143 #xbd4eeda9949ba4b1 + #xd8e310ea960d253d #x736b7e37fecd0e4f + #x65adfd430296818c #xb8ba84b76f2c7bbd + #x9b2a247d9a5e0432 #xc77766a82348b7e2 + #x08c4e830dcce77eb #x0e97a624851416e3 + #x898ed31108623e0a #xe571db6443eaa29a + #x573e8defc7b57a3f #x21a19ac6c2cfab7c + #x70cc593d5ca0b04b #x2664c9d40ec5a083 + #x296572f61e01dc97 #x85284f39bacbfc1a + #x715a443bc970dabc #xef840958a8990182 + #xcd82b494c83b14fa #x48aafbad72f0e8e0 + #xe9d7474cf143608a #x2390a0caf5727f8f + #xb7bb3f957fe807a9 #x82ed1c2b76c1f7e5 + #xbb1da3bdcd41c5b9 #x72fd63316b1d64b8 + #x7808b10d806ec7a0 #x837b012de3119d12 + #x689d7c6d25ef296b #x02313a0c37bdd4f3 + #x1103d0663051843c #xab886edd68c02b72 + #x6b3a5b678782976f #xe113af7c2d8d1761 + #x6aac46611252fd98 #x50fbdefd0bbf71c0 + #x2ea021e4d20bd768 #x5a0e0cc1e0ccd2d8 + #x34c03eb89cf99abb #xb41c189fdd85b9ad + #x9ede4d6361e9db3e #xafea1ac506a79e89 + #x463d5d89f7e4fe03 #x18512550794f9920 + #x41f80e9b3beef5fc #xa82f49d7caad9576 + #x0f01bb2210c47c14 #xec232e520af4bf86 + #x1bf6025adb222724 #xa2da9beb21de366e + #xedb533549f24d571 #x643be0459746eb7b + #xbf7fd7a5a3267042 #x046274186e67b5fb + #x8e4b8003c46835f5 #x1332ea6a07ec50cf + #xd380dfd0e8aeecd2 #x6f582f7fe9e52294 + #xf9428a2c54c28e41 #x3fa3f182e25a5354 + #x535cf9f7a9d2cfc4 #x660ada49a0fb3f88 + #x33056daa50f39144 #x8fdd9d0551b85f02 + #x19c73856ec9ff3d7 #xb1e87181263266a1 + #x1561a47e5e3631c7 #xd4458cc224a4e72d + #xe740e16874577669 #xc12428bc7a92d6ea + #x3866a2902e5058ab #x1a601f5c4ef24dd3 + #x6059945df9215e80 #x05f4691efbb7df0c + #x5b9811c7751cb82f #x2b5448fa29bc0864 + #xba8bbebb5891af4e #xf4720b0273bb26a6 + #xdd1779f46dbafa31 #x6ece32797c354863 + #x7fcde21f4c64cc5f #x2206bdcc60a21578 + #x75383023a7176f47 #xf3b75810bfb12d59) + (#x03d0663051843c11 #xbfe91d3fdfeaf98b + #xf80e9b3beef5fc41 #xe5ad26f6af3045fa + #x5a443bc970dabc71 #x7b012de3119d1283 + #x82b494c83b14facd #x750dec03dd4fcad9 + #x090a2f90aabbb477 #xb6e332af75514dfc + #xadfd430296818c65 #xfd63316b1d64b872 + #x3d5d89f7e4fe0346 #xd7474cf143608ae9 + #x7e6c87b3e20c56b0 #x601f5c4ef24dd31a + #x40e16874577669e7 #x4437e034609b39db + #xe7c662d63ac86de4 #xaf9607220379a47b + #xea1ac506a79e89af #xd8f0af014bce46bc + #x7fd7a5a3267042bf #x9f1729057ad14376 + #x1c189fdd85b9adb4 #x87d93e98c885befe + #x57989c19ed8c583a #xa4f76c923c3a3812 + #x2a247d9a5e04329b #xc03eb89cf99abb34 + #xf6025adb2227241b #xa890e9526510c856 + #x06bdcc60a2157822 #xc73856ec9ff3d719 + #xcae4f13c02a53352 #xd6fc6ee1871c9ee6 + #xf0bf96bb80325c39 #x13af7c2d8d1761e1 + #x3be0459746eb7b64 #x99aae565d8c43b54 + #x95cd60a581eecb10 #x68ae51ce9c8a7362 + #xcde21f4c64cc5f7f #xdc2627417c231680 + #x428a2c54c28e41f9 #x76dd8a338ccbf6c8 + #xb8eff34fb98395a6 #xa69c28b2a9c2100c + #x08b10d806ec7a078 #xc55312cc0a0bff07 + #x886edd68c02b72ab #xdd9d0551b85f028f + #x1e73dbfd104185aa #x911be8e5b6039b2c + #x30812e2779a8e70d #x3a5b678782976f6b + #x20fe343aa53bbafd #xb954d15f7dff81a9 + #x9a7a835589400745 #x1fc8f9edd43d91a5 + #x0e0cc1e0ccd2d85a #xbb3f957fe807a9b7 + #xc3eedeaca81e8725 #x66a2902e5058ab38 + #xff08754b889c906c #xfeb3575b4ce08463 + #x107f1a1ddc935df0 #x25939e6a56aafece + #xa92bcb42a16cdc59 #x32ea6a07ec50cf13 + #x947642b54592df1f #x1779f46dbafa31dd + #x5623be0929f04c35 #xf2d4d29b15ca7427 + #x59945df9215e8060 #x9370acc523fbb332 + #xb05efecfd74435de #x71db6443eaa29ae5 + #xe2abc886c95929d7 #x458cc224a4e72dd4 + #xce32797c3548636e #x1aa553bd27acd596 + #x4a3b21d4ac49e181 #x284f39bacbfc1a85 + #xd94b8d118fb252b3 #xb235baef42bc1dc0 + #x2643f85a072ec2df #x8bbebb5891af4eba + #x89d5ff78045766a4 #xeecc4d469073d993 + #x0b616bb03f439c69 #xe41604e66b4c51f5 + #x16c2d67d7e8625d2 #x6c78d98eab67235e + #x9d7c6d25ef296b68 #x64c9d40ec5a08326 + #x2ef2f5da69e962a7 #xfa65df1b7b0dd45f + #x12145e3d496b75ee #xfcd8137bd918ac7d + #x52f536491e1d1c09 #xe67d40c6feb479eb + #x2145162a6147aef2 #x29f41baa0f800e8a + #x0000000000000000 #x840958a8990182ef + #xc88fb51c975d1b4c #xc68374fc5b8fc316 + #x5d42d5b916b3d05c #x7dbce183b3886aa1 + #x512550794f992018 #xe17baeb698dd15c6 + #x43310e4406f255f6 #x6dc3fb9e6f1b3751 + #x86621c880cf9aaf1 #xbc397b0f8e6ec59a + #x415a4a64930a7de8 #x04d6884037ed503c + #xe9caa336f61ab5be #x0ada49a0fb3f8866 + #x55f3d83978747024 #x3ce6abe720821749 + #xf5d23ceb73a3180a #xa24aa0f29e2f4030 + #x582f7fe9e522946f #x7aba0ff3d5e1068c + #x313a0c37bdd4f302 #x3787c0571fc18b20 + #x5cf9f7a9d2cfc453 #xbe523f2f1b96ed84 + #x85b27ab85d7d96e0 #x0706ee7066696c2d + #x961d0695d06af701 #x1b1e71ade3d0c199 + #xc255fcbc6c62932a #x398b01b7d313537a + #xcc593d5ca0b04b70 #x5f299199834bf842 + #x80dfd0e8aeecd2d3 #x9eac0b15bead5779 + #xef776f56540fcd9c #x2f49d7caad9576a8 + #x2c99b1fafc114ab9 #x8d03773833ba3698 + #x720b0273bb26a6f4 #x18ce179db254fd88 + #x8f683318a6421e86 #x4f568b845fd8a5b2 + #x8ed31108623e0a89 #xd22ae6a1b0f1ceda + #x74b6ce131933ded6 #x97a624851416e30e + #x6e139dae3e9f0b40 #xa7270aa26dbe0403 + #x5448fa29bc08642b #xe310ea960d253dd8 + #x706046532ede8eea #x485065f439b1c99f + #x6b7e37fecd0e4f73 #xfbdefd0bbf71c050 + #xd391c4b1748ddad5 #xa021e4d20bd7682e + #xab408f623494f447 #x5bff19d9b4a6a87e + #xb1e5dcdf133821d1 #x026b442095f8281e + #xdff641712da72a91 #x11c4380d18ef49ff + #xae2d2532c705b074 #xc1859a8c3de6af3b + #x4b8003c46835f58e #x92cb8ed5e787a73d + #xcb5fd32cc6d9275d #x8cb85528f7c62297 + #x9bc1a1454d3c134a #x056daa50f3914433 + #xf4691efbb7df0c05 #xd1fa8091e175f2cb + #x7c07c39377f47eae #x14a9925deb7e0dcc + #xcf895b6cf1347761 #x0fb7e3f008aecc55 + #x8a05994855d35ab5 #xf104b4ab444e4836 + #x691573de58f6676d #x4eeda9949ba4b1bd + #x2428bc7a92d6eac1 #xb75810bfb12d59f3 + #x63cf3a7ea3c9ef0b #x6274186e67b5fb04 + #x1512b04d2f0219c3 #xe87181263266a1b1 + #x1975358d7628e987 #x534e1459da610806 + #x47e78604311f05ca #xd4972ac112e4b6f8 + #x33514817282cdb1c #x90a0caf5727f8f23 + #x3e8defc7b57a3f57 #x3f36cdd771062b58 + #x796a69c384653a9d #x465ca414f56311c5 + #x5e92b3894737ec4d #x9811c7751cb82f5b + #xd041a2812509e6c4 #x49eb47e4fdcddd90 + #x78d14bd340192e92 #xf9b5b92b2a89e84e + #x61a47e5e3631c715 #x509e72698be53417 + #xb533549f24d571ed #x27f8da4ac352d6d0 + #x6572f61e01dc9729 #xde4d6361e9db3e9e + #x3457a6674e45b731 #xa54c4e82f8462c1d + #xbd82591f4a12d195 #x830fb6d8ff68eec2 + #x383023a7176f4775 #x7766a82348b7e2c7 + #x0c6785c0592af044 #xba84b76f2c7bbdb8 + #xe0c08ca65ca101c9 #xeba1e71663e29da0 + #xd52c08d1d698a2f7 #xc4e830dcce77eb08 + #xda9beb21de366ea2 #xa3f182e25a53543f + #xac46611252fd986a #xb38e98ff86c009cf + #xf36ff08bd1b66028 #xdb20c9311a4a7aad + #xa19ac6c2cfab7c21 #x6ac515ee09725b7c + #x4c86edb40e5c99a3 #x363ce247dbbd9f2f + #x8164f2f86a90c6dc #x35ec84778a39a33e + #xb488768fe0a965e2 #x73b020637f5ab2fb + #x232e520af4bf86ec #x6fa8bfbefae31f4f + #xeca70966058bf18d #x1da3bdcd41c5b9bb + #x9cc74f352b557f67 #x4d3dcfa4ca208dac + #x2b9f5f8a9a782694 #xaafbad72f0e8e048 + #xc934970c53210f43 #xed1c2b76c1f7e582 + #x01bb2210c47c140f #x0ddca7d09d56e44b + #x2d2293ea386d5eb6 #xf7b978cbe65b3014 + #x6719b23e9424bf37 #x2295701a30c392e3) + (#x9f5f8a9a7826942b #x34970c53210f43c9 + #x9d0551b85f028fdd #xb494c83b14facd82 + #x6edd68c02b72ab88 #xff19d9b4a6a87e5b + #xdb6443eaa29ae571 #x1be8e5b6039b2c91 + #x5fd32cc6d9275dcb #x90e9526510c856a8 + #xb27ab85d7d96e085 #xa47e5e3631c71561 + #xf3d8397874702455 #xfbad72f0e8e048aa + #x37e034609b39db44 #xfa8091e175f2cbd1 + #xcaa336f61ab5bee9 #xeff34fb98395a6b8 + #x63316b1d64b872fd #xba0ff3d5e1068c7a + #xcd60a581eecb1095 #x35baef42bc1dc0b2 + #x23be0929f04c3556 #x4b8d118fb252b3d9 + #xd8137bd918ac7dfc #x0a2f90aabbb47709 + #xc2d67d7e8625d216 #x7181263266a1b1e8 + #x3023a7176f477538 #x7642b54592df1f94 + #xf2f5da69e962a72e #xa70966058bf18dec + #xc662d63ac86de4e7 #x939e6a56aafece25 + #x86edb40e5c99a34c #xf8da4ac352d6d027 + #x145e3d496b75ee12 #xce179db254fd8818 + #xd23ceb73a3180af5 #x270aa26dbe0403a7 + #x5d89f7e4fe03463d #x2ae6a1b0f1cedad2 + #x1729057ad143769f #xb10d806ec7a07808 + #x4f39bacbfc1a8528 #xeda9949ba4b1bd4e + #x5312cc0a0bff07c5 #xc4380d18ef49ff11 + #x95701a30c392e322 #xa0caf5727f8f2390 + #x55fcbc6c62932ac2 #xcf3a7ea3c9ef0b63 + #x621c880cf9aaf186 #xfd430296818c65ad + #xbf96bb80325c39f0 #x6c87b3e20c56b07e + #x299199834bf8425f #x74186e67b5fb0462 + #x4c4e82f8462c1da5 #x64f2f86a90c6dc81 + #x6b442095f8281e02 #x1d0695d06af70196 + #xd5ff78045766a489 #x3856ec9ff3d719c7 + #xac0b15bead57799e #xc3fb9e6f1b37516d + #x8e98ff86c009cfb3 #x49d7caad9576a82f + #x859a8c3de6af3bc1 #x3dcfa4ca208dac4d + #x91c4b1748ddad5d3 #x8a2c54c28e41f942 + #x2bcb42a16cdc59a9 #x9e72698be5341750 + #x1e71ade3d0c1991b #xe6abe7208217493c + #x3a0c37bdd4f30231 #x945df9215e806059 + #xcc4d469073d993ee #x0e9b3beef5fc41f8 + #x8b01b7d313537a39 #xf182e25a53543fa3 + #x5810bfb12d59f3b7 #x8003c46835f58e4b + #xbce183b3886aa17d #x1604e66b4c51f5e4 + #x2c08d1d698a2f7d5 #xc08ca65ca101c9e0 + #x7a8355894007459a #xe21f4c64cc5f7fcd + #x88768fe0a965e2b4 #x82591f4a12d195bd + #x4aa0f29e2f4030a2 #xdca7d09d56e44b0d + #x6daa50f391443305 #x92b3894737ec4d5e + #xa8bfbefae31f4f6f #xea6a07ec50cf1332 + #x2293ea386d5eb62d #x41a2812509e6c4d0 + #x8374fc5b8fc316c6 #x683318a6421e868f + #xb3575b4ce08463fe #xe5dcdf133821d1b1 + #xd6884037ed503c04 #x05994855d35ab58a + #x5b678782976f6b3a #x397b0f8e6ec59abc + #xabc886c95929d7e2 #xe4f13c02a53352ca + #xb5b92b2a89e84ef9 #xaf7c2d8d1761e113 + #x75358d7628e98719 #x72f61e01dc972965 + #x78d98eab67235e6c #xc8f9edd43d91a51f + #x0fb6d8ff68eec283 #x70acc523fbb33293 + #x36cdd771062b583f #xbdcc60a215782206 + #xa624851416e30e97 #x9607220379a47baf + #x1c2b76c1f7e582ed #x6046532ede8eea70 + #xbebb5891af4eba8b #x48fa29bc08642b54 + #x19b23e9424bf3767 #x2627417c231680dc + #x65df1b7b0dd45ffa #xf536491e1d1c0952 + #x54d15f7dff81a9b9 #x2550794f99201851 + #xdefd0bbf71c050fb #x87c0571fc18b2037 + #x10ea960d253dd8e3 #xe0459746eb7b643b + #x12b04d2f0219c315 #xaae565d8c43b5499 + #xe91d3fdfeaf98bbf #xf76c923c3a3812a4 + #x1f5c4ef24dd31a60 #x812e2779a8e70d30 + #xf41baa0f800e8a29 #xfc6ee1871c9ee6d6 + #x8fb51c975d1b4cc8 #x4e1459da61080653 + #x310e4406f255f643 #x0cc1e0ccd2d85a0e + #x0958a8990182ef84 #xa9925deb7e0dcc14 + #x6a69c384653a9d79 #x04b4ab444e4836f1 + #x0dec03dd4fcad975 #xeb47e4fdcddd9049 + #x7e37fecd0e4f736b #x73dbfd104185aa1e + #xc515ee09725b7c6a #xae51ce9c8a736268 + #xa3bdcd41c5b9bb1d #x84b76f2c7bbdb8ba + #x443bc970dabc715a #xa1e71663e29da0eb + #x7f1a1ddc935df010 #x474cf143608ae9d7 + #x33549f24d571edb5 #xc9d40ec5a0832664 + #x46611252fd986aac #x5efecfd74435deb0 + #x0000000000000000 #x514817282cdb1c33 + #x408f623494f447ab #x57a6674e45b73134 + #x11c7751cb82f5b98 #x989c19ed8c583a57 + #x7baeb698dd15c6e1 #x06ee7066696c2d07 + #xda49a0fb3f88660a #x07c39377f47eae7c + #x2d2532c705b074ae #x42d5b916b3d05c5d + #xec84778a39a33e35 #x776f56540fcd9cef + #xa553bd27acd5961a #xb978cbe65b3014f7 + #x895b6cf1347761cf #xb85528f7c622978c + #x66a82348b7e2c777 #xe830dcce77eb08c4 + #x189fdd85b9adb41c #x99b1fafc114ab92c + #x0b0273bb26a6f472 #xeedeaca81e8725c3 + #x6785c0592af0440c #x247d9a5e04329b2a + #x21e4d20bd7682ea0 #xbb2210c47c140f01 + #x523f2f1b96ed84be #xd4d29b15ca7427f2 + #x45162a6147aef221 #xf641712da72a91df + #xb020637f5ab2fb73 #xdd8a338ccbf6c876 + #x5ca414f56311c546 #x3f957fe807a9b7bb + #x8cc224a4e72dd445 #x012de3119d12837b + #xd0663051843c1103 #x5a4a64930a7de841 + #x28bc7a92d6eac124 #x08754b889c906cff + #xd7a5a3267042bf7f #x3ce247dbbd9f2f36 + #x6ff08bd1b66028f3 #xd14bd340192e9278 + #x139dae3e9f0b406e #xe78604311f05ca47 + #xd93e98c885befe87 #x616bb03f439c690b + #x03773833ba36988d #xcb8ed5e787a73d92 + #xb7e3f008aecc550f #x9c28b2a9c2100ca6 + #x3eb89cf99abb34c0 #x3b21d4ac49e1814a + #xdfd0e8aeecd2d380 #x7c6d25ef296b689d + #xc1a1454d3c134a9b #xf9f7a9d2cfc4535c + #xc74f352b557f679c #x7d40c6feb479ebe6 + #x1573de58f6676d69 #x1ac506a79e89afea + #x568b845fd8a5b24f #x32797c3548636ece + #x691efbb7df0c05f4 #x972ac112e4b6f8d4 + #x79f46dbafa31dd17 #x2e520af4bf86ec23 + #xd31108623e0a898e #x8defc7b57a3f573e + #x025adb2227241bf6 #xa2902e5058ab3866 + #xfe343aa53bbafd20 #xad26f6af3045fae5 + #x43f85a072ec2df26 #x2f7fe9e522946f58 + #x9beb21de366ea2da #x20c9311a4a7aaddb + #x5065f439b1c99f48 #x593d5ca0b04b70cc + #x9ac6c2cfab7c21a1 #xb6ce131933ded674 + #xf0af014bce46bcd8 #x4d6361e9db3e9ede + #xe16874577669e740 #xe332af75514dfcb6) + (#xbfbefae31f4f6fa8 #x85c0592af0440c67 + #xbaef42bc1dc0b235 #x5528f7c622978cb8 + #xe6a1b0f1cedad22a #x3ceb73a3180af5d2 + #x7fe9e522946f582f #xa7d09d56e44b0ddc + #x754b889c906cff08 #xe247dbbd9f2f363c + #x81263266a1b1e871 #xdcdf133821d1b1e5 + #xf46dbafa31dd1779 #x3d5ca0b04b70cc59 + #x56ec9ff3d719c738 #xdeaca81e8725c3ee + #x549f24d571edb533 #x2de3119d12837b01 + #xea960d253dd8e310 #xc886c95929d7e2ab + #x2f90aabbb477090a #x26f6af3045fae5ad + #x6ee1871c9ee6d6fc #x3e98c885befe87d9 + #x24851416e30e97a6 #xda4ac352d6d027f8 + #xe3f008aecc550fb7 #x994855d35ab58a05 + #x5df9215e80605994 #x58a8990182ef8409 + #xb1fafc114ab92c99 #x442095f8281e026b + #xf5da69e962a72ef2 #xc0571fc18b203787 + #x37fecd0e4f736b7e #x902e5058ab3866a2 + #xeb21de366ea2da9b #x8f623494f447ab40 + #xd98eab67235e6c78 #xa414f56311c5465c + #x5c4ef24dd31a601f #x08d1d698a2f7d52c + #xdbfd104185aa1e73 #xcb42a16cdc59a92b + #x10bfb12d59f3b758 #xa82348b7e2c77766 + #xbdcd41c5b9bb1da3 #x7ab85d7d96e085b2 + #xedb40e5c99a34c86 #xff78045766a489d5 + #xf34fb98395a6b8ef #x4f352b557f679cc7 + #x4a64930a7de8415a #xe8e5b6039b2c911b + #xb4ab444e4836f104 #x4817282cdb1c3351 + #xaeb698dd15c6e17b #x3f2f1b96ed84be52 + #x21d4ac49e1814a3b #x884037ed503c04d6 + #xbe0929f04c355623 #xe565d8c43b5499aa + #x1108623e0a898ed3 #x2532c705b074ae2d + #x0551b85f028fdd9d #x03c46835f58e4b80 + #xf13c02a53352cae4 #xee7066696c2d0706 + #xc6c2cfab7c21a19a #xb04d2f0219c31512 + #x0273bb26a6f4720b #x8604311f05ca47e7 + #xaf014bce46bcd8f0 #x3318a6421e868f68 + #x96bb80325c39f0bf #x40c6feb479ebe67d + #x12cc0a0bff07c553 #x162a6147aef22145 + #x71ade3d0c1991b1e #xce131933ded674b6 + #xc9311a4a7aaddb20 #x32af75514dfcb6e3 + #x62d63ac86de4e7c6 #xb23e9424bf376719 + #x8355894007459a7a #x137bd918ac7dfcd8 + #x42b54592df1f9476 #xabe7208217493ce6 + #x9b3beef5fc41f80e #x2e2779a8e70d3081 + #x4d469073d993eecc #x768fe0a965e2b488 + #xd0e8aeecd2d380df #xa2812509e6c4d041 + #x0ff3d5e1068c7aba #x04e66b4c51f5e416 + #x2c54c28e41f9428a #x01b7d313537a398b + #xcc60a215782206bd #xc506a79e89afea1a + #x4cf143608ae9d747 #x8a338ccbf6c876dd + #x29057ad143769f17 #xcfa4ca208dac4d3d + #xa6674e45b7313457 #x50794f9920185125 + #xb89cf99abb34c03e #x343aa53bbafd20fe + #x89f7e4fe03463d5d #xa5a3267042bf7fd7 + #xefc7b57a3f573e8d #x9fdd85b9adb41c18 + #xec03dd4fcad9750d #x970c53210f43c934 + #xc7751cb82f5b9811 #xc1e0ccd2d85a0e0c + #xad72f0e8e048aafb #x0966058bf18deca7 + #x47e4fdcddd9049eb #x19d9b4a6a87e5bff + #x1a1ddc935df0107f #x591f4a12d195bd82 + #x1efbb7df0c05f469 #x575b4ce08463feb3 + #x0e4406f255f64331 #x2ac112e4b6f8d497 + #xa0f29e2f4030a24a #x179db254fd8818ce + #x663051843c1103d0 #xe4d20bd7682ea021 + #xd15f7dff81a9b954 #xd32cc6d9275dcb5f + #x94c83b14facd82b4 #xaa50f3914433056d + #x358d7628e9871975 #xbc7a92d6eac12428 + #x39bacbfc1a85284f #x9199834bf8425f29 + #x73de58f6676d6915 #xd5b916b3d05c5d42 + #x46532ede8eea7060 #x186e67b5fb046274 + #xa1454d3c134a9bc1 #x0b15bead57799eac + #x5adb2227241bf602 #xdd68c02b72ab886e + #x6443eaa29ae571db #xfd0bbf71c050fbde + #x8b845fd8a5b24f56 #xb92b2a89e84ef9b5 + #x678782976f6b3a5b #xf2f86a90c6dc8164 + #xc39377f47eae7c07 #x93ea386d5eb62d22 + #x430296818c65adfd #xc224a4e72dd4458c + #x9e6a56aafece2593 #x6f56540fcd9cef77 + #x84778a39a33e35ec #xf85a072ec2df2643 + #x3bc970dabc715a44 #x0d806ec7a07808b1 + #x773833ba36988d03 #x27417c231680dc26 + #x60a581eecb1095cd #xb76f2c7bbdb8ba84 + #xd8397874702455f3 #xfecfd74435deb05e + #xcaf5727f8f2390a0 #xa9949ba4b1bd4eed + #xe034609b39db4437 #x2b76c1f7e582ed1c + #xf7a9d2cfc4535cf9 #x20637f5ab2fb73b0 + #x9c19ed8c583a5798 #xd67d7e8625d216c2 + #x1459da610806534e #x6d25ef296b689d7c + #x925deb7e0dcc14a9 #x65f439b1c99f4850 + #x957fe807a9b7bb3f #x41712da72a91dff6 + #x36491e1d1c0952f5 #x5e3d496b75ee1214 + #x1d3fdfeaf98bbfe9 #x701a30c392e32295 + #x6361e9db3e9ede4d #xd7caad9576a82f49 + #xe71663e29da0eba1 #x98ff86c009cfb38e + #x6bb03f439c690b61 #xc4b1748ddad5d391 + #x6c923c3a3812a4f7 #x1f4c64cc5f7fcde2 + #xe183b3886aa17dbc #xb6d8ff68eec2830f + #x51ce9c8a736268ae #x07220379a47baf96 + #x82e25a53543fa3f1 #xbb5891af4eba8bbe + #x4bd340192e9278d1 #x6874577669e740e1 + #xfb9e6f1b37516dc3 #xacc523fbb3329370 + #x69c384653a9d796a #x5b6cf1347761cf89 + #x0000000000000000 #x49a0fb3f88660ada + #xa336f61ab5bee9ca #x15ee09725b7c6ac5 + #x8d118fb252b3d94b #x7d9a5e04329b2a24 + #x1baa0f800e8a29f4 #xfa29bc08642b5448 + #x459746eb7b643be0 #xdf1b7b0dd45ffa65 + #x30dcce77eb08c4e8 #x8091e175f2cbd1fa + #x0c37bdd4f302313a #xf9edd43d91a51fc8 + #x3a7ea3c9ef0b63cf #x74fc5b8fc316c683 + #x8ca65ca101c9e0c0 #x72698be53417509e + #x23a7176f47753830 #x797c3548636ece32 + #xb51c975d1b4cc88f #x2210c47c140f01bb + #xd29b15ca7427f2d4 #x8ed5e787a73d92cb + #x7e5e3631c71561a4 #x1c880cf9aaf18662 + #xf08bd1b66028f36f #xf61e01dc97296572 + #x7b0f8e6ec59abc39 #xb3894737ec4d5e92 + #x316b1d64b872fd63 #x9a8c3de6af3bc185 + #x0aa26dbe0403a727 #x5f8a9a7826942b9f + #x520af4bf86ec232e #x380d18ef49ff11c4 + #x0695d06af701961d #x87b3e20c56b07e6c + #x53bd27acd5961aa5 #x7c2d8d1761e113af + #x28b2a9c2100ca69c #x6a07ec50cf1332ea + #xe9526510c856a890 #xcdd771062b583f36 + #xfcbc6c62932ac255 #x9dae3e9f0b406e13 + #xd40ec5a0832664c9 #x78cbe65b3014f7b9 + #x4e82f8462c1da54c #x611252fd986aac46) + (#x352b557f679cc74f #x3e9424bf376719b2 + #x5deb7e0dcc14a992 #xb3e20c56b07e6c87 + #x83b3886aa17dbce1 #x3d496b75ee12145e + #xae3e9f0b406e139d #x8a9a7826942b9f5f + #x845fd8a5b24f568b #x5a072ec2df2643f8 + #xf3d5e1068c7aba0f #x7ea3c9ef0b63cf3a + #x923c3a3812a4f76c #x3fdfeaf98bbfe91d + #xd340192e9278d14b #x04311f05ca47e786 + #xcc0a0bff07c55312 #xff86c009cfb38e98 + #xade3d0c1991b1e71 #xfc5b8fc316c68374 + #xbb80325c39f0bf96 #xd5e787a73d92cb8e + #xa4ca208dac4d3dcf #xf6af3045fae5ad26 + #x5b4ce08463feb357 #x8bd1b66028f36ff0 + #xb698dd15c6e17bae #x2f1b96ed84be523f + #x4037ed503c04d688 #x6a56aafece25939e + #xb40e5c99a34c86ed #xc6feb479ebe67d40 + #x9b15ca7427f2d4d2 #xde58f6676d691573 + #xc523fbb3329370ac #xe5b6039b2c911be8 + #x8d7628e987197535 #xf008aecc550fb7e3 + #xd9b4a6a87e5bff19 #xc112e4b6f8d4972a + #xdf133821d1b1e5dc #xaf75514dfcb6e332 + #x2095f8281e026b44 #xb54592df1f947642 + #x8eab67235e6c78d9 #x698be53417509e72 + #xbc6c62932ac255fc #x1f4a12d195bd8259 + #x15bead57799eac0b #x1ddc935df0107f1a + #x131933ded674b6ce #xe66b4c51f5e41604 + #x9db254fd8818ce17 #xa26dbe0403a7270a + #x17282cdb1c335148 #x47dbbd9f2f363ce2 + #xda69e962a72ef2f5 #x469073d993eecc4d + #xfafc114ab92c99b1 #x90aabbb477090a2f + #xb2a9c2100ca69c28 #xa65ca101c9e0c08c + #xd09d56e44b0ddca7 #x3833ba36988d0377 + #x59da610806534e14 #x19ed8c583a57989c + #x491e1d1c0952f536 #xeb73a3180af5d23c + #x2779a8e70d30812e #x86c95929d7e2abc8 + #xedd43d91a51fc8f9 #xb03f439c690b616b + #x9e6f1b37516dc3fb #x78045766a489d5ff + #x3c02a53352cae4f1 #x1c975d1b4cc88fb5 + #x55894007459a7a83 #xc384653a9d796a69 + #x674e45b7313457a6 #x454d3c134a9bc1a1 + #xce9c8a736268ae51 #x98c885befe87d93e + #x0d18ef49ff11c438 #x66058bf18deca709 + #xcfd74435deb05efe #x4ac352d6d027f8da + #x880cf9aaf186621c #x0c53210f43c93497 + #x36f61ab5bee9caa3 #x526510c856a890e9 + #x64930a7de8415a4a #x1a30c392e3229570 + #x778a39a33e35ec84 #xbefae31f4f6fa8bf + #x2cc6d9275dcb5fd3 #xf439b1c99f485065 + #xa581eecb1095cd60 #x28f7c622978cb855 + #x220379a47baf9607 #x7d7e8625d216c2d6 + #xd63ac86de4e7c662 #xea386d5eb62d2293 + #xaa0f800e8a29f41b #x1b7b0dd45ffa65df + #x6cf1347761cf895b #x4fb98395a6b8eff3 + #xd4ac49e1814a3b21 #x311a4a7aaddb20c9 + #x32c705b074ae2d25 #xf29e2f4030a24aa0 + #x712da72a91dff641 #xe4fdcddd9049eb47 + #xe7208217493ce6ab #xab444e4836f104b4 + #x2a6147aef2214516 #xb916b3d05c5d42d5 + #xd1d698a2f7d52c08 #xb7d313537a398b01 + #x4b889c906cff0875 #xcbe65b3014f7b978 + #x812509e6c4d041a2 #xb85d7d96e085b27a + #xef42bc1dc0b235ba #x18a6421e868f6833 + #x532ede8eea706046 #x2b2a89e84ef9b5b9 + #xf86a90c6dc8164f2 #x397874702455f3d8 + #x65d8c43b5499aae5 #x42a16cdc59a92bcb + #x5f7dff81a9b954d1 #x9377f47eae7c07c3 + #x95d06af701961d06 #x34609b39db4437e0 + #x8c3de6af3bc1859a #xfd104185aa1e73db + #x7bd918ac7dfcd813 #x417c231680dc2627 + #x03dd4fcad9750dec #x14f56311c5465ca4 + #x571fc18b203787c0 #xb1748ddad5d391c4 + #xd8ff68eec2830fb6 #x014bce46bcd8f0af + #x1663e29da0eba1e7 #x637f5ab2fb73b020 + #xee09725b7c6ac515 #x0000000000000000 + #x338ccbf6c876dd8a #x56540fcd9cef776f + #x623494f447ab408f #x91e175f2cbd1fa80 + #x0f8e6ec59abc397b #x4855d35ab58a0599 + #x894737ec4d5e92b3 #xbd27acd5961aa553 + #x4d2f0219c31512b0 #xe1871c9ee6d6fc6e + #x8fe0a965e2b48876 #x118fb252b3d94b8d + #xc0592af0440c6785 #xaca81e8725c3eede + #xd771062b583f36cd #x7066696c2d0706ee + #x99834bf8425f2991 #x3aa53bbafd20fe34 + #x4406f255f643310e #xa1b0f1cedad22ae6 + #x82f8462c1da54c4e #x0929f04c355623be + #x057ad143769f1729 #x949ba4b1bd4eeda9 + #x960d253dd8e310ea #xfecd0e4f736b7e37 + #x0296818c65adfd43 #x6f2c7bbdb8ba84b7 + #x9a5e04329b2a247d #x2348b7e2c77766a8 + #xdcce77eb08c4e830 #x851416e30e97a624 + #x08623e0a898ed311 #x43eaa29ae571db64 + #xc7b57a3f573e8def #xc2cfab7c21a19ac6 + #x5ca0b04b70cc593d #x0ec5a0832664c9d4 + #x1e01dc97296572f6 #xbacbfc1a85284f39 + #xc970dabc715a443b #xa8990182ef840958 + #xc83b14facd82b494 #x72f0e8e048aafbad + #xf143608ae9d7474c #xf5727f8f2390a0ca + #x7fe807a9b7bb3f95 #x76c1f7e582ed1c2b + #xcd41c5b9bb1da3bd #x6b1d64b872fd6331 + #x806ec7a07808b10d #xe3119d12837b012d + #x25ef296b689d7c6d #x37bdd4f302313a0c + #x3051843c1103d066 #x68c02b72ab886edd + #x8782976f6b3a5b67 #x2d8d1761e113af7c + #x1252fd986aac4661 #x0bbf71c050fbdefd + #xd20bd7682ea021e4 #xe0ccd2d85a0e0cc1 + #x9cf99abb34c03eb8 #xdd85b9adb41c189f + #x61e9db3e9ede4d63 #x06a79e89afea1ac5 + #xf7e4fe03463d5d89 #x794f992018512550 + #x3beef5fc41f80e9b #xcaad9576a82f49d7 + #x10c47c140f01bb22 #x0af4bf86ec232e52 + #xdb2227241bf6025a #x21de366ea2da9beb + #x9f24d571edb53354 #x9746eb7b643be045 + #xa3267042bf7fd7a5 #x6e67b5fb04627418 + #xc46835f58e4b8003 #x07ec50cf1332ea6a + #xe8aeecd2d380dfd0 #xe9e522946f582f7f + #x54c28e41f9428a2c #xe25a53543fa3f182 + #xa9d2cfc4535cf9f7 #xa0fb3f88660ada49 + #x50f3914433056daa #x51b85f028fdd9d05 + #xec9ff3d719c73856 #x263266a1b1e87181 + #x5e3631c71561a47e #x24a4e72dd4458cc2 + #x74577669e740e168 #x7a92d6eac12428bc + #x2e5058ab3866a290 #x4ef24dd31a601f5c + #xf9215e806059945d #xfbb7df0c05f4691e + #x751cb82f5b9811c7 #x29bc08642b5448fa + #x5891af4eba8bbebb #x73bb26a6f4720b02 + #x6dbafa31dd1779f4 #x7c3548636ece3279 + #x4c64cc5f7fcde21f #x60a215782206bdcc + #xa7176f4775383023 #xbfb12d59f3b75810) + (#x51843c1103d06630 #xdfeaf98bbfe91d3f + #xeef5fc41f80e9b3b #xaf3045fae5ad26f6 + #x70dabc715a443bc9 #x119d12837b012de3 + #x3b14facd82b494c8 #xdd4fcad9750dec03 + #xaabbb477090a2f90 #x75514dfcb6e332af + #x96818c65adfd4302 #x1d64b872fd63316b + #xe4fe03463d5d89f7 #x43608ae9d7474cf1 + #xe20c56b07e6c87b3 #xf24dd31a601f5c4e + #x577669e740e16874 #x609b39db4437e034 + #x3ac86de4e7c662d6 #x0379a47baf960722 + #xa79e89afea1ac506 #x4bce46bcd8f0af01 + #x267042bf7fd7a5a3 #x7ad143769f172905 + #x85b9adb41c189fdd #xc885befe87d93e98 + #xed8c583a57989c19 #x3c3a3812a4f76c92 + #x5e04329b2a247d9a #xf99abb34c03eb89c + #x2227241bf6025adb #x6510c856a890e952 + #xa215782206bdcc60 #x9ff3d719c73856ec + #x02a53352cae4f13c #x871c9ee6d6fc6ee1 + #x80325c39f0bf96bb #x8d1761e113af7c2d + #x46eb7b643be04597 #xd8c43b5499aae565 + #x81eecb1095cd60a5 #x9c8a736268ae51ce + #x64cc5f7fcde21f4c #x7c231680dc262741 + #xc28e41f9428a2c54 #x8ccbf6c876dd8a33 + #xb98395a6b8eff34f #xa9c2100ca69c28b2 + #x6ec7a07808b10d80 #x0a0bff07c55312cc + #xc02b72ab886edd68 #xb85f028fdd9d0551 + #x104185aa1e73dbfd #xb6039b2c911be8e5 + #x79a8e70d30812e27 #x82976f6b3a5b6787 + #xa53bbafd20fe343a #x7dff81a9b954d15f + #x894007459a7a8355 #xd43d91a51fc8f9ed + #xccd2d85a0e0cc1e0 #xe807a9b7bb3f957f + #xa81e8725c3eedeac #x5058ab3866a2902e + #x889c906cff08754b #x4ce08463feb3575b + #xdc935df0107f1a1d #x56aafece25939e6a + #xa16cdc59a92bcb42 #xec50cf1332ea6a07 + #x4592df1f947642b5 #xbafa31dd1779f46d + #x29f04c355623be09 #x15ca7427f2d4d29b + #x215e806059945df9 #x23fbb3329370acc5 + #xd74435deb05efecf #xeaa29ae571db6443 + #xc95929d7e2abc886 #xa4e72dd4458cc224 + #x3548636ece32797c #x27acd5961aa553bd + #xac49e1814a3b21d4 #xcbfc1a85284f39ba + #x8fb252b3d94b8d11 #x42bc1dc0b235baef + #x072ec2df2643f85a #x91af4eba8bbebb58 + #x045766a489d5ff78 #x9073d993eecc4d46 + #x3f439c690b616bb0 #x6b4c51f5e41604e6 + #x7e8625d216c2d67d #xab67235e6c78d98e + #xef296b689d7c6d25 #xc5a0832664c9d40e + #x69e962a72ef2f5da #x7b0dd45ffa65df1b + #x496b75ee12145e3d #xd918ac7dfcd8137b + #x1e1d1c0952f53649 #xfeb479ebe67d40c6 + #x6147aef22145162a #x0f800e8a29f41baa + #x0000000000000000 #x990182ef840958a8 + #x975d1b4cc88fb51c #x5b8fc316c68374fc + #x16b3d05c5d42d5b9 #xb3886aa17dbce183 + #x4f99201851255079 #x98dd15c6e17baeb6 + #x06f255f643310e44 #x6f1b37516dc3fb9e + #x0cf9aaf186621c88 #x8e6ec59abc397b0f + #x930a7de8415a4a64 #x37ed503c04d68840 + #xf61ab5bee9caa336 #xfb3f88660ada49a0 + #x7874702455f3d839 #x208217493ce6abe7 + #x73a3180af5d23ceb #x9e2f4030a24aa0f2 + #xe522946f582f7fe9 #xd5e1068c7aba0ff3 + #xbdd4f302313a0c37 #x1fc18b203787c057 + #xd2cfc4535cf9f7a9 #x1b96ed84be523f2f + #x5d7d96e085b27ab8 #x66696c2d0706ee70 + #xd06af701961d0695 #xe3d0c1991b1e71ad + #x6c62932ac255fcbc #xd313537a398b01b7 + #xa0b04b70cc593d5c #x834bf8425f299199 + #xaeecd2d380dfd0e8 #xbead57799eac0b15 + #x540fcd9cef776f56 #xad9576a82f49d7ca + #xfc114ab92c99b1fa #x33ba36988d037738 + #xbb26a6f4720b0273 #xb254fd8818ce179d + #xa6421e868f683318 #x5fd8a5b24f568b84 + #x623e0a898ed31108 #xb0f1cedad22ae6a1 + #x1933ded674b6ce13 #x1416e30e97a62485 + #x3e9f0b406e139dae #x6dbe0403a7270aa2 + #xbc08642b5448fa29 #x0d253dd8e310ea96 + #x2ede8eea70604653 #x39b1c99f485065f4 + #xcd0e4f736b7e37fe #xbf71c050fbdefd0b + #x748ddad5d391c4b1 #x0bd7682ea021e4d2 + #x3494f447ab408f62 #xb4a6a87e5bff19d9 + #x133821d1b1e5dcdf #x95f8281e026b4420 + #x2da72a91dff64171 #x18ef49ff11c4380d + #xc705b074ae2d2532 #x3de6af3bc1859a8c + #x6835f58e4b8003c4 #xe787a73d92cb8ed5 + #xc6d9275dcb5fd32c #xf7c622978cb85528 + #x4d3c134a9bc1a145 #xf3914433056daa50 + #xb7df0c05f4691efb #xe175f2cbd1fa8091 + #x77f47eae7c07c393 #xeb7e0dcc14a9925d + #xf1347761cf895b6c #x08aecc550fb7e3f0 + #x55d35ab58a059948 #x444e4836f104b4ab + #x58f6676d691573de #x9ba4b1bd4eeda994 + #x92d6eac12428bc7a #xb12d59f3b75810bf + #xa3c9ef0b63cf3a7e #x67b5fb046274186e + #x2f0219c31512b04d #x3266a1b1e8718126 + #x7628e9871975358d #xda610806534e1459 + #x311f05ca47e78604 #x12e4b6f8d4972ac1 + #x282cdb1c33514817 #x727f8f2390a0caf5 + #xb57a3f573e8defc7 #x71062b583f36cdd7 + #x84653a9d796a69c3 #xf56311c5465ca414 + #x4737ec4d5e92b389 #x1cb82f5b9811c775 + #x2509e6c4d041a281 #xfdcddd9049eb47e4 + #x40192e9278d14bd3 #x2a89e84ef9b5b92b + #x3631c71561a47e5e #x8be53417509e7269 + #x24d571edb533549f #xc352d6d027f8da4a + #x01dc97296572f61e #xe9db3e9ede4d6361 + #x4e45b7313457a667 #xf8462c1da54c4e82 + #x4a12d195bd82591f #xff68eec2830fb6d8 + #x176f4775383023a7 #x48b7e2c77766a823 + #x592af0440c6785c0 #x2c7bbdb8ba84b76f + #x5ca101c9e0c08ca6 #x63e29da0eba1e716 + #xd698a2f7d52c08d1 #xce77eb08c4e830dc + #xde366ea2da9beb21 #x5a53543fa3f182e2 + #x52fd986aac466112 #x86c009cfb38e98ff + #xd1b66028f36ff08b #x1a4a7aaddb20c931 + #xcfab7c21a19ac6c2 #x09725b7c6ac515ee + #x0e5c99a34c86edb4 #xdbbd9f2f363ce247 + #x6a90c6dc8164f2f8 #x8a39a33e35ec8477 + #xe0a965e2b488768f #x7f5ab2fb73b02063 + #xf4bf86ec232e520a #xfae31f4f6fa8bfbe + #x058bf18deca70966 #x41c5b9bb1da3bdcd + #x2b557f679cc74f35 #xca208dac4d3dcfa4 + #x9a7826942b9f5f8a #xf0e8e048aafbad72 + #x53210f43c934970c #xc1f7e582ed1c2b76 + #xc47c140f01bb2210 #x9d56e44b0ddca7d0 + #x386d5eb62d2293ea #xe65b3014f7b978cb + #x9424bf376719b23e #x30c392e32295701a)))) + + (defconst +kalyna-s+ + (make-array '(4 256) + :element-type '(unsigned-byte 8) + :initial-contents '((#xa8 #x43 #x5f #x06 #x6b #x75 #x6c #x59 + #x71 #xdf #x87 #x95 #x17 #xf0 #xd8 #x09 + #x6d #xf3 #x1d #xcb #xc9 #x4d #x2c #xaf + #x79 #xe0 #x97 #xfd #x6f #x4b #x45 #x39 + #x3e #xdd #xa3 #x4f #xb4 #xb6 #x9a #x0e + #x1f #xbf #x15 #xe1 #x49 #xd2 #x93 #xc6 + #x92 #x72 #x9e #x61 #xd1 #x63 #xfa #xee + #xf4 #x19 #xd5 #xad #x58 #xa4 #xbb #xa1 + #xdc #xf2 #x83 #x37 #x42 #xe4 #x7a #x32 + #x9c #xcc #xab #x4a #x8f #x6e #x04 #x27 + #x2e #xe7 #xe2 #x5a #x96 #x16 #x23 #x2b + #xc2 #x65 #x66 #x0f #xbc #xa9 #x47 #x41 + #x34 #x48 #xfc #xb7 #x6a #x88 #xa5 #x53 + #x86 #xf9 #x5b #xdb #x38 #x7b #xc3 #x1e + #x22 #x33 #x24 #x28 #x36 #xc7 #xb2 #x3b + #x8e #x77 #xba #xf5 #x14 #x9f #x08 #x55 + #x9b #x4c #xfe #x60 #x5c #xda #x18 #x46 + #xcd #x7d #x21 #xb0 #x3f #x1b #x89 #xff + #xeb #x84 #x69 #x3a #x9d #xd7 #xd3 #x70 + #x67 #x40 #xb5 #xde #x5d #x30 #x91 #xb1 + #x78 #x11 #x01 #xe5 #x00 #x68 #x98 #xa0 + #xc5 #x02 #xa6 #x74 #x2d #x0b #xa2 #x76 + #xb3 #xbe #xce #xbd #xae #xe9 #x8a #x31 + #x1c #xec #xf1 #x99 #x94 #xaa #xf6 #x26 + #x2f #xef #xe8 #x8c #x35 #x03 #xd4 #x7f + #xfb #x05 #xc1 #x5e #x90 #x20 #x3d #x82 + #xf7 #xea #x0a #x0d #x7e #xf8 #x50 #x1a + #xc4 #x07 #x57 #xb8 #x3c #x62 #xe3 #xc8 + #xac #x52 #x64 #x10 #xd0 #xd9 #x13 #x0c + #x12 #x29 #x51 #xb9 #xcf #xd6 #x73 #x8d + #x81 #x54 #xc0 #xed #x4e #x44 #xa7 #x2a + #x85 #x25 #xe6 #xca #x7c #x8b #x56 #x80) + (#xce #xbb #xeb #x92 #xea #xcb #x13 #xc1 + #xe9 #x3a #xd6 #xb2 #xd2 #x90 #x17 #xf8 + #x42 #x15 #x56 #xb4 #x65 #x1c #x88 #x43 + #xc5 #x5c #x36 #xba #xf5 #x57 #x67 #x8d + #x31 #xf6 #x64 #x58 #x9e #xf4 #x22 #xaa + #x75 #x0f #x02 #xb1 #xdf #x6d #x73 #x4d + #x7c #x26 #x2e #xf7 #x08 #x5d #x44 #x3e + #x9f #x14 #xc8 #xae #x54 #x10 #xd8 #xbc + #x1a #x6b #x69 #xf3 #xbd #x33 #xab #xfa + #xd1 #x9b #x68 #x4e #x16 #x95 #x91 #xee + #x4c #x63 #x8e #x5b #xcc #x3c #x19 #xa1 + #x81 #x49 #x7b #xd9 #x6f #x37 #x60 #xca + #xe7 #x2b #x48 #xfd #x96 #x45 #xfc #x41 + #x12 #x0d #x79 #xe5 #x89 #x8c #xe3 #x20 + #x30 #xdc #xb7 #x6c #x4a #xb5 #x3f #x97 + #xd4 #x62 #x2d #x06 #xa4 #xa5 #x83 #x5f + #x2a #xda #xc9 #x00 #x7e #xa2 #x55 #xbf + #x11 #xd5 #x9c #xcf #x0e #x0a #x3d #x51 + #x7d #x93 #x1b #xfe #xc4 #x47 #x09 #x86 + #x0b #x8f #x9d #x6a #x07 #xb9 #xb0 #x98 + #x18 #x32 #x71 #x4b #xef #x3b #x70 #xa0 + #xe4 #x40 #xff #xc3 #xa9 #xe6 #x78 #xf9 + #x8b #x46 #x80 #x1e #x38 #xe1 #xb8 #xa8 + #xe0 #x0c #x23 #x76 #x1d #x25 #x24 #x05 + #xf1 #x6e #x94 #x28 #x9a #x84 #xe8 #xa3 + #x4f #x77 #xd3 #x85 #xe2 #x52 #xf2 #x82 + #x50 #x7a #x2f #x74 #x53 #xb3 #x61 #xaf + #x39 #x35 #xde #xcd #x1f #x99 #xac #xad + #x72 #x2c #xdd #xd0 #x87 #xbe #x5e #xa6 + #xec #x04 #xc6 #x03 #x34 #xfb #xdb #x59 + #xb6 #xc2 #x01 #xf0 #x5a #xed #xa7 #x66 + #x21 #x7f #x8a #x27 #xc7 #xc0 #x29 #xd7) + (#x93 #xd9 #x9a #xb5 #x98 #x22 #x45 #xfc + #xba #x6a #xdf #x02 #x9f #xdc #x51 #x59 + #x4a #x17 #x2b #xc2 #x94 #xf4 #xbb #xa3 + #x62 #xe4 #x71 #xd4 #xcd #x70 #x16 #xe1 + #x49 #x3c #xc0 #xd8 #x5c #x9b #xad #x85 + #x53 #xa1 #x7a #xc8 #x2d #xe0 #xd1 #x72 + #xa6 #x2c #xc4 #xe3 #x76 #x78 #xb7 #xb4 + #x09 #x3b #x0e #x41 #x4c #xde #xb2 #x90 + #x25 #xa5 #xd7 #x03 #x11 #x00 #xc3 #x2e + #x92 #xef #x4e #x12 #x9d #x7d #xcb #x35 + #x10 #xd5 #x4f #x9e #x4d #xa9 #x55 #xc6 + #xd0 #x7b #x18 #x97 #xd3 #x36 #xe6 #x48 + #x56 #x81 #x8f #x77 #xcc #x9c #xb9 #xe2 + #xac #xb8 #x2f #x15 #xa4 #x7c #xda #x38 + #x1e #x0b #x05 #xd6 #x14 #x6e #x6c #x7e + #x66 #xfd #xb1 #xe5 #x60 #xaf #x5e #x33 + #x87 #xc9 #xf0 #x5d #x6d #x3f #x88 #x8d + #xc7 #xf7 #x1d #xe9 #xec #xed #x80 #x29 + #x27 #xcf #x99 #xa8 #x50 #x0f #x37 #x24 + #x28 #x30 #x95 #xd2 #x3e #x5b #x40 #x83 + #xb3 #x69 #x57 #x1f #x07 #x1c #x8a #xbc + #x20 #xeb #xce #x8e #xab #xee #x31 #xa2 + #x73 #xf9 #xca #x3a #x1a #xfb #x0d #xc1 + #xfe #xfa #xf2 #x6f #xbd #x96 #xdd #x43 + #x52 #xb6 #x08 #xf3 #xae #xbe #x19 #x89 + #x32 #x26 #xb0 #xea #x4b #x64 #x84 #x82 + #x6b #xf5 #x79 #xbf #x01 #x5f #x75 #x63 + #x1b #x23 #x3d #x68 #x2a #x65 #xe8 #x91 + #xf6 #xff #x13 #x58 #xf1 #x47 #x0a #x7f + #xc5 #xa7 #xe7 #x61 #x5a #x06 #x46 #x44 + #x42 #x04 #xa0 #xdb #x39 #x86 #x54 #xaa + #x8c #x34 #x21 #x8b #xf8 #x0c #x74 #x67) + (#x68 #x8d #xca #x4d #x73 #x4b #x4e #x2a + #xd4 #x52 #x26 #xb3 #x54 #x1e #x19 #x1f + #x22 #x03 #x46 #x3d #x2d #x4a #x53 #x83 + #x13 #x8a #xb7 #xd5 #x25 #x79 #xf5 #xbd + #x58 #x2f #x0d #x02 #xed #x51 #x9e #x11 + #xf2 #x3e #x55 #x5e #xd1 #x16 #x3c #x66 + #x70 #x5d #xf3 #x45 #x40 #xcc #xe8 #x94 + #x56 #x08 #xce #x1a #x3a #xd2 #xe1 #xdf + #xb5 #x38 #x6e #x0e #xe5 #xf4 #xf9 #x86 + #xe9 #x4f #xd6 #x85 #x23 #xcf #x32 #x99 + #x31 #x14 #xae #xee #xc8 #x48 #xd3 #x30 + #xa1 #x92 #x41 #xb1 #x18 #xc4 #x2c #x71 + #x72 #x44 #x15 #xfd #x37 #xbe #x5f #xaa + #x9b #x88 #xd8 #xab #x89 #x9c #xfa #x60 + #xea #xbc #x62 #x0c #x24 #xa6 #xa8 #xec + #x67 #x20 #xdb #x7c #x28 #xdd #xac #x5b + #x34 #x7e #x10 #xf1 #x7b #x8f #x63 #xa0 + #x05 #x9a #x43 #x77 #x21 #xbf #x27 #x09 + #xc3 #x9f #xb6 #xd7 #x29 #xc2 #xeb #xc0 + #xa4 #x8b #x8c #x1d #xfb #xff #xc1 #xb2 + #x97 #x2e #xf8 #x65 #xf6 #x75 #x07 #x04 + #x49 #x33 #xe4 #xd9 #xb9 #xd0 #x42 #xc7 + #x6c #x90 #x00 #x8e #x6f #x50 #x01 #xc5 + #xda #x47 #x3f #xcd #x69 #xa2 #xe2 #x7a + #xa7 #xc6 #x93 #x0f #x0a #x06 #xe6 #x2b + #x96 #xa3 #x1c #xaf #x6a #x12 #x84 #x39 + #xe7 #xb0 #x82 #xf7 #xfe #x9d #x87 #x5c + #x81 #x35 #xde #xb4 #xa5 #xfc #x80 #xef + #xcb #xbb #x6b #x76 #xba #x5a #x7d #x78 + #x0b #x95 #xe3 #xad #x74 #x98 #x3b #x36 + #x64 #x6d #xdc #xf0 #x59 #xa9 #x4c #x17 + #x7f #x91 #xb8 #xc9 #x57 #x1b #xe0 #x61)))) + + (defconst +kalyna-is+ + (make-array '(4 256) + :element-type '(unsigned-byte 8) + :initial-contents '((#xa4 #xa2 #xa9 #xc5 #x4e #xc9 #x03 #xd9 + #x7e #x0f #xd2 #xad #xe7 #xd3 #x27 #x5b + #xe3 #xa1 #xe8 #xe6 #x7c #x2a #x55 #x0c + #x86 #x39 #xd7 #x8d #xb8 #x12 #x6f #x28 + #xcd #x8a #x70 #x56 #x72 #xf9 #xbf #x4f + #x73 #xe9 #xf7 #x57 #x16 #xac #x50 #xc0 + #x9d #xb7 #x47 #x71 #x60 #xc4 #x74 #x43 + #x6c #x1f #x93 #x77 #xdc #xce #x20 #x8c + #x99 #x5f #x44 #x01 #xf5 #x1e #x87 #x5e + #x61 #x2c #x4b #x1d #x81 #x15 #xf4 #x23 + #xd6 #xea #xe1 #x67 #xf1 #x7f #xfe #xda + #x3c #x07 #x53 #x6a #x84 #x9c #xcb #x02 + #x83 #x33 #xdd #x35 #xe2 #x59 #x5a #x98 + #xa5 #x92 #x64 #x04 #x06 #x10 #x4d #x1c + #x97 #x08 #x31 #xee #xab #x05 #xaf #x79 + #xa0 #x18 #x46 #x6d #xfc #x89 #xd4 #xc7 + #xff #xf0 #xcf #x42 #x91 #xf8 #x68 #x0a + #x65 #x8e #xb6 #xfd #xc3 #xef #x78 #x4c + #xcc #x9e #x30 #x2e #xbc #x0b #x54 #x1a + #xa6 #xbb #x26 #x80 #x48 #x94 #x32 #x7d + #xa7 #x3f #xae #x22 #x3d #x66 #xaa #xf6 + #x00 #x5d #xbd #x4a #xe0 #x3b #xb4 #x17 + #x8b #x9f #x76 #xb0 #x24 #x9a #x25 #x63 + #xdb #xeb #x7a #x3e #x5c #xb3 #xb1 #x29 + #xf2 #xca #x58 #x6e #xd8 #xa8 #x2f #x75 + #xdf #x14 #xfb #x13 #x49 #x88 #xb2 #xec + #xe4 #x34 #x2d #x96 #xc6 #x3a #xed #x95 + #x0e #xe5 #x85 #x6b #x40 #x21 #x9b #x09 + #x19 #x2b #x52 #xde #x45 #xa3 #xfa #x51 + #xc2 #xb5 #xd1 #x90 #xb9 #xf3 #x37 #xc1 + #x0d #xba #x41 #x11 #x38 #x7b #xbe #xd0 + #xd5 #x69 #x36 #xc8 #x62 #x1b #x82 #x8f) + (#x83 #xf2 #x2a #xeb #xe9 #xbf #x7b #x9c + #x34 #x96 #x8d #x98 #xb9 #x69 #x8c #x29 + #x3d #x88 #x68 #x06 #x39 #x11 #x4c #x0e + #xa0 #x56 #x40 #x92 #x15 #xbc #xb3 #xdc + #x6f #xf8 #x26 #xba #xbe #xbd #x31 #xfb + #xc3 #xfe #x80 #x61 #xe1 #x7a #x32 #xd2 + #x70 #x20 #xa1 #x45 #xec #xd9 #x1a #x5d + #xb4 #xd8 #x09 #xa5 #x55 #x8e #x37 #x76 + #xa9 #x67 #x10 #x17 #x36 #x65 #xb1 #x95 + #x62 #x59 #x74 #xa3 #x50 #x2f #x4b #xc8 + #xd0 #x8f #xcd #xd4 #x3c #x86 #x12 #x1d + #x23 #xef #xf4 #x53 #x19 #x35 #xe6 #x7f + #x5e #xd6 #x79 #x51 #x22 #x14 #xf7 #x1e + #x4a #x42 #x9b #x41 #x73 #x2d #xc1 #x5c + #xa6 #xa2 #xe0 #x2e #xd3 #x28 #xbb #xc9 + #xae #x6a #xd1 #x5a #x30 #x90 #x84 #xf9 + #xb2 #x58 #xcf #x7e #xc5 #xcb #x97 #xe4 + #x16 #x6c #xfa #xb0 #x6d #x1f #x52 #x99 + #x0d #x4e #x03 #x91 #xc2 #x4d #x64 #x77 + #x9f #xdd #xc4 #x49 #x8a #x9a #x24 #x38 + #xa7 #x57 #x85 #xc7 #x7c #x7d #xe7 #xf6 + #xb7 #xac #x27 #x46 #xde #xdf #x3b #xd7 + #x9e #x2b #x0b #xd5 #x13 #x75 #xf0 #x72 + #xb6 #x9d #x1b #x01 #x3f #x44 #xe5 #x87 + #xfd #x07 #xf1 #xab #x94 #x18 #xea #xfc + #x3a #x82 #x5f #x05 #x54 #xdb #x00 #x8b + #xe3 #x48 #x0c #xca #x78 #x89 #x0a #xff + #x3e #x5b #x81 #xee #x71 #xe2 #xda #x2c + #xb8 #xb5 #xcc #x6e #xa8 #x6b #xad #x60 + #xc6 #x08 #x04 #x02 #xe8 #xf5 #x4f #xa4 + #xf3 #xc0 #xce #x43 #x25 #x1c #x21 #x33 + #x0f #xaf #x47 #xed #x66 #x63 #x93 #xaa) + (#x45 #xd4 #x0b #x43 #xf1 #x72 #xed #xa4 + #xc2 #x38 #xe6 #x71 #xfd #xb6 #x3a #x95 + #x50 #x44 #x4b #xe2 #x74 #x6b #x1e #x11 + #x5a #xc6 #xb4 #xd8 #xa5 #x8a #x70 #xa3 + #xa8 #xfa #x05 #xd9 #x97 #x40 #xc9 #x90 + #x98 #x8f #xdc #x12 #x31 #x2c #x47 #x6a + #x99 #xae #xc8 #x7f #xf9 #x4f #x5d #x96 + #x6f #xf4 #xb3 #x39 #x21 #xda #x9c #x85 + #x9e #x3b #xf0 #xbf #xef #x06 #xee #xe5 + #x5f #x20 #x10 #xcc #x3c #x54 #x4a #x52 + #x94 #x0e #xc0 #x28 #xf6 #x56 #x60 #xa2 + #xe3 #x0f #xec #x9d #x24 #x83 #x7e #xd5 + #x7c #xeb #x18 #xd7 #xcd #xdd #x78 #xff + #xdb #xa1 #x09 #xd0 #x76 #x84 #x75 #xbb + #x1d #x1a #x2f #xb0 #xfe #xd6 #x34 #x63 + #x35 #xd2 #x2a #x59 #x6d #x4d #x77 #xe7 + #x8e #x61 #xcf #x9f #xce #x27 #xf5 #x80 + #x86 #xc7 #xa6 #xfb #xf8 #x87 #xab #x62 + #x3f #xdf #x48 #x00 #x14 #x9a #xbd #x5b + #x04 #x92 #x02 #x25 #x65 #x4c #x53 #x0c + #xf2 #x29 #xaf #x17 #x6c #x41 #x30 #xe9 + #x93 #x55 #xf7 #xac #x68 #x26 #xc4 #x7d + #xca #x7a #x3e #xa0 #x37 #x03 #xc1 #x36 + #x69 #x66 #x08 #x16 #xa7 #xbc #xc5 #xd3 + #x22 #xb7 #x13 #x46 #x32 #xe8 #x57 #x88 + #x2b #x81 #xb2 #x4e #x64 #x1c #xaa #x91 + #x58 #x2e #x9b #x5c #x1b #x51 #x73 #x42 + #x23 #x01 #x6e #xf3 #x0d #xbe #x3d #x0a + #x2d #x1f #x67 #x33 #x19 #x7b #x5e #xea + #xde #x8b #xcb #xa9 #x8c #x8d #xad #x49 + #x82 #xe4 #xba #xc3 #x15 #xd1 #xe0 #x89 + #xfc #xb1 #xb9 #xb5 #x07 #x79 #xb8 #xe1) + (#xb2 #xb6 #x23 #x11 #xa7 #x88 #xc5 #xa6 + #x39 #x8f #xc4 #xe8 #x73 #x22 #x43 #xc3 + #x82 #x27 #xcd #x18 #x51 #x62 #x2d #xf7 + #x5c #x0e #x3b #xfd #xca #x9b #x0d #x0f + #x79 #x8c #x10 #x4c #x74 #x1c #x0a #x8e + #x7c #x94 #x07 #xc7 #x5e #x14 #xa1 #x21 + #x57 #x50 #x4e #xa9 #x80 #xd9 #xef #x64 + #x41 #xcf #x3c #xee #x2e #x13 #x29 #xba + #x34 #x5a #xae #x8a #x61 #x33 #x12 #xb9 + #x55 #xa8 #x15 #x05 #xf6 #x03 #x06 #x49 + #xb5 #x25 #x09 #x16 #x0c #x2a #x38 #xfc + #x20 #xf4 #xe5 #x7f #xd7 #x31 #x2b #x66 + #x6f #xff #x72 #x86 #xf0 #xa3 #x2f #x78 + #x00 #xbc #xcc #xe2 #xb0 #xf1 #x42 #xb4 + #x30 #x5f #x60 #x04 #xec #xa5 #xe3 #x8b + #xe7 #x1d #xbf #x84 #x7b #xe6 #x81 #xf8 + #xde #xd8 #xd2 #x17 #xce #x4b #x47 #xd6 + #x69 #x6c #x19 #x99 #x9a #x01 #xb3 #x85 + #xb1 #xf9 #x59 #xc2 #x37 #xe9 #xc8 #xa0 + #xed #x4f #x89 #x68 #x6d #xd5 #x26 #x91 + #x87 #x58 #xbd #xc9 #x98 #xdc #x75 #xc0 + #x76 #xf5 #x67 #x6b #x7e #xeb #x52 #xcb + #xd1 #x5b #x9f #x0b #xdb #x40 #x92 #x1a + #xfa #xac #xe4 #xe1 #x71 #x1f #x65 #x8d + #x97 #x9e #x95 #x90 #x5d #xb7 #xc1 #xaf + #x54 #xfb #x02 #xe0 #x35 #xbb #x3a #x4d + #xad #x2c #x3d #x56 #x08 #x1b #x4a #x93 + #x6a #xab #xb8 #x7a #xf2 #x7d #xda #x3f + #xfe #x3e #xbe #xea #xaa #x44 #xc6 #xd0 + #x36 #x48 #x70 #x96 #x77 #x24 #x53 #xdf + #xf3 #x83 #x28 #x32 #x45 #x1e #xa4 #xd3 + #xa2 #x46 #x6e #x9c #xdd #x63 #xd4 #x9d))))) + +(declaim (type (simple-array (unsigned-byte 64) (8 256)) +kalyna-t+ +kalyna-it+) + (type (simple-array (unsigned-byte 8) (4 256)) +kalyna-s+ +kalyna-is+)) + + +;;; +;;; Common functions and macros +;;; + +(declaim (inline kalyna-make-odd-key)) +(defun kalyna-make-odd-key (n ek ek-start ok ok-start) + (declare (type (integer 0 8) n) + (type (simple-array (unsigned-byte 64) (*)) ek ok) + (type (integer 0 144) ek-start ok-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c d e) + `(setf (aref ok (+ ok-start ,a)) + (logior (mod64ash (aref ek (+ ek-start ,b)) ,c) + (mod64ash (aref ek (+ ek-start ,d)) ,e))))) + (ecase n + (2 + (m 0 1 8 0 -56) (m 1 0 8 1 -56)) + (4 + (m 0 2 40 1 -24) (m 1 3 40 2 -24) (m 2 0 40 3 -24) (m 3 1 40 0 -24)) + (8 + (m 0 3 40 2 -24) (m 1 4 40 3 -24) (m 2 5 40 4 -24) (m 3 6 40 5 -24) + (m 4 7 40 6 -24) (m 5 0 40 7 -24) (m 6 1 40 0 -24) (m 7 2 40 1 -24)))) + (values)) + +(declaim (inline kalyna-swap-blocks)) +(defun kalyna-swap-blocks (n k) + (declare (type (integer 0 8) n) + (type (simple-array (unsigned-byte 64) (*)) k) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (ecase n + (2 (rotatef (aref k 0) (aref k 1))) + (4 (rotatef (aref k 0) (aref k 1) (aref k 2) (aref k 3))) + (8 (rotatef (aref k 0) (aref k 1) (aref k 2) (aref k 3) + (aref k 4) (aref k 5) (aref k 6) (aref k 7)))) + (values)) + +(defmacro kalyna-add-key (n x x-start y k) + `(dotimes-unrolled (i ,n) + (setf (aref ,y i) (mod64+ (aref ,x (+ ,x-start i)) (aref ,k i))))) + +(defmacro kalyna-sub-key (n x y k k-start) + `(dotimes-unrolled (i ,n) + (setf (aref ,y i) (mod64- (aref ,x i) (aref ,k (+ ,k-start i)))))) + +(defmacro kalyna-add-constant (n x y c) + `(dotimes-unrolled (i ,n) + (setf (aref ,y i) (mod64+ (aref ,x i) ,c)))) + + +;;; +;;; Kalyna128 +;;; + +(declaim (inline kalyna-g0128)) +(defun kalyna-g0128 (x y) + (declare (type (simple-array (unsigned-byte 64) (*)) x y) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c) + `(aref +kalyna-t+ ,a (logand (mod64ash (aref x ,b) ,c) #xff)))) + (setf (aref y 0) + (logxor (m 0 0 0) (m 1 0 -8) (m 2 0 -16) (m 3 0 -24) + (m 4 1 -32) (m 5 1 -40) (m 6 1 -48) (m 7 1 -56))) + (setf (aref y 1) + (logxor (m 0 1 0) (m 1 1 -8) (m 2 1 -16) (m 3 1 -24) + (m 4 0 -32) (m 5 0 -40) (m 6 0 -48)(m 7 0 -56)))) + (values)) + +(declaim (inline kalyna-gl128)) +(defun kalyna-gl128 (x y y-start k k-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x y k) + (type (integer 0 30) y-start k-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c) + `(aref +kalyna-t+ ,a (logand (mod64ash (aref x ,b) ,c) #xff)))) + (setf (aref y (+ y-start 0)) + (mod64+ (aref k (+ k-start 0)) + (logxor (m 0 0 0) (m 1 0 -8) (m 2 0 -16) (m 3 0 -24) + (m 4 1 -32) (m 5 1 -40) (m 6 1 -48) (m 7 1 -56)))) + (setf (aref y (+ y-start 1)) + (mod64+ (aref k (+ k-start 1)) + (logxor (m 0 1 0) (m 1 1 -8) (m 2 1 -16) (m 3 1 -24) + (m 4 0 -32) (m 5 0 -40) (m 6 0 -48) (m 7 0 -56))))) + (values)) + +(declaim (inline kalyna-imc128)) +(defun kalyna-imc128 (x x-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x) + (type (integer 0 30) x-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c d) + `(aref +kalyna-it+ + ,a + (aref +kalyna-s+ + ,b + (logand (mod64ash (aref x (+ x-start ,c)) ,d) #xff))))) + (setf (aref x (+ x-start 0)) + (logxor (m 0 0 0 0) (m 1 1 0 -8) (m 2 2 0 -16) (m 3 3 0 -24) + (m 4 0 0 -32) (m 5 1 0 -40) (m 6 2 0 -48) (m 7 3 0 -56))) + (setf (aref x (+ x-start 1)) + (logxor (m 0 0 1 0) (m 1 1 1 -8) (m 2 2 1 -16) (m 3 3 1 -24) + (m 4 0 1 -32) (m 5 1 1 -40) (m 6 2 1 -48) (m 7 3 1 -56)))) + (values)) + +(declaim (inline kalyna-ig128)) +(defun kalyna-ig128 (x y k k-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x y k) + (type (integer 0 30) k-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c) + `(aref +kalyna-it+ ,a (logand (mod64ash (aref x ,b) ,c) #xff)))) + (setf (aref y 0) + (logxor (aref k (+ k-start 0)) + (m 0 0 0) (m 1 0 -8) (m 2 0 -16) (m 3 0 -24) + (m 4 1 -32) (m 5 1 -40) (m 6 1 -48) (m 7 1 -56))) + (setf (aref y 1) + (logxor (aref k (+ k-start 1)) + (m 0 1 0) (m 1 1 -8) (m 2 1 -16) (m 3 1 -24) + (m 4 0 -32) (m 5 0 -40) (m 6 0 -48) (m 7 0 -56)))) + (values)) + +(declaim (inline kalyna-igl128)) +(defun kalyna-igl128 (x y k k-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x y k) + (type (integer 0 30) k-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c d) + `(mod64ash (aref +kalyna-is+ + ,a + (logand (mod64ash (aref x ,b) ,c) #xff)) + ,d))) + (setf (aref y 0) + (mod64- (logxor (m 0 0 0 0) (m 1 0 -8 8) (m 2 0 -16 16) (m 3 0 -24 24) + (m 0 1 -32 32) (m 1 1 -40 40) (m 2 1 -48 48) (m 3 1 -56 56)) + (aref k (+ k-start 0)))) + (setf (aref y 1) + (mod64- (logxor (m 0 1 0 0) (m 1 1 -8 8) (m 2 1 -16 16) (m 3 1 -24 24) + (m 0 0 -32 32) (m 1 0 -40 40) (m 2 0 -48 48) (m 3 0 -56 56)) + (aref k (+ k-start 1))))) + (values)) + +(declaim (inline kalyna-g128)) +(defun kalyna-g128 (x y k k-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x y k) + (type (integer 0 30) k-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c) + `(aref +kalyna-t+ ,a (logand (mod64ash (aref x ,b) ,c) #xff)))) + (setf (aref y 0) + (logxor (aref k (+ k-start 0)) + (m 0 0 0) (m 1 0 -8) (m 2 0 -16) (m 3 0 -24) + (m 4 1 -32) (m 5 1 -40) (m 6 1 -48) (m 7 1 -56))) + (setf (aref y 1) + (logxor (aref k (+ k-start 1)) + (m 0 1 0) (m 1 1 -8) (m 2 1 -16) (m 3 1 -24) + (m 4 0 -32) (m 5 0 -40) (m 6 0 -48) (m 7 0 -56)))) + (values)) + +(defclass kalyna128 (cipher 16-byte-block-mixin) + ((encryption-round-keys :accessor encryption-round-keys + :initform (make-array 30 :element-type '(unsigned-byte 64)) + :type (simple-array (unsigned-byte 64) (30))) + (decryption-round-keys :accessor decryption-round-keys + :initform (make-array 30 :element-type '(unsigned-byte 64)) + :type (simple-array (unsigned-byte 64) (30))) + (n-rounds :accessor n-rounds))) + +(defmethod schedule-key ((cipher kalyna128) key) + (let ((encryption-round-keys (encryption-round-keys cipher)) + (decryption-round-keys (decryption-round-keys cipher))) + (declare (type (simple-array (unsigned-byte 64) (30)) encryption-round-keys) + (type (simple-array (unsigned-byte 64) (30)) decryption-round-keys)) + (ecase (length key) + (16 + (let ((key (make-array 2 :element-type '(unsigned-byte 64) + :initial-contents (list (ub64ref/le key 0) + (ub64ref/le key 8)))) + (ks (make-array 2 :element-type '(unsigned-byte 64))) + (ksc (make-array 2 :element-type '(unsigned-byte 64))) + (t1 (make-array 2 :element-type '(unsigned-byte 64))) + (t2 (make-array 2 :element-type '(unsigned-byte 64))) + (k (make-array 2 :element-type '(unsigned-byte 64))) + (kswapped (make-array 2 :element-type '(unsigned-byte 64))) + (constant #x0001000100010001)) + (declare (type (simple-array (unsigned-byte 64) (2)) key ks ksc t1 t2 k kswapped) + (dynamic-extent key ks ksc t1 t2 k kswapped) + (type (unsigned-byte 64) constant)) + (setf (n-rounds cipher) 10) + (setf (aref t1 0) (/ (+ 128 128 64) 64) + (aref t1 1) 0) + (kalyna-add-key 2 t1 0 t2 key) + (kalyna-g128 t2 t1 key 0) + (kalyna-gl128 t1 t2 0 key 0) + (kalyna-g0128 t2 ks) + + ;; Round 0 + (replace k key) + (setf (aref kswapped 1) (aref k 0) + (aref kswapped 0) (aref k 1)) + (kalyna-add-constant 2 ks ksc constant) + (kalyna-add-key 2 k 0 t2 ksc) + (kalyna-g128 t2 t1 ksc 0) + (kalyna-gl128 t1 encryption-round-keys 0 ksc 0) + (kalyna-make-odd-key 2 encryption-round-keys 0 encryption-round-keys 2) + + ;; Rounds 2 to 9 + (flet ((r (v n) + (setf constant (mod64ash constant 1)) + (kalyna-add-constant 2 ks ksc constant) + (kalyna-add-key 2 v 0 t2 ksc) + (kalyna-g128 t2 t1 ksc 0) + (kalyna-gl128 t1 encryption-round-keys n ksc 0) + (kalyna-make-odd-key 2 + encryption-round-keys n + encryption-round-keys (+ n 2)))) + (r kswapped 4) + (r k 8) + (r kswapped 12) + (r k 16)) + + ;; Round 10 + (setf constant (mod64ash constant 1)) + (kalyna-add-constant 2 ks ksc constant) + (kalyna-add-key 2 kswapped 0 t2 ksc) + (kalyna-g128 t2 t1 ksc 0) + (kalyna-gl128 t1 encryption-round-keys 20 ksc 0) + + (replace decryption-round-keys encryption-round-keys) + (loop for n from 18 downto 2 by 2 do + (kalyna-imc128 decryption-round-keys n)))) + + (32 + (let ((key (make-array 4 :element-type '(unsigned-byte 64) + :initial-contents (list (ub64ref/le key 0) + (ub64ref/le key 8) + (ub64ref/le key 16) + (ub64ref/le key 24)))) + (ks (make-array 2 :element-type '(unsigned-byte 64))) + (ksc (make-array 2 :element-type '(unsigned-byte 64))) + (t1 (make-array 2 :element-type '(unsigned-byte 64))) + (t2 (make-array 2 :element-type '(unsigned-byte 64))) + (k (make-array 4 :element-type '(unsigned-byte 64))) + (ka (make-array 2 :element-type '(unsigned-byte 64))) + (ko (make-array 2 :element-type '(unsigned-byte 64))) + (constant #x0001000100010001)) + (declare (type (simple-array (unsigned-byte 64) (4)) key k) + (type (simple-array (unsigned-byte 64) (2)) ks ksc t1 t2 ka ko) + (dynamic-extent key ks ksc t1 t2 k ka ko) + (type (unsigned-byte 64) constant)) + (setf (n-rounds cipher) 14) + (setf (aref t1 0) (/ (+ 128 256 64) 64) + (aref t1 1) 0) + (replace ka key :end2 2) + (replace ko key :start2 2) + (kalyna-add-key 2 t1 0 t2 ka) + (kalyna-g128 t2 t1 ko 0) + (kalyna-gl128 t1 t2 0 ka 0) + (kalyna-g0128 t2 ks) + + ;; Round 0 + (replace k key) + (kalyna-add-constant 2 ks ksc constant) + (kalyna-add-key 2 k 0 t2 ksc) + (kalyna-g128 t2 t1 ksc 0) + (kalyna-gl128 t1 encryption-round-keys 0 ksc 0) + (kalyna-make-odd-key 2 encryption-round-keys 0 encryption-round-keys 2) + + ;; Rounds 2 to 13 + (flet ((r (v n) + (when (zerop v) + (kalyna-swap-blocks 4 k)) + (setf constant (mod64ash constant 1)) + (kalyna-add-constant 2 ks ksc constant) + (kalyna-add-key 2 k v t2 ksc) + (kalyna-g128 t2 t1 ksc 0) + (kalyna-gl128 t1 encryption-round-keys n ksc 0) + (kalyna-make-odd-key 2 + encryption-round-keys n + encryption-round-keys (+ n 2)))) + (r 2 4) + (r 0 8) + (r 2 12) + (r 0 16) + (r 2 20) + (r 0 24)) + + ;; Round 14 + (setf constant (mod64ash constant 1)) + (kalyna-add-constant 2 ks ksc constant) + (kalyna-add-key 2 k 2 t2 ksc) + (kalyna-g128 t2 t1 ksc 0) + (kalyna-gl128 t1 encryption-round-keys 28 ksc 0) + + (replace decryption-round-keys encryption-round-keys) + (loop for n from 26 downto 2 by 2 do + (kalyna-imc128 decryption-round-keys n))))) + cipher)) + +(define-block-encryptor kalyna128 16 + (let ((encryption-round-keys (encryption-round-keys context)) + (t1 (make-array 2 :element-type '(unsigned-byte 64))) + (t2 (make-array 2 :element-type '(unsigned-byte 64)))) + (declare (type (simple-array (unsigned-byte 64) (30)) encryption-round-keys) + (type (simple-array (unsigned-byte 64) (2)) t1 t2) + (dynamic-extent t1 t2)) + (setf (aref t2 0) (ub64ref/le plaintext plaintext-start) + (aref t2 1) (ub64ref/le plaintext (+ plaintext-start 8))) + (kalyna-add-key 2 t2 0 t1 encryption-round-keys) + (kalyna-g128 t1 t2 encryption-round-keys 2) + (kalyna-g128 t2 t1 encryption-round-keys 4) + (kalyna-g128 t1 t2 encryption-round-keys 6) + (kalyna-g128 t2 t1 encryption-round-keys 8) + (kalyna-g128 t1 t2 encryption-round-keys 10) + (kalyna-g128 t2 t1 encryption-round-keys 12) + (kalyna-g128 t1 t2 encryption-round-keys 14) + (kalyna-g128 t2 t1 encryption-round-keys 16) + (kalyna-g128 t1 t2 encryption-round-keys 18) + (ecase (n-rounds context) + (10 + (kalyna-gl128 t2 t1 0 encryption-round-keys 20)) + (14 + (kalyna-g128 t2 t1 encryption-round-keys 20) + (kalyna-g128 t1 t2 encryption-round-keys 22) + (kalyna-g128 t2 t1 encryption-round-keys 24) + (kalyna-g128 t1 t2 encryption-round-keys 26) + (kalyna-gl128 t2 t1 0 encryption-round-keys 28))) + (setf (ub64ref/le ciphertext ciphertext-start) (aref t1 0) + (ub64ref/le ciphertext (+ ciphertext-start 8)) (aref t1 1)) + (values))) + +(define-block-decryptor kalyna128 16 + (let ((decryption-round-keys (decryption-round-keys context)) + (t1 (make-array 2 :element-type '(unsigned-byte 64))) + (t2 (make-array 2 :element-type '(unsigned-byte 64)))) + (declare (type (simple-array (unsigned-byte 64) (30)) decryption-round-keys) + (type (simple-array (unsigned-byte 64) (2)) t1 t2) + (dynamic-extent t1 t2)) + (setf (aref t2 0) (ub64ref/le ciphertext ciphertext-start) + (aref t2 1) (ub64ref/le ciphertext (+ ciphertext-start 8))) + (ecase (n-rounds context) + (10 + (kalyna-sub-key 2 t2 t1 decryption-round-keys 20) + (kalyna-imc128 t1 0)) + (14 + (kalyna-sub-key 2 t2 t1 decryption-round-keys 28) + (kalyna-imc128 t1 0) + (kalyna-ig128 t1 t2 decryption-round-keys 26) + (kalyna-ig128 t2 t1 decryption-round-keys 24) + (kalyna-ig128 t1 t2 decryption-round-keys 22) + (kalyna-ig128 t2 t1 decryption-round-keys 20))) + (kalyna-ig128 t1 t2 decryption-round-keys 18) + (kalyna-ig128 t2 t1 decryption-round-keys 16) + (kalyna-ig128 t1 t2 decryption-round-keys 14) + (kalyna-ig128 t2 t1 decryption-round-keys 12) + (kalyna-ig128 t1 t2 decryption-round-keys 10) + (kalyna-ig128 t2 t1 decryption-round-keys 8) + (kalyna-ig128 t1 t2 decryption-round-keys 6) + (kalyna-ig128 t2 t1 decryption-round-keys 4) + (kalyna-ig128 t1 t2 decryption-round-keys 2) + (kalyna-igl128 t2 t1 decryption-round-keys 0) + (setf (ub64ref/le plaintext plaintext-start) (aref t1 0) + (ub64ref/le plaintext (+ plaintext-start 8)) (aref t1 1)) + (values))) + +(defcipher kalyna128 + (:encrypt-function kalyna128-encrypt-block) + (:decrypt-function kalyna128-decrypt-block) + (:block-length 16) + (:key-length (:fixed 16 32))) + + +;;; +;;; Kalyna256 +;;; + +(declaim (inline kalyna-g0256)) +(defun kalyna-g0256 (x y) + (declare (type (simple-array (unsigned-byte 64) (*)) x y) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c) + `(aref +kalyna-t+ ,a (logand (mod64ash (aref x ,b) ,c) #xff)))) + (setf (aref y 0) + (logxor (m 0 0 0) (m 1 0 -8) (m 2 3 -16) (m 3 3 -24) + (m 4 2 -32) (m 5 2 -40) (m 6 1 -48) (m 7 1 -56))) + (setf (aref y 1) + (logxor (m 0 1 0) (m 1 1 -8) (m 2 0 -16) (m 3 0 -24) + (m 4 3 -32) (m 5 3 -40) (m 6 2 -48) (m 7 2 -56))) + (setf (aref y 2) + (logxor (m 0 2 0) (m 1 2 -8) (m 2 1 -16) (m 3 1 -24) + (m 4 0 -32) (m 5 0 -40) (m 6 3 -48) (m 7 3 -56))) + (setf (aref y 3) + (logxor (m 0 3 0) (m 1 3 -8) (m 2 2 -16) (m 3 2 -24) + (m 4 1 -32) (m 5 1 -40) (m 6 0 -48) (m 7 0 -56)))) + (values)) + +(declaim (inline kalyna-gl256)) +(defun kalyna-gl256 (x y y-start k k-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x y k) + (type (integer 0 76) y-start k-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c) + `(aref +kalyna-t+ ,a (logand (mod64ash (aref x ,b) ,c) #xff)))) + (setf (aref y (+ y-start 0)) + (mod64+ (aref k (+ k-start 0)) + (logxor (m 0 0 0) (m 1 0 -8) (m 2 3 -16) (m 3 3 -24) + (m 4 2 -32) (m 5 2 -40) (m 6 1 -48) (m 7 1 -56)))) + (setf (aref y (+ y-start 1)) + (mod64+ (aref k (+ k-start 1)) + (logxor (m 0 1 0) (m 1 1 -8) (m 2 0 -16) (m 3 0 -24) + (m 4 3 -32) (m 5 3 -40) (m 6 2 -48) (m 7 2 -56)))) + (setf (aref y (+ y-start 2)) + (mod64+ (aref k (+ k-start 2)) + (logxor (m 0 2 0) (m 1 2 -8) (m 2 1 -16) (m 3 1 -24) + (m 4 0 -32) (m 5 0 -40) (m 6 3 -48) (m 7 3 -56)))) + (setf (aref y (+ y-start 3)) + (mod64+ (aref k (+ k-start 3)) + (logxor (m 0 3 0) (m 1 3 -8) (m 2 2 -16) (m 3 2 -24) + (m 4 1 -32) (m 5 1 -40) (m 6 0 -48) (m 7 0 -56))))) + (values)) + +(declaim (inline kalyna-imc256)) +(defun kalyna-imc256 (x x-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x) + (type (integer 0 76) x-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c d) + `(aref +kalyna-it+ + ,a + (aref +kalyna-s+ + ,b + (logand (mod64ash (aref x (+ x-start ,c)) ,d) #xff))))) + (setf (aref x (+ x-start 0)) + (logxor (m 0 0 0 0) (m 1 1 0 -8) (m 2 2 0 -16) (m 3 3 0 -24) + (m 4 0 0 -32) (m 5 1 0 -40) (m 6 2 0 -48) (m 7 3 0 -56))) + (setf (aref x (+ x-start 1)) + (logxor (m 0 0 1 0) (m 1 1 1 -8) (m 2 2 1 -16) (m 3 3 1 -24) + (m 4 0 1 -32) (m 5 1 1 -40) (m 6 2 1 -48) (m 7 3 1 -56))) + (setf (aref x (+ x-start 2)) + (logxor (m 0 0 2 0) (m 1 1 2 -8) (m 2 2 2 -16) (m 3 3 2 -24) + (m 4 0 2 -32) (m 5 1 2 -40) (m 6 2 2 -48) (m 7 3 2 -56))) + (setf (aref x (+ x-start 3)) + (logxor (m 0 0 3 0) (m 1 1 3 -8) (m 2 2 3 -16) (m 3 3 3 -24) + (m 4 0 3 -32) (m 5 1 3 -40) (m 6 2 3 -48) (m 7 3 3 -56)))) + (values)) + +(declaim (inline kalyna-ig256)) +(defun kalyna-ig256 (x y k k-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x y k) + (type (integer 0 76) k-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c) + `(aref +kalyna-it+ ,a (logand (mod64ash (aref x ,b) ,c) #xff)))) + (setf (aref y 0) + (logxor (aref k (+ k-start 0)) + (m 0 0 0) (m 1 0 -8) (m 2 1 -16) (m 3 1 -24) + (m 4 2 -32) (m 5 2 -40) (m 6 3 -48) (m 7 3 -56))) + (setf (aref y 1) + (logxor (aref k (+ k-start 1)) + (m 0 1 0) (m 1 1 -8) (m 2 2 -16) (m 3 2 -24) + (m 4 3 -32) (m 5 3 -40) (m 6 0 -48) (m 7 0 -56))) + (setf (aref y 2) + (logxor (aref k (+ k-start 2)) + (m 0 2 0) (m 1 2 -8) (m 2 3 -16) (m 3 3 -24) + (m 4 0 -32) (m 5 0 -40) (m 6 1 -48) (m 7 1 -56))) + (setf (aref y 3) + (logxor (aref k (+ k-start 3)) + (m 0 3 0) (m 1 3 -8) (m 2 0 -16) (m 3 0 -24) + (m 4 1 -32) (m 5 1 -40) (m 6 2 -48) (m 7 2 -56)))) + (values)) + +(declaim (inline kalyna-igl256)) +(defun kalyna-igl256 (x y k k-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x y k) + (type (integer 0 76) k-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c d) + `(mod64ash (aref +kalyna-is+ + ,a + (logand (mod64ash (aref x ,b) ,c) #xff)) + ,d))) + (setf (aref y 0) + (mod64- (logxor (m 0 0 0 0) (m 1 0 -8 8) (m 2 1 -16 16) (m 3 1 -24 24) + (m 0 2 -32 32) (m 1 2 -40 40) (m 2 3 -48 48) (m 3 3 -56 56)) + (aref k (+ k-start 0)))) + (setf (aref y 1) + (mod64- (logxor (m 0 1 0 0) (m 1 1 -8 8) (m 2 2 -16 16) (m 3 2 -24 24) + (m 0 3 -32 32) (m 1 3 -40 40) (m 2 0 -48 48) (m 3 0 -56 56)) + (aref k (+ k-start 1)))) + (setf (aref y 2) + (mod64- (logxor (m 0 2 0 0) (m 1 2 -8 8) (m 2 3 -16 16) (m 3 3 -24 24) + (m 0 0 -32 32) (m 1 0 -40 40) (m 2 1 -48 48) (m 3 1 -56 56)) + (aref k (+ k-start 2)))) + (setf (aref y 3) + (mod64- (logxor (m 0 3 0 0) (m 1 3 -8 8) (m 2 0 -16 16) (m 3 0 -24 24) + (m 0 1 -32 32) (m 1 1 -40 40) (m 2 2 -48 48) (m 3 2 -56 56)) + (aref k (+ k-start 3))))) + (values)) + +(declaim (inline kalyna-g256)) +(defun kalyna-g256 (x y k k-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x y k) + (type (integer 0 76) k-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c) + `(aref +kalyna-t+ ,a (logand (mod64ash (aref x ,b) ,c) #xff)))) + (setf (aref y 0) + (logxor (aref k (+ k-start 0)) + (m 0 0 0) (m 1 0 -8) (m 2 3 -16) (m 3 3 -24) + (m 4 2 -32) (m 5 2 -40) (m 6 1 -48) (m 7 1 -56))) + (setf (aref y 1) + (logxor (aref k (+ k-start 1)) + (m 0 1 0) (m 1 1 -8) (m 2 0 -16) (m 3 0 -24) + (m 4 3 -32) (m 5 3 -40) (m 6 2 -48) (m 7 2 -56))) + (setf (aref y 2) + (logxor (aref k (+ k-start 2)) + (m 0 2 0) (m 1 2 -8) (m 2 1 -16) (m 3 1 -24) + (m 4 0 -32) (m 5 0 -40) (m 6 3 -48) (m 7 3 -56))) + (setf (aref y 3) + (logxor (aref k (+ k-start 3)) + (m 0 3 0) (m 1 3 -8) (m 2 2 -16) (m 3 2 -24) + (m 4 1 -32) (m 5 1 -40) (m 6 0 -48) (m 7 0 -56)))) + (values)) + +(defclass kalyna256 (cipher 32-byte-block-mixin) + ((encryption-round-keys :accessor encryption-round-keys + :initform (make-array 76 :element-type '(unsigned-byte 64)) + :type (simple-array (unsigned-byte 64) (76))) + (decryption-round-keys :accessor decryption-round-keys + :initform (make-array 76 :element-type '(unsigned-byte 64)) + :type (simple-array (unsigned-byte 64) (76))) + (n-rounds :accessor n-rounds))) + +(defmethod schedule-key ((cipher kalyna256) key) + (let ((encryption-round-keys (encryption-round-keys cipher)) + (decryption-round-keys (decryption-round-keys cipher))) + (declare (type (simple-array (unsigned-byte 64) (76)) encryption-round-keys) + (type (simple-array (unsigned-byte 64) (76)) decryption-round-keys)) + (ecase (length key) + (32 + (let ((key (make-array 4 :element-type '(unsigned-byte 64) + :initial-contents (list (ub64ref/le key 0) + (ub64ref/le key 8) + (ub64ref/le key 16) + (ub64ref/le key 24)))) + (ks (make-array 4 :element-type '(unsigned-byte 64))) + (ksc (make-array 4 :element-type '(unsigned-byte 64))) + (t1 (make-array 4 :element-type '(unsigned-byte 64))) + (t2 (make-array 4 :element-type '(unsigned-byte 64))) + (k (make-array 4 :element-type '(unsigned-byte 64))) + (constant #x0001000100010001)) + (declare (type (simple-array (unsigned-byte 64) (4)) key ks ksc t1 t2 k) + (dynamic-extent key ks ksc t1 t2 k) + (type (unsigned-byte 64) constant)) + (setf (n-rounds cipher) 14) + (fill t1 0) + (setf (aref t1 0) (/ (+ 256 256 64) 64)) + (kalyna-add-key 4 t1 0 t2 key) + (kalyna-g256 t2 t1 key 0) + (kalyna-gl256 t1 t2 0 key 0) + (kalyna-g0256 t2 ks) + + ;; Round 0 + (replace k key) + (kalyna-add-constant 4 ks ksc constant) + (kalyna-add-key 4 k 0 t2 ksc) + (kalyna-g256 t2 t1 ksc 0) + (kalyna-gl256 t1 encryption-round-keys 0 ksc 0) + (kalyna-make-odd-key 4 encryption-round-keys 0 encryption-round-keys 4) + + ;; Rounds 2 to 13 + (flet ((r (n) + (kalyna-swap-blocks 4 k) + (setf constant (mod64ash constant 1)) + (kalyna-add-constant 4 ks ksc constant) + (kalyna-add-key 4 k 0 t2 ksc) + (kalyna-g256 t2 t1 ksc 0) + (kalyna-gl256 t1 encryption-round-keys n ksc 0) + (kalyna-make-odd-key 4 + encryption-round-keys n + encryption-round-keys (+ n 4)))) + (r 8) + (r 16) + (r 24) + (r 32) + (r 40) + (r 48)) + + ;; Round 14 + (kalyna-swap-blocks 4 k) + (setf constant (mod64ash constant 1)) + (kalyna-add-constant 4 ks ksc constant) + (kalyna-add-key 4 k 0 t2 ksc) + (kalyna-g256 t2 t1 ksc 0) + (kalyna-gl256 t1 encryption-round-keys 56 ksc 0) + + (replace decryption-round-keys encryption-round-keys) + (loop for n from 52 downto 4 by 4 do + (kalyna-imc256 decryption-round-keys n)))) + + (64 + (let ((key (make-array 8 :element-type '(unsigned-byte 64) + :initial-contents (list (ub64ref/le key 0) + (ub64ref/le key 8) + (ub64ref/le key 16) + (ub64ref/le key 24) + (ub64ref/le key 32) + (ub64ref/le key 40) + (ub64ref/le key 48) + (ub64ref/le key 56)))) + (ks (make-array 4 :element-type '(unsigned-byte 64))) + (ksc (make-array 4 :element-type '(unsigned-byte 64))) + (t1 (make-array 4 :element-type '(unsigned-byte 64))) + (t2 (make-array 4 :element-type '(unsigned-byte 64))) + (k (make-array 8 :element-type '(unsigned-byte 64))) + (ko (make-array 4 :element-type '(unsigned-byte 64))) + (ka (make-array 4 :element-type '(unsigned-byte 64))) + (constant #x0001000100010001)) + (declare (type (simple-array (unsigned-byte 64) (8)) key k) + (type (simple-array (unsigned-byte 64) (4)) ks ksc t1 t2 ko ka) + (dynamic-extent key ks ksc t1 t2 k ko ka) + (type (unsigned-byte 64) constant)) + (setf (n-rounds cipher) 18) + (fill t1 0) + (setf (aref t1 0) (/ (+ 512 256 64) 64)) + (replace ka key :end2 4) + (replace ko key :start2 4) + (kalyna-add-key 4 t1 0 t2 ka) + (kalyna-g256 t2 t1 ko 0) + (kalyna-gl256 t1 t2 0 ka 0) + (kalyna-g0256 t2 ks) + + ;; Round 0 + (replace k key) + (kalyna-add-constant 4 ks ksc constant) + (kalyna-add-key 4 k 0 t2 ksc) + (kalyna-g256 t2 t1 ksc 0) + (kalyna-gl256 t1 encryption-round-keys 0 ksc 0) + (kalyna-make-odd-key 4 encryption-round-keys 0 encryption-round-keys 4) + + ;; Rounds 2 to 17 + (flet ((r (v n) + (when (zerop v) + (kalyna-swap-blocks 8 k)) + (setf constant (mod64ash constant 1)) + (kalyna-add-constant 4 ks ksc constant) + (kalyna-add-key 4 k v t2 ksc) + (kalyna-g256 t2 t1 ksc 0) + (kalyna-gl256 t1 encryption-round-keys n ksc 0) + (kalyna-make-odd-key 4 + encryption-round-keys n + encryption-round-keys (+ n 4)))) + (r 4 8) + (r 0 16) + (r 4 24) + (r 0 32) + (r 4 40) + (r 0 48) + (r 4 56) + (r 0 64)) + + ;; Round 18 + (setf constant (mod64ash constant 1)) + (kalyna-add-constant 4 ks ksc constant) + (kalyna-add-key 4 k 4 t2 ksc) + (kalyna-g256 t2 t1 ksc 0) + (kalyna-gl256 t1 encryption-round-keys 72 ksc 0) + + (replace decryption-round-keys encryption-round-keys) + (loop for n from 68 downto 4 by 4 do + (kalyna-imc256 decryption-round-keys n))))) + cipher)) + +(define-block-encryptor kalyna256 32 + (let ((encryption-round-keys (encryption-round-keys context)) + (t1 (make-array 4 :element-type '(unsigned-byte 64))) + (t2 (make-array 4 :element-type '(unsigned-byte 64)))) + (declare (type (simple-array (unsigned-byte 64) (76)) encryption-round-keys) + (type (simple-array (unsigned-byte 64) (4)) t1 t2) + (dynamic-extent t1 t2)) + (setf (aref t2 0) (ub64ref/le plaintext plaintext-start) + (aref t2 1) (ub64ref/le plaintext (+ plaintext-start 8)) + (aref t2 2) (ub64ref/le plaintext (+ plaintext-start 16)) + (aref t2 3) (ub64ref/le plaintext (+ plaintext-start 24))) + (kalyna-add-key 4 t2 0 t1 encryption-round-keys) + (kalyna-g256 t1 t2 encryption-round-keys 4) + (kalyna-g256 t2 t1 encryption-round-keys 8) + (kalyna-g256 t1 t2 encryption-round-keys 12) + (kalyna-g256 t2 t1 encryption-round-keys 16) + (kalyna-g256 t1 t2 encryption-round-keys 20) + (kalyna-g256 t2 t1 encryption-round-keys 24) + (kalyna-g256 t1 t2 encryption-round-keys 28) + (kalyna-g256 t2 t1 encryption-round-keys 32) + (kalyna-g256 t1 t2 encryption-round-keys 36) + (kalyna-g256 t2 t1 encryption-round-keys 40) + (kalyna-g256 t1 t2 encryption-round-keys 44) + (kalyna-g256 t2 t1 encryption-round-keys 48) + (kalyna-g256 t1 t2 encryption-round-keys 52) + (ecase (n-rounds context) + (14 + (kalyna-gl256 t2 t1 0 encryption-round-keys 56)) + (18 + (kalyna-g256 t2 t1 encryption-round-keys 56) + (kalyna-g256 t1 t2 encryption-round-keys 60) + (kalyna-g256 t2 t1 encryption-round-keys 64) + (kalyna-g256 t1 t2 encryption-round-keys 68) + (kalyna-gl256 t2 t1 0 encryption-round-keys 72))) + (setf (ub64ref/le ciphertext ciphertext-start) (aref t1 0) + (ub64ref/le ciphertext (+ ciphertext-start 8)) (aref t1 1) + (ub64ref/le ciphertext (+ ciphertext-start 16)) (aref t1 2) + (ub64ref/le ciphertext (+ ciphertext-start 24)) (aref t1 3)) + (values))) + +(define-block-decryptor kalyna256 32 + (let ((decryption-round-keys (decryption-round-keys context)) + (t1 (make-array 4 :element-type '(unsigned-byte 64))) + (t2 (make-array 4 :element-type '(unsigned-byte 64)))) + (declare (type (simple-array (unsigned-byte 64) (76)) decryption-round-keys) + (type (simple-array (unsigned-byte 64) (4)) t1 t2) + (dynamic-extent t1 t2)) + (setf (aref t2 0) (ub64ref/le ciphertext ciphertext-start) + (aref t2 1) (ub64ref/le ciphertext (+ ciphertext-start 8)) + (aref t2 2) (ub64ref/le ciphertext (+ ciphertext-start 16)) + (aref t2 3) (ub64ref/le ciphertext (+ ciphertext-start 24))) + (ecase (n-rounds context) + (14 + (kalyna-sub-key 4 t2 t1 decryption-round-keys 56) + (kalyna-imc256 t1 0)) + (18 + (kalyna-sub-key 4 t2 t1 decryption-round-keys 72) + (kalyna-imc256 t1 0) + (kalyna-ig256 t1 t2 decryption-round-keys 68) + (kalyna-ig256 t2 t1 decryption-round-keys 64) + (kalyna-ig256 t1 t2 decryption-round-keys 60) + (kalyna-ig256 t2 t1 decryption-round-keys 56))) + (kalyna-ig256 t1 t2 decryption-round-keys 52) + (kalyna-ig256 t2 t1 decryption-round-keys 48) + (kalyna-ig256 t1 t2 decryption-round-keys 44) + (kalyna-ig256 t2 t1 decryption-round-keys 40) + (kalyna-ig256 t1 t2 decryption-round-keys 36) + (kalyna-ig256 t2 t1 decryption-round-keys 32) + (kalyna-ig256 t1 t2 decryption-round-keys 28) + (kalyna-ig256 t2 t1 decryption-round-keys 24) + (kalyna-ig256 t1 t2 decryption-round-keys 20) + (kalyna-ig256 t2 t1 decryption-round-keys 16) + (kalyna-ig256 t1 t2 decryption-round-keys 12) + (kalyna-ig256 t2 t1 decryption-round-keys 8) + (kalyna-ig256 t1 t2 decryption-round-keys 4) + (kalyna-igl256 t2 t1 decryption-round-keys 0) + (setf (ub64ref/le plaintext plaintext-start) (aref t1 0) + (ub64ref/le plaintext (+ plaintext-start 8)) (aref t1 1) + (ub64ref/le plaintext (+ plaintext-start 16)) (aref t1 2) + (ub64ref/le plaintext (+ plaintext-start 24)) (aref t1 3)) + (values))) + +(defcipher kalyna256 + (:encrypt-function kalyna256-encrypt-block) + (:decrypt-function kalyna256-decrypt-block) + (:block-length 32) + (:key-length (:fixed 32 64))) + + +;;; +;;; Kalyna512 +;;; + +(declaim (inline kalyna-g0512)) +(defun kalyna-g0512 (x y) + (declare (type (simple-array (unsigned-byte 64) (*)) x y) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c) + `(aref +kalyna-t+ ,a (logand (mod64ash (aref x ,b) ,c) #xff)))) + (setf (aref y 0) + (logxor (m 0 0 0) (m 1 7 -8) (m 2 6 -16) (m 3 5 -24) + (m 4 4 -32) (m 5 3 -40) (m 6 2 -48) (m 7 1 -56))) + (setf (aref y 1) + (logxor (m 0 1 0) (m 1 0 -8) (m 2 7 -16) (m 3 6 -24) + (m 4 5 -32) (m 5 4 -40) (m 6 3 -48) (m 7 2 -56))) + (setf (aref y 2) + (logxor (m 0 2 0) (m 1 1 -8) (m 2 0 -16) (m 3 7 -24) + (m 4 6 -32) (m 5 5 -40) (m 6 4 -48) (m 7 3 -56))) + (setf (aref y 3) + (logxor (m 0 3 0) (m 1 2 -8) (m 2 1 -16) (m 3 0 -24) + (m 4 7 -32) (m 5 6 -40) (m 6 5 -48) (m 7 4 -56))) + (setf (aref y 4) + (logxor (m 0 4 0) (m 1 3 -8) (m 2 2 -16) (m 3 1 -24) + (m 4 0 -32) (m 5 7 -40) (m 6 6 -48) (m 7 5 -56))) + (setf (aref y 5) + (logxor (m 0 5 0) (m 1 4 -8) (m 2 3 -16) (m 3 2 -24) + (m 4 1 -32) (m 5 0 -40) (m 6 7 -48) (m 7 6 -56))) + (setf (aref y 6) + (logxor (m 0 6 0) (m 1 5 -8) (m 2 4 -16) (m 3 3 -24) + (m 4 2 -32) (m 5 1 -40) (m 6 0 -48) (m 7 7 -56))) + (setf (aref y 7) + (logxor (m 0 7 0) (m 1 6 -8) (m 2 5 -16) (m 3 4 -24) + (m 4 3 -32) (m 5 2 -40) (m 6 1 -48) (m 7 0 -56)))) + (values)) + +(declaim (inline kalyna-gl512)) +(defun kalyna-gl512 (x y y-start k k-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x y k) + (type (integer 0 152) y-start k-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c) + `(aref +kalyna-t+ ,a (logand (mod64ash (aref x ,b) ,c) #xff)))) + (setf (aref y (+ y-start 0)) + (mod64+ (aref k (+ k-start 0)) + (logxor (m 0 0 0) (m 1 7 -8) (m 2 6 -16) (m 3 5 -24) + (m 4 4 -32) (m 5 3 -40) (m 6 2 -48) (m 7 1 -56)))) + (setf (aref y (+ y-start 1)) + (mod64+ (aref k (+ k-start 1)) + (logxor (m 0 1 0) (m 1 0 -8) (m 2 7 -16) (m 3 6 -24) + (m 4 5 -32) (m 5 4 -40) (m 6 3 -48) (m 7 2 -56)))) + (setf (aref y (+ y-start 2)) + (mod64+ (aref k (+ k-start 2)) + (logxor (m 0 2 0) (m 1 1 -8) (m 2 0 -16) (m 3 7 -24) + (m 4 6 -32) (m 5 5 -40) (m 6 4 -48) (m 7 3 -56)))) + (setf (aref y (+ y-start 3)) + (mod64+ (aref k (+ k-start 3)) + (logxor (m 0 3 0) (m 1 2 -8) (m 2 1 -16) (m 3 0 -24) + (m 4 7 -32) (m 5 6 -40) (m 6 5 -48) (m 7 4 -56)))) + (setf (aref y (+ y-start 4)) + (mod64+ (aref k (+ k-start 4)) + (logxor (m 0 4 0) (m 1 3 -8) (m 2 2 -16) (m 3 1 -24) + (m 4 0 -32) (m 5 7 -40) (m 6 6 -48) (m 7 5 -56)))) + (setf (aref y (+ y-start 5)) + (mod64+ (aref k (+ k-start 5)) + (logxor (m 0 5 0) (m 1 4 -8) (m 2 3 -16) (m 3 2 -24) + (m 4 1 -32) (m 5 0 -40) (m 6 7 -48) (m 7 6 -56)))) + (setf (aref y (+ y-start 6)) + (mod64+ (aref k (+ k-start 6)) + (logxor (m 0 6 0) (m 1 5 -8) (m 2 4 -16) (m 3 3 -24) + (m 4 2 -32) (m 5 1 -40) (m 6 0 -48) (m 7 7 -56)))) + (setf (aref y (+ y-start 7)) + (mod64+ (aref k (+ k-start 7)) + (logxor (m 0 7 0) (m 1 6 -8) (m 2 5 -16) (m 3 4 -24) + (m 4 3 -32) (m 5 2 -40) (m 6 1 -48) (m 7 0 -56))))) + (values)) + +(declaim (inline kalyna-imc512)) +(defun kalyna-imc512 (x x-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x) + (type (integer 0 152) x-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c d) + `(aref +kalyna-it+ + ,a + (aref +kalyna-s+ + ,b + (logand (mod64ash (aref x (+ x-start ,c)) ,d) #xff))))) + (setf (aref x (+ x-start 0)) + (logxor (m 0 0 0 0) (m 1 1 0 -8) (m 2 2 0 -16) (m 3 3 0 -24) + (m 4 0 0 -32) (m 5 1 0 -40) (m 6 2 0 -48) (m 7 3 0 -56))) + (setf (aref x (+ x-start 1)) + (logxor (m 0 0 1 0) (m 1 1 1 -8) (m 2 2 1 -16) (m 3 3 1 -24) + (m 4 0 1 -32) (m 5 1 1 -40) (m 6 2 1 -48) (m 7 3 1 -56))) + (setf (aref x (+ x-start 2)) + (logxor (m 0 0 2 0) (m 1 1 2 -8) (m 2 2 2 -16) (m 3 3 2 -24) + (m 4 0 2 -32) (m 5 1 2 -40) (m 6 2 2 -48) (m 7 3 2 -56))) + (setf (aref x (+ x-start 3)) + (logxor (m 0 0 3 0) (m 1 1 3 -8) (m 2 2 3 -16) (m 3 3 3 -24) + (m 4 0 3 -32) (m 5 1 3 -40) (m 6 2 3 -48) (m 7 3 3 -56))) + (setf (aref x (+ x-start 4)) + (logxor (m 0 0 4 0) (m 1 1 4 -8) (m 2 2 4 -16) (m 3 3 4 -24) + (m 4 0 4 -32) (m 5 1 4 -40) (m 6 2 4 -48) (m 7 3 4 -56))) + (setf (aref x (+ x-start 5)) + (logxor (m 0 0 5 0) (m 1 1 5 -8) (m 2 2 5 -16) (m 3 3 5 -24) + (m 4 0 5 -32) (m 5 1 5 -40) (m 6 2 5 -48) (m 7 3 5 -56))) + (setf (aref x (+ x-start 6)) + (logxor (m 0 0 6 0) (m 1 1 6 -8) (m 2 2 6 -16) (m 3 3 6 -24) + (m 4 0 6 -32) (m 5 1 6 -40) (m 6 2 6 -48) (m 7 3 6 -56))) + (setf (aref x (+ x-start 7)) + (logxor (m 0 0 7 0) (m 1 1 7 -8) (m 2 2 7 -16) (m 3 3 7 -24) + (m 4 0 7 -32) (m 5 1 7 -40) (m 6 2 7 -48) (m 7 3 7 -56)))) + (values)) + +(declaim (inline kalyna-ig512)) +(defun kalyna-ig512 (x y k k-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x y k) + (type (integer 0 152) k-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c) + `(aref +kalyna-it+ ,a (logand (mod64ash (aref x ,b) ,c) #xff)))) + (setf (aref y 0) + (logxor (aref k (+ k-start 0)) + (m 0 0 0) (m 1 1 -8) (m 2 2 -16) (m 3 3 -24) + (m 4 4 -32) (m 5 5 -40) (m 6 6 -48) (m 7 7 -56))) + (setf (aref y 1) + (logxor (aref k (+ k-start 1)) + (m 0 1 0) (m 1 2 -8) (m 2 3 -16) (m 3 4 -24) + (m 4 5 -32) (m 5 6 -40) (m 6 7 -48) (m 7 0 -56))) + (setf (aref y 2) + (logxor (aref k (+ k-start 2)) + (m 0 2 0) (m 1 3 -8) (m 2 4 -16) (m 3 5 -24) + (m 4 6 -32) (m 5 7 -40) (m 6 0 -48) (m 7 1 -56))) + (setf (aref y 3) + (logxor (aref k (+ k-start 3)) + (m 0 3 0) (m 1 4 -8) (m 2 5 -16) (m 3 6 -24) + (m 4 7 -32) (m 5 0 -40) (m 6 1 -48) (m 7 2 -56))) + (setf (aref y 4) + (logxor (aref k (+ k-start 4)) + (m 0 4 0) (m 1 5 -8) (m 2 6 -16) (m 3 7 -24) + (m 4 0 -32) (m 5 1 -40) (m 6 2 -48) (m 7 3 -56))) + (setf (aref y 5) + (logxor (aref k (+ k-start 5)) + (m 0 5 0) (m 1 6 -8) (m 2 7 -16) (m 3 0 -24) + (m 4 1 -32) (m 5 2 -40) (m 6 3 -48) (m 7 4 -56))) + (setf (aref y 6) + (logxor (aref k (+ k-start 6)) + (m 0 6 0) (m 1 7 -8) (m 2 0 -16) (m 3 1 -24) + (m 4 2 -32) (m 5 3 -40) (m 6 4 -48) (m 7 5 -56))) + (setf (aref y 7) + (logxor (aref k (+ k-start 7)) + (m 0 7 0) (m 1 0 -8) (m 2 1 -16) (m 3 2 -24) + (m 4 3 -32) (m 5 4 -40) (m 6 5 -48) (m 7 6 -56)))) + (values)) + +(declaim (inline kalyna-igl512)) +(defun kalyna-igl512 (x y k k-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x y k) + (type (integer 0 152) k-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c d) + `(mod64ash (aref +kalyna-is+ + ,a + (logand (mod64ash (aref x ,b) ,c) #xff)) + ,d))) + (setf (aref y 0) + (mod64- (logxor (m 0 0 0 0) (m 1 1 -8 8) (m 2 2 -16 16) (m 3 3 -24 24) + (m 0 4 -32 32) (m 1 5 -40 40) (m 2 6 -48 48) (m 3 7 -56 56)) + (aref k (+ k-start 0)))) + (setf (aref y 1) + (mod64- (logxor (m 0 1 0 0) (m 1 2 -8 8) (m 2 3 -16 16) (m 3 4 -24 24) + (m 0 5 -32 32) (m 1 6 -40 40) (m 2 7 -48 48) (m 3 0 -56 56)) + (aref k (+ k-start 1)))) + (setf (aref y 2) + (mod64- (logxor (m 0 2 0 0) (m 1 3 -8 8) (m 2 4 -16 16) (m 3 5 -24 24) + (m 0 6 -32 32) (m 1 7 -40 40) (m 2 0 -48 48) (m 3 1 -56 56)) + (aref k (+ k-start 2)))) + (setf (aref y 3) + (mod64- (logxor (m 0 3 0 0) (m 1 4 -8 8) (m 2 5 -16 16) (m 3 6 -24 24) + (m 0 7 -32 32) (m 1 0 -40 40) (m 2 1 -48 48) (m 3 2 -56 56)) + (aref k (+ k-start 3)))) + (setf (aref y 4) + (mod64- (logxor (m 0 4 0 0) (m 1 5 -8 8) (m 2 6 -16 16) (m 3 7 -24 24) + (m 0 0 -32 32) (m 1 1 -40 40) (m 2 2 -48 48) (m 3 3 -56 56)) + (aref k (+ k-start 4)))) + (setf (aref y 5) + (mod64- (logxor (m 0 5 0 0) (m 1 6 -8 8) (m 2 7 -16 16) (m 3 0 -24 24) + (m 0 1 -32 32) (m 1 2 -40 40) (m 2 3 -48 48) (m 3 4 -56 56)) + (aref k (+ k-start 5)))) + (setf (aref y 6) + (mod64- (logxor (m 0 6 0 0) (m 1 7 -8 8) (m 2 0 -16 16) (m 3 1 -24 24) + (m 0 2 -32 32) (m 1 3 -40 40) (m 2 4 -48 48) (m 3 5 -56 56)) + (aref k (+ k-start 6)))) + (setf (aref y 7) + (mod64- (logxor (m 0 7 0 0) (m 1 0 -8 8) (m 2 1 -16 16) (m 3 2 -24 24) + (m 0 3 -32 32) (m 1 4 -40 40) (m 2 5 -48 48) (m 3 6 -56 56)) + (aref k (+ k-start 7))))) + (values)) + +(declaim (inline kalyna-g512)) +(defun kalyna-g512 (x y k k-start) + (declare (type (simple-array (unsigned-byte 64) (*)) x y k) + (type (integer 0 152) k-start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c) + `(aref +kalyna-t+ ,a (logand (mod64ash (aref x ,b) ,c) #xff)))) + (setf (aref y 0) + (logxor (aref k (+ k-start 0)) + (m 0 0 0) (m 1 7 -8) (m 2 6 -16) (m 3 5 -24) + (m 4 4 -32) (m 5 3 -40) (m 6 2 -48) (m 7 1 -56))) + (setf (aref y 1) + (logxor (aref k (+ k-start 1)) + (m 0 1 0) (m 1 0 -8) (m 2 7 -16) (m 3 6 -24) + (m 4 5 -32) (m 5 4 -40) (m 6 3 -48) (m 7 2 -56))) + (setf (aref y 2) + (logxor (aref k (+ k-start 2)) + (m 0 2 0) (m 1 1 -8) (m 2 0 -16) (m 3 7 -24) + (m 4 6 -32) (m 5 5 -40) (m 6 4 -48) (m 7 3 -56))) + (setf (aref y 3) + (logxor (aref k (+ k-start 3)) + (m 0 3 0) (m 1 2 -8) (m 2 1 -16) (m 3 0 -24) + (m 4 7 -32) (m 5 6 -40) (m 6 5 -48) (m 7 4 -56))) + (setf (aref y 4) + (logxor (aref k (+ k-start 4)) + (m 0 4 0) (m 1 3 -8) (m 2 2 -16) (m 3 1 -24) + (m 4 0 -32) (m 5 7 -40) (m 6 6 -48) (m 7 5 -56))) + (setf (aref y 5) + (logxor (aref k (+ k-start 5)) + (m 0 5 0) (m 1 4 -8) (m 2 3 -16) (m 3 2 -24) + (m 4 1 -32) (m 5 0 -40) (m 6 7 -48) (m 7 6 -56))) + (setf (aref y 6) + (logxor (aref k (+ k-start 6)) + (m 0 6 0) (m 1 5 -8) (m 2 4 -16) (m 3 3 -24) + (m 4 2 -32) (m 5 1 -40) (m 6 0 -48) (m 7 7 -56))) + (setf (aref y 7) + (logxor (aref k (+ k-start 7)) + (m 0 7 0) (m 1 6 -8) (m 2 5 -16) (m 3 4 -24) + (m 4 3 -32) (m 5 2 -40) (m 6 1 -48) (m 7 0 -56)))) + (values)) + +(defclass kalyna512 (cipher 64-byte-block-mixin) + ((encryption-round-keys :accessor encryption-round-keys + :initform (make-array 152 :element-type '(unsigned-byte 64)) + :type (simple-array (unsigned-byte 64) (152))) + (decryption-round-keys :accessor decryption-round-keys + :initform (make-array 152 :element-type '(unsigned-byte 64)) + :type (simple-array (unsigned-byte 64) (152))) + (n-rounds :accessor n-rounds))) + +(defmethod schedule-key ((cipher kalyna512) key) + (let ((encryption-round-keys (encryption-round-keys cipher)) + (decryption-round-keys (decryption-round-keys cipher)) + (key (make-array 8 :element-type '(unsigned-byte 64) + :initial-contents (list (ub64ref/le key 0) + (ub64ref/le key 8) + (ub64ref/le key 16) + (ub64ref/le key 24) + (ub64ref/le key 32) + (ub64ref/le key 40) + (ub64ref/le key 48) + (ub64ref/le key 56)))) + (ks (make-array 8 :element-type '(unsigned-byte 64))) + (ksc (make-array 8 :element-type '(unsigned-byte 64))) + (t1 (make-array 8 :element-type '(unsigned-byte 64))) + (t2 (make-array 8 :element-type '(unsigned-byte 64))) + (k (make-array 8 :element-type '(unsigned-byte 64))) + (constant #x0001000100010001)) + (declare (type (simple-array (unsigned-byte 64) (152)) encryption-round-keys) + (type (simple-array (unsigned-byte 64) (152)) decryption-round-keys) + (type (simple-array (unsigned-byte 64) (8)) key ks ksc t1 t2 k) + (dynamic-extent key ks ksc t1 t2 k) + (type (unsigned-byte 64) constant)) + (setf (n-rounds cipher) 18) + (fill t1 0) + (setf (aref t1 0) (/ (+ 512 512 64) 64)) + (kalyna-add-key 8 t1 0 t2 key) + (kalyna-g512 t2 t1 key 0) + (kalyna-gl512 t1 t2 0 key 0) + (kalyna-g0512 t2 ks) + + ;; Round 0 + (replace k key) + (kalyna-add-constant 8 ks ksc constant) + (kalyna-add-key 8 k 0 t2 ksc) + (kalyna-g512 t2 t1 ksc 0) + (kalyna-gl512 t1 encryption-round-keys 0 ksc 0) + (kalyna-make-odd-key 8 encryption-round-keys 0 encryption-round-keys 8) + + ;; Rounds 2 to 17 + (flet ((r (n) + (kalyna-swap-blocks 8 k) + (setf constant (mod64ash constant 1)) + (kalyna-add-constant 8 ks ksc constant) + (kalyna-add-key 8 k 0 t2 ksc) + (kalyna-g512 t2 t1 ksc 0) + (kalyna-gl512 t1 encryption-round-keys n ksc 0) + (kalyna-make-odd-key 8 + encryption-round-keys n + encryption-round-keys (+ n 8)))) + (r 16) + (r 32) + (r 48) + (r 64) + (r 80) + (r 96) + (r 112) + (r 128)) + + ;; Round 18 + (kalyna-swap-blocks 8 k) + (setf constant (mod64ash constant 1)) + (kalyna-add-constant 8 ks ksc constant) + (kalyna-add-key 8 k 0 t2 ksc) + (kalyna-g512 t2 t1 ksc 0) + (kalyna-gl512 t1 encryption-round-keys 144 ksc 0) + + (replace decryption-round-keys encryption-round-keys) + (loop for n from 136 downto 8 by 8 do + (kalyna-imc512 decryption-round-keys n)) + cipher)) + +(define-block-encryptor kalyna512 64 + (let ((encryption-round-keys (encryption-round-keys context)) + (t1 (make-array 8 :element-type '(unsigned-byte 64))) + (t2 (make-array 8 :element-type '(unsigned-byte 64)))) + (declare (type (simple-array (unsigned-byte 64) (152)) encryption-round-keys) + (type (simple-array (unsigned-byte 64) (8)) t1 t2) + (dynamic-extent t1 t2)) + (setf (aref t2 0) (ub64ref/le plaintext plaintext-start) + (aref t2 1) (ub64ref/le plaintext (+ plaintext-start 8)) + (aref t2 2) (ub64ref/le plaintext (+ plaintext-start 16)) + (aref t2 3) (ub64ref/le plaintext (+ plaintext-start 24)) + (aref t2 4) (ub64ref/le plaintext (+ plaintext-start 32)) + (aref t2 5) (ub64ref/le plaintext (+ plaintext-start 40)) + (aref t2 6) (ub64ref/le plaintext (+ plaintext-start 48)) + (aref t2 7) (ub64ref/le plaintext (+ plaintext-start 56))) + (kalyna-add-key 8 t2 0 t1 encryption-round-keys) + (kalyna-g512 t1 t2 encryption-round-keys 8) + (kalyna-g512 t2 t1 encryption-round-keys 16) + (kalyna-g512 t1 t2 encryption-round-keys 24) + (kalyna-g512 t2 t1 encryption-round-keys 32) + (kalyna-g512 t1 t2 encryption-round-keys 40) + (kalyna-g512 t2 t1 encryption-round-keys 48) + (kalyna-g512 t1 t2 encryption-round-keys 56) + (kalyna-g512 t2 t1 encryption-round-keys 64) + (kalyna-g512 t1 t2 encryption-round-keys 72) + (kalyna-g512 t2 t1 encryption-round-keys 80) + (kalyna-g512 t1 t2 encryption-round-keys 88) + (kalyna-g512 t2 t1 encryption-round-keys 96) + (kalyna-g512 t1 t2 encryption-round-keys 104) + (kalyna-g512 t2 t1 encryption-round-keys 112) + (kalyna-g512 t1 t2 encryption-round-keys 120) + (kalyna-g512 t2 t1 encryption-round-keys 128) + (kalyna-g512 t1 t2 encryption-round-keys 136) + (kalyna-gl512 t2 t1 0 encryption-round-keys 144) + (setf (ub64ref/le ciphertext ciphertext-start) (aref t1 0) + (ub64ref/le ciphertext (+ ciphertext-start 8)) (aref t1 1) + (ub64ref/le ciphertext (+ ciphertext-start 16)) (aref t1 2) + (ub64ref/le ciphertext (+ ciphertext-start 24)) (aref t1 3) + (ub64ref/le ciphertext (+ ciphertext-start 32)) (aref t1 4) + (ub64ref/le ciphertext (+ ciphertext-start 40)) (aref t1 5) + (ub64ref/le ciphertext (+ ciphertext-start 48)) (aref t1 6) + (ub64ref/le ciphertext (+ ciphertext-start 56)) (aref t1 7)) + (values))) + +(define-block-decryptor kalyna512 64 + (let ((decryption-round-keys (decryption-round-keys context)) + (t1 (make-array 8 :element-type '(unsigned-byte 64))) + (t2 (make-array 8 :element-type '(unsigned-byte 64)))) + (declare (type (simple-array (unsigned-byte 64) (152)) decryption-round-keys) + (type (simple-array (unsigned-byte 64) (8)) t1 t2) + (dynamic-extent t1 t2)) + (setf (aref t2 0) (ub64ref/le ciphertext ciphertext-start) + (aref t2 1) (ub64ref/le ciphertext (+ ciphertext-start 8)) + (aref t2 2) (ub64ref/le ciphertext (+ ciphertext-start 16)) + (aref t2 3) (ub64ref/le ciphertext (+ ciphertext-start 24)) + (aref t2 4) (ub64ref/le ciphertext (+ ciphertext-start 32)) + (aref t2 5) (ub64ref/le ciphertext (+ ciphertext-start 40)) + (aref t2 6) (ub64ref/le ciphertext (+ ciphertext-start 48)) + (aref t2 7) (ub64ref/le ciphertext (+ ciphertext-start 56))) + (kalyna-sub-key 8 t2 t1 decryption-round-keys 144) + (kalyna-imc512 t1 0) + (kalyna-ig512 t1 t2 decryption-round-keys 136) + (kalyna-ig512 t2 t1 decryption-round-keys 128) + (kalyna-ig512 t1 t2 decryption-round-keys 120) + (kalyna-ig512 t2 t1 decryption-round-keys 112) + (kalyna-ig512 t1 t2 decryption-round-keys 104) + (kalyna-ig512 t2 t1 decryption-round-keys 96) + (kalyna-ig512 t1 t2 decryption-round-keys 88) + (kalyna-ig512 t2 t1 decryption-round-keys 80) + (kalyna-ig512 t1 t2 decryption-round-keys 72) + (kalyna-ig512 t2 t1 decryption-round-keys 64) + (kalyna-ig512 t1 t2 decryption-round-keys 56) + (kalyna-ig512 t2 t1 decryption-round-keys 48) + (kalyna-ig512 t1 t2 decryption-round-keys 40) + (kalyna-ig512 t2 t1 decryption-round-keys 32) + (kalyna-ig512 t1 t2 decryption-round-keys 24) + (kalyna-ig512 t2 t1 decryption-round-keys 16) + (kalyna-ig512 t1 t2 decryption-round-keys 8) + (kalyna-igl512 t2 t1 decryption-round-keys 0) + (setf (ub64ref/le plaintext plaintext-start) (aref t1 0) + (ub64ref/le plaintext (+ plaintext-start 8)) (aref t1 1) + (ub64ref/le plaintext (+ plaintext-start 16)) (aref t1 2) + (ub64ref/le plaintext (+ plaintext-start 24)) (aref t1 3) + (ub64ref/le plaintext (+ plaintext-start 32)) (aref t1 4) + (ub64ref/le plaintext (+ plaintext-start 40)) (aref t1 5) + (ub64ref/le plaintext (+ plaintext-start 48)) (aref t1 6) + (ub64ref/le plaintext (+ plaintext-start 56)) (aref t1 7)) + (values))) + +(defcipher kalyna512 + (:encrypt-function kalyna512-encrypt-block) + (:decrypt-function kalyna512-decrypt-block) + (:block-length 64) + (:key-length (:fixed 64))) diff -Nru cl-ironclad-0.43/src/ciphers/modes.lisp cl-ironclad-0.45/src/ciphers/modes.lisp --- cl-ironclad-0.43/src/ciphers/modes.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/ciphers/modes.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -89,9 +89,9 @@ (declare (type index size) (type simple-octet-vector block) (optimize (speed 3) (space 0) (debug 0) (safety 0))) - #+(and sbcl (or x86 x86-64)) + #+(and sbcl (or x86 x86-64) ironclad-assembly) (inc-counter-block size block) - #-(and sbcl (or x86 x86-64)) + #-(and sbcl (or x86 x86-64) ironclad-assembly) (loop with sum of-type (unsigned-byte 16) = 1 for i of-type fixnum from (1- size) downto 0 do (setf sum (+ (aref block i) sum) diff -Nru cl-ironclad-0.43/src/ciphers/salsa20.lisp cl-ironclad-0.45/src/ciphers/salsa20.lisp --- cl-ironclad-0.43/src/ciphers/salsa20.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/ciphers/salsa20.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -18,9 +18,11 @@ (declare (type salsa20-keystream-buffer buffer)) (declare (type salsa20-state state)) (declare (optimize speed)) - #+(and sbcl x86-64) + #+(or (and ecl ironclad-assembly) + (and sbcl x86-64 ironclad-assembly)) (x-salsa-core n-rounds buffer state) - #-(and sbcl x86-64) + #-(or (and ecl ironclad-assembly) + (and sbcl x86-64 ironclad-assembly)) (let ((x (make-array 16 :element-type '(unsigned-byte 32)))) (declare (dynamic-extent x)) (replace x state) diff -Nru cl-ironclad-0.43/src/ciphers/sm4.lisp cl-ironclad-0.45/src/ciphers/sm4.lisp --- cl-ironclad-0.43/src/ciphers/sm4.lisp 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/src/ciphers/sm4.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,164 @@ +;;;; -*- mode: lisp; indent-tabs-mode: nil -*- +;;;; sm4.lisp -- implementation of SM4 (GB/T 32907-2016) + +(in-package :crypto) +(in-ironclad-readtable) + + +;;; +;;; Parameters +;;; + +(eval-when (:compile-toplevel :load-toplevel :execute) + (defconst +sm4-s+ + #8@(#xd6 #x90 #xe9 #xfe #xcc #xe1 #x3d #xb7 + #x16 #xb6 #x14 #xc2 #x28 #xfb #x2c #x05 + #x2b #x67 #x9a #x76 #x2a #xbe #x04 #xc3 + #xaa #x44 #x13 #x26 #x49 #x86 #x06 #x99 + #x9c #x42 #x50 #xf4 #x91 #xef #x98 #x7a + #x33 #x54 #x0b #x43 #xed #xcf #xac #x62 + #xe4 #xb3 #x1c #xa9 #xc9 #x08 #xe8 #x95 + #x80 #xdf #x94 #xfa #x75 #x8f #x3f #xa6 + #x47 #x07 #xa7 #xfc #xf3 #x73 #x17 #xba + #x83 #x59 #x3c #x19 #xe6 #x85 #x4f #xa8 + #x68 #x6b #x81 #xb2 #x71 #x64 #xda #x8b + #xf8 #xeb #x0f #x4b #x70 #x56 #x9d #x35 + #x1e #x24 #x0e #x5e #x63 #x58 #xd1 #xa2 + #x25 #x22 #x7c #x3b #x01 #x21 #x78 #x87 + #xd4 #x00 #x46 #x57 #x9f #xd3 #x27 #x52 + #x4c #x36 #x02 #xe7 #xa0 #xc4 #xc8 #x9e + #xea #xbf #x8a #xd2 #x40 #xc7 #x38 #xb5 + #xa3 #xf7 #xf2 #xce #xf9 #x61 #x15 #xa1 + #xe0 #xae #x5d #xa4 #x9b #x34 #x1a #x55 + #xad #x93 #x32 #x30 #xf5 #x8c #xb1 #xe3 + #x1d #xf6 #xe2 #x2e #x82 #x66 #xca #x60 + #xc0 #x29 #x23 #xab #x0d #x53 #x4e #x6f + #xd5 #xdb #x37 #x45 #xde #xfd #x8e #x2f + #x03 #xff #x6a #x72 #x6d #x6c #x5b #x51 + #x8d #x1b #xaf #x92 #xbb #xdd #xbc #x7f + #x11 #xd9 #x5c #x41 #x1f #x10 #x5a #xd8 + #x0a #xc1 #x31 #x88 #xa5 #xcd #x7b #xbd + #x2d #x74 #xd0 #x12 #xb8 #xe5 #xb4 #xb0 + #x89 #x69 #x97 #x4a #x0c #x96 #x77 #x7e + #x65 #xb9 #xf1 #x09 #xc5 #x6e #xc6 #x84 + #x18 #xf0 #x7d #xec #x3a #xdc #x4d #x20 + #x79 #xee #x5f #x3e #xd7 #xcb #x39 #x48)) + + (defconst +sm4-ck+ + #32@(#x00070e15 #x1c232a31 #x383f464d #x545b6269 + #x70777e85 #x8c939aa1 #xa8afb6bd #xc4cbd2d9 + #xe0e7eef5 #xfc030a11 #x181f262d #x343b4249 + #x50575e65 #x6c737a81 #x888f969d #xa4abb2b9 + #xc0c7ced5 #xdce3eaf1 #xf8ff060d #x141b2229 + #x30373e45 #x4c535a61 #x686f767d #x848b9299 + #xa0a7aeb5 #xbcc3cad1 #xd8dfe6ed #xf4fb0209 + #x10171e25 #x2c333a41 #x484f565d #x646b7279))) + + +;;; +;;; SM4 round +;;; + +(defmacro sm4-h (x) + `(logior (mod32ash (aref +sm4-s+ (logand (mod32ash ,x -24) #xff)) 24) + (mod32ash (aref +sm4-s+ (logand (mod32ash ,x -16) #xff)) 16) + (mod32ash (aref +sm4-s+ (logand (mod32ash ,x -8) #xff)) 8) + (aref +sm4-s+ (logand ,x #xff)))) + +(defmacro sm4-g (x) + (let ((y (gensym))) + `(let ((,y (sm4-h ,x))) + (declare (type (unsigned-byte 32) ,y)) + (logxor ,y (rol32 ,y 13) (rol32 ,y 23))))) + +(defmacro sm4-f (x) + (let ((y (gensym))) + `(let ((,y (sm4-h ,x))) + (declare (type (unsigned-byte 32) ,y)) + (logxor ,y (rol32 ,y 2) (rol32 ,y 10) (rol32 ,y 18) (rol32 ,y 24))))) + +(defmacro sm4-round (w0 w1 w2 w3 round-keys r encrypt-p) + `(setf ,w0 (logxor ,w0 (sm4-f (logxor ,w1 ,w2 ,w3 + (aref ,round-keys ,r)))) + ,w1 (logxor ,w1 (sm4-f (logxor ,w0 ,w2 ,w3 + (aref ,round-keys ,(if encrypt-p + (+ r 1) + (- r 1)))))) + ,w2 (logxor ,w2 (sm4-f (logxor ,w0 ,w1 ,w3 + (aref ,round-keys ,(if encrypt-p + (+ r 2) + (- r 2)))))) + ,w3 (logxor ,w3 (sm4-f (logxor ,w0 ,w1 ,w2 + (aref ,round-keys ,(if encrypt-p + (+ r 3) + (- r 3)))))))) + + +;;; +;;; Key schedule +;;; + +(defclass sm4 (cipher 16-byte-block-mixin) + ((round-keys :accessor sm4-round-keys + :initform (make-array 32 :element-type '(unsigned-byte 32)) + :type (simple-array (unsigned-byte 32) (32))))) + +(defmethod schedule-key ((cipher sm4) key) + (let ((round-keys (sm4-round-keys cipher)) + (k0 (logxor (ub32ref/be key 0) #xa3b1bac6)) + (k1 (logxor (ub32ref/be key 4) #x56aa3350)) + (k2 (logxor (ub32ref/be key 8) #x677d9197)) + (k3 (logxor (ub32ref/be key 12) #xb27022dc))) + (declare (type (simple-array (unsigned-byte 32) (32)) round-keys) + (type (unsigned-byte 32) k0 k1 k2 k3)) + (dotimes (i 8) + (setf k0 (logxor k0 (sm4-g (logxor k1 k2 k3 (aref +sm4-ck+ (* 4 i))))) + (aref round-keys (* 4 i)) k0 + k1 (logxor k1 (sm4-g (logxor k2 k3 k0 (aref +sm4-ck+ (+ (* 4 i) 1))))) + (aref round-keys (+ (* 4 i) 1)) k1 + k2 (logxor k2 (sm4-g (logxor k3 k0 k1 (aref +sm4-ck+ (+ (* 4 i) 2))))) + (aref round-keys (+ (* 4 i) 2)) k2 + k3 (logxor k3 (sm4-g (logxor k0 k1 k2 (aref +sm4-ck+ (+ (* 4 i) 3))))) + (aref round-keys (+ (* 4 i) 3)) k3)) + cipher)) + + +;;; +;;; Rounds +;;; + +(define-block-encryptor sm4 16 + (let ((round-keys (sm4-round-keys context))) + (declare (type (simple-array (unsigned-byte 32) (32)) round-keys)) + (with-words ((w0 w1 w2 w3) plaintext plaintext-start :size 4) + (sm4-round w0 w1 w2 w3 round-keys 0 t) + (sm4-round w0 w1 w2 w3 round-keys 4 t) + (sm4-round w0 w1 w2 w3 round-keys 8 t) + (sm4-round w0 w1 w2 w3 round-keys 12 t) + (sm4-round w0 w1 w2 w3 round-keys 16 t) + (sm4-round w0 w1 w2 w3 round-keys 20 t) + (sm4-round w0 w1 w2 w3 round-keys 24 t) + (sm4-round w0 w1 w2 w3 round-keys 28 t) + (store-words ciphertext ciphertext-start w3 w2 w1 w0))) + (values)) + +(define-block-decryptor sm4 16 + (let ((round-keys (sm4-round-keys context))) + (declare (type (simple-array (unsigned-byte 32) (32)) round-keys)) + (with-words ((w0 w1 w2 w3) ciphertext ciphertext-start :size 4) + (sm4-round w0 w1 w2 w3 round-keys 31 nil) + (sm4-round w0 w1 w2 w3 round-keys 27 nil) + (sm4-round w0 w1 w2 w3 round-keys 23 nil) + (sm4-round w0 w1 w2 w3 round-keys 19 nil) + (sm4-round w0 w1 w2 w3 round-keys 15 nil) + (sm4-round w0 w1 w2 w3 round-keys 11 nil) + (sm4-round w0 w1 w2 w3 round-keys 7 nil) + (sm4-round w0 w1 w2 w3 round-keys 3 nil) + (store-words plaintext plaintext-start w3 w2 w1 w0))) + (values)) + +(defcipher sm4 + (:encrypt-function sm4-encrypt-block) + (:decrypt-function sm4-decrypt-block) + (:block-length 16) + (:key-length (:fixed 16))) diff -Nru cl-ironclad-0.43/src/ciphers/threefish.lisp cl-ironclad-0.45/src/ciphers/threefish.lisp --- cl-ironclad-0.43/src/ciphers/threefish.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/ciphers/threefish.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -6,7 +6,7 @@ ;;; Constants -(defconstant +threefish-key-schedule-constant+ #x1BD11BDAA9FC1A22) +(defconstant +threefish-key-schedule-constant+ #x1bd11bdaa9fc1a22) ;;; Functions common to all the block sizes @@ -31,7 +31,7 @@ (let ((tweak (threefish-tweak cipher))) (setf (aref tweak 0) (ub64ref/le tweak-data 0) (aref tweak 1) (ub64ref/le tweak-data 8) - (aref tweak 2) (logxor (aref tweak 0) (aref tweak 1))))) + (aref tweak 2) (logxor (aref tweak 0) (aref tweak 1))))) ;;; Implementation for blocks of 256 bits @@ -72,339 +72,62 @@ (type (simple-array (unsigned-byte 64) (3)) tweak) (type (unsigned-byte 64) k0 k1 k2 k3 k4 t0 t1 t2)) (with-words ((b0 b1 b2 b3) plaintext plaintext-start :big-endian nil :size 8) - (setf b1 (mod64+ b1 (mod64+ k1 t0)) - b0 (mod64+ b0 (mod64+ b1 k0)) - b1 (logxor (rol64 b1 14) b0)) - (setf b3 (mod64+ b3 k3) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k2 t1))) - b3 (logxor (rol64 b3 16) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 52) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 57) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 23) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 40) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 5) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 37) b2)) - (setf b1 (mod64+ b1 (mod64+ k2 t1)) - b0 (mod64+ b0 (mod64+ b1 k1)) - b1 (logxor (rol64 b1 25) b0)) - (setf b3 (mod64+ b3 (mod64+ k4 1)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k3 t2))) - b3 (logxor (rol64 b3 33) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 46) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 12) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 58) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 22) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 32) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 32) b2)) - - (setf b1 (mod64+ b1 (mod64+ k3 t2)) - b0 (mod64+ b0 (mod64+ b1 k2)) - b1 (logxor (rol64 b1 14) b0)) - (setf b3 (mod64+ b3 (mod64+ k0 2)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k4 t0))) - b3 (logxor (rol64 b3 16) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 52) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 57) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 23) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 40) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 5) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 37) b2)) - (setf b1 (mod64+ b1 (mod64+ k4 t0)) - b0 (mod64+ b0 (mod64+ b1 k3)) - b1 (logxor (rol64 b1 25) b0)) - (setf b3 (mod64+ b3 (mod64+ k1 3)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k0 t1))) - b3 (logxor (rol64 b3 33) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 46) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 12) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 58) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 22) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 32) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 32) b2)) - - (setf b1 (mod64+ b1 (mod64+ k0 t1)) - b0 (mod64+ b0 (mod64+ b1 k4)) - b1 (logxor (rol64 b1 14) b0)) - (setf b3 (mod64+ b3 (mod64+ k2 4)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k1 t2))) - b3 (logxor (rol64 b3 16) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 52) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 57) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 23) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 40) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 5) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 37) b2)) - (setf b1 (mod64+ b1 (mod64+ k1 t2)) - b0 (mod64+ b0 (mod64+ b1 k0)) - b1 (logxor (rol64 b1 25) b0)) - (setf b3 (mod64+ b3 (mod64+ k3 5)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k2 t0))) - b3 (logxor (rol64 b3 33) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 46) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 12) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 58) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 22) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 32) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 32) b2)) - - (setf b1 (mod64+ b1 (mod64+ k2 t0)) - b0 (mod64+ b0 (mod64+ b1 k1)) - b1 (logxor (rol64 b1 14) b0)) - (setf b3 (mod64+ b3 (mod64+ k4 6)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k3 t1))) - b3 (logxor (rol64 b3 16) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 52) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 57) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 23) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 40) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 5) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 37) b2)) - (setf b1 (mod64+ b1 (mod64+ k3 t1)) - b0 (mod64+ b0 (mod64+ b1 k2)) - b1 (logxor (rol64 b1 25) b0)) - (setf b3 (mod64+ b3 (mod64+ k0 7)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k4 t2))) - b3 (logxor (rol64 b3 33) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 46) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 12) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 58) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 22) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 32) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 32) b2)) - - (setf b1 (mod64+ b1 (mod64+ k4 t2)) - b0 (mod64+ b0 (mod64+ b1 k3)) - b1 (logxor (rol64 b1 14) b0)) - (setf b3 (mod64+ b3 (mod64+ k1 8)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k0 t0))) - b3 (logxor (rol64 b3 16) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 52) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 57) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 23) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 40) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 5) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 37) b2)) - (setf b1 (mod64+ b1 (mod64+ k0 t0)) - b0 (mod64+ b0 (mod64+ b1 k4)) - b1 (logxor (rol64 b1 25) b0)) - (setf b3 (mod64+ b3 (mod64+ k2 9)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k1 t1))) - b3 (logxor (rol64 b3 33) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 46) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 12) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 58) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 22) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 32) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 32) b2)) - - (setf b1 (mod64+ b1 (mod64+ k1 t1)) - b0 (mod64+ b0 (mod64+ b1 k0)) - b1 (logxor (rol64 b1 14) b0)) - (setf b3 (mod64+ b3 (mod64+ k3 10)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k2 t2))) - b3 (logxor (rol64 b3 16) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 52) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 57) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 23) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 40) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 5) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 37) b2)) - (setf b1 (mod64+ b1 (mod64+ k2 t2)) - b0 (mod64+ b0 (mod64+ b1 k1)) - b1 (logxor (rol64 b1 25) b0)) - (setf b3 (mod64+ b3 (mod64+ k4 11)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k3 t0))) - b3 (logxor (rol64 b3 33) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 46) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 12) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 58) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 22) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 32) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 32) b2)) - - (setf b1 (mod64+ b1 (mod64+ k3 t0)) - b0 (mod64+ b0 (mod64+ b1 k2)) - b1 (logxor (rol64 b1 14) b0)) - (setf b3 (mod64+ b3 (mod64+ k0 12)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k4 t1))) - b3 (logxor (rol64 b3 16) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 52) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 57) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 23) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 40) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 5) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 37) b2)) - (setf b1 (mod64+ b1 (mod64+ k4 t1)) - b0 (mod64+ b0 (mod64+ b1 k3)) - b1 (logxor (rol64 b1 25) b0)) - (setf b3 (mod64+ b3 (mod64+ k1 13)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k0 t2))) - b3 (logxor (rol64 b3 33) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 46) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 12) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 58) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 22) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 32) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 32) b2)) - - (setf b1 (mod64+ b1 (mod64+ k0 t2)) - b0 (mod64+ b0 (mod64+ b1 k4)) - b1 (logxor (rol64 b1 14) b0)) - (setf b3 (mod64+ b3 (mod64+ k2 14)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k1 t0))) - b3 (logxor (rol64 b3 16) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 52) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 57) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 23) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 40) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 5) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 37) b2)) - (setf b1 (mod64+ b1 (mod64+ k1 t0)) - b0 (mod64+ b0 (mod64+ b1 k0)) - b1 (logxor (rol64 b1 25) b0)) - (setf b3 (mod64+ b3 (mod64+ k3 15)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k2 t1))) - b3 (logxor (rol64 b3 33) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 46) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 12) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 58) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 22) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 32) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 32) b2)) - - (setf b1 (mod64+ b1 (mod64+ k2 t1)) - b0 (mod64+ b0 (mod64+ b1 k1)) - b1 (logxor (rol64 b1 14) b0)) - (setf b3 (mod64+ b3 (mod64+ k4 16)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k3 t2))) - b3 (logxor (rol64 b3 16) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 52) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 57) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 23) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 40) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 5) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 37) b2)) - (setf b1 (mod64+ b1 (mod64+ k3 t2)) - b0 (mod64+ b0 (mod64+ b1 k2)) - b1 (logxor (rol64 b1 25) b0)) - (setf b3 (mod64+ b3 (mod64+ k0 17)) - b2 (mod64+ b2 (mod64+ b3 (mod64+ k4 t0))) - b3 (logxor (rol64 b3 33) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 46) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 12) b2)) - (setf b0 (mod64+ b0 b1) - b1 (logxor (rol64 b1 58) b0)) - (setf b2 (mod64+ b2 b3) - b3 (logxor (rol64 b3 22) b2)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 32) b0)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 32) b2)) - + (macrolet ((arx (x0 x1 x2 x3 x4 x5 x6 x7 + x8 x9 x10 x11 x12 x13 x14 x15) + `(setf b1 (mod64+ b1 (mod64+ ,x0 ,x1)) + b0 (mod64+ b0 (mod64+ ,x2 ,x3)) + b1 (logxor (rol64 b1 14) b0) + b3 (mod64+ b3 (mod64+ ,x4 ,x5)) + b2 (mod64+ b2 (mod64+ b3 (mod64+ ,x6 ,x7))) + b3 (logxor (rol64 b3 16) b2) + b0 (mod64+ b0 b3) + b3 (logxor (rol64 b3 52) b0) + b2 (mod64+ b2 b1) + b1 (logxor (rol64 b1 57) b2) + b0 (mod64+ b0 b1) + b1 (logxor (rol64 b1 23) b0) + b2 (mod64+ b2 b3) + b3 (logxor (rol64 b3 40) b2) + b0 (mod64+ b0 b3) + b3 (logxor (rol64 b3 5) b0) + b2 (mod64+ b2 b1) + b1 (logxor (rol64 b1 37) b2) + b1 (mod64+ b1 (mod64+ ,x8 ,x9)) + b0 (mod64+ b0 (mod64+ ,x10 ,x11)) + b1 (logxor (rol64 b1 25) b0) + b3 (mod64+ b3 (mod64+ ,x12 ,x13)) + b2 (mod64+ b2 (mod64+ b3 (mod64+ ,x14 ,x15))) + b3 (logxor (rol64 b3 33) b2) + b0 (mod64+ b0 b3) + b3 (logxor (rol64 b3 46) b0) + b2 (mod64+ b2 b1) + b1 (logxor (rol64 b1 12) b2) + b0 (mod64+ b0 b1) + b1 (logxor (rol64 b1 58) b0) + b2 (mod64+ b2 b3) + b3 (logxor (rol64 b3 22) b2) + b0 (mod64+ b0 b3) + b3 (logxor (rol64 b3 32) b0) + b2 (mod64+ b2 b1) + b1 (logxor (rol64 b1 32) b2)))) + (arx k1 t0 b1 k0 k3 0 k2 t1 + k2 t1 b1 k1 k4 1 k3 t2) + (arx k3 t2 b1 k2 k0 2 k4 t0 + k4 t0 b1 k3 k1 3 k0 t1) + (arx k0 t1 b1 k4 k2 4 k1 t2 + k1 t2 b1 k0 k3 5 k2 t0) + (arx k2 t0 b1 k1 k4 6 k3 t1 + k3 t1 b1 k2 k0 7 k4 t2) + (arx k4 t2 b1 k3 k1 8 k0 t0 + k0 t0 b1 k4 k2 9 k1 t1) + (arx k1 t1 b1 k0 k3 10 k2 t2 + k2 t2 b1 k1 k4 11 k3 t0) + (arx k3 t0 b1 k2 k0 12 k4 t1 + k4 t1 b1 k3 k1 13 k0 t2) + (arx k0 t2 b1 k4 k2 14 k1 t0 + k1 t0 b1 k0 k3 15 k2 t1) + (arx k2 t1 b1 k1 k4 16 k3 t2 + k3 t2 b1 k2 k0 17 k4 t0)) (setf b0 (mod64+ b0 k3) b1 (mod64+ b1 (mod64+ k4 t0)) b2 (mod64+ b2 (mod64+ k0 t1)) @@ -431,340 +154,62 @@ b1 (mod64- b1 (mod64+ k4 t0)) b2 (mod64- b2 (mod64+ k0 t1)) b3 (mod64- b3 (mod64+ k1 18))) - - (setf b3 (ror64 (logxor b3 b0) 32) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 32) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 58) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 22) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 46) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 12) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 25) - b0 (mod64- b0 (mod64+ b1 k2)) - b1 (mod64- b1 (mod64+ k3 t2))) - (setf b3 (ror64 (logxor b3 b2) 33) - b2 (mod64- b2 (mod64+ b3 (mod64+ k4 t0))) - b3 (mod64- b3 (mod64+ k0 17))) - (setf b3 (ror64 (logxor b3 b0) 5) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 37) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 23) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 40) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 52) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 57) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 14) - b0 (mod64- b0 (mod64+ b1 k1)) - b1 (mod64- b1 (mod64+ k2 t1))) - (setf b3 (ror64 (logxor b3 b2) 16) - b2 (mod64- b2 (mod64+ b3 (mod64+ k3 t2))) - b3 (mod64- b3 (mod64+ k4 16))) - - (setf b3 (ror64 (logxor b3 b0) 32) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 32) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 58) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 22) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 46) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 12) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 25) - b0 (mod64- b0 (mod64+ b1 k0)) - b1 (mod64- b1 (mod64+ k1 t0))) - (setf b3 (ror64 (logxor b3 b2) 33) - b2 (mod64- b2 (mod64+ b3 (mod64+ k2 t1))) - b3 (mod64- b3 (mod64+ k3 15))) - (setf b3 (ror64 (logxor b3 b0) 5) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 37) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 23) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 40) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 52) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 57) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 14) - b0 (mod64- b0 (mod64+ b1 k4)) - b1 (mod64- b1 (mod64+ k0 t2))) - (setf b3 (ror64 (logxor b3 b2) 16) - b2 (mod64- b2 (mod64+ b3 (mod64+ k1 t0))) - b3 (mod64- b3 (mod64+ k2 14))) - - (setf b3 (ror64 (logxor b3 b0) 32) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 32) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 58) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 22) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 46) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 12) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 25) - b0 (mod64- b0 (mod64+ b1 k3)) - b1 (mod64- b1 (mod64+ k4 t1))) - (setf b3 (ror64 (logxor b3 b2) 33) - b2 (mod64- b2 (mod64+ b3 (mod64+ k0 t2))) - b3 (mod64- b3 (mod64+ k1 13))) - (setf b3 (ror64 (logxor b3 b0) 5) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 37) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 23) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 40) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 52) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 57) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 14) - b0 (mod64- b0 (mod64+ b1 k2)) - b1 (mod64- b1 (mod64+ k3 t0))) - (setf b3 (ror64 (logxor b3 b2) 16) - b2 (mod64- b2 (mod64+ b3 (mod64+ k4 t1))) - b3 (mod64- b3 (mod64+ k0 12))) - - (setf b3 (ror64 (logxor b3 b0) 32) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 32) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 58) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 22) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 46) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 12) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 25) - b0 (mod64- b0 (mod64+ b1 k1)) - b1 (mod64- b1 (mod64+ k2 t2))) - (setf b3 (ror64 (logxor b3 b2) 33) - b2 (mod64- b2 (mod64+ b3 (mod64+ k3 t0))) - b3 (mod64- b3 (mod64+ k4 11))) - (setf b3 (ror64 (logxor b3 b0) 5) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 37) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 23) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 40) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 52) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 57) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 14) - b0 (mod64- b0 (mod64+ b1 k0)) - b1 (mod64- b1 (mod64+ k1 t1))) - (setf b3 (ror64 (logxor b3 b2) 16) - b2 (mod64- b2 (mod64+ b3 (mod64+ k2 t2))) - b3 (mod64- b3 (mod64+ k3 10))) - - (setf b3 (ror64 (logxor b3 b0) 32) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 32) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 58) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 22) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 46) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 12) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 25) - b0 (mod64- b0 (mod64+ b1 k4)) - b1 (mod64- b1 (mod64+ k0 t0))) - (setf b3 (ror64 (logxor b3 b2) 33) - b2 (mod64- b2 (mod64+ b3 (mod64+ k1 t1))) - b3 (mod64- b3 (mod64+ k2 9))) - (setf b3 (ror64 (logxor b3 b0) 5) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 37) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 23) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 40) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 52) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 57) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 14) - b0 (mod64- b0 (mod64+ b1 k3)) - b1 (mod64- b1 (mod64+ k4 t2))) - (setf b3 (ror64 (logxor b3 b2) 16) - b2 (mod64- b2 (mod64+ b3 (mod64+ k0 t0))) - b3 (mod64- b3 (mod64+ k1 8))) - - (setf b3 (ror64 (logxor b3 b0) 32) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 32) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 58) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 22) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 46) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 12) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 25) - b0 (mod64- b0 (mod64+ b1 k2)) - b1 (mod64- b1 (mod64+ k3 t1))) - (setf b3 (ror64 (logxor b3 b2) 33) - b2 (mod64- b2 (mod64+ b3 (mod64+ k4 t2))) - b3 (mod64- b3 (mod64+ k0 7))) - (setf b3 (ror64 (logxor b3 b0) 5) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 37) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 23) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 40) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 52) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 57) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 14) - b0 (mod64- b0 (mod64+ b1 k1)) - b1 (mod64- b1 (mod64+ k2 t0))) - (setf b3 (ror64 (logxor b3 b2) 16) - b2 (mod64- b2 (mod64+ b3 (mod64+ k3 t1))) - b3 (mod64- b3 (mod64+ k4 6))) - - (setf b3 (ror64 (logxor b3 b0) 32) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 32) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 58) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 22) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 46) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 12) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 25) - b0 (mod64- b0 (mod64+ b1 k0)) - b1 (mod64- b1 (mod64+ k1 t2))) - (setf b3 (ror64 (logxor b3 b2) 33) - b2 (mod64- b2 (mod64+ b3 (mod64+ k2 t0))) - b3 (mod64- b3 (mod64+ k3 5))) - (setf b3 (ror64 (logxor b3 b0) 5) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 37) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 23) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 40) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 52) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 57) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 14) - b0 (mod64- b0 (mod64+ b1 k4)) - b1 (mod64- b1 (mod64+ k0 t1))) - (setf b3 (ror64 (logxor b3 b2) 16) - b2 (mod64- b2 (mod64+ b3 (mod64+ k1 t2))) - b3 (mod64- b3 (mod64+ k2 4))) - - (setf b3 (ror64 (logxor b3 b0) 32) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 32) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 58) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 22) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 46) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 12) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 25) - b0 (mod64- b0 (mod64+ b1 k3)) - b1 (mod64- b1 (mod64+ k4 t0))) - (setf b3 (ror64 (logxor b3 b2) 33) - b2 (mod64- b2 (mod64+ b3 (mod64+ k0 t1))) - b3 (mod64- b3 (mod64+ k1 3))) - (setf b3 (ror64 (logxor b3 b0) 5) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 37) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 23) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 40) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 52) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 57) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 14) - b0 (mod64- b0 (mod64+ b1 k2)) - b1 (mod64- b1 (mod64+ k3 t2))) - (setf b3 (ror64 (logxor b3 b2) 16) - b2 (mod64- b2 (mod64+ b3 (mod64+ k4 t0))) - b3 (mod64- b3 (mod64+ k0 2))) - - (setf b3 (ror64 (logxor b3 b0) 32) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 32) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 58) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 22) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 46) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 12) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 25) - b0 (mod64- b0 (mod64+ b1 k1)) - b1 (mod64- b1 (mod64+ k2 t1))) - (setf b3 (ror64 (logxor b3 b2) 33) - b2 (mod64- b2 (mod64+ b3 (mod64+ k3 t2))) - b3 (mod64- b3 (mod64+ k4 1))) - (setf b3 (ror64 (logxor b3 b0) 5) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 37) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 23) - b0 (mod64- b0 b1)) - (setf b3 (ror64 (logxor b3 b2) 40) - b2 (mod64- b2 b3)) - (setf b3 (ror64 (logxor b3 b0) 52) - b0 (mod64- b0 b3)) - (setf b1 (ror64 (logxor b1 b2) 57) - b2 (mod64- b2 b1)) - (setf b1 (ror64 (logxor b1 b0) 14) - b0 (mod64- b0 (mod64+ b1 k0)) - b1 (mod64- b1 (mod64+ k1 t0))) - (setf b3 (ror64 (logxor b3 b2) 16) - b2 (mod64- b2 (mod64+ b3 (mod64+ k2 t1))) - b3 (mod64- b3 k3)) - + (macrolet ((arx (x0 x1 x2 x3 x4 x5 x6 + x7 x8 x9 x10 x11 x12 x13) + `(setf b3 (ror64 (logxor b3 b0) 32) + b0 (mod64- b0 b3) + b1 (ror64 (logxor b1 b2) 32) + b2 (mod64- b2 b1) + b1 (ror64 (logxor b1 b0) 58) + b0 (mod64- b0 b1) + b3 (ror64 (logxor b3 b2) 22) + b2 (mod64- b2 b3) + b3 (ror64 (logxor b3 b0) 46) + b0 (mod64- b0 b3) + b1 (ror64 (logxor b1 b2) 12) + b2 (mod64- b2 b1) + b1 (ror64 (logxor b1 b0) 25) + b0 (mod64- b0 (mod64+ b1 ,x0)) + b1 (mod64- b1 (mod64+ ,x1 ,x2)) + b3 (ror64 (logxor b3 b2) 33) + b2 (mod64- b2 (mod64+ b3 (mod64+ ,x3 ,x4))) + b3 (mod64- b3 (mod64+ ,x5 ,x6)) + b3 (ror64 (logxor b3 b0) 5) + b0 (mod64- b0 b3) + b1 (ror64 (logxor b1 b2) 37) + b2 (mod64- b2 b1) + b1 (ror64 (logxor b1 b0) 23) + b0 (mod64- b0 b1) + b3 (ror64 (logxor b3 b2) 40) + b2 (mod64- b2 b3) + b3 (ror64 (logxor b3 b0) 52) + b0 (mod64- b0 b3) + b1 (ror64 (logxor b1 b2) 57) + b2 (mod64- b2 b1) + b1 (ror64 (logxor b1 b0) 14) + b0 (mod64- b0 (mod64+ b1 ,x7)) + b1 (mod64- b1 (mod64+ ,x8 ,x9)) + b3 (ror64 (logxor b3 b2) 16) + b2 (mod64- b2 (mod64+ b3 (mod64+ ,x10 ,x11))) + b3 (mod64- b3 (mod64+ ,x12 ,x13))))) + (arx k2 k3 t2 k4 t0 k0 17 + k1 k2 t1 k3 t2 k4 16) + (arx k0 k1 t0 k2 t1 k3 15 + k4 k0 t2 k1 t0 k2 14) + (arx k3 k4 t1 k0 t2 k1 13 + k2 k3 t0 k4 t1 k0 12) + (arx k1 k2 t2 k3 t0 k4 11 + k0 k1 t1 k2 t2 k3 10) + (arx k4 k0 t0 k1 t1 k2 9 + k3 k4 t2 k0 t0 k1 8) + (arx k2 k3 t1 k4 t2 k0 7 + k1 k2 t0 k3 t1 k4 6) + (arx k0 k1 t2 k2 t0 k3 5 + k4 k0 t1 k1 t2 k2 4) + (arx k3 k4 t0 k0 t1 k1 3 + k2 k3 t2 k4 t0 k0 2) + (arx k1 k2 t1 k3 t2 k4 1 + k0 k1 t0 k2 t1 k3 0)) (store-words plaintext plaintext-start b0 b1 b2 b3) (values)))) @@ -817,663 +262,98 @@ (type (simple-array (unsigned-byte 64) (3)) tweak) (type (unsigned-byte 64) k0 k1 k2 k3 k4 k5 k6 k7 k8 t0 t1 t2)) (with-words ((b0 b1 b2 b3 b4 b5 b6 b7) plaintext plaintext-start :big-endian nil :size 8) - (setf b1 (mod64+ b1 k1) - b0 (mod64+ b0 (mod64+ b1 k0)) - b1 (logxor (rol64 b1 46) b0)) - (setf b3 (mod64+ b3 k3) - b2 (mod64+ b2 (mod64+ b3 k2)) - b3 (logxor (rol64 b3 36) b2)) - (setf b5 (mod64+ b5 (mod64+ k5 t0)) - b4 (mod64+ b4 (mod64+ b5 k4)) - b5 (logxor (rol64 b5 19) b4)) - (setf b7 (mod64+ b7 k7) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k6 t1))) - b7 (logxor (rol64 b7 37) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 33) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 27) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 14) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 42) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 17) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 49) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 36) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 39) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 44) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 9) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 54) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 56) b4)) - (setf b1 (mod64+ b1 k2) - b0 (mod64+ b0 (mod64+ b1 k1)) - b1 (logxor (rol64 b1 39) b0)) - (setf b3 (mod64+ b3 k4) - b2 (mod64+ b2 (mod64+ b3 k3)) - b3 (logxor (rol64 b3 30) b2)) - (setf b5 (mod64+ b5 (mod64+ k6 t1)) - b4 (mod64+ b4 (mod64+ b5 k5)) - b5 (logxor (rol64 b5 34) b4)) - (setf b7 (mod64+ b7 (mod64+ k8 1)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k7 t2))) - b7 (logxor (rol64 b7 24) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 13) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 50) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 10) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 17) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 25) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 29) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 39) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 43) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 8) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 35) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 56) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 22) b4)) - - (setf b1 (mod64+ b1 k3) - b0 (mod64+ b0 (mod64+ b1 k2)) - b1 (logxor (rol64 b1 46) b0)) - (setf b3 (mod64+ b3 k5) - b2 (mod64+ b2 (mod64+ b3 k4)) - b3 (logxor (rol64 b3 36) b2)) - (setf b5 (mod64+ b5 (mod64+ k7 t2)) - b4 (mod64+ b4 (mod64+ b5 k6)) - b5 (logxor (rol64 b5 19) b4)) - (setf b7 (mod64+ b7 (mod64+ k0 2)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k8 t0))) - b7 (logxor (rol64 b7 37) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 33) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 27) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 14) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 42) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 17) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 49) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 36) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 39) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 44) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 9) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 54) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 56) b4)) - (setf b1 (mod64+ b1 k4) - b0 (mod64+ b0 (mod64+ b1 k3)) - b1 (logxor (rol64 b1 39) b0)) - (setf b3 (mod64+ b3 k6) - b2 (mod64+ b2 (mod64+ b3 k5)) - b3 (logxor (rol64 b3 30) b2)) - (setf b5 (mod64+ b5 (mod64+ k8 t0)) - b4 (mod64+ b4 (mod64+ b5 k7)) - b5 (logxor (rol64 b5 34) b4)) - (setf b7 (mod64+ b7 (mod64+ k1 3)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k0 t1))) - b7 (logxor (rol64 b7 24) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 13) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 50) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 10) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 17) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 25) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 29) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 39) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 43) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 8) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 35) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 56) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 22) b4)) - - (setf b1 (mod64+ b1 k5) - b0 (mod64+ b0 (mod64+ b1 k4)) - b1 (logxor (rol64 b1 46) b0)) - (setf b3 (mod64+ b3 k7) - b2 (mod64+ b2 (mod64+ b3 k6)) - b3 (logxor (rol64 b3 36) b2)) - (setf b5 (mod64+ b5 (mod64+ k0 t1)) - b4 (mod64+ b4 (mod64+ b5 k8)) - b5 (logxor (rol64 b5 19) b4)) - (setf b7 (mod64+ b7 (mod64+ k2 4)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k1 t2))) - b7 (logxor (rol64 b7 37) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 33) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 27) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 14) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 42) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 17) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 49) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 36) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 39) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 44) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 9) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 54) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 56) b4)) - (setf b1 (mod64+ b1 k6) - b0 (mod64+ b0 (mod64+ b1 k5)) - b1 (logxor (rol64 b1 39) b0)) - (setf b3 (mod64+ b3 k8) - b2 (mod64+ b2 (mod64+ b3 k7)) - b3 (logxor (rol64 b3 30) b2)) - (setf b5 (mod64+ b5 (mod64+ k1 t2)) - b4 (mod64+ b4 (mod64+ b5 k0)) - b5 (logxor (rol64 b5 34) b4)) - (setf b7 (mod64+ b7 (mod64+ k3 5)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k2 t0))) - b7 (logxor (rol64 b7 24) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 13) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 50) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 10) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 17) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 25) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 29) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 39) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 43) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 8) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 35) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 56) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 22) b4)) - - (setf b1 (mod64+ b1 k7) - b0 (mod64+ b0 (mod64+ b1 k6)) - b1 (logxor (rol64 b1 46) b0)) - (setf b3 (mod64+ b3 k0) - b2 (mod64+ b2 (mod64+ b3 k8)) - b3 (logxor (rol64 b3 36) b2)) - (setf b5 (mod64+ b5 (mod64+ k2 t0)) - b4 (mod64+ b4 (mod64+ b5 k1)) - b5 (logxor (rol64 b5 19) b4)) - (setf b7 (mod64+ b7 (mod64+ k4 6)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k3 t1))) - b7 (logxor (rol64 b7 37) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 33) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 27) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 14) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 42) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 17) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 49) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 36) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 39) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 44) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 9) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 54) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 56) b4)) - (setf b1 (mod64+ b1 k8) - b0 (mod64+ b0 (mod64+ b1 k7)) - b1 (logxor (rol64 b1 39) b0)) - (setf b3 (mod64+ b3 k1) - b2 (mod64+ b2 (mod64+ b3 k0)) - b3 (logxor (rol64 b3 30) b2)) - (setf b5 (mod64+ b5 (mod64+ k3 t1)) - b4 (mod64+ b4 (mod64+ b5 k2)) - b5 (logxor (rol64 b5 34) b4)) - (setf b7 (mod64+ b7 (mod64+ k5 7)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k4 t2))) - b7 (logxor (rol64 b7 24) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 13) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 50) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 10) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 17) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 25) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 29) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 39) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 43) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 8) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 35) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 56) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 22) b4)) - - (setf b1 (mod64+ b1 k0) - b0 (mod64+ b0 (mod64+ b1 k8)) - b1 (logxor (rol64 b1 46) b0)) - (setf b3 (mod64+ b3 k2) - b2 (mod64+ b2 (mod64+ b3 k1)) - b3 (logxor (rol64 b3 36) b2)) - (setf b5 (mod64+ b5 (mod64+ k4 t2)) - b4 (mod64+ b4 (mod64+ b5 k3)) - b5 (logxor (rol64 b5 19) b4)) - (setf b7 (mod64+ b7 (mod64+ k6 8)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k5 t0))) - b7 (logxor (rol64 b7 37) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 33) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 27) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 14) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 42) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 17) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 49) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 36) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 39) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 44) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 9) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 54) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 56) b4)) - (setf b1 (mod64+ b1 k1) - b0 (mod64+ b0 (mod64+ b1 k0)) - b1 (logxor (rol64 b1 39) b0)) - (setf b3 (mod64+ b3 k3) - b2 (mod64+ b2 (mod64+ b3 k2)) - b3 (logxor (rol64 b3 30) b2)) - (setf b5 (mod64+ b5 (mod64+ k5 t0)) - b4 (mod64+ b4 (mod64+ b5 k4)) - b5 (logxor (rol64 b5 34) b4)) - (setf b7 (mod64+ b7 (mod64+ k7 9)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k6 t1))) - b7 (logxor (rol64 b7 24) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 13) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 50) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 10) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 17) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 25) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 29) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 39) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 43) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 8) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 35) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 56) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 22) b4)) - - (setf b1 (mod64+ b1 k2) - b0 (mod64+ b0 (mod64+ b1 k1)) - b1 (logxor (rol64 b1 46) b0)) - (setf b3 (mod64+ b3 k4) - b2 (mod64+ b2 (mod64+ b3 k3)) - b3 (logxor (rol64 b3 36) b2)) - (setf b5 (mod64+ b5 (mod64+ k6 t1)) - b4 (mod64+ b4 (mod64+ b5 k5)) - b5 (logxor (rol64 b5 19) b4)) - (setf b7 (mod64+ b7 (mod64+ k8 10)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k7 t2))) - b7 (logxor (rol64 b7 37) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 33) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 27) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 14) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 42) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 17) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 49) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 36) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 39) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 44) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 9) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 54) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 56) b4)) - (setf b1 (mod64+ b1 k3) - b0 (mod64+ b0 (mod64+ b1 k2)) - b1 (logxor (rol64 b1 39) b0)) - (setf b3 (mod64+ b3 k5) - b2 (mod64+ b2 (mod64+ b3 k4)) - b3 (logxor (rol64 b3 30) b2)) - (setf b5 (mod64+ b5 (mod64+ k7 t2)) - b4 (mod64+ b4 (mod64+ b5 k6)) - b5 (logxor (rol64 b5 34) b4)) - (setf b7 (mod64+ b7 (mod64+ k0 11)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k8 t0))) - b7 (logxor (rol64 b7 24) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 13) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 50) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 10) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 17) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 25) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 29) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 39) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 43) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 8) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 35) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 56) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 22) b4)) - - (setf b1 (mod64+ b1 k4) - b0 (mod64+ b0 (mod64+ b1 k3)) - b1 (logxor (rol64 b1 46) b0)) - (setf b3 (mod64+ b3 k6) - b2 (mod64+ b2 (mod64+ b3 k5)) - b3 (logxor (rol64 b3 36) b2)) - (setf b5 (mod64+ b5 (mod64+ k8 t0)) - b4 (mod64+ b4 (mod64+ b5 k7)) - b5 (logxor (rol64 b5 19) b4)) - (setf b7 (mod64+ b7 (mod64+ k1 12)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k0 t1))) - b7 (logxor (rol64 b7 37) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 33) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 27) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 14) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 42) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 17) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 49) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 36) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 39) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 44) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 9) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 54) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 56) b4)) - (setf b1 (mod64+ b1 k5) - b0 (mod64+ b0 (mod64+ b1 k4)) - b1 (logxor (rol64 b1 39) b0)) - (setf b3 (mod64+ b3 k7) - b2 (mod64+ b2 (mod64+ b3 k6)) - b3 (logxor (rol64 b3 30) b2)) - (setf b5 (mod64+ b5 (mod64+ k0 t1)) - b4 (mod64+ b4 (mod64+ b5 k8)) - b5 (logxor (rol64 b5 34) b4)) - (setf b7 (mod64+ b7 (mod64+ k2 13)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k1 t2))) - b7 (logxor (rol64 b7 24) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 13) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 50) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 10) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 17) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 25) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 29) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 39) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 43) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 8) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 35) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 56) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 22) b4)) - - (setf b1 (mod64+ b1 k6) - b0 (mod64+ b0 (mod64+ b1 k5)) - b1 (logxor (rol64 b1 46) b0)) - (setf b3 (mod64+ b3 k8) - b2 (mod64+ b2 (mod64+ b3 k7)) - b3 (logxor (rol64 b3 36) b2)) - (setf b5 (mod64+ b5 (mod64+ k1 t2)) - b4 (mod64+ b4 (mod64+ b5 k0)) - b5 (logxor (rol64 b5 19) b4)) - (setf b7 (mod64+ b7 (mod64+ k3 14)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k2 t0))) - b7 (logxor (rol64 b7 37) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 33) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 27) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 14) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 42) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 17) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 49) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 36) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 39) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 44) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 9) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 54) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 56) b4)) - (setf b1 (mod64+ b1 k7) - b0 (mod64+ b0 (mod64+ b1 k6)) - b1 (logxor (rol64 b1 39) b0)) - (setf b3 (mod64+ b3 k0) - b2 (mod64+ b2 (mod64+ b3 k8)) - b3 (logxor (rol64 b3 30) b2)) - (setf b5 (mod64+ b5 (mod64+ k2 t0)) - b4 (mod64+ b4 (mod64+ b5 k1)) - b5 (logxor (rol64 b5 34) b4)) - (setf b7 (mod64+ b7 (mod64+ k4 15)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k3 t1))) - b7 (logxor (rol64 b7 24) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 13) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 50) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 10) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 17) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 25) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 29) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 39) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 43) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 8) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 35) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 56) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 22) b4)) - - (setf b1 (mod64+ b1 k8) - b0 (mod64+ b0 (mod64+ b1 k7)) - b1 (logxor (rol64 b1 46) b0)) - (setf b3 (mod64+ b3 k1) - b2 (mod64+ b2 (mod64+ b3 k0)) - b3 (logxor (rol64 b3 36) b2)) - (setf b5 (mod64+ b5 (mod64+ k3 t1)) - b4 (mod64+ b4 (mod64+ b5 k2)) - b5 (logxor (rol64 b5 19) b4)) - (setf b7 (mod64+ b7 (mod64+ k5 16)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k4 t2))) - b7 (logxor (rol64 b7 37) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 33) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 27) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 14) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 42) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 17) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 49) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 36) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 39) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 44) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 9) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 54) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 56) b4)) - (setf b1 (mod64+ b1 k0) - b0 (mod64+ b0 (mod64+ b1 k8)) - b1 (logxor (rol64 b1 39) b0)) - (setf b3 (mod64+ b3 k2) - b2 (mod64+ b2 (mod64+ b3 k1)) - b3 (logxor (rol64 b3 30) b2)) - (setf b5 (mod64+ b5 (mod64+ k4 t2)) - b4 (mod64+ b4 (mod64+ b5 k3)) - b5 (logxor (rol64 b5 34) b4)) - (setf b7 (mod64+ b7 (mod64+ k6 17)) - b6 (mod64+ b6 (mod64+ b7 (mod64+ k5 t0))) - b7 (logxor (rol64 b7 24) b6)) - (setf b2 (mod64+ b2 b1) - b1 (logxor (rol64 b1 13) b2)) - (setf b4 (mod64+ b4 b7) - b7 (logxor (rol64 b7 50) b4)) - (setf b6 (mod64+ b6 b5) - b5 (logxor (rol64 b5 10) b6)) - (setf b0 (mod64+ b0 b3) - b3 (logxor (rol64 b3 17) b0)) - (setf b4 (mod64+ b4 b1) - b1 (logxor (rol64 b1 25) b4)) - (setf b6 (mod64+ b6 b3) - b3 (logxor (rol64 b3 29) b6)) - (setf b0 (mod64+ b0 b5) - b5 (logxor (rol64 b5 39) b0)) - (setf b2 (mod64+ b2 b7) - b7 (logxor (rol64 b7 43) b2)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 8) b6)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 35) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 56) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 22) b4)) - + (macrolet ((arx (x0 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 + x11 x12 x13 x14 x15 x16 x17 x18 x19 x20 x21) + `(setf b1 (mod64+ b1 ,x0) + b0 (mod64+ b0 (mod64+ b1 ,x1)) + b1 (logxor (rol64 b1 46) b0) + b3 (mod64+ b3 ,x2) + b2 (mod64+ b2 (mod64+ b3 ,x3)) + b3 (logxor (rol64 b3 36) b2) + b5 (mod64+ b5 (mod64+ ,x4 ,x5)) + b4 (mod64+ b4 (mod64+ b5 ,x6)) + b5 (logxor (rol64 b5 19) b4) + b7 (mod64+ b7 (mod64+ ,x7 ,x8)) + b6 (mod64+ b6 (mod64+ b7 (mod64+ ,x9 ,x10))) + b7 (logxor (rol64 b7 37) b6) + b2 (mod64+ b2 b1) + b1 (logxor (rol64 b1 33) b2) + b4 (mod64+ b4 b7) + b7 (logxor (rol64 b7 27) b4) + b6 (mod64+ b6 b5) + b5 (logxor (rol64 b5 14) b6) + b0 (mod64+ b0 b3) + b3 (logxor (rol64 b3 42) b0) + b4 (mod64+ b4 b1) + b1 (logxor (rol64 b1 17) b4) + b6 (mod64+ b6 b3) + b3 (logxor (rol64 b3 49) b6) + b0 (mod64+ b0 b5) + b5 (logxor (rol64 b5 36) b0) + b2 (mod64+ b2 b7) + b7 (logxor (rol64 b7 39) b2) + b6 (mod64+ b6 b1) + b1 (logxor (rol64 b1 44) b6) + b0 (mod64+ b0 b7) + b7 (logxor (rol64 b7 9) b0) + b2 (mod64+ b2 b5) + b5 (logxor (rol64 b5 54) b2) + b4 (mod64+ b4 b3) + b3 (logxor (rol64 b3 56) b4) + b1 (mod64+ b1 ,x11) + b0 (mod64+ b0 (mod64+ b1 ,x12)) + b1 (logxor (rol64 b1 39) b0) + b3 (mod64+ b3 ,x13) + b2 (mod64+ b2 (mod64+ b3 ,x14)) + b3 (logxor (rol64 b3 30) b2) + b5 (mod64+ b5 (mod64+ ,x15 ,x16)) + b4 (mod64+ b4 (mod64+ b5 ,x17)) + b5 (logxor (rol64 b5 34) b4) + b7 (mod64+ b7 (mod64+ ,x18 ,x19)) + b6 (mod64+ b6 (mod64+ b7 (mod64+ ,x20 ,x21))) + b7 (logxor (rol64 b7 24) b6) + b2 (mod64+ b2 b1) + b1 (logxor (rol64 b1 13) b2) + b4 (mod64+ b4 b7) + b7 (logxor (rol64 b7 50) b4) + b6 (mod64+ b6 b5) + b5 (logxor (rol64 b5 10) b6) + b0 (mod64+ b0 b3) + b3 (logxor (rol64 b3 17) b0) + b4 (mod64+ b4 b1) + b1 (logxor (rol64 b1 25) b4) + b6 (mod64+ b6 b3) + b3 (logxor (rol64 b3 29) b6) + b0 (mod64+ b0 b5) + b5 (logxor (rol64 b5 39) b0) + b2 (mod64+ b2 b7) + b7 (logxor (rol64 b7 43) b2) + b6 (mod64+ b6 b1) + b1 (logxor (rol64 b1 8) b6) + b0 (mod64+ b0 b7) + b7 (logxor (rol64 b7 35) b0) + b2 (mod64+ b2 b5) + b5 (logxor (rol64 b5 56) b2) + b4 (mod64+ b4 b3) + b3 (logxor (rol64 b3 22) b4)))) + (arx k1 k0 k3 k2 k5 t0 k4 k7 0 k6 t1 + k2 k1 k4 k3 k6 t1 k5 k8 1 k7 t2) + (arx k3 k2 k5 k4 k7 t2 k6 k0 2 k8 t0 + k4 k3 k6 k5 k8 t0 k7 k1 3 k0 t1) + (arx k5 k4 k7 k6 k0 t1 k8 k2 4 k1 t2 + k6 k5 k8 k7 k1 t2 k0 k3 5 k2 t0) + (arx k7 k6 k0 k8 k2 t0 k1 k4 6 k3 t1 + k8 k7 k1 k0 k3 t1 k2 k5 7 k4 t2) + (arx k0 k8 k2 k1 k4 t2 k3 k6 8 k5 t0 + k1 k0 k3 k2 k5 t0 k4 k7 9 k6 t1) + (arx k2 k1 k4 k3 k6 t1 k5 k8 10 k7 t2 + k3 k2 k5 k4 k7 t2 k6 k0 11 k8 t0) + (arx k4 k3 k6 k5 k8 t0 k7 k1 12 k0 t1 + k5 k4 k7 k6 k0 t1 k8 k2 13 k1 t2) + (arx k6 k5 k8 k7 k1 t2 k0 k3 14 k2 t0 + k7 k6 k0 k8 k2 t0 k1 k4 15 k3 t1) + (arx k8 k7 k1 k0 k3 t1 k2 k5 16 k4 t2 + k0 k8 k2 k1 k4 t2 k3 k6 17 k5 t0)) (setf b0 (mod64+ b0 k0) b1 (mod64+ b1 k1) b2 (mod64+ b2 k2) @@ -1512,664 +392,98 @@ b5 (mod64- b5 (mod64+ k5 t0)) b6 (mod64- b6 (mod64+ k6 t1)) b7 (mod64- b7 (mod64+ k7 18))) - - (setf b3 (ror64 (logxor b3 b4) 22) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 56) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 35) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 8) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 43) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 39) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 29) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 25) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 17) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 10) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 50) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 13) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 24) - b6 (mod64- b6 (mod64+ b7 (mod64+ k5 t0))) - b7 (mod64- b7 (mod64+ k6 17))) - (setf b5 (ror64 (logxor b5 b4) 34) - b4 (mod64- b4 (mod64+ b5 k3)) - b5 (mod64- b5 (mod64+ k4 t2))) - (setf b3 (ror64 (logxor b3 b2) 30) - b2 (mod64- b2 (mod64+ b3 k1)) - b3 (mod64- b3 k2)) - (setf b1 (ror64 (logxor b1 b0) 39) - b0 (mod64- b0 (mod64+ b1 k8)) - b1 (mod64- b1 k0)) - (setf b3 (ror64 (logxor b3 b4) 56) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 54) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 9) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 44) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 39) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 36) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 49) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 17) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 42) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 14) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 27) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 33) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 37) - b6 (mod64- b6 (mod64+ b7 (mod64+ k4 t2))) - b7 (mod64- b7 (mod64+ k5 16))) - (setf b5 (ror64 (logxor b5 b4) 19) - b4 (mod64- b4 (mod64+ b5 k2)) - b5 (mod64- b5 (mod64+ k3 t1))) - (setf b3 (ror64 (logxor b3 b2) 36) - b2 (mod64- b2 (mod64+ b3 k0)) - b3 (mod64- b3 k1)) - (setf b1 (ror64 (logxor b1 b0) 46) - b0 (mod64- b0 (mod64+ b1 k7)) - b1 (mod64- b1 k8)) - - (setf b3 (ror64 (logxor b3 b4) 22) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 56) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 35) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 8) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 43) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 39) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 29) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 25) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 17) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 10) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 50) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 13) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 24) - b6 (mod64- b6 (mod64+ b7 (mod64+ k3 t1))) - b7 (mod64- b7 (mod64+ k4 15))) - (setf b5 (ror64 (logxor b5 b4) 34) - b4 (mod64- b4 (mod64+ b5 k1)) - b5 (mod64- b5 (mod64+ k2 t0))) - (setf b3 (ror64 (logxor b3 b2) 30) - b2 (mod64- b2 (mod64+ b3 k8)) - b3 (mod64- b3 k0)) - (setf b1 (ror64 (logxor b1 b0) 39) - b0 (mod64- b0 (mod64+ b1 k6)) - b1 (mod64- b1 k7)) - (setf b3 (ror64 (logxor b3 b4) 56) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 54) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 9) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 44) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 39) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 36) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 49) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 17) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 42) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 14) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 27) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 33) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 37) - b6 (mod64- b6 (mod64+ b7 (mod64+ k2 t0))) - b7 (mod64- b7 (mod64+ k3 14))) - (setf b5 (ror64 (logxor b5 b4) 19) - b4 (mod64- b4 (mod64+ b5 k0)) - b5 (mod64- b5 (mod64+ k1 t2))) - (setf b3 (ror64 (logxor b3 b2) 36) - b2 (mod64- b2 (mod64+ b3 k7)) - b3 (mod64- b3 k8)) - (setf b1 (ror64 (logxor b1 b0) 46) - b0 (mod64- b0 (mod64+ b1 k5)) - b1 (mod64- b1 k6)) - - (setf b3 (ror64 (logxor b3 b4) 22) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 56) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 35) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 8) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 43) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 39) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 29) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 25) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 17) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 10) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 50) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 13) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 24) - b6 (mod64- b6 (mod64+ b7 (mod64+ k1 t2))) - b7 (mod64- b7 (mod64+ k2 13))) - (setf b5 (ror64 (logxor b5 b4) 34) - b4 (mod64- b4 (mod64+ b5 k8)) - b5 (mod64- b5 (mod64+ k0 t1))) - (setf b3 (ror64 (logxor b3 b2) 30) - b2 (mod64- b2 (mod64+ b3 k6)) - b3 (mod64- b3 k7)) - (setf b1 (ror64 (logxor b1 b0) 39) - b0 (mod64- b0 (mod64+ b1 k4)) - b1 (mod64- b1 k5)) - (setf b3 (ror64 (logxor b3 b4) 56) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 54) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 9) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 44) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 39) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 36) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 49) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 17) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 42) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 14) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 27) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 33) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 37) - b6 (mod64- b6 (mod64+ b7 (mod64+ k0 t1))) - b7 (mod64- b7 (mod64+ k1 12))) - (setf b5 (ror64 (logxor b5 b4) 19) - b4 (mod64- b4 (mod64+ b5 k7)) - b5 (mod64- b5 (mod64+ k8 t0))) - (setf b3 (ror64 (logxor b3 b2) 36) - b2 (mod64- b2 (mod64+ b3 k5)) - b3 (mod64- b3 k6)) - (setf b1 (ror64 (logxor b1 b0) 46) - b0 (mod64- b0 (mod64+ b1 k3)) - b1 (mod64- b1 k4)) - - (setf b3 (ror64 (logxor b3 b4) 22) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 56) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 35) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 8) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 43) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 39) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 29) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 25) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 17) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 10) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 50) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 13) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 24) - b6 (mod64- b6 (mod64+ b7 (mod64+ k8 t0))) - b7 (mod64- b7 (mod64+ k0 11))) - (setf b5 (ror64 (logxor b5 b4) 34) - b4 (mod64- b4 (mod64+ b5 k6)) - b5 (mod64- b5 (mod64+ k7 t2))) - (setf b3 (ror64 (logxor b3 b2) 30) - b2 (mod64- b2 (mod64+ b3 k4)) - b3 (mod64- b3 k5)) - (setf b1 (ror64 (logxor b1 b0) 39) - b0 (mod64- b0 (mod64+ b1 k2)) - b1 (mod64- b1 k3)) - (setf b3 (ror64 (logxor b3 b4) 56) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 54) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 9) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 44) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 39) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 36) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 49) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 17) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 42) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 14) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 27) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 33) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 37) - b6 (mod64- b6 (mod64+ b7 (mod64+ k7 t2))) - b7 (mod64- b7 (mod64+ k8 10))) - (setf b5 (ror64 (logxor b5 b4) 19) - b4 (mod64- b4 (mod64+ b5 k5)) - b5 (mod64- b5 (mod64+ k6 t1))) - (setf b3 (ror64 (logxor b3 b2) 36) - b2 (mod64- b2 (mod64+ b3 k3)) - b3 (mod64- b3 k4)) - (setf b1 (ror64 (logxor b1 b0) 46) - b0 (mod64- b0 (mod64+ b1 k1)) - b1 (mod64- b1 k2)) - - (setf b3 (ror64 (logxor b3 b4) 22) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 56) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 35) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 8) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 43) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 39) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 29) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 25) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 17) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 10) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 50) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 13) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 24) - b6 (mod64- b6 (mod64+ b7 (mod64+ k6 t1))) - b7 (mod64- b7 (mod64+ k7 9))) - (setf b5 (ror64 (logxor b5 b4) 34) - b4 (mod64- b4 (mod64+ b5 k4)) - b5 (mod64- b5 (mod64+ k5 t0))) - (setf b3 (ror64 (logxor b3 b2) 30) - b2 (mod64- b2 (mod64+ b3 k2)) - b3 (mod64- b3 k3)) - (setf b1 (ror64 (logxor b1 b0) 39) - b0 (mod64- b0 (mod64+ b1 k0)) - b1 (mod64- b1 k1)) - (setf b3 (ror64 (logxor b3 b4) 56) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 54) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 9) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 44) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 39) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 36) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 49) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 17) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 42) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 14) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 27) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 33) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 37) - b6 (mod64- b6 (mod64+ b7 (mod64+ k5 t0))) - b7 (mod64- b7 (mod64+ k6 8))) - (setf b5 (ror64 (logxor b5 b4) 19) - b4 (mod64- b4 (mod64+ b5 k3)) - b5 (mod64- b5 (mod64+ k4 t2))) - (setf b3 (ror64 (logxor b3 b2) 36) - b2 (mod64- b2 (mod64+ b3 k1)) - b3 (mod64- b3 k2)) - (setf b1 (ror64 (logxor b1 b0) 46) - b0 (mod64- b0 (mod64+ b1 k8)) - b1 (mod64- b1 k0)) - - (setf b3 (ror64 (logxor b3 b4) 22) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 56) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 35) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 8) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 43) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 39) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 29) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 25) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 17) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 10) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 50) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 13) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 24) - b6 (mod64- b6 (mod64+ b7 (mod64+ k4 t2))) - b7 (mod64- b7 (mod64+ k5 7))) - (setf b5 (ror64 (logxor b5 b4) 34) - b4 (mod64- b4 (mod64+ b5 k2)) - b5 (mod64- b5 (mod64+ k3 t1))) - (setf b3 (ror64 (logxor b3 b2) 30) - b2 (mod64- b2 (mod64+ b3 k0)) - b3 (mod64- b3 k1)) - (setf b1 (ror64 (logxor b1 b0) 39) - b0 (mod64- b0 (mod64+ b1 k7)) - b1 (mod64- b1 k8)) - (setf b3 (ror64 (logxor b3 b4) 56) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 54) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 9) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 44) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 39) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 36) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 49) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 17) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 42) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 14) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 27) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 33) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 37) - b6 (mod64- b6 (mod64+ b7 (mod64+ k3 t1))) - b7 (mod64- b7 (mod64+ k4 6))) - (setf b5 (ror64 (logxor b5 b4) 19) - b4 (mod64- b4 (mod64+ b5 k1)) - b5 (mod64- b5 (mod64+ k2 t0))) - (setf b3 (ror64 (logxor b3 b2) 36) - b2 (mod64- b2 (mod64+ b3 k8)) - b3 (mod64- b3 k0)) - (setf b1 (ror64 (logxor b1 b0) 46) - b0 (mod64- b0 (mod64+ b1 k6)) - b1 (mod64- b1 k7)) - - (setf b3 (ror64 (logxor b3 b4) 22) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 56) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 35) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 8) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 43) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 39) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 29) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 25) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 17) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 10) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 50) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 13) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 24) - b6 (mod64- b6 (mod64+ b7 (mod64+ k2 t0))) - b7 (mod64- b7 (mod64+ k3 5))) - (setf b5 (ror64 (logxor b5 b4) 34) - b4 (mod64- b4 (mod64+ b5 k0)) - b5 (mod64- b5 (mod64+ k1 t2))) - (setf b3 (ror64 (logxor b3 b2) 30) - b2 (mod64- b2 (mod64+ b3 k7)) - b3 (mod64- b3 k8)) - (setf b1 (ror64 (logxor b1 b0) 39) - b0 (mod64- b0 (mod64+ b1 k5)) - b1 (mod64- b1 k6)) - (setf b3 (ror64 (logxor b3 b4) 56) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 54) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 9) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 44) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 39) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 36) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 49) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 17) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 42) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 14) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 27) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 33) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 37) - b6 (mod64- b6 (mod64+ b7 (mod64+ k1 t2))) - b7 (mod64- b7 (mod64+ k2 4))) - (setf b5 (ror64 (logxor b5 b4) 19) - b4 (mod64- b4 (mod64+ b5 k8)) - b5 (mod64- b5 (mod64+ k0 t1))) - (setf b3 (ror64 (logxor b3 b2) 36) - b2 (mod64- b2 (mod64+ b3 k6)) - b3 (mod64- b3 k7)) - (setf b1 (ror64 (logxor b1 b0) 46) - b0 (mod64- b0 (mod64+ b1 k4)) - b1 (mod64- b1 k5)) - - (setf b3 (ror64 (logxor b3 b4) 22) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 56) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 35) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 8) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 43) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 39) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 29) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 25) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 17) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 10) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 50) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 13) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 24) - b6 (mod64- b6 (mod64+ b7 (mod64+ k0 t1))) - b7 (mod64- b7 (mod64+ k1 3))) - (setf b5 (ror64 (logxor b5 b4) 34) - b4 (mod64- b4 (mod64+ b5 k7)) - b5 (mod64- b5 (mod64+ k8 t0))) - (setf b3 (ror64 (logxor b3 b2) 30) - b2 (mod64- b2 (mod64+ b3 k5)) - b3 (mod64- b3 k6)) - (setf b1 (ror64 (logxor b1 b0) 39) - b0 (mod64- b0 (mod64+ b1 k3)) - b1 (mod64- b1 k4)) - (setf b3 (ror64 (logxor b3 b4) 56) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 54) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 9) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 44) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 39) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 36) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 49) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 17) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 42) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 14) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 27) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 33) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 37) - b6 (mod64- b6 (mod64+ b7 (mod64+ k8 t0))) - b7 (mod64- b7 (mod64+ k0 2))) - (setf b5 (ror64 (logxor b5 b4) 19) - b4 (mod64- b4 (mod64+ b5 k6)) - b5 (mod64- b5 (mod64+ k7 t2))) - (setf b3 (ror64 (logxor b3 b2) 36) - b2 (mod64- b2 (mod64+ b3 k4)) - b3 (mod64- b3 k5)) - (setf b1 (ror64 (logxor b1 b0) 46) - b0 (mod64- b0 (mod64+ b1 k2)) - b1 (mod64- b1 k3)) - - (setf b3 (ror64 (logxor b3 b4) 22) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 56) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 35) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 8) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 43) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 39) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 29) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 25) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 17) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 10) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 50) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 13) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 24) - b6 (mod64- b6 (mod64+ b7 (mod64+ k7 t2))) - b7 (mod64- b7 (mod64+ k8 1))) - (setf b5 (ror64 (logxor b5 b4) 34) - b4 (mod64- b4 (mod64+ b5 k5)) - b5 (mod64- b5 (mod64+ k6 t1))) - (setf b3 (ror64 (logxor b3 b2) 30) - b2 (mod64- b2 (mod64+ b3 k3)) - b3 (mod64- b3 k4)) - (setf b1 (ror64 (logxor b1 b0) 39) - b0 (mod64- b0 (mod64+ b1 k1)) - b1 (mod64- b1 k2)) - (setf b3 (ror64 (logxor b3 b4) 56) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 54) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 9) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b6) 44) - b6 (mod64- b6 b1)) - (setf b7 (ror64 (logxor b7 b2) 39) - b2 (mod64- b2 b7)) - (setf b5 (ror64 (logxor b5 b0) 36) - b0 (mod64- b0 b5)) - (setf b3 (ror64 (logxor b3 b6) 49) - b6 (mod64- b6 b3)) - (setf b1 (ror64 (logxor b1 b4) 17) - b4 (mod64- b4 b1)) - (setf b3 (ror64 (logxor b3 b0) 42) - b0 (mod64- b0 b3)) - (setf b5 (ror64 (logxor b5 b6) 14) - b6 (mod64- b6 b5)) - (setf b7 (ror64 (logxor b7 b4) 27) - b4 (mod64- b4 b7)) - (setf b1 (ror64 (logxor b1 b2) 33) - b2 (mod64- b2 b1)) - (setf b7 (ror64 (logxor b7 b6) 37) - b6 (mod64- b6 (mod64+ b7 (mod64+ k6 t1))) - b7 (mod64- b7 k7)) - (setf b5 (ror64 (logxor b5 b4) 19) - b4 (mod64- b4 (mod64+ b5 k4)) - b5 (mod64- b5 (mod64+ k5 t0))) - (setf b3 (ror64 (logxor b3 b2) 36) - b2 (mod64- b2 (mod64+ b3 k2)) - b3 (mod64- b3 k3)) - (setf b1 (ror64 (logxor b1 b0) 46) - b0 (mod64- b0 (mod64+ b1 k0)) - b1 (mod64- b1 k1)) - + (macrolet ((arx (x0 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 + x11 x12 x13 x14 x15 x16 x17 x18 x19 x20 x21) + `(setf b3 (ror64 (logxor b3 b4) 22) + b4 (mod64- b4 b3) + b5 (ror64 (logxor b5 b2) 56) + b2 (mod64- b2 b5) + b7 (ror64 (logxor b7 b0) 35) + b0 (mod64- b0 b7) + b1 (ror64 (logxor b1 b6) 8) + b6 (mod64- b6 b1) + b7 (ror64 (logxor b7 b2) 43) + b2 (mod64- b2 b7) + b5 (ror64 (logxor b5 b0) 39) + b0 (mod64- b0 b5) + b3 (ror64 (logxor b3 b6) 29) + b6 (mod64- b6 b3) + b1 (ror64 (logxor b1 b4) 25) + b4 (mod64- b4 b1) + b3 (ror64 (logxor b3 b0) 17) + b0 (mod64- b0 b3) + b5 (ror64 (logxor b5 b6) 10) + b6 (mod64- b6 b5) + b7 (ror64 (logxor b7 b4) 50) + b4 (mod64- b4 b7) + b1 (ror64 (logxor b1 b2) 13) + b2 (mod64- b2 b1) + b7 (ror64 (logxor b7 b6) 24) + b6 (mod64- b6 (mod64+ b7 (mod64+ ,x0 ,x1))) + b7 (mod64- b7 (mod64+ ,x2 ,x3)) + b5 (ror64 (logxor b5 b4) 34) + b4 (mod64- b4 (mod64+ b5 ,x4)) + b5 (mod64- b5 (mod64+ ,x5 ,x6)) + b3 (ror64 (logxor b3 b2) 30) + b2 (mod64- b2 (mod64+ b3 ,x7)) + b3 (mod64- b3 ,x8) + b1 (ror64 (logxor b1 b0) 39) + b0 (mod64- b0 (mod64+ b1 ,x9)) + b1 (mod64- b1 ,x10) + b3 (ror64 (logxor b3 b4) 56) + b4 (mod64- b4 b3) + b5 (ror64 (logxor b5 b2) 54) + b2 (mod64- b2 b5) + b7 (ror64 (logxor b7 b0) 9) + b0 (mod64- b0 b7) + b1 (ror64 (logxor b1 b6) 44) + b6 (mod64- b6 b1) + b7 (ror64 (logxor b7 b2) 39) + b2 (mod64- b2 b7) + b5 (ror64 (logxor b5 b0) 36) + b0 (mod64- b0 b5) + b3 (ror64 (logxor b3 b6) 49) + b6 (mod64- b6 b3) + b1 (ror64 (logxor b1 b4) 17) + b4 (mod64- b4 b1) + b3 (ror64 (logxor b3 b0) 42) + b0 (mod64- b0 b3) + b5 (ror64 (logxor b5 b6) 14) + b6 (mod64- b6 b5) + b7 (ror64 (logxor b7 b4) 27) + b4 (mod64- b4 b7) + b1 (ror64 (logxor b1 b2) 33) + b2 (mod64- b2 b1) + b7 (ror64 (logxor b7 b6) 37) + b6 (mod64- b6 (mod64+ b7 (mod64+ ,x11 ,x12))) + b7 (mod64- b7 (mod64+ ,x13 ,x14)) + b5 (ror64 (logxor b5 b4) 19) + b4 (mod64- b4 (mod64+ b5 ,x15)) + b5 (mod64- b5 (mod64+ ,x16 ,x17)) + b3 (ror64 (logxor b3 b2) 36) + b2 (mod64- b2 (mod64+ b3 ,x18)) + b3 (mod64- b3 ,x19) + b1 (ror64 (logxor b1 b0) 46) + b0 (mod64- b0 (mod64+ b1 ,x20)) + b1 (mod64- b1 ,x21)))) + (arx k5 t0 k6 17 k3 k4 t2 k1 k2 k8 k0 + k4 t2 k5 16 k2 k3 t1 k0 k1 k7 k8) + (arx k3 t1 k4 15 k1 k2 t0 k8 k0 k6 k7 + k2 t0 k3 14 k0 k1 t2 k7 k8 k5 k6) + (arx k1 t2 k2 13 k8 k0 t1 k6 k7 k4 k5 + k0 t1 k1 12 k7 k8 t0 k5 k6 k3 k4) + (arx k8 t0 k0 11 k6 k7 t2 k4 k5 k2 k3 + k7 t2 k8 10 k5 k6 t1 k3 k4 k1 k2) + (arx k6 t1 k7 9 k4 k5 t0 k2 k3 k0 k1 + k5 t0 k6 8 k3 k4 t2 k1 k2 k8 k0) + (arx k4 t2 k5 7 k2 k3 t1 k0 k1 k7 k8 + k3 t1 k4 6 k1 k2 t0 k8 k0 k6 k7) + (arx k2 t0 k3 5 k0 k1 t2 k7 k8 k5 k6 + k1 t2 k2 4 k8 k0 t1 k6 k7 k4 k5) + (arx k0 t1 k1 3 k7 k8 t0 k5 k6 k3 k4 + k8 t0 k0 2 k6 k7 t2 k4 k5 k2 k3) + (arx k7 t2 k8 1 k5 k6 t1 k3 k4 k1 k2 + k6 t1 k7 0 k4 k5 t0 k2 k3 k0 k1)) (store-words plaintext plaintext-start b0 b1 b2 b3 b4 b5 b6 b7) (values)))) @@ -2230,1456 +544,172 @@ (type (simple-array (unsigned-byte 64) (3)) tweak) (type (unsigned-byte 64) k0 k1 k2 k3 k4 k5 k6 k7 k8 k9 k10 k11 k12 k13 k14 k15 k16 t0 t1 t2)) (with-words ((b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 b10 b11 b12 b13 b14 b15) plaintext plaintext-start :big-endian nil :size 8) - (setf b1 (mod64+ b1 k1) - b0 (mod64+ b0 (mod64+ b1 k0)) - b1 (logxor (rol64 b1 24) b0)) - (setf b3 (mod64+ b3 k3) - b2 (mod64+ b2 (mod64+ b3 k2)) - b3 (logxor (rol64 b3 13) b2)) - (setf b5 (mod64+ b5 k5) - b4 (mod64+ b4 (mod64+ b5 k4)) - b5 (logxor (rol64 b5 8) b4)) - (setf b7 (mod64+ b7 k7) - b6 (mod64+ b6 (mod64+ b7 k6)) - b7 (logxor (rol64 b7 47) b6)) - (setf b9 (mod64+ b9 k9) - b8 (mod64+ b8 (mod64+ b9 k8)) - b9 (logxor (rol64 b9 8) b8)) - (setf b11 (mod64+ b11 k11) - b10 (mod64+ b10 (mod64+ b11 k10)) - b11 (logxor (rol64 b11 17) b10)) - (setf b13 (mod64+ b13 (mod64+ k13 t0)) - b12 (mod64+ b12 (mod64+ b13 k12)) - b13 (logxor (rol64 b13 22) b12)) - (setf b15 (mod64+ b15 k15) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k14 t1))) - b15 (logxor (rol64 b15 37) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 38) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 19) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 10) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 55) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 49) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 18) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 23) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 52) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 33) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 4) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 51) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 13) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 34) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 41) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 59) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 17) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 5) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 20) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 48) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 41) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 47) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 28) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 16) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 25) b12)) - (setf b1 (mod64+ b1 k2) - b0 (mod64+ b0 (mod64+ b1 k1)) - b1 (logxor (rol64 b1 41) b0)) - (setf b3 (mod64+ b3 k4) - b2 (mod64+ b2 (mod64+ b3 k3)) - b3 (logxor (rol64 b3 9) b2)) - (setf b5 (mod64+ b5 k6) - b4 (mod64+ b4 (mod64+ b5 k5)) - b5 (logxor (rol64 b5 37) b4)) - (setf b7 (mod64+ b7 k8) - b6 (mod64+ b6 (mod64+ b7 k7)) - b7 (logxor (rol64 b7 31) b6)) - (setf b9 (mod64+ b9 k10) - b8 (mod64+ b8 (mod64+ b9 k9)) - b9 (logxor (rol64 b9 12) b8)) - (setf b11 (mod64+ b11 k12) - b10 (mod64+ b10 (mod64+ b11 k11)) - b11 (logxor (rol64 b11 47) b10)) - (setf b13 (mod64+ b13 (mod64+ k14 t1)) - b12 (mod64+ b12 (mod64+ b13 k13)) - b13 (logxor (rol64 b13 44) b12)) - (setf b15 (mod64+ b15 (mod64+ k16 1)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k15 t2))) - b15 (logxor (rol64 b15 30) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 16) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 34) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 56) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 51) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 4) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 53) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 42) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 41) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 31) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 44) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 47) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 46) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 19) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 42) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 44) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 25) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 9) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 48) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 35) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 52) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 23) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 31) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 37) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 20) b12)) - - (setf b1 (mod64+ b1 k3) - b0 (mod64+ b0 (mod64+ b1 k2)) - b1 (logxor (rol64 b1 24) b0)) - (setf b3 (mod64+ b3 k5) - b2 (mod64+ b2 (mod64+ b3 k4)) - b3 (logxor (rol64 b3 13) b2)) - (setf b5 (mod64+ b5 k7) - b4 (mod64+ b4 (mod64+ b5 k6)) - b5 (logxor (rol64 b5 8) b4)) - (setf b7 (mod64+ b7 k9) - b6 (mod64+ b6 (mod64+ b7 k8)) - b7 (logxor (rol64 b7 47) b6)) - (setf b9 (mod64+ b9 k11) - b8 (mod64+ b8 (mod64+ b9 k10)) - b9 (logxor (rol64 b9 8) b8)) - (setf b11 (mod64+ b11 k13) - b10 (mod64+ b10 (mod64+ b11 k12)) - b11 (logxor (rol64 b11 17) b10)) - (setf b13 (mod64+ b13 (mod64+ k15 t2)) - b12 (mod64+ b12 (mod64+ b13 k14)) - b13 (logxor (rol64 b13 22) b12)) - (setf b15 (mod64+ b15 (mod64+ k0 2)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k16 t0))) - b15 (logxor (rol64 b15 37) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 38) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 19) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 10) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 55) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 49) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 18) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 23) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 52) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 33) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 4) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 51) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 13) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 34) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 41) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 59) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 17) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 5) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 20) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 48) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 41) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 47) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 28) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 16) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 25) b12)) - (setf b1 (mod64+ b1 k4) - b0 (mod64+ b0 (mod64+ b1 k3)) - b1 (logxor (rol64 b1 41) b0)) - (setf b3 (mod64+ b3 k6) - b2 (mod64+ b2 (mod64+ b3 k5)) - b3 (logxor (rol64 b3 9) b2)) - (setf b5 (mod64+ b5 k8) - b4 (mod64+ b4 (mod64+ b5 k7)) - b5 (logxor (rol64 b5 37) b4)) - (setf b7 (mod64+ b7 k10) - b6 (mod64+ b6 (mod64+ b7 k9)) - b7 (logxor (rol64 b7 31) b6)) - (setf b9 (mod64+ b9 k12) - b8 (mod64+ b8 (mod64+ b9 k11)) - b9 (logxor (rol64 b9 12) b8)) - (setf b11 (mod64+ b11 k14) - b10 (mod64+ b10 (mod64+ b11 k13)) - b11 (logxor (rol64 b11 47) b10)) - (setf b13 (mod64+ b13 (mod64+ k16 t0)) - b12 (mod64+ b12 (mod64+ b13 k15)) - b13 (logxor (rol64 b13 44) b12)) - (setf b15 (mod64+ b15 (mod64+ k1 3)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k0 t1))) - b15 (logxor (rol64 b15 30) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 16) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 34) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 56) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 51) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 4) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 53) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 42) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 41) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 31) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 44) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 47) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 46) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 19) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 42) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 44) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 25) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 9) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 48) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 35) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 52) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 23) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 31) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 37) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 20) b12)) - - (setf b1 (mod64+ b1 k5) - b0 (mod64+ b0 (mod64+ b1 k4)) - b1 (logxor (rol64 b1 24) b0)) - (setf b3 (mod64+ b3 k7) - b2 (mod64+ b2 (mod64+ b3 k6)) - b3 (logxor (rol64 b3 13) b2)) - (setf b5 (mod64+ b5 k9) - b4 (mod64+ b4 (mod64+ b5 k8)) - b5 (logxor (rol64 b5 8) b4)) - (setf b7 (mod64+ b7 k11) - b6 (mod64+ b6 (mod64+ b7 k10)) - b7 (logxor (rol64 b7 47) b6)) - (setf b9 (mod64+ b9 k13) - b8 (mod64+ b8 (mod64+ b9 k12)) - b9 (logxor (rol64 b9 8) b8)) - (setf b11 (mod64+ b11 k15) - b10 (mod64+ b10 (mod64+ b11 k14)) - b11 (logxor (rol64 b11 17) b10)) - (setf b13 (mod64+ b13 (mod64+ k0 t1)) - b12 (mod64+ b12 (mod64+ b13 k16)) - b13 (logxor (rol64 b13 22) b12)) - (setf b15 (mod64+ b15 (mod64+ k2 4)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k1 t2))) - b15 (logxor (rol64 b15 37) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 38) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 19) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 10) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 55) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 49) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 18) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 23) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 52) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 33) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 4) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 51) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 13) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 34) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 41) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 59) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 17) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 5) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 20) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 48) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 41) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 47) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 28) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 16) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 25) b12)) - (setf b1 (mod64+ b1 k6) - b0 (mod64+ b0 (mod64+ b1 k5)) - b1 (logxor (rol64 b1 41) b0)) - (setf b3 (mod64+ b3 k8) - b2 (mod64+ b2 (mod64+ b3 k7)) - b3 (logxor (rol64 b3 9) b2)) - (setf b5 (mod64+ b5 k10) - b4 (mod64+ b4 (mod64+ b5 k9)) - b5 (logxor (rol64 b5 37) b4)) - (setf b7 (mod64+ b7 k12) - b6 (mod64+ b6 (mod64+ b7 k11)) - b7 (logxor (rol64 b7 31) b6)) - (setf b9 (mod64+ b9 k14) - b8 (mod64+ b8 (mod64+ b9 k13)) - b9 (logxor (rol64 b9 12) b8)) - (setf b11 (mod64+ b11 k16) - b10 (mod64+ b10 (mod64+ b11 k15)) - b11 (logxor (rol64 b11 47) b10)) - (setf b13 (mod64+ b13 (mod64+ k1 t2)) - b12 (mod64+ b12 (mod64+ b13 k0)) - b13 (logxor (rol64 b13 44) b12)) - (setf b15 (mod64+ b15 (mod64+ k3 5)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k2 t0))) - b15 (logxor (rol64 b15 30) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 16) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 34) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 56) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 51) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 4) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 53) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 42) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 41) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 31) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 44) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 47) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 46) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 19) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 42) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 44) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 25) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 9) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 48) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 35) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 52) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 23) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 31) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 37) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 20) b12)) - - (setf b1 (mod64+ b1 k7) - b0 (mod64+ b0 (mod64+ b1 k6)) - b1 (logxor (rol64 b1 24) b0)) - (setf b3 (mod64+ b3 k9) - b2 (mod64+ b2 (mod64+ b3 k8)) - b3 (logxor (rol64 b3 13) b2)) - (setf b5 (mod64+ b5 k11) - b4 (mod64+ b4 (mod64+ b5 k10)) - b5 (logxor (rol64 b5 8) b4)) - (setf b7 (mod64+ b7 k13) - b6 (mod64+ b6 (mod64+ b7 k12)) - b7 (logxor (rol64 b7 47) b6)) - (setf b9 (mod64+ b9 k15) - b8 (mod64+ b8 (mod64+ b9 k14)) - b9 (logxor (rol64 b9 8) b8)) - (setf b11 (mod64+ b11 k0) - b10 (mod64+ b10 (mod64+ b11 k16)) - b11 (logxor (rol64 b11 17) b10)) - (setf b13 (mod64+ b13 (mod64+ k2 t0)) - b12 (mod64+ b12 (mod64+ b13 k1)) - b13 (logxor (rol64 b13 22) b12)) - (setf b15 (mod64+ b15 (mod64+ k4 6)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k3 t1))) - b15 (logxor (rol64 b15 37) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 38) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 19) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 10) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 55) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 49) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 18) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 23) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 52) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 33) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 4) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 51) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 13) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 34) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 41) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 59) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 17) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 5) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 20) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 48) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 41) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 47) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 28) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 16) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 25) b12)) - (setf b1 (mod64+ b1 k8) - b0 (mod64+ b0 (mod64+ b1 k7)) - b1 (logxor (rol64 b1 41) b0)) - (setf b3 (mod64+ b3 k10) - b2 (mod64+ b2 (mod64+ b3 k9)) - b3 (logxor (rol64 b3 9) b2)) - (setf b5 (mod64+ b5 k12) - b4 (mod64+ b4 (mod64+ b5 k11)) - b5 (logxor (rol64 b5 37) b4)) - (setf b7 (mod64+ b7 k14) - b6 (mod64+ b6 (mod64+ b7 k13)) - b7 (logxor (rol64 b7 31) b6)) - (setf b9 (mod64+ b9 k16) - b8 (mod64+ b8 (mod64+ b9 k15)) - b9 (logxor (rol64 b9 12) b8)) - (setf b11 (mod64+ b11 k1) - b10 (mod64+ b10 (mod64+ b11 k0)) - b11 (logxor (rol64 b11 47) b10)) - (setf b13 (mod64+ b13 (mod64+ k3 t1)) - b12 (mod64+ b12 (mod64+ b13 k2)) - b13 (logxor (rol64 b13 44) b12)) - (setf b15 (mod64+ b15 (mod64+ k5 7)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k4 t2))) - b15 (logxor (rol64 b15 30) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 16) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 34) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 56) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 51) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 4) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 53) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 42) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 41) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 31) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 44) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 47) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 46) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 19) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 42) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 44) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 25) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 9) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 48) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 35) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 52) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 23) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 31) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 37) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 20) b12)) - - (setf b1 (mod64+ b1 k9) - b0 (mod64+ b0 (mod64+ b1 k8)) - b1 (logxor (rol64 b1 24) b0)) - (setf b3 (mod64+ b3 k11) - b2 (mod64+ b2 (mod64+ b3 k10)) - b3 (logxor (rol64 b3 13) b2)) - (setf b5 (mod64+ b5 k13) - b4 (mod64+ b4 (mod64+ b5 k12)) - b5 (logxor (rol64 b5 8) b4)) - (setf b7 (mod64+ b7 k15) - b6 (mod64+ b6 (mod64+ b7 k14)) - b7 (logxor (rol64 b7 47) b6)) - (setf b9 (mod64+ b9 k0) - b8 (mod64+ b8 (mod64+ b9 k16)) - b9 (logxor (rol64 b9 8) b8)) - (setf b11 (mod64+ b11 k2) - b10 (mod64+ b10 (mod64+ b11 k1)) - b11 (logxor (rol64 b11 17) b10)) - (setf b13 (mod64+ b13 (mod64+ k4 t2)) - b12 (mod64+ b12 (mod64+ b13 k3)) - b13 (logxor (rol64 b13 22) b12)) - (setf b15 (mod64+ b15 (mod64+ k6 8)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k5 t0))) - b15 (logxor (rol64 b15 37) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 38) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 19) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 10) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 55) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 49) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 18) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 23) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 52) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 33) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 4) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 51) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 13) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 34) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 41) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 59) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 17) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 5) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 20) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 48) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 41) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 47) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 28) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 16) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 25) b12)) - (setf b1 (mod64+ b1 k10) - b0 (mod64+ b0 (mod64+ b1 k9)) - b1 (logxor (rol64 b1 41) b0)) - (setf b3 (mod64+ b3 k12) - b2 (mod64+ b2 (mod64+ b3 k11)) - b3 (logxor (rol64 b3 9) b2)) - (setf b5 (mod64+ b5 k14) - b4 (mod64+ b4 (mod64+ b5 k13)) - b5 (logxor (rol64 b5 37) b4)) - (setf b7 (mod64+ b7 k16) - b6 (mod64+ b6 (mod64+ b7 k15)) - b7 (logxor (rol64 b7 31) b6)) - (setf b9 (mod64+ b9 k1) - b8 (mod64+ b8 (mod64+ b9 k0)) - b9 (logxor (rol64 b9 12) b8)) - (setf b11 (mod64+ b11 k3) - b10 (mod64+ b10 (mod64+ b11 k2)) - b11 (logxor (rol64 b11 47) b10)) - (setf b13 (mod64+ b13 (mod64+ k5 t0)) - b12 (mod64+ b12 (mod64+ b13 k4)) - b13 (logxor (rol64 b13 44) b12)) - (setf b15 (mod64+ b15 (mod64+ k7 9)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k6 t1))) - b15 (logxor (rol64 b15 30) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 16) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 34) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 56) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 51) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 4) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 53) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 42) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 41) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 31) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 44) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 47) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 46) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 19) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 42) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 44) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 25) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 9) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 48) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 35) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 52) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 23) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 31) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 37) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 20) b12)) - - (setf b1 (mod64+ b1 k11) - b0 (mod64+ b0 (mod64+ b1 k10)) - b1 (logxor (rol64 b1 24) b0)) - (setf b3 (mod64+ b3 k13) - b2 (mod64+ b2 (mod64+ b3 k12)) - b3 (logxor (rol64 b3 13) b2)) - (setf b5 (mod64+ b5 k15) - b4 (mod64+ b4 (mod64+ b5 k14)) - b5 (logxor (rol64 b5 8) b4)) - (setf b7 (mod64+ b7 k0) - b6 (mod64+ b6 (mod64+ b7 k16)) - b7 (logxor (rol64 b7 47) b6)) - (setf b9 (mod64+ b9 k2) - b8 (mod64+ b8 (mod64+ b9 k1)) - b9 (logxor (rol64 b9 8) b8)) - (setf b11 (mod64+ b11 k4) - b10 (mod64+ b10 (mod64+ b11 k3)) - b11 (logxor (rol64 b11 17) b10)) - (setf b13 (mod64+ b13 (mod64+ k6 t1)) - b12 (mod64+ b12 (mod64+ b13 k5)) - b13 (logxor (rol64 b13 22) b12)) - (setf b15 (mod64+ b15 (mod64+ k8 10)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k7 t2))) - b15 (logxor (rol64 b15 37) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 38) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 19) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 10) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 55) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 49) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 18) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 23) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 52) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 33) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 4) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 51) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 13) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 34) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 41) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 59) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 17) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 5) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 20) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 48) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 41) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 47) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 28) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 16) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 25) b12)) - (setf b1 (mod64+ b1 k12) - b0 (mod64+ b0 (mod64+ b1 k11)) - b1 (logxor (rol64 b1 41) b0)) - (setf b3 (mod64+ b3 k14) - b2 (mod64+ b2 (mod64+ b3 k13)) - b3 (logxor (rol64 b3 9) b2)) - (setf b5 (mod64+ b5 k16) - b4 (mod64+ b4 (mod64+ b5 k15)) - b5 (logxor (rol64 b5 37) b4)) - (setf b7 (mod64+ b7 k1) - b6 (mod64+ b6 (mod64+ b7 k0)) - b7 (logxor (rol64 b7 31) b6)) - (setf b9 (mod64+ b9 k3) - b8 (mod64+ b8 (mod64+ b9 k2)) - b9 (logxor (rol64 b9 12) b8)) - (setf b11 (mod64+ b11 k5) - b10 (mod64+ b10 (mod64+ b11 k4)) - b11 (logxor (rol64 b11 47) b10)) - (setf b13 (mod64+ b13 (mod64+ k7 t2)) - b12 (mod64+ b12 (mod64+ b13 k6)) - b13 (logxor (rol64 b13 44) b12)) - (setf b15 (mod64+ b15 (mod64+ k9 11)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k8 t0))) - b15 (logxor (rol64 b15 30) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 16) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 34) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 56) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 51) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 4) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 53) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 42) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 41) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 31) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 44) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 47) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 46) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 19) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 42) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 44) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 25) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 9) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 48) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 35) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 52) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 23) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 31) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 37) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 20) b12)) - - (setf b1 (mod64+ b1 k13) - b0 (mod64+ b0 (mod64+ b1 k12)) - b1 (logxor (rol64 b1 24) b0)) - (setf b3 (mod64+ b3 k15) - b2 (mod64+ b2 (mod64+ b3 k14)) - b3 (logxor (rol64 b3 13) b2)) - (setf b5 (mod64+ b5 k0) - b4 (mod64+ b4 (mod64+ b5 k16)) - b5 (logxor (rol64 b5 8) b4)) - (setf b7 (mod64+ b7 k2) - b6 (mod64+ b6 (mod64+ b7 k1)) - b7 (logxor (rol64 b7 47) b6)) - (setf b9 (mod64+ b9 k4) - b8 (mod64+ b8 (mod64+ b9 k3)) - b9 (logxor (rol64 b9 8) b8)) - (setf b11 (mod64+ b11 k6) - b10 (mod64+ b10 (mod64+ b11 k5)) - b11 (logxor (rol64 b11 17) b10)) - (setf b13 (mod64+ b13 (mod64+ k8 t0)) - b12 (mod64+ b12 (mod64+ b13 k7)) - b13 (logxor (rol64 b13 22) b12)) - (setf b15 (mod64+ b15 (mod64+ k10 12)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k9 t1))) - b15 (logxor (rol64 b15 37) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 38) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 19) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 10) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 55) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 49) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 18) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 23) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 52) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 33) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 4) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 51) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 13) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 34) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 41) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 59) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 17) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 5) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 20) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 48) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 41) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 47) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 28) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 16) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 25) b12)) - (setf b1 (mod64+ b1 k14) - b0 (mod64+ b0 (mod64+ b1 k13)) - b1 (logxor (rol64 b1 41) b0)) - (setf b3 (mod64+ b3 k16) - b2 (mod64+ b2 (mod64+ b3 k15)) - b3 (logxor (rol64 b3 9) b2)) - (setf b5 (mod64+ b5 k1) - b4 (mod64+ b4 (mod64+ b5 k0)) - b5 (logxor (rol64 b5 37) b4)) - (setf b7 (mod64+ b7 k3) - b6 (mod64+ b6 (mod64+ b7 k2)) - b7 (logxor (rol64 b7 31) b6)) - (setf b9 (mod64+ b9 k5) - b8 (mod64+ b8 (mod64+ b9 k4)) - b9 (logxor (rol64 b9 12) b8)) - (setf b11 (mod64+ b11 k7) - b10 (mod64+ b10 (mod64+ b11 k6)) - b11 (logxor (rol64 b11 47) b10)) - (setf b13 (mod64+ b13 (mod64+ k9 t1)) - b12 (mod64+ b12 (mod64+ b13 k8)) - b13 (logxor (rol64 b13 44) b12)) - (setf b15 (mod64+ b15 (mod64+ k11 13)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k10 t2))) - b15 (logxor (rol64 b15 30) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 16) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 34) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 56) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 51) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 4) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 53) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 42) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 41) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 31) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 44) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 47) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 46) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 19) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 42) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 44) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 25) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 9) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 48) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 35) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 52) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 23) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 31) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 37) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 20) b12)) - - (setf b1 (mod64+ b1 k15) - b0 (mod64+ b0 (mod64+ b1 k14)) - b1 (logxor (rol64 b1 24) b0)) - (setf b3 (mod64+ b3 k0) - b2 (mod64+ b2 (mod64+ b3 k16)) - b3 (logxor (rol64 b3 13) b2)) - (setf b5 (mod64+ b5 k2) - b4 (mod64+ b4 (mod64+ b5 k1)) - b5 (logxor (rol64 b5 8) b4)) - (setf b7 (mod64+ b7 k4) - b6 (mod64+ b6 (mod64+ b7 k3)) - b7 (logxor (rol64 b7 47) b6)) - (setf b9 (mod64+ b9 k6) - b8 (mod64+ b8 (mod64+ b9 k5)) - b9 (logxor (rol64 b9 8) b8)) - (setf b11 (mod64+ b11 k8) - b10 (mod64+ b10 (mod64+ b11 k7)) - b11 (logxor (rol64 b11 17) b10)) - (setf b13 (mod64+ b13 (mod64+ k10 t2)) - b12 (mod64+ b12 (mod64+ b13 k9)) - b13 (logxor (rol64 b13 22) b12)) - (setf b15 (mod64+ b15 (mod64+ k12 14)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k11 t0))) - b15 (logxor (rol64 b15 37) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 38) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 19) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 10) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 55) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 49) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 18) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 23) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 52) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 33) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 4) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 51) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 13) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 34) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 41) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 59) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 17) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 5) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 20) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 48) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 41) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 47) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 28) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 16) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 25) b12)) - (setf b1 (mod64+ b1 k16) - b0 (mod64+ b0 (mod64+ b1 k15)) - b1 (logxor (rol64 b1 41) b0)) - (setf b3 (mod64+ b3 k1) - b2 (mod64+ b2 (mod64+ b3 k0)) - b3 (logxor (rol64 b3 9) b2)) - (setf b5 (mod64+ b5 k3) - b4 (mod64+ b4 (mod64+ b5 k2)) - b5 (logxor (rol64 b5 37) b4)) - (setf b7 (mod64+ b7 k5) - b6 (mod64+ b6 (mod64+ b7 k4)) - b7 (logxor (rol64 b7 31) b6)) - (setf b9 (mod64+ b9 k7) - b8 (mod64+ b8 (mod64+ b9 k6)) - b9 (logxor (rol64 b9 12) b8)) - (setf b11 (mod64+ b11 k9) - b10 (mod64+ b10 (mod64+ b11 k8)) - b11 (logxor (rol64 b11 47) b10)) - (setf b13 (mod64+ b13 (mod64+ k11 t0)) - b12 (mod64+ b12 (mod64+ b13 k10)) - b13 (logxor (rol64 b13 44) b12)) - (setf b15 (mod64+ b15 (mod64+ k13 15)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k12 t1))) - b15 (logxor (rol64 b15 30) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 16) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 34) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 56) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 51) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 4) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 53) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 42) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 41) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 31) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 44) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 47) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 46) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 19) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 42) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 44) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 25) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 9) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 48) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 35) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 52) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 23) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 31) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 37) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 20) b12)) - - (setf b1 (mod64+ b1 k0) - b0 (mod64+ b0 (mod64+ b1 k16)) - b1 (logxor (rol64 b1 24) b0)) - (setf b3 (mod64+ b3 k2) - b2 (mod64+ b2 (mod64+ b3 k1)) - b3 (logxor (rol64 b3 13) b2)) - (setf b5 (mod64+ b5 k4) - b4 (mod64+ b4 (mod64+ b5 k3)) - b5 (logxor (rol64 b5 8) b4)) - (setf b7 (mod64+ b7 k6) - b6 (mod64+ b6 (mod64+ b7 k5)) - b7 (logxor (rol64 b7 47) b6)) - (setf b9 (mod64+ b9 k8) - b8 (mod64+ b8 (mod64+ b9 k7)) - b9 (logxor (rol64 b9 8) b8)) - (setf b11 (mod64+ b11 k10) - b10 (mod64+ b10 (mod64+ b11 k9)) - b11 (logxor (rol64 b11 17) b10)) - (setf b13 (mod64+ b13 (mod64+ k12 t1)) - b12 (mod64+ b12 (mod64+ b13 k11)) - b13 (logxor (rol64 b13 22) b12)) - (setf b15 (mod64+ b15 (mod64+ k14 16)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k13 t2))) - b15 (logxor (rol64 b15 37) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 38) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 19) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 10) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 55) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 49) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 18) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 23) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 52) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 33) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 4) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 51) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 13) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 34) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 41) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 59) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 17) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 5) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 20) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 48) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 41) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 47) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 28) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 16) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 25) b12)) - (setf b1 (mod64+ b1 k1) - b0 (mod64+ b0 (mod64+ b1 k0)) - b1 (logxor (rol64 b1 41) b0)) - (setf b3 (mod64+ b3 k3) - b2 (mod64+ b2 (mod64+ b3 k2)) - b3 (logxor (rol64 b3 9) b2)) - (setf b5 (mod64+ b5 k5) - b4 (mod64+ b4 (mod64+ b5 k4)) - b5 (logxor (rol64 b5 37) b4)) - (setf b7 (mod64+ b7 k7) - b6 (mod64+ b6 (mod64+ b7 k6)) - b7 (logxor (rol64 b7 31) b6)) - (setf b9 (mod64+ b9 k9) - b8 (mod64+ b8 (mod64+ b9 k8)) - b9 (logxor (rol64 b9 12) b8)) - (setf b11 (mod64+ b11 k11) - b10 (mod64+ b10 (mod64+ b11 k10)) - b11 (logxor (rol64 b11 47) b10)) - (setf b13 (mod64+ b13 (mod64+ k13 t2)) - b12 (mod64+ b12 (mod64+ b13 k12)) - b13 (logxor (rol64 b13 44) b12)) - (setf b15 (mod64+ b15 (mod64+ k15 17)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k14 t0))) - b15 (logxor (rol64 b15 30) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 16) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 34) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 56) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 51) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 4) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 53) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 42) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 41) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 31) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 44) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 47) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 46) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 19) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 42) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 44) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 25) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 9) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 48) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 35) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 52) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 23) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 31) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 37) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 20) b12)) - - (setf b1 (mod64+ b1 k2) - b0 (mod64+ b0 (mod64+ b1 k1)) - b1 (logxor (rol64 b1 24) b0)) - (setf b3 (mod64+ b3 k4) - b2 (mod64+ b2 (mod64+ b3 k3)) - b3 (logxor (rol64 b3 13) b2)) - (setf b5 (mod64+ b5 k6) - b4 (mod64+ b4 (mod64+ b5 k5)) - b5 (logxor (rol64 b5 8) b4)) - (setf b7 (mod64+ b7 k8) - b6 (mod64+ b6 (mod64+ b7 k7)) - b7 (logxor (rol64 b7 47) b6)) - (setf b9 (mod64+ b9 k10) - b8 (mod64+ b8 (mod64+ b9 k9)) - b9 (logxor (rol64 b9 8) b8)) - (setf b11 (mod64+ b11 k12) - b10 (mod64+ b10 (mod64+ b11 k11)) - b11 (logxor (rol64 b11 17) b10)) - (setf b13 (mod64+ b13 (mod64+ k14 t0)) - b12 (mod64+ b12 (mod64+ b13 k13)) - b13 (logxor (rol64 b13 22) b12)) - (setf b15 (mod64+ b15 (mod64+ k16 18)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k15 t1))) - b15 (logxor (rol64 b15 37) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 38) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 19) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 10) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 55) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 49) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 18) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 23) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 52) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 33) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 4) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 51) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 13) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 34) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 41) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 59) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 17) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 5) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 20) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 48) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 41) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 47) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 28) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 16) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 25) b12)) - (setf b1 (mod64+ b1 k3) - b0 (mod64+ b0 (mod64+ b1 k2)) - b1 (logxor (rol64 b1 41) b0)) - (setf b3 (mod64+ b3 k5) - b2 (mod64+ b2 (mod64+ b3 k4)) - b3 (logxor (rol64 b3 9) b2)) - (setf b5 (mod64+ b5 k7) - b4 (mod64+ b4 (mod64+ b5 k6)) - b5 (logxor (rol64 b5 37) b4)) - (setf b7 (mod64+ b7 k9) - b6 (mod64+ b6 (mod64+ b7 k8)) - b7 (logxor (rol64 b7 31) b6)) - (setf b9 (mod64+ b9 k11) - b8 (mod64+ b8 (mod64+ b9 k10)) - b9 (logxor (rol64 b9 12) b8)) - (setf b11 (mod64+ b11 k13) - b10 (mod64+ b10 (mod64+ b11 k12)) - b11 (logxor (rol64 b11 47) b10)) - (setf b13 (mod64+ b13 (mod64+ k15 t1)) - b12 (mod64+ b12 (mod64+ b13 k14)) - b13 (logxor (rol64 b13 44) b12)) - (setf b15 (mod64+ b15 (mod64+ k0 19)) - b14 (mod64+ b14 (mod64+ b15 (mod64+ k16 t2))) - b15 (logxor (rol64 b15 30) b14)) - (setf b0 (mod64+ b0 b9) - b9 (logxor (rol64 b9 16) b0)) - (setf b2 (mod64+ b2 b13) - b13 (logxor (rol64 b13 34) b2)) - (setf b6 (mod64+ b6 b11) - b11 (logxor (rol64 b11 56) b6)) - (setf b4 (mod64+ b4 b15) - b15 (logxor (rol64 b15 51) b4)) - (setf b10 (mod64+ b10 b7) - b7 (logxor (rol64 b7 4) b10)) - (setf b12 (mod64+ b12 b3) - b3 (logxor (rol64 b3 53) b12)) - (setf b14 (mod64+ b14 b5) - b5 (logxor (rol64 b5 42) b14)) - (setf b8 (mod64+ b8 b1) - b1 (logxor (rol64 b1 41) b8)) - (setf b0 (mod64+ b0 b7) - b7 (logxor (rol64 b7 31) b0)) - (setf b2 (mod64+ b2 b5) - b5 (logxor (rol64 b5 44) b2)) - (setf b4 (mod64+ b4 b3) - b3 (logxor (rol64 b3 47) b4)) - (setf b6 (mod64+ b6 b1) - b1 (logxor (rol64 b1 46) b6)) - (setf b12 (mod64+ b12 b15) - b15 (logxor (rol64 b15 19) b12)) - (setf b14 (mod64+ b14 b13) - b13 (logxor (rol64 b13 42) b14)) - (setf b8 (mod64+ b8 b11) - b11 (logxor (rol64 b11 44) b8)) - (setf b10 (mod64+ b10 b9) - b9 (logxor (rol64 b9 25) b10)) - (setf b0 (mod64+ b0 b15) - b15 (logxor (rol64 b15 9) b0)) - (setf b2 (mod64+ b2 b11) - b11 (logxor (rol64 b11 48) b2)) - (setf b6 (mod64+ b6 b13) - b13 (logxor (rol64 b13 35) b6)) - (setf b4 (mod64+ b4 b9) - b9 (logxor (rol64 b9 52) b4)) - (setf b14 (mod64+ b14 b1) - b1 (logxor (rol64 b1 23) b14)) - (setf b8 (mod64+ b8 b5) - b5 (logxor (rol64 b5 31) b8)) - (setf b10 (mod64+ b10 b3) - b3 (logxor (rol64 b3 37) b10)) - (setf b12 (mod64+ b12 b7) - b7 (logxor (rol64 b7 20) b12)) - + (macrolet ((arx (x0 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 x14 x15 x16 x17 x18 + x19 x20 x21 x22 x23 x24 x25 x26 x27 x28 x29 x30 x31 x32 x33 x34 x35 x36 x37) + `(setf b1 (mod64+ b1 ,x0) + b0 (mod64+ b0 (mod64+ b1 ,x1)) + b1 (logxor (rol64 b1 24) b0) + b3 (mod64+ b3 ,x2) + b2 (mod64+ b2 (mod64+ b3 ,x3)) + b3 (logxor (rol64 b3 13) b2) + b5 (mod64+ b5 ,x4) + b4 (mod64+ b4 (mod64+ b5 ,x5)) + b5 (logxor (rol64 b5 8) b4) + b7 (mod64+ b7 ,x6) + b6 (mod64+ b6 (mod64+ b7 ,x7)) + b7 (logxor (rol64 b7 47) b6) + b9 (mod64+ b9 ,x8) + b8 (mod64+ b8 (mod64+ b9 ,x9)) + b9 (logxor (rol64 b9 8) b8) + b11 (mod64+ b11 ,x10) + b10 (mod64+ b10 (mod64+ b11 ,x11)) + b11 (logxor (rol64 b11 17) b10) + b13 (mod64+ b13 (mod64+ ,x12 ,x13)) + b12 (mod64+ b12 (mod64+ b13 ,x14)) + b13 (logxor (rol64 b13 22) b12) + b15 (mod64+ b15 (mod64+ ,x15 ,x16)) + b14 (mod64+ b14 (mod64+ b15 (mod64+ ,x17 ,x18))) + b15 (logxor (rol64 b15 37) b14) + b0 (mod64+ b0 b9) + b9 (logxor (rol64 b9 38) b0) + b2 (mod64+ b2 b13) + b13 (logxor (rol64 b13 19) b2) + b6 (mod64+ b6 b11) + b11 (logxor (rol64 b11 10) b6) + b4 (mod64+ b4 b15) + b15 (logxor (rol64 b15 55) b4) + b10 (mod64+ b10 b7) + b7 (logxor (rol64 b7 49) b10) + b12 (mod64+ b12 b3) + b3 (logxor (rol64 b3 18) b12) + b14 (mod64+ b14 b5) + b5 (logxor (rol64 b5 23) b14) + b8 (mod64+ b8 b1) + b1 (logxor (rol64 b1 52) b8) + b0 (mod64+ b0 b7) + b7 (logxor (rol64 b7 33) b0) + b2 (mod64+ b2 b5) + b5 (logxor (rol64 b5 4) b2) + b4 (mod64+ b4 b3) + b3 (logxor (rol64 b3 51) b4) + b6 (mod64+ b6 b1) + b1 (logxor (rol64 b1 13) b6) + b12 (mod64+ b12 b15) + b15 (logxor (rol64 b15 34) b12) + b14 (mod64+ b14 b13) + b13 (logxor (rol64 b13 41) b14) + b8 (mod64+ b8 b11) + b11 (logxor (rol64 b11 59) b8) + b10 (mod64+ b10 b9) + b9 (logxor (rol64 b9 17) b10) + b0 (mod64+ b0 b15) + b15 (logxor (rol64 b15 5) b0) + b2 (mod64+ b2 b11) + b11 (logxor (rol64 b11 20) b2) + b6 (mod64+ b6 b13) + b13 (logxor (rol64 b13 48) b6) + b4 (mod64+ b4 b9) + b9 (logxor (rol64 b9 41) b4) + b14 (mod64+ b14 b1) + b1 (logxor (rol64 b1 47) b14) + b8 (mod64+ b8 b5) + b5 (logxor (rol64 b5 28) b8) + b10 (mod64+ b10 b3) + b3 (logxor (rol64 b3 16) b10) + b12 (mod64+ b12 b7) + b7 (logxor (rol64 b7 25) b12) + b1 (mod64+ b1 ,x19) + b0 (mod64+ b0 (mod64+ b1 ,x20)) + b1 (logxor (rol64 b1 41) b0) + b3 (mod64+ b3 ,x21) + b2 (mod64+ b2 (mod64+ b3 ,x22)) + b3 (logxor (rol64 b3 9) b2) + b5 (mod64+ b5 ,x23) + b4 (mod64+ b4 (mod64+ b5 ,x24)) + b5 (logxor (rol64 b5 37) b4) + b7 (mod64+ b7 ,x25) + b6 (mod64+ b6 (mod64+ b7 ,x26)) + b7 (logxor (rol64 b7 31) b6) + b9 (mod64+ b9 ,x27) + b8 (mod64+ b8 (mod64+ b9 ,x28)) + b9 (logxor (rol64 b9 12) b8) + b11 (mod64+ b11 ,x29) + b10 (mod64+ b10 (mod64+ b11 ,x30)) + b11 (logxor (rol64 b11 47) b10) + b13 (mod64+ b13 (mod64+ ,x31 ,x32)) + b12 (mod64+ b12 (mod64+ b13 ,x33)) + b13 (logxor (rol64 b13 44) b12) + b15 (mod64+ b15 (mod64+ ,x34 ,x35)) + b14 (mod64+ b14 (mod64+ b15 (mod64+ ,x36 ,x37))) + b15 (logxor (rol64 b15 30) b14) + b0 (mod64+ b0 b9) + b9 (logxor (rol64 b9 16) b0) + b2 (mod64+ b2 b13) + b13 (logxor (rol64 b13 34) b2) + b6 (mod64+ b6 b11) + b11 (logxor (rol64 b11 56) b6) + b4 (mod64+ b4 b15) + b15 (logxor (rol64 b15 51) b4) + b10 (mod64+ b10 b7) + b7 (logxor (rol64 b7 4) b10) + b12 (mod64+ b12 b3) + b3 (logxor (rol64 b3 53) b12) + b14 (mod64+ b14 b5) + b5 (logxor (rol64 b5 42) b14) + b8 (mod64+ b8 b1) + b1 (logxor (rol64 b1 41) b8) + b0 (mod64+ b0 b7) + b7 (logxor (rol64 b7 31) b0) + b2 (mod64+ b2 b5) + b5 (logxor (rol64 b5 44) b2) + b4 (mod64+ b4 b3) + b3 (logxor (rol64 b3 47) b4) + b6 (mod64+ b6 b1) + b1 (logxor (rol64 b1 46) b6) + b12 (mod64+ b12 b15) + b15 (logxor (rol64 b15 19) b12) + b14 (mod64+ b14 b13) + b13 (logxor (rol64 b13 42) b14) + b8 (mod64+ b8 b11) + b11 (logxor (rol64 b11 44) b8) + b10 (mod64+ b10 b9) + b9 (logxor (rol64 b9 25) b10) + b0 (mod64+ b0 b15) + b15 (logxor (rol64 b15 9) b0) + b2 (mod64+ b2 b11) + b11 (logxor (rol64 b11 48) b2) + b6 (mod64+ b6 b13) + b13 (logxor (rol64 b13 35) b6) + b4 (mod64+ b4 b9) + b9 (logxor (rol64 b9 52) b4) + b14 (mod64+ b14 b1) + b1 (logxor (rol64 b1 23) b14) + b8 (mod64+ b8 b5) + b5 (logxor (rol64 b5 31) b8) + b10 (mod64+ b10 b3) + b3 (logxor (rol64 b3 37) b10) + b12 (mod64+ b12 b7) + b7 (logxor (rol64 b7 20) b12)))) + (arx k1 k0 k3 k2 k5 k4 k7 k6 k9 k8 k11 k10 k13 t0 k12 k15 0 k14 t1 + k2 k1 k4 k3 k6 k5 k8 k7 k10 k9 k12 k11 k14 t1 k13 k16 1 k15 t2) + (arx k3 k2 k5 k4 k7 k6 k9 k8 k11 k10 k13 k12 k15 t2 k14 k0 2 k16 t0 + k4 k3 k6 k5 k8 k7 k10 k9 k12 k11 k14 k13 k16 t0 k15 k1 3 k0 t1) + (arx k5 k4 k7 k6 k9 k8 k11 k10 k13 k12 k15 k14 k0 t1 k16 k2 4 k1 t2 + k6 k5 k8 k7 k10 k9 k12 k11 k14 k13 k16 k15 k1 t2 k0 k3 5 k2 t0) + (arx k7 k6 k9 k8 k11 k10 k13 k12 k15 k14 k0 k16 k2 t0 k1 k4 6 k3 t1 + k8 k7 k10 k9 k12 k11 k14 k13 k16 k15 k1 k0 k3 t1 k2 k5 7 k4 t2) + (arx k9 k8 k11 k10 k13 k12 k15 k14 k0 k16 k2 k1 k4 t2 k3 k6 8 k5 t0 + k10 k9 k12 k11 k14 k13 k16 k15 k1 k0 k3 k2 k5 t0 k4 k7 9 k6 t1) + (arx k11 k10 k13 k12 k15 k14 k0 k16 k2 k1 k4 k3 k6 t1 k5 k8 10 k7 t2 + k12 k11 k14 k13 k16 k15 k1 k0 k3 k2 k5 k4 k7 t2 k6 k9 11 k8 t0) + (arx k13 k12 k15 k14 k0 k16 k2 k1 k4 k3 k6 k5 k8 t0 k7 k10 12 k9 t1 + k14 k13 k16 k15 k1 k0 k3 k2 k5 k4 k7 k6 k9 t1 k8 k11 13 k10 t2) + (arx k15 k14 k0 k16 k2 k1 k4 k3 k6 k5 k8 k7 k10 t2 k9 k12 14 k11 t0 + k16 k15 k1 k0 k3 k2 k5 k4 k7 k6 k9 k8 k11 t0 k10 k13 15 k12 t1) + (arx k0 k16 k2 k1 k4 k3 k6 k5 k8 k7 k10 k9 k12 t1 k11 k14 16 k13 t2 + k1 k0 k3 k2 k5 k4 k7 k6 k9 k8 k11 k10 k13 t2 k12 k15 17 k14 t0) + (arx k2 k1 k4 k3 k6 k5 k8 k7 k10 k9 k12 k11 k14 t0 k13 k16 18 k15 t1 + k3 k2 k5 k4 k7 k6 k9 k8 k11 k10 k13 k12 k15 t1 k14 k0 19 k16 t2)) (setf b0 (mod64+ b0 k3) b1 (mod64+ b1 k4) b2 (mod64+ b2 k5) @@ -3742,1457 +772,172 @@ b13 (mod64- b13 (mod64+ k16 t2)) b14 (mod64- b14 (mod64+ k0 t0)) b15 (mod64- b15 (mod64+ k1 20))) - - (setf b7 (ror64 (logxor b7 b12) 20) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 37) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 31) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 23) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 52) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 35) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 48) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b15 b0) 9) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 25) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 44) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 42) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 19) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 46) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 47) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 44) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 31) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 41) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 42) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 53) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 4) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 51) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 56) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 34) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 16) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 30) - b14 (mod64- b14 (mod64+ b15 (mod64+ k16 t2))) - b15 (mod64- b15 (mod64+ k0 19))) - (setf b13 (ror64 (logxor b13 b12) 44) - b12 (mod64- b12 (mod64+ b13 k14)) - b13 (mod64- b13 (mod64+ k15 t1))) - (setf b11 (ror64 (logxor b11 b10) 47) - b10 (mod64- b10 (mod64+ b11 k12)) - b11 (mod64- b11 k13)) - (setf b9 (ror64 (logxor b9 b8) 12) - b8 (mod64- b8 (mod64+ b9 k10)) - b9 (mod64- b9 k11)) - (setf b7 (ror64 (logxor b7 b6) 31) - b6 (mod64- b6 (mod64+ b7 k8)) - b7 (mod64- b7 k9)) - (setf b5 (ror64 (logxor b5 b4) 37) - b4 (mod64- b4 (mod64+ b5 k6)) - b5 (mod64- b5 k7)) - (setf b3 (ror64 (logxor b3 b2) 9) - b2 (mod64- b2 (mod64+ b3 k4)) - b3 (mod64- b3 k5)) - (setf b1 (ror64 (logxor b1 b0) 41) - b0 (mod64- b0 (mod64+ b1 k2)) - b1 (mod64- b1 k3)) - (setf b7 (ror64 (logxor b7 b12) 25) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 16) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 28) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 47) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 41) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 48) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 20) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b0 b15) 5) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 17) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 59) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 41) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 34) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 13) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 51) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 4) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 33) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 52) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 23) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 18) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 49) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 55) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 10) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 19) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 38) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 37) - b14 (mod64- b14 (mod64+ b15 (mod64+ k15 t1))) - b15 (mod64- b15 (mod64+ k16 18))) - (setf b13 (ror64 (logxor b13 b12) 22) - b12 (mod64- b12 (mod64+ b13 k13)) - b13 (mod64- b13 (mod64+ k14 t0))) - (setf b11 (ror64 (logxor b11 b10) 17) - b10 (mod64- b10 (mod64+ b11 k11)) - b11 (mod64- b11 k12)) - (setf b9 (ror64 (logxor b9 b8) 8) - b8 (mod64- b8 (mod64+ b9 k9)) - b9 (mod64- b9 k10)) - (setf b7 (ror64 (logxor b7 b6) 47) - b6 (mod64- b6 (mod64+ b7 k7)) - b7 (mod64- b7 k8)) - (setf b5 (ror64 (logxor b5 b4) 8) - b4 (mod64- b4 (mod64+ b5 k5)) - b5 (mod64- b5 k6)) - (setf b3 (ror64 (logxor b3 b2) 13) - b2 (mod64- b2 (mod64+ b3 k3)) - b3 (mod64- b3 k4)) - (setf b1 (ror64 (logxor b1 b0) 24) - b0 (mod64- b0 (mod64+ b1 k1)) - b1 (mod64- b1 k2)) - - (setf b7 (ror64 (logxor b7 b12) 20) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 37) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 31) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 23) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 52) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 35) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 48) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b15 b0) 9) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 25) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 44) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 42) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 19) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 46) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 47) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 44) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 31) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 41) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 42) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 53) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 4) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 51) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 56) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 34) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 16) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 30) - b14 (mod64- b14 (mod64+ b15 (mod64+ k14 t0))) - b15 (mod64- b15 (mod64+ k15 17))) - (setf b13 (ror64 (logxor b13 b12) 44) - b12 (mod64- b12 (mod64+ b13 k12)) - b13 (mod64- b13 (mod64+ k13 t2))) - (setf b11 (ror64 (logxor b11 b10) 47) - b10 (mod64- b10 (mod64+ b11 k10)) - b11 (mod64- b11 k11)) - (setf b9 (ror64 (logxor b9 b8) 12) - b8 (mod64- b8 (mod64+ b9 k8)) - b9 (mod64- b9 k9)) - (setf b7 (ror64 (logxor b7 b6) 31) - b6 (mod64- b6 (mod64+ b7 k6)) - b7 (mod64- b7 k7)) - (setf b5 (ror64 (logxor b5 b4) 37) - b4 (mod64- b4 (mod64+ b5 k4)) - b5 (mod64- b5 k5)) - (setf b3 (ror64 (logxor b3 b2) 9) - b2 (mod64- b2 (mod64+ b3 k2)) - b3 (mod64- b3 k3)) - (setf b1 (ror64 (logxor b1 b0) 41) - b0 (mod64- b0 (mod64+ b1 k0)) - b1 (mod64- b1 k1)) - (setf b7 (ror64 (logxor b7 b12) 25) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 16) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 28) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 47) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 41) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 48) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 20) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b0 b15) 5) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 17) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 59) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 41) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 34) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 13) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 51) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 4) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 33) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 52) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 23) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 18) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 49) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 55) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 10) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 19) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 38) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 37) - b14 (mod64- b14 (mod64+ b15 (mod64+ k13 t2))) - b15 (mod64- b15 (mod64+ k14 16))) - (setf b13 (ror64 (logxor b13 b12) 22) - b12 (mod64- b12 (mod64+ b13 k11)) - b13 (mod64- b13 (mod64+ k12 t1))) - (setf b11 (ror64 (logxor b11 b10) 17) - b10 (mod64- b10 (mod64+ b11 k9)) - b11 (mod64- b11 k10)) - (setf b9 (ror64 (logxor b9 b8) 8) - b8 (mod64- b8 (mod64+ b9 k7)) - b9 (mod64- b9 k8)) - (setf b7 (ror64 (logxor b7 b6) 47) - b6 (mod64- b6 (mod64+ b7 k5)) - b7 (mod64- b7 k6)) - (setf b5 (ror64 (logxor b5 b4) 8) - b4 (mod64- b4 (mod64+ b5 k3)) - b5 (mod64- b5 k4)) - (setf b3 (ror64 (logxor b3 b2) 13) - b2 (mod64- b2 (mod64+ b3 k1)) - b3 (mod64- b3 k2)) - (setf b1 (ror64 (logxor b1 b0) 24) - b0 (mod64- b0 (mod64+ b1 k16)) - b1 (mod64- b1 k0)) - - (setf b7 (ror64 (logxor b7 b12) 20) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 37) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 31) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 23) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 52) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 35) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 48) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b15 b0) 9) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 25) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 44) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 42) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 19) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 46) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 47) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 44) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 31) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 41) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 42) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 53) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 4) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 51) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 56) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 34) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 16) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 30) - b14 (mod64- b14 (mod64+ b15 (mod64+ k12 t1))) - b15 (mod64- b15 (mod64+ k13 15))) - (setf b13 (ror64 (logxor b13 b12) 44) - b12 (mod64- b12 (mod64+ b13 k10)) - b13 (mod64- b13 (mod64+ k11 t0))) - (setf b11 (ror64 (logxor b11 b10) 47) - b10 (mod64- b10 (mod64+ b11 k8)) - b11 (mod64- b11 k9)) - (setf b9 (ror64 (logxor b9 b8) 12) - b8 (mod64- b8 (mod64+ b9 k6)) - b9 (mod64- b9 k7)) - (setf b7 (ror64 (logxor b7 b6) 31) - b6 (mod64- b6 (mod64+ b7 k4)) - b7 (mod64- b7 k5)) - (setf b5 (ror64 (logxor b5 b4) 37) - b4 (mod64- b4 (mod64+ b5 k2)) - b5 (mod64- b5 k3)) - (setf b3 (ror64 (logxor b3 b2) 9) - b2 (mod64- b2 (mod64+ b3 k0)) - b3 (mod64- b3 k1)) - (setf b1 (ror64 (logxor b1 b0) 41) - b0 (mod64- b0 (mod64+ b1 k15)) - b1 (mod64- b1 k16)) - (setf b7 (ror64 (logxor b7 b12) 25) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 16) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 28) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 47) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 41) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 48) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 20) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b0 b15) 5) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 17) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 59) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 41) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 34) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 13) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 51) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 4) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 33) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 52) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 23) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 18) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 49) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 55) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 10) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 19) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 38) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 37) - b14 (mod64- b14 (mod64+ b15 (mod64+ k11 t0))) - b15 (mod64- b15 (mod64+ k12 14))) - (setf b13 (ror64 (logxor b13 b12) 22) - b12 (mod64- b12 (mod64+ b13 k9)) - b13 (mod64- b13 (mod64+ k10 t2))) - (setf b11 (ror64 (logxor b11 b10) 17) - b10 (mod64- b10 (mod64+ b11 k7)) - b11 (mod64- b11 k8)) - (setf b9 (ror64 (logxor b9 b8) 8) - b8 (mod64- b8 (mod64+ b9 k5)) - b9 (mod64- b9 k6)) - (setf b7 (ror64 (logxor b7 b6) 47) - b6 (mod64- b6 (mod64+ b7 k3)) - b7 (mod64- b7 k4)) - (setf b5 (ror64 (logxor b5 b4) 8) - b4 (mod64- b4 (mod64+ b5 k1)) - b5 (mod64- b5 k2)) - (setf b3 (ror64 (logxor b3 b2) 13) - b2 (mod64- b2 (mod64+ b3 k16)) - b3 (mod64- b3 k0)) - (setf b1 (ror64 (logxor b1 b0) 24) - b0 (mod64- b0 (mod64+ b1 k14)) - b1 (mod64- b1 k15)) - - (setf b7 (ror64 (logxor b7 b12) 20) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 37) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 31) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 23) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 52) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 35) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 48) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b15 b0) 9) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 25) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 44) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 42) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 19) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 46) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 47) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 44) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 31) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 41) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 42) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 53) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 4) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 51) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 56) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 34) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 16) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 30) - b14 (mod64- b14 (mod64+ b15 (mod64+ k10 t2))) - b15 (mod64- b15 (mod64+ k11 13))) - (setf b13 (ror64 (logxor b13 b12) 44) - b12 (mod64- b12 (mod64+ b13 k8)) - b13 (mod64- b13 (mod64+ k9 t1))) - (setf b11 (ror64 (logxor b11 b10) 47) - b10 (mod64- b10 (mod64+ b11 k6)) - b11 (mod64- b11 k7)) - (setf b9 (ror64 (logxor b9 b8) 12) - b8 (mod64- b8 (mod64+ b9 k4)) - b9 (mod64- b9 k5)) - (setf b7 (ror64 (logxor b7 b6) 31) - b6 (mod64- b6 (mod64+ b7 k2)) - b7 (mod64- b7 k3)) - (setf b5 (ror64 (logxor b5 b4) 37) - b4 (mod64- b4 (mod64+ b5 k0)) - b5 (mod64- b5 k1)) - (setf b3 (ror64 (logxor b3 b2) 9) - b2 (mod64- b2 (mod64+ b3 k15)) - b3 (mod64- b3 k16)) - (setf b1 (ror64 (logxor b1 b0) 41) - b0 (mod64- b0 (mod64+ b1 k13)) - b1 (mod64- b1 k14)) - (setf b7 (ror64 (logxor b7 b12) 25) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 16) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 28) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 47) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 41) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 48) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 20) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b0 b15) 5) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 17) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 59) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 41) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 34) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 13) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 51) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 4) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 33) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 52) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 23) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 18) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 49) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 55) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 10) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 19) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 38) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 37) - b14 (mod64- b14 (mod64+ b15 (mod64+ k9 t1))) - b15 (mod64- b15 (mod64+ k10 12))) - (setf b13 (ror64 (logxor b13 b12) 22) - b12 (mod64- b12 (mod64+ b13 k7)) - b13 (mod64- b13 (mod64+ k8 t0))) - (setf b11 (ror64 (logxor b11 b10) 17) - b10 (mod64- b10 (mod64+ b11 k5)) - b11 (mod64- b11 k6)) - (setf b9 (ror64 (logxor b9 b8) 8) - b8 (mod64- b8 (mod64+ b9 k3)) - b9 (mod64- b9 k4)) - (setf b7 (ror64 (logxor b7 b6) 47) - b6 (mod64- b6 (mod64+ b7 k1)) - b7 (mod64- b7 k2)) - (setf b5 (ror64 (logxor b5 b4) 8) - b4 (mod64- b4 (mod64+ b5 k16)) - b5 (mod64- b5 k0)) - (setf b3 (ror64 (logxor b3 b2) 13) - b2 (mod64- b2 (mod64+ b3 k14)) - b3 (mod64- b3 k15)) - (setf b1 (ror64 (logxor b1 b0) 24) - b0 (mod64- b0 (mod64+ b1 k12)) - b1 (mod64- b1 k13)) - - (setf b7 (ror64 (logxor b7 b12) 20) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 37) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 31) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 23) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 52) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 35) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 48) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b15 b0) 9) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 25) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 44) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 42) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 19) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 46) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 47) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 44) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 31) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 41) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 42) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 53) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 4) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 51) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 56) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 34) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 16) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 30) - b14 (mod64- b14 (mod64+ b15 (mod64+ k8 t0))) - b15 (mod64- b15 (mod64+ k9 11))) - (setf b13 (ror64 (logxor b13 b12) 44) - b12 (mod64- b12 (mod64+ b13 k6)) - b13 (mod64- b13 (mod64+ k7 t2))) - (setf b11 (ror64 (logxor b11 b10) 47) - b10 (mod64- b10 (mod64+ b11 k4)) - b11 (mod64- b11 k5)) - (setf b9 (ror64 (logxor b9 b8) 12) - b8 (mod64- b8 (mod64+ b9 k2)) - b9 (mod64- b9 k3)) - (setf b7 (ror64 (logxor b7 b6) 31) - b6 (mod64- b6 (mod64+ b7 k0)) - b7 (mod64- b7 k1)) - (setf b5 (ror64 (logxor b5 b4) 37) - b4 (mod64- b4 (mod64+ b5 k15)) - b5 (mod64- b5 k16)) - (setf b3 (ror64 (logxor b3 b2) 9) - b2 (mod64- b2 (mod64+ b3 k13)) - b3 (mod64- b3 k14)) - (setf b1 (ror64 (logxor b1 b0) 41) - b0 (mod64- b0 (mod64+ b1 k11)) - b1 (mod64- b1 k12)) - (setf b7 (ror64 (logxor b7 b12) 25) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 16) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 28) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 47) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 41) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 48) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 20) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b0 b15) 5) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 17) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 59) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 41) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 34) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 13) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 51) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 4) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 33) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 52) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 23) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 18) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 49) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 55) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 10) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 19) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 38) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 37) - b14 (mod64- b14 (mod64+ b15 (mod64+ k7 t2))) - b15 (mod64- b15 (mod64+ k8 10))) - (setf b13 (ror64 (logxor b13 b12) 22) - b12 (mod64- b12 (mod64+ b13 k5)) - b13 (mod64- b13 (mod64+ k6 t1))) - (setf b11 (ror64 (logxor b11 b10) 17) - b10 (mod64- b10 (mod64+ b11 k3)) - b11 (mod64- b11 k4)) - (setf b9 (ror64 (logxor b9 b8) 8) - b8 (mod64- b8 (mod64+ b9 k1)) - b9 (mod64- b9 k2)) - (setf b7 (ror64 (logxor b7 b6) 47) - b6 (mod64- b6 (mod64+ b7 k16)) - b7 (mod64- b7 k0)) - (setf b5 (ror64 (logxor b5 b4) 8) - b4 (mod64- b4 (mod64+ b5 k14)) - b5 (mod64- b5 k15)) - (setf b3 (ror64 (logxor b3 b2) 13) - b2 (mod64- b2 (mod64+ b3 k12)) - b3 (mod64- b3 k13)) - (setf b1 (ror64 (logxor b1 b0) 24) - b0 (mod64- b0 (mod64+ b1 k10)) - b1 (mod64- b1 k11)) - - (setf b7 (ror64 (logxor b7 b12) 20) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 37) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 31) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 23) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 52) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 35) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 48) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b15 b0) 9) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 25) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 44) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 42) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 19) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 46) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 47) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 44) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 31) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 41) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 42) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 53) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 4) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 51) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 56) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 34) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 16) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 30) - b14 (mod64- b14 (mod64+ b15 (mod64+ k6 t1))) - b15 (mod64- b15 (mod64+ k7 9))) - (setf b13 (ror64 (logxor b13 b12) 44) - b12 (mod64- b12 (mod64+ b13 k4)) - b13 (mod64- b13 (mod64+ k5 t0))) - (setf b11 (ror64 (logxor b11 b10) 47) - b10 (mod64- b10 (mod64+ b11 k2)) - b11 (mod64- b11 k3)) - (setf b9 (ror64 (logxor b9 b8) 12) - b8 (mod64- b8 (mod64+ b9 k0)) - b9 (mod64- b9 k1)) - (setf b7 (ror64 (logxor b7 b6) 31) - b6 (mod64- b6 (mod64+ b7 k15)) - b7 (mod64- b7 k16)) - (setf b5 (ror64 (logxor b5 b4) 37) - b4 (mod64- b4 (mod64+ b5 k13)) - b5 (mod64- b5 k14)) - (setf b3 (ror64 (logxor b3 b2) 9) - b2 (mod64- b2 (mod64+ b3 k11)) - b3 (mod64- b3 k12)) - (setf b1 (ror64 (logxor b1 b0) 41) - b0 (mod64- b0 (mod64+ b1 k9)) - b1 (mod64- b1 k10)) - (setf b7 (ror64 (logxor b7 b12) 25) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 16) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 28) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 47) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 41) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 48) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 20) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b0 b15) 5) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 17) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 59) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 41) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 34) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 13) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 51) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 4) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 33) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 52) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 23) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 18) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 49) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 55) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 10) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 19) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 38) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 37) - b14 (mod64- b14 (mod64+ b15 (mod64+ k5 t0))) - b15 (mod64- b15 (mod64+ k6 8))) - (setf b13 (ror64 (logxor b13 b12) 22) - b12 (mod64- b12 (mod64+ b13 k3)) - b13 (mod64- b13 (mod64+ k4 t2))) - (setf b11 (ror64 (logxor b11 b10) 17) - b10 (mod64- b10 (mod64+ b11 k1)) - b11 (mod64- b11 k2)) - (setf b9 (ror64 (logxor b9 b8) 8) - b8 (mod64- b8 (mod64+ b9 k16)) - b9 (mod64- b9 k0)) - (setf b7 (ror64 (logxor b7 b6) 47) - b6 (mod64- b6 (mod64+ b7 k14)) - b7 (mod64- b7 k15)) - (setf b5 (ror64 (logxor b5 b4) 8) - b4 (mod64- b4 (mod64+ b5 k12)) - b5 (mod64- b5 k13)) - (setf b3 (ror64 (logxor b3 b2) 13) - b2 (mod64- b2 (mod64+ b3 k10)) - b3 (mod64- b3 k11)) - (setf b1 (ror64 (logxor b1 b0) 24) - b0 (mod64- b0 (mod64+ b1 k8)) - b1 (mod64- b1 k9)) - - (setf b7 (ror64 (logxor b7 b12) 20) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 37) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 31) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 23) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 52) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 35) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 48) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b15 b0) 9) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 25) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 44) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 42) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 19) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 46) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 47) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 44) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 31) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 41) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 42) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 53) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 4) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 51) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 56) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 34) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 16) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 30) - b14 (mod64- b14 (mod64+ b15 (mod64+ k4 t2))) - b15 (mod64- b15 (mod64+ k5 7))) - (setf b13 (ror64 (logxor b13 b12) 44) - b12 (mod64- b12 (mod64+ b13 k2)) - b13 (mod64- b13 (mod64+ k3 t1))) - (setf b11 (ror64 (logxor b11 b10) 47) - b10 (mod64- b10 (mod64+ b11 k0)) - b11 (mod64- b11 k1)) - (setf b9 (ror64 (logxor b9 b8) 12) - b8 (mod64- b8 (mod64+ b9 k15)) - b9 (mod64- b9 k16)) - (setf b7 (ror64 (logxor b7 b6) 31) - b6 (mod64- b6 (mod64+ b7 k13)) - b7 (mod64- b7 k14)) - (setf b5 (ror64 (logxor b5 b4) 37) - b4 (mod64- b4 (mod64+ b5 k11)) - b5 (mod64- b5 k12)) - (setf b3 (ror64 (logxor b3 b2) 9) - b2 (mod64- b2 (mod64+ b3 k9)) - b3 (mod64- b3 k10)) - (setf b1 (ror64 (logxor b1 b0) 41) - b0 (mod64- b0 (mod64+ b1 k7)) - b1 (mod64- b1 k8)) - (setf b7 (ror64 (logxor b7 b12) 25) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 16) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 28) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 47) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 41) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 48) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 20) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b0 b15) 5) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 17) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 59) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 41) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 34) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 13) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 51) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 4) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 33) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 52) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 23) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 18) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 49) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 55) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 10) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 19) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 38) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 37) - b14 (mod64- b14 (mod64+ b15 (mod64+ k3 t1))) - b15 (mod64- b15 (mod64+ k4 6))) - (setf b13 (ror64 (logxor b13 b12) 22) - b12 (mod64- b12 (mod64+ b13 k1)) - b13 (mod64- b13 (mod64+ k2 t0))) - (setf b11 (ror64 (logxor b11 b10) 17) - b10 (mod64- b10 (mod64+ b11 k16)) - b11 (mod64- b11 k0)) - (setf b9 (ror64 (logxor b9 b8) 8) - b8 (mod64- b8 (mod64+ b9 k14)) - b9 (mod64- b9 k15)) - (setf b7 (ror64 (logxor b7 b6) 47) - b6 (mod64- b6 (mod64+ b7 k12)) - b7 (mod64- b7 k13)) - (setf b5 (ror64 (logxor b5 b4) 8) - b4 (mod64- b4 (mod64+ b5 k10)) - b5 (mod64- b5 k11)) - (setf b3 (ror64 (logxor b3 b2) 13) - b2 (mod64- b2 (mod64+ b3 k8)) - b3 (mod64- b3 k9)) - (setf b1 (ror64 (logxor b1 b0) 24) - b0 (mod64- b0 (mod64+ b1 k6)) - b1 (mod64- b1 k7)) - - (setf b7 (ror64 (logxor b7 b12) 20) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 37) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 31) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 23) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 52) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 35) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 48) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b15 b0) 9) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 25) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 44) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 42) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 19) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 46) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 47) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 44) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 31) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 41) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 42) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 53) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 4) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 51) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 56) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 34) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 16) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 30) - b14 (mod64- b14 (mod64+ b15 (mod64+ k2 t0))) - b15 (mod64- b15 (mod64+ k3 5))) - (setf b13 (ror64 (logxor b13 b12) 44) - b12 (mod64- b12 (mod64+ b13 k0)) - b13 (mod64- b13 (mod64+ k1 t2))) - (setf b11 (ror64 (logxor b11 b10) 47) - b10 (mod64- b10 (mod64+ b11 k15)) - b11 (mod64- b11 k16)) - (setf b9 (ror64 (logxor b9 b8) 12) - b8 (mod64- b8 (mod64+ b9 k13)) - b9 (mod64- b9 k14)) - (setf b7 (ror64 (logxor b7 b6) 31) - b6 (mod64- b6 (mod64+ b7 k11)) - b7 (mod64- b7 k12)) - (setf b5 (ror64 (logxor b5 b4) 37) - b4 (mod64- b4 (mod64+ b5 k9)) - b5 (mod64- b5 k10)) - (setf b3 (ror64 (logxor b3 b2) 9) - b2 (mod64- b2 (mod64+ b3 k7)) - b3 (mod64- b3 k8)) - (setf b1 (ror64 (logxor b1 b0) 41) - b0 (mod64- b0 (mod64+ b1 k5)) - b1 (mod64- b1 k6)) - (setf b7 (ror64 (logxor b7 b12) 25) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 16) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 28) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 47) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 41) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 48) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 20) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b0 b15) 5) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 17) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 59) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 41) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 34) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 13) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 51) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 4) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 33) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 52) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 23) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 18) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 49) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 55) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 10) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 19) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 38) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 37) - b14 (mod64- b14 (mod64+ b15 (mod64+ k1 t2))) - b15 (mod64- b15 (mod64+ k2 4))) - (setf b13 (ror64 (logxor b13 b12) 22) - b12 (mod64- b12 (mod64+ b13 k16)) - b13 (mod64- b13 (mod64+ k0 t1))) - (setf b11 (ror64 (logxor b11 b10) 17) - b10 (mod64- b10 (mod64+ b11 k14)) - b11 (mod64- b11 k15)) - (setf b9 (ror64 (logxor b9 b8) 8) - b8 (mod64- b8 (mod64+ b9 k12)) - b9 (mod64- b9 k13)) - (setf b7 (ror64 (logxor b7 b6) 47) - b6 (mod64- b6 (mod64+ b7 k10)) - b7 (mod64- b7 k11)) - (setf b5 (ror64 (logxor b5 b4) 8) - b4 (mod64- b4 (mod64+ b5 k8)) - b5 (mod64- b5 k9)) - (setf b3 (ror64 (logxor b3 b2) 13) - b2 (mod64- b2 (mod64+ b3 k6)) - b3 (mod64- b3 k7)) - (setf b1 (ror64 (logxor b1 b0) 24) - b0 (mod64- b0 (mod64+ b1 k4)) - b1 (mod64- b1 k5)) - - (setf b7 (ror64 (logxor b7 b12) 20) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 37) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 31) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 23) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 52) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 35) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 48) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b15 b0) 9) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 25) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 44) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 42) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 19) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 46) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 47) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 44) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 31) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 41) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 42) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 53) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 4) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 51) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 56) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 34) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 16) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 30) - b14 (mod64- b14 (mod64+ b15 (mod64+ k0 t1))) - b15 (mod64- b15 (mod64+ k1 3))) - (setf b13 (ror64 (logxor b13 b12) 44) - b12 (mod64- b12 (mod64+ b13 k15)) - b13 (mod64- b13 (mod64+ k16 t0))) - (setf b11 (ror64 (logxor b11 b10) 47) - b10 (mod64- b10 (mod64+ b11 k13)) - b11 (mod64- b11 k14)) - (setf b9 (ror64 (logxor b9 b8) 12) - b8 (mod64- b8 (mod64+ b9 k11)) - b9 (mod64- b9 k12)) - (setf b7 (ror64 (logxor b7 b6) 31) - b6 (mod64- b6 (mod64+ b7 k9)) - b7 (mod64- b7 k10)) - (setf b5 (ror64 (logxor b5 b4) 37) - b4 (mod64- b4 (mod64+ b5 k7)) - b5 (mod64- b5 k8)) - (setf b3 (ror64 (logxor b3 b2) 9) - b2 (mod64- b2 (mod64+ b3 k5)) - b3 (mod64- b3 k6)) - (setf b1 (ror64 (logxor b1 b0) 41) - b0 (mod64- b0 (mod64+ b1 k3)) - b1 (mod64- b1 k4)) - (setf b7 (ror64 (logxor b7 b12) 25) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 16) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 28) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 47) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 41) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 48) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 20) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b0 b15) 5) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 17) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 59) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 41) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 34) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 13) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 51) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 4) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 33) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 52) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 23) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 18) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 49) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 55) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 10) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 19) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 38) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 37) - b14 (mod64- b14 (mod64+ b15 (mod64+ k16 t0))) - b15 (mod64- b15 (mod64+ k0 2))) - (setf b13 (ror64 (logxor b13 b12) 22) - b12 (mod64- b12 (mod64+ b13 k14)) - b13 (mod64- b13 (mod64+ k15 t2))) - (setf b11 (ror64 (logxor b11 b10) 17) - b10 (mod64- b10 (mod64+ b11 k12)) - b11 (mod64- b11 k13)) - (setf b9 (ror64 (logxor b9 b8) 8) - b8 (mod64- b8 (mod64+ b9 k10)) - b9 (mod64- b9 k11)) - (setf b7 (ror64 (logxor b7 b6) 47) - b6 (mod64- b6 (mod64+ b7 k8)) - b7 (mod64- b7 k9)) - (setf b5 (ror64 (logxor b5 b4) 8) - b4 (mod64- b4 (mod64+ b5 k6)) - b5 (mod64- b5 k7)) - (setf b3 (ror64 (logxor b3 b2) 13) - b2 (mod64- b2 (mod64+ b3 k4)) - b3 (mod64- b3 k5)) - (setf b1 (ror64 (logxor b1 b0) 24) - b0 (mod64- b0 (mod64+ b1 k2)) - b1 (mod64- b1 k3)) - - (setf b7 (ror64 (logxor b7 b12) 20) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 37) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 31) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 23) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 52) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 35) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 48) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b15 b0) 9) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 25) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 44) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 42) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 19) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 46) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 47) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 44) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 31) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 41) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 42) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 53) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 4) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 51) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 56) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 34) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 16) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 30) - b14 (mod64- b14 (mod64+ b15 (mod64+ k15 t2))) - b15 (mod64- b15 (mod64+ k16 1))) - (setf b13 (ror64 (logxor b13 b12) 44) - b12 (mod64- b12 (mod64+ b13 k13)) - b13 (mod64- b13 (mod64+ k14 t1))) - (setf b11 (ror64 (logxor b11 b10) 47) - b10 (mod64- b10 (mod64+ b11 k11)) - b11 (mod64- b11 k12)) - (setf b9 (ror64 (logxor b9 b8) 12) - b8 (mod64- b8 (mod64+ b9 k9)) - b9 (mod64- b9 k10)) - (setf b7 (ror64 (logxor b7 b6) 31) - b6 (mod64- b6 (mod64+ b7 k7)) - b7 (mod64- b7 k8)) - (setf b5 (ror64 (logxor b5 b4) 37) - b4 (mod64- b4 (mod64+ b5 k5)) - b5 (mod64- b5 k6)) - (setf b3 (ror64 (logxor b3 b2) 9) - b2 (mod64- b2 (mod64+ b3 k3)) - b3 (mod64- b3 k4)) - (setf b1 (ror64 (logxor b1 b0) 41) - b0 (mod64- b0 (mod64+ b1 k1)) - b1 (mod64- b1 k2)) - (setf b7 (ror64 (logxor b7 b12) 25) - b12 (mod64- b12 b7)) - (setf b3 (ror64 (logxor b3 b10) 16) - b10 (mod64- b10 b3)) - (setf b5 (ror64 (logxor b5 b8) 28) - b8 (mod64- b8 b5)) - (setf b1 (ror64 (logxor b1 b14) 47) - b14 (mod64- b14 b1)) - (setf b9 (ror64 (logxor b9 b4) 41) - b4 (mod64- b4 b9)) - (setf b13 (ror64 (logxor b13 b6) 48) - b6 (mod64- b6 b13)) - (setf b11 (ror64 (logxor b11 b2) 20) - b2 (mod64- b2 b11)) - (setf b15 (ror64 (logxor b0 b15) 5) - b0 (mod64- b0 b15)) - (setf b9 (ror64 (logxor b9 b10) 17) - b10 (mod64- b10 b9)) - (setf b11 (ror64 (logxor b11 b8) 59) - b8 (mod64- b8 b11)) - (setf b13 (ror64 (logxor b13 b14) 41) - b14 (mod64- b14 b13)) - (setf b15 (ror64 (logxor b15 b12) 34) - b12 (mod64- b12 b15)) - (setf b1 (ror64 (logxor b1 b6) 13) - b6 (mod64- b6 b1)) - (setf b3 (ror64 (logxor b3 b4) 51) - b4 (mod64- b4 b3)) - (setf b5 (ror64 (logxor b5 b2) 4) - b2 (mod64- b2 b5)) - (setf b7 (ror64 (logxor b7 b0) 33) - b0 (mod64- b0 b7)) - (setf b1 (ror64 (logxor b1 b8) 52) - b8 (mod64- b8 b1)) - (setf b5 (ror64 (logxor b5 b14) 23) - b14 (mod64- b14 b5)) - (setf b3 (ror64 (logxor b3 b12) 18) - b12 (mod64- b12 b3)) - (setf b7 (ror64 (logxor b7 b10) 49) - b10 (mod64- b10 b7)) - (setf b15 (ror64 (logxor b15 b4) 55) - b4 (mod64- b4 b15)) - (setf b11 (ror64 (logxor b11 b6) 10) - b6 (mod64- b6 b11)) - (setf b13 (ror64 (logxor b13 b2) 19) - b2 (mod64- b2 b13)) - (setf b9 (ror64 (logxor b9 b0) 38) - b0 (mod64- b0 b9)) - (setf b15 (ror64 (logxor b15 b14) 37) - b14 (mod64- b14 (mod64+ b15 (mod64+ k14 t1))) - b15 (mod64- b15 k15)) - (setf b13 (ror64 (logxor b13 b12) 22) - b12 (mod64- b12 (mod64+ b13 k12)) - b13 (mod64- b13 (mod64+ k13 t0))) - (setf b11 (ror64 (logxor b11 b10) 17) - b10 (mod64- b10 (mod64+ b11 k10)) - b11 (mod64- b11 k11)) - (setf b9 (ror64 (logxor b9 b8) 8) - b8 (mod64- b8 (mod64+ b9 k8)) - b9 (mod64- b9 k9)) - (setf b7 (ror64 (logxor b7 b6) 47) - b6 (mod64- b6 (mod64+ b7 k6)) - b7 (mod64- b7 k7)) - (setf b5 (ror64 (logxor b5 b4) 8) - b4 (mod64- b4 (mod64+ b5 k4)) - b5 (mod64- b5 k5)) - (setf b3 (ror64 (logxor b3 b2) 13) - b2 (mod64- b2 (mod64+ b3 k2)) - b3 (mod64- b3 k3)) - (setf b1 (ror64 (logxor b1 b0) 24) - b0 (mod64- b0 (mod64+ b1 k0)) - b1 (mod64- b1 k1)) - + (macrolet ((arx (x0 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 x14 x15 x16 x17 x18 + x19 x20 x21 x22 x23 x24 x25 x26 x27 x28 x29 x30 x31 x32 x33 x34 x35 x36 x37) + `(setf b7 (ror64 (logxor b7 b12) 20) + b12 (mod64- b12 b7) + b3 (ror64 (logxor b3 b10) 37) + b10 (mod64- b10 b3) + b5 (ror64 (logxor b5 b8) 31) + b8 (mod64- b8 b5) + b1 (ror64 (logxor b1 b14) 23) + b14 (mod64- b14 b1) + b9 (ror64 (logxor b9 b4) 52) + b4 (mod64- b4 b9) + b13 (ror64 (logxor b13 b6) 35) + b6 (mod64- b6 b13) + b11 (ror64 (logxor b11 b2) 48) + b2 (mod64- b2 b11) + b15 (ror64 (logxor b15 b0) 9) + b0 (mod64- b0 b15) + b9 (ror64 (logxor b9 b10) 25) + b10 (mod64- b10 b9) + b11 (ror64 (logxor b11 b8) 44) + b8 (mod64- b8 b11) + b13 (ror64 (logxor b13 b14) 42) + b14 (mod64- b14 b13) + b15 (ror64 (logxor b15 b12) 19) + b12 (mod64- b12 b15) + b1 (ror64 (logxor b1 b6) 46) + b6 (mod64- b6 b1) + b3 (ror64 (logxor b3 b4) 47) + b4 (mod64- b4 b3) + b5 (ror64 (logxor b5 b2) 44) + b2 (mod64- b2 b5) + b7 (ror64 (logxor b7 b0) 31) + b0 (mod64- b0 b7) + b1 (ror64 (logxor b1 b8) 41) + b8 (mod64- b8 b1) + b5 (ror64 (logxor b5 b14) 42) + b14 (mod64- b14 b5) + b3 (ror64 (logxor b3 b12) 53) + b12 (mod64- b12 b3) + b7 (ror64 (logxor b7 b10) 4) + b10 (mod64- b10 b7) + b15 (ror64 (logxor b15 b4) 51) + b4 (mod64- b4 b15) + b11 (ror64 (logxor b11 b6) 56) + b6 (mod64- b6 b11) + b13 (ror64 (logxor b13 b2) 34) + b2 (mod64- b2 b13) + b9 (ror64 (logxor b9 b0) 16) + b0 (mod64- b0 b9) + b15 (ror64 (logxor b15 b14) 30) + b14 (mod64- b14 (mod64+ b15 (mod64+ ,x0 ,x1))) + b15 (mod64- b15 (mod64+ ,x2 ,x3)) + b13 (ror64 (logxor b13 b12) 44) + b12 (mod64- b12 (mod64+ b13 ,x4)) + b13 (mod64- b13 (mod64+ ,x5 ,x6)) + b11 (ror64 (logxor b11 b10) 47) + b10 (mod64- b10 (mod64+ b11 ,x7)) + b11 (mod64- b11 ,x8) + b9 (ror64 (logxor b9 b8) 12) + b8 (mod64- b8 (mod64+ b9 ,x9)) + b9 (mod64- b9 ,x10) + b7 (ror64 (logxor b7 b6) 31) + b6 (mod64- b6 (mod64+ b7 ,x11)) + b7 (mod64- b7 ,x12) + b5 (ror64 (logxor b5 b4) 37) + b4 (mod64- b4 (mod64+ b5 ,x13)) + b5 (mod64- b5 ,x14) + b3 (ror64 (logxor b3 b2) 9) + b2 (mod64- b2 (mod64+ b3 ,x15)) + b3 (mod64- b3 ,x16) + b1 (ror64 (logxor b1 b0) 41) + b0 (mod64- b0 (mod64+ b1 ,x17)) + b1 (mod64- b1 ,x18) + b7 (ror64 (logxor b7 b12) 25) + b12 (mod64- b12 b7) + b3 (ror64 (logxor b3 b10) 16) + b10 (mod64- b10 b3) + b5 (ror64 (logxor b5 b8) 28) + b8 (mod64- b8 b5) + b1 (ror64 (logxor b1 b14) 47) + b14 (mod64- b14 b1) + b9 (ror64 (logxor b9 b4) 41) + b4 (mod64- b4 b9) + b13 (ror64 (logxor b13 b6) 48) + b6 (mod64- b6 b13) + b11 (ror64 (logxor b11 b2) 20) + b2 (mod64- b2 b11) + b15 (ror64 (logxor b0 b15) 5) + b0 (mod64- b0 b15) + b9 (ror64 (logxor b9 b10) 17) + b10 (mod64- b10 b9) + b11 (ror64 (logxor b11 b8) 59) + b8 (mod64- b8 b11) + b13 (ror64 (logxor b13 b14) 41) + b14 (mod64- b14 b13) + b15 (ror64 (logxor b15 b12) 34) + b12 (mod64- b12 b15) + b1 (ror64 (logxor b1 b6) 13) + b6 (mod64- b6 b1) + b3 (ror64 (logxor b3 b4) 51) + b4 (mod64- b4 b3) + b5 (ror64 (logxor b5 b2) 4) + b2 (mod64- b2 b5) + b7 (ror64 (logxor b7 b0) 33) + b0 (mod64- b0 b7) + b1 (ror64 (logxor b1 b8) 52) + b8 (mod64- b8 b1) + b5 (ror64 (logxor b5 b14) 23) + b14 (mod64- b14 b5) + b3 (ror64 (logxor b3 b12) 18) + b12 (mod64- b12 b3) + b7 (ror64 (logxor b7 b10) 49) + b10 (mod64- b10 b7) + b15 (ror64 (logxor b15 b4) 55) + b4 (mod64- b4 b15) + b11 (ror64 (logxor b11 b6) 10) + b6 (mod64- b6 b11) + b13 (ror64 (logxor b13 b2) 19) + b2 (mod64- b2 b13) + b9 (ror64 (logxor b9 b0) 38) + b0 (mod64- b0 b9) + b15 (ror64 (logxor b15 b14) 37) + b14 (mod64- b14 (mod64+ b15 (mod64+ ,x19 ,x20))) + b15 (mod64- b15 (mod64+ ,x21 ,x22)) + b13 (ror64 (logxor b13 b12) 22) + b12 (mod64- b12 (mod64+ b13 ,x23)) + b13 (mod64- b13 (mod64+ ,x24 ,x25)) + b11 (ror64 (logxor b11 b10) 17) + b10 (mod64- b10 (mod64+ b11 ,x26)) + b11 (mod64- b11 ,x27) + b9 (ror64 (logxor b9 b8) 8) + b8 (mod64- b8 (mod64+ b9 ,x28)) + b9 (mod64- b9 ,x29) + b7 (ror64 (logxor b7 b6) 47) + b6 (mod64- b6 (mod64+ b7 ,x30)) + b7 (mod64- b7 ,x31) + b5 (ror64 (logxor b5 b4) 8) + b4 (mod64- b4 (mod64+ b5 ,x32)) + b5 (mod64- b5 ,x33) + b3 (ror64 (logxor b3 b2) 13) + b2 (mod64- b2 (mod64+ b3 ,x34)) + b3 (mod64- b3 ,x35) + b1 (ror64 (logxor b1 b0) 24) + b0 (mod64- b0 (mod64+ b1 ,x36)) + b1 (mod64- b1 ,x37)))) + (arx k16 t2 k0 19 k14 k15 t1 k12 k13 k10 k11 k8 k9 k6 k7 k4 k5 k2 k3 + k15 t1 k16 18 k13 k14 t0 k11 k12 k9 k10 k7 k8 k5 k6 k3 k4 k1 k2) + (arx k14 t0 k15 17 k12 k13 t2 k10 k11 k8 k9 k6 k7 k4 k5 k2 k3 k0 k1 + k13 t2 k14 16 k11 k12 t1 k9 k10 k7 k8 k5 k6 k3 k4 k1 k2 k16 k0) + (arx k12 t1 k13 15 k10 k11 t0 k8 k9 k6 k7 k4 k5 k2 k3 k0 k1 k15 k16 + k11 t0 k12 14 k9 k10 t2 k7 k8 k5 k6 k3 k4 k1 k2 k16 k0 k14 k15) + (arx k10 t2 k11 13 k8 k9 t1 k6 k7 k4 k5 k2 k3 k0 k1 k15 k16 k13 k14 + k9 t1 k10 12 k7 k8 t0 k5 k6 k3 k4 k1 k2 k16 k0 k14 k15 k12 k13) + (arx k8 t0 k9 11 k6 k7 t2 k4 k5 k2 k3 k0 k1 k15 k16 k13 k14 k11 k12 + k7 t2 k8 10 k5 k6 t1 k3 k4 k1 k2 k16 k0 k14 k15 k12 k13 k10 k11) + (arx k6 t1 k7 9 k4 k5 t0 k2 k3 k0 k1 k15 k16 k13 k14 k11 k12 k9 k10 + k5 t0 k6 8 k3 k4 t2 k1 k2 k16 k0 k14 k15 k12 k13 k10 k11 k8 k9) + (arx k4 t2 k5 7 k2 k3 t1 k0 k1 k15 k16 k13 k14 k11 k12 k9 k10 k7 k8 + k3 t1 k4 6 k1 k2 t0 k16 k0 k14 k15 k12 k13 k10 k11 k8 k9 k6 k7) + (arx k2 t0 k3 5 k0 k1 t2 k15 k16 k13 k14 k11 k12 k9 k10 k7 k8 k5 k6 + k1 t2 k2 4 k16 k0 t1 k14 k15 k12 k13 k10 k11 k8 k9 k6 k7 k4 k5) + (arx k0 t1 k1 3 k15 k16 t0 k13 k14 k11 k12 k9 k10 k7 k8 k5 k6 k3 k4 + k16 t0 k0 2 k14 k15 t2 k12 k13 k10 k11 k8 k9 k6 k7 k4 k5 k2 k3) + (arx k15 t2 k16 1 k13 k14 t1 k11 k12 k9 k10 k7 k8 k5 k6 k3 k4 k1 k2 + k14 t1 k15 0 k12 k13 t0 k10 k11 k8 k9 k6 k7 k4 k5 k2 k3 k0 k1)) (store-words plaintext plaintext-start b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 b10 b11 b12 b13 b14 b15) (values)))) diff -Nru cl-ironclad-0.43/src/common.lisp cl-ironclad-0.45/src/common.lisp --- cl-ironclad-0.43/src/common.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/common.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -72,19 +72,27 @@ (declaim #+ironclad-fast-mod32-arithmetic (inline mod32+) (ftype (function ((unsigned-byte 32) (unsigned-byte 32)) (unsigned-byte 32)) mod32+)) + +#-(or (and ccl x86-64 ironclad-assembly) + (and ecl ironclad-assembly)) +(defun mod32+ (a b) + (declare (type (unsigned-byte 32) a b)) + (ldb (byte 32 0) (+ a b))) + +#+(and ccl x86-64 ironclad-assembly) +(defun mod32+ (a b) + (declare (type (unsigned-byte 32) a b)) + (ccl::mod32+ a b)) + +#+(and ecl ironclad-assembly) (defun mod32+ (a b) (declare (type (unsigned-byte 32) a b)) - #+ecl (ffi:c-inline (a b) (:uint32-t :uint32-t) :uint32-t "#0 + #1" :one-liner t - :side-effects nil) - #+(and ccl x86-64) - (ccl::mod32+ a b) - #-(or ecl (and ccl x86-64)) - (ldb (byte 32 0) (+ a b))) + :side-effects nil)) #+cmu (define-compiler-macro mod32+ (a b) @@ -98,19 +106,26 @@ (declaim #+ironclad-fast-mod32-arithmetic (inline mod32-) (ftype (function ((unsigned-byte 32) (unsigned-byte 32)) (unsigned-byte 32)) mod32-)) +#-(or (and ccl x86-64 ironclad-assembly) + (and ecl ironclad-assembly)) +(defun mod32- (a b) + (declare (type (unsigned-byte 32) a b)) + (ldb (byte 32 0) (- a b))) + +#+(and ccl x86-64 ironclad-assembly) +(defun mod32- (a b) + (declare (type (unsigned-byte 32) a b)) + (ccl::mod32- a b)) + +#+(and ecl ironclad-assembly) (defun mod32- (a b) (declare (type (unsigned-byte 32) a b)) - #+ecl (ffi:c-inline (a b) (:uint32-t :uint32-t) :uint32-t "#0 - #1" :one-liner t - :side-effects nil) - #+(and ccl x86-64) - (ccl::mod32- a b) - #-(or ecl (and ccl x86-64)) - (ldb (byte 32 0) (- a b))) + :side-effects nil)) #+cmu (define-compiler-macro mod32- (a b) @@ -124,19 +139,26 @@ (declaim #+ironclad-fast-mod32-arithmetic (inline mod32*) (ftype (function ((unsigned-byte 32) (unsigned-byte 32)) (unsigned-byte 32)) mod32*)) +#-(or (and ccl x86-64 ironclad-assembly) + (and ecl ironclad-assembly)) +(defun mod32* (a b) + (declare (type (unsigned-byte 32) a b)) + (ldb (byte 32 0) (* a b))) + +#+(and ccl x86-64 ironclad-assembly) +(defun mod32* (a b) + (declare (type (unsigned-byte 32) a b)) + (ccl::mod32* a b)) + +#+(and ecl ironclad-assembly) (defun mod32* (a b) (declare (type (unsigned-byte 32) a b)) - #+ecl (ffi:c-inline (a b) (:uint32-t :uint32-t) :uint32-t "#0 * #1" :one-liner t - :side-effects nil) - #+(and ccl x86-64) - (ccl::mod32* a b) - #-(or ecl (and ccl x86-64)) - (ldb (byte 32 0) (* a b))) + :side-effects nil)) #+cmu (define-compiler-macro mod32* (a b) @@ -149,20 +171,29 @@ (declaim #+ironclad-fast-mod32-arithmetic (inline mod32ash) (ftype (function ((unsigned-byte 32) (integer -31 31)) (unsigned-byte 32)) mod32ash)) +#-(or (and ccl x86-64 ironclad-assembly) + (and ecl ironclad-assembly)) +(defun mod32ash (num count) + (declare (type (unsigned-byte 32) num) + (type (integer -31 31) count)) + (ldb (byte 32 0) (ash num count))) + +#+(and ccl x86-64 ironclad-assembly) +(defun mod32ash (num count) + (declare (type (unsigned-byte 32) num) + (type (integer -31 31) count)) + (ccl::mod32ash num count)) + +#+(and ecl ironclad-assembly) (defun mod32ash (num count) (declare (type (unsigned-byte 32) num) (type (integer -31 31) count)) - #+ecl (ffi:c-inline (num count) (:uint32-t :int8-t) :uint32-t "(#1 > 0) ? (#0 << #1) : (#0 >> -#1)" :one-liner t - :side-effects nil) - #+(and ccl x86-64) - (ccl::mod32ash num count) - #-(or ecl (and ccl x86-64)) - (ldb (byte 32 0) (ash num count))) + :side-effects nil)) #+sbcl (define-compiler-macro mod32ash (num count) @@ -173,19 +204,26 @@ (declaim #+ironclad-fast-mod32-arithmetic (inline mod32lognot) (ftype (function ((unsigned-byte 32)) (unsigned-byte 32)) mod32lognot)) +#-(or (and ccl x86-64 ironclad-assembly) + (and ecl ironclad-assembly)) +(defun mod32lognot (num) + (declare (type (unsigned-byte 32) num)) + (ldb (byte 32 0) (lognot num))) + +#+(and ccl x86-64 ironclad-assembly) +(defun mod32lognot (num) + (declare (type (unsigned-byte 32) num)) + (ccl::mod32lognot num)) + +#+(and ecl ironclad-assembly) (defun mod32lognot (num) (declare (type (unsigned-byte 32) num)) - #+ecl (ffi:c-inline (num) (:uint32-t) :uint32-t "~#0" :one-liner t - :side-effects nil) - #+(and ccl x86-64) - (ccl::mod32lognot num) - #-(or ecl (and ccl x86-64)) - (ldb (byte 32 0) (lognot num))) + :side-effects nil)) #+sbcl (define-compiler-macro mod32lognot (num) @@ -194,94 +232,150 @@ (declaim #+ironclad-fast-mod32-arithmetic (inline rol32 ror32) (ftype (function ((unsigned-byte 32) (unsigned-byte 5)) (unsigned-byte 32)) rol32 ror32)) +#-(or (and ccl x86-64 ironclad-assembly) + cmu + (and ecl ironclad-assembly) + sbcl) (defun rol32 (a s) - (declare (type (unsigned-byte 32) a) (type (integer 0 32) s)) - #+(and ccl x86-64) - (ccl::rol32 a s) - #+cmu + (declare (type (unsigned-byte 32) a) + (type (integer 0 32) s)) + (logior (ldb (byte 32 0) (ash a s)) (ash a (- s 32)))) + +#+(and ccl x86-64 ironclad-assembly) +(defun rol32 (a s) + (declare (type (unsigned-byte 32) a) + (type (integer 0 32) s)) + (ccl::rol32 a s)) + +#+cmu +(defun rol32 (a s) + (declare (type (unsigned-byte 32) a) + (type (integer 0 32) s)) (kernel:32bit-logical-or #+little-endian (kernel:shift-towards-end a s) #+big-endian (kernel:shift-towards-start a s) - (ash a (- s 32))) - #+ecl + (ash a (- s 32)))) + +#+(and ecl ironclad-assembly) +(defun rol32 (a s) + (declare (type (unsigned-byte 32) a) + (type (integer 0 32) s)) (ffi:c-inline (a s) (:uint32-t :uint8-t) :uint32-t "(#0 << #1) | (#0 >> (32 - #1))" :one-liner t - :side-effects nil) - #+sbcl - (sb-rotate-byte:rotate-byte s (byte 32 0) a) - #-(or (and ccl x86-64) cmu ecl sbcl) - (logior (ldb (byte 32 0) (ash a s)) (ash a (- s 32)))) + :side-effects nil)) + +#+sbcl +(defun rol32 (a s) + (declare (type (unsigned-byte 32) a) + (type (integer 0 32) s)) + (sb-rotate-byte:rotate-byte s (byte 32 0) a)) + +#-(or (and ccl x86-64 ironclad-assembly) + (and ecl ironclad-assembly) + sbcl) +(defun ror32 (a s) + (declare (type (unsigned-byte 32) a) + (type (integer 0 32) s)) + (rol32 a (- 32 s))) + +#+(and ccl x86-64 ironclad-assembly) +(defun ror32 (a s) + (declare (type (unsigned-byte 32) a) + (type (integer 0 32) s)) + (ccl::ror32 a s)) +#+(and ecl ironclad-assembly) (defun ror32 (a s) - (declare (type (unsigned-byte 32) a) (type (integer 0 32) s)) - #+(and ccl x86-64) - (ccl::ror32 a s) - #+ecl + (declare (type (unsigned-byte 32) a) + (type (integer 0 32) s)) (ffi:c-inline (a s) (:uint32-t :uint8-t) :uint32-t "(#0 << (32 - #1)) | (#0 >> #1)" :one-liner t - :side-effects nil) - #+sbcl - (sb-rotate-byte:rotate-byte (- s) (byte 32 0) a) - #-(or (and ccl x86-64) ecl sbcl) - (rol32 a (- 32 s))) + :side-effects nil)) + +#+sbcl +(defun ror32 (a s) + (declare (type (unsigned-byte 32) a) + (type (integer 0 32) s)) + (sb-rotate-byte:rotate-byte (- s) (byte 32 0) a)) (declaim #+ironclad-fast-mod64-arithmetic (inline mod64+ mod64- mod64*) (ftype (function ((unsigned-byte 64) (unsigned-byte 64)) (unsigned-byte 64)) mod64+)) +#-(or (and ccl x86-64 ironclad-assembly) + (and ecl ironclad-assembly)) +(defun mod64+ (a b) + (declare (type (unsigned-byte 64) a b)) + (ldb (byte 64 0) (+ a b))) + +#+(and ccl x86-64 ironclad-assembly) +(defun mod64+ (a b) + (declare (type (unsigned-byte 64) a b)) + (ccl::mod64+ a b)) + +#+(and ecl ironclad-assembly) (defun mod64+ (a b) (declare (type (unsigned-byte 64) a b)) - #+ecl (ffi:c-inline (a b) (:uint64-t :uint64-t) :uint64-t "#0 + #1" :one-liner t - :side-effects nil) - #+(and ccl ironclad-fast-mod64-arithmetic) - (ccl::mod64+ a b) - #-(or ecl (and ccl ironclad-fast-mod64-arithmetic)) - (ldb (byte 64 0) (+ a b))) + :side-effects nil)) #+sbcl (define-compiler-macro mod64+ (a b) `(ldb (byte 64 0) (+ ,a ,b))) +#-(or (and ccl x86-64 ironclad-assembly) + (and ecl ironclad-assembly)) +(defun mod64- (a b) + (declare (type (unsigned-byte 64) a b)) + (ldb (byte 64 0) (- a b))) + +#+(and ccl x86-64 ironclad-assembly) +(defun mod64- (a b) + (declare (type (unsigned-byte 64) a b)) + (ccl::mod64- a b)) + +#+(and ecl ironclad-assembly) (defun mod64- (a b) (declare (type (unsigned-byte 64) a b)) - #+ecl (ffi:c-inline (a b) (:uint64-t :uint64-t) :uint64-t "#0 - #1" :one-liner t - :side-effects nil) - #+(and ccl ironclad-fast-mod64-arithmetic) - (ccl::mod64- a b) - #-(or ecl (and ccl ironclad-fast-mod64-arithmetic)) - (ldb (byte 64 0) (- a b))) + :side-effects nil)) #+sbcl (define-compiler-macro mod64- (a b) `(ldb (byte 64 0) (- ,a ,b))) +#-(or (and ccl x86-64 ironclad-assembly) + (and ecl ironclad-assembly)) +(defun mod64* (a b) + (declare (type (unsigned-byte 64) a b)) + (ldb (byte 64 0) (* a b))) + +#+(and ccl x86-64 ironclad-assembly) +(defun mod64* (a b) + (declare (type (unsigned-byte 64) a b)) + (ccl::mod64* a b)) + +#+(and ecl ironclad-assembly) (defun mod64* (a b) (declare (type (unsigned-byte 64) a b)) - #+ecl (ffi:c-inline (a b) (:uint64-t :uint64-t) :uint64-t "#0 * #1" :one-liner t - :side-effects nil) - #+(and ccl ironclad-fast-mod64-arithmetic) - (ccl::mod64* a b) - #-(or ecl (and ccl ironclad-fast-mod64-arithmetic)) - (ldb (byte 64 0) (* a b))) + :side-effects nil)) #+sbcl (define-compiler-macro mod64* (a b) @@ -290,20 +384,29 @@ (declaim #+ironclad-fast-mod64-arithmetic (inline mod64ash) (ftype (function ((unsigned-byte 64) (integer -63 63)) (unsigned-byte 64)) mod64ash)) +#-(or (and ccl x86-64 ironclad-assembly) + (and ecl ironclad-assembly)) +(defun mod64ash (num count) + (declare (type (unsigned-byte 64) num) + (type (integer -63 63) count)) + (ldb (byte 64 0) (ash num count))) + +#+(and ccl x86-64 ironclad-assembly) +(defun mod64ash (num count) + (declare (type (unsigned-byte 64) num) + (type (integer -63 63) count)) + (ccl::mod64ash num count)) + +#+(and ecl ironclad-assembly) (defun mod64ash (num count) (declare (type (unsigned-byte 64) num) (type (integer -63 63) count)) - #+ecl (ffi:c-inline (num count) (:uint64-t :int8-t) :uint64-t "(#1 > 0) ? (#0 << #1) : (#0 >> -#1)" :one-liner t - :side-effects nil) - #+(and ccl ironclad-fast-mod64-arithmetic) - (ccl::mod64ash num count) - #-(or ecl (and ccl ironclad-fast-mod64-arithmetic)) - (ldb (byte 64 0) (ash num count))) + :side-effects nil)) #+sbcl (define-compiler-macro mod64ash (num count) @@ -314,19 +417,26 @@ (declaim #+ironclad-fast-mod64-arithmetic (inline mod64lognot) (ftype (function ((unsigned-byte 64)) (unsigned-byte 64)) mod64lognot)) +#-(or (and ccl x86-64 ironclad-assembly) + (and ecl ironclad-assembly)) +(defun mod64lognot (num) + (declare (type (unsigned-byte 64) num)) + (ldb (byte 64 0) (lognot num))) + +#+(and ccl x86-64 ironclad-assembly) +(defun mod64lognot (num) + (declare (type (unsigned-byte 64) num)) + (ccl::mod64lognot num)) + +#+(and ecl ironclad-assembly) (defun mod64lognot (num) (declare (type (unsigned-byte 64) num)) - #+ecl (ffi:c-inline (num) (:uint64-t) :uint64-t "~#0" :one-liner t - :side-effects nil) - #+(and ccl ironclad-fast-mod64-arithmetic) - (ccl::mod64lognot num) - #-(or ecl (and ccl ironclad-fast-mod64-arithmetic)) - (ldb (byte 64 0) (lognot num))) + :side-effects nil)) #+sbcl (define-compiler-macro mod64lognot (num) @@ -335,41 +445,67 @@ (declaim #+ironclad-fast-mod64-arithmetic (inline rol64 ror64) (ftype (function ((unsigned-byte 64) (unsigned-byte 6)) (unsigned-byte 64)) rol64 ror64)) +#-(or (and ccl x86-64 ironclad-assembly) + (and ecl ironclad-assembly) + sbcl) +(defun rol64 (a s) + (declare (type (unsigned-byte 64) a) + (type (integer 0 64) s)) + (logior (ldb (byte 64 0) (ash a s)) (ash a (- s 64)))) + +#+(and ccl x86-64 ironclad-assembly) (defun rol64 (a s) - (declare (type (unsigned-byte 64) a) (type (integer 0 64) s)) - #+ecl + (declare (type (unsigned-byte 64) a) + (type (integer 0 64) s)) + (ccl::rol64 a s)) + +#+(and ecl ironclad-assembly) +(defun rol64 (a s) + (declare (type (unsigned-byte 64) a) + (type (integer 0 64) s)) (ffi:c-inline (a s) (:uint64-t :uint8-t) :uint64-t "(#0 << #1) | (#0 >> (64 - #1))" :one-liner t - :side-effects nil) - #+(and sbcl ironclad-fast-mod64-arithmetic) - (sb-rotate-byte:rotate-byte s (byte 64 0) a) - #+(and ccl ironclad-fast-mod64-arithmetic) - (ccl::rol64 a s) - #-(or ecl - (and sbcl ironclad-fast-mod64-arithmetic) - (and ccl ironclad-fast-mod64-arithmetic)) - (logior (ldb (byte 64 0) (ash a s)) (ash a (- s 64)))) + :side-effects nil)) + +#+sbcl +(defun rol64 (a s) + (declare (type (unsigned-byte 64) a) + (type (integer 0 64) s)) + (sb-rotate-byte:rotate-byte s (byte 64 0) a)) + +#-(or (and ccl x86-64 ironclad-assembly) + (and ecl ironclad-assembly) + sbcl) +(defun ror64 (a s) + (declare (type (unsigned-byte 64) a) + (type (integer 0 64) s)) + (rol64 a (- 64 s))) +#+(and ccl x86-64 ironclad-assembly) (defun ror64 (a s) - (declare (type (unsigned-byte 64) a) (type (integer 0 64) s)) - #+ecl + (declare (type (unsigned-byte 64) a) + (type (integer 0 64) s)) + (ccl::ror64 a s)) + +#+(and ecl ironclad-assembly) +(defun ror64 (a s) + (declare (type (unsigned-byte 64) a) + (type (integer 0 64) s)) (ffi:c-inline (a s) (:uint64-t :uint8-t) :uint64-t "(#0 << (64 - #1)) | (#0 >> #1)" :one-liner t - :side-effects nil) - #+(and sbcl ironclad-fast-mod64-arithmetic) - (sb-rotate-byte:rotate-byte (- s) (byte 64 0) a) - #+(and ccl ironclad-fast-mod64-arithmetic) - (ccl::ror64 a s) - #-(or ecl - (and sbcl ironclad-fast-mod64-arithmetic) - (and ccl ironclad-fast-mod64-arithmetic)) - (rol64 a (- 64 s))) + :side-effects nil)) + +#+sbcl +(defun ror64 (a s) + (declare (type (unsigned-byte 64) a) + (type (integer 0 64) s)) + (sb-rotate-byte:rotate-byte (- s) (byte 64 0) a)) ;;; 64-bit utilities @@ -546,7 +682,7 @@ (incf input-block1-start ,size) (incf input-block2-start ,size) (decf block-length ,size)))) - #+(and sbcl x86-64) + #+(and sbcl x86-64 ironclad-assembly) (xor-bytes 16 (xor128 input-block1 input-block1-start input-block2 input-block2-start output-block output-block-start)) @@ -564,13 +700,13 @@ (define-compiler-macro xor-block (&whole form &environment env block-length input-block1 input-block1-start input-block2 input-block2-start output-block output-block-start) (cond - #+(and sbcl x86-64) + #+(and sbcl x86-64 ironclad-assembly) ((and (constantp block-length env) (= block-length 16)) `(xor128 ,input-block1 ,input-block1-start ,input-block2 ,input-block2-start ,output-block ,output-block-start)) - #+(and sbcl x86-64) + #+(and sbcl x86-64 ironclad-assembly) ((and (constantp block-length env) (zerop (mod block-length 16))) (let ((i (gensym))) @@ -611,7 +747,7 @@ (incf input-block-start ,size) (incf output-block-start ,size) (decf block-length ,size)))) - #+(and sbcl x86-64) + #+(and sbcl x86-64 ironclad-assembly) (copy-bytes 16 (mov128 input-block input-block-start output-block output-block-start)) #+(and sbcl x86-64) @@ -629,12 +765,12 @@ input-block input-block-start output-block output-block-start) (cond - #+(and sbcl x86-64) + #+(and sbcl x86-64 ironclad-assembly) ((and (constantp block-length env) (= block-length 16)) `(mov128 ,input-block ,input-block-start ,output-block ,output-block-start)) - #+(and sbcl x86-64) + #+(and sbcl x86-64 ironclad-assembly) ((and (constantp block-length env) (zerop (mod block-length 16))) (let ((i (gensym))) diff -Nru cl-ironclad-0.43/src/digests/blake2s.lisp cl-ironclad-0.45/src/digests/blake2s.lisp --- cl-ironclad-0.43/src/digests/blake2s.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/digests/blake2s.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -78,10 +78,10 @@ ;; ,vd (ror32 (logxor ,vd ,va) 8) ;; ,vc (mod32+ ,vc ,vd) ;; ,vb (ror32 (logxor ,vb ,vc) 7)))) - #+(and sbcl x86-64) + #+(and sbcl x86-64 ironclad-assembly) `(multiple-value-setq (,va ,vb ,vc ,vd) (fast-blake2s-mixing ,va ,vb ,vc ,vd ,x ,y)) - #-(and sbcl x86-64) + #-(and sbcl x86-64 ironclad-assembly) `(setf ,va (mod32+ (mod32+ ,va ,vb) ,x) ,vd (rol32 (logxor ,vd ,va) 16) ,vc (mod32+ ,vc ,vd) diff -Nru cl-ironclad-0.43/src/digests/kupyna.lisp cl-ironclad-0.45/src/digests/kupyna.lisp --- cl-ironclad-0.43/src/digests/kupyna.lisp 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/src/digests/kupyna.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,374 @@ +;;;; -*- mode: lisp; indent-tabs-mode: nil -*- +;;;; kupyna.lisp -- implementation of the Kupyna hash functions (DSTU 7564:2014) + +(in-package :crypto) + + +;;; +;;; Constants +;;; + +(eval-when (:compile-toplevel :load-toplevel :execute) + (defconst +kupyna-t+ +kalyna-t+)) + +(declaim (type (simple-array (unsigned-byte 64) (8 256)) +kupyna-t+)) + + +;;; +;;; Rounds for 256-bit output +;;; + +(declaim (inline kupyna-g256)) +(defun kupyna-g256 (x y) + (declare (type (simple-array (unsigned-byte 64) (*)) x y) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c) + `(aref +kupyna-t+ ,a (logand (mod64ash (aref x ,b) ,c) #xff)))) + (setf (aref y 0) + (logxor (m 0 0 0) (m 1 7 -8) (m 2 6 -16) (m 3 5 -24) + (m 4 4 -32) (m 5 3 -40) (m 6 2 -48) (m 7 1 -56))) + (setf (aref y 1) + (logxor (m 0 1 0) (m 1 0 -8) (m 2 7 -16) (m 3 6 -24) + (m 4 5 -32) (m 5 4 -40) (m 6 3 -48) (m 7 2 -56))) + (setf (aref y 2) + (logxor (m 0 2 0) (m 1 1 -8) (m 2 0 -16) (m 3 7 -24) + (m 4 6 -32) (m 5 5 -40) (m 6 4 -48) (m 7 3 -56))) + (setf (aref y 3) + (logxor (m 0 3 0) (m 1 2 -8) (m 2 1 -16) (m 3 0 -24) + (m 4 7 -32) (m 5 6 -40) (m 6 5 -48) (m 7 4 -56))) + (setf (aref y 4) + (logxor (m 0 4 0) (m 1 3 -8) (m 2 2 -16) (m 3 1 -24) + (m 4 0 -32) (m 5 7 -40) (m 6 6 -48) (m 7 5 -56))) + (setf (aref y 5) + (logxor (m 0 5 0) (m 1 4 -8) (m 2 3 -16) (m 3 2 -24) + (m 4 1 -32) (m 5 0 -40) (m 6 7 -48) (m 7 6 -56))) + (setf (aref y 6) + (logxor (m 0 6 0) (m 1 5 -8) (m 2 4 -16) (m 3 3 -24) + (m 4 2 -32) (m 5 1 -40) (m 6 0 -48) (m 7 7 -56))) + (setf (aref y 7) + (logxor (m 0 7 0) (m 1 6 -8) (m 2 5 -16) (m 3 4 -24) + (m 4 3 -32) (m 5 2 -40) (m 6 1 -48) (m 7 0 -56)))) + (values)) + +(declaim (inline kupyna-round-p256)) +(defun kupyna-round-p256 (x y n) + (declare (type (simple-array (unsigned-byte 64) (*)) x y) + (type (unsigned-byte 64) n) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (dotimes-unrolled (i 8) + (setf (aref x i) (logxor (aref x i) (mod64ash i 4) n))) + (kupyna-g256 x y) + (values)) + +(declaim (inline kupyna-round-q256)) +(defun kupyna-round-q256 (x y n) + (declare (type (simple-array (unsigned-byte 64) (*)) x y) + (type (unsigned-byte 64) n) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (dotimes-unrolled (i 8) + (setf (aref x i) (mod64+ (aref x i) + (logxor #x00F0F0F0F0F0F0F3 + (mod64ash (logxor (mod64* (- 7 i) #x10) + (logand n #xff)) + 56))))) + (kupyna-g256 x y) + (values)) + +(defun kupyna-output-transform256 (h) + (declare (type (simple-array (unsigned-byte 64) (*)) h) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (let ((t1 (make-array 8 :element-type '(unsigned-byte 64))) + (t2 (make-array 8 :element-type '(unsigned-byte 64)))) + (declare (type (simple-array (unsigned-byte 64) (8)) t1 t2) + (dynamic-extent t1 t2)) + (replace t1 h) + (loop for r from 0 below 10 by 2 do + (kupyna-round-p256 t1 t2 r) + (kupyna-round-p256 t2 t1 (1+ r))) + (dotimes (i 8) + (setf (aref h i) (logxor (aref h i) (aref t1 i))))) + (values)) + +(defun kupyna-transform256 (h m start) + (declare (type (simple-array (unsigned-byte 64) (16)) h) + (type (simple-array (unsigned-byte 8) (*)) m) + (type index start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (let ((ap1 (make-array 8 :element-type '(unsigned-byte 64))) + (aq1 (make-array 8 :element-type '(unsigned-byte 64))) + (ap2 (make-array 8 :element-type '(unsigned-byte 64))) + (aq2 (make-array 8 :element-type '(unsigned-byte 64)))) + (declare (type (simple-array (unsigned-byte 64) (8)) ap1 aq1 ap2 aq2) + (dynamic-extent ap1 aq1 ap2 aq2)) + (dotimes (i 8) + (setf (aref aq1 i) (ub64ref/le m (+ start (* 8 i))) + (aref ap1 i) (logxor (aref h i) (aref aq1 i)))) + (loop for r from 0 below 10 by 2 do + (kupyna-round-p256 ap1 ap2 r) + (kupyna-round-p256 ap2 ap1 (1+ r)) + (kupyna-round-q256 aq1 aq2 r) + (kupyna-round-q256 aq2 aq1 (1+ r))) + (dotimes (i 8) + (setf (aref h i) (logxor (aref h i) (aref ap1 i) (aref aq1 i))))) + (values)) + + +;;; +;;; Rounds for 512-bit output +;;; + +(declaim (inline kupyna-g512)) +(defun kupyna-g512 (x y) + (declare (type (simple-array (unsigned-byte 64) (*)) x y) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (macrolet ((m (a b c) + `(aref +kupyna-t+ ,a (logand (mod64ash (aref x ,b) ,c) #xff)))) + (setf (aref y 0) + (logxor (m 0 0 0) (m 1 15 -8) (m 2 14 -16) (m 3 13 -24) + (m 4 12 -32) (m 5 11 -40) (m 6 10 -48) (m 7 5 -56))) + (setf (aref y 1) + (logxor (m 0 1 0) (m 1 0 -8) (m 2 15 -16) (m 3 14 -24) + (m 4 13 -32) (m 5 12 -40) (m 6 11 -48) (m 7 6 -56))) + (setf (aref y 2) + (logxor (m 0 2 0) (m 1 1 -8) (m 2 0 -16) (m 3 15 -24) + (m 4 14 -32) (m 5 13 -40) (m 6 12 -48) (m 7 7 -56))) + (setf (aref y 3) + (logxor (m 0 3 0) (m 1 2 -8) (m 2 1 -16) (m 3 0 -24) + (m 4 15 -32) (m 5 14 -40) (m 6 13 -48) (m 7 8 -56))) + (setf (aref y 4) + (logxor (m 0 4 0) (m 1 3 -8) (m 2 2 -16) (m 3 1 -24) + (m 4 0 -32) (m 5 15 -40) (m 6 14 -48) (m 7 9 -56))) + (setf (aref y 5) + (logxor (m 0 5 0) (m 1 4 -8) (m 2 3 -16) (m 3 2 -24) + (m 4 1 -32) (m 5 0 -40) (m 6 15 -48) (m 7 10 -56))) + (setf (aref y 6) + (logxor (m 0 6 0) (m 1 5 -8) (m 2 4 -16) (m 3 3 -24) + (m 4 2 -32) (m 5 1 -40) (m 6 0 -48) (m 7 11 -56))) + (setf (aref y 7) + (logxor (m 0 7 0) (m 1 6 -8) (m 2 5 -16) (m 3 4 -24) + (m 4 3 -32) (m 5 2 -40) (m 6 1 -48) (m 7 12 -56))) + (setf (aref y 8) + (logxor (m 0 8 0) (m 1 7 -8) (m 2 6 -16) (m 3 5 -24) + (m 4 4 -32) (m 5 3 -40) (m 6 2 -48) (m 7 13 -56))) + (setf (aref y 9) + (logxor (m 0 9 0) (m 1 8 -8) (m 2 7 -16) (m 3 6 -24) + (m 4 5 -32) (m 5 4 -40) (m 6 3 -48) (m 7 14 -56))) + (setf (aref y 10) + (logxor (m 0 10 0) (m 1 9 -8) (m 2 8 -16) (m 3 7 -24) + (m 4 6 -32) (m 5 5 -40) (m 6 4 -48) (m 7 15 -56))) + (setf (aref y 11) + (logxor (m 0 11 0) (m 1 10 -8) (m 2 9 -16) (m 3 8 -24) + (m 4 7 -32) (m 5 6 -40) (m 6 5 -48) (m 7 0 -56))) + (setf (aref y 12) + (logxor (m 0 12 0) (m 1 11 -8) (m 2 10 -16) (m 3 9 -24) + (m 4 8 -32) (m 5 7 -40) (m 6 6 -48) (m 7 1 -56))) + (setf (aref y 13) + (logxor (m 0 13 0) (m 1 12 -8) (m 2 11 -16) (m 3 10 -24) + (m 4 9 -32) (m 5 8 -40) (m 6 7 -48) (m 7 2 -56))) + (setf (aref y 14) + (logxor (m 0 14 0) (m 1 13 -8) (m 2 12 -16) (m 3 11 -24) + (m 4 10 -32) (m 5 9 -40) (m 6 8 -48) (m 7 3 -56))) + (setf (aref y 15) + (logxor (m 0 15 0) (m 1 14 -8) (m 2 13 -16) (m 3 12 -24) + (m 4 11 -32) (m 5 10 -40) (m 6 9 -48) (m 7 4 -56)))) + (values)) + +(declaim (inline kupyna-round-p512)) +(defun kupyna-round-p512 (x y n) + (declare (type (simple-array (unsigned-byte 64) (*)) x y) + (type (unsigned-byte 64) n) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (dotimes-unrolled (i 16) + (setf (aref x i) (logxor (aref x i) (mod64ash i 4) n))) + (kupyna-g512 x y) + (values)) + +(declaim (inline kupyna-round-q512)) +(defun kupyna-round-q512 (x y n) + (declare (type (simple-array (unsigned-byte 64) (*)) x y) + (type (unsigned-byte 64) n) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (dotimes-unrolled (i 16) + (setf (aref x i) (mod64+ (aref x i) + (logxor #x00F0F0F0F0F0F0F3 + (mod64ash (logxor (mod64* (- 15 i) #x10) + (logand n #xff)) + 56))))) + (kupyna-g512 x y) + (values)) + +(defun kupyna-output-transform512 (h) + (declare (type (simple-array (unsigned-byte 64) (*)) h) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (let ((t1 (make-array 16 :element-type '(unsigned-byte 64))) + (t2 (make-array 16 :element-type '(unsigned-byte 64)))) + (declare (type (simple-array (unsigned-byte 64) (16)) t1 t2) + (dynamic-extent t1 t2)) + (replace t1 h) + (loop for r from 0 below 14 by 2 do + (kupyna-round-p512 t1 t2 r) + (kupyna-round-p512 t2 t1 (1+ r))) + (dotimes (i 16) + (setf (aref h i) (logxor (aref h i) (aref t1 i))))) + (values)) + +(defun kupyna-transform512 (h m start) + (declare (type (simple-array (unsigned-byte 64) (16)) h) + (type (simple-array (unsigned-byte 8) (*)) m) + (type index start) + (optimize (speed 3) (space 0) (debug 0) (safety 0))) + (let ((ap1 (make-array 16 :element-type '(unsigned-byte 64))) + (aq1 (make-array 16 :element-type '(unsigned-byte 64))) + (ap2 (make-array 16 :element-type '(unsigned-byte 64))) + (aq2 (make-array 16 :element-type '(unsigned-byte 64)))) + (declare (type (simple-array (unsigned-byte 64) (16)) ap1 aq1 ap2 aq2) + (dynamic-extent ap1 aq1 ap2 aq2)) + (dotimes (i 16) + (setf (aref aq1 i) (ub64ref/le m (+ start (* 8 i))) + (aref ap1 i) (logxor (aref h i) (aref aq1 i)))) + (loop for r from 0 below 14 by 2 do + (kupyna-round-p512 ap1 ap2 r) + (kupyna-round-p512 ap2 ap1 (1+ r)) + (kupyna-round-q512 aq1 aq2 r) + (kupyna-round-q512 aq2 aq1 (1+ r))) + (dotimes (i 16) + (setf (aref h i) (logxor (aref h i) (aref ap1 i) (aref aq1 i))))) + (values)) + + +;;; +;;; Digest structures and functions +;;; + +(defstruct (kupyna + (:constructor %make-kupyna-digest nil) + (:copier nil)) + (buffer (make-array 128 :element-type '(unsigned-byte 8)) + :type (simple-array (unsigned-byte 8) (128))) + (buffer-index 0 :type (integer 0 128)) + (h (make-array 16 :element-type '(unsigned-byte 64) + :initial-contents '(128 0 0 0 0 0 0 0 + 0 0 0 0 0 0 0 0)) + :type (simple-array (unsigned-byte 64) (16))) + (total 0 :type (unsigned-byte 64))) + +(defstruct (kupyna/256 + (:include kupyna) + (:constructor %make-kupyna/256-digest + (&aux (h (make-array 16 :element-type '(unsigned-byte 64) + :initial-contents '(64 0 0 0 0 0 0 0 + 0 0 0 0 0 0 0 0))))) + (:copier nil))) + +(defmethod reinitialize-instance ((state kupyna) &rest initargs) + (declare (ignore initargs)) + (setf (kupyna-buffer-index state) 0) + (setf (aref (kupyna-h state) 0) (etypecase state + (kupyna/256 64) + (kupyna 128))) + (fill (kupyna-h state) 0 :start 1) + (setf (kupyna-total state) 0) + state) + +(defmethod copy-digest ((state kupyna) &optional copy) + (let ((copy (if copy + copy + (etypecase state + (kupyna/256 (%make-kupyna/256-digest)) + (kupyna (%make-kupyna-digest)))))) + (declare (type kupyna copy)) + (replace (kupyna-buffer copy) (kupyna-buffer state)) + (setf (kupyna-buffer-index copy) (kupyna-buffer-index state)) + (replace (kupyna-h copy) (kupyna-h state)) + (setf (kupyna-total copy) (kupyna-total state)) + copy)) + +(define-digest-updater kupyna + (let ((block-length (block-length state)) + (buffer (kupyna-buffer state)) + (buffer-index (kupyna-buffer-index state)) + (h (kupyna-h state)) + (total (kupyna-total state)) + (length (- end start)) + (n 0)) + (declare (type (simple-array (unsigned-byte 8) (128)) buffer) + (type (integer 0 128) block-length buffer-index n) + (type (simple-array (unsigned-byte 64) (16)) h) + (type (unsigned-byte 64) total) + (type index length)) + (when (plusp buffer-index) + (setf n (min length (- block-length buffer-index))) + (replace buffer sequence + :start1 buffer-index + :start2 start + :end2 (+ start n)) + (incf buffer-index n) + (incf start n) + (decf length n) + (when (= buffer-index block-length) + (ecase block-length + (64 (kupyna-transform256 h buffer 0)) + (128 (kupyna-transform512 h buffer 0))) + (incf total (* 8 block-length)) + (setf buffer-index 0))) + + (ecase block-length + (64 + (loop until (< length 64) do + (kupyna-transform256 h sequence start) + (incf total 512) + (incf start 64) + (decf length 64))) + (128 + (loop until (< length 128) do + (kupyna-transform512 h sequence start) + (incf total 1024) + (incf start 128) + (decf length 128)))) + + (when (plusp length) + (replace buffer sequence :start2 start :end2 end) + (setf buffer-index length)) + + (setf (kupyna-buffer-index state) buffer-index) + (setf (kupyna-total state) total) + (values))) + +(define-digest-finalizer ((kupyna 64) + (kupyna/256 32)) + (let ((block-length (block-length state)) + (digest-length (digest-length state)) + (buffer (kupyna-buffer state)) + (buffer-index (kupyna-buffer-index state)) + (h (kupyna-h state)) + (total (kupyna-total state))) + (incf total (* 8 buffer-index)) + (setf (aref buffer buffer-index) #x80) + (incf buffer-index) + (when (> (+ buffer-index 12) block-length) + (fill buffer 0 :start buffer-index) + (ecase block-length + (64 (kupyna-transform256 h buffer 0)) + (128 (kupyna-transform512 h buffer 0))) + (setf buffer-index 0)) + (fill buffer 0 :start buffer-index) + (setf (ub64ref/le buffer (- block-length 12)) total) + (ecase block-length + (64 + (kupyna-transform256 h buffer 0) + (kupyna-output-transform256 h)) + (128 + (kupyna-transform512 h buffer 0) + (kupyna-output-transform512 h))) + + (let ((output (make-array 128 :element-type '(unsigned-byte 8)))) + (dotimes (i 16) + (setf (ub64ref/le output (* 8 i)) (aref h i))) + (replace digest output + :start1 digest-start + :start2 (- block-length digest-length) + :end2 block-length) + digest))) + +(defdigest kupyna :digest-length 64 :block-length 128) +(defdigest kupyna/256 :digest-length 32 :block-length 64) diff -Nru cl-ironclad-0.43/src/digests/sha1.lisp cl-ironclad-0.45/src/digests/sha1.lisp --- cl-ironclad-0.43/src/digests/sha1.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/digests/sha1.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -47,9 +47,9 @@ #.(burn-baby-burn)) ;; FIXME: There must be a better way to do this ;; per-implementation/architecture specialization. - #+(and sbcl x86-64) + #+(and sbcl x86-64 ironclad-assembly) (%update-sha1-block regs block) - #-(and sbcl x86-64) + #-(and sbcl x86-64 ironclad-assembly) (let ((a (sha1-regs-a regs)) (b (sha1-regs-b regs)) (c (sha1-regs-c regs)) (d (sha1-regs-d regs)) (e (sha1-regs-e regs))) @@ -111,6 +111,7 @@ ;; ugh. #+(and ironclad-fast-mod32-arithmetic (not (and sbcl (or x86 x86-64)))) (declaim (inline expand-block)) + (defun expand-block (block) "Expand the first 16 words in BLOCK to fill the entire 80 word space available." diff -Nru cl-ironclad-0.43/src/digests/sm3.lisp cl-ironclad-0.45/src/digests/sm3.lisp --- cl-ironclad-0.43/src/digests/sm3.lisp 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/src/digests/sm3.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,320 @@ +;;;; -*- mode: lisp; indent-tabs-mode: nil -*- +;;;; sm3.lisp -- implementation of SM3 (GM/T 0004-2012) + +(in-package :crypto) +(in-ironclad-readtable) + + +;;; +;;; Parameters +;;; + +(defconst +sm3-initial-state+ + #32@(#x7380166f #x4914b2b9 #x172442d7 #xda8a0600 + #xa96f30bc #x163138aa #xe38dee4d #xb0fb0e4e)) + + +;;; +;;; SM3 rounds +;;; + +(defmacro sm3-p0 (x) + `(logxor ,x (rol32 ,x 9) (rol32 ,x 17))) + +(defmacro sm3-p1 (x) + `(logxor ,x (rol32 ,x 15) (rol32 ,x 23))) + +(defmacro sm3-ee (w0 w7 w13 w3 w10) + `(logxor (sm3-p1 (logxor ,w0 ,w7 (rol32 ,w13 15))) + (rol32 ,w3 7) + ,w10)) + +(defmacro sm3-ff (x y z) + `(logior (logand ,x ,y) + (logand (logior ,x ,y) ,z))) + +(defmacro sm3-gg (x y z) + `(logxor ,z (logand ,x (logxor ,y ,z)))) + +(defmacro sm3-r1 (a b c d e f g h tj wi wj) + (let ((a12 (gensym)) + (tt0 (gensym)) + (tt1 (gensym)) + (tt2 (gensym))) + `(let* ((,a12 (rol32 ,a 12)) + (,tt0 (rol32 (mod32+ ,a12 (mod32+ ,e,tj)) 7)) + (,tt1 (mod32+ (mod32+ (logxor ,a ,b ,c) ,d) + (mod32+ (logxor ,tt0 ,a12) ,wj))) + (,tt2 (mod32+ (mod32+ (logxor ,e ,f ,g) ,h) + (mod32+ ,tt0 ,wi)))) + (declare (type (unsigned-byte 32) ,a12 ,tt0 ,tt1 ,tt2)) + (setf ,b (rol32 ,b 9) + ,d ,tt1 + ,f (rol32 ,f 19) + ,h (sm3-p0 ,tt2))))) + +(defmacro sm3-r2 (a b c d e f g h tj wi wj) + (let ((a12 (gensym)) + (tt0 (gensym)) + (tt1 (gensym)) + (tt2 (gensym))) + `(let* ((,a12 (rol32 ,a 12)) + (,tt0 (rol32 (mod32+ ,a12 (mod32+ ,e ,tj)) 7)) + (,tt1 (mod32+ (mod32+ (sm3-ff ,a ,b ,c) ,d) + (mod32+ (logxor ,tt0 ,a12) ,wj))) + (,tt2 (mod32+ (mod32+ (sm3-gg ,e ,f ,g) ,h) + (mod32+ ,tt0 ,wi)))) + (declare (type (unsigned-byte 32) ,a12 ,tt0 ,tt1 ,tt2)) + (setf ,b (rol32 ,b 9) + ,d ,tt1 + ,f (rol32 ,f 19) + ,h (sm3-p0 ,tt2))))) + +(defun sm3-hash (state data start) + (declare (type (simple-array (unsigned-byte 32) (8)) state) + (type (simple-array (unsigned-byte 8) (*)) data) + (type fixnum start) + (optimize (speed 3) (space 0) (safety 0) (debug 0))) + (let ((a (aref state 0)) + (b (aref state 1)) + (c (aref state 2)) + (d (aref state 3)) + (e (aref state 4)) + (f (aref state 5)) + (g (aref state 6)) + (h (aref state 7)) + (w00 (ub32ref/be data start)) + (w01 (ub32ref/be data (+ start 4))) + (w02 (ub32ref/be data (+ start 8))) + (w03 (ub32ref/be data (+ start 12))) + (w04 (ub32ref/be data (+ start 16))) + (w05 (ub32ref/be data (+ start 20))) + (w06 (ub32ref/be data (+ start 24))) + (w07 (ub32ref/be data (+ start 28))) + (w08 (ub32ref/be data (+ start 32))) + (w09 (ub32ref/be data (+ start 36))) + (w10 (ub32ref/be data (+ start 40))) + (w11 (ub32ref/be data (+ start 44))) + (w12 (ub32ref/be data (+ start 48))) + (w13 (ub32ref/be data (+ start 52))) + (w14 (ub32ref/be data (+ start 56))) + (w15 (ub32ref/be data (+ start 60)))) + (declare (type (unsigned-byte 32) a b c d e f g h) + (type (unsigned-byte 32) w00 w01 w02 w03 w04 w05 w06 w07) + (type (unsigned-byte 32) w08 w09 w10 w11 w12 w13 w14 w15)) + (sm3-r1 a b c d e f g h #x79cc4519 w00 (logxor w00 w04)) + (setf w00 (sm3-ee w00 w07 w13 w03 w10)) + (sm3-r1 d a b c h e f g #xf3988a32 w01 (logxor w01 w05)) + (setf w01 (sm3-ee w01 w08 w14 w04 w11)) + (sm3-r1 c d a b g h e f #xe7311465 w02 (logxor w02 w06)) + (setf w02 (sm3-ee w02 w09 w15 w05 w12)) + (sm3-r1 b c d a f g h e #xce6228cb w03 (logxor w03 w07)) + (setf w03 (sm3-ee w03 w10 w00 w06 w13)) + (sm3-r1 a b c d e f g h #x9cc45197 w04 (logxor w04 w08)) + (setf w04 (sm3-ee w04 w11 w01 w07 w14)) + (sm3-r1 d a b c h e f g #x3988a32f w05 (logxor w05 w09)) + (setf w05 (sm3-ee w05 w12 w02 w08 w15)) + (sm3-r1 c d a b g h e f #x7311465e w06 (logxor w06 w10)) + (setf w06 (sm3-ee w06 w13 w03 w09 w00)) + (sm3-r1 b c d a f g h e #xe6228cbc w07 (logxor w07 w11)) + (setf w07 (sm3-ee w07 w14 w04 w10 w01)) + (sm3-r1 a b c d e f g h #xcc451979 w08 (logxor w08 w12)) + (setf w08 (sm3-ee w08 w15 w05 w11 w02)) + (sm3-r1 d a b c h e f g #x988a32f3 w09 (logxor w09 w13)) + (setf w09 (sm3-ee w09 w00 w06 w12 w03)) + (sm3-r1 c d a b g h e f #x311465e7 w10 (logxor w10 w14)) + (setf w10 (sm3-ee w10 w01 w07 w13 w04)) + (sm3-r1 b c d a f g h e #x6228cbce w11 (logxor w11 w15)) + (setf w11 (sm3-ee w11 w02 w08 w14 w05)) + (sm3-r1 a b c d e f g h #xc451979c w12 (logxor w12 w00)) + (setf w12 (sm3-ee w12 w03 w09 w15 w06)) + (sm3-r1 d a b c h e f g #x88a32f39 w13 (logxor w13 w01)) + (setf w13 (sm3-ee w13 w04 w10 w00 w07)) + (sm3-r1 c d a b g h e f #x11465e73 w14 (logxor w14 w02)) + (setf w14 (sm3-ee w14 w05 w11 w01 w08)) + (sm3-r1 b c d a f g h e #x228cbce6 w15 (logxor w15 w03)) + (setf w15 (sm3-ee w15 w06 w12 w02 w09)) + (sm3-r2 a b c d e f g h #x9d8a7a87 w00 (logxor w00 w04)) + (setf w00 (sm3-ee w00 w07 w13 w03 w10)) + (sm3-r2 d a b c h e f g #x3b14f50f w01 (logxor w01 w05)) + (setf w01 (sm3-ee w01 w08 w14 w04 w11)) + (sm3-r2 c d a b g h e f #x7629ea1e w02 (logxor w02 w06)) + (setf w02 (sm3-ee w02 w09 w15 w05 w12)) + (sm3-r2 b c d a f g h e #xec53d43c w03 (logxor w03 w07)) + (setf w03 (sm3-ee w03 w10 w00 w06 w13)) + (sm3-r2 a b c d e f g h #xd8a7a879 w04 (logxor w04 w08)) + (setf w04 (sm3-ee w04 w11 w01 w07 w14)) + (sm3-r2 d a b c h e f g #xb14f50f3 w05 (logxor w05 w09)) + (setf w05 (sm3-ee w05 w12 w02 w08 w15)) + (sm3-r2 c d a b g h e f #x629ea1e7 w06 (logxor w06 w10)) + (setf w06 (sm3-ee w06 w13 w03 w09 w00)) + (sm3-r2 b c d a f g h e #xc53d43ce w07 (logxor w07 w11)) + (setf w07 (sm3-ee w07 w14 w04 w10 w01)) + (sm3-r2 a b c d e f g h #x8a7a879d w08 (logxor w08 w12)) + (setf w08 (sm3-ee w08 w15 w05 w11 w02)) + (sm3-r2 d a b c h e f g #x14f50f3b w09 (logxor w09 w13)) + (setf w09 (sm3-ee w09 w00 w06 w12 w03)) + (sm3-r2 c d a b g h e f #x29ea1e76 w10 (logxor w10 w14)) + (setf w10 (sm3-ee w10 w01 w07 w13 w04)) + (sm3-r2 b c d a f g h e #x53d43cec w11 (logxor w11 w15)) + (setf w11 (sm3-ee w11 w02 w08 w14 w05)) + (sm3-r2 a b c d e f g h #xa7a879d8 w12 (logxor w12 w00)) + (setf w12 (sm3-ee w12 w03 w09 w15 w06)) + (sm3-r2 d a b c h e f g #x4f50f3b1 w13 (logxor w13 w01)) + (setf w13 (sm3-ee w13 w04 w10 w00 w07)) + (sm3-r2 c d a b g h e f #x9ea1e762 w14 (logxor w14 w02)) + (setf w14 (sm3-ee w14 w05 w11 w01 w08)) + (sm3-r2 b c d a f g h e #x3d43cec5 w15 (logxor w15 w03)) + (setf w15 (sm3-ee w15 w06 w12 w02 w09)) + (sm3-r2 a b c d e f g h #x7a879d8a w00 (logxor w00 w04)) + (setf w00 (sm3-ee w00 w07 w13 w03 w10)) + (sm3-r2 d a b c h e f g #xf50f3b14 w01 (logxor w01 w05)) + (setf w01 (sm3-ee w01 w08 w14 w04 w11)) + (sm3-r2 c d a b g h e f #xea1e7629 w02 (logxor w02 w06)) + (setf w02 (sm3-ee w02 w09 w15 w05 w12)) + (sm3-r2 b c d a f g h e #xd43cec53 w03 (logxor w03 w07)) + (setf w03 (sm3-ee w03 w10 w00 w06 w13)) + (sm3-r2 a b c d e f g h #xa879d8a7 w04 (logxor w04 w08)) + (setf w04 (sm3-ee w04 w11 w01 w07 w14)) + (sm3-r2 d a b c h e f g #x50f3b14f w05 (logxor w05 w09)) + (setf w05 (sm3-ee w05 w12 w02 w08 w15)) + (sm3-r2 c d a b g h e f #xa1e7629e w06 (logxor w06 w10)) + (setf w06 (sm3-ee w06 w13 w03 w09 w00)) + (sm3-r2 b c d a f g h e #x43cec53d w07 (logxor w07 w11)) + (setf w07 (sm3-ee w07 w14 w04 w10 w01)) + (sm3-r2 a b c d e f g h #x879d8a7a w08 (logxor w08 w12)) + (setf w08 (sm3-ee w08 w15 w05 w11 w02)) + (sm3-r2 d a b c h e f g #x0f3b14f5 w09 (logxor w09 w13)) + (setf w09 (sm3-ee w09 w00 w06 w12 w03)) + (sm3-r2 c d a b g h e f #x1e7629ea w10 (logxor w10 w14)) + (setf w10 (sm3-ee w10 w01 w07 w13 w04)) + (sm3-r2 b c d a f g h e #x3cec53d4 w11 (logxor w11 w15)) + (setf w11 (sm3-ee w11 w02 w08 w14 w05)) + (sm3-r2 a b c d e f g h #x79d8a7a8 w12 (logxor w12 w00)) + (setf w12 (sm3-ee w12 w03 w09 w15 w06)) + (sm3-r2 d a b c h e f g #xf3b14f50 w13 (logxor w13 w01)) + (setf w13 (sm3-ee w13 w04 w10 w00 w07)) + (sm3-r2 c d a b g h e f #xe7629ea1 w14 (logxor w14 w02)) + (setf w14 (sm3-ee w14 w05 w11 w01 w08)) + (sm3-r2 b c d a f g h e #xcec53d43 w15 (logxor w15 w03)) + (setf w15 (sm3-ee w15 w06 w12 w02 w09)) + (sm3-r2 a b c d e f g h #x9d8a7a87 w00 (logxor w00 w04)) + (setf w00 (sm3-ee w00 w07 w13 w03 w10)) + (sm3-r2 d a b c h e f g #x3b14f50f w01 (logxor w01 w05)) + (setf w01 (sm3-ee w01 w08 w14 w04 w11)) + (sm3-r2 c d a b g h e f #x7629ea1e w02 (logxor w02 w06)) + (setf w02 (sm3-ee w02 w09 w15 w05 w12)) + (sm3-r2 b c d a f g h e #xec53d43c w03 (logxor w03 w07)) + (setf w03 (sm3-ee w03 w10 w00 w06 w13)) + (sm3-r2 a b c d e f g h #xd8a7a879 w04 (logxor w04 w08)) + (sm3-r2 d a b c h e f g #xb14f50f3 w05 (logxor w05 w09)) + (sm3-r2 c d a b g h e f #x629ea1e7 w06 (logxor w06 w10)) + (sm3-r2 b c d a f g h e #xc53d43ce w07 (logxor w07 w11)) + (sm3-r2 a b c d e f g h #x8a7a879d w08 (logxor w08 w12)) + (sm3-r2 d a b c h e f g #x14f50f3b w09 (logxor w09 w13)) + (sm3-r2 c d a b g h e f #x29ea1e76 w10 (logxor w10 w14)) + (sm3-r2 b c d a f g h e #x53d43cec w11 (logxor w11 w15)) + (sm3-r2 a b c d e f g h #xa7a879d8 w12 (logxor w12 w00)) + (sm3-r2 d a b c h e f g #x4f50f3b1 w13 (logxor w13 w01)) + (sm3-r2 c d a b g h e f #x9ea1e762 w14 (logxor w14 w02)) + (sm3-r2 b c d a f g h e #x3d43cec5 w15 (logxor w15 w03)) + (setf (aref state 0) (logxor (aref state 0) a) + (aref state 1) (logxor (aref state 1) b) + (aref state 2) (logxor (aref state 2) c) + (aref state 3) (logxor (aref state 3) d) + (aref state 4) (logxor (aref state 4) e) + (aref state 5) (logxor (aref state 5) f) + (aref state 6) (logxor (aref state 6) g) + (aref state 7) (logxor (aref state 7) h)))) + + +;;; +;;; Digest structures and functions +;;; + +(defstruct (sm3 + (:constructor %make-sm3-digest nil) + (:copier nil)) + (state (copy-seq +sm3-initial-state+) + :type (simple-array (unsigned-byte 32) (8))) + (count 0 :type (unsigned-byte 64)) + (buffer (make-array 64 :element-type '(unsigned-byte 8)) + :type (simple-array (unsigned-byte 8) (64))) + (buffer-index 0 :type (integer 0 64))) + +(defmethod reinitialize-instance ((state sm3) &rest initargs) + (declare (ignore initargs)) + (replace (sm3-state state) +sm3-initial-state+) + (setf (sm3-count state) 0 + (sm3-buffer-index state) 0) + state) + +(defmethod copy-digest ((state sm3) &optional copy) + (declare (type (or null sm3) copy)) + (let ((copy (if copy copy (%make-sm3-digest)))) + (declare (type sm3 copy)) + (replace (sm3-state copy) (sm3-state state)) + (replace (sm3-buffer copy) (sm3-buffer state)) + (setf (sm3-count copy) (sm3-count state) + (sm3-buffer-index copy) (sm3-buffer-index state)) + copy)) + +(define-digest-updater sm3 + (let ((s (sm3-state state)) + (count (sm3-count state)) + (buffer (sm3-buffer state)) + (buffer-index (sm3-buffer-index state)) + (length (- end start)) + (n 0)) + (declare (type (simple-array (unsigned-byte 32) (8)) s) + (type (simple-array (unsigned-byte 8) (64)) buffer) + (type (unsigned-byte 64) count) + (type (integer 0 64) buffer-index n) + (type fixnum length)) + (when (plusp buffer-index) + (setf n (min length (- 64 buffer-index))) + (replace buffer sequence :start1 buffer-index :start2 start :end2 (+ start n)) + (incf count n) + (incf buffer-index n) + (incf start n) + (decf length n) + (when (= buffer-index 64) + (sm3-hash s buffer 0) + (setf buffer-index 0))) + + (loop until (< length 64) do + (sm3-hash s sequence start) + (incf count 64) + (incf start 64) + (decf length 64)) + + (when (plusp length) + (replace buffer sequence :start2 start :end2 end) + (incf count length) + (setf buffer-index length)) + + (setf (sm3-count state) count + (sm3-buffer-index state) buffer-index) + (values))) + +(define-digest-finalizer (sm3 32) + (let ((s (sm3-state state)) + (bit-count (* 8 (sm3-count state))) + (buffer (sm3-buffer state)) + (buffer-index (sm3-buffer-index state))) + (setf (aref buffer buffer-index) #x80) + (incf buffer-index) + (when (> buffer-index 56) + (fill buffer 0 :start buffer-index :end 64) + (sm3-hash s buffer 0) + (setf buffer-index 0)) + (fill buffer 0 :start buffer-index :end 56) + (setf (ub64ref/be buffer 56) bit-count) + (sm3-hash s buffer 0) + (let ((output (make-array 32 :element-type '(unsigned-byte 8)))) + (dotimes (i 8) + (setf (ub32ref/be output (* i 4)) (aref s i))) + (replace digest output :start1 digest-start) + digest))) + +(defdigest sm3 :digest-length 32 :block-length 64) diff -Nru cl-ironclad-0.43/src/macs/cmac.lisp cl-ironclad-0.45/src/macs/cmac.lisp --- cl-ironclad-0.43/src/macs/cmac.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/macs/cmac.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -26,11 +26,16 @@ (ldb (byte n-bits 0) (ash (octets-to-integer b) 1)) :n-bits n-bits))) (when (logbitp 7 (aref b 0)) - (setf (aref k (1- block-length)) - (logxor (ecase block-length - (16 #x87) - (8 #x1b)) - (aref k (1- block-length))))) + (ecase block-length + (8 (setf (aref k 7) (logxor (aref k 7) #x1b))) + (16 (setf (aref k 15) (logxor (aref k 15) #x87))) + (32 (setf (aref k 30) (logxor (aref k 30) #x4) + (aref k 31) (logxor (aref k 31) #x25))) + (64 (setf (aref k 62) (logxor (aref k 62) #x1) + (aref k 63) (logxor (aref k 63) #x25))) + (128 (setf (aref k 125) (logxor (aref k 125) #x8) + (aref k 126) (logxor (aref k 126) #x0) + (aref k 127) (logxor (aref k 127) #x43))))) k))) (let ((L.u (gen-subkey L))) (make-instance 'cmac diff -Nru cl-ironclad-0.43/src/macs/gmac.lisp cl-ironclad-0.45/src/macs/gmac.lisp --- cl-ironclad-0.43/src/macs/gmac.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/macs/gmac.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -9,11 +9,11 @@ ((accumulator :accessor gmac-accumulator :initform (make-array 16 :element-type '(unsigned-byte 8)) :type (simple-array (unsigned-byte 8) (16))) - #-pclmulqdq + #-(and sbcl x86-64 pclmulqdq) (key :accessor gmac-key :initform (make-array '(128 2 2) :element-type '(unsigned-byte 64) :initial-element 0) :type (simple-array (unsigned-byte 64) (128 2 2))) - #+pclmulqdq + #+(and sbcl x86-64 pclmulqdq) (key :accessor gmac-key :initform (make-array 16 :element-type '(unsigned-byte 8)) :type (simple-array (unsigned-byte 8) (16))) @@ -50,7 +50,7 @@ :cipher-name cipher-name :initialization-vector initialization-vector)) -#-pclmulqdq +#-(and sbcl x86-64 pclmulqdq) (defmethod shared-initialize :after ((mac gmac) slot-names &rest initargs &key key cipher-name initialization-vector &allow-other-keys) (declare (ignore slot-names initargs) (type (simple-array (unsigned-byte 8) (*)) key)) @@ -101,7 +101,7 @@ (ub64ref/le data 0) x)) (values)) -#+pclmulqdq +#+(and sbcl x86-64 pclmulqdq) (defmethod shared-initialize :after ((mac gmac) slot-names &rest initargs &key key cipher-name initialization-vector &allow-other-keys) (declare (ignore slot-names initargs) (type (simple-array (unsigned-byte 8) (*)) key)) @@ -132,7 +132,7 @@ (gmac-swap-16 hkey) mac)) -#-pclmulqdq +#-(and sbcl x86-64 pclmulqdq) (defun gmac-mul (accumulator table) (declare (type (simple-array (unsigned-byte 8) (16)) accumulator) (type (simple-array (unsigned-byte 64) (128 2 2)) table) @@ -154,7 +154,7 @@ (ub64ref/be accumulator 8) z1) (values))) -#+pclmulqdq +#+(and sbcl x86-64 pclmulqdq) (defun gmac-mul (accumulator key) (declare (type (simple-array (unsigned-byte 8) (16)) accumulator key) (optimize (speed 3) (space 0) (safety 0) (debug 0))) @@ -175,8 +175,10 @@ (type (unsigned-byte 64) total-length) (type (integer 0 16) buffer-length) (type index remaining)) - #-pclmulqdq (declare (type (simple-array (unsigned-byte 64) (128 2 2)) key)) - #+pclmulqdq (declare (type (simple-array (unsigned-byte 8) (16)) key)) + #-(and sbcl x86-64 pclmulqdq) + (declare (type (simple-array (unsigned-byte 64) (128 2 2)) key)) + #+(and sbcl x86-64 pclmulqdq) + (declare (type (simple-array (unsigned-byte 8) (16)) key)) ;; Fill the buffer with new data if necessary (when (plusp buffer-length) @@ -192,7 +194,8 @@ ;; Process the buffer (when (= buffer-length 16) - #+pclmulqdq (gmac-swap-16 buffer) + #+(and sbcl x86-64 pclmulqdq) + (gmac-swap-16 buffer) (xor-block 16 accumulator 0 buffer 0 accumulator 0) (gmac-mul accumulator key) (incf total-length 16) @@ -200,11 +203,13 @@ ;; Process the data (loop while (> remaining 16) do - #-pclmulqdq (xor-block 16 accumulator 0 data start accumulator 0) - #+pclmulqdq (progn - (setf (ub64ref/le buffer 8) (ub64ref/be data start) - (ub64ref/le buffer 0) (ub64ref/be data (+ start 8))) - (xor-block 16 accumulator 0 buffer 0 accumulator 0)) + #-(and sbcl x86-64 pclmulqdq) + (xor-block 16 accumulator 0 data start accumulator 0) + #+(and sbcl x86-64 pclmulqdq) + (progn + (setf (ub64ref/le buffer 8) (ub64ref/be data start) + (ub64ref/le buffer 0) (ub64ref/be data (+ start 8))) + (xor-block 16 accumulator 0 buffer 0 accumulator 0)) (gmac-mul accumulator key) (incf total-length 16) (incf start 16) @@ -231,27 +236,33 @@ (declare (type (simple-array (unsigned-byte 8) (16)) accumulator buffer iv) (type (unsigned-byte 64) total-length) (type (integer 0 16) buffer-length)) - #-pclmulqdq (declare (type (simple-array (unsigned-byte 64) (128 2 2)) key)) - #+pclmulqdq (declare (type (simple-array (unsigned-byte 8) (16)) key)) + #-(and sbcl x86-64 pclmulqdq) + (declare (type (simple-array (unsigned-byte 64) (128 2 2)) key)) + #+(and sbcl x86-64 pclmulqdq) + (declare (type (simple-array (unsigned-byte 8) (16)) key)) ;; Process the buffer (when (plusp buffer-length) (fill buffer 0 :start buffer-length) - #+pclmulqdq (gmac-swap-16 buffer) + #+(and sbcl x86-64 pclmulqdq) + (gmac-swap-16 buffer) (xor-block 16 accumulator 0 buffer 0 accumulator 0) (gmac-mul accumulator key) (incf total-length buffer-length)) ;; Padding - #-pclmulqdq (setf (ub64ref/be buffer 0) (mod64* 8 (- total-length encrypted-data-length)) - (ub64ref/be buffer 8) (mod64* 8 encrypted-data-length)) - #+pclmulqdq (setf (ub64ref/le buffer 0) (mod64* 8 encrypted-data-length) - (ub64ref/le buffer 8) (mod64* 8 (- total-length encrypted-data-length))) + #-(and sbcl x86-64 pclmulqdq) + (setf (ub64ref/be buffer 0) (mod64* 8 (- total-length encrypted-data-length)) + (ub64ref/be buffer 8) (mod64* 8 encrypted-data-length)) + #+(and sbcl x86-64 pclmulqdq) + (setf (ub64ref/le buffer 0) (mod64* 8 encrypted-data-length) + (ub64ref/le buffer 8) (mod64* 8 (- total-length encrypted-data-length))) (xor-block 16 accumulator 0 buffer 0 accumulator 0) (gmac-mul accumulator key) ;; Produce the tag - #+pclmulqdq (gmac-swap-16 accumulator) + #+(and sbcl x86-64 pclmulqdq) + (gmac-swap-16 accumulator) (xor-block 16 accumulator 0 iv 0 accumulator 0) accumulator)) diff -Nru cl-ironclad-0.43/src/macs/poly1305.lisp cl-ironclad-0.45/src/macs/poly1305.lisp --- cl-ironclad-0.43/src/macs/poly1305.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/macs/poly1305.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -73,6 +73,10 @@ (rr3 (mod32+ (mod32ash r3 -2) r3))) (declare (type (unsigned-byte 32) hibit h0 h1 h2 h3 h4 r0 r1 r2 r3 rr0 rr1 rr2 rr3)) (loop while (>= remaining 16) do + #+(and ecl ironclad-assembly) + (multiple-value-setq (h0 h1 h2 h3 h4) + (poly1305-process-block h0 h1 h2 h3 h4 r0 r1 r2 r3 rr0 rr1 rr2 rr3 hibit data start)) + #-(and ecl ironclad-assembly) (let* ((s0 (mod64+ h0 (ub32ref/le data start))) (s1 (mod64+ h1 (ub32ref/le data (+ start 4)))) (s2 (mod64+ h2 (ub32ref/le data (+ start 8)))) @@ -119,9 +123,9 @@ h1 (logand u1 #xffffffff) h2 (logand u2 #xffffffff) h3 (logand u3 #xffffffff) - h4 (logand u4 #xffffffff)) - (incf start 16) - (decf remaining 16))) + h4 (logand u4 #xffffffff))) + (incf start 16) + (decf remaining 16)) (setf (aref accumulator 0) h0 (aref accumulator 1) h1 (aref accumulator 2) h2 diff -Nru cl-ironclad-0.43/src/macs/siphash.lisp cl-ironclad-0.45/src/macs/siphash.lisp --- cl-ironclad-0.43/src/macs/siphash.lisp 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/src/macs/siphash.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,209 @@ +;;;; -*- mode: lisp; indent-tabs-mode: nil -*- +;;;; siphash.lisp -- implementation of the SipHash MAC + +(in-package :crypto) + + +(defclass siphash (mac) + ((state :accessor siphash-state + :initform (make-array 4 :element-type '(unsigned-byte 64)) + :type (simple-array (unsigned-byte 64) (4))) + (compression-rounds :accessor siphash-compression-rounds + :initarg :compression-rounds + :initform 2 + :type fixnum) + (finalization-rounds :accessor siphash-finalization-rounds + :initarg :finalization-rounds + :initform 4 + :type fixnum) + (digest-length :accessor siphash-digest-length + :initarg :digest-length + :initform 8 + :type fixnum) + (data-length :accessor siphash-data-length + :initform 0 + :type fixnum) + (buffer :accessor siphash-buffer + :initform (make-array 8 :element-type '(unsigned-byte 8)) + :type (simple-array (unsigned-byte 8) (8))) + (buffer-length :accessor siphash-buffer-length + :initform 0 + :type (integer 0 8)))) + +(defun make-siphash (key &key (compression-rounds 2) (finalization-rounds 4) (digest-length 8)) + (declare (type (simple-array (unsigned-byte 8) (*)) key)) + (unless (= (length key) 16) + (error 'invalid-mac-parameter + :mac-name 'siphash + :message "The key length must be 16 bytes")) + (unless (or (= digest-length 8) (= digest-length 16)) + (error 'invalid-mac-parameter + :mac-name 'siphash + :message "The digest length must be 8 or 16 bytes")) + (make-instance 'siphash + :key key + :compression-rounds compression-rounds + :finalization-rounds finalization-rounds + :digest-length digest-length)) + +(defmethod shared-initialize :after ((mac siphash) slot-names &rest initargs &key key &allow-other-keys) + (declare (ignore slot-names initargs) + (type (simple-array (unsigned-byte 8) (16)) key)) + (let ((state (siphash-state mac)) + (k0 (ub64ref/le key 0)) + (k1 (ub64ref/le key 8))) + (declare (type (simple-array (unsigned-byte 64) (4)) state) + (type (unsigned-byte 64) k0 k1)) + (setf (aref state 0) (logxor k0 #x736f6d6570736575) + (aref state 1) (logxor k1 #x646f72616e646f6d) + (aref state 2) (logxor k0 #x6c7967656e657261) + (aref state 3) (logxor k1 #x7465646279746573)) + (when (= (siphash-digest-length mac) 16) + (setf (aref state 1) (logxor (aref state 1) #xee))) + (setf (siphash-data-length mac) 0) + (setf (siphash-buffer-length mac) 0) + mac)) + +(defmacro siphash-round (v0 v1 v2 v3) + `(setf ,v0 (mod64+ ,v0 ,v1) + ,v2 (mod64+ ,v2 ,v3) + ,v1 (rol64 ,v1 13) + ,v3 (rol64 ,v3 16) + ,v1 (logxor ,v1 ,v0) + ,v3 (logxor ,v3 ,v2) + ,v0 (rol64 ,v0 32) + ,v2 (mod64+ ,v2 ,v1) + ,v0 (mod64+ ,v0 ,v3) + ,v1 (rol64 ,v1 17) + ,v3 (rol64 ,v3 21) + ,v1 (logxor ,v1 ,v2) + ,v3 (logxor ,v3 ,v0) + ,v2 (rol64 ,v2 32))) + +(defun siphash-compress (state data start remaining data-length n-rounds) + (declare (type (simple-array (unsigned-byte 64) (4)) state) + (type (simple-array (unsigned-byte 8) (*)) data) + (type fixnum start remaining data-length n-rounds) + (optimize (speed 3) (space 0) (safety 0) (debug 0))) + (let ((v0 (aref state 0)) + (v1 (aref state 1)) + (v2 (aref state 2)) + (v3 (aref state 3))) + (declare (type (unsigned-byte 64) v0 v1 v2 v3)) + (do ((m 0)) + ((< remaining 8)) + (declare (type (unsigned-byte 64) m)) + (setf m (ub64ref/le data start)) + (setf v3 (logxor v3 m)) + (dotimes (i n-rounds) + (siphash-round v0 v1 v2 v3)) + (setf v0 (logxor v0 m)) + (incf start 8) + (incf data-length 8) + (decf remaining 8)) + (setf (aref state 0) v0 + (aref state 1) v1 + (aref state 2) v2 + (aref state 3) v3) + (values start remaining data-length))) + +(defun siphash-finalize (state n-rounds tag) + (declare (type (simple-array (unsigned-byte 64) (4)) state) + (type (simple-array (unsigned-byte 8) (*)) tag) + (type fixnum n-rounds) + (optimize (speed 3) (space 0) (safety 0) (debug 0))) + (let ((digest-length (length tag)) + (v0 (aref state 0)) + (v1 (aref state 1)) + (v2 (aref state 2)) + (v3 (aref state 3))) + (declare (type fixnum digest-length) + (type (unsigned-byte 64) v0 v1 v2 v3)) + (setf v2 (logxor v2 (if (= digest-length 16) #xee #xff))) + (dotimes (i n-rounds) + (siphash-round v0 v1 v2 v3)) + (setf (ub64ref/le tag 0) (logxor v0 v1 v2 v3)) + (when (= digest-length 16) + (setf v1 (logxor v1 #xdd)) + (dotimes (i n-rounds) + (siphash-round v0 v1 v2 v3)) + (setf (ub64ref/le tag 8) (logxor v0 v1 v2 v3))) + (values))) + +(defun update-siphash (mac data &key (start 0) (end (length data))) + (declare (type (simple-array (unsigned-byte 8) (*)) data) + (type fixnum start end) + (optimize (speed 3) (space 0) (safety 1) (debug 0))) + (let ((buffer (siphash-buffer mac)) + (buffer-length (siphash-buffer-length mac)) + (state (siphash-state mac)) + (n-rounds (siphash-compression-rounds mac)) + (data-length (siphash-data-length mac)) + (remaining (- end start))) + (declare (type (simple-array (unsigned-byte 8) (8)) buffer) + (type (integer 0 8) buffer-length) + (type (simple-array (unsigned-byte 64) (4)) state) + (type fixnum n-rounds data-length remaining)) + + ;; Fill the buffer with new data if necessary + (when (plusp buffer-length) + (let ((n (min remaining (- 8 buffer-length)))) + (declare (type (integer 0 8) n)) + (replace buffer data + :start1 buffer-length + :start2 start + :end2 (+ start n)) + (incf buffer-length n) + (incf start n) + (incf data-length n) + (decf remaining n))) + + ;; Process the buffer + (when (= buffer-length 8) + (siphash-compress state buffer 0 8 data-length n-rounds) + (setf buffer-length 0)) + + ;; Process the data + ;; TODO: (siphash-process-full-blocks ...) + (multiple-value-setq (start remaining data-length) + (siphash-compress state data start remaining data-length n-rounds)) + + ;; Put the remaining data in the buffer + (when (plusp remaining) + (replace buffer data :start1 0 :start2 start :end2 end) + (incf data-length remaining) + (setf buffer-length remaining)) + + ;; Save the state + (setf (siphash-data-length mac) data-length) + (setf (siphash-buffer-length mac) buffer-length) + (values))) + +(defun siphash-digest (mac) + (let ((buffer (copy-seq (siphash-buffer mac))) + (buffer-length (siphash-buffer-length mac)) + (state (copy-seq (siphash-state mac))) + (compression-rounds (siphash-compression-rounds mac)) + (finalization-rounds (siphash-finalization-rounds mac)) + (digest-length (siphash-digest-length mac)) + (data-length (siphash-data-length mac))) + (declare (type (simple-array (unsigned-byte 8) (8)) buffer) + (type (integer 0 8) buffer-length) + (type (simple-array (unsigned-byte 64) (4)) state) + (type fixnum compression-rounds finalization-rounds digest-length data-length) + (dynamic-extent buffer state)) + + ;; Pad and process the buffer + (fill buffer 0 :start buffer-length) + (setf (aref buffer 7) (mod data-length 256)) + (siphash-compress state buffer 0 8 data-length compression-rounds) + + ;; Produce the tag + (let ((tag (make-array digest-length :element-type '(unsigned-byte 8)))) + (siphash-finalize state finalization-rounds tag) + tag))) + +(defmac siphash + make-siphash + update-siphash + siphash-digest) diff -Nru cl-ironclad-0.43/src/opt/ccl/x86oid-vm.lisp cl-ironclad-0.45/src/opt/ccl/x86oid-vm.lisp --- cl-ironclad-0.43/src/opt/ccl/x86oid-vm.lisp 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/src/opt/ccl/x86oid-vm.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,180 @@ +;;;; -*- mode: lisp; indent-tabs-mode: nil -*- +#+ccl +(in-package :ccl) + +#+(and ccl x86-64 ironclad-assembly) +(progn + (defx86lapfunction mod32+ ((a arg_y) (b arg_z)) + (unbox-fixnum a imm0) + (unbox-fixnum b imm1) + (addl (% imm1.l) (% imm0.l)) + (box-fixnum imm0 arg_z) + (single-value-return)) + + (defx86lapfunction mod32- ((a arg_y) (b arg_z)) + (unbox-fixnum a imm0) + (unbox-fixnum b imm1) + (subl (% imm1.l) (% imm0.l)) + (box-fixnum imm0 arg_z) + (single-value-return)) + + (defx86lapfunction mod32* ((a arg_y) (b arg_z)) + (unbox-fixnum a imm0) + (unbox-fixnum b imm1) + (imull (% imm1.l) (% imm0.l)) + (box-fixnum imm0 arg_z) + (single-value-return)) + + (defx86lapfunction mod32ash ((number arg_y) (count arg_z)) + (unbox-fixnum number imm0) + (unbox-fixnum count imm2) + (testb (% imm2.b) (% imm2.b)) + (js :right) + (shll (% imm2.b) (% imm0.l)) + (jmp :end) + :right + (negb (% imm2.b)) + (shrl (% imm2.b) (% imm0.l)) + :end + (box-fixnum imm0 arg_z) + (single-value-return)) + + (defx86lapfunction mod32lognot ((number arg_z)) + (unbox-fixnum number imm0) + (notl (% imm0.l)) + (box-fixnum imm0 arg_z) + (single-value-return)) + + (defx86lapfunction rol32 ((number arg_y) (count arg_z)) + (unbox-fixnum number imm0) + (unbox-fixnum count imm2) + (roll (% imm2.b) (% imm0.l)) + (box-fixnum imm0 arg_z) + (single-value-return)) + + (defx86lapfunction ror32 ((number arg_y) (count arg_z)) + (unbox-fixnum number imm0) + (unbox-fixnum count imm2) + (rorl (% imm2.b) (% imm0.l)) + (box-fixnum imm0 arg_z) + (single-value-return)) + + (defx86lapfunction %set-bignum-to-fixnum ((bignum arg_y) (fixnum arg_z)) + (unbox-fixnum fixnum imm0) + (movq (% imm0) (@ x8664::misc-data-offset (% bignum))) + (retq)) + + (defun bignumize (number) + (if (fixnump number) + (let ((result (allocate-typed-vector :bignum 2))) + (%set-bignum-to-fixnum result number) + result) + number)) + + (defun normalize-bignum-3 (number) + (cond ((logbitp 31 (bignum-ref number 1)) number) + (t (%set-bignum-length 2 number) + (or (%maybe-fixnum-from-one-or-two-digit-bignum number) + number)))) + + (defx86lapfunction %mod64+ ((result arg_x) (a arg_y) (b arg_z)) + (movq (@ x8664::misc-data-offset (% a)) (% imm0)) + (movq (@ x8664::misc-data-offset (% b)) (% imm1)) + (addq (% imm0) (% imm1)) + (movq (% imm1) (@ x8664::misc-data-offset (% result))) + (retq)) + + (defun mod64+ (a b) + (declare (type (unsigned-byte 64) a b)) + (let ((result (allocate-typed-vector :bignum 3))) + (%mod64+ result (bignumize a) (bignumize b)) + (normalize-bignum-3 result))) + + (defx86lapfunction %mod64- ((result arg_x) (a arg_y) (b arg_z)) + (movq (@ x8664::misc-data-offset (% a)) (% imm0)) + (movq (@ x8664::misc-data-offset (% b)) (% imm1)) + (subq (% imm1) (% imm0)) + (movq (% imm0) (@ x8664::misc-data-offset (% result))) + (retq)) + + (defun mod64- (a b) + (declare (type (unsigned-byte 64) a b)) + (let ((result (allocate-typed-vector :bignum 3))) + (%mod64- result (bignumize a) (bignumize b)) + (normalize-bignum-3 result))) + + (defx86lapfunction %mod64* ((result arg_x) (a arg_y) (b arg_z)) + (movq (@ x8664::misc-data-offset (% a)) (% imm0)) + (movq (@ x8664::misc-data-offset (% b)) (% imm1)) + (imulq (% imm0) (% imm1)) + (movq (% imm1) (@ x8664::misc-data-offset (% result))) + (retq)) + + (defun mod64* (a b) + (declare (type (unsigned-byte 64) a b)) + (let ((result (allocate-typed-vector :bignum 3))) + (%mod64* result (bignumize a) (bignumize b)) + (normalize-bignum-3 result))) + + (defx86lapfunction %mod64ash ((result arg_x) (number arg_y) (count arg_z)) + (movq (@ x8664::misc-data-offset (% number)) (% imm0)) + (unbox-fixnum count imm2) + (testb (% imm2.b) (% imm2.b)) + (js :right) + (shlq (% imm2.b) (% imm0)) + (jmp :end) + :right + (negb (% imm2.b)) + (shrq (% imm2.b) (% imm0)) + :end + (movq (% imm0) (@ x8664::misc-data-offset (% result))) + (retq)) + + (defun mod64ash (number count) + (declare (type (unsigned-byte 64) number) + (type (integer -63 63) count)) + (let ((result (allocate-typed-vector :bignum 3))) + (%mod64ash result (bignumize number) count) + (normalize-bignum-3 result))) + + (defx86lapfunction %mod64lognot ((result arg_y) (number arg_z)) + (movq (@ x8664::misc-data-offset (% number)) (% imm0)) + (notq (% imm0)) + (movq (% imm0) (@ x8664::misc-data-offset (% result))) + (retq)) + + (defun mod64lognot (number) + (declare (type (unsigned-byte 64) number)) + (let ((result (allocate-typed-vector :bignum 3))) + (%mod64lognot result (bignumize number)) + (normalize-bignum-3 result))) + + (defx86lapfunction %rol64 ((result arg_x) (number arg_y) (count arg_z)) + (movq (@ x8664::misc-data-offset (% number)) (% imm0)) + (unbox-fixnum count imm2) + (rolq (% imm2.b) (% imm0)) + (movq (% imm0) (@ x8664::misc-data-offset (% result))) + (retq)) + + (defun rol64 (number count) + (declare (optimize (speed 3) (space 0) (safety 0) (debug 0)) + (type (unsigned-byte 64) number) + (type (integer 0 64) count)) + (let ((result (allocate-typed-vector :bignum 3))) + (%rol64 result (bignumize number) count) + (normalize-bignum-3 result))) + + (defx86lapfunction %ror64 ((result arg_x) (number arg_y) (count arg_z)) + (movq (@ x8664::misc-data-offset (% number)) (% imm0)) + (unbox-fixnum count imm2) + (rorq (% imm2.b) (% imm0)) + (movq (% imm0) (@ x8664::misc-data-offset (% result))) + (retq)) + + (defun ror64 (number count) + (declare (optimize (speed 3) (space 0) (safety 0) (debug 0)) + (type (unsigned-byte 64) number) + (type (integer 0 64) count)) + (let ((result (allocate-typed-vector :bignum 3))) + (%ror64 result (bignumize number) count) + (normalize-bignum-3 result)))) diff -Nru cl-ironclad-0.43/src/opt/ecl/c-functions.lisp cl-ironclad-0.45/src/opt/ecl/c-functions.lisp --- cl-ironclad-0.43/src/opt/ecl/c-functions.lisp 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/src/opt/ecl/c-functions.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,155 @@ +;;;; -*- mode: lisp; indent-tabs-mode: nil -*- + +(in-package :crypto) + +#+(and ecl ironclad-assembly) +(progn + (ffi:clines " +#define ROTL32(v, c) \\ + (((v) << (c)) | ((v) >> (32 - (c)))) + +#define CHACHA_QUARTER_ROUND(a, b, c, d) \\ + x[a] += x[b]; x[d] = ROTL32(x[d] ^ x[a], 16); \\ + x[c] += x[d]; x[b] = ROTL32(x[b] ^ x[c], 12); \\ + x[a] += x[b]; x[d] = ROTL32(x[d] ^ x[a], 8); \\ + x[c] += x[d]; x[b] = ROTL32(x[b] ^ x[c], 7); + +#define SALSA_QUARTER_ROUND(a, b, c, d) \\ + x[a] ^= ROTL32(x[d] + x[c], 7); \\ + x[b] ^= ROTL32(x[a] + x[d], 9); \\ + x[c] ^= ROTL32(x[b] + x[a], 13); \\ + x[d] ^= ROTL32(x[c] + x[b], 18); +") + + (declaim (inline x-chacha-core)) + (defun x-chacha-core (n-rounds buffer state) + (ffi:c-inline (n-rounds buffer state) + (:unsigned-int t t) + :void + "{ +unsigned int n_rounds = #0; +uint8_t *buffer = (#1)->array.self.b8; +uint32_t *state = (#2)->array.self.b32; +unsigned int i; +uint32_t x[16]; + +for(i = 0; i < 16; i++) + x[i] = state[i]; + +for(i = 0; i < n_rounds; i++) +{ + CHACHA_QUARTER_ROUND(0, 4, 8, 12); + CHACHA_QUARTER_ROUND(1, 5, 9, 13); + CHACHA_QUARTER_ROUND(2, 6, 10, 14); + CHACHA_QUARTER_ROUND(3, 7, 11, 15); + + CHACHA_QUARTER_ROUND(0, 5, 10, 15); + CHACHA_QUARTER_ROUND(1, 6, 11, 12); + CHACHA_QUARTER_ROUND(2, 7, 8, 13); + CHACHA_QUARTER_ROUND(3, 4, 9, 14); +} + +for(i = 0; i < 16; i++) + x[i] += state[i]; + +for(i = 0; i < 16; i++) +{ + buffer[4 * i] = x[i] & 0xff; + buffer[4 * i + 1] = (x[i] >> 8) & 0xff; + buffer[4 * i + 2] = (x[i] >> 16) & 0xff; + buffer[4 * i + 3] = (x[i] >> 24) & 0xff; +} +}")) + + (declaim (inline x-salsa-core)) + (defun x-salsa-core (n-rounds buffer state) + (ffi:c-inline (n-rounds buffer state) + (:unsigned-int t t) + :void + "{ +unsigned int n_rounds = #0; +uint8_t *buffer = (#1)->array.self.b8; +uint32_t *state = (#2)->array.self.b32; +unsigned int i; +uint32_t x[16]; + +for(i = 0; i < 16; i++) + x[i] = state[i]; + +for(i = 0; i < n_rounds; i++) +{ + SALSA_QUARTER_ROUND(4, 8, 12, 0); + SALSA_QUARTER_ROUND(9, 13, 1, 5); + SALSA_QUARTER_ROUND(14, 2, 6, 10); + SALSA_QUARTER_ROUND(3, 7, 11, 15); + + SALSA_QUARTER_ROUND(1, 2, 3, 0); + SALSA_QUARTER_ROUND(6, 7, 4, 5); + SALSA_QUARTER_ROUND(11, 8, 9, 10); + SALSA_QUARTER_ROUND(12, 13, 14, 15); +} + +for(i = 0; i < 16; i++) + x[i] += state[i]; + +for(i = 0; i < 16; i++) +{ + buffer[4 * i] = x[i] & 0xff; + buffer[4 * i + 1] = (x[i] >> 8) & 0xff; + buffer[4 * i + 2] = (x[i] >> 16) & 0xff; + buffer[4 * i + 3] = (x[i] >> 24) & 0xff; +} +}")) + + (declaim (inline poly1305-process-block)) + (defun poly1305-process-block (h0 h1 h2 h3 h4 r0 r1 r2 r3 rr0 rr1 rr2 rr3 hibit data start) + (ffi:c-inline (h0 h1 h2 h3 h4 r0 r1 r2 r3 rr0 rr1 rr2 rr3 hibit data start) + (:uint32-t :uint32-t :uint32-t :uint32-t :uint32-t + :uint32-t :uint32-t :uint32-t :uint32-t + :uint32-t :uint32-t :uint32-t :uint32-t + :uint32-t t :unsigned-int) + (values :uint32-t :uint32-t :uint32-t :uint32-t :uint32-t) + "{ +uint32_t h0 = #0; +uint32_t h1 = #1; +uint32_t h2 = #2; +uint32_t h3 = #3; +uint32_t h4 = #4; +uint32_t r0 = #5; +uint32_t r1 = #6; +uint32_t r2 = #7; +uint32_t r3 = #8; +uint32_t rr0 = #9; +uint32_t rr1 = #a; +uint32_t rr2 = #b; +uint32_t rr3 = #c; +uint32_t hibit = #d; +unsigned int start = #f; +uint8_t *data = (#e)->array.self.b8 + start; +uint32_t c0 = data[0] + (data[1] << 8) + (data[2] << 16) + (data[3] << 24); +uint32_t c1 = data[4] + (data[5] << 8) + (data[6] << 16) + (data[7] << 24); +uint32_t c2 = data[8] + (data[9] << 8) + (data[10] << 16) + (data[11] << 24); +uint32_t c3 = data[12] + (data[13] << 8) + (data[14] << 16) + (data[15] << 24); +uint64_t s0 = h0 + (uint64_t) c0; +uint64_t s1 = h1 + (uint64_t) c1; +uint64_t s2 = h2 + (uint64_t) c2; +uint64_t s3 = h3 + (uint64_t) c3; +uint32_t s4 = h4 + hibit; +uint64_t x0 = (s0 * r0) + (s1 * rr3) + (s2 * rr2) + (s3 * rr1) + (s4 * rr0); +uint64_t x1 = (s0 * r1) + (s1 * r0) + (s2 * rr3) + (s3 * rr2) + (s4 * rr1); +uint64_t x2 = (s0 * r2) + (s1 * r1) + (s2 * r0) + (s3 * rr3) + (s4 * rr2); +uint64_t x3 = (s0 * r3) + (s1 * r2) + (s2 * r1) + (s3 * r0) + (s4 * rr3); +uint32_t x4 = s4 * (r0 & 3); +uint32_t u5 = x4 + (x3 >> 32); +uint64_t u0 = ((u5 >> 2) * 5) + (x0 & 0xffffffff); +uint64_t u1 = (u0 >> 32) + (x1 & 0xffffffff) + (x0 >> 32); +uint64_t u2 = (u1 >> 32) + (x2 & 0xffffffff) + (x1 >> 32); +uint64_t u3 = (u2 >> 32) + (x3 & 0xffffffff) + (x2 >> 32); +uint64_t u4 = (u3 >> 32) + (u5 & 3); + +@(return 0) = u0 & 0xffffffff; +@(return 1) = u1 & 0xffffffff; +@(return 2) = u2 & 0xffffffff; +@(return 3) = u3 & 0xffffffff; +@(return 4) = u4 & 0xffffffff; +}"))) diff -Nru cl-ironclad-0.43/src/opt/sbcl/cpu-features.lisp cl-ironclad-0.45/src/opt/sbcl/cpu-features.lisp --- cl-ironclad-0.43/src/opt/sbcl/cpu-features.lisp 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/src/opt/sbcl/cpu-features.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,19 @@ +;;;; -*- mode: lisp; indent-tabs-mode: nil -*- + +(in-package :crypto) + +;;; Check what features are supported by the CPU + +#+(and sbcl x86-64 ironclad-assembly) +(eval-when (:compile-toplevel :load-toplevel :execute) + (defun aes-ni-support-p () + (aes-ni-support-p)) + (compile 'aes-ni-support-p) + (when (aes-ni-support-p) + (pushnew :aes-ni *features*)) + + (defun pclmulqdq-support-p () + (pclmulqdq-support-p)) + (compile 'pclmulqdq-support-p) + (when (pclmulqdq-support-p) + (pushnew :pclmulqdq *features*))) diff -Nru cl-ironclad-0.43/src/opt/sbcl/fndb.lisp cl-ironclad-0.45/src/opt/sbcl/fndb.lisp --- cl-ironclad-0.43/src/opt/sbcl/fndb.lisp 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/src/opt/sbcl/fndb.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,156 @@ +;;;; -*- mode: lisp; indent-tabs-mode: nil -*- +#+sbcl +(in-package :sb-c) + +#+(and sbcl ironclad-assembly) +(progn + +(defknown (ironclad::fill-block-ub8-le ironclad::fill-block-ub8-be) + ((simple-array (unsigned-byte 32) (*)) + (simple-array (unsigned-byte 8) (*)) + (integer 0 #.(- array-dimension-limit 64))) (values) + (any) :overwrite-fndb-silently t) + +#+x86-64 +(defknown ironclad::fill-block-ub8-le/64 + ((simple-array (unsigned-byte 64) (*)) + (simple-array (unsigned-byte 8) (*)) + (integer 0 #.(- array-dimension-limit 64))) (values) + (any) :overwrite-fndb-silently t) + +#+x86-64 +(defknown ironclad::fill-block-ub8-be/64 + ((simple-array (unsigned-byte 64) (*)) + (simple-array (unsigned-byte 8) (*)) + (integer 0 #.(- array-dimension-limit 128))) (values) + (any) :overwrite-fndb-silently t) + +(defknown ironclad::expand-block + ((simple-array (unsigned-byte 32) (*))) + (values) + (any) :overwrite-fndb-silently t) + +(defknown ironclad::%update-sha1-block + ((simple-array (unsigned-byte 32) (*)) (simple-array (unsigned-byte 32) (*))) + (simple-array (unsigned-byte 32) (*)) + (any) :overwrite-fndb-silently t) + +(defknown ironclad::sha256-expand-block + ((simple-array (unsigned-byte 32) (*))) + (values) + (any) :overwrite-fndb-silently t) + +#+x86-64 +(defknown ironclad::x-salsa-core + ((signed-byte 61) (simple-array (unsigned-byte 8) (*)) + (simple-array (unsigned-byte 32) (*))) + (values) + (any) :overwrite-fndb-silently t) + +#+x86-64 +(defknown ironclad::x-chacha-core + ((signed-byte 61) (simple-array (unsigned-byte 8) (*)) + (simple-array (unsigned-byte 32) (*))) + (values) + (any) :overwrite-fndb-silently t) + +#+x86-64 +(defknown ironclad::pclmulqdq-support-p + () + (boolean) + (any) + :overwrite-fndb-silently t) + +#+x86-64 +(defknown ironclad::aes-ni-support-p + () + (boolean) + (any) + :overwrite-fndb-silently t) + +#+x86-64 +(defknown ironclad::aes-ni-generate-round-keys + ((simple-array (unsigned-byte 8) (*)) + (unsigned-byte 64) + (simple-array (unsigned-byte 32) (*)) + (simple-array (unsigned-byte 32) (*))) + (values) + (any) + :overwrite-fndb-silently t) + +#+x86-64 +(defknown ironclad::aes-ni-encrypt + ((simple-array (unsigned-byte 8) (*)) + (unsigned-byte 64) + (simple-array (unsigned-byte 8) (*)) + (unsigned-byte 64) + (simple-array (unsigned-byte 32) (*)) + (integer 0 14)) + (values) + (any) + :overwrite-fndb-silently t) + +#+x86-64 +(defknown ironclad::aes-ni-decrypt + ((simple-array (unsigned-byte 8) (*)) + (unsigned-byte 64) + (simple-array (unsigned-byte 8) (*)) + (unsigned-byte 64) + (simple-array (unsigned-byte 32) (*)) + (integer 0 14)) + (values) + (any) + :overwrite-fndb-silently t) + +#+x86-64 +(defknown ironclad::fast-blake2s-mixing + ((unsigned-byte 32) + (unsigned-byte 32) + (unsigned-byte 32) + (unsigned-byte 32) + (unsigned-byte 32) + (unsigned-byte 32)) + (values (unsigned-byte 32) + (unsigned-byte 32) + (unsigned-byte 32) + (unsigned-byte 32)) + (any) + :overwrite-fndb-silently t) + +#+x86-64 +(defknown ironclad::gmac-mul-fast + ((simple-array (unsigned-byte 8) (*)) + (simple-array (unsigned-byte 8) (*))) + (values) + (any) + :overwrite-fndb-silently t) + +#+x86-64 +(defknown ironclad::xor128 + ((simple-array (unsigned-byte 8) (*)) + (integer 0 #.array-dimension-limit) + (simple-array (unsigned-byte 8) (*)) + (integer 0 #.array-dimension-limit) + (simple-array (unsigned-byte 8) (*)) + (integer 0 #.array-dimension-limit)) + (values) + (any) + :overwrite-fndb-silently t) + +#+x86-64 +(defknown ironclad::mov128 + ((simple-array (unsigned-byte 8) (*)) + (integer 0 #.array-dimension-limit) + (simple-array (unsigned-byte 8) (*)) + (integer 0 #.array-dimension-limit)) + (values) + (any) + :overwrite-fndb-silently t) + +(defknown ironclad::inc-counter-block + ((integer 0 #.most-positive-fixnum) + (simple-array (unsigned-byte 8) (*))) + (values) + (any) + :overwrite-fndb-silently t) +);#+sbcl diff -Nru cl-ironclad-0.43/src/opt/sbcl/x86oid-vm.lisp cl-ironclad-0.45/src/opt/sbcl/x86oid-vm.lisp --- cl-ironclad-0.43/src/opt/sbcl/x86oid-vm.lisp 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/src/opt/sbcl/x86oid-vm.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,1055 @@ +;;;; -*- mode: lisp; indent-tabs-mode: nil -*- +#+(and sbcl (or x86 x86-64) ironclad-assembly) +(defpackage :ironclad-vm + ;; more recent SBCL exports various symbols making this package + ;; definition more concise. This is the backward-compatible way. + (:use #:common-lisp + #:sb-c ; for DEFINE-VOP and SC-IS + #:sb-assem ; for INST, GEN-LABEL + #:sb-vm) ; for primtype names, SCs, constants + (:shadow #:ea) ; in case SB-VM exports it + (:import-from #:sb-vm + #:positive-fixnum #:unsigned-num + #:descriptor-reg #:unsigned-reg #:double-reg #:immediate + #:simple-array-unsigned-byte-8 + #:simple-array-unsigned-byte-32 + #+x86-64 #:simple-array-unsigned-byte-64 + #+x86-64 #:rax-offset #+x86-64 #:rcx-offset)) + +#+(and sbcl (or x86 x86-64) ironclad-assembly) +(in-package :ironclad-vm) + +#+(and sbcl x86 ironclad-assembly) +(eval-when (:compile-toplevel :load-toplevel :execute) + (defun ea (displacement &optional base index (scale 1)) + (sb-vm::make-ea :dword + :base base + :index index + :scale scale + :disp (or displacement 0))) + (setf (fdefinition 'dword-ea) (fdefinition 'ea)) + (defmacro dword-inst (name &rest operands) + `(inst ,name ,@operands))) + +#+(and sbcl x86-64 ironclad-assembly) +(eval-when (:compile-toplevel :load-toplevel :execute) + (if (fboundp 'sb-vm::ea) + (progn ; Newer SBCL (>= 1.4.11) + (setf (fdefinition 'ea) (fdefinition 'sb-vm::ea)) + (setf (fdefinition 'dword-ea) (fdefinition 'ea)) + (defmacro dword-inst (name &rest operands) + `(inst ,name :dword ,@operands))) + + (progn ; Older SBCL (< 1.4.11) + (defun ea (displacement &optional base index (scale 1)) + (sb-vm::make-ea :qword + :base base + :index index + :scale scale + :disp (or displacement 0))) + (defun dword-ea (displacement &optional base index (scale 1)) + (sb-vm::make-ea :dword + :base base + :index index + :scale scale + :disp (or displacement 0))) + (defmacro dword-inst (name &rest operands) + `(inst ,name ,@(mapcar (lambda (operand) + `(if (tn-p ,operand) + (sb-vm::reg-in-size ,operand :dword) + ,operand)) + operands)))))) + +#+(and sbcl (or x86 x86-64) ironclad-assembly) +(progn +(define-vop (fill-block-ub8) + (:policy :fast-safe) + (:args (block :scs (descriptor-reg)) + (buffer :scs (descriptor-reg)) + (offset :scs (unsigned-reg immediate) :target buffer-index)) + (:variant-vars big-endian-p bytes-to-copy 64-bit-p) + (:temporary (:sc unsigned-reg) temp buffer-index block-index) + (:generator 50 + (let* ((data-offset (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag)) + (block-disp (+ data-offset bytes-to-copy)) + (immediate-offset (sc-is offset immediate)) + (unroll (if immediate-offset 2 1)) + (loop (gen-label))) + (flet ((ea-for-buffer (&optional (offset 0)) + (if immediate-offset + (ea (+ block-disp offset) buffer block-index n-word-bytes) + (ea data-offset buffer buffer-index))) + (ea-for-block (&optional (offset 0)) + (ea (+ block-disp offset) block block-index n-word-bytes)) + (handle-endianness (x) + (when big-endian-p + (inst bswap x) + #+x86-64 + (unless 64-bit-p + (inst rol x 32))))) + (unless immediate-offset + (move buffer-index offset)) + (inst mov block-index (- (truncate bytes-to-copy n-word-bytes))) + (emit-label loop) + (inst mov temp (ea-for-buffer 0)) + (when immediate-offset + (inst mov buffer-index (ea-for-buffer n-word-bytes))) + (handle-endianness temp) + (when immediate-offset + (handle-endianness buffer-index)) + (inst mov (ea-for-block) temp) + (when immediate-offset + (inst mov (ea-for-block n-word-bytes) buffer-index)) + (unless immediate-offset + (inst add buffer-index n-word-bytes)) + (inst add block-index unroll) + (inst jmp :nz loop))))) + +(define-vop (fill-block-ub8-le fill-block-ub8) + (:translate ironclad::fill-block-ub8-le) + (:arg-types simple-array-unsigned-byte-32 + simple-array-unsigned-byte-8 + positive-fixnum) + (:variant nil 64 nil)) + +(define-vop (fill-block-ub8-be fill-block-ub8) + (:translate ironclad::fill-block-ub8-be) + (:arg-types simple-array-unsigned-byte-32 + simple-array-unsigned-byte-8 + positive-fixnum) + (:variant t 64 nil)) + +#+x86-64 +(define-vop (fill-block-ub8-le/64 fill-block-ub8) + (:translate ironclad::fill-block-ub8-le/64) + (:arg-types simple-array-unsigned-byte-64 + simple-array-unsigned-byte-8 + positive-fixnum) + ;; Yes. Really. Inconsistent naming FTW. + (:variant nil 64 t)) + +#+x86-64 +(define-vop (fill-block-ub8-be/64 fill-block-ub8) + (:translate ironclad::fill-block-ub8-be/64) + (:arg-types simple-array-unsigned-byte-64 + simple-array-unsigned-byte-8 + positive-fixnum) + (:variant t 128 t)) + +(define-vop (expand-block) + (:translate ironclad::expand-block) + (:policy :fast-safe) + (:args (block :scs (descriptor-reg))) + (:arg-types simple-array-unsigned-byte-32) + (:temporary (:sc unsigned-reg) temp count) + (:generator 100 + (flet ((block-word (elem-offset) + (let ((disp (+ (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag) + (* 4 elem-offset)))) + (dword-ea disp block count 4)))) + (let ((loop (gen-label))) + (inst mov count 16) + (emit-label loop) + (dword-inst mov temp (block-word -3)) + (dword-inst xor temp (block-word -8)) + (dword-inst xor temp (block-word -14)) + (dword-inst xor temp (block-word -16)) + (dword-inst rol temp 1) + (dword-inst mov (block-word 0) temp) + (inst add count 1) + (inst cmp count 79) + (inst jmp :le loop))))) + +(define-vop (sha256-expand-block) + (:translate ironclad::sha256-expand-block) + (:policy :fast-safe) + (:args (block :scs (descriptor-reg))) + (:arg-types simple-array-unsigned-byte-32) + (:temporary (:sc unsigned-reg) t1 t2 t3 t4 count) + (:generator 100 + (flet ((block-word (elem-offset) + (let ((disp (+ (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag) + (* 4 elem-offset)))) + (dword-ea disp block count 4)))) + (let ((loop (gen-label))) + ;; The code could definitely be improved for x86-64 by using + ;; more temporaries, but this version works on both 32- and + ;; 64-bit and eliminates many of the stupidities in the modular + ;; arithmetic version (mostly on 64-bit, but some lameness in + ;; the 32-bit version as well). + (inst mov count 16) + (emit-label loop) + (dword-inst mov t1 (block-word -2)) + ;; sigma1 + (dword-inst mov t2 t1) + (dword-inst rol t2 15) + (dword-inst mov t3 t1) + (dword-inst rol t3 13) + (dword-inst xor t2 t3) + (dword-inst shr t1 10) + (dword-inst xor t1 t2) + (dword-inst mov t2 (block-word -15)) + ;; sigma0 + (dword-inst mov t3 t2) + (dword-inst rol t3 25) + (dword-inst mov t4 t2) + (dword-inst rol t4 14) + (dword-inst xor t3 t4) + (dword-inst shr t2 3) + (dword-inst xor t2 t3) + (dword-inst add t1 (block-word -7)) + (dword-inst add t2 (block-word -16)) + (dword-inst add t1 t2) + (dword-inst mov (block-word 0) t1) + (inst add count 1) + (inst cmp count 63) + (inst jmp :le loop))))) + +;;; Implementing this for x86 would require nasty hacks with +;;; pseudo-atomic. Might just be worth it for the speed increase, +;;; though. The code is also probably not scheduled optimally. +#+x86-64 +(define-vop (update-sha1-block) + (:translate ironclad::%update-sha1-block) + (:policy :fast-safe) + (:args (regs :scs (descriptor-reg) :target result) + (block :scs (descriptor-reg))) + (:arg-types simple-array-unsigned-byte-32 simple-array-unsigned-byte-32) + (:results (result :scs (descriptor-reg))) + (:result-types simple-array-unsigned-byte-32) + (:temporary (:sc unsigned-reg) a b c d e t1 t2) + (:generator 1000 + (let ((k1 #x5a827999) + (k2 #x6ed9eba1) + (k3 #x-70e44324) + (k4 #x-359d3e2a)) + (labels ((block/reg-ea (base index) + (let ((disp (+ (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag) + (* 4 index)))) + (dword-ea disp base))) + (f1 (a b c d e n) + (dword-inst mov t2 a) + (dword-inst mov t1 c) + (dword-inst rol t2 5) + (dword-inst xor t1 d) + (dword-inst add t2 (block/reg-ea block n)) + (dword-inst and t1 b) + (dword-inst xor t1 d) + (dword-inst lea e (ea k1 t1 e)) + (dword-inst rol b 30) + (dword-inst add e t2)) + (f2/4 (a b c d e n k) + (dword-inst mov t2 a) + (dword-inst mov t1 d) + (dword-inst rol t2 5) + (dword-inst xor t1 c) + (dword-inst add t2 (block/reg-ea block n)) + (dword-inst xor t1 b) + (dword-inst lea e (ea k t1 e)) + (dword-inst rol b 30) + (dword-inst add e t2)) + (f2 (a b c d e n) + (f2/4 a b c d e n k2)) + (f4 (a b c d e n) + (f2/4 a b c d e n k4)) + (f3 (a b c d e n) + (dword-inst mov t2 c) + (dword-inst mov t1 c) + (dword-inst and t2 b) + (dword-inst or t1 b) + (dword-inst and t1 d) + (dword-inst or t1 t2) + (dword-inst mov t2 a) + (dword-inst rol t2 5) + (dword-inst add t2 (block/reg-ea block n)) + (dword-inst rol b 30) + (dword-inst lea e (ea k3 t1 e)) + (dword-inst add e t2)) + (sha1-rounds (start end f) + (let ((xvars (ironclad::make-circular-list a b c d e))) + (loop for i from start upto end + for vars on xvars by #'cddddr + do (multiple-value-bind (a b c d e) + (apply #'values (ironclad::circular-list-subseq vars 0 5)) + (funcall f a b c d e i)))))) + (dword-inst mov a (block/reg-ea regs 0)) + (dword-inst mov b (block/reg-ea regs 1)) + (dword-inst mov c (block/reg-ea regs 2)) + (dword-inst mov d (block/reg-ea regs 3)) + (dword-inst mov e (block/reg-ea regs 4)) + (sha1-rounds 0 19 #'f1) + (sha1-rounds 20 39 #'f2) + (sha1-rounds 40 59 #'f3) + (sha1-rounds 60 79 #'f4) + (dword-inst add (block/reg-ea regs 0) a) + (dword-inst add (block/reg-ea regs 1) b) + (dword-inst add (block/reg-ea regs 2) c) + (dword-inst add (block/reg-ea regs 3) d) + (dword-inst add (block/reg-ea regs 4) e) + (move result regs))))) + +#+x86-64 +(define-vop (salsa-core-fast) + (:translate ironclad::x-salsa-core) + (:policy :fast-safe) + (:args (buffer :scs (descriptor-reg)) + (state :scs (descriptor-reg))) + (:info n-rounds) + (:arg-types (:constant (signed-byte 61)) + simple-array-unsigned-byte-8 + simple-array-unsigned-byte-32) + (:temporary (:sc double-reg) x0 x1 x2 x3) + (:temporary (:sc unsigned-reg) r0 r1 r2 r3 temp count) + (:generator 1000 + (labels ((nth-xmm-mem (base i) + (let ((disp (+ (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag) + (* 16 i)))) + (ea disp base))) + (nth-buffer-dword (i) + (let ((disp (+ (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag) + (* 4 i)))) + (dword-ea disp buffer))) + (quarter-round (y0 y1 y2 y3) + ;; x[y0] = XOR(x[y0],ROTATE(PLUS(x[y3],x[y2]), 7)); + ;; x[y1] = XOR(x[y1],ROTATE(PLUS(x[y0],x[y3]), 9)); + ;; x[y2] = XOR(x[y2],ROTATE(PLUS(x[y1],x[y0]),13)); + ;; x[y3] = XOR(x[y3],ROTATE(PLUS(x[y2],x[y1]),18)); + (dword-inst mov r2 (nth-buffer-dword y2)) + (dword-inst mov r3 (nth-buffer-dword y3)) + + (dword-inst lea r0 (ea 0 r3 r2)) + (dword-inst rol r0 7) + (dword-inst xor r0 (nth-buffer-dword y0)) + + (dword-inst lea r1 (ea 0 r0 r3)) + (dword-inst rol r1 9) + (dword-inst xor r1 (nth-buffer-dword y1)) + + (dword-inst lea temp (ea 0 r1 r0)) + (dword-inst rol temp 13) + (dword-inst xor r2 temp) + + (dword-inst lea temp (ea 0 r2 r1)) + (dword-inst rol temp 18) + (dword-inst xor r3 temp) + + (dword-inst mov (nth-buffer-dword y0) r0) + (dword-inst mov (nth-buffer-dword y1) r1) + (dword-inst mov (nth-buffer-dword y2) r2) + (dword-inst mov (nth-buffer-dword y3) r3))) + ;; copy state to the output buffer + (inst movdqu x0 (nth-xmm-mem state 0)) + (inst movdqu x1 (nth-xmm-mem state 1)) + (inst movdqu x2 (nth-xmm-mem state 2)) + (inst movdqu x3 (nth-xmm-mem state 3)) + (inst movdqu (nth-xmm-mem buffer 0) x0) + (inst movdqu (nth-xmm-mem buffer 1) x1) + (inst movdqu (nth-xmm-mem buffer 2) x2) + (inst movdqu (nth-xmm-mem buffer 3) x3) + + (let ((repeat (gen-label))) + (inst mov count n-rounds) + (emit-label repeat) + (quarter-round 4 8 12 0) + (quarter-round 9 13 1 5) + (quarter-round 14 2 6 10) + (quarter-round 3 7 11 15) + + (quarter-round 1 2 3 0) + (quarter-round 6 7 4 5) + (quarter-round 11 8 9 10) + (quarter-round 12 13 14 15) + (inst sub count 1) + (inst jmp :nz repeat)) + + (inst paddd x0 (nth-xmm-mem buffer 0)) + (inst paddd x1 (nth-xmm-mem buffer 1)) + (inst paddd x2 (nth-xmm-mem buffer 2)) + (inst paddd x3 (nth-xmm-mem buffer 3)) + (inst movdqu (nth-xmm-mem buffer 0) x0) + (inst movdqu (nth-xmm-mem buffer 1) x1) + (inst movdqu (nth-xmm-mem buffer 2) x2) + (inst movdqu (nth-xmm-mem buffer 3) x3)))) + +#+x86-64 +(define-vop (chacha-core-fast) + (:translate ironclad::x-chacha-core) + (:policy :fast-safe) + (:args (buffer :scs (descriptor-reg)) + (state :scs (descriptor-reg))) + (:info n-rounds) + (:arg-types (:constant (signed-byte 61)) + simple-array-unsigned-byte-8 + simple-array-unsigned-byte-32) + (:temporary (:sc double-reg) x0 x1 x2 x3 y0 y1 y2 y3 t0) + (:temporary (:sc unsigned-reg) count) + (:generator 1000 + (flet ((nth-xmm-mem (base i) + (let ((disp (+ (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag) + (* 16 i)))) + (ea disp base))) + (chacha-round () + (inst paddd y0 y1) + (inst pxor y3 y0) + (inst movdqa t0 y3) + (inst pslld-imm y3 16) + (inst psrld-imm t0 16) + (inst por y3 t0) + + (inst paddd y2 y3) + (inst pxor y1 y2) + (inst movdqa t0 y1) + (inst pslld-imm y1 12) + (inst psrld-imm t0 20) + (inst por y1 t0) + + (inst paddd y0 y1) + (inst pxor y3 y0) + (inst movdqa t0 y3) + (inst pslld-imm y3 8) + (inst psrld-imm t0 24) + (inst por y3 t0) + + (inst paddd y2 y3) + (inst pxor y1 y2) + (inst movdqa t0 y1) + (inst pslld-imm y1 7) + (inst psrld-imm t0 25) + (inst por y1 t0))) + (inst movdqu x0 (nth-xmm-mem state 0)) + (inst movdqu x1 (nth-xmm-mem state 1)) + (inst movdqu x2 (nth-xmm-mem state 2)) + (inst movdqu x3 (nth-xmm-mem state 3)) + (inst movdqa y0 x0) + (inst movdqa y1 x1) + (inst movdqa y2 x2) + (inst movdqa y3 x3) + + (let ((repeat (gen-label))) + (inst mov count n-rounds) + (emit-label repeat) + + (chacha-round) + (inst pshufd y1 y1 #b00111001) + (inst pshufd y2 y2 #b01001110) + (inst pshufd y3 y3 #b10010011) + + (chacha-round) + (inst pshufd y1 y1 #b10010011) + (inst pshufd y2 y2 #b01001110) + (inst pshufd y3 y3 #b00111001) + + (inst sub count 1) + (inst jmp :nz repeat)) + + (inst paddd x0 y0) + (inst paddd x1 y1) + (inst paddd x2 y2) + (inst paddd x3 y3) + (inst movdqu (nth-xmm-mem buffer 0) x0) + (inst movdqu (nth-xmm-mem buffer 1) x1) + (inst movdqu (nth-xmm-mem buffer 2) x2) + (inst movdqu (nth-xmm-mem buffer 3) x3)))) + +#+x86-64 +(define-vop (pclmulqdq-support-p) + (:translate ironclad::pclmulqdq-support-p) + (:policy :fast-safe) + (:conditional :c) + (:temporary (:sc unsigned-reg :offset rax-offset) eax) + (:temporary (:sc unsigned-reg :offset rcx-offset) ecx) + (:generator 10 + (inst mov eax 1) + (inst cpuid) + (inst bt ecx 1))) + +#+x86-64 +(define-vop (aes-ni-support-p) + (:translate ironclad::aes-ni-support-p) + (:policy :fast-safe) + (:conditional :c) + (:temporary (:sc unsigned-reg :offset rax-offset) eax) + (:temporary (:sc unsigned-reg :offset rcx-offset) ecx) + (:generator 10 + (inst mov eax 1) + (inst cpuid) + (inst bt ecx 25))) + +#+x86-64 +(define-vop (aes-ni-generate-round-keys) + (:translate ironclad::aes-ni-generate-round-keys) + (:policy :fast-safe) + (:args (key :scs (descriptor-reg)) + (key-length :scs (unsigned-reg)) + (encryption-keys :scs (descriptor-reg)) + (decryption-keys :scs (descriptor-reg))) + (:arg-types simple-array-unsigned-byte-8 + unsigned-num + simple-array-unsigned-byte-32 + simple-array-unsigned-byte-32) + (:temporary (:sc double-reg) x0 x1 x2 x3 x4 x5 x6) + (:generator 1000 + (labels ((buffer-mem (base i) + (let ((disp (+ (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag) + (* 16 i)))) + (ea disp base))) + (expand-key-128 () + (inst pshufd x1 x1 #b11111111) + (inst shufps x2 x0 #b00010000) + (inst pxor x0 x2) + (inst shufps x2 x0 #b10001100) + (inst pxor x0 x2) + (inst pxor x0 x1)) + (expand-key-192a () + (inst pshufd x1 x1 #b01010101) + (inst shufps x2 x0 #b00010000) + (inst pxor x0 x2) + (inst shufps x2 x0 #b10001100) + (inst pxor x0 x2) + (inst pxor x0 x1) + (inst movdqa x4 x3) + (inst movdqa x5 x3) + (inst pslldq x4 4) + (inst pshufd x6 x0 #b11111111) + (inst pxor x3 x6) + (inst pxor x3 x4) + (inst movdqa x1 x0) + (inst shufps x5 x0 #b01000100) + (inst shufps x1 x3 #b01001110)) + (expand-key-192b () + (inst pshufd x1 x1 #b01010101) + (inst shufps x2 x0 #b00010000) + (inst pxor x0 x2) + (inst shufps x2 x0 #b10001100) + (inst pxor x0 x2) + (inst pxor x0 x1) + (inst movdqa x4 x3) + (inst pslldq x4 4) + (inst pshufd x5 x0 #b11111111) + (inst pxor x3 x5) + (inst pxor x3 x4)) + (expand-key-256a () + (expand-key-128)) + (expand-key-256b () + (inst pshufd x1 x1 #b10101010) + (inst shufps x2 x3 #b00010000) + (inst pxor x3 x2) + (inst shufps x2 x3 #b10001100) + (inst pxor x3 x2) + (inst pxor x3 x1))) + (let ((key-192 (gen-label)) + (key-128 (gen-label)) + (end (gen-label))) + (inst pxor x2 x2) + (inst movdqu x0 (buffer-mem key 0)) + (inst cmp key-length 24) + (inst jmp :b key-128) + (inst jmp :z key-192) + + (inst movdqu x3 (buffer-mem key 1)) + (inst movdqu (buffer-mem encryption-keys 0) x0) + (inst movdqu (buffer-mem decryption-keys 14) x0) + (inst movdqu (buffer-mem encryption-keys 1) x3) + (inst aesimc x6 x3) + (inst movdqu (buffer-mem decryption-keys 13) x6) + (inst aeskeygenassist x1 x3 1) + (expand-key-256a) + (inst movdqu (buffer-mem encryption-keys 2) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 12) x6) + (inst aeskeygenassist x1 x0 1) + (expand-key-256b) + (inst movdqu (buffer-mem encryption-keys 3) x3) + (inst aesimc x6 x3) + (inst movdqu (buffer-mem decryption-keys 11) x6) + (inst aeskeygenassist x1 x3 2) + (expand-key-256a) + (inst movdqu (buffer-mem encryption-keys 4) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 10) x6) + (inst aeskeygenassist x1 x0 2) + (expand-key-256b) + (inst movdqu (buffer-mem encryption-keys 5) x3) + (inst aesimc x6 x3) + (inst movdqu (buffer-mem decryption-keys 9) x6) + (inst aeskeygenassist x1 x3 4) + (expand-key-256a) + (inst movdqu (buffer-mem encryption-keys 6) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 8) x6) + (inst aeskeygenassist x1 x0 4) + (expand-key-256b) + (inst movdqu (buffer-mem encryption-keys 7) x3) + (inst aesimc x6 x3) + (inst movdqu (buffer-mem decryption-keys 7) x6) + (inst aeskeygenassist x1 x3 8) + (expand-key-256a) + (inst movdqu (buffer-mem encryption-keys 8) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 6) x6) + (inst aeskeygenassist x1 x0 8) + (expand-key-256b) + (inst movdqu (buffer-mem encryption-keys 9) x3) + (inst aesimc x6 x3) + (inst movdqu (buffer-mem decryption-keys 5) x6) + (inst aeskeygenassist x1 x3 16) + (expand-key-256a) + (inst movdqu (buffer-mem encryption-keys 10) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 4) x6) + (inst aeskeygenassist x1 x0 16) + (expand-key-256b) + (inst movdqu (buffer-mem encryption-keys 11) x3) + (inst aesimc x6 x3) + (inst movdqu (buffer-mem decryption-keys 3) x6) + (inst aeskeygenassist x1 x3 32) + (expand-key-256a) + (inst movdqu (buffer-mem encryption-keys 12) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 2) x6) + (inst aeskeygenassist x1 x0 32) + (expand-key-256b) + (inst movdqu (buffer-mem encryption-keys 13) x3) + (inst aesimc x6 x3) + (inst movdqu (buffer-mem decryption-keys 1) x6) + (inst aeskeygenassist x1 x3 64) + (expand-key-256a) + (inst movdqu (buffer-mem encryption-keys 14) x0) + (inst movdqu (buffer-mem decryption-keys 0) x0) + (inst jmp end) + + (emit-label key-192) + (inst movdqu x3 (buffer-mem key 1)) + (inst movdqu (buffer-mem encryption-keys 0) x0) + (inst movdqu (buffer-mem decryption-keys 12) x0) + (inst aeskeygenassist x1 x3 1) + (expand-key-192a) + (inst movdqu (buffer-mem encryption-keys 1) x5) + (inst aesimc x6 x5) + (inst movdqu (buffer-mem decryption-keys 11) x6) + (inst movdqu (buffer-mem encryption-keys 2) x1) + (inst aesimc x6 x1) + (inst movdqu (buffer-mem decryption-keys 10) x6) + (inst aeskeygenassist x1 x3 2) + (expand-key-192b) + (inst movdqu (buffer-mem encryption-keys 3) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 9) x6) + (inst aeskeygenassist x1 x3 4) + (expand-key-192a) + (inst movdqu (buffer-mem encryption-keys 4) x5) + (inst aesimc x6 x5) + (inst movdqu (buffer-mem decryption-keys 8) x6) + (inst movdqu (buffer-mem encryption-keys 5) x1) + (inst aesimc x6 x1) + (inst movdqu (buffer-mem decryption-keys 7) x6) + (inst aeskeygenassist x1 x3 8) + (expand-key-192b) + (inst movdqu (buffer-mem encryption-keys 6) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 6) x6) + (inst aeskeygenassist x1 x3 16) + (expand-key-192a) + (inst movdqu (buffer-mem encryption-keys 7) x5) + (inst aesimc x6 x5) + (inst movdqu (buffer-mem decryption-keys 5) x6) + (inst movdqu (buffer-mem encryption-keys 8) x1) + (inst aesimc x6 x1) + (inst movdqu (buffer-mem decryption-keys 4) x6) + (inst aeskeygenassist x1 x3 32) + (expand-key-192b) + (inst movdqu (buffer-mem encryption-keys 9) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 3) x6) + (inst aeskeygenassist x1 x3 64) + (expand-key-192a) + (inst movdqu (buffer-mem encryption-keys 10) x5) + (inst aesimc x6 x5) + (inst movdqu (buffer-mem decryption-keys 2) x6) + (inst movdqu (buffer-mem encryption-keys 11) x1) + (inst aesimc x6 x1) + (inst movdqu (buffer-mem decryption-keys 1) x6) + (inst aeskeygenassist x1 x3 128) + (expand-key-192b) + (inst movdqu (buffer-mem encryption-keys 12) x0) + (inst movdqu (buffer-mem decryption-keys 0) x0) + (inst jmp end) + + (emit-label key-128) + (inst movdqu (buffer-mem encryption-keys 0) x0) + (inst movdqu (buffer-mem decryption-keys 10) x0) + (inst aeskeygenassist x1 x0 1) + (expand-key-128) + (inst movdqu (buffer-mem encryption-keys 1) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 9) x6) + (inst aeskeygenassist x1 x0 2) + (expand-key-128) + (inst movdqu (buffer-mem encryption-keys 2) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 8) x6) + (inst aeskeygenassist x1 x0 4) + (expand-key-128) + (inst movdqu (buffer-mem encryption-keys 3) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 7) x6) + (inst aeskeygenassist x1 x0 8) + (expand-key-128) + (inst movdqu (buffer-mem encryption-keys 4) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 6) x6) + (inst aeskeygenassist x1 x0 16) + (expand-key-128) + (inst movdqu (buffer-mem encryption-keys 5) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 5) x6) + (inst aeskeygenassist x1 x0 32) + (expand-key-128) + (inst movdqu (buffer-mem encryption-keys 6) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 4) x6) + (inst aeskeygenassist x1 x0 64) + (expand-key-128) + (inst movdqu (buffer-mem encryption-keys 7) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 3) x6) + (inst aeskeygenassist x1 x0 128) + (expand-key-128) + (inst movdqu (buffer-mem encryption-keys 8) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 2) x6) + (inst aeskeygenassist x1 x0 27) + (expand-key-128) + (inst movdqu (buffer-mem encryption-keys 9) x0) + (inst aesimc x6 x0) + (inst movdqu (buffer-mem decryption-keys 1) x6) + (inst aeskeygenassist x1 x0 54) + (expand-key-128) + (inst movdqu (buffer-mem encryption-keys 10) x0) + (inst movdqu (buffer-mem decryption-keys 0) x0) + (emit-label end))))) + +#+x86-64 +(define-vop (aes-ni-encrypt) + (:translate ironclad::aes-ni-encrypt) + (:policy :fast-safe) + (:args (plaintext :scs (descriptor-reg)) + (plaintext-start :scs (unsigned-reg)) + (ciphertext :scs (descriptor-reg)) + (ciphertext-start :scs (unsigned-reg)) + (round-keys :scs (descriptor-reg)) + (n-rounds :scs (unsigned-reg))) + (:arg-types simple-array-unsigned-byte-8 + unsigned-num + simple-array-unsigned-byte-8 + unsigned-num + simple-array-unsigned-byte-32 + unsigned-num) + (:temporary (:sc double-reg) x0 x1) + (:generator 1000 + (flet ((buffer-mem (base offset) + (let ((disp (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag))) + (ea disp base offset))) + (round-key (i) + (let ((disp (+ (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag) + (* 16 i)))) + (ea disp round-keys)))) + (let ((last-round (gen-label))) + (inst movdqu x0 (buffer-mem plaintext plaintext-start)) + (inst movdqu x1 (round-key 0)) + (inst pxor x0 x1) + (inst movdqu x1 (round-key 1)) + (inst aesenc x0 x1) + (inst movdqu x1 (round-key 2)) + (inst aesenc x0 x1) + (inst movdqu x1 (round-key 3)) + (inst aesenc x0 x1) + (inst movdqu x1 (round-key 4)) + (inst aesenc x0 x1) + (inst movdqu x1 (round-key 5)) + (inst aesenc x0 x1) + (inst movdqu x1 (round-key 6)) + (inst aesenc x0 x1) + (inst movdqu x1 (round-key 7)) + (inst aesenc x0 x1) + (inst movdqu x1 (round-key 8)) + (inst aesenc x0 x1) + (inst movdqu x1 (round-key 9)) + (inst aesenc x0 x1) + (inst movdqu x1 (round-key 10)) + (inst cmp n-rounds 10) + (inst jmp :z last-round) + (inst aesenc x0 x1) + (inst movdqu x1 (round-key 11)) + (inst aesenc x0 x1) + (inst movdqu x1 (round-key 12)) + (inst cmp n-rounds 12) + (inst jmp :z last-round) + (inst aesenc x0 x1) + (inst movdqu x1 (round-key 13)) + (inst aesenc x0 x1) + (inst movdqu x1 (round-key 14)) + (emit-label last-round) + (inst aesenclast x0 x1) + (inst movdqu (buffer-mem ciphertext ciphertext-start) x0))))) + +#+x86-64 +(define-vop (aes-ni-decrypt) + (:translate ironclad::aes-ni-decrypt) + (:policy :fast-safe) + (:args (ciphertext :scs (descriptor-reg)) + (ciphertext-start :scs (unsigned-reg)) + (plaintext :scs (descriptor-reg)) + (plaintext-start :scs (unsigned-reg)) + (round-keys :scs (descriptor-reg)) + (n-rounds :scs (unsigned-reg))) + (:arg-types simple-array-unsigned-byte-8 + unsigned-num + simple-array-unsigned-byte-8 + unsigned-num + simple-array-unsigned-byte-32 + unsigned-num) + (:temporary (:sc double-reg) x0 x1) + (:generator 1000 + (flet ((buffer-mem (base offset) + (let ((disp (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag))) + (ea disp base offset))) + (round-key (i) + (let ((disp (+ (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag) + (* 16 i)))) + (ea disp round-keys)))) + (let ((last-round (gen-label))) + (inst movdqu x0 (buffer-mem ciphertext ciphertext-start)) + (inst movdqu x1 (round-key 0)) + (inst pxor x0 x1) + (inst movdqu x1 (round-key 1)) + (inst aesdec x0 x1) + (inst movdqu x1 (round-key 2)) + (inst aesdec x0 x1) + (inst movdqu x1 (round-key 3)) + (inst aesdec x0 x1) + (inst movdqu x1 (round-key 4)) + (inst aesdec x0 x1) + (inst movdqu x1 (round-key 5)) + (inst aesdec x0 x1) + (inst movdqu x1 (round-key 6)) + (inst aesdec x0 x1) + (inst movdqu x1 (round-key 7)) + (inst aesdec x0 x1) + (inst movdqu x1 (round-key 8)) + (inst aesdec x0 x1) + (inst movdqu x1 (round-key 9)) + (inst aesdec x0 x1) + (inst movdqu x1 (round-key 10)) + (inst cmp n-rounds 10) + (inst jmp :z last-round) + (inst aesdec x0 x1) + (inst movdqu x1 (round-key 11)) + (inst aesdec x0 x1) + (inst movdqu x1 (round-key 12)) + (inst cmp n-rounds 12) + (inst jmp :z last-round) + (inst aesdec x0 x1) + (inst movdqu x1 (round-key 13)) + (inst aesdec x0 x1) + (inst movdqu x1 (round-key 14)) + (emit-label last-round) + (inst aesdeclast x0 x1) + (inst movdqu (buffer-mem plaintext plaintext-start) x0))))) + +#+x86-64 +(define-vop (fast-blake2s-mixing) + (:translate ironclad::fast-blake2s-mixing) + (:policy :fast-safe) + (:args (va :scs (unsigned-reg) :target ra) + (vb :scs (unsigned-reg) :target rb) + (vc :scs (unsigned-reg) :target rc) + (vd :scs (unsigned-reg) :target rd) + (x :scs (unsigned-reg)) + (y :scs (unsigned-reg))) + (:arg-types unsigned-num + unsigned-num + unsigned-num + unsigned-num + unsigned-num + unsigned-num) + (:results (ra :scs (unsigned-reg) :from (:argument 0)) + (rb :scs (unsigned-reg) :from (:argument 1)) + (rc :scs (unsigned-reg) :from (:argument 2)) + (rd :scs (unsigned-reg) :from (:argument 3))) + (:result-types unsigned-num + unsigned-num + unsigned-num + unsigned-num) + (:generator 1000 + (move ra va) + (move rb vb) + (move rc vc) + (move rd vd) + (dword-inst add ra rb) + (dword-inst add ra x) + (dword-inst xor rd ra) + (dword-inst ror rd 16) + (dword-inst add rc rd) + (dword-inst xor rb rc) + (dword-inst ror rb 12) + (dword-inst add ra rb) + (dword-inst add ra y) + (dword-inst xor rd ra) + (dword-inst ror rd 8) + (dword-inst add rc rd) + (dword-inst xor rb rc) + (dword-inst ror rb 7))) + +#+x86-64 +(define-vop (gmac-mul-fast) + (:translate ironclad::gmac-mul-fast) + (:policy :fast-safe) + (:args (accumulator :scs (descriptor-reg)) + (key :scs (descriptor-reg))) + (:arg-types simple-array-unsigned-byte-8 + simple-array-unsigned-byte-8) + (:temporary (:sc double-reg) x0 x1 x2 x3 x4 x5 x6 x7 x8 x9) + (:generator 1000 + (flet ((buffer-mem (base) + (let ((disp (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag))) + (ea disp base)))) + (inst movdqu x0 (buffer-mem accumulator)) + (inst movdqu x1 (buffer-mem key)) + (inst movdqa x3 x0) + (inst pclmulqdq x3 x1 0) + (inst movdqa x4 x0) + (inst pclmulqdq x4 x1 16) + (inst movdqa x5 x0) + (inst pclmulqdq x5 x1 1) + (inst movdqa x6 x0) + (inst pclmulqdq x6 x1 17) + (inst pxor x4 x5) + (inst movdqa x5 x4) + (inst psrldq x4 8) + (inst pslldq x5 8) + (inst pxor x3 x5) + (inst pxor x6 x4) + (inst movdqa x7 x3) + (inst movdqa x8 x6) + (inst pslld-imm x3 1) + (inst pslld-imm x6 1) + (inst psrld-imm x7 31) + (inst psrld-imm x8 31) + (inst movdqa x9 x7) + (inst pslldq x8 4) + (inst pslldq x7 4) + (inst psrldq x9 12) + (inst por x3 x7) + (inst por x6 x8) + (inst por x6 x9) + (inst movdqa x7 x3) + (inst movdqa x8 x3) + (inst movdqa x9 x3) + (inst pslld-imm x7 31) + (inst pslld-imm x8 30) + (inst pslld-imm x9 25) + (inst pxor x7 x8) + (inst pxor x7 x9) + (inst movdqa x8 x7) + (inst pslldq x7 12) + (inst psrldq x8 4) + (inst pxor x3 x7) + (inst movdqa x2 x3) + (inst movdqa x4 x3) + (inst movdqa x5 x3) + (inst psrld-imm x2 1) + (inst psrld-imm x4 2) + (inst psrld-imm x5 7) + (inst pxor x2 x4) + (inst pxor x2 x5) + (inst pxor x2 x8) + (inst pxor x3 x2) + (inst pxor x6 x3) + (inst movdqu (buffer-mem accumulator) x6)))) + +#+x86-64 +(define-vop (xor128) + (:translate ironclad::xor128) + (:policy :fast-safe) + (:args (in1 :scs (descriptor-reg)) + (start-in1 :scs (unsigned-reg)) + (in2 :scs (descriptor-reg)) + (start-in2 :scs (unsigned-reg)) + (out :scs (descriptor-reg)) + (start-out :scs (unsigned-reg))) + (:arg-types simple-array-unsigned-byte-8 + positive-fixnum + simple-array-unsigned-byte-8 + positive-fixnum + simple-array-unsigned-byte-8 + positive-fixnum) + (:temporary (:sc double-reg) x0 x1) + (:generator 1000 + (flet ((buffer-mem (base offset) + (let ((disp (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag))) + (ea disp base offset)))) + (inst movdqu x0 (buffer-mem in1 start-in1)) + (inst movdqu x1 (buffer-mem in2 start-in2)) + (inst pxor x0 x1) + (inst movdqu (buffer-mem out start-out) x0)))) + +#+x86-64 +(define-vop (mov128) + (:translate ironclad::mov128) + (:policy :fast-safe) + (:args (in :scs (descriptor-reg)) + (start-in :scs (unsigned-reg)) + (out :scs (descriptor-reg)) + (start-out :scs (unsigned-reg))) + (:arg-types simple-array-unsigned-byte-8 + positive-fixnum + simple-array-unsigned-byte-8 + positive-fixnum) + (:temporary (:sc double-reg) x0) + (:generator 1000 + (flet ((buffer-mem (base offset) + (let ((disp (- (* n-word-bytes vector-data-offset) + other-pointer-lowtag))) + (ea disp base offset)))) + (inst movdqu x0 (buffer-mem in start-in)) + (inst movdqu (buffer-mem out start-out) x0)))) + +(define-vop (inc-counter-block) + (:translate ironclad::inc-counter-block) + (:policy :fast-safe) + (:args (size :scs (unsigned-reg) :target idx) + (counter :scs (descriptor-reg))) + (:arg-types positive-fixnum + simple-array-unsigned-byte-8) + (:temporary (:sc unsigned-reg) idx) + (:generator 1000 + (let ((start (gen-label)) + (end (gen-label))) + (move idx size) + (inst stc) + (emit-label start) + #.(let ((disp '(- (* n-word-bytes vector-data-offset) + other-pointer-lowtag 1))) + (if (and (member :x86-64 *features*) (fboundp 'sb-vm::ea)) + `(inst adc :byte (ea ,disp counter idx) 0) + `(inst adc (sb-vm::make-ea :byte :base counter :index idx :disp ,disp) 0))) + (inst jmp :nc end) + (inst dec idx) + (inst jmp :nz start) + (emit-label end)))) +) ; PROGN diff -Nru cl-ironclad-0.43/src/package.lisp cl-ironclad-0.45/src/package.lisp --- cl-ironclad-0.43/src/package.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/package.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -54,7 +54,7 @@ #:make-authenticated-encryption-mode #:process-associated-data #:produce-tag - #:gcm #:etm + #:gcm #:etm #:eax ;; KDFs #:pbkdf1 #:pbkdf2 #:scrypt-kdf #:argon2i @@ -153,15 +153,19 @@ #:blake2 #:blake2/384 #:blake2/256 #:blake2/160 #:blake2s #:blake2s/224 #:blake2s/160 #:blake2s/128 #:jh #:jh/384 #:jh/256 #:jh/224 - #:streebog #:streebog/256) + #:streebog #:streebog/256 + #:kupyna #:kupyna/256 + #:sm3) ;; supported macs (:export #:blake2-mac #:blake2s-mac #:cmac #:hmac #:poly1305 #:skein-mac - #:gmac) + #:gmac #:siphash) ;; supported block ciphers (:export #:blowfish #:tea #:xtea #:square #:rc2 #:rc5 #:rc6 #:des #:3des #:aes #:twofish #:cast5 #:idea #:misty1 #:xor #:threefish256 #:threefish512 #:threefish1024 - #:serpent #:camellia #:seed #:aria #:kuznyechik) + #:serpent #:camellia #:seed #:aria #:kuznyechik + #:kalyna128 #:kalyna256 #:kalyna512 + #:sm4) ;; supported stream ciphers (:export #:arcfour #:salsa20 #:salsa20/12 #:salsa20/8 @@ -224,3 +228,6 @@ (dolist (f (ironclad-implementation-features)) (pushnew f *features*)) + +;; Enable assembly optimizations +(pushnew :ironclad-assembly *features*) diff -Nru cl-ironclad-0.43/src/prng/os-prng.lisp cl-ironclad-0.45/src/prng/os-prng.lisp --- cl-ironclad-0.43/src/prng/os-prng.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/prng/os-prng.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -37,3 +37,4 @@ (make-instance 'os-prng)) (setf *prng* (make-prng :os)) +#+thread-support(pushnew '(*prng* . (make-prng :os)) bt:*default-special-bindings* :test #'equal) diff -Nru cl-ironclad-0.43/src/sbcl-opt/cpu-features.lisp cl-ironclad-0.45/src/sbcl-opt/cpu-features.lisp --- cl-ironclad-0.43/src/sbcl-opt/cpu-features.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/sbcl-opt/cpu-features.lisp 1970-01-01 00:00:00.000000000 +0000 @@ -1,19 +0,0 @@ -;;;; -*- mode: lisp; indent-tabs-mode: nil -*- - -(in-package :crypto) - -;;; Check what features are supported by the CPU - -#+(and sbcl x86-64) -(eval-when (:compile-toplevel :load-toplevel :execute) - (defun aes-ni-support-p () - (aes-ni-support-p)) - (compile 'aes-ni-support-p) - (when (aes-ni-support-p) - (pushnew :aes-ni *features*)) - - (defun pclmulqdq-support-p () - (pclmulqdq-support-p)) - (compile 'pclmulqdq-support-p) - (when (pclmulqdq-support-p) - (pushnew :pclmulqdq *features*))) diff -Nru cl-ironclad-0.43/src/sbcl-opt/fndb.lisp cl-ironclad-0.45/src/sbcl-opt/fndb.lisp --- cl-ironclad-0.43/src/sbcl-opt/fndb.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/sbcl-opt/fndb.lisp 1970-01-01 00:00:00.000000000 +0000 @@ -1,155 +0,0 @@ -;;;; -*- mode: lisp; indent-tabs-mode: nil -*- -#+sbcl -(in-package :sb-c) - -#+sbcl (progn - -(defknown (ironclad::fill-block-ub8-le ironclad::fill-block-ub8-be) - ((simple-array (unsigned-byte 32) (*)) - (simple-array (unsigned-byte 8) (*)) - (integer 0 #.(- array-dimension-limit 64))) (values) - (any) :overwrite-fndb-silently t) - -#+x86-64 -(defknown ironclad::fill-block-ub8-le/64 - ((simple-array (unsigned-byte 64) (*)) - (simple-array (unsigned-byte 8) (*)) - (integer 0 #.(- array-dimension-limit 64))) (values) - (any) :overwrite-fndb-silently t) - -#+x86-64 -(defknown ironclad::fill-block-ub8-be/64 - ((simple-array (unsigned-byte 64) (*)) - (simple-array (unsigned-byte 8) (*)) - (integer 0 #.(- array-dimension-limit 128))) (values) - (any) :overwrite-fndb-silently t) - -(defknown ironclad::expand-block - ((simple-array (unsigned-byte 32) (*))) - (values) - (any) :overwrite-fndb-silently t) - -(defknown ironclad::%update-sha1-block - ((simple-array (unsigned-byte 32) (*)) (simple-array (unsigned-byte 32) (*))) - (simple-array (unsigned-byte 32) (*)) - (any) :overwrite-fndb-silently t) - -(defknown ironclad::sha256-expand-block - ((simple-array (unsigned-byte 32) (*))) - (values) - (any) :overwrite-fndb-silently t) - -#+x86-64 -(defknown ironclad::x-salsa-core - ((signed-byte 61) (simple-array (unsigned-byte 8) (*)) - (simple-array (unsigned-byte 32) (*))) - (values) - (any) :overwrite-fndb-silently t) - -#+x86-64 -(defknown ironclad::x-chacha-core - ((signed-byte 61) (simple-array (unsigned-byte 8) (*)) - (simple-array (unsigned-byte 32) (*))) - (values) - (any) :overwrite-fndb-silently t) - -#+x86-64 -(defknown ironclad::pclmulqdq-support-p - () - (boolean) - (any) - :overwrite-fndb-silently t) - -#+x86-64 -(defknown ironclad::aes-ni-support-p - () - (boolean) - (any) - :overwrite-fndb-silently t) - -#+x86-64 -(defknown ironclad::aes-ni-generate-round-keys - ((simple-array (unsigned-byte 8) (*)) - (unsigned-byte 64) - (simple-array (unsigned-byte 32) (*)) - (simple-array (unsigned-byte 32) (*))) - (values) - (any) - :overwrite-fndb-silently t) - -#+x86-64 -(defknown ironclad::aes-ni-encrypt - ((simple-array (unsigned-byte 8) (*)) - (unsigned-byte 64) - (simple-array (unsigned-byte 8) (*)) - (unsigned-byte 64) - (simple-array (unsigned-byte 32) (*)) - (integer 0 14)) - (values) - (any) - :overwrite-fndb-silently t) - -#+x86-64 -(defknown ironclad::aes-ni-decrypt - ((simple-array (unsigned-byte 8) (*)) - (unsigned-byte 64) - (simple-array (unsigned-byte 8) (*)) - (unsigned-byte 64) - (simple-array (unsigned-byte 32) (*)) - (integer 0 14)) - (values) - (any) - :overwrite-fndb-silently t) - -#+x86-64 -(defknown ironclad::fast-blake2s-mixing - ((unsigned-byte 32) - (unsigned-byte 32) - (unsigned-byte 32) - (unsigned-byte 32) - (unsigned-byte 32) - (unsigned-byte 32)) - (values (unsigned-byte 32) - (unsigned-byte 32) - (unsigned-byte 32) - (unsigned-byte 32)) - (any) - :overwrite-fndb-silently t) - -#+x86-64 -(defknown ironclad::gmac-mul-fast - ((simple-array (unsigned-byte 8) (*)) - (simple-array (unsigned-byte 8) (*))) - (values) - (any) - :overwrite-fndb-silently t) - -#+x86-64 -(defknown ironclad::xor128 - ((simple-array (unsigned-byte 8) (*)) - (integer 0 #.array-dimension-limit) - (simple-array (unsigned-byte 8) (*)) - (integer 0 #.array-dimension-limit) - (simple-array (unsigned-byte 8) (*)) - (integer 0 #.array-dimension-limit)) - (values) - (any) - :overwrite-fndb-silently t) - -#+x86-64 -(defknown ironclad::mov128 - ((simple-array (unsigned-byte 8) (*)) - (integer 0 #.array-dimension-limit) - (simple-array (unsigned-byte 8) (*)) - (integer 0 #.array-dimension-limit)) - (values) - (any) - :overwrite-fndb-silently t) - -(defknown ironclad::inc-counter-block - ((integer 0 #.most-positive-fixnum) - (simple-array (unsigned-byte 8) (*))) - (values) - (any) - :overwrite-fndb-silently t) -);#+sbcl diff -Nru cl-ironclad-0.43/src/sbcl-opt/x86oid-vm.lisp cl-ironclad-0.45/src/sbcl-opt/x86oid-vm.lisp --- cl-ironclad-0.43/src/sbcl-opt/x86oid-vm.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/src/sbcl-opt/x86oid-vm.lisp 1970-01-01 00:00:00.000000000 +0000 @@ -1,1055 +0,0 @@ -;;;; -*- mode: lisp; indent-tabs-mode: nil -*- -#+(and sbcl (or x86 x86-64)) -(defpackage :ironclad-vm - ;; more recent SBCL exports various symbols making this package - ;; definition more concise. This is the backward-compatible way. - (:use #:common-lisp - #:sb-c ; for DEFINE-VOP and SC-IS - #:sb-assem ; for INST, GEN-LABEL - #:sb-vm) ; for primtype names, SCs, constants - (:shadow #:ea) ; in case SB-VM exports it - (:import-from #:sb-vm - #:positive-fixnum #:unsigned-num - #:descriptor-reg #:unsigned-reg #:double-reg #:immediate - #:simple-array-unsigned-byte-8 - #:simple-array-unsigned-byte-32 - #+x86-64 #:simple-array-unsigned-byte-64 - #+x86-64 #:rax-offset #+x86-64 #:rcx-offset)) - -#+(and sbcl (or x86 x86-64)) -(in-package :ironclad-vm) - -#+(and sbcl x86) -(eval-when (:compile-toplevel :load-toplevel :execute) - (defun ea (displacement &optional base index (scale 1)) - (sb-vm::make-ea :dword - :base base - :index index - :scale scale - :disp (or displacement 0))) - (setf (fdefinition 'dword-ea) (fdefinition 'ea)) - (defmacro dword-inst (name &rest operands) - `(inst ,name ,@operands))) - -#+(and sbcl x86-64) -(eval-when (:compile-toplevel :load-toplevel :execute) - (if (fboundp 'sb-vm::ea) - (progn ; Newer SBCL (>= 1.4.11) - (setf (fdefinition 'ea) (fdefinition 'sb-vm::ea)) - (setf (fdefinition 'dword-ea) (fdefinition 'ea)) - (defmacro dword-inst (name &rest operands) - `(inst ,name :dword ,@operands))) - - (progn ; Older SBCL (< 1.4.11) - (defun ea (displacement &optional base index (scale 1)) - (sb-vm::make-ea :qword - :base base - :index index - :scale scale - :disp (or displacement 0))) - (defun dword-ea (displacement &optional base index (scale 1)) - (sb-vm::make-ea :dword - :base base - :index index - :scale scale - :disp (or displacement 0))) - (defmacro dword-inst (name &rest operands) - `(inst ,name ,@(mapcar (lambda (operand) - `(if (tn-p ,operand) - (sb-vm::reg-in-size ,operand :dword) - ,operand)) - operands)))))) - -#+(and sbcl (or x86 x86-64)) -(progn -(define-vop (fill-block-ub8) - (:policy :fast-safe) - (:args (block :scs (descriptor-reg)) - (buffer :scs (descriptor-reg)) - (offset :scs (unsigned-reg immediate) :target buffer-index)) - (:variant-vars big-endian-p bytes-to-copy 64-bit-p) - (:temporary (:sc unsigned-reg) temp buffer-index block-index) - (:generator 50 - (let* ((data-offset (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag)) - (block-disp (+ data-offset bytes-to-copy)) - (immediate-offset (sc-is offset immediate)) - (unroll (if immediate-offset 2 1)) - (loop (gen-label))) - (flet ((ea-for-buffer (&optional (offset 0)) - (if immediate-offset - (ea (+ block-disp offset) buffer block-index n-word-bytes) - (ea data-offset buffer buffer-index))) - (ea-for-block (&optional (offset 0)) - (ea (+ block-disp offset) block block-index n-word-bytes)) - (handle-endianness (x) - (when big-endian-p - (inst bswap x) - #+x86-64 - (unless 64-bit-p - (inst rol x 32))))) - (unless immediate-offset - (move buffer-index offset)) - (inst mov block-index (- (truncate bytes-to-copy n-word-bytes))) - (emit-label loop) - (inst mov temp (ea-for-buffer 0)) - (when immediate-offset - (inst mov buffer-index (ea-for-buffer n-word-bytes))) - (handle-endianness temp) - (when immediate-offset - (handle-endianness buffer-index)) - (inst mov (ea-for-block) temp) - (when immediate-offset - (inst mov (ea-for-block n-word-bytes) buffer-index)) - (unless immediate-offset - (inst add buffer-index n-word-bytes)) - (inst add block-index unroll) - (inst jmp :nz loop))))) - -(define-vop (fill-block-ub8-le fill-block-ub8) - (:translate ironclad::fill-block-ub8-le) - (:arg-types simple-array-unsigned-byte-32 - simple-array-unsigned-byte-8 - positive-fixnum) - (:variant nil 64 nil)) - -(define-vop (fill-block-ub8-be fill-block-ub8) - (:translate ironclad::fill-block-ub8-be) - (:arg-types simple-array-unsigned-byte-32 - simple-array-unsigned-byte-8 - positive-fixnum) - (:variant t 64 nil)) - -#+x86-64 -(define-vop (fill-block-ub8-le/64 fill-block-ub8) - (:translate ironclad::fill-block-ub8-le/64) - (:arg-types simple-array-unsigned-byte-64 - simple-array-unsigned-byte-8 - positive-fixnum) - ;; Yes. Really. Inconsistent naming FTW. - (:variant nil 64 t)) - -#+x86-64 -(define-vop (fill-block-ub8-be/64 fill-block-ub8) - (:translate ironclad::fill-block-ub8-be/64) - (:arg-types simple-array-unsigned-byte-64 - simple-array-unsigned-byte-8 - positive-fixnum) - (:variant t 128 t)) - -(define-vop (expand-block) - (:translate ironclad::expand-block) - (:policy :fast-safe) - (:args (block :scs (descriptor-reg))) - (:arg-types simple-array-unsigned-byte-32) - (:temporary (:sc unsigned-reg) temp count) - (:generator 100 - (flet ((block-word (elem-offset) - (let ((disp (+ (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag) - (* 4 elem-offset)))) - (dword-ea disp block count 4)))) - (let ((loop (gen-label))) - (inst mov count 16) - (emit-label loop) - (dword-inst mov temp (block-word -3)) - (dword-inst xor temp (block-word -8)) - (dword-inst xor temp (block-word -14)) - (dword-inst xor temp (block-word -16)) - (dword-inst rol temp 1) - (dword-inst mov (block-word 0) temp) - (inst add count 1) - (inst cmp count 79) - (inst jmp :le loop))))) - -(define-vop (sha256-expand-block) - (:translate ironclad::sha256-expand-block) - (:policy :fast-safe) - (:args (block :scs (descriptor-reg))) - (:arg-types simple-array-unsigned-byte-32) - (:temporary (:sc unsigned-reg) t1 t2 t3 t4 count) - (:generator 100 - (flet ((block-word (elem-offset) - (let ((disp (+ (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag) - (* 4 elem-offset)))) - (dword-ea disp block count 4)))) - (let ((loop (gen-label))) - ;; The code could definitely be improved for x86-64 by using - ;; more temporaries, but this version works on both 32- and - ;; 64-bit and eliminates many of the stupidities in the modular - ;; arithmetic version (mostly on 64-bit, but some lameness in - ;; the 32-bit version as well). - (inst mov count 16) - (emit-label loop) - (dword-inst mov t1 (block-word -2)) - ;; sigma1 - (dword-inst mov t2 t1) - (dword-inst rol t2 15) - (dword-inst mov t3 t1) - (dword-inst rol t3 13) - (dword-inst xor t2 t3) - (dword-inst shr t1 10) - (dword-inst xor t1 t2) - (dword-inst mov t2 (block-word -15)) - ;; sigma0 - (dword-inst mov t3 t2) - (dword-inst rol t3 25) - (dword-inst mov t4 t2) - (dword-inst rol t4 14) - (dword-inst xor t3 t4) - (dword-inst shr t2 3) - (dword-inst xor t2 t3) - (dword-inst add t1 (block-word -7)) - (dword-inst add t2 (block-word -16)) - (dword-inst add t1 t2) - (dword-inst mov (block-word 0) t1) - (inst add count 1) - (inst cmp count 63) - (inst jmp :le loop))))) - -;;; Implementing this for x86 would require nasty hacks with -;;; pseudo-atomic. Might just be worth it for the speed increase, -;;; though. The code is also probably not scheduled optimally. -#+x86-64 -(define-vop (update-sha1-block) - (:translate ironclad::%update-sha1-block) - (:policy :fast-safe) - (:args (regs :scs (descriptor-reg) :target result) - (block :scs (descriptor-reg))) - (:arg-types simple-array-unsigned-byte-32 simple-array-unsigned-byte-32) - (:results (result :scs (descriptor-reg))) - (:result-types simple-array-unsigned-byte-32) - (:temporary (:sc unsigned-reg) a b c d e t1 t2) - (:generator 1000 - (let ((k1 #x5a827999) - (k2 #x6ed9eba1) - (k3 #x-70e44324) - (k4 #x-359d3e2a)) - (labels ((block/reg-ea (base index) - (let ((disp (+ (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag) - (* 4 index)))) - (dword-ea disp base))) - (f1 (a b c d e n) - (dword-inst mov t2 a) - (dword-inst mov t1 c) - (dword-inst rol t2 5) - (dword-inst xor t1 d) - (dword-inst add t2 (block/reg-ea block n)) - (dword-inst and t1 b) - (dword-inst xor t1 d) - (dword-inst lea e (ea k1 t1 e)) - (dword-inst rol b 30) - (dword-inst add e t2)) - (f2/4 (a b c d e n k) - (dword-inst mov t2 a) - (dword-inst mov t1 d) - (dword-inst rol t2 5) - (dword-inst xor t1 c) - (dword-inst add t2 (block/reg-ea block n)) - (dword-inst xor t1 b) - (dword-inst lea e (ea k t1 e)) - (dword-inst rol b 30) - (dword-inst add e t2)) - (f2 (a b c d e n) - (f2/4 a b c d e n k2)) - (f4 (a b c d e n) - (f2/4 a b c d e n k4)) - (f3 (a b c d e n) - (dword-inst mov t2 c) - (dword-inst mov t1 c) - (dword-inst and t2 b) - (dword-inst or t1 b) - (dword-inst and t1 d) - (dword-inst or t1 t2) - (dword-inst mov t2 a) - (dword-inst rol t2 5) - (dword-inst add t2 (block/reg-ea block n)) - (dword-inst rol b 30) - (dword-inst lea e (ea k3 t1 e)) - (dword-inst add e t2)) - (sha1-rounds (start end f) - (let ((xvars (ironclad::make-circular-list a b c d e))) - (loop for i from start upto end - for vars on xvars by #'cddddr - do (multiple-value-bind (a b c d e) - (apply #'values (ironclad::circular-list-subseq vars 0 5)) - (funcall f a b c d e i)))))) - (dword-inst mov a (block/reg-ea regs 0)) - (dword-inst mov b (block/reg-ea regs 1)) - (dword-inst mov c (block/reg-ea regs 2)) - (dword-inst mov d (block/reg-ea regs 3)) - (dword-inst mov e (block/reg-ea regs 4)) - (sha1-rounds 0 19 #'f1) - (sha1-rounds 20 39 #'f2) - (sha1-rounds 40 59 #'f3) - (sha1-rounds 60 79 #'f4) - (dword-inst add (block/reg-ea regs 0) a) - (dword-inst add (block/reg-ea regs 1) b) - (dword-inst add (block/reg-ea regs 2) c) - (dword-inst add (block/reg-ea regs 3) d) - (dword-inst add (block/reg-ea regs 4) e) - (move result regs))))) - -#+x86-64 -(define-vop (salsa-core-fast) - (:translate ironclad::x-salsa-core) - (:policy :fast-safe) - (:args (buffer :scs (descriptor-reg)) - (state :scs (descriptor-reg))) - (:info n-rounds) - (:arg-types (:constant (signed-byte 61)) - simple-array-unsigned-byte-8 - simple-array-unsigned-byte-32) - (:temporary (:sc double-reg) x0 x1 x2 x3) - (:temporary (:sc unsigned-reg) r0 r1 r2 r3 temp count) - (:generator 1000 - (labels ((nth-xmm-mem (base i) - (let ((disp (+ (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag) - (* 16 i)))) - (ea disp base))) - (nth-buffer-dword (i) - (let ((disp (+ (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag) - (* 4 i)))) - (dword-ea disp buffer))) - (quarter-round (y0 y1 y2 y3) - ;; x[y0] = XOR(x[y0],ROTATE(PLUS(x[y3],x[y2]), 7)); - ;; x[y1] = XOR(x[y1],ROTATE(PLUS(x[y0],x[y3]), 9)); - ;; x[y2] = XOR(x[y2],ROTATE(PLUS(x[y1],x[y0]),13)); - ;; x[y3] = XOR(x[y3],ROTATE(PLUS(x[y2],x[y1]),18)); - (dword-inst mov r2 (nth-buffer-dword y2)) - (dword-inst mov r3 (nth-buffer-dword y3)) - - (dword-inst lea r0 (ea 0 r3 r2)) - (dword-inst rol r0 7) - (dword-inst xor r0 (nth-buffer-dword y0)) - - (dword-inst lea r1 (ea 0 r0 r3)) - (dword-inst rol r1 9) - (dword-inst xor r1 (nth-buffer-dword y1)) - - (dword-inst lea temp (ea 0 r1 r0)) - (dword-inst rol temp 13) - (dword-inst xor r2 temp) - - (dword-inst lea temp (ea 0 r2 r1)) - (dword-inst rol temp 18) - (dword-inst xor r3 temp) - - (dword-inst mov (nth-buffer-dword y0) r0) - (dword-inst mov (nth-buffer-dword y1) r1) - (dword-inst mov (nth-buffer-dword y2) r2) - (dword-inst mov (nth-buffer-dword y3) r3))) - ;; copy state to the output buffer - (inst movdqu x0 (nth-xmm-mem state 0)) - (inst movdqu x1 (nth-xmm-mem state 1)) - (inst movdqu x2 (nth-xmm-mem state 2)) - (inst movdqu x3 (nth-xmm-mem state 3)) - (inst movdqu (nth-xmm-mem buffer 0) x0) - (inst movdqu (nth-xmm-mem buffer 1) x1) - (inst movdqu (nth-xmm-mem buffer 2) x2) - (inst movdqu (nth-xmm-mem buffer 3) x3) - - (let ((repeat (gen-label))) - (inst mov count n-rounds) - (emit-label repeat) - (quarter-round 4 8 12 0) - (quarter-round 9 13 1 5) - (quarter-round 14 2 6 10) - (quarter-round 3 7 11 15) - - (quarter-round 1 2 3 0) - (quarter-round 6 7 4 5) - (quarter-round 11 8 9 10) - (quarter-round 12 13 14 15) - (inst sub count 1) - (inst jmp :nz repeat)) - - (inst paddd x0 (nth-xmm-mem buffer 0)) - (inst paddd x1 (nth-xmm-mem buffer 1)) - (inst paddd x2 (nth-xmm-mem buffer 2)) - (inst paddd x3 (nth-xmm-mem buffer 3)) - (inst movdqu (nth-xmm-mem buffer 0) x0) - (inst movdqu (nth-xmm-mem buffer 1) x1) - (inst movdqu (nth-xmm-mem buffer 2) x2) - (inst movdqu (nth-xmm-mem buffer 3) x3)))) - -#+x86-64 -(define-vop (chacha-core-fast) - (:translate ironclad::x-chacha-core) - (:policy :fast-safe) - (:args (buffer :scs (descriptor-reg)) - (state :scs (descriptor-reg))) - (:info n-rounds) - (:arg-types (:constant (signed-byte 61)) - simple-array-unsigned-byte-8 - simple-array-unsigned-byte-32) - (:temporary (:sc double-reg) x0 x1 x2 x3 y0 y1 y2 y3 t0) - (:temporary (:sc unsigned-reg) count) - (:generator 1000 - (flet ((nth-xmm-mem (base i) - (let ((disp (+ (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag) - (* 16 i)))) - (ea disp base))) - (chacha-round () - (inst paddd y0 y1) - (inst pxor y3 y0) - (inst movdqa t0 y3) - (inst pslld-imm y3 16) - (inst psrld-imm t0 16) - (inst por y3 t0) - - (inst paddd y2 y3) - (inst pxor y1 y2) - (inst movdqa t0 y1) - (inst pslld-imm y1 12) - (inst psrld-imm t0 20) - (inst por y1 t0) - - (inst paddd y0 y1) - (inst pxor y3 y0) - (inst movdqa t0 y3) - (inst pslld-imm y3 8) - (inst psrld-imm t0 24) - (inst por y3 t0) - - (inst paddd y2 y3) - (inst pxor y1 y2) - (inst movdqa t0 y1) - (inst pslld-imm y1 7) - (inst psrld-imm t0 25) - (inst por y1 t0))) - (inst movdqu x0 (nth-xmm-mem state 0)) - (inst movdqu x1 (nth-xmm-mem state 1)) - (inst movdqu x2 (nth-xmm-mem state 2)) - (inst movdqu x3 (nth-xmm-mem state 3)) - (inst movdqa y0 x0) - (inst movdqa y1 x1) - (inst movdqa y2 x2) - (inst movdqa y3 x3) - - (let ((repeat (gen-label))) - (inst mov count n-rounds) - (emit-label repeat) - - (chacha-round) - (inst pshufd y1 y1 #b00111001) - (inst pshufd y2 y2 #b01001110) - (inst pshufd y3 y3 #b10010011) - - (chacha-round) - (inst pshufd y1 y1 #b10010011) - (inst pshufd y2 y2 #b01001110) - (inst pshufd y3 y3 #b00111001) - - (inst sub count 1) - (inst jmp :nz repeat)) - - (inst paddd x0 y0) - (inst paddd x1 y1) - (inst paddd x2 y2) - (inst paddd x3 y3) - (inst movdqu (nth-xmm-mem buffer 0) x0) - (inst movdqu (nth-xmm-mem buffer 1) x1) - (inst movdqu (nth-xmm-mem buffer 2) x2) - (inst movdqu (nth-xmm-mem buffer 3) x3)))) - -#+x86-64 -(define-vop (pclmulqdq-support-p) - (:translate ironclad::pclmulqdq-support-p) - (:policy :fast-safe) - (:conditional :c) - (:temporary (:sc unsigned-reg :offset rax-offset) eax) - (:temporary (:sc unsigned-reg :offset rcx-offset) ecx) - (:generator 10 - (inst mov eax 1) - (inst cpuid) - (inst bt ecx 1))) - -#+x86-64 -(define-vop (aes-ni-support-p) - (:translate ironclad::aes-ni-support-p) - (:policy :fast-safe) - (:conditional :c) - (:temporary (:sc unsigned-reg :offset rax-offset) eax) - (:temporary (:sc unsigned-reg :offset rcx-offset) ecx) - (:generator 10 - (inst mov eax 1) - (inst cpuid) - (inst bt ecx 25))) - -#+x86-64 -(define-vop (aes-ni-generate-round-keys) - (:translate ironclad::aes-ni-generate-round-keys) - (:policy :fast-safe) - (:args (key :scs (descriptor-reg)) - (key-length :scs (unsigned-reg)) - (encryption-keys :scs (descriptor-reg)) - (decryption-keys :scs (descriptor-reg))) - (:arg-types simple-array-unsigned-byte-8 - unsigned-num - simple-array-unsigned-byte-32 - simple-array-unsigned-byte-32) - (:temporary (:sc double-reg) x0 x1 x2 x3 x4 x5 x6) - (:generator 1000 - (labels ((buffer-mem (base i) - (let ((disp (+ (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag) - (* 16 i)))) - (ea disp base))) - (expand-key-128 () - (inst pshufd x1 x1 #b11111111) - (inst shufps x2 x0 #b00010000) - (inst pxor x0 x2) - (inst shufps x2 x0 #b10001100) - (inst pxor x0 x2) - (inst pxor x0 x1)) - (expand-key-192a () - (inst pshufd x1 x1 #b01010101) - (inst shufps x2 x0 #b00010000) - (inst pxor x0 x2) - (inst shufps x2 x0 #b10001100) - (inst pxor x0 x2) - (inst pxor x0 x1) - (inst movdqa x4 x3) - (inst movdqa x5 x3) - (inst pslldq x4 4) - (inst pshufd x6 x0 #b11111111) - (inst pxor x3 x6) - (inst pxor x3 x4) - (inst movdqa x1 x0) - (inst shufps x5 x0 #b01000100) - (inst shufps x1 x3 #b01001110)) - (expand-key-192b () - (inst pshufd x1 x1 #b01010101) - (inst shufps x2 x0 #b00010000) - (inst pxor x0 x2) - (inst shufps x2 x0 #b10001100) - (inst pxor x0 x2) - (inst pxor x0 x1) - (inst movdqa x4 x3) - (inst pslldq x4 4) - (inst pshufd x5 x0 #b11111111) - (inst pxor x3 x5) - (inst pxor x3 x4)) - (expand-key-256a () - (expand-key-128)) - (expand-key-256b () - (inst pshufd x1 x1 #b10101010) - (inst shufps x2 x3 #b00010000) - (inst pxor x3 x2) - (inst shufps x2 x3 #b10001100) - (inst pxor x3 x2) - (inst pxor x3 x1))) - (let ((key-192 (gen-label)) - (key-128 (gen-label)) - (end (gen-label))) - (inst pxor x2 x2) - (inst movdqu x0 (buffer-mem key 0)) - (inst cmp key-length 24) - (inst jmp :b key-128) - (inst jmp :z key-192) - - (inst movdqu x3 (buffer-mem key 1)) - (inst movdqu (buffer-mem encryption-keys 0) x0) - (inst movdqu (buffer-mem decryption-keys 14) x0) - (inst movdqu (buffer-mem encryption-keys 1) x3) - (inst aesimc x6 x3) - (inst movdqu (buffer-mem decryption-keys 13) x6) - (inst aeskeygenassist x1 x3 1) - (expand-key-256a) - (inst movdqu (buffer-mem encryption-keys 2) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 12) x6) - (inst aeskeygenassist x1 x0 1) - (expand-key-256b) - (inst movdqu (buffer-mem encryption-keys 3) x3) - (inst aesimc x6 x3) - (inst movdqu (buffer-mem decryption-keys 11) x6) - (inst aeskeygenassist x1 x3 2) - (expand-key-256a) - (inst movdqu (buffer-mem encryption-keys 4) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 10) x6) - (inst aeskeygenassist x1 x0 2) - (expand-key-256b) - (inst movdqu (buffer-mem encryption-keys 5) x3) - (inst aesimc x6 x3) - (inst movdqu (buffer-mem decryption-keys 9) x6) - (inst aeskeygenassist x1 x3 4) - (expand-key-256a) - (inst movdqu (buffer-mem encryption-keys 6) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 8) x6) - (inst aeskeygenassist x1 x0 4) - (expand-key-256b) - (inst movdqu (buffer-mem encryption-keys 7) x3) - (inst aesimc x6 x3) - (inst movdqu (buffer-mem decryption-keys 7) x6) - (inst aeskeygenassist x1 x3 8) - (expand-key-256a) - (inst movdqu (buffer-mem encryption-keys 8) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 6) x6) - (inst aeskeygenassist x1 x0 8) - (expand-key-256b) - (inst movdqu (buffer-mem encryption-keys 9) x3) - (inst aesimc x6 x3) - (inst movdqu (buffer-mem decryption-keys 5) x6) - (inst aeskeygenassist x1 x3 16) - (expand-key-256a) - (inst movdqu (buffer-mem encryption-keys 10) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 4) x6) - (inst aeskeygenassist x1 x0 16) - (expand-key-256b) - (inst movdqu (buffer-mem encryption-keys 11) x3) - (inst aesimc x6 x3) - (inst movdqu (buffer-mem decryption-keys 3) x6) - (inst aeskeygenassist x1 x3 32) - (expand-key-256a) - (inst movdqu (buffer-mem encryption-keys 12) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 2) x6) - (inst aeskeygenassist x1 x0 32) - (expand-key-256b) - (inst movdqu (buffer-mem encryption-keys 13) x3) - (inst aesimc x6 x3) - (inst movdqu (buffer-mem decryption-keys 1) x6) - (inst aeskeygenassist x1 x3 64) - (expand-key-256a) - (inst movdqu (buffer-mem encryption-keys 14) x0) - (inst movdqu (buffer-mem decryption-keys 0) x0) - (inst jmp end) - - (emit-label key-192) - (inst movdqu x3 (buffer-mem key 1)) - (inst movdqu (buffer-mem encryption-keys 0) x0) - (inst movdqu (buffer-mem decryption-keys 12) x0) - (inst aeskeygenassist x1 x3 1) - (expand-key-192a) - (inst movdqu (buffer-mem encryption-keys 1) x5) - (inst aesimc x6 x5) - (inst movdqu (buffer-mem decryption-keys 11) x6) - (inst movdqu (buffer-mem encryption-keys 2) x1) - (inst aesimc x6 x1) - (inst movdqu (buffer-mem decryption-keys 10) x6) - (inst aeskeygenassist x1 x3 2) - (expand-key-192b) - (inst movdqu (buffer-mem encryption-keys 3) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 9) x6) - (inst aeskeygenassist x1 x3 4) - (expand-key-192a) - (inst movdqu (buffer-mem encryption-keys 4) x5) - (inst aesimc x6 x5) - (inst movdqu (buffer-mem decryption-keys 8) x6) - (inst movdqu (buffer-mem encryption-keys 5) x1) - (inst aesimc x6 x1) - (inst movdqu (buffer-mem decryption-keys 7) x6) - (inst aeskeygenassist x1 x3 8) - (expand-key-192b) - (inst movdqu (buffer-mem encryption-keys 6) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 6) x6) - (inst aeskeygenassist x1 x3 16) - (expand-key-192a) - (inst movdqu (buffer-mem encryption-keys 7) x5) - (inst aesimc x6 x5) - (inst movdqu (buffer-mem decryption-keys 5) x6) - (inst movdqu (buffer-mem encryption-keys 8) x1) - (inst aesimc x6 x1) - (inst movdqu (buffer-mem decryption-keys 4) x6) - (inst aeskeygenassist x1 x3 32) - (expand-key-192b) - (inst movdqu (buffer-mem encryption-keys 9) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 3) x6) - (inst aeskeygenassist x1 x3 64) - (expand-key-192a) - (inst movdqu (buffer-mem encryption-keys 10) x5) - (inst aesimc x6 x5) - (inst movdqu (buffer-mem decryption-keys 2) x6) - (inst movdqu (buffer-mem encryption-keys 11) x1) - (inst aesimc x6 x1) - (inst movdqu (buffer-mem decryption-keys 1) x6) - (inst aeskeygenassist x1 x3 128) - (expand-key-192b) - (inst movdqu (buffer-mem encryption-keys 12) x0) - (inst movdqu (buffer-mem decryption-keys 0) x0) - (inst jmp end) - - (emit-label key-128) - (inst movdqu (buffer-mem encryption-keys 0) x0) - (inst movdqu (buffer-mem decryption-keys 10) x0) - (inst aeskeygenassist x1 x0 1) - (expand-key-128) - (inst movdqu (buffer-mem encryption-keys 1) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 9) x6) - (inst aeskeygenassist x1 x0 2) - (expand-key-128) - (inst movdqu (buffer-mem encryption-keys 2) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 8) x6) - (inst aeskeygenassist x1 x0 4) - (expand-key-128) - (inst movdqu (buffer-mem encryption-keys 3) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 7) x6) - (inst aeskeygenassist x1 x0 8) - (expand-key-128) - (inst movdqu (buffer-mem encryption-keys 4) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 6) x6) - (inst aeskeygenassist x1 x0 16) - (expand-key-128) - (inst movdqu (buffer-mem encryption-keys 5) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 5) x6) - (inst aeskeygenassist x1 x0 32) - (expand-key-128) - (inst movdqu (buffer-mem encryption-keys 6) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 4) x6) - (inst aeskeygenassist x1 x0 64) - (expand-key-128) - (inst movdqu (buffer-mem encryption-keys 7) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 3) x6) - (inst aeskeygenassist x1 x0 128) - (expand-key-128) - (inst movdqu (buffer-mem encryption-keys 8) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 2) x6) - (inst aeskeygenassist x1 x0 27) - (expand-key-128) - (inst movdqu (buffer-mem encryption-keys 9) x0) - (inst aesimc x6 x0) - (inst movdqu (buffer-mem decryption-keys 1) x6) - (inst aeskeygenassist x1 x0 54) - (expand-key-128) - (inst movdqu (buffer-mem encryption-keys 10) x0) - (inst movdqu (buffer-mem decryption-keys 0) x0) - (emit-label end))))) - -#+x86-64 -(define-vop (aes-ni-encrypt) - (:translate ironclad::aes-ni-encrypt) - (:policy :fast-safe) - (:args (plaintext :scs (descriptor-reg)) - (plaintext-start :scs (unsigned-reg)) - (ciphertext :scs (descriptor-reg)) - (ciphertext-start :scs (unsigned-reg)) - (round-keys :scs (descriptor-reg)) - (n-rounds :scs (unsigned-reg))) - (:arg-types simple-array-unsigned-byte-8 - unsigned-num - simple-array-unsigned-byte-8 - unsigned-num - simple-array-unsigned-byte-32 - unsigned-num) - (:temporary (:sc double-reg) x0 x1) - (:generator 1000 - (flet ((buffer-mem (base offset) - (let ((disp (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag))) - (ea disp base offset))) - (round-key (i) - (let ((disp (+ (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag) - (* 16 i)))) - (ea disp round-keys)))) - (let ((last-round (gen-label))) - (inst movdqu x0 (buffer-mem plaintext plaintext-start)) - (inst movdqu x1 (round-key 0)) - (inst pxor x0 x1) - (inst movdqu x1 (round-key 1)) - (inst aesenc x0 x1) - (inst movdqu x1 (round-key 2)) - (inst aesenc x0 x1) - (inst movdqu x1 (round-key 3)) - (inst aesenc x0 x1) - (inst movdqu x1 (round-key 4)) - (inst aesenc x0 x1) - (inst movdqu x1 (round-key 5)) - (inst aesenc x0 x1) - (inst movdqu x1 (round-key 6)) - (inst aesenc x0 x1) - (inst movdqu x1 (round-key 7)) - (inst aesenc x0 x1) - (inst movdqu x1 (round-key 8)) - (inst aesenc x0 x1) - (inst movdqu x1 (round-key 9)) - (inst aesenc x0 x1) - (inst movdqu x1 (round-key 10)) - (inst cmp n-rounds 10) - (inst jmp :z last-round) - (inst aesenc x0 x1) - (inst movdqu x1 (round-key 11)) - (inst aesenc x0 x1) - (inst movdqu x1 (round-key 12)) - (inst cmp n-rounds 12) - (inst jmp :z last-round) - (inst aesenc x0 x1) - (inst movdqu x1 (round-key 13)) - (inst aesenc x0 x1) - (inst movdqu x1 (round-key 14)) - (emit-label last-round) - (inst aesenclast x0 x1) - (inst movdqu (buffer-mem ciphertext ciphertext-start) x0))))) - -#+x86-64 -(define-vop (aes-ni-decrypt) - (:translate ironclad::aes-ni-decrypt) - (:policy :fast-safe) - (:args (ciphertext :scs (descriptor-reg)) - (ciphertext-start :scs (unsigned-reg)) - (plaintext :scs (descriptor-reg)) - (plaintext-start :scs (unsigned-reg)) - (round-keys :scs (descriptor-reg)) - (n-rounds :scs (unsigned-reg))) - (:arg-types simple-array-unsigned-byte-8 - unsigned-num - simple-array-unsigned-byte-8 - unsigned-num - simple-array-unsigned-byte-32 - unsigned-num) - (:temporary (:sc double-reg) x0 x1) - (:generator 1000 - (flet ((buffer-mem (base offset) - (let ((disp (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag))) - (ea disp base offset))) - (round-key (i) - (let ((disp (+ (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag) - (* 16 i)))) - (ea disp round-keys)))) - (let ((last-round (gen-label))) - (inst movdqu x0 (buffer-mem ciphertext ciphertext-start)) - (inst movdqu x1 (round-key 0)) - (inst pxor x0 x1) - (inst movdqu x1 (round-key 1)) - (inst aesdec x0 x1) - (inst movdqu x1 (round-key 2)) - (inst aesdec x0 x1) - (inst movdqu x1 (round-key 3)) - (inst aesdec x0 x1) - (inst movdqu x1 (round-key 4)) - (inst aesdec x0 x1) - (inst movdqu x1 (round-key 5)) - (inst aesdec x0 x1) - (inst movdqu x1 (round-key 6)) - (inst aesdec x0 x1) - (inst movdqu x1 (round-key 7)) - (inst aesdec x0 x1) - (inst movdqu x1 (round-key 8)) - (inst aesdec x0 x1) - (inst movdqu x1 (round-key 9)) - (inst aesdec x0 x1) - (inst movdqu x1 (round-key 10)) - (inst cmp n-rounds 10) - (inst jmp :z last-round) - (inst aesdec x0 x1) - (inst movdqu x1 (round-key 11)) - (inst aesdec x0 x1) - (inst movdqu x1 (round-key 12)) - (inst cmp n-rounds 12) - (inst jmp :z last-round) - (inst aesdec x0 x1) - (inst movdqu x1 (round-key 13)) - (inst aesdec x0 x1) - (inst movdqu x1 (round-key 14)) - (emit-label last-round) - (inst aesdeclast x0 x1) - (inst movdqu (buffer-mem plaintext plaintext-start) x0))))) - -#+x86-64 -(define-vop (fast-blake2s-mixing) - (:translate ironclad::fast-blake2s-mixing) - (:policy :fast-safe) - (:args (va :scs (unsigned-reg) :target ra) - (vb :scs (unsigned-reg) :target rb) - (vc :scs (unsigned-reg) :target rc) - (vd :scs (unsigned-reg) :target rd) - (x :scs (unsigned-reg)) - (y :scs (unsigned-reg))) - (:arg-types unsigned-num - unsigned-num - unsigned-num - unsigned-num - unsigned-num - unsigned-num) - (:results (ra :scs (unsigned-reg) :from (:argument 0)) - (rb :scs (unsigned-reg) :from (:argument 1)) - (rc :scs (unsigned-reg) :from (:argument 2)) - (rd :scs (unsigned-reg) :from (:argument 3))) - (:result-types unsigned-num - unsigned-num - unsigned-num - unsigned-num) - (:generator 1000 - (dword-inst mov ra va) - (dword-inst mov rb vb) - (dword-inst mov rc vc) - (dword-inst mov rd vd) - (dword-inst add ra rb) - (dword-inst add ra x) - (dword-inst xor rd ra) - (dword-inst ror rd 16) - (dword-inst add rc rd) - (dword-inst xor rb rc) - (dword-inst ror rb 12) - (dword-inst add ra rb) - (dword-inst add ra y) - (dword-inst xor rd ra) - (dword-inst ror rd 8) - (dword-inst add rc rd) - (dword-inst xor rb rc) - (dword-inst ror rb 7))) - -#+x86-64 -(define-vop (gmac-mul-fast) - (:translate ironclad::gmac-mul-fast) - (:policy :fast-safe) - (:args (accumulator :scs (descriptor-reg)) - (key :scs (descriptor-reg))) - (:arg-types simple-array-unsigned-byte-8 - simple-array-unsigned-byte-8) - (:temporary (:sc double-reg) x0 x1 x2 x3 x4 x5 x6 x7 x8 x9) - (:generator 1000 - (flet ((buffer-mem (base) - (let ((disp (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag))) - (ea disp base)))) - (inst movdqu x0 (buffer-mem accumulator)) - (inst movdqu x1 (buffer-mem key)) - (inst movdqa x3 x0) - (inst pclmulqdq x3 x1 0) - (inst movdqa x4 x0) - (inst pclmulqdq x4 x1 16) - (inst movdqa x5 x0) - (inst pclmulqdq x5 x1 1) - (inst movdqa x6 x0) - (inst pclmulqdq x6 x1 17) - (inst pxor x4 x5) - (inst movdqa x5 x4) - (inst psrldq x4 8) - (inst pslldq x5 8) - (inst pxor x3 x5) - (inst pxor x6 x4) - (inst movdqa x7 x3) - (inst movdqa x8 x6) - (inst pslld-imm x3 1) - (inst pslld-imm x6 1) - (inst psrld-imm x7 31) - (inst psrld-imm x8 31) - (inst movdqa x9 x7) - (inst pslldq x8 4) - (inst pslldq x7 4) - (inst psrldq x9 12) - (inst por x3 x7) - (inst por x6 x8) - (inst por x6 x9) - (inst movdqa x7 x3) - (inst movdqa x8 x3) - (inst movdqa x9 x3) - (inst pslld-imm x7 31) - (inst pslld-imm x8 30) - (inst pslld-imm x9 25) - (inst pxor x7 x8) - (inst pxor x7 x9) - (inst movdqa x8 x7) - (inst pslldq x7 12) - (inst psrldq x8 4) - (inst pxor x3 x7) - (inst movdqa x2 x3) - (inst movdqa x4 x3) - (inst movdqa x5 x3) - (inst psrld-imm x2 1) - (inst psrld-imm x4 2) - (inst psrld-imm x5 7) - (inst pxor x2 x4) - (inst pxor x2 x5) - (inst pxor x2 x8) - (inst pxor x3 x2) - (inst pxor x6 x3) - (inst movdqu (buffer-mem accumulator) x6)))) - -#+x86-64 -(define-vop (xor128) - (:translate ironclad::xor128) - (:policy :fast-safe) - (:args (in1 :scs (descriptor-reg)) - (start-in1 :scs (unsigned-reg)) - (in2 :scs (descriptor-reg)) - (start-in2 :scs (unsigned-reg)) - (out :scs (descriptor-reg)) - (start-out :scs (unsigned-reg))) - (:arg-types simple-array-unsigned-byte-8 - positive-fixnum - simple-array-unsigned-byte-8 - positive-fixnum - simple-array-unsigned-byte-8 - positive-fixnum) - (:temporary (:sc double-reg) x0 x1) - (:generator 1000 - (flet ((buffer-mem (base offset) - (let ((disp (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag))) - (ea disp base offset)))) - (inst movdqu x0 (buffer-mem in1 start-in1)) - (inst movdqu x1 (buffer-mem in2 start-in2)) - (inst pxor x0 x1) - (inst movdqu (buffer-mem out start-out) x0)))) - -#+x86-64 -(define-vop (mov128) - (:translate ironclad::mov128) - (:policy :fast-safe) - (:args (in :scs (descriptor-reg)) - (start-in :scs (unsigned-reg)) - (out :scs (descriptor-reg)) - (start-out :scs (unsigned-reg))) - (:arg-types simple-array-unsigned-byte-8 - positive-fixnum - simple-array-unsigned-byte-8 - positive-fixnum) - (:temporary (:sc double-reg) x0) - (:generator 1000 - (flet ((buffer-mem (base offset) - (let ((disp (- (* n-word-bytes vector-data-offset) - other-pointer-lowtag))) - (ea disp base offset)))) - (inst movdqu x0 (buffer-mem in start-in)) - (inst movdqu (buffer-mem out start-out) x0)))) - -(define-vop (inc-counter-block) - (:translate ironclad::inc-counter-block) - (:policy :fast-safe) - (:args (size :scs (unsigned-reg) :target idx) - (counter :scs (descriptor-reg))) - (:arg-types positive-fixnum - simple-array-unsigned-byte-8) - (:temporary (:sc unsigned-reg) idx) - (:generator 1000 - (let ((start (gen-label)) - (end (gen-label))) - (move idx size) - (inst stc) - (emit-label start) - #.(let ((disp '(- (* n-word-bytes vector-data-offset) - other-pointer-lowtag 1))) - (if (and (member :x86-64 *features*) (fboundp 'sb-vm::ea)) - `(inst adc :byte (ea ,disp counter idx) 0) - `(inst adc (sb-vm::make-ea :byte :base counter :index idx :disp ,disp) 0))) - (inst jmp :nc end) - (inst dec idx) - (inst jmp :nz start) - (emit-label end)))) -) ; PROGN diff -Nru cl-ironclad-0.43/testing/testfuns.lisp cl-ironclad-0.45/testing/testfuns.lisp --- cl-ironclad-0.43/testing/testfuns.lisp 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/testing/testfuns.lisp 2019-02-18 14:08:52.000000000 +0000 @@ -592,7 +592,7 @@ (defun aead-test (mode-name input ad output tag &rest args) (let* ((parameters (case mode-name - ((:gcm gcm crypto:gcm) + ((:gcm gcm crypto:gcm :eax eax crypto:eax) (list :cipher-name (car args) :key (cadr args) :initialization-vector (caddr args))) @@ -612,7 +612,7 @@ (mismatch (crypto:produce-tag ae) tag)) (error "encryption failed for ~A, input ~A, output ~A" mode-name input output)) (setf parameters (case mode-name - ((:gcm gcm crypto:gcm) + ((:gcm gcm crypto:gcm :eax eax crypto:eax) parameters) ((:etm etm crypto:etm) (destructuring-bind (cipher-name ckey mode iv mac-name mkey mparam) args @@ -632,7 +632,7 @@ (defun aead-test/incremental (mode-name input ad output tag &rest args) (let* ((parameters (case mode-name - ((:gcm gcm crypto:gcm) + ((:gcm gcm crypto:gcm :eax eax crypto:eax) (list :cipher-name (car args) :key (cadr args) :initialization-vector (caddr args))) @@ -660,7 +660,7 @@ (mismatch (crypto:produce-tag ae) tag)) (error "encryption failed for ~A, input ~A, output ~A" mode-name input output)) (setf parameters (case mode-name - ((:gcm gcm crypto:gcm) + ((:gcm gcm crypto:gcm :eax eax crypto:eax) parameters) ((:etm etm crypto:etm) (destructuring-bind (cipher-name ckey mode iv mac-name mkey mparam) args diff -Nru cl-ironclad-0.43/testing/test-vectors/cbc.testvec cl-ironclad-0.45/testing/test-vectors/cbc.testvec --- cl-ironclad-0.43/testing/test-vectors/cbc.testvec 2018-09-14 10:18:05.000000000 +0000 +++ cl-ironclad-0.45/testing/test-vectors/cbc.testvec 2019-02-18 14:08:52.000000000 +0000 @@ -38,3 +38,11 @@ (:mode-padding-test :aes :pkcs7 #h"fda6a01194beb462953d7e6c49b32dac" #h"d9c9468796a2f5741b84d2d41430c5d3" #h"f60ae3b036abcab78c98fc1d4b67970c0955cb6fe24483f8907fd73319679b" #h"19beb4db2be0f3aff0083583038b2281a77c85b5f345ba4d2bc7f742a14f9247") (:mode-padding-test :aes :pkcs7 #h"efd9caa8ac68e9e29acdae57e93bcea8" #h"c98b47808add45c0c891983ec4b09846" #h"3e1d2001f1e475b972738936443a5f51eedaf802a66fadf2406cfaadb0549149fcb9f485e534dc2d" #h"84904fc92bd2e7590aa268e667370327b9446f41067dd40d3e5091a63a0d5687e4926e00cc3cb461c3b85d80ee2da818") (:mode-padding-test :aes :pkcs7 #h"37e4dbdc436258d5a9adb9f205c77cf3" #h"08e9410de244d3f40607ebae38fa74e7" #h"24a874aec067116ad22eb55846ded3f5e86919a135585c929a86d92b2958fed110e52e33804887243584a6a94402cc9a105e0c940ec335bd2890f16dcce3fc8bd02873c80ade6f1ac08683130bcca454" #h"1d1391593a336be4b207295ad0542bc4ef2f39053066e12c38f71603f377fd42f4f0b2b5a42cdfeaee2af039f06fcf347abe171af3157ff07f3cdd3b33e11a60caecf9890325c132eeb66ab847278d165c26bca7c30486bb2fd83b63c5ff7ae0") + + +;;; Tests from DSTU 7624:2014 + +(:mode-test :kalyna128 #h"000102030405060708090a0b0c0d0e0f" #h"101112131415161718191a1b1c1d1e1f" #h"202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" #h"a73625d7be994e85469a9faabcedaab6dbc5f65dd77bb35e06bd7d1d8eafc8624d6cb31ce189c82b8979f2936de9bf14") +(:mode-test :kalyna256 #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" #h"202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" #h"404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f" #h"9cdfdaa75929e7c2a5cfc1bf16b42c5ae3886d0258e8c577dc01daf62d185fb999b9867736b87110f5f1bc7481912c593f48ff79e2afdfab9f704a277ec3e557b1b0a9f223dae6ed5af591c4f2d6fb22e48334f5e9b96b1a2ea5200f30a406ce") +(:mode-test :kalyna256 #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" #h"404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" #h"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" #h"b8a2474578c2febf3f94703587bd5fdc3f4a4d2f43575b6144a1e1031fb3d1452b7fd52f5e3411461dac506869ff8d2faef4fee60379ae00b33aa3eaf911645af8091cd8a45d141d1fb150e5a01c1f26ff3dbd26ac4225ec7577b2ce57a5b0ff") +(:mode-test :kalyna512 #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" #h"404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" #h"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff" #h"d4739b829ef901b24c1162ae4fdef897eda41fac7f5770cdc90e1d1cdf124e8d7831e06b4498a4b6f6ec815df2461dc99bb0449b0f09fcaa2c84090534bcc9329626fd74ef8f0a0bcb5765184629c3cbf53b0fb134f6d0421174b1c4e884d1cd1069a7ad19752dcebf655842e79b7858bde01390a760d85e88925bfe38b0fa57") diff -Nru cl-ironclad-0.43/testing/test-vectors/eax.testvec cl-ironclad-0.45/testing/test-vectors/eax.testvec --- cl-ironclad-0.43/testing/test-vectors/eax.testvec 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/testing/test-vectors/eax.testvec 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,10 @@ +(:aead-test #h"" #h"6bfb914fd07eae6b" #h"" #h"e037830e8389f27b025a2d6527e79d01" :aes #h"233952dee4d5ed5f9b9c6d6ff80ff478" #h"62ec67f9c3a4a407fcb2a8c49031a8b3") +(:aead-test #h"f7fb" #h"fa3bfd4806eb53fa" #h"19dd" #h"5c4c9331049d0bdab0277408f67967e5" :aes #h"91945d3f4dcbee0bf45ef52255f095a4" #h"becaf043b0a23d843194ba972c66debd") +(:aead-test #h"1a47cb4933" #h"234a3463c1264ac6" #h"d851d5bae0" #h"3a59f238a23e39199dc9266626c40f80" :aes #h"01f74ad64077f2e704c0f60ada3dd523" #h"70c3db4f0d26368400a10ed05d2bff5e") +(:aead-test #h"481c9e39b1" #h"33cce2eabff5a79d" #h"632a9d131a" #h"d4c168a4225d8e1ff755939974a7bede" :aes #h"d07cf6cbb7f313bdde66b727afd3c5e8" #h"8408dfff3c1a2b1292dc199e46b7d617") +(:aead-test #h"40d0c07da5e4" #h"aeb96eaebe2970e9" #h"071dfe16c675" #h"cb0677e536f73afe6a14b74ee49844dd" :aes #h"35b6d0580005bbc12b0587124557d2c2" #h"fdb6b06676eedc5c61d74276e1f8e816") +(:aead-test #h"4de3b35c3fc039245bd1fb7d" #h"d4482d1ca78dce0f" #h"835bb4f15d743e350e728414" #h"abb8644fd6ccb86947c5e10590210a4f" :aes #h"bd8e6e11475e60b268784c38c62feb22" #h"6eac5c93072d8e8513f750935e46da1b") +(:aead-test #h"8b0a79306c9ce7ed99dae4f87f8dd61636" #h"65d2017990d62528" #h"02083e3979da014812f59f11d52630da30" #h"137327d10649b0aa6e1c181db617d7f2" :aes #h"7c77d6e813bed5ac98baa417477a2e7d" #h"1a8c98dcd73d38393b2bf1569deefc19") +(:aead-test #h"1bda122bce8a8dbaf1877d962b8592dd2d56" #h"54b9f04e6a09189a" #h"2ec47b2c4954a489afc7ba4897edcdae8cc3" #h"3b60450599bd02c96382902aef7f832a" :aes #h"5fff20cafab119ca2fc73549e20f5b0d" #h"dde59b97d722156d4d9aff2bc7559826") +(:aead-test #h"6cf36720872b8513f6eab1a8a44438d5ef11" #h"899a175897561d7e" #h"0de18fd0fdd91e7af19f1d8ee8733938b1e8" #h"e7f6d2231618102fdb7fe55ff1991700" :aes #h"a4a4782bcffd3ec5e7ef6d8c34a56123" #h"b781fcf2f75fa5a8de97a9ca48e522ec") +(:aead-test #h"ca40d7446e545ffaed3bd12a740a659ffbbb3ceab7" #h"126735fcc320d25a" #h"cb8920f87a6c75cff39627b56e3ed197c552d295a7" #h"cfc46afc253b4652b1af3795b124ab6e" :aes #h"8395fcf1e95bebd697bd010bc766aac3" #h"22e7add93cfc6393c57ec0b3c17d6b44") diff -Nru cl-ironclad-0.43/testing/test-vectors/kalyna128.testvec cl-ironclad-0.45/testing/test-vectors/kalyna128.testvec --- cl-ironclad-0.43/testing/test-vectors/kalyna128.testvec 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/testing/test-vectors/kalyna128.testvec 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,5 @@ +(:ecb-mode-test #h"000102030405060708090a0b0c0d0e0f" #h"101112131415161718191a1b1c1d1e1f" #h"81bf1c7d779bac20e1c9ea39b4d2ad06") +(:ecb-mode-test #h"0f0e0d0c0b0a09080706050403020100" #h"7291ef2b470cc7846f09c2303973dad7" #h"1f1e1d1c1b1a19181716151413121110") + +(:ecb-mode-test #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" #h"202122232425262728292a2b2c2d2e2f" #h"58ec3e091000158a1148f7166f334f14") +(:ecb-mode-test #h"1f1e1d1c1b1a191817161514131211100f0e0d0c0b0a09080706050403020100" #h"f36db456cefddfe1b45b5f7030cad996" #h"2f2e2d2c2b2a29282726252423222120") diff -Nru cl-ironclad-0.43/testing/test-vectors/kalyna256.testvec cl-ironclad-0.45/testing/test-vectors/kalyna256.testvec --- cl-ironclad-0.43/testing/test-vectors/kalyna256.testvec 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/testing/test-vectors/kalyna256.testvec 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,5 @@ +(:ecb-mode-test #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" #h"202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" #h"f66e3d570ec92135aedae323dcbd2a8ca03963ec206a0d5a88385c24617fd92c") +(:ecb-mode-test #h"1f1e1d1c1b1a191817161514131211100f0e0d0c0b0a09080706050403020100" #h"7fc5237896674e8603c1e9b03f8b4ba3ab5b7c592c3fc3d361edd12586b20fe3" #h"3f3e3d3c3b3a393837363534333231302f2e2d2c2b2a29282726252423222120") + +(:ecb-mode-test #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" #h"404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" #h"606990e9e6b7b67a4bd6d893d72268b78e02c83c3cd7e102fd2e74a8fdfe5dd9") +(:ecb-mode-test #h"3f3e3d3c3b3a393837363534333231302f2e2d2c2b2a292827262524232221201f1e1d1c1b1a191817161514131211100f0e0d0c0b0a09080706050403020100" #h"18317a2767dad482bccd07b9a1788d075e7098189e5f84972d0b916d79ba6ae0" #h"5f5e5d5c5b5a595857565554535251504f4e4d4c4b4a49484746454443424140") diff -Nru cl-ironclad-0.43/testing/test-vectors/kalyna512.testvec cl-ironclad-0.45/testing/test-vectors/kalyna512.testvec --- cl-ironclad-0.43/testing/test-vectors/kalyna512.testvec 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/testing/test-vectors/kalyna512.testvec 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,2 @@ +(:ecb-mode-test #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" #h"404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" #h"4a26e31b811c356aa61dd6ca0596231a67ba8354aa47f3a13e1deec320eb56b895d0f417175bab662fd6f134bb15c86ccb906a26856efeb7c5bc6472940dd9d9") +(:ecb-mode-test #h"3f3e3d3c3b3a393837363534333231302f2e2d2c2b2a292827262524232221201f1e1d1c1b1a191817161514131211100f0e0d0c0b0a09080706050403020100" #h"ce80843325a052521bead714e6a9d829fd381e0ee9a845bd92044554d9fa46a3757fefdb853bb1f297ff9d833b75e66aaf4157abb5291bdcf094bb13aa5aff22" #h"7f7e7d7c7b7a797877767574737271706f6e6d6c6b6a696867666564636261605f5e5d5c5b5a595857565554535251504f4e4d4c4b4a49484746454443424140") diff -Nru cl-ironclad-0.43/testing/test-vectors/kupyna-256.testvec cl-ironclad-0.45/testing/test-vectors/kupyna-256.testvec --- cl-ironclad-0.43/testing/test-vectors/kupyna-256.testvec 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/testing/test-vectors/kupyna-256.testvec 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,6 @@ +(:digest-test #h"" #h"cd5101d1ccdf0d1d1f4ada56e888cd724ca1a0838a3521e7131d4fb78d0f5eb6") +(:digest-test #h"ff" #h"ea7677ca4526555680441c117982ea14059ea6d0d7124d6ecdb3deec49e890f4") +(:digest-test #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" #h"08f4ee6f1be6903b324c4e27990cb24ef69dd58dbe84813ee0a52f6631239875") +(:digest-test #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e" #h"1075c8b0cb910f116bda5fa1f19c29cf8ecc75caff7208ba2994b68fc56e8d16") +(:digest-test #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" #h"0a9474e645a7d25e255e9e89fff42ec7eb31349007059284f0b182e452bda882") +(:digest-test #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff" #h"d305a32b963d149dc765f68594505d4077024f836c1bf03806e1624ce176c08f") diff -Nru cl-ironclad-0.43/testing/test-vectors/kupyna.testvec cl-ironclad-0.45/testing/test-vectors/kupyna.testvec --- cl-ironclad-0.43/testing/test-vectors/kupyna.testvec 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/testing/test-vectors/kupyna.testvec 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,6 @@ +(:digest-test #h"" #h"656b2f4cd71462388b64a37043ea55dbe445d452aecd46c3298343314ef04019bcfa3f04265a9857f91be91fce197096187ceda78c9c1c021c294a0689198538") +(:digest-test #h"ff" #h"871b18cf754b72740307a97b449abeb32b64444cc0d5a4d65830ae5456837a72d8458f12c8f06c98c616abe11897f86263b5cb77c420fb375374bec52b6d0292") +(:digest-test #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" #h"3813e2109118cdfb5a6d5e72f7208dccc80a2dfb3afdfb02f46992b5edbe536b3560dd1d7e29c6f53978af58b444e37ba685c0dd910533ba5d78efffc13de62a") +(:digest-test #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" #h"76ed1ac28b1d0143013ffa87213b4090b356441263c13e03fa060a8cada32b979635657f256b15d5fca4a174de029f0b1b4387c878fcc1c00e8705d783fd7ffe") +(:digest-test #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" #h"b189bfe987f682f5f167f0d7fa565330e126b6e592b1c55d44299064ef95b1a57f3c2d0ecf17869d1d199ebbd02e8857fb8add67a8c31f56cd82c016cf743121") +(:digest-test #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff" #h"0dd03d7350c409cb3c29c25893a0724f6b133fa8b9eb90a64d1a8fa93b56556611eb187d715a956b107e3bfc76482298133a9ce8cbc0bd5e1436a5b197284f7e") diff -Nru cl-ironclad-0.43/testing/test-vectors/siphash.testvec cl-ironclad-0.45/testing/test-vectors/siphash.testvec --- cl-ironclad-0.43/testing/test-vectors/siphash.testvec 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/testing/test-vectors/siphash.testvec 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,68 @@ +;;; SipHash-2-4 + +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"" #h"310e0edd47db6f72") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"00" #h"fd67dc93c539f874") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"0001" #h"5a4fa9d909806c0d") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102" #h"2d7efbd796666785") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"00010203" #h"b7877127e09427cf") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"0001020304" #h"8da699cd64557618") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405" #h"cee3fe586e46c9cb") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"00010203040506" #h"37d1018bf50002ab") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"0001020304050607" #h"6224939a79f5f593") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708" #h"b0e4a90bdf82009e") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"00010203040506070809" #h"f3b9dd94c5bb5d7a") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a" #h"a7ad6b22462fb3f4") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b" #h"fbe50e86bc8f1e75") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c" #h"903d84c02756ea14") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d" #h"eef27a8e90ca23f7") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d0e" #h"e545be4961ca29a1") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d0e0f" #h"db9bc2577fcc2a3f") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d0e0f10" #h"9447be2cf5e99a69") + +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d" #h"B97C83DB4EDF24E8") +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e" #h"42A406FC61660BFA") + + +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"" #h"a3817f04ba25a8e66df67214c7550293" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"00" #h"da87c1d86b99af44347659119b22fc45" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"0001" #h"8177228da4a45dc7fca38bdef60affe4" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102" #h"9c70b60c5267a94e5f33b6b02985ed51" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"00010203" #h"f88164c12d9c8faf7d0f6e7c7bcd5579" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"0001020304" #h"1368875980776f8854527a07690e9627" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405" #h"14eeca338b208613485ea0308fd7a15e" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"00010203040506" #h"a1f1ebbed8dbc153c0b84aa61ff08239" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"0001020304050607" #h"3b62a9ba6258f5610f83e264f31497b4" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708" #h"264499060ad9baabc47f8b02bb6d71ed" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"00010203040506070809" #h"00110dc378146956c95447d3f3d0fbba" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a" #h"0151c568386b6677a2b4dc6f81e5dc18" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b" #h"d626b266905ef35882634df68532c125" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c" #h"9869e247e9c08b10d029934fc4b952f7" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d" #h"31fcefac66d7de9c7ec7485fe4494902" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d0e" #h"5493e99933b0a8117e08ec0f97cfc3d9" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d0e0f" #h"6ee2a4ca67b054bbfd3315bf85230577" :digest-length 16) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d0e0f10" #h"473d06e8738db89854c066c47ae47740" :digest-length 16) + + +;;; SipHash-4-8 + +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"" #h"41DA38992B0579C8" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"00" #h"51B89552F91459C8" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"0001" #h"923716F0BEDDC333" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102" #h"6A46D47D6547C105" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"00010203" #h"C238592B4AC1FA48" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"0001020304" #h"F6C2D7D9CF5247E1" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405" #h"6BB6BC34C835558E" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"00010203040506" #h"47D73F715ABEFD4E" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"0001020304050607" #h"20B58B9C072FDB50" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708" #h"36319AF35EE11253" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"00010203040506070809" #h"48A9D0DB0A8D848F" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a" #h"CC69396036040A81" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b" #h"4B6D68537AA79761" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c" #h"293796E9F2C95069" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d" #h"88431BEAA7629A68" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d0e" #h"E0A6A97DD589D383" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d0e0f" #h"559CF55380B2AC70" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d0e0f10" #h"D5B7C5117AE3794E" :compression-rounds 4 :finalization-rounds 8) + +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d" #h"2fbd2b9a1c0ef576" :compression-rounds 4 :finalization-rounds 8) +(:mac-test #h"000102030405060708090a0b0c0d0e0f" #h"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e" #h"9951ad46d24d81b8" :compression-rounds 4 :finalization-rounds 8) diff -Nru cl-ironclad-0.43/testing/test-vectors/sm3.testvec cl-ironclad-0.45/testing/test-vectors/sm3.testvec --- cl-ironclad-0.43/testing/test-vectors/sm3.testvec 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/testing/test-vectors/sm3.testvec 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,70 @@ +;; Test vectors from https://tools.ietf.org/html/draft-shen-sm3-hash + +(:digest-test #h"616263" #h"66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0") +(:digest-test #h"61626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"debe9ff92275b8a138604889c18e5a4d6fdb70e5387e5765293dcba39c0c5732") + + +;; Test vectors from Crypto++ + +(:digest-test #h"" #h"1ab21d8355cfa17f8e61194831e81a8f22bec8c728fefb747ed035eb5082aa2b") +(:digest-test #h"61626364" #h"82ec580fe6d36ae4f81cae3c73f4a5b3b5a09c943172dc9053c69fd8e18dca1e") +(:digest-test #h"6162636461626364" #h"b58b85b795b34879c354428f7c78cd1486c4ef25ea4c5d68e611ff41c15731ef") +(:digest-test #h"616263646162636461626364" #h"fd959b2560dadd0c0839144be6090cb665915156179c1fa6dc00292da7a2b9c2") +(:digest-test #h"61626364616263646162636461626364" #h"639c6f6b30d93ecebd559a953ba2eb72705db7d2be82bbf32979380e02124971") +(:digest-test #h"6162636461626364616263646162636461626364" #h"3f0371287a1d1fd198e12bba07e94ae5815dc7e06ba45856b6e53e56f1594f23") +(:digest-test #h"616263646162636461626364616263646162636461626364" #h"8d15c0b9e7540b5f41b359774127ee51d126a3c780357336c7d39d6ffc01f130") +(:digest-test #h"61626364616263646162636461626364616263646162636461626364" #h"0a5a2fafba54c2a6593b18c5877c50c26bee5369bc7f07b0c66a641e49295419") +(:digest-test #h"6162636461626364616263646162636461626364616263646162636461626364" #h"73edef5c9d3710f14dbaf892f50ce9dfab48e462d837d93ec0f9422c5f2a4007") +(:digest-test #h"616263646162636461626364616263646162636461626364616263646162636461626364" #h"28a6a907842a5b4a360cead2ff6f0b96f1b28c12e5c9ed0be58169c26863b0d8") +(:digest-test #h"61626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"035be9acd343d3711a61972ea6a80d4deb38e40c901f1cd20786cf57c82ce8ed") +(:digest-test #h"6162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"7a04f699def87c0ef8a9dd44d46a71a39e6b594bc467298d04454e52aa922dca") +(:digest-test #h"616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"6fe77b627c1a12bc367d13c8f07b32ffbde1a537b1b9cb061bf7d75a692e02bb") +(:digest-test #h"61626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"4251f280685451d9f73d75e6d59f4e3f140f3a0b22f9cb0416e4dd15c1410d11") +(:digest-test #h"6162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"9a032f0cf27e4b408f252452d451cac51a422d43ae73ab6cd7ec2483241358e9") +(:digest-test #h"616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"7b0685c88114bee154296c262d619a3d43c4fbf325d5dcb6f2bbdbf96d4275db") +(:digest-test #h"61626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"debe9ff92275b8a138604889c18e5a4d6fdb70e5387e5765293dcba39c0c5732") +(:digest-test #h"6162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"860f7ad118996a6f631c5e4ac693157aefda97a18a873d3323f64c28a8a44fc5") +(:digest-test #h"616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"0c5e778ef656184f8c9ee54f0fe0c9ce5059e02c771325184619be82c92a8c5a") +(:digest-test #h"61626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"bb78eaeb6b00d13d43ab682b8d65512aa9e91fbc8c6c2841c6b96345f44f9652") +(:digest-test #h"6162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"716f5396cc9312609c28c645344ec695fdabdb9fbf11de36c1b33ac5291cca6c") +(:digest-test #h"616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"24ce4fbaab353814f890561cbde3d10308c33ac6831ff74e236e8e0525b2cd4e") +(:digest-test #h"61626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"5852844cbc2d742d4b129392646b3a1029c54f9813eec409012bf2c4bf0acdeb") +(:digest-test #h"6162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"3efb9d84992a87607dc43d91fb818cdbebe3f6cfac66456495f6cb922f9c2fb3") +(:digest-test #h"616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364" #h"994bf36eb6c0099b21d6ead2cf71490ea57aa845f0feed97d7f8ce2788e22342") + + +;; Test vectors from GmSSL + +(:digest-test #h"8f" #h"2b6173f01b9002cac00ec91c8b481867c2e35bf408bde154d62844da1b5b6e18") +(:digest-test #h"bf23" #h"b49515e07f9e777070d725fd49d41579d263cffb4ec3fa65b93c87b473d91cb9") +(:digest-test #h"7a9719" #h"171e937ace4b4e18fef1efbae2feaaa7f1022f722ffc82155a24e75ae4ac4b29") +(:digest-test #h"fb39e8cc" #h"041326870d40091c58ce7a252458e86cf19664ca6aa7e11db8952329b7688a1c") +(:digest-test #h"95aaf89fe9" #h"b2249a453544ca8699e07b369382001e8d741c76cad673851a4a25be5c1765cd") +(:digest-test #h"7688740e973d" #h"5ac22e272e9c6e7cef2c17178302817d865cb178c6c04b331b0e5ee61c2014f9") +(:digest-test #h"d7b976b5f139c5" #h"667509d27e794d11621817e993b8da4accacb3f83a719e635e0ea455905040de") +(:digest-test #h"391b4861669a3de0" #h"911b051b02636a5efe12ec8fafa3b18d55b1aa6c4bc9e07789b2d44470b94167") +(:digest-test #h"e71ec750cc768837a8" #h"429debaa692b6aeb85aae6666ed2f8c206395d6a87560699dca23d6035918b28") +(:digest-test #h"898fb851bb90bceefb6d" #h"140f2130d810310c5d0a988e9b380678031c4a9050aabe1a7b5603a98f452684") +(:digest-test #h"7d33665e8ef4f522b55df7" #h"3b4c28a7bd3ab41b65525f580edcbe1a308c3fa09d821c192858a349581ca55b") +(:digest-test #h"815e16c63b984946c07ad55a" #h"ecc8181aaffc4dbce05c8ad2b3544bf6838791d6c9966de2996318b33ee37b8b") +(:digest-test #h"87eb36f4116f4d2aa05c9d2b56" #h"5b617c321f8769b5227bc02471c117f44dfdf816ebabb60575d07edef1f880c0") +(:digest-test #h"f670d1ed03316874263b039cb53a" #h"911048c7853c404970a9230fd997a95b5b4a00ff74a8aafbbce72b4f9444de8f") +(:digest-test #h"102cb525fa7e0de28efe6d2f2ad1b1" #h"ddc82e25eb0caa33ee7229a12ac69a7b9b72345236e835857e81bd2173edc532") +(:digest-test #h"74c2e33d49e8c2a5144e82edc04218f9" #h"ad2b435cda7615f0ac367aeca843a69189b665552233f4804439090f86f3009f") +(:digest-test #h"706c9721e103771b688e97636ab26b412c" #h"78b026963e21183970483449ee9272a877a2254c89c63f0f6a0b4b86dea1db33") +(:digest-test #h"ac24ded9e54844b3e0ca037ec1d0f8103fec" #h"eb46d32b15ebf5c5fd2af316c9717065cc21376053945f04cb6f92d31e1666e9") +(:digest-test #h"1b39c5a77a7cd6d538c3d2d1079f3f5338c620" #h"c1761751af06a5be5233bd7a8d6fc497fc1ea3f36cafb988e457f281615bf867") +(:digest-test #h"65a647b8dd26dcaece299788b13ac05a0e71c577" #h"7239694c9b61cdf9e62d5d48bafdc283f2041a9c0845e0dd975bb3a8e5a01198") +(:digest-test #h"98f13468ff3c69382495d34ba12e1e4bd895bec29a" #h"6b70357406f59521ba34f961aa4c7d78a088db325595d6267af5d499f1d95b1f") +(:digest-test #h"03de8240c26bbaef801d579d2f2be849ffeab779e056" #h"d98dea9c0a614fb689750c75fd4c6d5e91447104f8f563dbea1f50602da018f5") +(:digest-test #h"a733f4adfbe6b110c1ef6fd3599b680a6fa5644fbcd073" #h"acfaaad49a8b94d1df81ea951a30ee2b899fba79f60c452f63af3c79e1283944") +(:digest-test #h"1cb083e53c6242d1dd62510ccfb3d5496d692b8017023bae" #h"1ec1f230391a74818cf79b24c9b4df63f0a291e317eed70990c65efad9b5ad33") +(:digest-test #h"6a8000baf113ddee93437ce36c9b28f69f0df4a0500633eeab" #h"9aa7e33e6d4edc5e487a4a15b9bfa013d167d256afd86df7770468107df19f87") +(:digest-test #h"d2d424446f9b2b29efcf93f2da96208a90a39fb0dc7e46ad8f53" #h"6f5321a4bd11eb49dcfc9214d1391fcb733bedca2148f05a18afcc3d141211e6") +(:digest-test #h"db1bcaf89851cbcc847347eb4b1d0c40ea6f3e0de1853d713704bc" #h"6194eeda953c297c20ec9876e4f0d51c44c1ccc4037cc90e6ba184572c84ef2f") +(:digest-test #h"bab74a186887702204977bceefb1bba1d52c9c58667e7fe0e3f4bc19" #h"e715a625d3d1271f8a3aadcf215f91161c1bc161bd645627b78c707f0c8b3b3f") +(:digest-test #h"36cdc511b3082afd547f4331298f879aa742c634c10e0263f80efdeece" #h"4c77eb46a03cc08c37ee567127c0bce8f952ba5fdd729ff6fc44e3ffe307a507") +(:digest-test #h"072bedbcbe5f9295ec6a2bf22490d984bc7388fe99035916c1262e8b592c" #h"6a1ad547946c39bb22dda3dc8b861010790d8cebf4cf8dc3c9493ca8d4c92f70") +(:digest-test #h"6009dced63eef9985da162f1beda1b56e0c17d51119b1aaeee7b28050bd1dd" #h"8abe85411e3ce2c2a2e582eda291d45fcd3a4a5cd7e1851a7e67a49fa2f3ba9a") +(:digest-test #h"45dc649b6c57a9e21e9b069d06e12729b80a62facd901c6e9ed10c38ba5c2e65" #h"355422a0c526088b16c5207d1adad939cf9642150ebe110e213f23884f8db789") +(:digest-test #h"8d8ac08987feb09407263bc7cd471911372f1daebe2c879b258c0efbef9c544aba" #h"d730e1a1482889c9f4f2b661941c2e1ea6a12f1c78e70908df164b33c6226dee") diff -Nru cl-ironclad-0.43/testing/test-vectors/sm4.testvec cl-ironclad-0.45/testing/test-vectors/sm4.testvec --- cl-ironclad-0.43/testing/test-vectors/sm4.testvec 1970-01-01 00:00:00.000000000 +0000 +++ cl-ironclad-0.45/testing/test-vectors/sm4.testvec 2019-02-18 14:08:52.000000000 +0000 @@ -0,0 +1,34 @@ +;; Test vectors from https://eprint.iacr.org/2008/329.pdf + +(:ecb-mode-test #h"0123456789abcdeffedcba9876543210" #h"0123456789abcdeffedcba9876543210" #h"681edf34d206965e86b3e94f536e4246") + + +;; Test vectors from Crypto++ + +(:ecb-mode-test #h"eb23add6454757555747395b76661c9a" #h"d294d879a1f02c7c5906d6c2d0c54d9f" #h"865de90d6b6e99273e2d44859d9c16df") +(:ecb-mode-test #h"11e3790f430b4729da1eef291bce99cd" #h"04a36e56b2032b725dde112fce3f8398" #h"4076848ad4563b9d8e3fd09ba2e5dcfe") +(:ecb-mode-test #h"4310652e0bb55c2cba9aebd4fc2bed5c" #h"cb33507774e6e161cd5029e901c6c36a" #h"64b8d9fb4114d490ffbd105969310ef9") +(:ecb-mode-test #h"fdba958326cd690f28c7632b5ebef6a1" #h"bae8a9b1c3319d3fc9d48817e034fe1b" #h"19c70a4e9fe8d6739863224c8734a79b") +(:ecb-mode-test #h"63af71ae3ce38fd96afaaaf12cc3d5d3" #h"a505b41e20c73c777f56235261198e56" #h"2f6071bc04f55844bc8675fabea3f727") +(:ecb-mode-test #h"03f360d31da9dbd2f0bfffeaefdb1d1e" #h"8177f025ddbc7ce919dc5d2612548878" #h"d7447f601c174aabc62e06bb85bb597c") +(:ecb-mode-test #h"ea326bd4223b2f1be3cb0319220adcae" #h"15dbe19a7fac233433cb9ca190fac2f1" #h"6bc11d09bb46092831e2399cf1525f43") +(:ecb-mode-test #h"f1163693e6e70cbf48e774368142286f" #h"95ff06c4a634e09baad6f1b2230662c7" #h"558614db4dd8aa43717c14c7b87a8d79") +(:ecb-mode-test #h"cbad11138e97ee20b140bd8923031488" #h"a514119f5ab688278e581cfca5bdff5f" #h"8e4682e2a5f92b777caff65275528caf") +(:ecb-mode-test #h"3198ab4e006a5180966d5075912bc406" #h"5f9b108b715f047b7879e323b0d95c3b" #h"7b40084f82caaa25821862f986abd424") + + +;; Test vectors from Botan + +(:ecb-mode-test #h"f11235535318fa844a3cbe643169f59e" #h"a27ee076e48e6f389710ec7b5e8a3be5" #h"94cfe3f59e8507fec41dbe738ccd53e1") +(:ecb-mode-test #h"419a55a70c401da6571654bc4af1f6d7" #h"9b6294ae9be009c87caefcd842632a1d" #h"9868917b7329ce6f1e1fba6e404d8f20") +(:ecb-mode-test #h"ee1e457608d7704a99f76c73815cbfa8" #h"c89c30ad3b257ca7635052ed63b6d268" #h"ce25779ca2a8eefd7add059273e2a1fd") +(:ecb-mode-test #h"43d99b186beaa4e2de3159f77bf708fa" #h"91cb86ca6b0fdf6671ff4ae4bf63ad6c" #h"3a6b1df36c9cbfc327ff8b6c7318579c") +(:ecb-mode-test #h"bbe5816e2b56084fcdeab9b739ce899e" #h"b607bb382377f3b6d5fb740e3bf0e822" #h"4dcdc1708360a700130c3bd90c8f626f") +(:ecb-mode-test #h"bf35fee606e59d0e1e18bda40180672c" #h"6f217dad31488a54a7f4482d1be230bc" #h"de1aaea076633b37b54aef10b180661a") +(:ecb-mode-test #h"d2b1ce2cfdb2306be24f0364434f7734" #h"7ab0e2cc96e55659e5078591f510b721" #h"052e420981d36c01a96a8302f71fb7a6") +(:ecb-mode-test #h"2ddd024a42b24a9652c8c52021024c33" #h"c9bd217786c00f420a88d6818b685a02" #h"ce273e3523b443eb34c7b6a153fc9308") +(:ecb-mode-test #h"4a6453202ec4378492bfa3d6a685f6cd" #h"b9edc63029f5fa1390918736590a3483" #h"2c7e67e24281ba3271e6fff2d2b91b75") +(:ecb-mode-test #h"6fc86efe73b3af96014e490882a34825" #h"13805831d15593ba3cf4553d4aefdb71" #h"a32951875534f6b1abb12465ef370fdc") + + +(:keystream-test #h"7aa9470dc8182d09d2bb84411ffb6f96" #h"4efbe9452824555156404a8e1d201a9d" #h"b5f503e76d6505b344f1ddfe2e679814fc791684bb7e5e57a4d7027442701747bffdbb66fc920375397177a26ac8aba026cd627547b7f5ee9e8878ba1adafe905ab12f6cc5105975c3960945d9de29d5c07b3f037aad870304b2e4c47b7f81f4c1a8caab03432ba3a6dc38f570c1db9c069caabe50a1490952da1a68a1610bd9919c0a0936656ea9aaf613b067da0416b0c7dbc15d41ca9b49437fd47dbd649ffbf8b22987fb804729dca6f385c3932278807c81dc4d02a335d87efaaade78d19f270edb4a9bf8e6615f622e04239635d835470636ace72aa580b3cf8beda8d39ecd0caba5df7c6f7ae5a6465adb54686177f6965aab4be4caf8240cdc6422addd7c7e77c55801f10ab688cc9a67c2dc99bc6005d2628d97ba159689eb5bbc21ba98a48b33142a1f5ecda2e304167cb0060b88762df381842dad4230b2dcfac1225e734c15c3042ab006627c222c1e11f4a0fe22eb944756c6db434eea97628b0852cef46f59c604c3fd7472a130fad89961a9624827cec7c23949ab7570426f9c4f13033a417012ec8bc49481248bffd3295c92ae20dcc2a17d6e4c553790b6b64367fd320821f34014f517d44d8d4f5e0193bf2def8f55f3ab10d808feffd6289f21db6aca04ed08d6579e0ea0184e72d9ad325dbc45abc5fea540e6f890d959ca7dff296c26d9780d4e964be4b709c2c2125a75c22f2c21044515d0d0a1da6dc9f2607e2269691839ae1427bcfe629eea4d8f91ab97ee4372893950cea3e0b5d6e26e443c9632bfc57acc9563e93f0b5811a3fd6bbaf5b83be98d093ddd994a9db17e71c36d90b1fdc57c2421ee583f6d66b89ad6978a7b541dd4dad93cf5c5a5c004661ef9d0da23c6a4b110fdcaa8b762304009e8d24004e952688bb3563710f0200aa398114f3e95a2194c8d9ee96c63d90c7a2d32f7c41223834acf6afa899ddf84c3011a675ec3770000b6e2f218835bd6cd8b58473471b80748817f16d70bb17d2e99277db1bd8dadbc0514dbb3afad64dee9234bf3bed52c68bbc1f8aaf6138f2e0c8d8c3abefedc644c4a516863ca424bfb51ca5bf508c5b14a8cb5667a2bed482b24decf23549d53e0b13d0dafe86b9c111e8e60dc054cf0fbb0ddeebcf789d0b3900e28531f94ebdc86e2eb40bbb2faec16ca905747bb3c1fc31f2faba15a00eff14825a3e903c54e14c6f2d497d705dad51f1179241959a3bccdb92c305b3be26272c0f7fc19a9e4c07b3be970c08bd90601a9a229b212cac82cba523f9b4a7c573ad68cef99ece2cefc5bc44769275dd1f46d68d55da74e70b7c83260eb89cbfc25141481e72351cc26e1fe898c412efa9dad957086ae4f89737dd705dc13469888c1c593ea558f129a7c1c8c85005130ee3cf357625b96c324fc7550fe0fdf7e")