← Back to branch summary

~ubuntu-branches/ubuntu/utopic/xen/utopic

« back to all changes in this revision

Viewing changes to tools/blktap/drivers/aes.c

  • Committer: Bazaar Package Importer
  • Author(s): Bastian Blank
  • Date: 2010-05-06 15:47:38 UTC
  • mto: (1.3.1) (15.1.1 sid) (4.1.1 experimental)
  • mto: This revision was merged to the branch mainline in revision 3.
  • Revision ID: james.westby@ubuntu.com-20100506154738-agoz0rlafrh1fnq7
Tags: upstream-4.0.0
ImportĀ upstreamĀ versionĀ 4.0.0

Show diffs side-by-side

added added

removed removed

Lines of Context:
tools/blktap/drivers/aes.c
 
1
/**
 
2
 * 
 
3
 * aes.c - integrated in QEMU by Fabrice Bellard from the OpenSSL project.
 
4
 */
 
5
/*
 
6
 * rijndael-alg-fst.c
 
7
 *
 
8
 * @version 3.0 (December 2000)
 
9
 *
 
10
 * Optimised ANSI C code for the Rijndael cipher (now AES)
 
11
 *
 
12
 * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
 
13
 * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
 
14
 * @author Paulo Barreto <paulo.barreto@terra.com.br>
 
15
 *
 
16
 * This code is hereby placed in the public domain.
 
17
 *
 
18
 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
 
19
 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 
20
 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 
21
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
 
22
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 
23
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 
24
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
 
25
 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
 
26
 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 
27
 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
 
28
 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
29
 */
 
30
//#include "vl.h"
 
31
#include <inttypes.h>
 
32
#include <string.h>
 
33
#include "aes.h"
 
34
 
 
35
//#define NDEBUG
 
36
#include <assert.h>
 
37
 
 
38
typedef uint32_t u32;
 
39
typedef uint16_t u16;
 
40
typedef uint8_t u8;
 
41
 
 
42
#define MAXKC   (256/32)
 
43
#define MAXKB   (256/8)
 
44
#define MAXNR   14
 
45
 
 
46
/* This controls loop-unrolling in aes_core.c */
 
47
#undef FULL_UNROLL
 
48
# define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
 
49
# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }
 
50
 
 
51
/*
 
52
Te0[x] = S [x].[02, 01, 01, 03];
 
53
Te1[x] = S [x].[03, 02, 01, 01];
 
54
Te2[x] = S [x].[01, 03, 02, 01];
 
55
Te3[x] = S [x].[01, 01, 03, 02];
 
56
Te4[x] = S [x].[01, 01, 01, 01];
 
57
 
 
58
Td0[x] = Si[x].[0e, 09, 0d, 0b];
 
59
Td1[x] = Si[x].[0b, 0e, 09, 0d];
 
60
Td2[x] = Si[x].[0d, 0b, 0e, 09];
 
61
Td3[x] = Si[x].[09, 0d, 0b, 0e];
 
62
Td4[x] = Si[x].[01, 01, 01, 01];
 
63
*/
 
64
 
 
65
static const u32 Te0[256] = {
 
66
    0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
 
67
    0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
 
68
    0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
 
69
    0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
 
70
    0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
 
71
    0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
 
72
    0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
 
73
    0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
 
74
    0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
 
75
    0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
 
76
    0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
 
77
    0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
 
78
    0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
 
79
    0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
 
80
    0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
 
81
    0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
 
82
    0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
 
83
    0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
 
84
    0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
 
85
    0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
 
86
    0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
 
87
    0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
 
88
    0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
 
89
    0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
 
90
    0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
 
91
    0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
 
92
    0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
 
93
    0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
 
94
    0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
 
95
    0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
 
96
    0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
 
97
    0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
 
98
    0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
 
99
    0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
 
100
    0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
 
101
    0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
 
102
    0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
 
103
    0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
 
104
    0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
 
105
    0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
 
106
    0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
 
107
    0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
 
108
    0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
 
109
    0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
 
110
    0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
 
111
    0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
 
112
    0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
 
113
    0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
 
114
    0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
 
115
    0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
 
116
    0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
 
117
    0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
 
118
    0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
 
119
    0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
 
120
    0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
 
121
    0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
 
122
    0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
 
123
    0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
 
124
    0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
 
125
    0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
 
126
    0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
 
127
    0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
 
128
    0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
 
129
    0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
 
130
};
 
131
static const u32 Te1[256] = {
 
132
    0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
 
133
    0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
 
134
    0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
 
135
    0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
 
136
    0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
 
137
    0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
 
138
    0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
 
139
    0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
 
140
    0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
 
141
    0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
 
142
    0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
 
143
    0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
 
144
    0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
 
145
    0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
 
146
    0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
 
147
    0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
 
148
    0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
 
149
    0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
 
150
    0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
 
151
    0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
 
152
    0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
 
153
    0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
 
154
    0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
 
155
    0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
 
156
    0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
 
157
    0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
 
158
    0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
 
159
    0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
 
160
    0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
 
161
    0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
 
162
    0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
 
163
    0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
 
164
    0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
 
165
    0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
 
166
    0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
 
167
    0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
 
168
    0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
 
169
    0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
 
170
    0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
 
171
    0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
 
172
    0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
 
173
    0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
 
174
    0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
 
175
    0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
 
176
    0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
 
177
    0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
 
178
    0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
 
179
    0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
 
180
    0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
 
181
    0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
 
182
    0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
 
183
    0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
 
184
    0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
 
185
    0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
 
186
    0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
 
187
    0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
 
188
    0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
 
189
    0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
 
190
    0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
 
191
    0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
 
192
    0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
 
193
    0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
 
194
    0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
 
195
    0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
 
196
};
 
197
static const u32 Te2[256] = {
 
198
    0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
 
199
    0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
 
200
    0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
 
201
    0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
 
202
    0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
 
203
    0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
 
204
    0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
 
205
    0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
 
206
    0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
 
207
    0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
 
208
    0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
 
209
    0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
 
210
    0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
 
211
    0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
 
212
    0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
 
213
    0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
 
214
    0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
 
215
    0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
 
216
    0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
 
217
    0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
 
218
    0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
 
219
    0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
 
220
    0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
 
221
    0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
 
222
    0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
 
223
    0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
 
224
    0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
 
225
    0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
 
226
    0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
 
227
    0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
 
228
    0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
 
229
    0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
 
230
    0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
 
231
    0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
 
232
    0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
 
233
    0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
 
234
    0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
 
235
    0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
 
236
    0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
 
237
    0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
 
238
    0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
 
239
    0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
 
240
    0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
 
241
    0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
 
242
    0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
 
243
    0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
 
244
    0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
 
245
    0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
 
246
    0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
 
247
    0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
 
248
    0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
 
249
    0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
 
250
    0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
 
251
    0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
 
252
    0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
 
253
    0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
 
254
    0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
 
255
    0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
 
256
    0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
 
257
    0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
 
258
    0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
 
259
    0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
 
260
    0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
 
261
    0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
 
262
};
 
263
static const u32 Te3[256] = {
 
264
 
 
265
    0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
 
266
    0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
 
267
    0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
 
268
    0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
 
269
    0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
 
270
    0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
 
271
    0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
 
272
    0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
 
273
    0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
 
274
    0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
 
275
    0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
 
276
    0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
 
277
    0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
 
278
    0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
 
279
    0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
 
280
    0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
 
281
    0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
 
282
    0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
 
283
    0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
 
284
    0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
 
285
    0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
 
286
    0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
 
287
    0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
 
288
    0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
 
289
    0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
 
290
    0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
 
291
    0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
 
292
    0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
 
293
    0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
 
294
    0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
 
295
    0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
 
296
    0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
 
297
    0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
 
298
    0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
 
299
    0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
 
300
    0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
 
301
    0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
 
302
    0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
 
303
    0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
 
304
    0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
 
305
    0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
 
306
    0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
 
307
    0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
 
308
    0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
 
309
    0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
 
310
    0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
 
311
    0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
 
312
    0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
 
313
    0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
 
314
    0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
 
315
    0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
 
316
    0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
 
317
    0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
 
318
    0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
 
319
    0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
 
320
    0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
 
321
    0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
 
322
    0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
 
323
    0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
 
324
    0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
 
325
    0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
 
326
    0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
 
327
    0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
 
328
    0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
 
329
};
 
330
static const u32 Te4[256] = {
 
331
    0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
 
332
    0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
 
333
    0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
 
334
    0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
 
335
    0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
 
336
    0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
 
337
    0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
 
338
    0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
 
339
    0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
 
340
    0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
 
341
    0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
 
342
    0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
 
343
    0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
 
344
    0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
 
345
    0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
 
346
    0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
 
347
    0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
 
348
    0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
 
349
    0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
 
350
    0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
 
351
    0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
 
352
    0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
 
353
    0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
 
354
    0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
 
355
    0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
 
356
    0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
 
357
    0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
 
358
    0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
 
359
    0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
 
360
    0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
 
361
    0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
 
362
    0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
 
363
    0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
 
364
    0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
 
365
    0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
 
366
    0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
 
367
    0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
 
368
    0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
 
369
    0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
 
370
    0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
 
371
    0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
 
372
    0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
 
373
    0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
 
374
    0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
 
375
    0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
 
376
    0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
 
377
    0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
 
378
    0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
 
379
    0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
 
380
    0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
 
381
    0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
 
382
    0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
 
383
    0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
 
384
    0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
 
385
    0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
 
386
    0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
 
387
    0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
 
388
    0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
 
389
    0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
 
390
    0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
 
391
    0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
 
392
    0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
 
393
    0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
 
394
    0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
 
395
};
 
396
static const u32 Td0[256] = {
 
397
    0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
 
398
    0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
 
399
    0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
 
400
    0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
 
401
    0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
 
402
    0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
 
403
    0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
 
404
    0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
 
405
    0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
 
406
    0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
 
407
    0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
 
408
    0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
 
409
    0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
 
410
    0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
 
411
    0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
 
412
    0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
 
413
    0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
 
414
    0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
 
415
    0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
 
416
    0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
 
417
    0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
 
418
    0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
 
419
    0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
 
420
    0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
 
421
    0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
 
422
    0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
 
423
    0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
 
424
    0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
 
425
    0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
 
426
    0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
 
427
    0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
 
428
    0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
 
429
    0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
 
430
    0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
 
431
    0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
 
432
    0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
 
433
    0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
 
434
    0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
 
435
    0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
 
436
    0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
 
437
    0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
 
438
    0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
 
439
    0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
 
440
    0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
 
441
    0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
 
442
    0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
 
443
    0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
 
444
    0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
 
445
    0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
 
446
    0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
 
447
    0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
 
448
    0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
 
449
    0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
 
450
    0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
 
451
    0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
 
452
    0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
 
453
    0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
 
454
    0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
 
455
    0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
 
456
    0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
 
457
    0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
 
458
    0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
 
459
    0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
 
460
    0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
 
461
};
 
462
static const u32 Td1[256] = {
 
463
    0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
 
464
    0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
 
465
    0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
 
466
    0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
 
467
    0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
 
468
    0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
 
469
    0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
 
470
    0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
 
471
    0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
 
472
    0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
 
473
    0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
 
474
    0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
 
475
    0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
 
476
    0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
 
477
    0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
 
478
    0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
 
479
    0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
 
480
    0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
 
481
    0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
 
482
    0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
 
483
    0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
 
484
    0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
 
485
    0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
 
486
    0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
 
487
    0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
 
488
    0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
 
489
    0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
 
490
    0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
 
491
    0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
 
492
    0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
 
493
    0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
 
494
    0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
 
495
    0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
 
496
    0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
 
497
    0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
 
498
    0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
 
499
    0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
 
500
    0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
 
501
    0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
 
502
    0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
 
503
    0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
 
504
    0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
 
505
    0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
 
506
    0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
 
507
    0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
 
508
    0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
 
509
    0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
 
510
    0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
 
511
    0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
 
512
    0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
 
513
    0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
 
514
    0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
 
515
    0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
 
516
    0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
 
517
    0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
 
518
    0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
 
519
    0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
 
520
    0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
 
521
    0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
 
522
    0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
 
523
    0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
 
524
    0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
 
525
    0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
 
526
    0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
 
527
};
 
528
static const u32 Td2[256] = {
 
529
    0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
 
530
    0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
 
531
    0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
 
532
    0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
 
533
    0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
 
534
    0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
 
535
    0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
 
536
    0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
 
537
    0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
 
538
    0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
 
539
    0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
 
540
    0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
 
541
    0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
 
542
    0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
 
543
    0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
 
544
    0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
 
545
    0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
 
546
    0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
 
547
    0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
 
548
    0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
 
549
 
 
550
    0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
 
551
    0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
 
552
    0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
 
553
    0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
 
554
    0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
 
555
    0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
 
556
    0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
 
557
    0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
 
558
    0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
 
559
    0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
 
560
    0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
 
561
    0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
 
562
    0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
 
563
    0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
 
564
    0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
 
565
    0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
 
566
    0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
 
567
    0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
 
568
    0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
 
569
    0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
 
570
    0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
 
571
    0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
 
572
    0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
 
573
    0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
 
574
    0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
 
575
    0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
 
576
    0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
 
577
    0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
 
578
    0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
 
579
    0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
 
580
    0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
 
581
    0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
 
582
    0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
 
583
    0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
 
584
    0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
 
585
    0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
 
586
    0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
 
587
    0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
 
588
    0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
 
589
    0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
 
590
    0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
 
591
    0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
 
592
    0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
 
593
    0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
 
594
};
 
595
static const u32 Td3[256] = {
 
596
    0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
 
597
    0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
 
598
    0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
 
599
    0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
 
600
    0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
 
601
    0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
 
602
    0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
 
603
    0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
 
604
    0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
 
605
    0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
 
606
    0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
 
607
    0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
 
608
    0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
 
609
    0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
 
610
    0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
 
611
    0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
 
612
    0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
 
613
    0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
 
614
    0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
 
615
    0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
 
616
    0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
 
617
    0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
 
618
    0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
 
619
    0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
 
620
    0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
 
621
    0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
 
622
    0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
 
623
    0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
 
624
    0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
 
625
    0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
 
626
    0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
 
627
    0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
 
628
    0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
 
629
    0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
 
630
    0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
 
631
    0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
 
632
    0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
 
633
    0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
 
634
    0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
 
635
    0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
 
636
    0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
 
637
    0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
 
638
    0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
 
639
    0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
 
640
    0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
 
641
    0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
 
642
    0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
 
643
    0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
 
644
    0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
 
645
    0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
 
646
    0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
 
647
    0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
 
648
    0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
 
649
    0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
 
650
    0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
 
651
    0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
 
652
    0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
 
653
    0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
 
654
    0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
 
655
    0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
 
656
    0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
 
657
    0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
 
658
    0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
 
659
    0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
 
660
};
 
661
static const u32 Td4[256] = {
 
662
    0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
 
663
    0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
 
664
    0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
 
665
    0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
 
666
    0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
 
667
    0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
 
668
    0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
 
669
    0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
 
670
    0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
 
671
    0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
 
672
    0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
 
673
    0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
 
674
    0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
 
675
    0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
 
676
    0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
 
677
    0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
 
678
    0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
 
679
    0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
 
680
    0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
 
681
    0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
 
682
    0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
 
683
    0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
 
684
    0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
 
685
    0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
 
686
    0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
 
687
    0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
 
688
    0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
 
689
    0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
 
690
    0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
 
691
    0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
 
692
    0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
 
693
    0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
 
694
    0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
 
695
    0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
 
696
    0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
 
697
    0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
 
698
    0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
 
699
    0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
 
700
    0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
 
701
    0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
 
702
    0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
 
703
    0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
 
704
    0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
 
705
    0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
 
706
    0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
 
707
    0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
 
708
    0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
 
709
    0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
 
710
    0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
 
711
    0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
 
712
    0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
 
713
    0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
 
714
    0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
 
715
    0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
 
716
    0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
 
717
    0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
 
718
    0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
 
719
    0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
 
720
    0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
 
721
    0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
 
722
    0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
 
723
    0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
 
724
    0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
 
725
    0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU,
 
726
};
 
727
static const u32 rcon[] = {
 
728
        0x01000000, 0x02000000, 0x04000000, 0x08000000,
 
729
        0x10000000, 0x20000000, 0x40000000, 0x80000000,
 
730
        0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
 
731
};
 
732
 
 
733
/**
 
734
 * Expand the cipher key into the encryption key schedule.
 
735
 */
 
736
int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
 
737
                        AES_KEY *key) {
 
738
 
 
739
        u32 *rk;
 
740
        int i = 0;
 
741
        u32 temp;
 
742
 
 
743
        if (!userKey || !key)
 
744
                return -1;
 
745
        if (bits != 128 && bits != 192 && bits != 256)
 
746
                return -2;
 
747
 
 
748
        rk = key->rd_key;
 
749
 
 
750
        if (bits==128)
 
751
                key->rounds = 10;
 
752
        else if (bits==192)
 
753
                key->rounds = 12;
 
754
        else
 
755
                key->rounds = 14;
 
756
 
 
757
        rk[0] = GETU32(userKey     );
 
758
        rk[1] = GETU32(userKey +  4);
 
759
        rk[2] = GETU32(userKey +  8);
 
760
        rk[3] = GETU32(userKey + 12);
 
761
        if (bits == 128) {
 
762
                while (1) {
 
763
                        temp  = rk[3];
 
764
                        rk[4] = rk[0] ^
 
765
                                (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
 
766
                                (Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
 
767
                                (Te4[(temp      ) & 0xff] & 0x0000ff00) ^
 
768
                                (Te4[(temp >> 24)       ] & 0x000000ff) ^
 
769
                                rcon[i];
 
770
                        rk[5] = rk[1] ^ rk[4];
 
771
                        rk[6] = rk[2] ^ rk[5];
 
772
                        rk[7] = rk[3] ^ rk[6];
 
773
                        if (++i == 10) {
 
774
                                return 0;
 
775
                        }
 
776
                        rk += 4;
 
777
                }
 
778
        }
 
779
        rk[4] = GETU32(userKey + 16);
 
780
        rk[5] = GETU32(userKey + 20);
 
781
        if (bits == 192) {
 
782
                while (1) {
 
783
                        temp = rk[ 5];
 
784
                        rk[ 6] = rk[ 0] ^
 
785
                                (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
 
786
                                (Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
 
787
                                (Te4[(temp      ) & 0xff] & 0x0000ff00) ^
 
788
                                (Te4[(temp >> 24)       ] & 0x000000ff) ^
 
789
                                rcon[i];
 
790
                        rk[ 7] = rk[ 1] ^ rk[ 6];
 
791
                        rk[ 8] = rk[ 2] ^ rk[ 7];
 
792
                        rk[ 9] = rk[ 3] ^ rk[ 8];
 
793
                        if (++i == 8) {
 
794
                                return 0;
 
795
                        }
 
796
                        rk[10] = rk[ 4] ^ rk[ 9];
 
797
                        rk[11] = rk[ 5] ^ rk[10];
 
798
                        rk += 6;
 
799
                }
 
800
        }
 
801
        rk[6] = GETU32(userKey + 24);
 
802
        rk[7] = GETU32(userKey + 28);
 
803
        if (bits == 256) {
 
804
                while (1) {
 
805
                        temp = rk[ 7];
 
806
                        rk[ 8] = rk[ 0] ^
 
807
                                (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
 
808
                                (Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
 
809
                                (Te4[(temp      ) & 0xff] & 0x0000ff00) ^
 
810
                                (Te4[(temp >> 24)       ] & 0x000000ff) ^
 
811
                                rcon[i];
 
812
                        rk[ 9] = rk[ 1] ^ rk[ 8];
 
813
                        rk[10] = rk[ 2] ^ rk[ 9];
 
814
                        rk[11] = rk[ 3] ^ rk[10];
 
815
                        if (++i == 7) {
 
816
                                return 0;
 
817
                        }
 
818
                        temp = rk[11];
 
819
                        rk[12] = rk[ 4] ^
 
820
                                (Te4[(temp >> 24)       ] & 0xff000000) ^
 
821
                                (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^
 
822
                                (Te4[(temp >>  8) & 0xff] & 0x0000ff00) ^
 
823
                                (Te4[(temp      ) & 0xff] & 0x000000ff);
 
824
                        rk[13] = rk[ 5] ^ rk[12];
 
825
                        rk[14] = rk[ 6] ^ rk[13];
 
826
                        rk[15] = rk[ 7] ^ rk[14];
 
827
 
 
828
                        rk += 8;
 
829
                }
 
830
        }
 
831
        return 0;
 
832
}
 
833
 
 
834
/**
 
835
 * Expand the cipher key into the decryption key schedule.
 
836
 */
 
837
int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
 
838
                         AES_KEY *key) {
 
839
 
 
840
        u32 *rk;
 
841
        int i, j, status;
 
842
        u32 temp;
 
843
 
 
844
        /* first, start with an encryption schedule */
 
845
        status = AES_set_encrypt_key(userKey, bits, key);
 
846
        if (status < 0)
 
847
                return status;
 
848
 
 
849
        rk = key->rd_key;
 
850
 
 
851
        /* invert the order of the round keys: */
 
852
        for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
 
853
                temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
 
854
                temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
 
855
                temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
 
856
                temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
 
857
        }
 
858
        /* apply the inverse MixColumn transform to all round keys but the first and the last: */
 
859
        for (i = 1; i < (key->rounds); i++) {
 
860
                rk += 4;
 
861
                rk[0] =
 
862
                        Td0[Te4[(rk[0] >> 24)       ] & 0xff] ^
 
863
                        Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^
 
864
                        Td2[Te4[(rk[0] >>  8) & 0xff] & 0xff] ^
 
865
                        Td3[Te4[(rk[0]      ) & 0xff] & 0xff];
 
866
                rk[1] =
 
867
                        Td0[Te4[(rk[1] >> 24)       ] & 0xff] ^
 
868
                        Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^
 
869
                        Td2[Te4[(rk[1] >>  8) & 0xff] & 0xff] ^
 
870
                        Td3[Te4[(rk[1]      ) & 0xff] & 0xff];
 
871
                rk[2] =
 
872
                        Td0[Te4[(rk[2] >> 24)       ] & 0xff] ^
 
873
                        Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^
 
874
                        Td2[Te4[(rk[2] >>  8) & 0xff] & 0xff] ^
 
875
                        Td3[Te4[(rk[2]      ) & 0xff] & 0xff];
 
876
                rk[3] =
 
877
                        Td0[Te4[(rk[3] >> 24)       ] & 0xff] ^
 
878
                        Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^
 
879
                        Td2[Te4[(rk[3] >>  8) & 0xff] & 0xff] ^
 
880
                        Td3[Te4[(rk[3]      ) & 0xff] & 0xff];
 
881
        }
 
882
        return 0;
 
883
}
 
884
 
 
885
#ifndef AES_ASM
 
886
/*
 
887
 * Encrypt a single block
 
888
 * in and out can overlap
 
889
 */
 
890
void AES_encrypt(const unsigned char *in, unsigned char *out,
 
891
                 const AES_KEY *key) {
 
892
 
 
893
        const u32 *rk;
 
894
        u32 s0, s1, s2, s3, t0, t1, t2, t3;
 
895
#ifndef FULL_UNROLL
 
896
        int r;
 
897
#endif /* ?FULL_UNROLL */
 
898
 
 
899
        assert(in && out && key);
 
900
        rk = key->rd_key;
 
901
 
 
902
        /*
 
903
         * map byte array block to cipher state
 
904
         * and add initial round key:
 
905
         */
 
906
        s0 = GETU32(in     ) ^ rk[0];
 
907
        s1 = GETU32(in +  4) ^ rk[1];
 
908
        s2 = GETU32(in +  8) ^ rk[2];
 
909
        s3 = GETU32(in + 12) ^ rk[3];
 
910
#ifdef FULL_UNROLL
 
911
        /* round 1: */
 
912
        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
 
913
        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
 
914
        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
 
915
        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
 
916
        /* round 2: */
 
917
        s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
 
918
        s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
 
919
        s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
 
920
        s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
 
921
        /* round 3: */
 
922
        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
 
923
        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
 
924
        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
 
925
        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
 
926
        /* round 4: */
 
927
        s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
 
928
        s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
 
929
        s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
 
930
        s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
 
931
        /* round 5: */
 
932
        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
 
933
        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
 
934
        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
 
935
        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
 
936
        /* round 6: */
 
937
        s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
 
938
        s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
 
939
        s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
 
940
        s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
 
941
        /* round 7: */
 
942
        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
 
943
        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
 
944
        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
 
945
        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
 
946
        /* round 8: */
 
947
        s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
 
948
        s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
 
949
        s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
 
950
        s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
 
951
        /* round 9: */
 
952
        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
 
953
        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
 
954
        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
 
955
        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
 
956
    if (key->rounds > 10) {
 
957
        /* round 10: */
 
958
        s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
 
959
        s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
 
960
        s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
 
961
        s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
 
962
        /* round 11: */
 
963
        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
 
964
        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
 
965
        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
 
966
        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
 
967
        if (key->rounds > 12) {
 
968
            /* round 12: */
 
969
            s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
 
970
            s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
 
971
            s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
 
972
            s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
 
973
            /* round 13: */
 
974
            t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
 
975
            t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
 
976
            t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
 
977
            t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
 
978
        }
 
979
    }
 
980
    rk += key->rounds << 2;
 
981
#else  /* !FULL_UNROLL */
 
982
    /*
 
983
     * Nr - 1 full rounds:
 
984
     */
 
985
    r = key->rounds >> 1;
 
986
    for (;;) {
 
987
        t0 =
 
988
            Te0[(s0 >> 24)       ] ^
 
989
            Te1[(s1 >> 16) & 0xff] ^
 
990
            Te2[(s2 >>  8) & 0xff] ^
 
991
            Te3[(s3      ) & 0xff] ^
 
992
            rk[4];
 
993
        t1 =
 
994
            Te0[(s1 >> 24)       ] ^
 
995
            Te1[(s2 >> 16) & 0xff] ^
 
996
            Te2[(s3 >>  8) & 0xff] ^
 
997
            Te3[(s0      ) & 0xff] ^
 
998
            rk[5];
 
999
        t2 =
 
1000
            Te0[(s2 >> 24)       ] ^
 
1001
            Te1[(s3 >> 16) & 0xff] ^
 
1002
            Te2[(s0 >>  8) & 0xff] ^
 
1003
            Te3[(s1      ) & 0xff] ^
 
1004
            rk[6];
 
1005
        t3 =
 
1006
            Te0[(s3 >> 24)       ] ^
 
1007
            Te1[(s0 >> 16) & 0xff] ^
 
1008
            Te2[(s1 >>  8) & 0xff] ^
 
1009
            Te3[(s2      ) & 0xff] ^
 
1010
            rk[7];
 
1011
 
 
1012
        rk += 8;
 
1013
        if (--r == 0) {
 
1014
            break;
 
1015
        }
 
1016
 
 
1017
        s0 =
 
1018
            Te0[(t0 >> 24)       ] ^
 
1019
            Te1[(t1 >> 16) & 0xff] ^
 
1020
            Te2[(t2 >>  8) & 0xff] ^
 
1021
            Te3[(t3      ) & 0xff] ^
 
1022
            rk[0];
 
1023
        s1 =
 
1024
            Te0[(t1 >> 24)       ] ^
 
1025
            Te1[(t2 >> 16) & 0xff] ^
 
1026
            Te2[(t3 >>  8) & 0xff] ^
 
1027
            Te3[(t0      ) & 0xff] ^
 
1028
            rk[1];
 
1029
        s2 =
 
1030
            Te0[(t2 >> 24)       ] ^
 
1031
            Te1[(t3 >> 16) & 0xff] ^
 
1032
            Te2[(t0 >>  8) & 0xff] ^
 
1033
            Te3[(t1      ) & 0xff] ^
 
1034
            rk[2];
 
1035
        s3 =
 
1036
            Te0[(t3 >> 24)       ] ^
 
1037
            Te1[(t0 >> 16) & 0xff] ^
 
1038
            Te2[(t1 >>  8) & 0xff] ^
 
1039
            Te3[(t2      ) & 0xff] ^
 
1040
            rk[3];
 
1041
    }
 
1042
#endif /* ?FULL_UNROLL */
 
1043
    /*
 
1044
         * apply last round and
 
1045
         * map cipher state to byte array block:
 
1046
         */
 
1047
        s0 =
 
1048
                (Te4[(t0 >> 24)       ] & 0xff000000) ^
 
1049
                (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
 
1050
                (Te4[(t2 >>  8) & 0xff] & 0x0000ff00) ^
 
1051
                (Te4[(t3      ) & 0xff] & 0x000000ff) ^
 
1052
                rk[0];
 
1053
        PUTU32(out     , s0);
 
1054
        s1 =
 
1055
                (Te4[(t1 >> 24)       ] & 0xff000000) ^
 
1056
                (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
 
1057
                (Te4[(t3 >>  8) & 0xff] & 0x0000ff00) ^
 
1058
                (Te4[(t0      ) & 0xff] & 0x000000ff) ^
 
1059
                rk[1];
 
1060
        PUTU32(out +  4, s1);
 
1061
        s2 =
 
1062
                (Te4[(t2 >> 24)       ] & 0xff000000) ^
 
1063
                (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
 
1064
                (Te4[(t0 >>  8) & 0xff] & 0x0000ff00) ^
 
1065
                (Te4[(t1      ) & 0xff] & 0x000000ff) ^
 
1066
                rk[2];
 
1067
        PUTU32(out +  8, s2);
 
1068
        s3 =
 
1069
                (Te4[(t3 >> 24)       ] & 0xff000000) ^
 
1070
                (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
 
1071
                (Te4[(t1 >>  8) & 0xff] & 0x0000ff00) ^
 
1072
                (Te4[(t2      ) & 0xff] & 0x000000ff) ^
 
1073
                rk[3];
 
1074
        PUTU32(out + 12, s3);
 
1075
}
 
1076
 
 
1077
/*
 
1078
 * Decrypt a single block
 
1079
 * in and out can overlap
 
1080
 */
 
1081
void AES_decrypt(const unsigned char *in, unsigned char *out,
 
1082
                 const AES_KEY *key) {
 
1083
 
 
1084
        const u32 *rk;
 
1085
        u32 s0, s1, s2, s3, t0, t1, t2, t3;
 
1086
#ifndef FULL_UNROLL
 
1087
        int r;
 
1088
#endif /* ?FULL_UNROLL */
 
1089
 
 
1090
        assert(in && out && key);
 
1091
        rk = key->rd_key;
 
1092
 
 
1093
        /*
 
1094
         * map byte array block to cipher state
 
1095
         * and add initial round key:
 
1096
         */
 
1097
    s0 = GETU32(in     ) ^ rk[0];
 
1098
    s1 = GETU32(in +  4) ^ rk[1];
 
1099
    s2 = GETU32(in +  8) ^ rk[2];
 
1100
    s3 = GETU32(in + 12) ^ rk[3];
 
1101
#ifdef FULL_UNROLL
 
1102
    /* round 1: */
 
1103
    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
 
1104
    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
 
1105
    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
 
1106
    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
 
1107
    /* round 2: */
 
1108
    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
 
1109
    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
 
1110
    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
 
1111
    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
 
1112
    /* round 3: */
 
1113
    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
 
1114
    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
 
1115
    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
 
1116
    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
 
1117
    /* round 4: */
 
1118
    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
 
1119
    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
 
1120
    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
 
1121
    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
 
1122
    /* round 5: */
 
1123
    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
 
1124
    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
 
1125
    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
 
1126
    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
 
1127
    /* round 6: */
 
1128
    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
 
1129
    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
 
1130
    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
 
1131
    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
 
1132
    /* round 7: */
 
1133
    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
 
1134
    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
 
1135
    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
 
1136
    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
 
1137
    /* round 8: */
 
1138
    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
 
1139
    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
 
1140
    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
 
1141
    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
 
1142
    /* round 9: */
 
1143
    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
 
1144
    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
 
1145
    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
 
1146
    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
 
1147
    if (key->rounds > 10) {
 
1148
        /* round 10: */
 
1149
        s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
 
1150
        s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
 
1151
        s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
 
1152
        s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
 
1153
        /* round 11: */
 
1154
        t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
 
1155
        t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
 
1156
        t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
 
1157
        t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
 
1158
        if (key->rounds > 12) {
 
1159
            /* round 12: */
 
1160
            s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
 
1161
            s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
 
1162
            s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
 
1163
            s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
 
1164
            /* round 13: */
 
1165
            t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
 
1166
            t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
 
1167
            t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
 
1168
            t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
 
1169
        }
 
1170
    }
 
1171
        rk += key->rounds << 2;
 
1172
#else  /* !FULL_UNROLL */
 
1173
    /*
 
1174
     * Nr - 1 full rounds:
 
1175
     */
 
1176
    r = key->rounds >> 1;
 
1177
    for (;;) {
 
1178
        t0 =
 
1179
            Td0[(s0 >> 24)       ] ^
 
1180
            Td1[(s3 >> 16) & 0xff] ^
 
1181
            Td2[(s2 >>  8) & 0xff] ^
 
1182
            Td3[(s1      ) & 0xff] ^
 
1183
            rk[4];
 
1184
        t1 =
 
1185
            Td0[(s1 >> 24)       ] ^
 
1186
            Td1[(s0 >> 16) & 0xff] ^
 
1187
            Td2[(s3 >>  8) & 0xff] ^
 
1188
            Td3[(s2      ) & 0xff] ^
 
1189
            rk[5];
 
1190
        t2 =
 
1191
            Td0[(s2 >> 24)       ] ^
 
1192
            Td1[(s1 >> 16) & 0xff] ^
 
1193
            Td2[(s0 >>  8) & 0xff] ^
 
1194
            Td3[(s3      ) & 0xff] ^
 
1195
            rk[6];
 
1196
        t3 =
 
1197
            Td0[(s3 >> 24)       ] ^
 
1198
            Td1[(s2 >> 16) & 0xff] ^
 
1199
            Td2[(s1 >>  8) & 0xff] ^
 
1200
            Td3[(s0      ) & 0xff] ^
 
1201
            rk[7];
 
1202
 
 
1203
        rk += 8;
 
1204
        if (--r == 0) {
 
1205
            break;
 
1206
        }
 
1207
 
 
1208
        s0 =
 
1209
            Td0[(t0 >> 24)       ] ^
 
1210
            Td1[(t3 >> 16) & 0xff] ^
 
1211
            Td2[(t2 >>  8) & 0xff] ^
 
1212
            Td3[(t1      ) & 0xff] ^
 
1213
            rk[0];
 
1214
        s1 =
 
1215
            Td0[(t1 >> 24)       ] ^
 
1216
            Td1[(t0 >> 16) & 0xff] ^
 
1217
            Td2[(t3 >>  8) & 0xff] ^
 
1218
            Td3[(t2      ) & 0xff] ^
 
1219
            rk[1];
 
1220
        s2 =
 
1221
            Td0[(t2 >> 24)       ] ^
 
1222
            Td1[(t1 >> 16) & 0xff] ^
 
1223
            Td2[(t0 >>  8) & 0xff] ^
 
1224
            Td3[(t3      ) & 0xff] ^
 
1225
            rk[2];
 
1226
        s3 =
 
1227
            Td0[(t3 >> 24)       ] ^
 
1228
            Td1[(t2 >> 16) & 0xff] ^
 
1229
            Td2[(t1 >>  8) & 0xff] ^
 
1230
            Td3[(t0      ) & 0xff] ^
 
1231
            rk[3];
 
1232
    }
 
1233
#endif /* ?FULL_UNROLL */
 
1234
    /*
 
1235
         * apply last round and
 
1236
         * map cipher state to byte array block:
 
1237
         */
 
1238
        s0 =
 
1239
                (Td4[(t0 >> 24)       ] & 0xff000000) ^
 
1240
                (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
 
1241
                (Td4[(t2 >>  8) & 0xff] & 0x0000ff00) ^
 
1242
                (Td4[(t1      ) & 0xff] & 0x000000ff) ^
 
1243
                rk[0];
 
1244
        PUTU32(out     , s0);
 
1245
        s1 =
 
1246
                (Td4[(t1 >> 24)       ] & 0xff000000) ^
 
1247
                (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
 
1248
                (Td4[(t3 >>  8) & 0xff] & 0x0000ff00) ^
 
1249
                (Td4[(t2      ) & 0xff] & 0x000000ff) ^
 
1250
                rk[1];
 
1251
        PUTU32(out +  4, s1);
 
1252
        s2 =
 
1253
                (Td4[(t2 >> 24)       ] & 0xff000000) ^
 
1254
                (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
 
1255
                (Td4[(t0 >>  8) & 0xff] & 0x0000ff00) ^
 
1256
                (Td4[(t3      ) & 0xff] & 0x000000ff) ^
 
1257
                rk[2];
 
1258
        PUTU32(out +  8, s2);
 
1259
        s3 =
 
1260
                (Td4[(t3 >> 24)       ] & 0xff000000) ^
 
1261
                (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
 
1262
                (Td4[(t1 >>  8) & 0xff] & 0x0000ff00) ^
 
1263
                (Td4[(t0      ) & 0xff] & 0x000000ff) ^
 
1264
                rk[3];
 
1265
        PUTU32(out + 12, s3);
 
1266
}
 
1267
 
 
1268
#endif /* AES_ASM */
 
1269
 
 
1270
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
 
1271
                     const unsigned long length, const AES_KEY *key,
 
1272
                     unsigned char *ivec, const int enc) 
 
1273
{
 
1274
 
 
1275
        unsigned long n;
 
1276
        unsigned long len = length;
 
1277
        unsigned char tmp[AES_BLOCK_SIZE];
 
1278
 
 
1279
        assert(in && out && key && ivec);
 
1280
 
 
1281
        if (enc) {
 
1282
                while (len >= AES_BLOCK_SIZE) {
 
1283
                        for(n=0; n < AES_BLOCK_SIZE; ++n)
 
1284
                                tmp[n] = in[n] ^ ivec[n];
 
1285
                        AES_encrypt(tmp, out, key);
 
1286
                        memcpy(ivec, out, AES_BLOCK_SIZE);
 
1287
                        len -= AES_BLOCK_SIZE;
 
1288
                        in += AES_BLOCK_SIZE;
 
1289
                        out += AES_BLOCK_SIZE;
 
1290
                }
 
1291
                if (len) {
 
1292
                        for(n=0; n < len; ++n)
 
1293
                                tmp[n] = in[n] ^ ivec[n];
 
1294
                        for(n=len; n < AES_BLOCK_SIZE; ++n)
 
1295
                                tmp[n] = ivec[n];
 
1296
                        AES_encrypt(tmp, tmp, key);
 
1297
                        memcpy(out, tmp, AES_BLOCK_SIZE);
 
1298
                        memcpy(ivec, tmp, AES_BLOCK_SIZE);
 
1299
                }                       
 
1300
        } else {
 
1301
                while (len >= AES_BLOCK_SIZE) {
 
1302
                        memcpy(tmp, in, AES_BLOCK_SIZE);
 
1303
                        AES_decrypt(in, out, key);
 
1304
                        for(n=0; n < AES_BLOCK_SIZE; ++n)
 
1305
                                out[n] ^= ivec[n];
 
1306
                        memcpy(ivec, tmp, AES_BLOCK_SIZE);
 
1307
                        len -= AES_BLOCK_SIZE;
 
1308
                        in += AES_BLOCK_SIZE;
 
1309
                        out += AES_BLOCK_SIZE;
 
1310
                }
 
1311
                if (len) {
 
1312
                        memcpy(tmp, in, AES_BLOCK_SIZE);
 
1313
                        AES_decrypt(tmp, tmp, key);
 
1314
                        for(n=0; n < len; ++n)
 
1315
                                out[n] = tmp[n] ^ ivec[n];
 
1316
                        memcpy(ivec, tmp, AES_BLOCK_SIZE);
 
1317
                }                       
 
1318
        }
 
1319
}