|
|
|
|
|
|
|
/*
|
|
|
|
* skein256 kernel implementation.
|
|
|
|
*
|
|
|
|
* ==========================(LICENSE BEGIN)============================
|
|
|
|
* Copyright (c) 2014 djm34
|
|
|
|
*
|
|
|
|
* Permission is hereby granted, free of charge, to any person obtaining
|
|
|
|
* a copy of this software and associated documentation files (the
|
|
|
|
* "Software"), to deal in the Software without restriction, including
|
|
|
|
* without limitation the rights to use, copy, modify, merge, publish,
|
|
|
|
* distribute, sublicense, and/or sell copies of the Software, and to
|
|
|
|
* permit persons to whom the Software is furnished to do so, subject to
|
|
|
|
* the following conditions:
|
|
|
|
*
|
|
|
|
* The above copyright notice and this permission notice shall be
|
|
|
|
* included in all copies or substantial portions of the Software.
|
|
|
|
*
|
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
|
|
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
|
|
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
|
|
|
* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
|
|
|
* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
|
|
|
* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
|
|
|
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
|
|
*
|
|
|
|
* ===========================(LICENSE END)=============================
|
|
|
|
*
|
|
|
|
* @author djm34
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
__constant static const sph_u64 SKEIN_IV512[] = {
|
|
|
|
SPH_C64(0x4903ADFF749C51CE), SPH_C64(0x0D95DE399746DF03),
|
|
|
|
SPH_C64(0x8FD1934127C79BCE), SPH_C64(0x9A255629FF352CB1),
|
|
|
|
SPH_C64(0x5DB62599DF6CA7B0), SPH_C64(0xEABE394CA9D5C3F4),
|
|
|
|
SPH_C64(0x991112C71A75B523), SPH_C64(0xAE18A40B660FCC33)
|
|
|
|
};
|
|
|
|
|
|
|
|
__constant static const sph_u64 SKEIN_IV512_256[8] = {
|
|
|
|
0xCCD044A12FDB3E13UL, 0xE83590301A79A9EBUL,
|
|
|
|
0x55AEA0614F816E6FUL, 0x2A2767A4AE9B94DBUL,
|
|
|
|
0xEC06025E74DD7683UL, 0xE7A436CDC4746251UL,
|
|
|
|
0xC36FBAF9393AD185UL, 0x3EEDBA1833EDFC13UL
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
__constant static const int ROT256[8][4] =
|
|
|
|
{
|
|
|
|
{46, 36, 19, 37},
|
|
|
|
{33, 27, 14, 42},
|
|
|
|
{17, 49, 36, 39},
|
|
|
|
{44, 9, 54, 56},
|
|
|
|
{39, 30, 34, 24},
|
|
|
|
{13, 50, 10, 17},
|
|
|
|
{25, 29, 39, 43},
|
|
|
|
{8, 35, 56, 22}
|
|
|
|
};
|
|
|
|
|
|
|
|
__constant static const sph_u64 skein_ks_parity = 0x1BD11BDAA9FC1A22;
|
|
|
|
|
|
|
|
__constant static const sph_u64 t12[6] =
|
|
|
|
{ 0x20UL,
|
|
|
|
0xf000000000000000UL,
|
|
|
|
0xf000000000000020UL,
|
|
|
|
0x08UL,
|
|
|
|
0xff00000000000000UL,
|
|
|
|
0xff00000000000008UL
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
#define Round512(p0,p1,p2,p3,p4,p5,p6,p7,ROT) { \
|
|
|
|
p0 += p1; p1 = SPH_ROTL64(p1, ROT256[ROT][0]); p1 ^= p0; \
|
|
|
|
p2 += p3; p3 = SPH_ROTL64(p3, ROT256[ROT][1]); p3 ^= p2; \
|
|
|
|
p4 += p5; p5 = SPH_ROTL64(p5, ROT256[ROT][2]); p5 ^= p4; \
|
|
|
|
p6 += p7; p7 = SPH_ROTL64(p7, ROT256[ROT][3]); p7 ^= p6; \
|
|
|
|
}
|
|
|
|
|
|
|
|
#define Round_8_512(p0, p1, p2, p3, p4, p5, p6, p7, R) { \
|
|
|
|
Round512(p0, p1, p2, p3, p4, p5, p6, p7, 0); \
|
|
|
|
Round512(p2, p1, p4, p7, p6, p5, p0, p3, 1); \
|
|
|
|
Round512(p4, p1, p6, p3, p0, p5, p2, p7, 2); \
|
|
|
|
Round512(p6, p1, p0, p7, p2, p5, p4, p3, 3); \
|
|
|
|
p0 += h[((R)+0) % 9]; \
|
|
|
|
p1 += h[((R)+1) % 9]; \
|
|
|
|
p2 += h[((R)+2) % 9]; \
|
|
|
|
p3 += h[((R)+3) % 9]; \
|
|
|
|
p4 += h[((R)+4) % 9]; \
|
|
|
|
p5 += h[((R)+5) % 9] + t[((R)+0) % 3]; \
|
|
|
|
p6 += h[((R)+6) % 9] + t[((R)+1) % 3]; \
|
|
|
|
p7 += h[((R)+7) % 9] + R; \
|
|
|
|
Round512(p0, p1, p2, p3, p4, p5, p6, p7, 4); \
|
|
|
|
Round512(p2, p1, p4, p7, p6, p5, p0, p3, 5); \
|
|
|
|
Round512(p4, p1, p6, p3, p0, p5, p2, p7, 6); \
|
|
|
|
Round512(p6, p1, p0, p7, p2, p5, p4, p3, 7); \
|
|
|
|
p0 += h[((R)+1) % 9]; \
|
|
|
|
p1 += h[((R)+2) % 9]; \
|
|
|
|
p2 += h[((R)+3) % 9]; \
|
|
|
|
p3 += h[((R)+4) % 9]; \
|
|
|
|
p4 += h[((R)+5) % 9]; \
|
|
|
|
p5 += h[((R)+6) % 9] + t[((R)+1) % 3]; \
|
|
|
|
p6 += h[((R)+7) % 9] + t[((R)+2) % 3]; \
|
|
|
|
p7 += h[((R)+8) % 9] + (R+1); \
|
|
|
|
}
|