CommonCrypto for GNUstep
Check-in [b99b3696b7]
Not logged in

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Check in Apple's CommonCrypto 36064
Timelines: family | ancestors | descendants | both | Apple | r36064
Files: files | file ages | folders
SHA1: b99b3696b7a38afa2f677ccc3f968b8da9b74df1
User & Date: thebeing 2012-03-08 00:46:06
Context
2012-03-08
13:39
Update CommonCrypto source to r55010 (from Mac OS X 10.7.3) check-in: 101e407fb2 user: thebeing tags: Apple, r55010
00:47
Pull Apple CommonCrypto 36064 check-in: c68f00dae7 user: thebeing tags: trunk
00:46
Check in Apple's CommonCrypto 36064 check-in: b99b3696b7 user: thebeing tags: Apple, r36064
00:42
Create new branch named "Apple" check-in: 2c4b032ee5 user: thebeing tags: Apple
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Added CommonCrypto.xcodeproj/project.pbxproj.







































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
// !$*UTF8*$!
{
	archiveVersion = 1;
	classes = {
	};
	objectVersion = 42;
	objects = {

/* Begin PBXAggregateTarget section */
		054BBEB705F6A93300344873 /* world */ = {
			isa = PBXAggregateTarget;
			buildConfigurationList = C27AD08D0987FCDA001272E0 /* Build configuration list for PBXAggregateTarget "world" */;
			buildPhases = (
				D6658DC80BD817B600D18063 /* CopyFiles */,
			);
			dependencies = (
				054BBEFB05F6AAC800344873 /* PBXTargetDependency */,
				054BBEFD05F6AAC800344873 /* PBXTargetDependency */,
				055688220640139D0048BE18 /* PBXTargetDependency */,
				050678EB064015C1001640AF /* PBXTargetDependency */,
				0511C4630A3785340028BFC3 /* PBXTargetDependency */,
			);
			name = world;
			productName = world;
		};
		05CE94290A3784D4007C91D6 /* Copy Open Source Docs */ = {
			isa = PBXAggregateTarget;
			buildConfigurationList = 05CE94300A37850A007C91D6 /* Build configuration list for PBXAggregateTarget "Copy Open Source Docs" */;
			buildPhases = (
				05CE94280A3784D4007C91D6 /* CopyFiles */,
				05CE942F0A37850A007C91D6 /* CopyFiles */,
			);
			dependencies = (
			);
			name = "Copy Open Source Docs";
			productName = "Copy Open Source Docs";
		};
/* End PBXAggregateTarget section */

/* Begin PBXBuildFile section */
		05067905064025DD001640AF /* CommonDigest.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBECD05F6AA7200344873 /* CommonDigest.h */; };
		05067906064025DE001640AF /* CommonDigestPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED205F6AA8900344873 /* CommonDigestPriv.h */; };
		05067908064025E2001640AF /* md2_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED305F6AA8900344873 /* md2_dgst.c */; };
		05067909064025E3001640AF /* md32_common.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED805F6AA8900344873 /* md32_common.h */; };
		0506790A064025E4001640AF /* md4_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED405F6AA8900344873 /* md4_dgst.c */; };
		0506790B064025E5001640AF /* md4_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED505F6AA8900344873 /* md4_locl.h */; };
		0506790C064025E6001640AF /* md5_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED605F6AA8900344873 /* md5_dgst.c */; };
		0506790D064025E7001640AF /* md5_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED705F6AA8900344873 /* md5_locl.h */; };
		0506790E064025E7001640AF /* sha1.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBEDC05F6AA8900344873 /* sha1.c */; };
		0506790F064025E8001640AF /* sha2.c in Sources */ = {isa = PBXBuildFile; fileRef = 05E319B7063890C100C4AD24 /* sha2.c */; };
		05067910064025E9001640AF /* sha2Priv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E319DC0638913700C4AD24 /* sha2Priv.h */; };
		05067911064025EA001640AF /* sha_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBEDA05F6AA8900344873 /* sha_locl.h */; };
		050737DB09E4172A005E9620 /* CommonHMAC.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F64E09D87ED000AD30A7 /* CommonHMAC.c */; };
		050737EF09E41958005E9620 /* CommonHMAC.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05D8D97C09E411AA00E03504 /* CommonHMAC.h */; };
		050737F009E41969005E9620 /* CommonHMAC.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05D8D97C09E411AA00E03504 /* CommonHMAC.h */; };
		0511C47E0A37892C0028BFC3 /* CommonCrypto.txt in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05CE942C0A37850A007C91D6 /* CommonCrypto.txt */; };
		052049F909D1A6CC00A0D022 /* BlockCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 052049F809D1A6CC00A0D022 /* BlockCipher.c */; };
		052049FA09D1A6CC00A0D022 /* BlockCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 052049F809D1A6CC00A0D022 /* BlockCipher.c */; };
		052049FB09D1A6CC00A0D022 /* BlockCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 052049F809D1A6CC00A0D022 /* BlockCipher.c */; };
		052049FC09D1A6CC00A0D022 /* BlockCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 052049F809D1A6CC00A0D022 /* BlockCipher.c */; };
		052F6C7609DB207F00EE63A4 /* aes.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7009DB207F00EE63A4 /* aes.h */; };
		052F6C7709DB207F00EE63A4 /* aescrypt.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7109DB207F00EE63A4 /* aescrypt.c */; };
		052F6C7809DB207F00EE63A4 /* aeskey.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7209DB207F00EE63A4 /* aeskey.c */; };
		052F6C7909DB207F00EE63A4 /* aesopt.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7309DB207F00EE63A4 /* aesopt.h */; };
		052F6C7A09DB207F00EE63A4 /* aestab.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7409DB207F00EE63A4 /* aestab.c */; };
		052F6C7B09DB207F00EE63A4 /* aestab.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7509DB207F00EE63A4 /* aestab.h */; };
		052F6C7C09DB207F00EE63A4 /* aes.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7009DB207F00EE63A4 /* aes.h */; };
		052F6C7D09DB207F00EE63A4 /* aescrypt.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7109DB207F00EE63A4 /* aescrypt.c */; };
		052F6C7E09DB207F00EE63A4 /* aeskey.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7209DB207F00EE63A4 /* aeskey.c */; };
		052F6C7F09DB207F00EE63A4 /* aesopt.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7309DB207F00EE63A4 /* aesopt.h */; };
		052F6C8009DB207F00EE63A4 /* aestab.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7409DB207F00EE63A4 /* aestab.c */; };
		052F6C8109DB207F00EE63A4 /* aestab.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7509DB207F00EE63A4 /* aestab.h */; };
		052F6C8209DB207F00EE63A4 /* aes.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7009DB207F00EE63A4 /* aes.h */; };
		052F6C8309DB207F00EE63A4 /* aescrypt.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7109DB207F00EE63A4 /* aescrypt.c */; };
		052F6C8409DB207F00EE63A4 /* aeskey.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7209DB207F00EE63A4 /* aeskey.c */; };
		052F6C8509DB207F00EE63A4 /* aesopt.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7309DB207F00EE63A4 /* aesopt.h */; };
		052F6C8609DB207F00EE63A4 /* aestab.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7409DB207F00EE63A4 /* aestab.c */; };
		052F6C8709DB207F00EE63A4 /* aestab.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7509DB207F00EE63A4 /* aestab.h */; };
		052F6C8809DB207F00EE63A4 /* aes.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7009DB207F00EE63A4 /* aes.h */; };
		052F6C8909DB207F00EE63A4 /* aescrypt.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7109DB207F00EE63A4 /* aescrypt.c */; };
		052F6C8A09DB207F00EE63A4 /* aeskey.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7209DB207F00EE63A4 /* aeskey.c */; };
		052F6C8B09DB207F00EE63A4 /* aesopt.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7309DB207F00EE63A4 /* aesopt.h */; };
		052F6C8C09DB207F00EE63A4 /* aestab.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7409DB207F00EE63A4 /* aestab.c */; };
		052F6C8D09DB207F00EE63A4 /* aestab.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7509DB207F00EE63A4 /* aestab.h */; };
		0539DC2809D4919D00AB7F89 /* opensslDES.c in Sources */ = {isa = PBXBuildFile; fileRef = 0539DC2609D4919D00AB7F89 /* opensslDES.c */; };
		0539DC2909D4919D00AB7F89 /* opensslDES.h in Headers */ = {isa = PBXBuildFile; fileRef = 0539DC2709D4919D00AB7F89 /* opensslDES.h */; };
		054BBECE05F6AA7200344873 /* CommonDigest.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBECD05F6AA7200344873 /* CommonDigest.h */; settings = {ATTRIBUTES = (); }; };
		054BBECF05F6AA7200344873 /* CommonDigest.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBECD05F6AA7200344873 /* CommonDigest.h */; };
		054BBEDD05F6AA8900344873 /* CommonDigestPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED205F6AA8900344873 /* CommonDigestPriv.h */; };
		054BBEDE05F6AA8900344873 /* md2_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED305F6AA8900344873 /* md2_dgst.c */; };
		054BBEDF05F6AA8900344873 /* md4_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED405F6AA8900344873 /* md4_dgst.c */; };
		054BBEE005F6AA8900344873 /* md4_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED505F6AA8900344873 /* md4_locl.h */; };
		054BBEE105F6AA8900344873 /* md5_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED605F6AA8900344873 /* md5_dgst.c */; };
		054BBEE205F6AA8900344873 /* md5_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED705F6AA8900344873 /* md5_locl.h */; };
		054BBEE305F6AA8900344873 /* md32_common.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED805F6AA8900344873 /* md32_common.h */; };
		054BBEE505F6AA8900344873 /* sha_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBEDA05F6AA8900344873 /* sha_locl.h */; };
		054BBEE705F6AA8900344873 /* sha1.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBEDC05F6AA8900344873 /* sha1.c */; };
		054BBEE805F6AA8900344873 /* CommonDigestPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED205F6AA8900344873 /* CommonDigestPriv.h */; };
		054BBEE905F6AA8900344873 /* md2_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED305F6AA8900344873 /* md2_dgst.c */; };
		054BBEEA05F6AA8900344873 /* md4_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED405F6AA8900344873 /* md4_dgst.c */; };
		054BBEEB05F6AA8900344873 /* md4_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED505F6AA8900344873 /* md4_locl.h */; };
		054BBEEC05F6AA8900344873 /* md5_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED605F6AA8900344873 /* md5_dgst.c */; };
		054BBEED05F6AA8900344873 /* md5_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED705F6AA8900344873 /* md5_locl.h */; };
		054BBEEE05F6AA8900344873 /* md32_common.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED805F6AA8900344873 /* md32_common.h */; };
		054BBEF005F6AA8900344873 /* sha_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBEDA05F6AA8900344873 /* sha_locl.h */; };
		054BBEF205F6AA8900344873 /* sha1.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBEDC05F6AA8900344873 /* sha1.c */; };
		05568801064012FF0048BE18 /* CommonDigest.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBECD05F6AA7200344873 /* CommonDigest.h */; };
		05568802064012FF0048BE18 /* CommonDigestPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED205F6AA8900344873 /* CommonDigestPriv.h */; };
		05568803064013000048BE18 /* md2_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED305F6AA8900344873 /* md2_dgst.c */; };
		05568804064013010048BE18 /* md32_common.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED805F6AA8900344873 /* md32_common.h */; };
		05568805064013020048BE18 /* md4_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED405F6AA8900344873 /* md4_dgst.c */; };
		05568806064013030048BE18 /* md4_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED505F6AA8900344873 /* md4_locl.h */; };
		05568807064013030048BE18 /* md5_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED605F6AA8900344873 /* md5_dgst.c */; };
		05568808064013040048BE18 /* md5_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED705F6AA8900344873 /* md5_locl.h */; };
		05568809064013040048BE18 /* sha1.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBEDC05F6AA8900344873 /* sha1.c */; };
		0556880A064013050048BE18 /* sha2.c in Sources */ = {isa = PBXBuildFile; fileRef = 05E319B7063890C100C4AD24 /* sha2.c */; };
		0556880B064013060048BE18 /* sha2Priv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E319DC0638913700C4AD24 /* sha2Priv.h */; };
		0556880C064013060048BE18 /* sha_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBEDA05F6AA8900344873 /* sha_locl.h */; };
		0585FE1909DC9873001762F6 /* c_ecb.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1209DC9873001762F6 /* c_ecb.c */; };
		0585FE1A09DC9873001762F6 /* c_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1309DC9873001762F6 /* c_enc.c */; };
		0585FE1B09DC9873001762F6 /* c_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1409DC9873001762F6 /* c_skey.c */; };
		0585FE1C09DC9873001762F6 /* cast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1509DC9873001762F6 /* cast.h */; };
		0585FE1D09DC9873001762F6 /* cast_lcl.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1609DC9873001762F6 /* cast_lcl.h */; };
		0585FE1E09DC9873001762F6 /* cast_s.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1709DC9873001762F6 /* cast_s.h */; };
		0585FE1F09DC9873001762F6 /* ccCast.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1809DC9873001762F6 /* ccCast.c */; };
		0585FE2009DC9873001762F6 /* c_ecb.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1209DC9873001762F6 /* c_ecb.c */; };
		0585FE2109DC9873001762F6 /* c_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1309DC9873001762F6 /* c_enc.c */; };
		0585FE2209DC9873001762F6 /* c_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1409DC9873001762F6 /* c_skey.c */; };
		0585FE2309DC9873001762F6 /* cast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1509DC9873001762F6 /* cast.h */; };
		0585FE2409DC9873001762F6 /* cast_lcl.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1609DC9873001762F6 /* cast_lcl.h */; };
		0585FE2509DC9873001762F6 /* cast_s.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1709DC9873001762F6 /* cast_s.h */; };
		0585FE2609DC9873001762F6 /* ccCast.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1809DC9873001762F6 /* ccCast.c */; };
		0585FE2709DC9873001762F6 /* c_ecb.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1209DC9873001762F6 /* c_ecb.c */; };
		0585FE2809DC9873001762F6 /* c_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1309DC9873001762F6 /* c_enc.c */; };
		0585FE2909DC9873001762F6 /* c_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1409DC9873001762F6 /* c_skey.c */; };
		0585FE2A09DC9873001762F6 /* cast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1509DC9873001762F6 /* cast.h */; };
		0585FE2B09DC9873001762F6 /* cast_lcl.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1609DC9873001762F6 /* cast_lcl.h */; };
		0585FE2C09DC9873001762F6 /* cast_s.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1709DC9873001762F6 /* cast_s.h */; };
		0585FE2D09DC9873001762F6 /* ccCast.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1809DC9873001762F6 /* ccCast.c */; };
		0585FE2E09DC9873001762F6 /* c_ecb.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1209DC9873001762F6 /* c_ecb.c */; };
		0585FE2F09DC9873001762F6 /* c_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1309DC9873001762F6 /* c_enc.c */; };
		0585FE3009DC9873001762F6 /* c_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1409DC9873001762F6 /* c_skey.c */; };
		0585FE3109DC9873001762F6 /* cast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1509DC9873001762F6 /* cast.h */; };
		0585FE3209DC9873001762F6 /* cast_lcl.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1609DC9873001762F6 /* cast_lcl.h */; };
		0585FE3309DC9873001762F6 /* cast_s.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1709DC9873001762F6 /* cast_s.h */; };
		0585FE3409DC9873001762F6 /* ccCast.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1809DC9873001762F6 /* ccCast.c */; };
		0585FE4109DC9A1F001762F6 /* ccCast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE4009DC9A1F001762F6 /* ccCast.h */; };
		0585FE4209DC9A20001762F6 /* ccCast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE4009DC9A1F001762F6 /* ccCast.h */; };
		0585FE4309DC9A20001762F6 /* ccCast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE4009DC9A1F001762F6 /* ccCast.h */; };
		0585FE4409DC9A20001762F6 /* ccCast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE4009DC9A1F001762F6 /* ccCast.h */; };
		05A3762A061228FA009C43A6 /* CommonDigest.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 054BBECD05F6AA7200344873 /* CommonDigest.h */; };
		05C4414409D49F28002066D1 /* des.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E409D468E200CFE5CB /* des.h */; };
		05C4414509D49F29002066D1 /* des_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0E509D468E200CFE5CB /* des_enc.c */; };
		05C4414609D49F29002066D1 /* des_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E609D468E200CFE5CB /* des_locl.h */; };
		05C4416F09D4BACE002066D1 /* e_os2.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4416E09D4BACE002066D1 /* e_os2.h */; };
		05C4417309D4BB0B002066D1 /* opensslconf.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4417209D4BB0B002066D1 /* opensslconf.h */; };
		05C441AB09D4E04F002066D1 /* des.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E409D468E200CFE5CB /* des.h */; };
		05C441AC09D4E04F002066D1 /* des_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0E509D468E200CFE5CB /* des_enc.c */; };
		05C441AD09D4E050002066D1 /* des_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E609D468E200CFE5CB /* des_locl.h */; };
		05C441AE09D4E051002066D1 /* e_os2.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4416E09D4BACE002066D1 /* e_os2.h */; };
		05C441AF09D4E052002066D1 /* opensslconf.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4417209D4BB0B002066D1 /* opensslconf.h */; };
		05C441B009D4E052002066D1 /* opensslDES.c in Sources */ = {isa = PBXBuildFile; fileRef = 0539DC2609D4919D00AB7F89 /* opensslDES.c */; };
		05C441B109D4E053002066D1 /* opensslDES.h in Headers */ = {isa = PBXBuildFile; fileRef = 0539DC2709D4919D00AB7F89 /* opensslDES.h */; };
		05C441B209D4E053002066D1 /* set_key.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0ED09D469A100CFE5CB /* set_key.c */; };
		05C441B309D4E054002066D1 /* spr.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C70C5309D471C30004B8F4 /* spr.h */; };
		05C441B409D4E057002066D1 /* des.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E409D468E200CFE5CB /* des.h */; };
		05C441B509D4E058002066D1 /* des_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0E509D468E200CFE5CB /* des_enc.c */; };
		05C441B609D4E058002066D1 /* des_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E609D468E200CFE5CB /* des_locl.h */; };
		05C441B709D4E059002066D1 /* e_os2.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4416E09D4BACE002066D1 /* e_os2.h */; };
		05C441B809D4E05A002066D1 /* opensslconf.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4417209D4BB0B002066D1 /* opensslconf.h */; };
		05C441B909D4E05A002066D1 /* opensslDES.c in Sources */ = {isa = PBXBuildFile; fileRef = 0539DC2609D4919D00AB7F89 /* opensslDES.c */; };
		05C441BA09D4E05B002066D1 /* opensslDES.h in Headers */ = {isa = PBXBuildFile; fileRef = 0539DC2709D4919D00AB7F89 /* opensslDES.h */; };
		05C441BB09D4E05C002066D1 /* set_key.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0ED09D469A100CFE5CB /* set_key.c */; };
		05C441BC09D4E05C002066D1 /* spr.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C70C5309D471C30004B8F4 /* spr.h */; };
		05C441BD09D4E060002066D1 /* des.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E409D468E200CFE5CB /* des.h */; };
		05C441BE09D4E061002066D1 /* des_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0E509D468E200CFE5CB /* des_enc.c */; };
		05C441BF09D4E061002066D1 /* des_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E609D468E200CFE5CB /* des_locl.h */; };
		05C441C009D4E062002066D1 /* e_os2.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4416E09D4BACE002066D1 /* e_os2.h */; };
		05C441C109D4E063002066D1 /* opensslconf.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4417209D4BB0B002066D1 /* opensslconf.h */; };
		05C441C209D4E063002066D1 /* opensslDES.c in Sources */ = {isa = PBXBuildFile; fileRef = 0539DC2609D4919D00AB7F89 /* opensslDES.c */; };
		05C441C309D4E064002066D1 /* opensslDES.h in Headers */ = {isa = PBXBuildFile; fileRef = 0539DC2709D4919D00AB7F89 /* opensslDES.h */; };
		05C441C409D4E065002066D1 /* set_key.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0ED09D469A100CFE5CB /* set_key.c */; };
		05C441C509D4E065002066D1 /* spr.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C70C5309D471C30004B8F4 /* spr.h */; };
		05C70C5509D471C30004B8F4 /* spr.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C70C5309D471C30004B8F4 /* spr.h */; };
		05C91AC309E47E9B007CCD4E /* BlockCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91AC209E47E9A007CCD4E /* BlockCipher.h */; };
		05C91AC409E47E9B007CCD4E /* BlockCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91AC209E47E9A007CCD4E /* BlockCipher.h */; };
		05C91AC509E47E9B007CCD4E /* BlockCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91AC209E47E9A007CCD4E /* BlockCipher.h */; };
		05C91AC609E47E9B007CCD4E /* BlockCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91AC209E47E9A007CCD4E /* BlockCipher.h */; };
		05C91ACF09E47F93007CCD4E /* StreamCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91ACD09E47F93007CCD4E /* StreamCipher.h */; };
		05C91AD009E47F93007CCD4E /* StreamCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91ACE09E47F93007CCD4E /* StreamCipher.c */; };
		05C91AD109E47F93007CCD4E /* StreamCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91ACD09E47F93007CCD4E /* StreamCipher.h */; };
		05C91AD209E47F93007CCD4E /* StreamCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91ACE09E47F93007CCD4E /* StreamCipher.c */; };
		05C91AD309E47F93007CCD4E /* StreamCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91ACD09E47F93007CCD4E /* StreamCipher.h */; };
		05C91AD409E47F93007CCD4E /* StreamCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91ACE09E47F93007CCD4E /* StreamCipher.c */; };
		05C91AD509E47F93007CCD4E /* StreamCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91ACD09E47F93007CCD4E /* StreamCipher.h */; };
		05C91AD609E47F93007CCD4E /* StreamCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91ACE09E47F93007CCD4E /* StreamCipher.c */; };
		05C91AFA09E48079007CCD4E /* rc4_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF809E48079007CCD4E /* rc4_enc.c */; };
		05C91AFB09E48079007CCD4E /* rc4_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF909E48079007CCD4E /* rc4_skey.c */; };
		05C91AFC09E48079007CCD4E /* rc4_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF809E48079007CCD4E /* rc4_enc.c */; };
		05C91AFD09E48079007CCD4E /* rc4_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF909E48079007CCD4E /* rc4_skey.c */; };
		05C91AFE09E48079007CCD4E /* rc4_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF809E48079007CCD4E /* rc4_enc.c */; };
		05C91AFF09E48079007CCD4E /* rc4_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF909E48079007CCD4E /* rc4_skey.c */; };
		05C91B0009E48079007CCD4E /* rc4_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF809E48079007CCD4E /* rc4_enc.c */; };
		05C91B0109E48079007CCD4E /* rc4_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF909E48079007CCD4E /* rc4_skey.c */; };
		05C91B0309E480A1007CCD4E /* rc4.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91B0209E480A1007CCD4E /* rc4.h */; };
		05C91B0409E480A1007CCD4E /* rc4.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91B0209E480A1007CCD4E /* rc4.h */; };
		05C91B0509E480A1007CCD4E /* rc4.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91B0209E480A1007CCD4E /* rc4.h */; };
		05C91B0609E480A1007CCD4E /* rc4.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91B0209E480A1007CCD4E /* rc4.h */; };
		05C91B1C09E481AA007CCD4E /* rc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05C91B0209E480A1007CCD4E /* rc4.h */; };
		05C91B1D09E481B4007CCD4E /* rc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05C91B0209E480A1007CCD4E /* rc4.h */; };
		05CE942D0A37850A007C91D6 /* CommonCrypto.plist in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05CE942B0A37850A007C91D6 /* CommonCrypto.plist */; };
		05D5045C09DC5F7A00F47E19 /* ccNewGladman.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D5045B09DC5F7A00F47E19 /* ccNewGladman.c */; };
		05D5045D09DC5F7A00F47E19 /* ccNewGladman.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D5045B09DC5F7A00F47E19 /* ccNewGladman.c */; };
		05D5045E09DC5F7A00F47E19 /* ccNewGladman.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D5045B09DC5F7A00F47E19 /* ccNewGladman.c */; };
		05D5045F09DC5F7A00F47E19 /* ccNewGladman.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D5045B09DC5F7A00F47E19 /* ccNewGladman.c */; };
		05D8D97D09E411AB00E03504 /* CommonHMAC.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D8D97C09E411AA00E03504 /* CommonHMAC.h */; };
		05D8D97E09E411AB00E03504 /* CommonHMAC.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D8D97C09E411AA00E03504 /* CommonHMAC.h */; };
		05D8D97F09E411AB00E03504 /* CommonHMAC.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D8D97C09E411AA00E03504 /* CommonHMAC.h */; };
		05D8D98009E411AB00E03504 /* CommonHMAC.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D8D97C09E411AA00E03504 /* CommonHMAC.h */; };
		05D9F61009D85F2C00AD30A7 /* CommonCryptor.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F60F09D85F2C00AD30A7 /* CommonCryptor.c */; };
		05D9F61109D85F2C00AD30A7 /* CommonCryptor.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F60F09D85F2C00AD30A7 /* CommonCryptor.c */; };
		05D9F61209D85F2C00AD30A7 /* CommonCryptor.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F60F09D85F2C00AD30A7 /* CommonCryptor.c */; };
		05D9F61309D85F2C00AD30A7 /* CommonCryptor.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F60F09D85F2C00AD30A7 /* CommonCryptor.c */; };
		05D9F61709D85F4A00AD30A7 /* CommonCryptor.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */; };
		05D9F61809D85F4A00AD30A7 /* CommonCryptor.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */; };
		05D9F61909D85F4A00AD30A7 /* CommonCryptor.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */; };
		05D9F61A09D85F4A00AD30A7 /* CommonCryptor.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */; };
		05D9F62309D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F62209D8696B00AD30A7 /* CommonCryptorPriv.h */; };
		05D9F62409D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F62209D8696B00AD30A7 /* CommonCryptorPriv.h */; };
		05D9F62509D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F62209D8696B00AD30A7 /* CommonCryptorPriv.h */; };
		05D9F62609D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F62209D8696B00AD30A7 /* CommonCryptorPriv.h */; };
		05D9F62D09D8745E00AD30A7 /* CommonCryptor.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */; };
		05D9F62E09D8746300AD30A7 /* CommonCryptor.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */; };
		05D9F64F09D87ED000AD30A7 /* CommonHMAC.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F64E09D87ED000AD30A7 /* CommonHMAC.c */; };
		05D9F65009D87ED000AD30A7 /* CommonHMAC.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F64E09D87ED000AD30A7 /* CommonHMAC.c */; };
		05D9F65209D87ED000AD30A7 /* CommonHMAC.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F64E09D87ED000AD30A7 /* CommonHMAC.c */; };
		05E0A12209DD99D8005F54BA /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 052F6C7009DB207F00EE63A4 /* aes.h */; };
		05E0A12309DD99D8005F54BA /* aesopt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 052F6C7309DB207F00EE63A4 /* aesopt.h */; };
		05E0A12409DD99D8005F54BA /* cast.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 0585FE1509DC9873001762F6 /* cast.h */; };
		05E0A12509DD99D8005F54BA /* ccCast.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 0585FE4009DC9A1F001762F6 /* ccCast.h */; };
		05E0A12609DD99D8005F54BA /* opensslDES.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 0539DC2709D4919D00AB7F89 /* opensslDES.h */; };
		05E0A12909DD9A0D005F54BA /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 052F6C7009DB207F00EE63A4 /* aes.h */; };
		05E0A12A09DD9A0D005F54BA /* aesopt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 052F6C7309DB207F00EE63A4 /* aesopt.h */; };
		05E0A12B09DD9A0D005F54BA /* cast.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 0585FE1509DC9873001762F6 /* cast.h */; };
		05E0A12C09DD9A0D005F54BA /* ccCast.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 0585FE4009DC9A1F001762F6 /* ccCast.h */; };
		05E0A12D09DD9A0D005F54BA /* opensslDES.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 0539DC2709D4919D00AB7F89 /* opensslDES.h */; };
		05E0A14509DD9F84005F54BA /* CommonCryptoPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */; };
		05E0A14609DD9F84005F54BA /* CommonCryptoPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */; };
		05E0A14709DD9F84005F54BA /* CommonCryptoPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */; };
		05E0A14809DD9F84005F54BA /* CommonCryptoPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */; };
		05E0A1DD09DDA766005F54BA /* CommonCryptoPriv.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */; };
		05E0A1DE09DDA774005F54BA /* CommonCryptoPriv.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */; };
		05E319BA063890C100C4AD24 /* sha2.c in Sources */ = {isa = PBXBuildFile; fileRef = 05E319B7063890C100C4AD24 /* sha2.c */; };
		05E319BD063890C100C4AD24 /* sha2.c in Sources */ = {isa = PBXBuildFile; fileRef = 05E319B7063890C100C4AD24 /* sha2.c */; };
		05E319DD0638913700C4AD24 /* sha2Priv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E319DC0638913700C4AD24 /* sha2Priv.h */; };
		05E319DE0638913700C4AD24 /* sha2Priv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E319DC0638913700C4AD24 /* sha2Priv.h */; };
		05ECA0EE09D469A100CFE5CB /* set_key.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0ED09D469A100CFE5CB /* set_key.c */; };
		4C0889EA06EFE058009F3789 /* CommonDigest.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 054BBECD05F6AA7200344873 /* CommonDigest.h */; };
		58226EAE0D35835700B35CC2 /* AES.c in Sources */ = {isa = PBXBuildFile; fileRef = 58226EAB0D35835700B35CC2 /* AES.c */; settings = {COMPILER_FLAGS = "-std=c99"; }; };
		58226EAF0D35835700B35CC2 /* AESAssembly.h in Headers */ = {isa = PBXBuildFile; fileRef = 58226EAC0D35835700B35CC2 /* AESAssembly.h */; };
		58226EB10D35835700B35CC2 /* AES.c in Sources */ = {isa = PBXBuildFile; fileRef = 58226EAB0D35835700B35CC2 /* AES.c */; settings = {COMPILER_FLAGS = "-std=c99"; }; };
		58226EB20D35835700B35CC2 /* AESAssembly.h in Headers */ = {isa = PBXBuildFile; fileRef = 58226EAC0D35835700B35CC2 /* AESAssembly.h */; };
		58226EB40D35835700B35CC2 /* AES.c in Sources */ = {isa = PBXBuildFile; fileRef = 58226EAB0D35835700B35CC2 /* AES.c */; settings = {COMPILER_FLAGS = "-std=c99"; }; };
		58226EB50D35835700B35CC2 /* AESAssembly.h in Headers */ = {isa = PBXBuildFile; fileRef = 58226EAC0D35835700B35CC2 /* AESAssembly.h */; };
		58226EB70D35835700B35CC2 /* AES.c in Sources */ = {isa = PBXBuildFile; fileRef = 58226EAB0D35835700B35CC2 /* AES.c */; settings = {COMPILER_FLAGS = "-std=c99"; }; };
		58226EB80D35835700B35CC2 /* AESAssembly.h in Headers */ = {isa = PBXBuildFile; fileRef = 58226EAC0D35835700B35CC2 /* AESAssembly.h */; };
		5855FFD50D3ECE2000D5D39C /* AES.s in Sources */ = {isa = PBXBuildFile; fileRef = 5855FFD40D3ECE2000D5D39C /* AES.s */; };
		5855FFD60D3ECE2000D5D39C /* AES.s in Sources */ = {isa = PBXBuildFile; fileRef = 5855FFD40D3ECE2000D5D39C /* AES.s */; };
		5855FFD70D3ECE2000D5D39C /* AES.s in Sources */ = {isa = PBXBuildFile; fileRef = 5855FFD40D3ECE2000D5D39C /* AES.s */; };
		5855FFD80D3ECE2000D5D39C /* AES.s in Sources */ = {isa = PBXBuildFile; fileRef = 5855FFD40D3ECE2000D5D39C /* AES.s */; };
		58B40ECF0D49459900557D7E /* EncryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ECE0D49459900557D7E /* EncryptCBC.s */; };
		58B40ED00D49459900557D7E /* EncryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ECE0D49459900557D7E /* EncryptCBC.s */; };
		58B40ED10D49459900557D7E /* EncryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ECE0D49459900557D7E /* EncryptCBC.s */; };
		58B40ED20D49459900557D7E /* EncryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ECE0D49459900557D7E /* EncryptCBC.s */; };
		58B40ED40D494A1800557D7E /* DecryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ED30D494A1800557D7E /* DecryptCBC.s */; };
		58B40ED50D494A1800557D7E /* DecryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ED30D494A1800557D7E /* DecryptCBC.s */; };
		58B40ED60D494A1800557D7E /* DecryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ED30D494A1800557D7E /* DecryptCBC.s */; };
		58B40ED70D494A1800557D7E /* DecryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ED30D494A1800557D7E /* DecryptCBC.s */; };
		795CA41E0D34459D00BAE6A2 /* ccRC2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FD0D34431400BAE6A2 /* ccRC2.c */; };
		795CA41F0D34459D00BAE6A2 /* rc2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FE0D34431400BAE6A2 /* rc2.c */; };
		795CA4210D3445EB00BAE6A2 /* ccRC2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FD0D34431400BAE6A2 /* ccRC2.c */; };
		795CA4220D3445EB00BAE6A2 /* rc2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FE0D34431400BAE6A2 /* rc2.c */; };
		AA43AB740D7DE2440047D941 /* ccRC2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FD0D34431400BAE6A2 /* ccRC2.c */; };
		AA43AB750D7DE2440047D941 /* rc2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FE0D34431400BAE6A2 /* rc2.c */; };
		AAAF0B9E0DC7A3DA0044DA03 /* sha1edpBigEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCD0DC6AB6D0019E0E6 /* sha1edpBigEndian.s */; };
		AAAF0B9F0DC7A3DA0044DA03 /* sha1edpLittleEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCE0DC6AB6D0019E0E6 /* sha1edpLittleEndian.s */; };
		AAAF0BA10DC7A3F70044DA03 /* sha1edpBigEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCD0DC6AB6D0019E0E6 /* sha1edpBigEndian.s */; };
		AAAF0BA20DC7A3F70044DA03 /* sha1edpLittleEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCE0DC6AB6D0019E0E6 /* sha1edpLittleEndian.s */; };
		AAAF0BA30DC7A4020044DA03 /* sha1edpBigEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCD0DC6AB6D0019E0E6 /* sha1edpBigEndian.s */; };
		AAAF0BA40DC7A4020044DA03 /* sha1edpLittleEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCE0DC6AB6D0019E0E6 /* sha1edpLittleEndian.s */; };
		AAAF0BA50DC7A42A0044DA03 /* sha1edpBigEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCD0DC6AB6D0019E0E6 /* sha1edpBigEndian.s */; };
		AAAF0BA60DC7A42A0044DA03 /* sha1edpLittleEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCE0DC6AB6D0019E0E6 /* sha1edpLittleEndian.s */; };
		AAD42CD30D7DE027000BCEBF /* ccRC2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FD0D34431400BAE6A2 /* ccRC2.c */; };
		AAD42CD40D7DE027000BCEBF /* rc2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FE0D34431400BAE6A2 /* rc2.c */; };
		D6658D950BD8178400D18063 /* CC_crypto.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05DF6D1109CF2D7200D9A3E8 /* CC_crypto.3cc */; };
		D6658D960BD8178400D18063 /* CC_MD2.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5B60BC6D67000878B42 /* CC_MD2.3cc */; };
		D6658D970BD8178400D18063 /* CC_MD2_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5B70BC6D67000878B42 /* CC_MD2_Final.3cc */; };
		D6658D980BD8178400D18063 /* CC_MD2_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5B80BC6D67000878B42 /* CC_MD2_Init.3cc */; };
		D6658D990BD8178400D18063 /* CC_MD2_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5B90BC6D67000878B42 /* CC_MD2_Update.3cc */; };
		D6658D9A0BD8178400D18063 /* CC_MD4.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5BA0BC6D67000878B42 /* CC_MD4.3cc */; };
		D6658D9B0BD8178400D18063 /* CC_MD4_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5BB0BC6D67000878B42 /* CC_MD4_Final.3cc */; };
		D6658D9C0BD8178400D18063 /* CC_MD4_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5BC0BC6D67000878B42 /* CC_MD4_Init.3cc */; };
		D6658D9D0BD8178400D18063 /* CC_MD4_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5BD0BC6D67000878B42 /* CC_MD4_Update.3cc */; };
		D6658D9E0BD8178400D18063 /* CC_MD5.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05DF6D1209CF2D7200D9A3E8 /* CC_MD5.3cc */; };
		D6658D9F0BD8178400D18063 /* CC_MD5_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5BE0BC6D67000878B42 /* CC_MD5_Final.3cc */; };
		D6658DA00BD8178400D18063 /* CC_MD5_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5BF0BC6D67000878B42 /* CC_MD5_Init.3cc */; };
		D6658DA10BD8178400D18063 /* CC_MD5_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C00BC6D67000878B42 /* CC_MD5_Update.3cc */; };
		D6658DA20BD8178400D18063 /* CC_SHA.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05DF6D1309CF2D7200D9A3E8 /* CC_SHA.3cc */; };
		D6658DA30BD8178400D18063 /* CC_SHA1.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C10BC6D67000878B42 /* CC_SHA1.3cc */; };
		D6658DA40BD8178400D18063 /* CC_SHA1_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C20BC6D67000878B42 /* CC_SHA1_Final.3cc */; };
		D6658DA50BD8178400D18063 /* CC_SHA1_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C30BC6D67000878B42 /* CC_SHA1_Init.3cc */; };
		D6658DA60BD8178400D18063 /* CC_SHA1_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C40BC6D67000878B42 /* CC_SHA1_Update.3cc */; };
		D6658DA70BD8178400D18063 /* CC_SHA224.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C50BC6D67000878B42 /* CC_SHA224.3cc */; };
		D6658DA80BD8178400D18063 /* CC_SHA224_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C60BC6D67000878B42 /* CC_SHA224_Final.3cc */; };
		D6658DA90BD8178400D18063 /* CC_SHA224_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C70BC6D67000878B42 /* CC_SHA224_Init.3cc */; };
		D6658DAA0BD8178400D18063 /* CC_SHA224_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C80BC6D67000878B42 /* CC_SHA224_Update.3cc */; };
		D6658DAB0BD8178400D18063 /* CC_SHA256.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C90BC6D67000878B42 /* CC_SHA256.3cc */; };
		D6658DAC0BD8178400D18063 /* CC_SHA256_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5CA0BC6D67000878B42 /* CC_SHA256_Final.3cc */; };
		D6658DAD0BD8178400D18063 /* CC_SHA256_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5CB0BC6D67000878B42 /* CC_SHA256_Init.3cc */; };
		D6658DAE0BD8178400D18063 /* CC_SHA256_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5CC0BC6D67000878B42 /* CC_SHA256_Update.3cc */; };
		D6658DAF0BD8178400D18063 /* CC_SHA384.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5CD0BC6D67000878B42 /* CC_SHA384.3cc */; };
		D6658DB00BD8178400D18063 /* CC_SHA384_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5CE0BC6D67000878B42 /* CC_SHA384_Final.3cc */; };
		D6658DB10BD8178400D18063 /* CC_SHA384_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5CF0BC6D67000878B42 /* CC_SHA384_Init.3cc */; };
		D6658DB20BD8178400D18063 /* CC_SHA384_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D00BC6D67000878B42 /* CC_SHA384_Update.3cc */; };
		D6658DB30BD8178400D18063 /* CC_SHA512.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D10BC6D67000878B42 /* CC_SHA512.3cc */; };
		D6658DB40BD8178400D18063 /* CC_SHA512_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D20BC6D67000878B42 /* CC_SHA512_Final.3cc */; };
		D6658DB50BD8178400D18063 /* CC_SHA512_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D30BC6D67000878B42 /* CC_SHA512_Init.3cc */; };
		D6658DB60BD8178400D18063 /* CC_SHA512_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D40BC6D67000878B42 /* CC_SHA512_Update.3cc */; };
		D6658DB70BD8178400D18063 /* CCCrypt.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D50BC6D67000878B42 /* CCCrypt.3cc */; };
		D6658DB80BD8178400D18063 /* CCCryptor.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D60BC6D67000878B42 /* CCCryptor.3cc */; };
		D6658DB90BD8178400D18063 /* CCCryptorCreate.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D70BC6D67000878B42 /* CCCryptorCreate.3cc */; };
		D6658DBA0BD8178400D18063 /* CCCryptorFinal.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D80BC6D67000878B42 /* CCCryptorFinal.3cc */; };
		D6658DBB0BD8178400D18063 /* CCCryptorGetOutputLength.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D90BC6D67000878B42 /* CCCryptorGetOutputLength.3cc */; };
		D6658DBC0BD8178400D18063 /* CCCryptorRelease.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5DA0BC6D67000878B42 /* CCCryptorRelease.3cc */; };
		D6658DBD0BD8178400D18063 /* CCCryptorReset.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5DB0BC6D67000878B42 /* CCCryptorReset.3cc */; };
		D6658DBE0BD8178400D18063 /* CCCryptorUpdate.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5DC0BC6D67000878B42 /* CCCryptorUpdate.3cc */; };
		D6658DBF0BD8178400D18063 /* CCHmac.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5DD0BC6D67000878B42 /* CCHmac.3cc */; };
		D6658DC00BD8178400D18063 /* CCHmacFinal.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5DE0BC6D67000878B42 /* CCHmacFinal.3cc */; };
		D6658DC10BD8178400D18063 /* CCHmacInit.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5DF0BC6D67000878B42 /* CCHmacInit.3cc */; };
		D6658DC20BD8178400D18063 /* CCHmacUpdate.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5E00BC6D67000878B42 /* CCHmacUpdate.3cc */; };
		D6658DC30BD8178400D18063 /* CCryptorCreateFromData.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5E10BC6D67000878B42 /* CCryptorCreateFromData.3cc */; };
		D6658DC40BD8178400D18063 /* Common Crypto.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5E20BC6D67000878B42 /* Common Crypto.3cc */; };
/* End PBXBuildFile section */

/* Begin PBXBuildRule section */
		B125268E0713742A00BB8157 /* PBXBuildRule */ = {
			isa = PBXBuildRule;
			compilerSpec = com.apple.compilers.gcc;
			fileType = sourcecode.c;
			isEditable = 1;
			outputFiles = (
			);
		};
		B125268F0713744500BB8157 /* PBXBuildRule */ = {
			isa = PBXBuildRule;
			compilerSpec = com.apple.compilers.gcc;
			fileType = sourcecode.c;
			isEditable = 1;
			outputFiles = (
			);
		};
		B12526900713744F00BB8157 /* PBXBuildRule */ = {
			isa = PBXBuildRule;
			compilerSpec = com.apple.compilers.gcc;
			fileType = sourcecode.c;
			isEditable = 1;
			outputFiles = (
			);
		};
		B12526910713745B00BB8157 /* PBXBuildRule */ = {
			isa = PBXBuildRule;
			compilerSpec = com.apple.compilers.gcc;
			fileType = sourcecode.c;
			isEditable = 1;
			outputFiles = (
			);
		};
/* End PBXBuildRule section */

/* Begin PBXContainerItemProxy section */
		050678EA064015C1001640AF /* PBXContainerItemProxy */ = {
			isa = PBXContainerItemProxy;
			containerPortal = 054BBEA605F6A8DE00344873 /* Project object */;
			proxyType = 1;
			remoteGlobalIDString = 05067903064025BF001640AF;
			remoteInfo = commonCrypto_profile;
		};
		0511C4620A3785340028BFC3 /* PBXContainerItemProxy */ = {
			isa = PBXContainerItemProxy;
			containerPortal = 054BBEA605F6A8DE00344873 /* Project object */;
			proxyType = 1;
			remoteGlobalIDString = 05CE94290A3784D4007C91D6;
			remoteInfo = "Copy Open Source Docs";
		};
		054BBEFA05F6AAC800344873 /* PBXContainerItemProxy */ = {
			isa = PBXContainerItemProxy;
			containerPortal = 054BBEA605F6A8DE00344873 /* Project object */;
			proxyType = 1;
			remoteGlobalIDString = 054BBEBD05F6A97700344873;
			remoteInfo = commonCrypto;
		};
		054BBEFC05F6AAC800344873 /* PBXContainerItemProxy */ = {
			isa = PBXContainerItemProxy;
			containerPortal = 054BBEA605F6A8DE00344873 /* Project object */;
			proxyType = 1;
			remoteGlobalIDString = 054BBEC505F6A98900344873;
			remoteInfo = commonCryptoStatic;
		};
		055688210640139D0048BE18 /* PBXContainerItemProxy */ = {
			isa = PBXContainerItemProxy;
			containerPortal = 054BBEA605F6A8DE00344873 /* Project object */;
			proxyType = 1;
			remoteGlobalIDString = 055687FF064012D40048BE18;
			remoteInfo = commonCrypto_debug;
		};
/* End PBXContainerItemProxy section */

/* Begin PBXCopyFilesBuildPhase section */
		05A376200612288F009C43A6 /* CopyFiles */ = {
			isa = PBXCopyFilesBuildPhase;
			buildActionMask = 8;
			dstPath = /usr/include/CommonCrypto;
			dstSubfolderSpec = 0;
			files = (
				05D9F62D09D8745E00AD30A7 /* CommonCryptor.h in CopyFiles */,
				050737EF09E41958005E9620 /* CommonHMAC.h in CopyFiles */,
				05A3762A061228FA009C43A6 /* CommonDigest.h in CopyFiles */,
			);
			runOnlyForDeploymentPostprocessing = 1;
		};
		05CE94280A3784D4007C91D6 /* CopyFiles */ = {
			isa = PBXCopyFilesBuildPhase;
			buildActionMask = 8;
			dstPath = /usr/local/OpenSourceVersions/;
			dstSubfolderSpec = 0;
			files = (
				05CE942D0A37850A007C91D6 /* CommonCrypto.plist in CopyFiles */,
			);
			runOnlyForDeploymentPostprocessing = 1;
		};
		05CE942F0A37850A007C91D6 /* CopyFiles */ = {
			isa = PBXCopyFilesBuildPhase;
			buildActionMask = 8;
			dstPath = /usr/local/OpenSourceLicenses/;
			dstSubfolderSpec = 0;
			files = (
				0511C47E0A37892C0028BFC3 /* CommonCrypto.txt in CopyFiles */,
			);
			runOnlyForDeploymentPostprocessing = 1;
		};
		05E0A12709DD99EC005F54BA /* CopyFiles */ = {
			isa = PBXCopyFilesBuildPhase;
			buildActionMask = 8;
			dstPath = /usr/local/include/CommonCrypto;
			dstSubfolderSpec = 0;
			files = (
				05E0A1DD09DDA766005F54BA /* CommonCryptoPriv.h in CopyFiles */,
				05E0A12909DD9A0D005F54BA /* aes.h in CopyFiles */,
				05E0A12A09DD9A0D005F54BA /* aesopt.h in CopyFiles */,
				05E0A12B09DD9A0D005F54BA /* cast.h in CopyFiles */,
				05E0A12C09DD9A0D005F54BA /* ccCast.h in CopyFiles */,
				05E0A12D09DD9A0D005F54BA /* opensslDES.h in CopyFiles */,
				05C91B1C09E481AA007CCD4E /* rc4.h in CopyFiles */,
			);
			runOnlyForDeploymentPostprocessing = 1;
		};
		4C0889E706EFE038009F3789 /* CopyFiles */ = {
			isa = PBXCopyFilesBuildPhase;
			buildActionMask = 2147483647;
			dstPath = include/CommonCrypto;
			dstSubfolderSpec = 16;
			files = (
				05E0A1DE09DDA774005F54BA /* CommonCryptoPriv.h in CopyFiles */,
				05D9F62E09D8746300AD30A7 /* CommonCryptor.h in CopyFiles */,
				050737F009E41969005E9620 /* CommonHMAC.h in CopyFiles */,
				4C0889EA06EFE058009F3789 /* CommonDigest.h in CopyFiles */,
				05E0A12209DD99D8005F54BA /* aes.h in CopyFiles */,
				05E0A12309DD99D8005F54BA /* aesopt.h in CopyFiles */,
				05E0A12409DD99D8005F54BA /* cast.h in CopyFiles */,
				05E0A12509DD99D8005F54BA /* ccCast.h in CopyFiles */,
				05E0A12609DD99D8005F54BA /* opensslDES.h in CopyFiles */,
				05C91B1D09E481B4007CCD4E /* rc4.h in CopyFiles */,
			);
			runOnlyForDeploymentPostprocessing = 0;
		};
		D6658DC80BD817B600D18063 /* CopyFiles */ = {
			isa = PBXCopyFilesBuildPhase;
			buildActionMask = 8;
			dstPath = /usr/share/man/man3;
			dstSubfolderSpec = 0;
			files = (
				D6658D950BD8178400D18063 /* CC_crypto.3cc in CopyFiles */,
				D6658D960BD8178400D18063 /* CC_MD2.3cc in CopyFiles */,
				D6658D970BD8178400D18063 /* CC_MD2_Final.3cc in CopyFiles */,
				D6658D980BD8178400D18063 /* CC_MD2_Init.3cc in CopyFiles */,
				D6658D990BD8178400D18063 /* CC_MD2_Update.3cc in CopyFiles */,
				D6658D9A0BD8178400D18063 /* CC_MD4.3cc in CopyFiles */,
				D6658D9B0BD8178400D18063 /* CC_MD4_Final.3cc in CopyFiles */,
				D6658D9C0BD8178400D18063 /* CC_MD4_Init.3cc in CopyFiles */,
				D6658D9D0BD8178400D18063 /* CC_MD4_Update.3cc in CopyFiles */,
				D6658D9E0BD8178400D18063 /* CC_MD5.3cc in CopyFiles */,
				D6658D9F0BD8178400D18063 /* CC_MD5_Final.3cc in CopyFiles */,
				D6658DA00BD8178400D18063 /* CC_MD5_Init.3cc in CopyFiles */,
				D6658DA10BD8178400D18063 /* CC_MD5_Update.3cc in CopyFiles */,
				D6658DA20BD8178400D18063 /* CC_SHA.3cc in CopyFiles */,
				D6658DA30BD8178400D18063 /* CC_SHA1.3cc in CopyFiles */,
				D6658DA40BD8178400D18063 /* CC_SHA1_Final.3cc in CopyFiles */,
				D6658DA50BD8178400D18063 /* CC_SHA1_Init.3cc in CopyFiles */,
				D6658DA60BD8178400D18063 /* CC_SHA1_Update.3cc in CopyFiles */,
				D6658DA70BD8178400D18063 /* CC_SHA224.3cc in CopyFiles */,
				D6658DA80BD8178400D18063 /* CC_SHA224_Final.3cc in CopyFiles */,
				D6658DA90BD8178400D18063 /* CC_SHA224_Init.3cc in CopyFiles */,
				D6658DAA0BD8178400D18063 /* CC_SHA224_Update.3cc in CopyFiles */,
				D6658DAB0BD8178400D18063 /* CC_SHA256.3cc in CopyFiles */,
				D6658DAC0BD8178400D18063 /* CC_SHA256_Final.3cc in CopyFiles */,
				D6658DAD0BD8178400D18063 /* CC_SHA256_Init.3cc in CopyFiles */,
				D6658DAE0BD8178400D18063 /* CC_SHA256_Update.3cc in CopyFiles */,
				D6658DAF0BD8178400D18063 /* CC_SHA384.3cc in CopyFiles */,
				D6658DB00BD8178400D18063 /* CC_SHA384_Final.3cc in CopyFiles */,
				D6658DB10BD8178400D18063 /* CC_SHA384_Init.3cc in CopyFiles */,
				D6658DB20BD8178400D18063 /* CC_SHA384_Update.3cc in CopyFiles */,
				D6658DB30BD8178400D18063 /* CC_SHA512.3cc in CopyFiles */,
				D6658DB40BD8178400D18063 /* CC_SHA512_Final.3cc in CopyFiles */,
				D6658DB50BD8178400D18063 /* CC_SHA512_Init.3cc in CopyFiles */,
				D6658DB60BD8178400D18063 /* CC_SHA512_Update.3cc in CopyFiles */,
				D6658DB70BD8178400D18063 /* CCCrypt.3cc in CopyFiles */,
				D6658DB80BD8178400D18063 /* CCCryptor.3cc in CopyFiles */,
				D6658DB90BD8178400D18063 /* CCCryptorCreate.3cc in CopyFiles */,
				D6658DBA0BD8178400D18063 /* CCCryptorFinal.3cc in CopyFiles */,
				D6658DBB0BD8178400D18063 /* CCCryptorGetOutputLength.3cc in CopyFiles */,
				D6658DBC0BD8178400D18063 /* CCCryptorRelease.3cc in CopyFiles */,
				D6658DBD0BD8178400D18063 /* CCCryptorReset.3cc in CopyFiles */,
				D6658DBE0BD8178400D18063 /* CCCryptorUpdate.3cc in CopyFiles */,
				D6658DBF0BD8178400D18063 /* CCHmac.3cc in CopyFiles */,
				D6658DC00BD8178400D18063 /* CCHmacFinal.3cc in CopyFiles */,
				D6658DC10BD8178400D18063 /* CCHmacInit.3cc in CopyFiles */,
				D6658DC20BD8178400D18063 /* CCHmacUpdate.3cc in CopyFiles */,
				D6658DC30BD8178400D18063 /* CCryptorCreateFromData.3cc in CopyFiles */,
				D6658DC40BD8178400D18063 /* Common Crypto.3cc in CopyFiles */,
			);
			runOnlyForDeploymentPostprocessing = 1;
		};
/* End PBXCopyFilesBuildPhase section */

/* Begin PBXFileReference section */
		05067904064025BF001640AF /* libcommonCrypto_profile.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libcommonCrypto_profile.a; sourceTree = BUILT_PRODUCTS_DIR; };
		052049F809D1A6CC00A0D022 /* BlockCipher.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = BlockCipher.c; sourceTree = "<group>"; };
		052F6C7009DB207F00EE63A4 /* aes.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = aes.h; sourceTree = "<group>"; };
		052F6C7109DB207F00EE63A4 /* aescrypt.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = aescrypt.c; sourceTree = "<group>"; };
		052F6C7209DB207F00EE63A4 /* aeskey.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = aeskey.c; sourceTree = "<group>"; };
		052F6C7309DB207F00EE63A4 /* aesopt.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = aesopt.h; sourceTree = "<group>"; };
		052F6C7409DB207F00EE63A4 /* aestab.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = aestab.c; sourceTree = "<group>"; };
		052F6C7509DB207F00EE63A4 /* aestab.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = aestab.h; sourceTree = "<group>"; };
		0539DC2609D4919D00AB7F89 /* opensslDES.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = opensslDES.c; sourceTree = "<group>"; };
		0539DC2709D4919D00AB7F89 /* opensslDES.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = opensslDES.h; sourceTree = "<group>"; };
		054BBEBE05F6A97700344873 /* libcommonCrypto.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libcommonCrypto.a; sourceTree = BUILT_PRODUCTS_DIR; };
		054BBEC605F6A98900344873 /* libcommonCryptoStatic.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libcommonCryptoStatic.a; sourceTree = BUILT_PRODUCTS_DIR; };
		054BBECD05F6AA7200344873 /* CommonDigest.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = CommonDigest.h; sourceTree = "<group>"; };
		054BBED205F6AA8900344873 /* CommonDigestPriv.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = CommonDigestPriv.h; sourceTree = "<group>"; };
		054BBED305F6AA8900344873 /* md2_dgst.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = md2_dgst.c; sourceTree = "<group>"; };
		054BBED405F6AA8900344873 /* md4_dgst.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = md4_dgst.c; sourceTree = "<group>"; };
		054BBED505F6AA8900344873 /* md4_locl.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = md4_locl.h; sourceTree = "<group>"; };
		054BBED605F6AA8900344873 /* md5_dgst.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = md5_dgst.c; sourceTree = "<group>"; };
		054BBED705F6AA8900344873 /* md5_locl.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = md5_locl.h; sourceTree = "<group>"; };
		054BBED805F6AA8900344873 /* md32_common.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = md32_common.h; sourceTree = "<group>"; };
		054BBEDA05F6AA8900344873 /* sha_locl.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = sha_locl.h; sourceTree = "<group>"; };
		054BBEDC05F6AA8900344873 /* sha1.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = sha1.c; sourceTree = "<group>"; };
		05568800064012D40048BE18 /* libcommonCrypto_debug.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libcommonCrypto_debug.a; sourceTree = BUILT_PRODUCTS_DIR; };
		0585FE1209DC9873001762F6 /* c_ecb.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = c_ecb.c; sourceTree = "<group>"; };
		0585FE1309DC9873001762F6 /* c_enc.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = c_enc.c; sourceTree = "<group>"; };
		0585FE1409DC9873001762F6 /* c_skey.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = c_skey.c; sourceTree = "<group>"; };
		0585FE1509DC9873001762F6 /* cast.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = cast.h; sourceTree = "<group>"; };
		0585FE1609DC9873001762F6 /* cast_lcl.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = cast_lcl.h; sourceTree = "<group>"; };
		0585FE1709DC9873001762F6 /* cast_s.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = cast_s.h; sourceTree = "<group>"; };
		0585FE1809DC9873001762F6 /* ccCast.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = ccCast.c; sourceTree = "<group>"; };
		0585FE4009DC9A1F001762F6 /* ccCast.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ccCast.h; sourceTree = "<group>"; };
		05C4416E09D4BACE002066D1 /* e_os2.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = e_os2.h; sourceTree = "<group>"; };
		05C4417209D4BB0B002066D1 /* opensslconf.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = opensslconf.h; sourceTree = "<group>"; };
		05C70C5309D471C30004B8F4 /* spr.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = spr.h; sourceTree = "<group>"; };
		05C91AC209E47E9A007CCD4E /* BlockCipher.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = BlockCipher.h; sourceTree = "<group>"; };
		05C91ACD09E47F93007CCD4E /* StreamCipher.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = StreamCipher.h; sourceTree = "<group>"; };
		05C91ACE09E47F93007CCD4E /* StreamCipher.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = StreamCipher.c; sourceTree = "<group>"; };
		05C91AF809E48079007CCD4E /* rc4_enc.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = rc4_enc.c; sourceTree = "<group>"; };
		05C91AF909E48079007CCD4E /* rc4_skey.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = rc4_skey.c; sourceTree = "<group>"; };
		05C91B0209E480A1007CCD4E /* rc4.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = rc4.h; sourceTree = "<group>"; };
		05CE942B0A37850A007C91D6 /* CommonCrypto.plist */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.plist.xml; name = CommonCrypto.plist; path = doc/CommonCrypto.plist; sourceTree = "<group>"; };
		05CE942C0A37850A007C91D6 /* CommonCrypto.txt */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CommonCrypto.txt; path = doc/CommonCrypto.txt; sourceTree = "<group>"; };
		05D5045B09DC5F7A00F47E19 /* ccNewGladman.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = ccNewGladman.c; sourceTree = "<group>"; };
		05D8D97C09E411AA00E03504 /* CommonHMAC.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CommonHMAC.h; sourceTree = "<group>"; };
		05D9F60F09D85F2C00AD30A7 /* CommonCryptor.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = CommonCryptor.c; sourceTree = "<group>"; };
		05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CommonCryptor.h; sourceTree = "<group>"; };
		05D9F62209D8696B00AD30A7 /* CommonCryptorPriv.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CommonCryptorPriv.h; sourceTree = "<group>"; };
		05D9F64E09D87ED000AD30A7 /* CommonHMAC.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = CommonHMAC.c; sourceTree = "<group>"; };
		05DF6D1109CF2D7200D9A3E8 /* CC_crypto.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_crypto.3cc; path = doc/CC_crypto.3cc; sourceTree = "<group>"; };
		05DF6D1209CF2D7200D9A3E8 /* CC_MD5.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD5.3cc; path = doc/CC_MD5.3cc; sourceTree = "<group>"; };
		05DF6D1309CF2D7200D9A3E8 /* CC_SHA.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA.3cc; path = doc/CC_SHA.3cc; sourceTree = "<group>"; };
		05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = CommonCryptoPriv.h; sourceTree = "<group>"; };
		05E319B7063890C100C4AD24 /* sha2.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = sha2.c; sourceTree = "<group>"; };
		05E319DC0638913700C4AD24 /* sha2Priv.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = sha2Priv.h; sourceTree = "<group>"; };
		05ECA0E409D468E200CFE5CB /* des.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = des.h; sourceTree = "<group>"; };
		05ECA0E509D468E200CFE5CB /* des_enc.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = des_enc.c; sourceTree = "<group>"; };
		05ECA0E609D468E200CFE5CB /* des_locl.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = des_locl.h; sourceTree = "<group>"; };
		05ECA0ED09D469A100CFE5CB /* set_key.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = set_key.c; sourceTree = "<group>"; };
		58226EAB0D35835700B35CC2 /* AES.c */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.c; fileEncoding = 4; includeInIndex = 1; name = AES.c; path = AESedp/AES.c; sourceTree = "<group>"; };
		58226EAC0D35835700B35CC2 /* AESAssembly.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AESAssembly.h; path = AESedp/AESAssembly.h; sourceTree = "<group>"; };
		5855FFD40D3ECE2000D5D39C /* AES.s */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = AES.s; path = AESedp/Intel/AES.s; sourceTree = "<group>"; };
		58B40ECE0D49459900557D7E /* EncryptCBC.s */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = EncryptCBC.s; path = AESedp/Intel/EncryptCBC.s; sourceTree = "<group>"; };
		58B40ED30D494A1800557D7E /* DecryptCBC.s */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = DecryptCBC.s; path = AESedp/Intel/DecryptCBC.s; sourceTree = "<group>"; };
		795CA3FD0D34431400BAE6A2 /* ccRC2.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = ccRC2.c; sourceTree = "<group>"; };
		795CA3FE0D34431400BAE6A2 /* rc2.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = rc2.c; sourceTree = "<group>"; };
		795CA4010D34433300BAE6A2 /* rc2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = rc2.h; sourceTree = "<group>"; };
		795CA4080D34444000BAE6A2 /* ccRC2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ccRC2.h; sourceTree = "<group>"; };
		AAB5CBCC0DC6AB6D0019E0E6 /* sha1edp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = sha1edp.h; sourceTree = "<group>"; };
		AAB5CBCD0DC6AB6D0019E0E6 /* sha1edpBigEndian.s */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; path = sha1edpBigEndian.s; sourceTree = "<group>"; };
		AAB5CBCE0DC6AB6D0019E0E6 /* sha1edpLittleEndian.s */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; path = sha1edpLittleEndian.s; sourceTree = "<group>"; };
		D671B5B60BC6D67000878B42 /* CC_MD2.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD2.3cc; path = doc/CC_MD2.3cc; sourceTree = "<group>"; };
		D671B5B70BC6D67000878B42 /* CC_MD2_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD2_Final.3cc; path = doc/CC_MD2_Final.3cc; sourceTree = "<group>"; };
		D671B5B80BC6D67000878B42 /* CC_MD2_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD2_Init.3cc; path = doc/CC_MD2_Init.3cc; sourceTree = "<group>"; };
		D671B5B90BC6D67000878B42 /* CC_MD2_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD2_Update.3cc; path = doc/CC_MD2_Update.3cc; sourceTree = "<group>"; };
		D671B5BA0BC6D67000878B42 /* CC_MD4.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD4.3cc; path = doc/CC_MD4.3cc; sourceTree = "<group>"; };
		D671B5BB0BC6D67000878B42 /* CC_MD4_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD4_Final.3cc; path = doc/CC_MD4_Final.3cc; sourceTree = "<group>"; };
		D671B5BC0BC6D67000878B42 /* CC_MD4_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD4_Init.3cc; path = doc/CC_MD4_Init.3cc; sourceTree = "<group>"; };
		D671B5BD0BC6D67000878B42 /* CC_MD4_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD4_Update.3cc; path = doc/CC_MD4_Update.3cc; sourceTree = "<group>"; };
		D671B5BE0BC6D67000878B42 /* CC_MD5_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD5_Final.3cc; path = doc/CC_MD5_Final.3cc; sourceTree = "<group>"; };
		D671B5BF0BC6D67000878B42 /* CC_MD5_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD5_Init.3cc; path = doc/CC_MD5_Init.3cc; sourceTree = "<group>"; };
		D671B5C00BC6D67000878B42 /* CC_MD5_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD5_Update.3cc; path = doc/CC_MD5_Update.3cc; sourceTree = "<group>"; };
		D671B5C10BC6D67000878B42 /* CC_SHA1.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA1.3cc; path = doc/CC_SHA1.3cc; sourceTree = "<group>"; };
		D671B5C20BC6D67000878B42 /* CC_SHA1_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA1_Final.3cc; path = doc/CC_SHA1_Final.3cc; sourceTree = "<group>"; };
		D671B5C30BC6D67000878B42 /* CC_SHA1_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA1_Init.3cc; path = doc/CC_SHA1_Init.3cc; sourceTree = "<group>"; };
		D671B5C40BC6D67000878B42 /* CC_SHA1_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA1_Update.3cc; path = doc/CC_SHA1_Update.3cc; sourceTree = "<group>"; };
		D671B5C50BC6D67000878B42 /* CC_SHA224.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA224.3cc; path = doc/CC_SHA224.3cc; sourceTree = "<group>"; };
		D671B5C60BC6D67000878B42 /* CC_SHA224_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA224_Final.3cc; path = doc/CC_SHA224_Final.3cc; sourceTree = "<group>"; };
		D671B5C70BC6D67000878B42 /* CC_SHA224_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA224_Init.3cc; path = doc/CC_SHA224_Init.3cc; sourceTree = "<group>"; };
		D671B5C80BC6D67000878B42 /* CC_SHA224_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA224_Update.3cc; path = doc/CC_SHA224_Update.3cc; sourceTree = "<group>"; };
		D671B5C90BC6D67000878B42 /* CC_SHA256.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA256.3cc; path = doc/CC_SHA256.3cc; sourceTree = "<group>"; };
		D671B5CA0BC6D67000878B42 /* CC_SHA256_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA256_Final.3cc; path = doc/CC_SHA256_Final.3cc; sourceTree = "<group>"; };
		D671B5CB0BC6D67000878B42 /* CC_SHA256_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA256_Init.3cc; path = doc/CC_SHA256_Init.3cc; sourceTree = "<group>"; };
		D671B5CC0BC6D67000878B42 /* CC_SHA256_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA256_Update.3cc; path = doc/CC_SHA256_Update.3cc; sourceTree = "<group>"; };
		D671B5CD0BC6D67000878B42 /* CC_SHA384.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA384.3cc; path = doc/CC_SHA384.3cc; sourceTree = "<group>"; };
		D671B5CE0BC6D67000878B42 /* CC_SHA384_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA384_Final.3cc; path = doc/CC_SHA384_Final.3cc; sourceTree = "<group>"; };
		D671B5CF0BC6D67000878B42 /* CC_SHA384_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA384_Init.3cc; path = doc/CC_SHA384_Init.3cc; sourceTree = "<group>"; };
		D671B5D00BC6D67000878B42 /* CC_SHA384_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA384_Update.3cc; path = doc/CC_SHA384_Update.3cc; sourceTree = "<group>"; };
		D671B5D10BC6D67000878B42 /* CC_SHA512.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA512.3cc; path = doc/CC_SHA512.3cc; sourceTree = "<group>"; };
		D671B5D20BC6D67000878B42 /* CC_SHA512_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA512_Final.3cc; path = doc/CC_SHA512_Final.3cc; sourceTree = "<group>"; };
		D671B5D30BC6D67000878B42 /* CC_SHA512_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA512_Init.3cc; path = doc/CC_SHA512_Init.3cc; sourceTree = "<group>"; };
		D671B5D40BC6D67000878B42 /* CC_SHA512_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA512_Update.3cc; path = doc/CC_SHA512_Update.3cc; sourceTree = "<group>"; };
		D671B5D50BC6D67000878B42 /* CCCrypt.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCrypt.3cc; path = doc/CCCrypt.3cc; sourceTree = "<group>"; };
		D671B5D60BC6D67000878B42 /* CCCryptor.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCryptor.3cc; path = doc/CCCryptor.3cc; sourceTree = "<group>"; };
		D671B5D70BC6D67000878B42 /* CCCryptorCreate.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCryptorCreate.3cc; path = doc/CCCryptorCreate.3cc; sourceTree = "<group>"; };
		D671B5D80BC6D67000878B42 /* CCCryptorFinal.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCryptorFinal.3cc; path = doc/CCCryptorFinal.3cc; sourceTree = "<group>"; };
		D671B5D90BC6D67000878B42 /* CCCryptorGetOutputLength.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCryptorGetOutputLength.3cc; path = doc/CCCryptorGetOutputLength.3cc; sourceTree = "<group>"; };
		D671B5DA0BC6D67000878B42 /* CCCryptorRelease.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCryptorRelease.3cc; path = doc/CCCryptorRelease.3cc; sourceTree = "<group>"; };
		D671B5DB0BC6D67000878B42 /* CCCryptorReset.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCryptorReset.3cc; path = doc/CCCryptorReset.3cc; sourceTree = "<group>"; };
		D671B5DC0BC6D67000878B42 /* CCCryptorUpdate.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCryptorUpdate.3cc; path = doc/CCCryptorUpdate.3cc; sourceTree = "<group>"; };
		D671B5DD0BC6D67000878B42 /* CCHmac.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCHmac.3cc; path = doc/CCHmac.3cc; sourceTree = "<group>"; };
		D671B5DE0BC6D67000878B42 /* CCHmacFinal.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCHmacFinal.3cc; path = doc/CCHmacFinal.3cc; sourceTree = "<group>"; };
		D671B5DF0BC6D67000878B42 /* CCHmacInit.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCHmacInit.3cc; path = doc/CCHmacInit.3cc; sourceTree = "<group>"; };
		D671B5E00BC6D67000878B42 /* CCHmacUpdate.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCHmacUpdate.3cc; path = doc/CCHmacUpdate.3cc; sourceTree = "<group>"; };
		D671B5E10BC6D67000878B42 /* CCryptorCreateFromData.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCryptorCreateFromData.3cc; path = doc/CCryptorCreateFromData.3cc; sourceTree = "<group>"; };
		D671B5E20BC6D67000878B42 /* Common Crypto.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = "Common Crypto.3cc"; path = "doc/Common Crypto.3cc"; sourceTree = "<group>"; };
/* End PBXFileReference section */

/* Begin PBXFrameworksBuildPhase section */
		05067902064025BF001640AF /* Frameworks */ = {
			isa = PBXFrameworksBuildPhase;
			buildActionMask = 2147483647;
			files = (
			);
			runOnlyForDeploymentPostprocessing = 0;
		};
		054BBEBC05F6A97700344873 /* Frameworks */ = {
			isa = PBXFrameworksBuildPhase;
			buildActionMask = 2147483647;
			files = (
			);
			runOnlyForDeploymentPostprocessing = 0;
		};
		054BBEC405F6A98900344873 /* Frameworks */ = {
			isa = PBXFrameworksBuildPhase;
			buildActionMask = 2147483647;
			files = (
			);
			runOnlyForDeploymentPostprocessing = 0;
		};
		055687FE064012D40048BE18 /* Frameworks */ = {
			isa = PBXFrameworksBuildPhase;
			buildActionMask = 2147483647;
			files = (
			);
			runOnlyForDeploymentPostprocessing = 0;
		};
/* End PBXFrameworksBuildPhase section */

/* Begin PBXGroup section */
		052F6C6D09DB204800EE63A4 /* GladmanAES */ = {
			isa = PBXGroup;
			children = (
				052F6C7109DB207F00EE63A4 /* aescrypt.c */,
				052F6C7209DB207F00EE63A4 /* aeskey.c */,
				052F6C7409DB207F00EE63A4 /* aestab.c */,
				052F6C7509DB207F00EE63A4 /* aestab.h */,
				05D5045B09DC5F7A00F47E19 /* ccNewGladman.c */,
			);
			path = GladmanAES;
			sourceTree = "<group>";
		};
		054BBEA205F6A8DE00344873 = {
			isa = PBXGroup;
			children = (
				054BBEB105F6A90E00344873 /* Public Headers */,
				054BBEB405F6A91E00344873 /* Source */,
				05DF6D0E09CF2D5B00D9A3E8 /* doc */,
				054BBEBF05F6A97700344873 /* Products */,
			);
			sourceTree = "<group>";
		};
		054BBEB105F6A90E00344873 /* Public Headers */ = {
			isa = PBXGroup;
			children = (
				054BBECD05F6AA7200344873 /* CommonDigest.h */,
				05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */,
				05D8D97C09E411AA00E03504 /* CommonHMAC.h */,
			);
			name = "Public Headers";
			path = CommonCrypto;
			sourceTree = "<group>";
		};
		054BBEB405F6A91E00344873 /* Source */ = {
			isa = PBXGroup;
			children = (
				58226EAA0D35832B00B35CC2 /* AESedp */,
				05E0A0EA09DD9603005F54BA /* SPI Headers */,
				0585FE1109DC9850001762F6 /* CAST */,
				052F6C6D09DB204800EE63A4 /* GladmanAES */,
				05C91ADE09E48026007CCD4E /* RC4 */,
				795CA3FC0D34431400BAE6A2 /* RC2 */,
				05D9F60109D85DA100AD30A7 /* Digest */,
				05ECA0E309D468BF00CFE5CB /* ccOpenssl */,
				05D9F60F09D85F2C00AD30A7 /* CommonCryptor.c */,
				054BBED205F6AA8900344873 /* CommonDigestPriv.h */,
				052049F809D1A6CC00A0D022 /* BlockCipher.c */,
				05C91AC209E47E9A007CCD4E /* BlockCipher.h */,
				05D9F62209D8696B00AD30A7 /* CommonCryptorPriv.h */,
				05D9F64E09D87ED000AD30A7 /* CommonHMAC.c */,
				05C91ACD09E47F93007CCD4E /* StreamCipher.h */,
				05C91ACE09E47F93007CCD4E /* StreamCipher.c */,
			);
			path = Source;
			sourceTree = "<group>";
		};
		054BBEBF05F6A97700344873 /* Products */ = {
			isa = PBXGroup;
			children = (
				054BBEBE05F6A97700344873 /* libcommonCrypto.a */,
				054BBEC605F6A98900344873 /* libcommonCryptoStatic.a */,
				05568800064012D40048BE18 /* libcommonCrypto_debug.a */,
				05067904064025BF001640AF /* libcommonCrypto_profile.a */,
			);
			name = Products;
			sourceTree = "<group>";
		};
		0585FE1109DC9850001762F6 /* CAST */ = {
			isa = PBXGroup;
			children = (
				0585FE1209DC9873001762F6 /* c_ecb.c */,
				0585FE1309DC9873001762F6 /* c_enc.c */,
				0585FE1409DC9873001762F6 /* c_skey.c */,
				0585FE1609DC9873001762F6 /* cast_lcl.h */,
				0585FE1709DC9873001762F6 /* cast_s.h */,
				0585FE1809DC9873001762F6 /* ccCast.c */,
			);
			path = CAST;
			sourceTree = "<group>";
		};
		05C91ADE09E48026007CCD4E /* RC4 */ = {
			isa = PBXGroup;
			children = (
				05C91AF809E48079007CCD4E /* rc4_enc.c */,
				05C91AF909E48079007CCD4E /* rc4_skey.c */,
			);
			path = RC4;
			sourceTree = "<group>";
		};
		05D9F60109D85DA100AD30A7 /* Digest */ = {
			isa = PBXGroup;
			children = (
				AAB5CBCC0DC6AB6D0019E0E6 /* sha1edp.h */,
				AAB5CBCD0DC6AB6D0019E0E6 /* sha1edpBigEndian.s */,
				AAB5CBCE0DC6AB6D0019E0E6 /* sha1edpLittleEndian.s */,
				054BBED305F6AA8900344873 /* md2_dgst.c */,
				054BBED405F6AA8900344873 /* md4_dgst.c */,
				054BBED505F6AA8900344873 /* md4_locl.h */,
				054BBED605F6AA8900344873 /* md5_dgst.c */,
				054BBED705F6AA8900344873 /* md5_locl.h */,
				054BBED805F6AA8900344873 /* md32_common.h */,
				054BBEDA05F6AA8900344873 /* sha_locl.h */,
				054BBEDC05F6AA8900344873 /* sha1.c */,
				05E319B7063890C100C4AD24 /* sha2.c */,
				05E319DC0638913700C4AD24 /* sha2Priv.h */,
			);
			path = Digest;
			sourceTree = "<group>";
		};
		05DF6D0E09CF2D5B00D9A3E8 /* doc */ = {
			isa = PBXGroup;
			children = (
				D671B5B60BC6D67000878B42 /* CC_MD2.3cc */,
				D671B5B70BC6D67000878B42 /* CC_MD2_Final.3cc */,
				D671B5B80BC6D67000878B42 /* CC_MD2_Init.3cc */,
				D671B5B90BC6D67000878B42 /* CC_MD2_Update.3cc */,
				D671B5BA0BC6D67000878B42 /* CC_MD4.3cc */,
				D671B5BB0BC6D67000878B42 /* CC_MD4_Final.3cc */,
				D671B5BC0BC6D67000878B42 /* CC_MD4_Init.3cc */,
				D671B5BD0BC6D67000878B42 /* CC_MD4_Update.3cc */,
				D671B5BE0BC6D67000878B42 /* CC_MD5_Final.3cc */,
				D671B5BF0BC6D67000878B42 /* CC_MD5_Init.3cc */,
				D671B5C00BC6D67000878B42 /* CC_MD5_Update.3cc */,
				D671B5C10BC6D67000878B42 /* CC_SHA1.3cc */,
				D671B5C20BC6D67000878B42 /* CC_SHA1_Final.3cc */,
				D671B5C30BC6D67000878B42 /* CC_SHA1_Init.3cc */,
				D671B5C40BC6D67000878B42 /* CC_SHA1_Update.3cc */,
				D671B5C50BC6D67000878B42 /* CC_SHA224.3cc */,
				D671B5C60BC6D67000878B42 /* CC_SHA224_Final.3cc */,
				D671B5C70BC6D67000878B42 /* CC_SHA224_Init.3cc */,
				D671B5C80BC6D67000878B42 /* CC_SHA224_Update.3cc */,
				D671B5C90BC6D67000878B42 /* CC_SHA256.3cc */,
				D671B5CA0BC6D67000878B42 /* CC_SHA256_Final.3cc */,
				D671B5CB0BC6D67000878B42 /* CC_SHA256_Init.3cc */,
				D671B5CC0BC6D67000878B42 /* CC_SHA256_Update.3cc */,
				D671B5CD0BC6D67000878B42 /* CC_SHA384.3cc */,
				D671B5CE0BC6D67000878B42 /* CC_SHA384_Final.3cc */,
				D671B5CF0BC6D67000878B42 /* CC_SHA384_Init.3cc */,
				D671B5D00BC6D67000878B42 /* CC_SHA384_Update.3cc */,
				D671B5D10BC6D67000878B42 /* CC_SHA512.3cc */,
				D671B5D20BC6D67000878B42 /* CC_SHA512_Final.3cc */,
				D671B5D30BC6D67000878B42 /* CC_SHA512_Init.3cc */,
				D671B5D40BC6D67000878B42 /* CC_SHA512_Update.3cc */,
				D671B5D50BC6D67000878B42 /* CCCrypt.3cc */,
				D671B5D60BC6D67000878B42 /* CCCryptor.3cc */,
				D671B5D70BC6D67000878B42 /* CCCryptorCreate.3cc */,
				D671B5D80BC6D67000878B42 /* CCCryptorFinal.3cc */,
				D671B5D90BC6D67000878B42 /* CCCryptorGetOutputLength.3cc */,
				D671B5DA0BC6D67000878B42 /* CCCryptorRelease.3cc */,
				D671B5DB0BC6D67000878B42 /* CCCryptorReset.3cc */,
				D671B5DC0BC6D67000878B42 /* CCCryptorUpdate.3cc */,
				D671B5DD0BC6D67000878B42 /* CCHmac.3cc */,
				D671B5DE0BC6D67000878B42 /* CCHmacFinal.3cc */,
				D671B5DF0BC6D67000878B42 /* CCHmacInit.3cc */,
				D671B5E00BC6D67000878B42 /* CCHmacUpdate.3cc */,
				D671B5E10BC6D67000878B42 /* CCryptorCreateFromData.3cc */,
				D671B5E20BC6D67000878B42 /* Common Crypto.3cc */,
				05CE942B0A37850A007C91D6 /* CommonCrypto.plist */,
				05CE942C0A37850A007C91D6 /* CommonCrypto.txt */,
				05DF6D1109CF2D7200D9A3E8 /* CC_crypto.3cc */,
				05DF6D1209CF2D7200D9A3E8 /* CC_MD5.3cc */,
				05DF6D1309CF2D7200D9A3E8 /* CC_SHA.3cc */,
			);
			name = doc;
			sourceTree = "<group>";
		};
		05E0A0EA09DD9603005F54BA /* SPI Headers */ = {
			isa = PBXGroup;
			children = (
				795CA4080D34444000BAE6A2 /* ccRC2.h */,
				052F6C7009DB207F00EE63A4 /* aes.h */,
				052F6C7309DB207F00EE63A4 /* aesopt.h */,
				0585FE1509DC9873001762F6 /* cast.h */,
				0585FE4009DC9A1F001762F6 /* ccCast.h */,
				0539DC2709D4919D00AB7F89 /* opensslDES.h */,
				05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */,
				05C91B0209E480A1007CCD4E /* rc4.h */,
				795CA4010D34433300BAE6A2 /* rc2.h */,
			);
			name = "SPI Headers";
			path = CommonCrypto;
			sourceTree = "<group>";
		};
		05ECA0E309D468BF00CFE5CB /* ccOpenssl */ = {
			isa = PBXGroup;
			children = (
				05ECA0E409D468E200CFE5CB /* des.h */,
				05C4417209D4BB0B002066D1 /* opensslconf.h */,
				05ECA0ED09D469A100CFE5CB /* set_key.c */,
				05ECA0E509D468E200CFE5CB /* des_enc.c */,
				0539DC2609D4919D00AB7F89 /* opensslDES.c */,
				05C70C5309D471C30004B8F4 /* spr.h */,
				05ECA0E609D468E200CFE5CB /* des_locl.h */,
				05C4416E09D4BACE002066D1 /* e_os2.h */,
			);
			path = ccOpenssl;
			sourceTree = "<group>";
		};
		58226EAA0D35832B00B35CC2 /* AESedp */ = {
			isa = PBXGroup;
			children = (
				58226EAB0D35835700B35CC2 /* AES.c */,
				58226EAC0D35835700B35CC2 /* AESAssembly.h */,
				5855FFD30D3ECE0400D5D39C /* Intel */,
			);
			name = AESedp;
			sourceTree = "<group>";
		};
		5855FFD30D3ECE0400D5D39C /* Intel */ = {
			isa = PBXGroup;
			children = (
				58B40ED30D494A1800557D7E /* DecryptCBC.s */,
				58B40ECE0D49459900557D7E /* EncryptCBC.s */,
				5855FFD40D3ECE2000D5D39C /* AES.s */,
			);
			name = Intel;
			sourceTree = "<group>";
		};
		795CA3FC0D34431400BAE6A2 /* RC2 */ = {
			isa = PBXGroup;
			children = (
				795CA3FD0D34431400BAE6A2 /* ccRC2.c */,
				795CA3FE0D34431400BAE6A2 /* rc2.c */,
			);
			path = RC2;
			sourceTree = "<group>";
		};
/* End PBXGroup section */

/* Begin PBXHeadersBuildPhase section */
		05067900064025BF001640AF /* Headers */ = {
			isa = PBXHeadersBuildPhase;
			buildActionMask = 2147483647;
			files = (
				05067905064025DD001640AF /* CommonDigest.h in Headers */,
				05067906064025DE001640AF /* CommonDigestPriv.h in Headers */,
				05067909064025E3001640AF /* md32_common.h in Headers */,
				0506790B064025E5001640AF /* md4_locl.h in Headers */,
				0506790D064025E7001640AF /* md5_locl.h in Headers */,
				05067910064025E9001640AF /* sha2Priv.h in Headers */,
				05067911064025EA001640AF /* sha_locl.h in Headers */,
				05C441BD09D4E060002066D1 /* des.h in Headers */,
				05C441BF09D4E061002066D1 /* des_locl.h in Headers */,
				05C441C009D4E062002066D1 /* e_os2.h in Headers */,
				05C441C109D4E063002066D1 /* opensslconf.h in Headers */,
				05C441C309D4E064002066D1 /* opensslDES.h in Headers */,
				05C441C509D4E065002066D1 /* spr.h in Headers */,
				05D9F61A09D85F4A00AD30A7 /* CommonCryptor.h in Headers */,
				05D9F62609D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */,
				052F6C8809DB207F00EE63A4 /* aes.h in Headers */,
				052F6C8B09DB207F00EE63A4 /* aesopt.h in Headers */,
				052F6C8D09DB207F00EE63A4 /* aestab.h in Headers */,
				0585FE3109DC9873001762F6 /* cast.h in Headers */,
				0585FE3209DC9873001762F6 /* cast_lcl.h in Headers */,
				0585FE3309DC9873001762F6 /* cast_s.h in Headers */,
				0585FE4409DC9A20001762F6 /* ccCast.h in Headers */,
				05E0A14809DD9F84005F54BA /* CommonCryptoPriv.h in Headers */,
				05D8D98009E411AB00E03504 /* CommonHMAC.h in Headers */,
				05C91AC609E47E9B007CCD4E /* BlockCipher.h in Headers */,
				05C91AD309E47F93007CCD4E /* StreamCipher.h in Headers */,
				05C91B0509E480A1007CCD4E /* rc4.h in Headers */,
				58226EB80D35835700B35CC2 /* AESAssembly.h in Headers */,
			);
			runOnlyForDeploymentPostprocessing = 0;
		};
		054BBEBA05F6A97700344873 /* Headers */ = {
			isa = PBXHeadersBuildPhase;
			buildActionMask = 2147483647;
			files = (
				054BBECE05F6AA7200344873 /* CommonDigest.h in Headers */,
				054BBEDD05F6AA8900344873 /* CommonDigestPriv.h in Headers */,
				054BBEE005F6AA8900344873 /* md4_locl.h in Headers */,
				054BBEE205F6AA8900344873 /* md5_locl.h in Headers */,
				054BBEE305F6AA8900344873 /* md32_common.h in Headers */,
				054BBEE505F6AA8900344873 /* sha_locl.h in Headers */,
				05E319DD0638913700C4AD24 /* sha2Priv.h in Headers */,
				05C70C5509D471C30004B8F4 /* spr.h in Headers */,
				0539DC2909D4919D00AB7F89 /* opensslDES.h in Headers */,
				05C4414409D49F28002066D1 /* des.h in Headers */,
				05C4414609D49F29002066D1 /* des_locl.h in Headers */,
				05C4416F09D4BACE002066D1 /* e_os2.h in Headers */,
				05C4417309D4BB0B002066D1 /* opensslconf.h in Headers */,
				05D9F61909D85F4A00AD30A7 /* CommonCryptor.h in Headers */,
				05D9F62509D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */,
				052F6C8209DB207F00EE63A4 /* aes.h in Headers */,
				052F6C8509DB207F00EE63A4 /* aesopt.h in Headers */,
				052F6C8709DB207F00EE63A4 /* aestab.h in Headers */,
				0585FE1C09DC9873001762F6 /* cast.h in Headers */,
				0585FE1D09DC9873001762F6 /* cast_lcl.h in Headers */,
				0585FE1E09DC9873001762F6 /* cast_s.h in Headers */,
				0585FE4109DC9A1F001762F6 /* ccCast.h in Headers */,
				05E0A14509DD9F84005F54BA /* CommonCryptoPriv.h in Headers */,
				05D8D97D09E411AB00E03504 /* CommonHMAC.h in Headers */,
				05C91AC309E47E9B007CCD4E /* BlockCipher.h in Headers */,
				05C91ACF09E47F93007CCD4E /* StreamCipher.h in Headers */,
				05C91B0309E480A1007CCD4E /* rc4.h in Headers */,
				58226EAF0D35835700B35CC2 /* AESAssembly.h in Headers */,
			);
			runOnlyForDeploymentPostprocessing = 0;
		};
		054BBEC205F6A98900344873 /* Headers */ = {
			isa = PBXHeadersBuildPhase;
			buildActionMask = 2147483647;
			files = (
				054BBECF05F6AA7200344873 /* CommonDigest.h in Headers */,
				054BBEE805F6AA8900344873 /* CommonDigestPriv.h in Headers */,
				054BBEEB05F6AA8900344873 /* md4_locl.h in Headers */,
				054BBEED05F6AA8900344873 /* md5_locl.h in Headers */,
				054BBEEE05F6AA8900344873 /* md32_common.h in Headers */,
				054BBEF005F6AA8900344873 /* sha_locl.h in Headers */,
				05E319DE0638913700C4AD24 /* sha2Priv.h in Headers */,
				05C441AB09D4E04F002066D1 /* des.h in Headers */,
				05C441AD09D4E050002066D1 /* des_locl.h in Headers */,
				05C441AE09D4E051002066D1 /* e_os2.h in Headers */,
				05C441AF09D4E052002066D1 /* opensslconf.h in Headers */,
				05C441B109D4E053002066D1 /* opensslDES.h in Headers */,
				05C441B309D4E054002066D1 /* spr.h in Headers */,
				05D9F61709D85F4A00AD30A7 /* CommonCryptor.h in Headers */,
				05D9F62309D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */,
				052F6C7609DB207F00EE63A4 /* aes.h in Headers */,
				052F6C7909DB207F00EE63A4 /* aesopt.h in Headers */,
				052F6C7B09DB207F00EE63A4 /* aestab.h in Headers */,
				0585FE2309DC9873001762F6 /* cast.h in Headers */,
				0585FE2409DC9873001762F6 /* cast_lcl.h in Headers */,
				0585FE2509DC9873001762F6 /* cast_s.h in Headers */,
				0585FE4209DC9A20001762F6 /* ccCast.h in Headers */,
				05E0A14609DD9F84005F54BA /* CommonCryptoPriv.h in Headers */,
				05D8D97E09E411AB00E03504 /* CommonHMAC.h in Headers */,
				05C91AC409E47E9B007CCD4E /* BlockCipher.h in Headers */,
				05C91AD109E47F93007CCD4E /* StreamCipher.h in Headers */,
				05C91B0409E480A1007CCD4E /* rc4.h in Headers */,
				58226EB20D35835700B35CC2 /* AESAssembly.h in Headers */,
			);
			runOnlyForDeploymentPostprocessing = 0;
		};
		055687FC064012D40048BE18 /* Headers */ = {
			isa = PBXHeadersBuildPhase;
			buildActionMask = 2147483647;
			files = (
				05568801064012FF0048BE18 /* CommonDigest.h in Headers */,
				05568802064012FF0048BE18 /* CommonDigestPriv.h in Headers */,
				05568804064013010048BE18 /* md32_common.h in Headers */,
				05568806064013030048BE18 /* md4_locl.h in Headers */,
				05568808064013040048BE18 /* md5_locl.h in Headers */,
				0556880B064013060048BE18 /* sha2Priv.h in Headers */,
				0556880C064013060048BE18 /* sha_locl.h in Headers */,
				05C441B409D4E057002066D1 /* des.h in Headers */,
				05C441B609D4E058002066D1 /* des_locl.h in Headers */,
				05C441B709D4E059002066D1 /* e_os2.h in Headers */,
				05C441B809D4E05A002066D1 /* opensslconf.h in Headers */,
				05C441BA09D4E05B002066D1 /* opensslDES.h in Headers */,
				05C441BC09D4E05C002066D1 /* spr.h in Headers */,
				05D9F61809D85F4A00AD30A7 /* CommonCryptor.h in Headers */,
				05D9F62409D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */,
				052F6C7C09DB207F00EE63A4 /* aes.h in Headers */,
				052F6C7F09DB207F00EE63A4 /* aesopt.h in Headers */,
				052F6C8109DB207F00EE63A4 /* aestab.h in Headers */,
				0585FE2A09DC9873001762F6 /* cast.h in Headers */,
				0585FE2B09DC9873001762F6 /* cast_lcl.h in Headers */,
				0585FE2C09DC9873001762F6 /* cast_s.h in Headers */,
				0585FE4309DC9A20001762F6 /* ccCast.h in Headers */,
				05E0A14709DD9F84005F54BA /* CommonCryptoPriv.h in Headers */,
				05D8D97F09E411AB00E03504 /* CommonHMAC.h in Headers */,
				05C91AC509E47E9B007CCD4E /* BlockCipher.h in Headers */,
				05C91AD509E47F93007CCD4E /* StreamCipher.h in Headers */,
				05C91B0609E480A1007CCD4E /* rc4.h in Headers */,
				58226EB50D35835700B35CC2 /* AESAssembly.h in Headers */,
			);
			runOnlyForDeploymentPostprocessing = 0;
		};
/* End PBXHeadersBuildPhase section */

/* Begin PBXNativeTarget section */
		05067903064025BF001640AF /* commonCrypto_profile */ = {
			isa = PBXNativeTarget;
			buildConfigurationList = C27AD0890987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCrypto_profile" */;
			buildPhases = (
				05067900064025BF001640AF /* Headers */,
				05067901064025BF001640AF /* Sources */,
				05067902064025BF001640AF /* Frameworks */,
			);
			buildRules = (
				B12526910713745B00BB8157 /* PBXBuildRule */,
			);
			dependencies = (
			);
			name = commonCrypto_profile;
			productName = commonCrypto_profile;
			productReference = 05067904064025BF001640AF /* libcommonCrypto_profile.a */;
			productType = "com.apple.product-type.library.static";
		};
		054BBEBD05F6A97700344873 /* commonCrypto */ = {
			isa = PBXNativeTarget;
			buildConfigurationList = C27AD07D0987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCrypto" */;
			buildPhases = (
				054BBEBA05F6A97700344873 /* Headers */,
				054BBEBB05F6A97700344873 /* Sources */,
				05A376200612288F009C43A6 /* CopyFiles */,
				05E0A12709DD99EC005F54BA /* CopyFiles */,
				4C0889E706EFE038009F3789 /* CopyFiles */,
				054BBEBC05F6A97700344873 /* Frameworks */,
			);
			buildRules = (
				B125268E0713742A00BB8157 /* PBXBuildRule */,
			);
			dependencies = (
			);
			name = commonCrypto;
			productName = commonCrypto;
			productReference = 054BBEBE05F6A97700344873 /* libcommonCrypto.a */;
			productType = "com.apple.product-type.library.static";
		};
		054BBEC505F6A98900344873 /* commonCryptoStatic */ = {
			isa = PBXNativeTarget;
			buildConfigurationList = C27AD0810987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCryptoStatic" */;
			buildPhases = (
				054BBEC205F6A98900344873 /* Headers */,
				054BBEC305F6A98900344873 /* Sources */,
				054BBEC405F6A98900344873 /* Frameworks */,
			);
			buildRules = (
				B125268F0713744500BB8157 /* PBXBuildRule */,
			);
			dependencies = (
			);
			name = commonCryptoStatic;
			productName = commonCryptoStatic;
			productReference = 054BBEC605F6A98900344873 /* libcommonCryptoStatic.a */;
			productType = "com.apple.product-type.library.static";
		};
		055687FF064012D40048BE18 /* commonCrypto_debug */ = {
			isa = PBXNativeTarget;
			buildConfigurationList = C27AD0850987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCrypto_debug" */;
			buildPhases = (
				055687FC064012D40048BE18 /* Headers */,
				055687FD064012D40048BE18 /* Sources */,
				055687FE064012D40048BE18 /* Frameworks */,
			);
			buildRules = (
				B12526900713744F00BB8157 /* PBXBuildRule */,
			);
			dependencies = (
			);
			name = commonCrypto_debug;
			productName = commonCrypto_debug;
			productReference = 05568800064012D40048BE18 /* libcommonCrypto_debug.a */;
			productType = "com.apple.product-type.library.static";
		};
/* End PBXNativeTarget section */

/* Begin PBXProject section */
		054BBEA605F6A8DE00344873 /* Project object */ = {
			isa = PBXProject;
			buildConfigurationList = C27AD0910987FCDA001272E0 /* Build configuration list for PBXProject "CommonCrypto" */;
			compatibilityVersion = "Xcode 2.4";
			hasScannedForEncodings = 1;
			mainGroup = 054BBEA205F6A8DE00344873;
			productRefGroup = 054BBEBF05F6A97700344873 /* Products */;
			projectDirPath = "";
			projectRoot = "";
			targets = (
				054BBEB705F6A93300344873 /* world */,
				054BBEBD05F6A97700344873 /* commonCrypto */,
				054BBEC505F6A98900344873 /* commonCryptoStatic */,
				055687FF064012D40048BE18 /* commonCrypto_debug */,
				05067903064025BF001640AF /* commonCrypto_profile */,
				05CE94290A3784D4007C91D6 /* Copy Open Source Docs */,
			);
		};
/* End PBXProject section */

/* Begin PBXSourcesBuildPhase section */
		05067901064025BF001640AF /* Sources */ = {
			isa = PBXSourcesBuildPhase;
			buildActionMask = 2147483647;
			files = (
				AAAF0BA50DC7A42A0044DA03 /* sha1edpBigEndian.s in Sources */,
				AAAF0BA60DC7A42A0044DA03 /* sha1edpLittleEndian.s in Sources */,
				05067908064025E2001640AF /* md2_dgst.c in Sources */,
				0506790A064025E4001640AF /* md4_dgst.c in Sources */,
				0506790C064025E6001640AF /* md5_dgst.c in Sources */,
				0506790E064025E7001640AF /* sha1.c in Sources */,
				0506790F064025E8001640AF /* sha2.c in Sources */,
				052049F909D1A6CC00A0D022 /* BlockCipher.c in Sources */,
				05C441BE09D4E061002066D1 /* des_enc.c in Sources */,
				05C441C209D4E063002066D1 /* opensslDES.c in Sources */,
				05C441C409D4E065002066D1 /* set_key.c in Sources */,
				05D9F61309D85F2C00AD30A7 /* CommonCryptor.c in Sources */,
				05D9F65209D87ED000AD30A7 /* CommonHMAC.c in Sources */,
				052F6C8909DB207F00EE63A4 /* aescrypt.c in Sources */,
				052F6C8A09DB207F00EE63A4 /* aeskey.c in Sources */,
				052F6C8C09DB207F00EE63A4 /* aestab.c in Sources */,
				05D5045F09DC5F7A00F47E19 /* ccNewGladman.c in Sources */,
				0585FE2E09DC9873001762F6 /* c_ecb.c in Sources */,
				0585FE2F09DC9873001762F6 /* c_enc.c in Sources */,
				0585FE3009DC9873001762F6 /* c_skey.c in Sources */,
				0585FE3409DC9873001762F6 /* ccCast.c in Sources */,
				05C91AD409E47F93007CCD4E /* StreamCipher.c in Sources */,
				05C91AFE09E48079007CCD4E /* rc4_enc.c in Sources */,
				05C91AFF09E48079007CCD4E /* rc4_skey.c in Sources */,
				58226EB70D35835700B35CC2 /* AES.c in Sources */,
				5855FFD80D3ECE2000D5D39C /* AES.s in Sources */,
				58B40ED20D49459900557D7E /* EncryptCBC.s in Sources */,
				58B40ED70D494A1800557D7E /* DecryptCBC.s in Sources */,
				AAD42CD30D7DE027000BCEBF /* ccRC2.c in Sources */,
				AAD42CD40D7DE027000BCEBF /* rc2.c in Sources */,
			);
			runOnlyForDeploymentPostprocessing = 0;
		};
		054BBEBB05F6A97700344873 /* Sources */ = {
			isa = PBXSourcesBuildPhase;
			buildActionMask = 2147483647;
			files = (
				AAAF0B9E0DC7A3DA0044DA03 /* sha1edpBigEndian.s in Sources */,
				AAAF0B9F0DC7A3DA0044DA03 /* sha1edpLittleEndian.s in Sources */,
				054BBEDE05F6AA8900344873 /* md2_dgst.c in Sources */,
				054BBEDF05F6AA8900344873 /* md4_dgst.c in Sources */,
				054BBEE105F6AA8900344873 /* md5_dgst.c in Sources */,
				054BBEE705F6AA8900344873 /* sha1.c in Sources */,
				05E319BD063890C100C4AD24 /* sha2.c in Sources */,
				052049FA09D1A6CC00A0D022 /* BlockCipher.c in Sources */,
				05ECA0EE09D469A100CFE5CB /* set_key.c in Sources */,
				0539DC2809D4919D00AB7F89 /* opensslDES.c in Sources */,
				05C4414509D49F29002066D1 /* des_enc.c in Sources */,
				05D9F61009D85F2C00AD30A7 /* CommonCryptor.c in Sources */,
				052F6C8309DB207F00EE63A4 /* aescrypt.c in Sources */,
				052F6C8409DB207F00EE63A4 /* aeskey.c in Sources */,
				052F6C8609DB207F00EE63A4 /* aestab.c in Sources */,
				05D5045C09DC5F7A00F47E19 /* ccNewGladman.c in Sources */,
				0585FE1909DC9873001762F6 /* c_ecb.c in Sources */,
				0585FE1A09DC9873001762F6 /* c_enc.c in Sources */,
				0585FE1B09DC9873001762F6 /* c_skey.c in Sources */,
				0585FE1F09DC9873001762F6 /* ccCast.c in Sources */,
				050737DB09E4172A005E9620 /* CommonHMAC.c in Sources */,
				05C91AD009E47F93007CCD4E /* StreamCipher.c in Sources */,
				05C91AFA09E48079007CCD4E /* rc4_enc.c in Sources */,
				05C91AFB09E48079007CCD4E /* rc4_skey.c in Sources */,
				795CA41E0D34459D00BAE6A2 /* ccRC2.c in Sources */,
				795CA41F0D34459D00BAE6A2 /* rc2.c in Sources */,
				58226EAE0D35835700B35CC2 /* AES.c in Sources */,
				5855FFD50D3ECE2000D5D39C /* AES.s in Sources */,
				58B40ECF0D49459900557D7E /* EncryptCBC.s in Sources */,
				58B40ED40D494A1800557D7E /* DecryptCBC.s in Sources */,
			);
			runOnlyForDeploymentPostprocessing = 0;
		};
		054BBEC305F6A98900344873 /* Sources */ = {
			isa = PBXSourcesBuildPhase;
			buildActionMask = 2147483647;
			files = (
				AAAF0BA10DC7A3F70044DA03 /* sha1edpBigEndian.s in Sources */,
				AAAF0BA20DC7A3F70044DA03 /* sha1edpLittleEndian.s in Sources */,
				795CA4210D3445EB00BAE6A2 /* ccRC2.c in Sources */,
				795CA4220D3445EB00BAE6A2 /* rc2.c in Sources */,
				054BBEE905F6AA8900344873 /* md2_dgst.c in Sources */,
				054BBEEA05F6AA8900344873 /* md4_dgst.c in Sources */,
				054BBEEC05F6AA8900344873 /* md5_dgst.c in Sources */,
				054BBEF205F6AA8900344873 /* sha1.c in Sources */,
				05E319BA063890C100C4AD24 /* sha2.c in Sources */,
				052049FB09D1A6CC00A0D022 /* BlockCipher.c in Sources */,
				05C441AC09D4E04F002066D1 /* des_enc.c in Sources */,
				05C441B009D4E052002066D1 /* opensslDES.c in Sources */,
				05C441B209D4E053002066D1 /* set_key.c in Sources */,
				05D9F61109D85F2C00AD30A7 /* CommonCryptor.c in Sources */,
				05D9F64F09D87ED000AD30A7 /* CommonHMAC.c in Sources */,
				052F6C7709DB207F00EE63A4 /* aescrypt.c in Sources */,
				052F6C7809DB207F00EE63A4 /* aeskey.c in Sources */,
				052F6C7A09DB207F00EE63A4 /* aestab.c in Sources */,
				05D5045D09DC5F7A00F47E19 /* ccNewGladman.c in Sources */,
				0585FE2009DC9873001762F6 /* c_ecb.c in Sources */,
				0585FE2109DC9873001762F6 /* c_enc.c in Sources */,
				0585FE2209DC9873001762F6 /* c_skey.c in Sources */,
				0585FE2609DC9873001762F6 /* ccCast.c in Sources */,
				05C91AD209E47F93007CCD4E /* StreamCipher.c in Sources */,
				05C91AFC09E48079007CCD4E /* rc4_enc.c in Sources */,
				05C91AFD09E48079007CCD4E /* rc4_skey.c in Sources */,
				58226EB10D35835700B35CC2 /* AES.c in Sources */,
				5855FFD60D3ECE2000D5D39C /* AES.s in Sources */,
				58B40ED00D49459900557D7E /* EncryptCBC.s in Sources */,
				58B40ED50D494A1800557D7E /* DecryptCBC.s in Sources */,
			);
			runOnlyForDeploymentPostprocessing = 0;
		};
		055687FD064012D40048BE18 /* Sources */ = {
			isa = PBXSourcesBuildPhase;
			buildActionMask = 2147483647;
			files = (
				AAAF0BA30DC7A4020044DA03 /* sha1edpBigEndian.s in Sources */,
				AAAF0BA40DC7A4020044DA03 /* sha1edpLittleEndian.s in Sources */,
				AA43AB740D7DE2440047D941 /* ccRC2.c in Sources */,
				AA43AB750D7DE2440047D941 /* rc2.c in Sources */,
				05568803064013000048BE18 /* md2_dgst.c in Sources */,
				05568805064013020048BE18 /* md4_dgst.c in Sources */,
				05568807064013030048BE18 /* md5_dgst.c in Sources */,
				05568809064013040048BE18 /* sha1.c in Sources */,
				0556880A064013050048BE18 /* sha2.c in Sources */,
				052049FC09D1A6CC00A0D022 /* BlockCipher.c in Sources */,
				05C441B509D4E058002066D1 /* des_enc.c in Sources */,
				05C441B909D4E05A002066D1 /* opensslDES.c in Sources */,
				05C441BB09D4E05C002066D1 /* set_key.c in Sources */,
				05D9F61209D85F2C00AD30A7 /* CommonCryptor.c in Sources */,
				05D9F65009D87ED000AD30A7 /* CommonHMAC.c in Sources */,
				052F6C7D09DB207F00EE63A4 /* aescrypt.c in Sources */,
				052F6C7E09DB207F00EE63A4 /* aeskey.c in Sources */,
				052F6C8009DB207F00EE63A4 /* aestab.c in Sources */,
				05D5045E09DC5F7A00F47E19 /* ccNewGladman.c in Sources */,
				0585FE2709DC9873001762F6 /* c_ecb.c in Sources */,
				0585FE2809DC9873001762F6 /* c_enc.c in Sources */,
				0585FE2909DC9873001762F6 /* c_skey.c in Sources */,
				0585FE2D09DC9873001762F6 /* ccCast.c in Sources */,
				05C91AD609E47F93007CCD4E /* StreamCipher.c in Sources */,
				05C91B0009E48079007CCD4E /* rc4_enc.c in Sources */,
				05C91B0109E48079007CCD4E /* rc4_skey.c in Sources */,
				58226EB40D35835700B35CC2 /* AES.c in Sources */,
				5855FFD70D3ECE2000D5D39C /* AES.s in Sources */,
				58B40ED10D49459900557D7E /* EncryptCBC.s in Sources */,
				58B40ED60D494A1800557D7E /* DecryptCBC.s in Sources */,
			);
			runOnlyForDeploymentPostprocessing = 0;
		};
/* End PBXSourcesBuildPhase section */

/* Begin PBXTargetDependency section */
		050678EB064015C1001640AF /* PBXTargetDependency */ = {
			isa = PBXTargetDependency;
			target = 05067903064025BF001640AF /* commonCrypto_profile */;
			targetProxy = 050678EA064015C1001640AF /* PBXContainerItemProxy */;
		};
		0511C4630A3785340028BFC3 /* PBXTargetDependency */ = {
			isa = PBXTargetDependency;
			target = 05CE94290A3784D4007C91D6 /* Copy Open Source Docs */;
			targetProxy = 0511C4620A3785340028BFC3 /* PBXContainerItemProxy */;
		};
		054BBEFB05F6AAC800344873 /* PBXTargetDependency */ = {
			isa = PBXTargetDependency;
			target = 054BBEBD05F6A97700344873 /* commonCrypto */;
			targetProxy = 054BBEFA05F6AAC800344873 /* PBXContainerItemProxy */;
		};
		054BBEFD05F6AAC800344873 /* PBXTargetDependency */ = {
			isa = PBXTargetDependency;
			target = 054BBEC505F6A98900344873 /* commonCryptoStatic */;
			targetProxy = 054BBEFC05F6AAC800344873 /* PBXContainerItemProxy */;
		};
		055688220640139D0048BE18 /* PBXTargetDependency */ = {
			isa = PBXTargetDependency;
			target = 055687FF064012D40048BE18 /* commonCrypto_debug */;
			targetProxy = 055688210640139D0048BE18 /* PBXContainerItemProxy */;
		};
/* End PBXTargetDependency section */

/* Begin XCBuildConfiguration section */
		05CE94310A37850A007C91D6 /* Development */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				COPY_PHASE_STRIP = NO;
				GCC_DYNAMIC_NO_PIC = NO;
				GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
				GCC_OPTIMIZATION_LEVEL = 0;
				PRODUCT_NAME = "Copy Open Source Docs";
			};
			name = Development;
		};
		05CE94320A37850A007C91D6 /* Deployment */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				COPY_PHASE_STRIP = YES;
				GCC_GENERATE_DEBUGGING_SYMBOLS = NO;
				PRODUCT_NAME = "Copy Open Source Docs";
				ZERO_LINK = NO;
			};
			name = Deployment;
		};
		05CE94330A37850A007C91D6 /* Default */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				PRODUCT_NAME = "Copy Open Source Docs";
			};
			name = Default;
		};
		C27AD07E0987FCDA001272E0 /* Development */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				COPY_PHASE_STRIP = NO;
				CURRENT_PROJECT_VERSION = 36064;
				GCC_MODEL_TUNING = G5;
				GCC_OPTIMIZATION_LEVEL = 1;
				GCC_WARN_FOUR_CHARACTER_CONSTANTS = NO;
				HEADER_SEARCH_PATHS = (
					"$(SRCROOT)/Source",
					"$(SRCROOT)",
				);
				INSTALLHDRS_COPY_PHASE = YES;
				INSTALL_GROUP = wheel;
				INSTALL_OWNER = root;
				INSTALL_PATH = /usr/local/lib/system;
				LIBRARY_STYLE = STATIC;
				OTHER_LDFLAGS = "";
				OTHER_REZFLAGS = YES;
				PRODUCT_NAME = commonCrypto;
				PUBLIC_HEADERS_FOLDER_PATH = /;
				SECTORDER_FLAGS = "";
				USE_HEADERMAP = NO;
				VERSIONING_SYSTEM = "apple-generic";
				WARNING_CFLAGS = (
					"-Wall",
					"-Werror",
				);
			};
			name = Development;
		};
		C27AD07F0987FCDA001272E0 /* Deployment */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				COPY_PHASE_STRIP = YES;
				CURRENT_PROJECT_VERSION = 36064;
				GCC_MODEL_TUNING = G5;
				GCC_OPTIMIZATION_LEVEL = s;
				GCC_WARN_FOUR_CHARACTER_CONSTANTS = NO;
				HEADER_SEARCH_PATHS = (
					"$(SRCROOT)/Source",
					"$(SRCROOT)",
				);
				INSTALLHDRS_COPY_PHASE = YES;
				INSTALL_PATH = /usr/local/lib/system;
				LIBRARY_STYLE = STATIC;
				OTHER_CFLAGS = "-DNDEBUG";
				OTHER_LDFLAGS = "";
				OTHER_REZFLAGS = YES;
				PRODUCT_NAME = commonCrypto;
				PUBLIC_HEADERS_FOLDER_PATH = /;
				SECTORDER_FLAGS = "";
				USE_HEADERMAP = NO;
				VERSIONING_SYSTEM = "apple-generic";
				WARNING_CFLAGS = (
					"-Wall",
					"-Werror",
				);
			};
			name = Deployment;
		};
		C27AD0800987FCDA001272E0 /* Default */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				CURRENT_PROJECT_VERSION = 36064;
				GCC_MODEL_TUNING = G5;
				GCC_OPTIMIZATION_LEVEL = s;
				GCC_WARN_FOUR_CHARACTER_CONSTANTS = NO;
				HEADER_SEARCH_PATHS = (
					"$(SRCROOT)/Source",
					"$(SRCROOT)",
				);
				INSTALLHDRS_COPY_PHASE = YES;
				INSTALL_PATH = /usr/local/lib/system;
				LIBRARY_STYLE = STATIC;
				OTHER_CFLAGS = "-DNDEBUG";
				OTHER_LDFLAGS = "";
				OTHER_REZFLAGS = YES;
				PRODUCT_NAME = commonCrypto;
				PUBLIC_HEADERS_FOLDER_PATH = /;
				SECTORDER_FLAGS = "";
				USE_HEADERMAP = NO;
				VERSIONING_SYSTEM = "apple-generic";
				WARNING_CFLAGS = (
					"-Wall",
					"-Werror",
				);
			};
			name = Default;
		};
		C27AD0820987FCDA001272E0 /* Development */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				COPY_PHASE_STRIP = NO;
				GCC_MODEL_TUNING = G5;
				GCC_OPTIMIZATION_LEVEL = 1;
				GCC_WARN_FOUR_CHARACTER_CONSTANTS = NO;
				HEADER_SEARCH_PATHS = (
					"$(SRCROOT)/Source",
					"$(SRCROOT)",
				);
				INSTALL_PATH = /usr/local/lib/;
				LIBRARY_STYLE = STATIC;
				OTHER_CFLAGS = "-static";
				OTHER_LDFLAGS = "";
				OTHER_REZFLAGS = "";
				PRODUCT_NAME = commonCryptoStatic;
				SECTORDER_FLAGS = "";
				USE_HEADERMAP = NO;
				WARNING_CFLAGS = "-Wmost";
			};
			name = Development;
		};
		C27AD0830987FCDA001272E0 /* Deployment */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				COPY_PHASE_STRIP = YES;
				GCC_MODEL_TUNING = G5;
				GCC_OPTIMIZATION_LEVEL = s;
				GCC_WARN_FOUR_CHARACTER_CONSTANTS = NO;
				HEADER_SEARCH_PATHS = (
					"$(SRCROOT)/Source",
					"$(SRCROOT)",
				);
				INSTALL_PATH = /usr/local/lib/;
				LIBRARY_STYLE = STATIC;
				OTHER_CFLAGS = "-static";
				OTHER_LDFLAGS = "";
				OTHER_REZFLAGS = "";
				PRODUCT_NAME = commonCryptoStatic;
				SECTORDER_FLAGS = "";
				USE_HEADERMAP = NO;
				WARNING_CFLAGS = "-Wmost";
			};
			name = Deployment;
		};
		C27AD0840987FCDA001272E0 /* Default */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				GCC_MODEL_TUNING = G5;
				GCC_OPTIMIZATION_LEVEL = s;
				GCC_WARN_FOUR_CHARACTER_CONSTANTS = NO;
				HEADER_SEARCH_PATHS = (
					"$(SRCROOT)/Source",
					"$(SRCROOT)",
				);
				INSTALL_PATH = /usr/local/lib/;
				LIBRARY_STYLE = STATIC;
				OTHER_CFLAGS = "-static";
				OTHER_LDFLAGS = "";
				OTHER_REZFLAGS = "";
				PRODUCT_NAME = commonCryptoStatic;
				SECTORDER_FLAGS = "";
				USE_HEADERMAP = NO;
				WARNING_CFLAGS = "-Wmost";
			};
			name = Default;
		};
		C27AD0860987FCDA001272E0 /* Development */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				COPY_PHASE_STRIP = NO;
				GCC_MODEL_TUNING = G5;
				GCC_OPTIMIZATION_LEVEL = 1;
				HEADER_SEARCH_PATHS = (
					"$(SRCROOT)/Source",
					"$(SRCROOT)",
				);
				INSTALL_PATH = /usr/local/lib/system;
				LIBRARY_STYLE = STATIC;
				OTHER_CFLAGS = "";
				OTHER_LDFLAGS = "";
				OTHER_REZFLAGS = "";
				PRODUCT_NAME = commonCrypto_debug;
				SECTORDER_FLAGS = "";
				USE_HEADERMAP = NO;
				WARNING_CFLAGS = (
					"-Wmost",
					"-Wno-four-char-constants",
					"-Wno-unknown-pragmas",
				);
			};
			name = Development;
		};
		C27AD0870987FCDA001272E0 /* Deployment */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				COPY_PHASE_STRIP = YES;
				GCC_MODEL_TUNING = G5;
				GCC_OPTIMIZATION_LEVEL = s;
				HEADER_SEARCH_PATHS = (
					"$(SRCROOT)/Source",
					"$(SRCROOT)",
				);
				INSTALL_PATH = /usr/local/lib/system;
				LIBRARY_STYLE = STATIC;
				OTHER_CFLAGS = "";
				OTHER_LDFLAGS = "";
				OTHER_REZFLAGS = "";
				PRODUCT_NAME = commonCrypto_debug;
				SECTORDER_FLAGS = "";
				USE_HEADERMAP = NO;
				WARNING_CFLAGS = (
					"-Wmost",
					"-Wno-four-char-constants",
					"-Wno-unknown-pragmas",
				);
			};
			name = Deployment;
		};
		C27AD0880987FCDA001272E0 /* Default */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				GCC_MODEL_TUNING = G5;
				GCC_OPTIMIZATION_LEVEL = s;
				HEADER_SEARCH_PATHS = (
					"$(SRCROOT)/Source",
					"$(SRCROOT)",
				);
				INSTALL_PATH = /usr/local/lib/system;
				LIBRARY_STYLE = STATIC;
				OTHER_CFLAGS = "";
				OTHER_LDFLAGS = "";
				OTHER_REZFLAGS = "";
				PRODUCT_NAME = commonCrypto_debug;
				SECTORDER_FLAGS = "";
				USE_HEADERMAP = NO;
				WARNING_CFLAGS = (
					"-Wmost",
					"-Wno-four-char-constants",
					"-Wno-unknown-pragmas",
				);
			};
			name = Default;
		};
		C27AD08A0987FCDA001272E0 /* Development */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				COPY_PHASE_STRIP = NO;
				GCC_MODEL_TUNING = G5;
				GCC_OPTIMIZATION_LEVEL = 1;
				GCC_PRECOMPILE_PREFIX_HEADER = YES;
				HEADER_SEARCH_PATHS = (
					"$(SRCROOT)/Source",
					"$(SRCROOT)",
				);
				INSTALL_PATH = /usr/local/lib/system;
				LIBRARY_STYLE = STATIC;
				OTHER_CFLAGS = "-pg";
				OTHER_LDFLAGS = (
					"-framework",
					Carbon,
				);
				OTHER_REZFLAGS = "";
				PRODUCT_NAME = commonCrypto_profile;
				SECTORDER_FLAGS = "";
				USE_HEADERMAP = NO;
				WARNING_CFLAGS = (
					"-Wmost",
					"-Wno-four-char-constants",
					"-Wno-unknown-pragmas",
				);
			};
			name = Development;
		};
		C27AD08B0987FCDA001272E0 /* Deployment */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				COPY_PHASE_STRIP = YES;
				GCC_MODEL_TUNING = G5;
				GCC_OPTIMIZATION_LEVEL = s;
				GCC_PRECOMPILE_PREFIX_HEADER = YES;
				HEADER_SEARCH_PATHS = (
					"$(SRCROOT)/Source",
					"$(SRCROOT)",
				);
				INSTALL_PATH = /usr/local/lib/system;
				LIBRARY_STYLE = STATIC;
				OTHER_CFLAGS = "-pg";
				OTHER_LDFLAGS = (
					"-framework",
					Carbon,
				);
				OTHER_REZFLAGS = "";
				PRODUCT_NAME = commonCrypto_profile;
				SECTORDER_FLAGS = "";
				USE_HEADERMAP = NO;
				WARNING_CFLAGS = (
					"-Wmost",
					"-Wno-four-char-constants",
					"-Wno-unknown-pragmas",
				);
			};
			name = Deployment;
		};
		C27AD08C0987FCDA001272E0 /* Default */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				GCC_MODEL_TUNING = G5;
				GCC_OPTIMIZATION_LEVEL = s;
				GCC_PRECOMPILE_PREFIX_HEADER = YES;
				HEADER_SEARCH_PATHS = (
					"$(SRCROOT)/Source",
					"$(SRCROOT)",
				);
				INSTALL_PATH = /usr/local/lib/system;
				LIBRARY_STYLE = STATIC;
				OTHER_CFLAGS = "-pg";
				OTHER_LDFLAGS = (
					"-framework",
					Carbon,
				);
				OTHER_REZFLAGS = "";
				PRODUCT_NAME = commonCrypto_profile;
				SECTORDER_FLAGS = "";
				USE_HEADERMAP = NO;
				WARNING_CFLAGS = (
					"-Wmost",
					"-Wno-four-char-constants",
					"-Wno-unknown-pragmas",
				);
			};
			name = Default;
		};
		C27AD08E0987FCDA001272E0 /* Development */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				COPY_PHASE_STRIP = NO;
				GCC_OPTIMIZATION_LEVEL = 0;
				INSTALL_GROUP = wheel;
				INSTALL_OWNER = root;
				OTHER_CFLAGS = "";
				OTHER_LDFLAGS = "";
				OTHER_REZFLAGS = "";
				PRODUCT_NAME = world;
				SECTORDER_FLAGS = "";
				WARNING_CFLAGS = (
					"-Wmost",
					"-Wno-four-char-constants",
					"-Wno-unknown-pragmas",
				);
			};
			name = Development;
		};
		C27AD08F0987FCDA001272E0 /* Deployment */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				COPY_PHASE_STRIP = YES;
				OTHER_CFLAGS = "";
				OTHER_LDFLAGS = "";
				OTHER_REZFLAGS = "";
				PRODUCT_NAME = world;
				SECTORDER_FLAGS = "";
				WARNING_CFLAGS = (
					"-Wmost",
					"-Wno-four-char-constants",
					"-Wno-unknown-pragmas",
				);
			};
			name = Deployment;
		};
		C27AD0900987FCDA001272E0 /* Default */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				OTHER_CFLAGS = "";
				OTHER_LDFLAGS = "";
				OTHER_REZFLAGS = "";
				PRODUCT_NAME = world;
				SECTORDER_FLAGS = "";
				WARNING_CFLAGS = (
					"-Wmost",
					"-Wno-four-char-constants",
					"-Wno-unknown-pragmas",
				);
			};
			name = Default;
		};
		C27AD0920987FCDA001272E0 /* Development */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)";
				CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)";
				GCC_PREPROCESSOR_DEFINITIONS = "$(GCC_PREPROCESSOR_DEFINITIONS)";
				GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
				GCC_WARN_ABOUT_RETURN_TYPE = YES;
				GCC_WARN_CHECK_SWITCH_STATEMENTS = YES;
				GCC_WARN_UNINITIALIZED_AUTOS = YES;
				GCC_WARN_UNUSED_FUNCTION = YES;
				GCC_WARN_UNUSED_LABEL = YES;
				HEADER_SEARCH_PATHS = "$(SRCROOT)/Source";
				OTHER_CFLAGS = "$(OTHER_CFLAGS)";
				OTHER_CPLUSPLUSFLAGS = "$(OTHER_CFLAGS)";
				VERSIONING_SYSTEM = "apple-generic";
			};
			name = Development;
		};
		C27AD0930987FCDA001272E0 /* Deployment */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)";
				CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)";
				GCC_PREPROCESSOR_DEFINITIONS = "$(GCC_PREPROCESSOR_DEFINITIONS)";
				GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
				GCC_WARN_ABOUT_RETURN_TYPE = YES;
				GCC_WARN_CHECK_SWITCH_STATEMENTS = YES;
				GCC_WARN_UNINITIALIZED_AUTOS = YES;
				GCC_WARN_UNUSED_FUNCTION = YES;
				GCC_WARN_UNUSED_LABEL = YES;
				HEADER_SEARCH_PATHS = "$(SRCROOT)/Source";
				OTHER_CFLAGS = (
					"$(OTHER_CFLAGS)",
					"-DNDEBUG",
				);
				OTHER_CPLUSPLUSFLAGS = "$(OTHER_CFLAGS)";
				VERSIONING_SYSTEM = "apple-generic";
			};
			name = Deployment;
		};
		C27AD0940987FCDA001272E0 /* Default */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)";
				CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)";
				GCC_PREPROCESSOR_DEFINITIONS = "$(GCC_PREPROCESSOR_DEFINITIONS)";
				GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
				GCC_WARN_ABOUT_RETURN_TYPE = YES;
				GCC_WARN_CHECK_SWITCH_STATEMENTS = YES;
				GCC_WARN_UNINITIALIZED_AUTOS = YES;
				GCC_WARN_UNUSED_FUNCTION = YES;
				GCC_WARN_UNUSED_LABEL = YES;
				HEADER_SEARCH_PATHS = "$(SRCROOT)/Source";
				OTHER_CFLAGS = (
					"$(OTHER_CFLAGS)",
					"-DNDEBUG",
				);
				OTHER_CPLUSPLUSFLAGS = "$(OTHER_CFLAGS)";
				UNSTRIPPED_PRODUCT = YES;
				VERSIONING_SYSTEM = "apple-generic";
			};
			name = Default;
		};
/* End XCBuildConfiguration section */

/* Begin XCConfigurationList section */
		05CE94300A37850A007C91D6 /* Build configuration list for PBXAggregateTarget "Copy Open Source Docs" */ = {
			isa = XCConfigurationList;
			buildConfigurations = (
				05CE94310A37850A007C91D6 /* Development */,
				05CE94320A37850A007C91D6 /* Deployment */,
				05CE94330A37850A007C91D6 /* Default */,
			);
			defaultConfigurationIsVisible = 0;
			defaultConfigurationName = Default;
		};
		C27AD07D0987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCrypto" */ = {
			isa = XCConfigurationList;
			buildConfigurations = (
				C27AD07E0987FCDA001272E0 /* Development */,
				C27AD07F0987FCDA001272E0 /* Deployment */,
				C27AD0800987FCDA001272E0 /* Default */,
			);
			defaultConfigurationIsVisible = 0;
			defaultConfigurationName = Default;
		};
		C27AD0810987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCryptoStatic" */ = {
			isa = XCConfigurationList;
			buildConfigurations = (
				C27AD0820987FCDA001272E0 /* Development */,
				C27AD0830987FCDA001272E0 /* Deployment */,
				C27AD0840987FCDA001272E0 /* Default */,
			);
			defaultConfigurationIsVisible = 0;
			defaultConfigurationName = Default;
		};
		C27AD0850987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCrypto_debug" */ = {
			isa = XCConfigurationList;
			buildConfigurations = (
				C27AD0860987FCDA001272E0 /* Development */,
				C27AD0870987FCDA001272E0 /* Deployment */,
				C27AD0880987FCDA001272E0 /* Default */,
			);
			defaultConfigurationIsVisible = 0;
			defaultConfigurationName = Default;
		};
		C27AD0890987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCrypto_profile" */ = {
			isa = XCConfigurationList;
			buildConfigurations = (
				C27AD08A0987FCDA001272E0 /* Development */,
				C27AD08B0987FCDA001272E0 /* Deployment */,
				C27AD08C0987FCDA001272E0 /* Default */,
			);
			defaultConfigurationIsVisible = 0;
			defaultConfigurationName = Default;
		};
		C27AD08D0987FCDA001272E0 /* Build configuration list for PBXAggregateTarget "world" */ = {
			isa = XCConfigurationList;
			buildConfigurations = (
				C27AD08E0987FCDA001272E0 /* Development */,
				C27AD08F0987FCDA001272E0 /* Deployment */,
				C27AD0900987FCDA001272E0 /* Default */,
			);
			defaultConfigurationIsVisible = 0;
			defaultConfigurationName = Default;
		};
		C27AD0910987FCDA001272E0 /* Build configuration list for PBXProject "CommonCrypto" */ = {
			isa = XCConfigurationList;
			buildConfigurations = (
				C27AD0920987FCDA001272E0 /* Development */,
				C27AD0930987FCDA001272E0 /* Deployment */,
				C27AD0940987FCDA001272E0 /* Default */,
			);
			defaultConfigurationIsVisible = 0;
			defaultConfigurationName = Default;
		};
/* End XCConfigurationList section */
	};
	rootObject = 054BBEA605F6A8DE00344873 /* Project object */;
}

Added CommonCrypto/CommonCryptor.h.





































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
/* 
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/*!
	@header		CommonCryptor.h
	@abstract	Generic interface for symmetric encryption. 
	
	@discussion	This interface provides access to a number of symmetric encryption
				algorithms. Symmetric encryption algorithms come in two "flavors" - 
				block ciphers, and stream ciphers. Block ciphers process data
				(while both encrypting and decrypting) in discrete chunks of 
				data called blocks; stream ciphers operate on arbitrary sized
				data. 
				
				The object declared in this interface, CCCryptor, provides
				access to both block ciphers and stream ciphers with the same
				API; however some options are available for block ciphers that
				do not apply to stream ciphers. 
				
				The general operation of a CCCryptor is: initialize it
				with raw key data and other optional fields with CCCryptorCreate(); 
				process input data via one or more calls to CCCryptorUpdate(), 
				each of which may result in output data being written to 
				caller-supplied memory; and obtain possible remaining output data 
				with CCCryptorFinal(). The CCCryptor is disposed of via 
				CCCryptorRelease(), or it can be reused (with the same key data 
				as provided to CCCryptorCreate()) by calling CCCryptorReset(). 
				
				CCCryptors can be dynamically allocated by this module, or 
				their memory can be allocated by the caller. See discussion for
				CCCryptorCreate() and CCCryptorCreateFromData() for information 
				on CCCryptor allocation.
				
				One option for block ciphers is padding, as defined in PKCS7;
				when padding is enabled, the total amount of data encrypted
				does not have to be an even multiple of the block size, and 
				the actual length of plaintext is calculated during decryption. 
				
				Another option for block ciphers is Cipher Block Chaining, known
				as CBC mode. When using CBC mode, an Initialization Vector (IV)
				is provided along with the key when starting an encrypt
				or decrypt operation. If CBC mode is selected and no IV is 
				provided, an IV of all zeroes will be used. 
				
				CCCryptor also implements block bufferring, so that individual
				calls to CCCryptorUpdate() do not have to provide data whose length
				is aligned to the block size. (If padding is disabled, encrypting
				with block ciphers does require that the *total* length of data
				input to CCCryptorUpdate() call(s) be aligned to the block size.)
	
				A given CCCryptor can only be used by one thread at a time;
				multiple threads can use safely different CCCryptors at the
				same time. 				
*/

#ifndef	_CC_COMMON_CRYPTOR_
#define	_CC_COMMON_CRYPTOR_

#include <stdbool.h>
#include <stdint.h>
#include <stddef.h>

#ifdef __cplusplus
extern "C" {
#endif

/*!
	@typedef	CCCryptorRef
	@abstract	Opaque reference to a CCCryptor object.
 */
typedef struct _CCCryptor *CCCryptorRef;

/*!
	@enum		CCCryptorStatus
	@abstract	Return values from CommonCryptor operations.
	
	@constant	kCCSuccess			Operation completed normally.
	@constant	kCCParamError		Illegal parameter value.
	@constant	kCCBufferTooSmall	Insufficent buffer provided for specified operation.
	@constant	kCCMemoryFailure	Memory allocation failure. 
	@constant	kCCAlignmentError	Input size was not aligned properly. 
	@constant	kCCDecodeError		Input data did not decode or decrypt properly.
	@constant	kCCUnimplemented	Function not implemented for the current algorithm.
 */
enum {
	kCCSuccess			= 0,
	kCCParamError		= -4300,
	kCCBufferTooSmall	= -4301,
	kCCMemoryFailure	= -4302,
	kCCAlignmentError	= -4303,
	kCCDecodeError		= -4304,
	kCCUnimplemented	= -4305
};
typedef int32_t CCCryptorStatus;

/*!
	@enum		CCOperation
	@abstract	Operations that an CCCryptor can perform.
	
	@constant	kCCEncrypt	Symmetric encryption.
	@constant	kCCDecrypt	Symmetric decryption.
*/
enum {
	kCCEncrypt = 0,	
	kCCDecrypt,		
};
typedef uint32_t CCOperation;

/*!
	@enum		CCAlgorithm
	@abstract	Encryption algorithms implemented by this module.
	
	@constant	kCCAlgorithmAES128	Advanced Encryption Standard, 128-bit block
	@constant	kCCAlgorithmDES		Data Encryption Standard
	@constant	kCCAlgorithm3DES	Triple-DES, three key, EDE configuration
	@constant	kCCAlgorithmCAST	CAST
	@constant	kCCAlgorithmRC4		RC4 stream cipher
*/
enum {
	kCCAlgorithmAES128 = 0,
	kCCAlgorithmDES,		
	kCCAlgorithm3DES,		
	kCCAlgorithmCAST,		
	kCCAlgorithmRC4,
	kCCAlgorithmRC2		
};
typedef uint32_t CCAlgorithm;

/*!
	@enum		CCOptions
	@abstract	Options flags, passed to CCCryptorCreate().
	
	@constant	kCCOptionPKCS7Padding	Perform PKCS7 padding. 
	@constant	kCCOptionECBMode		Electronic Code Book Mode. 
										Default is CBC.
*/
enum {
	/* options for block ciphers */
	kCCOptionPKCS7Padding	= 0x0001,
	kCCOptionECBMode		= 0x0002
	/* stream ciphers currently have no options */
};
typedef uint32_t CCOptions;

/*!
	@enum			Key sizes
	
	@discussion		Key sizes, in bytes, for supported algorithms. 
	
	@constant kCCKeySizeAES128		128 bit AES key size.
	@constant kCCKeySizeAES192		192 bit AES key size.
	@constant kCCKeySizeAES256		256 bit AES key size.
	@constant kCCKeySizeDES			DES key size.
	@constant kCCKeySize3DES		Triple DES key size.
	@constant kCCKeySizeMinCAST		CAST minimum key size.
	@constant kCCKeySizeMaxCAST		CAST maximum key size.
	@constant kCCKeySizeMinRC4		RC4 minimum key size.
	@constant kCCKeySizeMaxRC4		RC4 maximum key size.
	
	@discussion		DES and TripleDES have fixed key sizes.
					AES has three discrete key sizes.
					CAST and RC4 have variable key sizes.
*/
enum {
	kCCKeySizeAES128	= 16,
	kCCKeySizeAES192	= 24,
	kCCKeySizeAES256	= 32,
	kCCKeySizeDES		= 8,
	kCCKeySize3DES		= 24,
	kCCKeySizeMinCAST	= 5,
	kCCKeySizeMaxCAST	= 16,
	kCCKeySizeMinRC4	= 1,
	kCCKeySizeMaxRC4	= 512,
	kCCKeySizeMinRC2	= 1,
	kCCKeySizeMaxRC2	= 128
};

/*!
	@enum			Block sizes
	
	@discussion		Block sizes, in bytes, for supported algorithms. 
	
	@constant kCCBlockSizeAES128	AES block size (currently, only 128-bit 
									blocks are supported).
	@constant kCCBlockSizeDES		DES block size.
	@constant kCCBlockSize3DES		Triple DES block size.
	@constant kCCBlockSizeCAST		CAST block size.
*/
enum {
	/* AES */
	kCCBlockSizeAES128	= 16,
	/* DES */
	kCCBlockSizeDES		= 8,
	/* 3DES */
	kCCBlockSize3DES	= 8,
	/* CAST */
	kCCBlockSizeCAST	= 8,
	kCCBlockSizeRC2		= 8,
};

/*!
	@enum		Minimum context sizes
	@discussion	Minimum context sizes, for caller-allocated CCCryptorRefs.
				To minimize dynamic allocation memory, a caller can create 
				a CCCryptorRef by passing caller-supplied memory to the 
				CCCryptorCreateFromData() function.
	
				These constants define the minimum amount of memory, in 
				bytes, needed for CCCryptorRefs for each supported algorithm. 
	
				Note: these constants are valid for the current version of 
				this library; they may change in subsequent releases, so 
				applications wishing to allocate their own memory for use 
				in creating CCCryptorRefs must be prepared to deal with 
				a kCCBufferTooSmall return from CCCryptorCreateFromData().
				See discussion for the CCCryptorCreateFromData() function.
	
	@constant kCCContextSizeAES128		Minimum context size for kCCAlgorithmAES128.
	@constant kCCContextSizeDES			Minimum context size for kCCAlgorithmAES128.
	@constant kCCContextSize3DES		Minimum context size for kCCAlgorithmAES128.
	@constant kCCContextSizeCAST		Minimum context size for kCCAlgorithmCAST.
	@constant kCCContextSizeRC4			Minimum context size for kCCAlgorithmRC4.
*/
enum {
	kCCContextSizeAES128	= 404,
	kCCContextSizeDES		= 240,
	kCCContextSize3DES		= 496,
	kCCContextSizeCAST		= 240,
	kCCContextSizeRC4		= 1072
};

/*!
	@function	CCCryptorCreate
	@abstract	Create a cryptographic context. 
	
	@param		op			Defines the basic operation: kCCEncrypt or kCCDecrypt.
	
	@param		alg			Defines the algorithm.
	
	@param		options		A word of flags defining options. See discussion
							for the CCOptions type.
							
	@param		key			Raw key material, length keyLength bytes. 
	
	@param		keyLength	Length of key material. Must be appropriate 
							for	the selected operation and algorithm. Some 
							algorithms  provide for varying key lengths.

	@param		iv			Initialization vector, optional. Used by 
							block ciphers when Cipher Block Chaining (CBC) 
							mode is enabled. If present, must be the same
							length as the selected algorithm's block size. 
							If CBC mode is selected (by the absence of the 
							kCCOptionECBMode bit in the options flags) and no 
							IV is present, a NULL (all zeroes) IV will be used. 
							This parameter is ignored if ECB mode is used or
							if a stream cipher algorithm is selected. 

	@param		cryptorRef	A (required) pointer to the returned CCCryptorRef. 

	@result		Possible error returns are kCCParamError and kCCMemoryFailure.
*/
CCCryptorStatus CCCryptorCreate(
	CCOperation op,             /* kCCEncrypt, etc. */
	CCAlgorithm alg,            /* kCCAlgorithmDES, etc. */
	CCOptions options,          /* kCCOptionPKCS7Padding, etc. */
	const void *key,            /* raw key material */
	size_t keyLength,	
	const void *iv,             /* optional initialization vector */
	CCCryptorRef *cryptorRef);  /* RETURNED */

/*!
	@function	CCCryptorCreateFromData
	@abstract	Create a cryptographic context using caller-supplied memory. 
	
	@param		op			Defines the basic operation: kCCEncrypt or kCCDecrypt.
	
	@param		alg			Defines the algorithm.
	
	@param		options		A word of flags defining options. See discussion
							for the CCOptions type.
							
	@param		key			Raw key material, length keyLength bytes. 
	
	@param		keyLength	Length of key material. Must be appropriate 
							for	the selected operation and algorithm. Some 
							algorithms  provide for varying key lengths.

	@param		iv			Initialization vector, optional. Used by 
							block ciphers when Cipher Block Chaining (CBC) 
							mode is enabled. If present, must be the same
							length as the selected algorithm's block size. 
							If CBC mode is selected (by the absence of the 
							kCCOptionECBMode bit in the options flags) and no 
							IV is present, a NULL (all zeroes) IV will be used. 
							This parameter is ignored if ECB mode is used or
							if a stream cipher algorithm is selected. 

	@param		data		A pointer to caller-supplied memory from which the 
							CCCryptorRef will be created. 
							
	@param		dataLength	The size of the caller-supplied memory in bytes. 
	
	@param		cryptorRef	A (required) pointer to the returned CCCryptorRef. 
	
	@param		dataUsed	Optional. If present, the actual number of bytes of 
							the caller-supplied memory which was consumed by
							creation of the CCCryptorRef is returned here. Also,
							if the supplied memory is of insufficent size to create
							a CCCryptorRef, kCCBufferTooSmall is returned, and
							the minimum required buffer size is returned via this
							parameter if present. 
								
	@result		Possible error returns are kCCParamError and kCCBufferTooSmall.
				
	@discussion	The CCCryptorRef created by this function *may* be disposed of
				via CCCRyptorRelease; that call is not strictly necessary, but
				if it's not performed, good security practice dictates that the
				caller should zero the memory provided to create the CCCryptorRef
				when the caller is finished using the CCCryptorRef. 
*/
CCCryptorStatus CCCryptorCreateFromData(
	CCOperation op,             /* kCCEncrypt, etc. */
	CCAlgorithm alg,            /* kCCAlgorithmDES, etc. */
	CCOptions options,          /* kCCOptionPKCS7Padding, etc. */
	const void *key,            /* raw key material */
	size_t keyLength,	
	const void *iv,             /* optional initialization vector */
	const void *data,			/* caller-supplied memory */
	size_t dataLength,			/* length of data in bytes */
	CCCryptorRef *cryptorRef,   /* RETURNED */
	size_t *dataUsed);			/* optional, RETURNED */

/*!
	@function	CCCryptorRelease
	@abstract	Free a context created by CCCryptorCreate or 
				CCCryptorCreateFromData().
	
	@param		cryptorRef	The CCCryptorRef to release.
	
	@result		The only possible error return is kCCParamError resulting
				from passing in a null CCCryptorRef. 
*/
CCCryptorStatus CCCryptorRelease(
	CCCryptorRef cryptorRef);
	
/*!
	@function	CCCryptorUpdate
	@abstract	Process (encrypt, decrypt) some data. The result, if any,
				is written to a caller-provided buffer. 
				
	@param		cryptorRef		A CCCryptorRef created via CCCryptorCreate() or
								CCCryptorCreateFromData().
	@param		dataIn			Data to process, length dataInLength bytes.
	@param		dataInLength	Length of data to process.
	@param		dataOut			Result is written here. Allocated by caller. 
								Encryption and decryption can be performed
								"in-place", with the same buffer used for 
								input and output. 
	@param		dataOutAvailable The size of the dataOut buffer in bytes.  
	@param		dataOutMoved	On successful return, the number of bytes written 
								to dataOut.
								
	@result		kCCBufferTooSmall indicates insufficent space in the dataOut
								buffer. The caller can use CCCryptorGetOutputLength() 
								to determine the required output buffer size in this 
								case. The operation can be retried; no state is lost 
								when this is returned. 
								
	@discussion	This routine can be called multiple times. The caller does
				not need to align input data lengths to block sizes; input is
				bufferred as necessary for block ciphers. 
				 
				When performing symmetric encryption with block ciphers,
				and padding is enabled via kCCOptionPKCS7Padding, the total
				number of bytes provided by all the calls to this function 
				when encrypting can be arbitrary (i.e., the total number
				of bytes does not have to be block aligned). However if
				padding is disabled, or when decrypting, the total number
				of bytes does have to be aligned to the block size; otherwise
				CCCryptFinal() will return kCCAlignmentError. 
				
				A general rule for the size of the output buffer which must be
				provided by the caller is that for block ciphers, the output 
				length is never larger than the input length plus the block size.
				For stream ciphers, the output length is always exactly the same
				as the input length. See the discussion for CCCryptorGetOutputLength()
				for more information on this topic. 
				 
				Generally, when all data has been processed, call CCCryptorFinal().
				In the following cases, the CCCryptorFinal() is superfluous as
				it will not yield any data nor return an error:
				1. Encrypting or decrypting with a block cipher with padding 
				   disabled, when the total amount of data provided to 
				   CCCryptorUpdate() is an integral multiple of the block size. 
				2. Encrypting or decrypting with a stream cipher. 
 */
CCCryptorStatus CCCryptorUpdate(
	CCCryptorRef cryptorRef,
	const void *dataIn,
	size_t dataInLength,
	void *dataOut,				/* data RETURNED here */
	size_t dataOutAvailable,
	size_t *dataOutMoved);		/* number of bytes written */

/*!
	@function	CCCryptorFinal
	@abstract	Finish an encrypt or decrypt operation, and obtain the (possible)
				final data output. 
			
	@param		cryptorRef		A CCCryptorRef created via CCCryptorCreate() or
								CCCryptorCreateFromData().
	@param		dataOut			Result is written here. Allocated by caller. 
	@param		dataOutAvailable The size of the dataOut buffer in bytes.  
	@param		dataOutMoved	On successful return, the number of bytes written 
								to dataOut.
		
	@result		kCCBufferTooSmall indicates insufficent space in the dataOut
								buffer. The caller can use CCCryptorGetOutputLength() 
								to determine the required output buffer size in this 
								case. The operation can be retried; no state is lost 
								when this is returned. 
				kCCAlignmentError When decrypting, or when encrypting with a
								block cipher with padding disabled, 
								kCCAlignmentError will be returned if the total 
								number of bytes provided to CCCryptUpdate() is 
								not an integral multiple of	the current 
								algorithm's block size. 
				kCCDecodeError  Indicates garbled ciphertext or the 
								wrong key during decryption. This can only
								be returned while decrypting with padding
								enabled. 
								
	@discussion	Except when kCCBufferTooSmall is returned, the CCCryptorRef
				can no longer be used for subsequent operations unless
				CCCryptorReset() is called on it. 
				
				It is not necessary to call CCCryptorFinal() when performing 
				symmetric encryption or decryption if padding is disabled, or
				when using a stream cipher.  
				
				It is not necessary to call CCCryptorFinal() prior to 
				CCCryptorRelease() when aborting an operation.
 */
CCCryptorStatus CCCryptorFinal(
	CCCryptorRef cryptorRef,
	void *dataOut,
	size_t dataOutAvailable,
	size_t *dataOutMoved);		/* number of bytes written */

/*!
	@function	CCCryptorGetOutputLength
	@abstract	Determine output buffer size required to process a given input size. 
	
	@param		cryptorRef	A CCCryptorRef created via CCCryptorCreate() or
							CCCryptorCreateFromData().
	@param		inputLength	The length of data which will be provided to 
							CCCryptorUpdate().
	@param		final		If false, the returned value will indicate the output 
							buffer space needed when 'inputLength' bytes are 
							provided to	CCCryptorUpdate(). When 'final' is true, 
							the returned value will indicate the total combined 
							buffer space needed when 'inputLength' bytes are 
							provided to	CCCryptorUpdate() and then CCCryptorFinal()
							is called. 
							
	@result The maximum buffer space need to perform CCCryptorUpdate() and optionally
			CCCryptorFinal(). 
			
	@discussion	Some general rules apply that allow clients of this module to
				know a priori how much output buffer space will be required
				in a given situation. For stream ciphers, the output size is
				always equal to the input size, and CCCryptorFinal() never 
				produces any data. For block ciphers, the output size will
				always be less than or equal to the input size plus the size
				of one block. For block ciphers, if the input size provided 
				to each call to CCCryptorUpdate() is is an integral multiple 
				of the block size, then the output size for each call to 
				CCCryptorUpdate() is less than or equal to the input size
				for that call to CCCryptorUpdate(). CCCryptorFinal() only 
				produces output when using a block cipher with padding enabled. 
*/
size_t CCCryptorGetOutputLength(
	CCCryptorRef cryptorRef,
	size_t inputLength,
	bool final);
	
/*!
	@function	CCCryptorReset
	@abstract	Reinitializes an existing CCCryptorRef with a (possibly)
				new initialization vector. The CCCryptorRef's key is
				unchanged. Not implemented for stream ciphers. 
				
	@param		cryptorRef	A CCCryptorRef created via CCCryptorCreate() or
							CCCryptorCreateFromData().
	@param		iv			Optional initialization vector; if present, must
							be the same size as the current algorithm's block
							size. 
							
	@result		The the only possible errors are kCCParamError and 
				kCCUnimplemented.
	
	@discussion This can be called on a CCCryptorRef with data pending (i.e.
				in a padded mode operation before CCCryptFinal is called); 
				however any pending data will be lost in that case. 
*/
CCCryptorStatus CCCryptorReset(
	CCCryptorRef cryptorRef,
	const void *iv);

/*!
	@function	CCCrypt
	@abstract	Stateless, one-shot encrypt or decrypt operation.
				This basically performs a sequence of CCCrytorCreate(),
				CCCryptorUpdate(), CCCryptorFinal(), and CCCryptorRelease().
	
	@param		alg				Defines the encryption algorithm.
	
	
	@param		op				Defines the basic operation: kCCEncrypt or kCCDecrypt.
	
	@param		options			A word of flags defining options. See discussion
								for the CCOptions type.
	
	@param		key				Raw key material, length keyLength bytes. 
	
	@param		keyLength		Length of key material. Must be appropriate 
								for	the select algorithm. Some algorithms may 
								provide for varying key lengths.
	
	@param		iv				Initialization vector, optional. Used for 
								Cipher Block Chaining (CBC) mode. If present, 
								must be the same length as the selected 
								algorithm's block size. If CBC mode is
								selected (by the absence of any mode bits in 
								the options	flags) and no IV is present, a 
								NULL (all zeroes) IV will be used. This is 
								ignored if ECB mode is used or if a stream 
								cipher algorithm is selected. 
	
	@param		dataIn			Data to encrypt or decrypt, length dataInLength 
								bytes. 
	
	@param		dataInLength	Length of data to encrypt or decrypt.
	
	@param		dataOut			Result is written here. Allocated by caller. 
								Encryption and decryption can be performed
								"in-place", with the same buffer used for 
								input and output. 
	
	@param		dataOutAvailable The size of the dataOut buffer in bytes.  
	
	@param		dataOutMoved	On successful return, the number of bytes written 
								to dataOut. If kCCBufferTooSmall is returned as 
								a result of insufficient buffer space being 
								provided, the required buffer space is returned
								here. 
		
	@result		kCCBufferTooSmall indicates insufficent space in the dataOut
								buffer. In this case, the *dataOutMoved 
								parameter will indicate the size of the buffer
								needed to complete the operation. The 
								operation can be retried with minimal runtime 
								penalty. 
				kCCAlignmentError indicates that dataInLength was not properly 
								algined. This can only be returned for block 
								ciphers, and then only when decrypting or when 
								encrypting with block with padding disabled. 
				kCCDecodeError	Indicates improperly formatted ciphertext or
								a "wrong key" error; occurs only during decrypt
								operations. 
 */
CCCryptorStatus CCCrypt(
	CCOperation op,			/* kCCEncrypt, etc. */
	CCAlgorithm alg,		/* kCCAlgorithmAES128, etc. */
	CCOptions options,		/* kCCOptionPKCS7Padding, etc. */
	const void *key,
	size_t keyLength,
	const void *iv,			/* optional initialization vector */
	const void *dataIn,		/* optional per op and alg */
	size_t dataInLength,
	void *dataOut,			/* data RETURNED here */
	size_t dataOutAvailable,
	size_t *dataOutMoved);	

#ifdef __cplusplus
}
#endif

#endif	/* _CC_COMMON_CRYPTOR_ */

Added CommonCrypto/CommonDigest.h.



























































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
/* 
 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/*
 * CommonDigest.h - common digest routines: MD2, MD4, MD5, SHA1.
 */
 
#ifndef	_CC_COMMON_DIGEST_H_
#define _CC_COMMON_DIGEST_H_

#include <stdint.h>

#ifdef __cplusplus
extern "C" {
#endif

/*
 * For compatibility with legacy implementations, the *Init(), *Update(),
 * and *Final() functions declared here *always* return a value of 1 (one). 
 * This corresponds to "success" in the similar openssl implementations. 
 * There are no errors of any kind which can be, or are, reported here, 
 * so you can safely ignore the return values of all of these functions 
 * if you are implementing new code.
 *
 * The one-shot functions (CC_MD2(), CC_SHA1(), etc.) perform digest
 * calculation and place the result in the caller-supplied buffer
 * indicated by the md parameter. They return the md parameter.
 * Unlike the opensssl counterparts, these one-shot functions require
 * a non-NULL md pointer. Passing in NULL for the md parameter 
 * results in a NULL return and no digest calculation. 
 */
 
typedef uint32_t CC_LONG;		/* 32 bit unsigned integer */
typedef uint64_t CC_LONG64;		/* 64 bit unsigned integer */

/*** MD2 ***/

#define CC_MD2_DIGEST_LENGTH	16			/* digest length in bytes */
#define CC_MD2_BLOCK_BYTES		64			/* block size in bytes */
#define CC_MD2_BLOCK_LONG       (CC_MD2_BLOCK_BYTES / sizeof(CC_LONG))

typedef struct CC_MD2state_st
{
    int num;
    unsigned char data[CC_MD2_DIGEST_LENGTH];
    CC_LONG cksm[CC_MD2_BLOCK_LONG];
	CC_LONG state[CC_MD2_BLOCK_LONG];
} CC_MD2_CTX;

extern int CC_MD2_Init(CC_MD2_CTX *c);
extern int CC_MD2_Update(CC_MD2_CTX *c, const void *data, CC_LONG len);
extern int CC_MD2_Final(unsigned char *md, CC_MD2_CTX *c);
extern unsigned char *CC_MD2(const void *data, CC_LONG len, unsigned char *md);

/*** MD4 ***/

#define CC_MD4_DIGEST_LENGTH	16			/* digest length in bytes */
#define CC_MD4_BLOCK_BYTES		64			/* block size in bytes */
#define CC_MD4_BLOCK_LONG       (CC_MD4_BLOCK_BYTES / sizeof(CC_LONG))

typedef struct CC_MD4state_st
{
	CC_LONG A,B,C,D;
	CC_LONG Nl,Nh;
	CC_LONG data[CC_MD4_BLOCK_LONG];
	int num;
} CC_MD4_CTX;

extern int CC_MD4_Init(CC_MD4_CTX *c);
extern int CC_MD4_Update(CC_MD4_CTX *c, const void *data, CC_LONG len);
extern int CC_MD4_Final(unsigned char *md, CC_MD4_CTX *c);
extern unsigned char *CC_MD4(const void *data, CC_LONG len, unsigned char *md);

/*** MD5 ***/

#define CC_MD5_DIGEST_LENGTH	16			/* digest length in bytes */
#define CC_MD5_BLOCK_BYTES		64			/* block size in bytes */
#define CC_MD5_BLOCK_LONG       (CC_MD5_BLOCK_BYTES / sizeof(CC_LONG))

typedef struct CC_MD5state_st
{
	CC_LONG A,B,C,D;
	CC_LONG Nl,Nh;
	CC_LONG data[CC_MD5_BLOCK_LONG];
	int num;
} CC_MD5_CTX;

extern int CC_MD5_Init(CC_MD5_CTX *c);
extern int CC_MD5_Update(CC_MD5_CTX *c, const void *data, CC_LONG len);
extern int CC_MD5_Final(unsigned char *md, CC_MD5_CTX *c);
extern unsigned char *CC_MD5(const void *data, CC_LONG len, unsigned char *md);

/*** SHA1 ***/

#define CC_SHA1_DIGEST_LENGTH	20			/* digest length in bytes */
#define CC_SHA1_BLOCK_BYTES		64			/* block size in bytes */
#define CC_SHA1_BLOCK_LONG      (CC_SHA1_BLOCK_BYTES / sizeof(CC_LONG))

typedef struct CC_SHA1state_st
{
	CC_LONG h0,h1,h2,h3,h4;
	CC_LONG Nl,Nh;
	CC_LONG data[CC_SHA1_BLOCK_LONG];
	int num;
} CC_SHA1_CTX;

extern int CC_SHA1_Init(CC_SHA1_CTX *c);
extern int CC_SHA1_Update(CC_SHA1_CTX *c, const void *data, CC_LONG len);
extern int CC_SHA1_Final(unsigned char *md, CC_SHA1_CTX *c);
extern unsigned char *CC_SHA1(const void *data, CC_LONG len, unsigned char *md);

/*** SHA224 ***/
#define CC_SHA224_DIGEST_LENGTH		28			/* digest length in bytes */
#define CC_SHA224_BLOCK_BYTES		64			/* block size in bytes */

/* same context struct is used for SHA224 and SHA256 */
typedef struct CC_SHA256state_st
{   CC_LONG count[2];
    CC_LONG hash[8];
    CC_LONG wbuf[16];
} CC_SHA256_CTX;

extern int CC_SHA224_Init(CC_SHA256_CTX *c);
extern int CC_SHA224_Update(CC_SHA256_CTX *c, const void *data, CC_LONG len);
extern int CC_SHA224_Final(unsigned char *md, CC_SHA256_CTX *c);
extern unsigned char *CC_SHA224(const void *data, CC_LONG len, unsigned char *md);

/*** SHA256 ***/

#define CC_SHA256_DIGEST_LENGTH		32			/* digest length in bytes */
#define CC_SHA256_BLOCK_BYTES		64			/* block size in bytes */

extern int CC_SHA256_Init(CC_SHA256_CTX *c);
extern int CC_SHA256_Update(CC_SHA256_CTX *c, const void *data, CC_LONG len);
extern int CC_SHA256_Final(unsigned char *md, CC_SHA256_CTX *c);
extern unsigned char *CC_SHA256(const void *data, CC_LONG len, unsigned char *md);

/*** SHA384 ***/

#define CC_SHA384_DIGEST_LENGTH		48			/* digest length in bytes */
#define CC_SHA384_BLOCK_BYTES      128			/* block size in bytes */

/* same context struct is used for SHA384 and SHA512 */
typedef struct CC_SHA512state_st
{   CC_LONG64 count[2];
    CC_LONG64 hash[8];
    CC_LONG64 wbuf[16];
} CC_SHA512_CTX;

extern int CC_SHA384_Init(CC_SHA512_CTX *c);
extern int CC_SHA384_Update(CC_SHA512_CTX *c, const void *data, CC_LONG len);
extern int CC_SHA384_Final(unsigned char *md, CC_SHA512_CTX *c);
extern unsigned char *CC_SHA384(const void *data, CC_LONG len, unsigned char *md);

/*** SHA512 ***/

#define CC_SHA512_DIGEST_LENGTH		64			/* digest length in bytes */
#define CC_SHA512_BLOCK_BYTES      128			/* block size in bytes */

extern int CC_SHA512_Init(CC_SHA512_CTX *c);
extern int CC_SHA512_Update(CC_SHA512_CTX *c, const void *data, CC_LONG len);
extern int CC_SHA512_Final(unsigned char *md, CC_SHA512_CTX *c);
extern unsigned char *CC_SHA512(const void *data, CC_LONG len, unsigned char *md);

/*
 * To use the above digest functions with existing code which uses
 * the corresponding openssl functions, #define the symbol 
 * COMMON_DIGEST_FOR_OPENSSL in your client code (BEFORE including
 * this file), and simply link against libSystem (or System.framework)
 * instead of libcrypto.
 *
 * You can *NOT* mix and match functions operating on a given data
 * type from the two implementations; i.e., if you do a CC_MD5_Init()
 * on a CC_MD5_CTX object, do not assume that you can do an openssl-style
 * MD5_Update() on that same context.
 */
 
#ifdef	COMMON_DIGEST_FOR_OPENSSL

#define MD2_DIGEST_LENGTH			CC_MD2_DIGEST_LENGTH
#define MD2_CTX						CC_MD2_CTX
#define MD2_Init					CC_MD2_Init
#define MD2_Update					CC_MD2_Update
#define MD2_Final					CC_MD2_Final

#define MD4_DIGEST_LENGTH			CC_MD4_DIGEST_LENGTH
#define MD4_CTX						CC_MD4_CTX
#define MD4_Init					CC_MD4_Init
#define MD4_Update					CC_MD4_Update
#define MD4_Final					CC_MD4_Final

#define MD5_DIGEST_LENGTH			CC_MD5_DIGEST_LENGTH
#define MD5_CTX						CC_MD5_CTX
#define MD5_Init					CC_MD5_Init
#define MD5_Update					CC_MD5_Update
#define MD5_Final					CC_MD5_Final

#define SHA_DIGEST_LENGTH			CC_SHA1_DIGEST_LENGTH
#define SHA_CTX						CC_SHA1_CTX
#define SHA1_Init					CC_SHA1_Init
#define SHA1_Update					CC_SHA1_Update
#define SHA1_Final					CC_SHA1_Final

#define SHA224_DIGEST_LENGTH		CC_SHA224_DIGEST_LENGTH
#define SHA256_CTX					CC_SHA256_CTX
#define SHA224_Init					CC_SHA224_Init
#define SHA224_Update				CC_SHA224_Update
#define SHA224_Final				CC_SHA224_Final

#define SHA256_DIGEST_LENGTH		CC_SHA256_DIGEST_LENGTH
#define SHA256_Init					CC_SHA256_Init
#define SHA256_Update				CC_SHA256_Update
#define SHA256_Final				CC_SHA256_Final

#define SHA384_DIGEST_LENGTH		CC_SHA384_DIGEST_LENGTH
#define SHA512_CTX					CC_SHA512_CTX
#define SHA384_Init					CC_SHA384_Init
#define SHA384_Update				CC_SHA384_Update
#define SHA384_Final				CC_SHA384_Final

#define SHA512_DIGEST_LENGTH		CC_SHA512_DIGEST_LENGTH
#define SHA512_Init					CC_SHA512_Init
#define SHA512_Update				CC_SHA512_Update
#define SHA512_Final				CC_SHA512_Final


#endif	/* COMMON_DIGEST_FOR_OPENSSL */

/*
 * In a manner similar to that described above for openssl 
 * compatibility, these macros can be used to provide compatiblity 
 * with legacy implementations of MD5 using the interface defined 
 * in RFC 1321.
 */
 
#ifdef	COMMON_DIGEST_FOR_RFC_1321

#define MD5_CTX						CC_MD5_CTX
#define MD5Init						CC_MD5_Init
#define MD5Update					CC_MD5_Update
void MD5Final (unsigned char [16], MD5_CTX *);

#endif	/* COMMON_DIGEST_FOR_RFC_1321 */

#ifdef __cplusplus
}
#endif

#endif	/* _CC_COMMON_DIGEST_H_ */

Added CommonCrypto/CommonHMAC.h.













































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
/* 
 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/*!
	@header		CommonHMAC.h
	@abstract	Keyed Message Authentication Code (HMAC) functions.
 */
 
#ifndef	_CC_COMMON_HMAC_H_
#define _CC_COMMON_HMAC_H_

#include <CommonCrypto/CommonDigest.h>
#include <sys/types.h>

#ifdef __cplusplus
extern "C" {
#endif

/*!
	@enum		CCHmacAlgorithm
	@abstract	Algorithms implemented in this module.

	@constant	kCCHmacAlgSHA1		HMAC with SHA1 digest
	@constant	kCCHmacAlgMD5		HMAC with MD5 digest
	@constant	kCCHmacAlgSHA256	HMAC with SHA256 digest
	@constant	kCCHmacAlgSHA384	HMAC with SHA384 digest
	@constant	kCCHmacAlgSHA512	HMAC with SHA512 digest
	@constant	kCCHmacAlgSHA224	HMAC with SHA224 digest
 */
enum {
	kCCHmacAlgSHA1,
	kCCHmacAlgMD5,
	kCCHmacAlgSHA256,
	kCCHmacAlgSHA384,
	kCCHmacAlgSHA512,
	kCCHmacAlgSHA224
};
typedef uint32_t CCHmacAlgorithm;

/*!
	@typedef	CCHmacContext
	@abstract	HMAC context. 
 */
#define CC_HMAC_CONTEXT_SIZE	96	
typedef struct {
	uint32_t			ctx[CC_HMAC_CONTEXT_SIZE];
} CCHmacContext;

/*!
	@function	CCHmacInit
	@abstract	Initialize an CCHmacContext with provided raw key bytes.
	
	@param		ctx			An HMAC context.
	@param		algorithm	HMAC algorithm to perform. 
	@param		key			Raw key bytes.
	@param		keyLength	Length of raw key bytes; can be any 
							length including zero. 
 */
void CCHmacInit(
	CCHmacContext *ctx, 
	CCHmacAlgorithm algorithm,	
	const void *key,
	size_t keyLength);			
	
/*!
	@function	CCHmacUpdate
	@abstract	Process some data.
	
	@param		ctx			An HMAC context.
	@param		data		Data to process.
	@param		dataLength	Length of data to process, in bytes.
	
	@discussion	This can be called multiple times.
 */
void CCHmacUpdate(
	CCHmacContext *ctx, 
	const void *data,
	size_t dataLength);		
	
/*!
	@function	CCHmacFinal
	@abstract	Obtain the final Message Authentication Code.
	
	@param		ctx			An HMAC context.
	@param		macOut		Destination of MAC; allocated by caller. 
	
	@discussion	The length of the MAC written to *macOut is the same as 
				the digest length associated with the HMAC algorithm:
	
				kCCHmacSHA1 : CC_SHA1_DIGEST_LENGTH
				
				kCCHmacMD5  : CC_MD5_DIGEST_LENGTH
 */
void CCHmacFinal(
	CCHmacContext *ctx, 
	void *macOut);		
	
/*
 * Stateless, one-shot HMAC function. 
 * Output is written to caller-supplied buffer, as in CCHmacFinal().
 */
void CCHmac(
	CCHmacAlgorithm algorithm,	/* kCCHmacSHA1, kCCHmacMD5 */
	const void *key,
	size_t keyLength,			/* length of key in bytes */
	const void *data,
	size_t dataLength,			/* length of data in bytes */
	void *macOut);				/* MAC written here */

#ifdef __cplusplus
}
#endif

#endif	/* _CC_COMMON_HMAC_H_ */

Added LocalTests/ccSymTest.cpp.

























































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
/* Copyright 2006 Apple Computer, Inc.
 *
 * ccSymTest.c - test CommonCrypto symmetric encrypt/decrypt.
 */
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include <sys/types.h>
#include <CommonCrypto/CommonCryptor.h>
#include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
#include "common.h"

/*
 * Defaults.
 */
#define LOOPS_DEF		500
#define MIN_DATA_SIZE	8
#define MAX_DATA_SIZE	10000						/* bytes */
#define MAX_KEY_SIZE	kCCKeySizeMaxRC4			/* bytes */
#define MAX_BLOCK_SIZE	kCCBlockSizeAES128			/* bytes */
#define LOOP_NOTIFY		250

/*
 * Enumerate algs our own way to allow iteration.
 */
typedef enum {
	ALG_AES_128 = 1,	/* 128 bit block, 128 bit key */
	ALG_AES_192,		/* 128 bit block, 192 bit key */
	ALG_AES_256,		/* 128 bit block, 256 bit key */
	ALG_DES,
	ALG_3DES,
	ALG_CAST,
	ALG_RC4,
	/* these aren't in CommonCrypto (yet?) */
	ALG_RC2,
	ALG_RC5,
	ALG_BFISH,
	ALG_ASC,
	ALG_NULL					/* normally not used */
} SymAlg;
#define ALG_FIRST			ALG_AES_128
#define ALG_LAST			ALG_RC4


#define LOG_SIZE			0
#if		LOG_SIZE
#define logSize(s)	printf s
#else
#define logSize(s)
#endif

static void usage(char **argv)
{
	printf("usage: %s [options]\n", argv[0]);
	printf("   Options:\n");
	printf("   a=algorithm (d=DES; 3=3DES; a=AES128; n=AES192; A=AES256; \n");
	printf("     c=CAST; 4=RC4; default=all)\n");
	printf("   l=loops (default=%d; 0=forever)\n", LOOPS_DEF);
	printf("   m=maxPtextSize (default=%d)\n", MAX_DATA_SIZE);
	printf("   n=minPtextSize (default=%d)\n", MIN_DATA_SIZE);
	printf("   k=keySizeInBytes\n");
	printf("   p=pauseInterval (default=0, no pause)\n");
	printf("   o (no padding, well-aligned plaintext)\n");
	printf("   e (ECB only)\n");
	printf("   E (CBC only, no ECB)\n");
	printf("   u (no multi-update ops)\n");
	printf("   U (only multi-update ops)\n");
	printf("   x (always allocate context)\n");
	printf("   X (never allocate context)\n");
	printf("   v(erbose)\n");
	printf("   q(uiet)\n");
	printf("   h(elp)\n");
	exit(1);
}

static void printCCError(const char *str, CCCryptorStatus crtn)
{
	const char *errStr;
	char unknownStr[200];
	
	switch(crtn) {
		case kCCSuccess: errStr = "kCCSuccess"; break;
		case kCCParamError: errStr = "kCCParamError"; break;
		case kCCBufferTooSmall: errStr = "kCCBufferTooSmall"; break;
		case kCCMemoryFailure: errStr = "kCCMemoryFailure"; break;
		case kCCAlignmentError: errStr = "kCCAlignmentError"; break;
		case kCCDecodeError: errStr = "kCCDecodeError"; break;
		case kCCUnimplemented: errStr = "kCCUnimplemented"; break;
		default:
			sprintf(unknownStr, "Unknown(%ld)\n", (long)crtn);
			errStr = unknownStr;
			break;
	}
	printf("***%s returned %s\n", str, errStr);
}

/* max context size */
#define CC_MAX_CTX_SIZE	kCCContextSizeRC4

/* 
 * We write a marker at end of expected output and at end of caller-allocated 
 * CCCryptorRef, and check at the end to make sure they weren't written 
 */
#define MARKER_LENGTH	8
#define MARKER_BYTE		0x7e

/* 
 * Test harness for CCCryptor with lots of options. 
 */
CCCryptorStatus doCCCrypt(
	bool forEncrypt,
	CCAlgorithm encrAlg,			
	bool doCbc,
	bool doPadding,
	const void *keyBytes, size_t keyLen,
	const void *iv,
	bool randUpdates,
	bool inPlace,								/* !doPadding only */
	size_t ctxSize,								/* if nonzero, we allocate ctx */
	bool askOutSize,
	const uint8_t *inText, size_t inTextLen,
	uint8_t **outText, size_t *outTextLen)		/* both returned, WE malloc */
{
	CCCryptorRef	cryptor = NULL;
	CCCryptorStatus crtn;
	CCOperation		op = forEncrypt ? kCCEncrypt : kCCDecrypt;
	CCOptions		options = 0;
	uint8_t			*outBuf = NULL;			/* mallocd output buffer */
	uint8_t			*outp;					/* running ptr into outBuf */
	const uint8		*inp;					/* running ptr into inText */
	size_t			outLen;					/* bytes remaining in outBuf */
	size_t			toMove;					/* bytes remaining in inText */
	size_t			thisMoveOut;			/* output from CCCryptUpdate()/CCCryptFinal() */
	size_t			outBytes;				/* total bytes actually produced in outBuf */
	char			ctx[CC_MAX_CTX_SIZE];	/* for CCCryptorCreateFromData() */
	uint8_t			*textMarker = NULL;		/* 8 bytes of marker here after expected end of 
											 * output */
	char			*ctxMarker = NULL;		/* ditto for caller-provided context */
	unsigned		dex;
	size_t			askedOutSize;			/* from the lib */
	size_t			thisOutLen;				/* dataOutAvailable we use */
	
	if(ctxSize > CC_MAX_CTX_SIZE) {
		printf("***HEY! Adjust CC_MAX_CTX_SIZE!\n");
		exit(1);
	}
	if(!doCbc) {
		options |= kCCOptionECBMode;
	}
	if(doPadding) {
		options |= kCCOptionPKCS7Padding;
	}
	
	/* just hack this one */
	outLen = inTextLen;
	if(forEncrypt) {
		outLen += MAX_BLOCK_SIZE;
	}
	
	outBuf = (uint8_t *)malloc(outLen + MARKER_LENGTH);
	memset(outBuf, 0xEE, outLen + MARKER_LENGTH);
	
	/* library should not touch this memory */
	textMarker = outBuf + outLen;
	memset(textMarker, MARKER_BYTE, MARKER_LENGTH);
	
	/* subsequent errors to errOut: */

	if(inPlace) {
		memmove(outBuf, inText, inTextLen);
		inp = outBuf;
	}
	else {
		inp = inText;
	}

	if(!randUpdates) {
		/* one shot */
		if(askOutSize) {
			crtn = CCCrypt(op, encrAlg, options,
				keyBytes, keyLen, iv,
				inp, inTextLen,
				outBuf, 0, &askedOutSize);
			if(crtn != kCCBufferTooSmall) {
				printf("***Did not get kCCBufferTooSmall as expected\n");
				printf("   alg %d inTextLen %lu cbc %d padding %d keyLen %lu\n",
					(int)encrAlg, (unsigned long)inTextLen, (int)doCbc, (int)doPadding,
					(unsigned long)keyLen);
				printCCError("CCCrypt", crtn);
				crtn = -1;
				goto errOut;
			}
			outLen = askedOutSize;
		}
		crtn = CCCrypt(op, encrAlg, options,
			keyBytes, keyLen, iv,
			inp, inTextLen,
			outBuf, outLen, &outLen);
		if(crtn) {
			printCCError("CCCrypt", crtn);
			goto errOut;
		}
		*outText = outBuf;
		*outTextLen = outLen;
		goto errOut;
	}
	
	/* random multi updates */
	if(ctxSize) {
		size_t ctxSizeCreated;
		
		if(askOutSize) {
			crtn = CCCryptorCreateFromData(op, encrAlg, options,
				keyBytes, keyLen, iv,
				ctx, 0 /* ctxSize */,
				&cryptor, &askedOutSize);
			if(crtn != kCCBufferTooSmall) {
				printf("***Did not get kCCBufferTooSmall as expected\n");
				printCCError("CCCryptorCreateFromData", crtn);
				crtn = -1;
				goto errOut;
			}
			ctxSize = askedOutSize;
		}
		crtn = CCCryptorCreateFromData(op, encrAlg, options,
			keyBytes, keyLen, iv,
			ctx, ctxSize, &cryptor, &ctxSizeCreated);
		if(crtn) {
			printCCError("CCCryptorCreateFromData", crtn);
			return crtn;
		}
		ctxMarker = ctx + ctxSizeCreated;
		memset(ctxMarker, MARKER_BYTE, MARKER_LENGTH);
	}
	else {
		crtn = CCCryptorCreate(op, encrAlg, options,
			keyBytes, keyLen, iv,
			&cryptor);
		if(crtn) {
			printCCError("CCCryptorCreate", crtn);
			return crtn;
		}
	}
	
	toMove = inTextLen;		/* total to go */
	outp = outBuf;
	outBytes = 0;			/* bytes actually produced in outBuf */
	
	while(toMove) {
		uint32 thisMoveIn;			/* input to CCryptUpdate() */
		
		thisMoveIn = genRand(1, toMove);
		logSize(("###ptext segment len %lu\n", (unsigned long)thisMoveIn)); 
		if(askOutSize) {
			thisOutLen = CCCryptorGetOutputLength(cryptor, thisMoveIn, false);
		}
		else {
			thisOutLen = outLen;
		}
		crtn = CCCryptorUpdate(cryptor, inp, thisMoveIn,
			outp, thisOutLen, &thisMoveOut);
		if(crtn) {
			printCCError("CCCryptorUpdate", crtn);
			goto errOut;
		}
		inp			+= thisMoveIn;
		toMove		-= thisMoveIn;
		outp		+= thisMoveOut;
		outLen   	-= thisMoveOut;
		outBytes	+= thisMoveOut;
	}
	
	if(doPadding) {
		/* Final is not needed if padding is disabled */
		if(askOutSize) {
			thisOutLen = CCCryptorGetOutputLength(cryptor, 0, true);
		}
		else {
			thisOutLen = outLen;
		}
		crtn = CCCryptorFinal(cryptor, outp, thisOutLen, &thisMoveOut);
	}
	else {
		thisMoveOut = 0;
		crtn = kCCSuccess;
	}
	
	if(crtn) {
		printCCError("CCCryptorFinal", crtn);
		goto errOut;
	}
	
	outBytes += thisMoveOut;
	*outText = outBuf;
	*outTextLen = outBytes;
	crtn = kCCSuccess;

	for(dex=0; dex<MARKER_LENGTH; dex++) {
		if(textMarker[dex] != MARKER_BYTE) {
			printf("***lib scribbled on our textMarker memory (op=%s)!\n",
				forEncrypt ? "encrypt" : "decrypt");
			crtn = (CCCryptorStatus)-1;
		}
	}
	if(ctxSize) {
		for(dex=0; dex<MARKER_LENGTH; dex++) {
			if(ctxMarker[dex] != MARKER_BYTE) {
				printf("***lib scribbled on our ctxMarker memory (op=%s)!\n",
					forEncrypt ? "encrypt" : "decrypt");
				crtn = (CCCryptorStatus)-1;
			}
		}
	}
	
errOut:
	if(crtn) {
		if(outBuf) {
			free(outBuf);
		}
	}
	if(cryptor) {
		CCCryptorRelease(cryptor);
	}
	return crtn;
}

static int doTest(const uint8_t *ptext,
	size_t ptextLen,
	CCAlgorithm encrAlg,			
	bool doCbc,
	bool doPadding,
	bool nullIV,			/* if CBC, use NULL IV */
	uint32 keySizeInBytes,
	bool stagedEncr,
	bool stagedDecr,
	bool inPlace,	
	size_t ctxSize,		
	bool askOutSize,
	bool quiet)
{
	uint8_t			keyBytes[MAX_KEY_SIZE];
	uint8_t			iv[MAX_BLOCK_SIZE];
	uint8_t			*ivPtrEncrypt;
	uint8_t			*ivPtrDecrypt;
	uint8_t			*ctext = NULL;		/* mallocd by doCCCrypt */
	size_t			ctextLen = 0;
	uint8_t			*rptext = NULL;		/* mallocd by doCCCrypt */
	size_t			rptextLen;
	CCCryptorStatus	crtn;
	int				rtn = 0;
	
	/* random key */
	appGetRandomBytes(keyBytes, keySizeInBytes);
	
	/* random IV if needed */
	if(doCbc) {
		if(nullIV) {
			memset(iv, 0, MAX_BLOCK_SIZE);
			
			/* flip a coin, give one side NULL, the other size zeroes */
			if(genRand(1,2) == 1) {
				ivPtrEncrypt = NULL;
				ivPtrDecrypt = iv;
			}
			else {
				ivPtrEncrypt = iv;
				ivPtrDecrypt = NULL;
			}
		}
		else {
			appGetRandomBytes(iv, MAX_BLOCK_SIZE);
			ivPtrEncrypt = iv;
			ivPtrDecrypt = iv;
		}
	}	
	else {
		ivPtrEncrypt = NULL;
		ivPtrDecrypt = NULL;
	}

	crtn = doCCCrypt(true, encrAlg, doCbc, doPadding,
		keyBytes, keySizeInBytes, ivPtrEncrypt,
		stagedEncr, inPlace, ctxSize, askOutSize,
		ptext, ptextLen,
		&ctext, &ctextLen);
	if(crtn) {
		rtn = testError(quiet);
		if(rtn) {
			goto abort;
		}
	}
	
	logSize(("###ctext len %lu\n", ctextLen)); 
	
	crtn = doCCCrypt(false, encrAlg, doCbc, doPadding,
		keyBytes, keySizeInBytes, ivPtrDecrypt,
		stagedDecr, inPlace, ctxSize, askOutSize,
		ctext, ctextLen,
		&rptext, &rptextLen);
	if(crtn) {
		rtn = testError(quiet);
		if(rtn) {
			goto abort;
		}
	}

	logSize(("###rptext len %lu\n", rptextLen)); 
	
	/* compare ptext, rptext */
	if(ptextLen != rptextLen) {
		printf("Ptext length mismatch: expect %lu, got %lu\n", ptextLen, rptextLen);
		rtn = testError(quiet);
		if(rtn) {
			goto abort;
		}
	}
	if(memcmp(ptext, rptext, ptextLen)) {
		printf("***data miscompare\n");
		rtn = testError(quiet);
	}
abort:
	if(ctext) {
		free(ctext);
	}
	if(rptext) {
		free(rptext);
	}
	return rtn;
}

bool isBitSet(unsigned bit, unsigned word) 
{
	if(bit > 31) {
		printf("We don't have that many bits\n");
		exit(1);
	}
	unsigned mask = 1 << bit;
	return (word & mask) ? true : false;
}

int main(int argc, char **argv)
{
	int					arg;
	char				*argp;
	unsigned			loop;
	uint8				*ptext;
	size_t				ptextLen;
	bool				stagedEncr = false;
	bool				stagedDecr = false;
	bool				doPadding;
	bool				doCbc = false;
	bool				nullIV;
	const char			*algStr;
	CCAlgorithm			encrAlg;	
	int					i;
	int					currAlg;		// ALG_xxx
	uint32				minKeySizeInBytes;
	uint32				maxKeySizeInBytes;
	uint32				keySizeInBytes = 0;
	int					rtn = 0;
	uint32				blockSize;		// for noPadding case
	size_t				ctxSize;		// always set per alg
	size_t				ctxSizeUsed;	// passed to doTest
	bool				askOutSize;		// inquire output size each op
	
	/*
	 * User-spec'd params
	 */
	bool		keySizeSpec = false;		// false: use rand key size
	SymAlg		minAlg = ALG_FIRST;
	SymAlg		maxAlg = ALG_LAST;
	unsigned	loops = LOOPS_DEF;
	bool		verbose = false;
	size_t		minPtextSize = MIN_DATA_SIZE;
	size_t		maxPtextSize = MAX_DATA_SIZE;
	bool		quiet = false;
	unsigned	pauseInterval = 0;
	bool		paddingSpec = false;		// true: user calls doPadding, const
	bool		cbcSpec = false;			// ditto for doCbc
	bool		stagedSpec = false;			// ditto for stagedEncr and stagedDecr
	bool		inPlace = false;			// en/decrypt in place for ECB
	bool		allocCtxSpec = false;		// use allocCtx
	bool		allocCtx = false;			// allocate context ourself
	
	for(arg=1; arg<argc; arg++) {
		argp = argv[arg];
		switch(argp[0]) {
			case 'a':
				if(argp[1] != '=') {
					usage(argv);
				}
				switch(argp[2]) {
					case 's':
						minAlg = maxAlg = ALG_ASC;
						break;
					case 'd':
						minAlg = maxAlg = ALG_DES;
						break;
					case '3':
						minAlg = maxAlg = ALG_3DES;
						break;
					case '2':
						minAlg = maxAlg = ALG_RC2;
						break;
					case '4':
						minAlg = maxAlg = ALG_RC4;
						break;
					case '5':
						minAlg = maxAlg = ALG_RC5;
						break;
					case 'a':
						minAlg = maxAlg = ALG_AES_128;
						break;
					case 'n':
						minAlg = maxAlg = ALG_AES_192;
						break;
					case 'A':
						minAlg = maxAlg = ALG_AES_256;
						break;
					case 'b':
						minAlg = maxAlg = ALG_BFISH;
						break;
					case 'c':
						minAlg = maxAlg = ALG_CAST;
						break;
					default:
						usage(argv);
				}
				if(maxAlg > ALG_LAST) {
					/* we left them in the switch but we can't use them */
					usage(argv);
				}
				break;
		    case 'l':
				loops = atoi(&argp[2]);
				break;
		    case 'n':
				minPtextSize = atoi(&argp[2]);
				break;
		    case 'm':
				maxPtextSize = atoi(&argp[2]);
				break;
		    case 'k':
		    	minKeySizeInBytes = maxKeySizeInBytes = atoi(&argp[2]);
		    	keySizeSpec = true;
				break;
			case 'x':
				allocCtxSpec = true;
				allocCtx = true;
				break;
			case 'X':
				allocCtxSpec = true;
				allocCtx = false;
				break;
		    case 'v':
		    	verbose = true;
				break;
		    case 'q':
		    	quiet = true;
				break;
		    case 'p':
		    	pauseInterval = atoi(&argp[2]);;
				break;
			case 'o':
				doPadding = false;
				paddingSpec = true;
				break;
			case 'e':
				doCbc = false;
				cbcSpec = true;
				break;
			case 'E':
				doCbc = true;
				cbcSpec = true;
				break;
		    case 'u':
		    	stagedEncr = false;
		    	stagedDecr = false;
				stagedSpec = true;
				break;
		    case 'U':
		    	stagedEncr = true;
		    	stagedDecr = true;
				stagedSpec = true;
				break;
		    case 'h':
		    default:
				usage(argv);
		}
	}
	ptext = (uint8 *)malloc(maxPtextSize);
	if(ptext == NULL) {
		printf("Insufficient heap space\n");
		exit(1);
	}
	/* ptext length set in test loop */
	
	printf("Starting ccSymTest; args: ");
	for(i=1; i<argc; i++) {
		printf("%s ", argv[i]);
	}
	printf("\n");
	
	if(pauseInterval) {
		fpurge(stdin);
		printf("Top of test; hit CR to proceed: ");
		getchar();
	}

	for(currAlg=minAlg; currAlg<=maxAlg; currAlg++) {
		switch(currAlg) {
			case ALG_DES:
				encrAlg = kCCAlgorithmDES;
				blockSize = kCCBlockSizeDES;
				minKeySizeInBytes = kCCKeySizeDES;
				maxKeySizeInBytes = minKeySizeInBytes;
				ctxSize = kCCContextSizeDES;
				algStr = "DES";
				break;
			case ALG_3DES:
				encrAlg = kCCAlgorithm3DES;
				blockSize = kCCBlockSize3DES;
				minKeySizeInBytes = kCCKeySize3DES;
				maxKeySizeInBytes = minKeySizeInBytes;
				ctxSize = kCCContextSize3DES;
				
				algStr = "3DES";
				break;
			case ALG_AES_128:
				encrAlg = kCCAlgorithmAES128;
				blockSize = kCCBlockSizeAES128;
				minKeySizeInBytes = kCCKeySizeAES128;
				maxKeySizeInBytes = minKeySizeInBytes;
				ctxSize = kCCContextSizeAES128;
				algStr = "AES128";
				break;
			case ALG_AES_192:
				encrAlg = kCCAlgorithmAES128;
				blockSize = kCCBlockSizeAES128;
				minKeySizeInBytes = kCCKeySizeAES192;
				maxKeySizeInBytes = minKeySizeInBytes;
				ctxSize = kCCContextSizeAES128;
				algStr = "AES192";
				break;
			case ALG_AES_256:
				encrAlg = kCCAlgorithmAES128;
				blockSize = kCCBlockSizeAES128;
				minKeySizeInBytes = kCCKeySizeAES256;
				maxKeySizeInBytes = minKeySizeInBytes;
				ctxSize = kCCContextSizeAES128;
				algStr = "AES256";
				break;
			case ALG_CAST:
				encrAlg = kCCAlgorithmCAST;
				blockSize = kCCBlockSizeCAST;
				minKeySizeInBytes = kCCKeySizeMinCAST;
				maxKeySizeInBytes = kCCKeySizeMaxCAST;
				ctxSize = kCCContextSizeCAST;
				algStr = "CAST";
				break;
			case ALG_RC4:
				encrAlg = kCCAlgorithmRC4;
				blockSize = 0;
				minKeySizeInBytes = kCCKeySizeMinRC4;
				maxKeySizeInBytes = kCCKeySizeMaxRC4;
				ctxSize = kCCContextSizeRC4;
				algStr = "RC4";
				break;
			default:
				printf("***BRRZAP!\n");
				exit(1);
		}
		if(!quiet || verbose) {
			printf("Testing alg %s\n", algStr);
		}
		for(loop=1; ; loop++) {
			ptextLen = genRand(minPtextSize, maxPtextSize);
			appGetRandomBytes(ptext, ptextLen);
			
			/* per-loop settings */
			if(!keySizeSpec) {
				if(minKeySizeInBytes == maxKeySizeInBytes) {
					keySizeInBytes = minKeySizeInBytes;
				}
				else {
					keySizeInBytes = genRand(minKeySizeInBytes, maxKeySizeInBytes);
				}
			}
			if(blockSize == 0) {
				/* stream cipher */
				doCbc = false;
				doPadding = false;
			}
			else {
				if(!cbcSpec) {
					doCbc = isBitSet(0, loop);
				}
				if(!paddingSpec) {
					doPadding = isBitSet(1, loop);
				}
			}
			if(!doPadding && (blockSize != 0)) {
				/* align plaintext */
				ptextLen = (ptextLen / blockSize) * blockSize;
				if(ptextLen == 0) {
					ptextLen = blockSize;
				}
			}
			if(!stagedSpec) {
				stagedEncr = isBitSet(2, loop);
				stagedDecr = isBitSet(3, loop);
			}
			if(doCbc) {
				nullIV = isBitSet(4, loop);
			}
			else {
				nullIV = false;
			}
			inPlace = isBitSet(5, loop);
			if(allocCtxSpec) {
				ctxSizeUsed = allocCtx ? ctxSize : 0;
			}
			else if(isBitSet(6, loop)) {
				ctxSizeUsed = ctxSize;
			}
			else {
				ctxSizeUsed = 0;
			}
			askOutSize = isBitSet(7, loop);
			if(!quiet) {
			   	if(verbose || ((loop % LOOP_NOTIFY) == 0)) {
					printf("..loop %3d ptextLen %lu keyLen %d cbc=%d padding=%d stagedEncr=%d "
							"stagedDecr=%d\n",
						loop, (unsigned long)ptextLen, (int)keySizeInBytes, 
						(int)doCbc, (int)doPadding,
					 	(int)stagedEncr, (int)stagedDecr);
					printf("           nullIV %d inPlace %d ctxSize %d askOutSize %d\n",
						(int)nullIV, (int)inPlace, (int)ctxSizeUsed, (int)askOutSize);
				}
			}
			
			if(doTest(ptext, ptextLen,
					encrAlg, doCbc, doPadding, nullIV,
					keySizeInBytes,
					stagedEncr,	stagedDecr, inPlace, ctxSizeUsed, askOutSize,
					quiet)) {
				rtn = 1;
				break;
			}
			if(pauseInterval && ((loop % pauseInterval) == 0)) {
				char c;
				fpurge(stdin);
				printf("Hit CR to proceed, q to abort: ");
				c = getchar();
				if(c == 'q') {
					goto testDone;
				}
			}
			if(loops && (loop == loops)) {
				break;
			}
		}	/* main loop */
		if(rtn) {
			break;
		}
		
	}	/* for algs */
	
testDone:
	if(pauseInterval) {
		fpurge(stdin);
		printf("ModuleDetach/Unload complete; hit CR to exit: ");
		getchar();
	}
	if((rtn == 0) && !quiet) {
		printf("%s test complete\n", argv[0]);
	}
	free(ptext);
	return rtn;
}

Added LocalTests/utilLib/Makefile.























































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# name of executable to build
EXECUTABLE=libcsputils.a
# C++ source (with .cpp extension)
CPSOURCE= commonCpp.cpp nssAppUtils.cpp ssleayUtils.cpp
# C source (.c extension)
CSOURCE= common.c cspwrap.c fileIo.c bsafeUtils.c t_stdlib.c rijndael-alg-ref.c \
	rijndaelApi.c cputime.c

#
# project-specific libraries, e.g., -lstdc++
#
PROJ_LIBS= 
#
# Optional lib search paths
#
PROJ_LIBPATH=
#
# choose one for cc
#
VERBOSE=
#VERBOSE=-v

#
# Other files to remove at 'make clean' time
#
OTHER_TO_CLEAN=

#
# non-standard frameworks (e.g., -framework foo)
#
PROJ_FRAMEWORKS=

#
# project-specific includes, with leading -I
#
PROJ_INCLUDES= 

#
# Optional C flags (warnings, optimizations, etc.)
#
#PROJ_CFLAGS= -Os
PROJ_CFLAGS= 

#
# Optional link flags (using cc, not ld)
#
PROJ_LDFLAGS=

#
# Optional dependencies
#
PROJ_DEPENDS=

include ../Makefile.lib

# Special case for this object file...normally we ignore header dependencies, but
# this header is auto generated on a regular basis. 
$(OBJROOT)/commonCpp.o: commonCpp.cpp cssmErrorStrings.h
	$(CC) $(ALL_CFLAGS) -c -o $(OBJROOT)/commonCpp.o commonCpp.cpp

Added LocalTests/utilLib/boxes-ref.h.











































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
static const word8 Logtable[256] = {
  0,   0,  25,   1,  50,   2,  26, 198,  75, 199,  27, 104,  51, 238, 223,   3, 
100,   4, 224,  14,  52, 141, 129, 239,  76, 113,   8, 200, 248, 105,  28, 193, 
125, 194,  29, 181, 249, 185,  39, 106,  77, 228, 166, 114, 154, 201,   9, 120, 
101,  47, 138,   5,  33,  15, 225,  36,  18, 240, 130,  69,  53, 147, 218, 142, 
150, 143, 219, 189,  54, 208, 206, 148,  19,  92, 210, 241,  64,  70, 131,  56, 
102, 221, 253,  48, 191,   6, 139,  98, 179,  37, 226, 152,  34, 136, 145,  16, 
126, 110,  72, 195, 163, 182,  30,  66,  58, 107,  40,  84, 250, 133,  61, 186, 
 43, 121,  10,  21, 155, 159,  94, 202,  78, 212, 172, 229, 243, 115, 167,  87, 
175,  88, 168,  80, 244, 234, 214, 116,  79, 174, 233, 213, 231, 230, 173, 232, 
 44, 215, 117, 122, 235,  22,  11, 245,  89, 203,  95, 176, 156, 169,  81, 160, 
127,  12, 246, 111,  23, 196,  73, 236, 216,  67,  31,  45, 164, 118, 123, 183, 
204, 187,  62,  90, 251,  96, 177, 134,  59,  82, 161, 108, 170,  85,  41, 157, 
151, 178, 135, 144,  97, 190, 220, 252, 188, 149, 207, 205,  55,  63,  91, 209, 
 83,  57, 132,  60,  65, 162, 109,  71,  20,  42, 158,  93,  86, 242, 211, 171, 
 68,  17, 146, 217,  35,  32,  46, 137, 180, 124, 184,  38, 119, 153, 227, 165, 
103,  74, 237, 222, 197,  49, 254,  24,  13,  99, 140, 128, 192, 247, 112,   7, 
};

static const word8 Alogtable[256] = {
  1,   3,   5,  15,  17,  51,  85, 255,  26,  46, 114, 150, 161, 248,  19,  53, 
 95, 225,  56,  72, 216, 115, 149, 164, 247,   2,   6,  10,  30,  34, 102, 170, 
229,  52,  92, 228,  55,  89, 235,  38, 106, 190, 217, 112, 144, 171, 230,  49, 
 83, 245,   4,  12,  20,  60,  68, 204,  79, 209, 104, 184, 211, 110, 178, 205, 
 76, 212, 103, 169, 224,  59,  77, 215,  98, 166, 241,   8,  24,  40, 120, 136, 
131, 158, 185, 208, 107, 189, 220, 127, 129, 152, 179, 206,  73, 219, 118, 154, 
181, 196,  87, 249,  16,  48,  80, 240,  11,  29,  39, 105, 187, 214,  97, 163, 
254,  25,  43, 125, 135, 146, 173, 236,  47, 113, 147, 174, 233,  32,  96, 160, 
251,  22,  58,  78, 210, 109, 183, 194,  93, 231,  50,  86, 250,  21,  63,  65, 
195,  94, 226,  61,  71, 201,  64, 192,  91, 237,  44, 116, 156, 191, 218, 117, 
159, 186, 213, 100, 172, 239,  42, 126, 130, 157, 188, 223, 122, 142, 137, 128, 
155, 182, 193,  88, 232,  35, 101, 175, 234,  37, 111, 177, 200,  67, 197,  84, 
252,  31,  33,  99, 165, 244,   7,   9,  27,  45, 119, 153, 176, 203,  70, 202, 
 69, 207,  74, 222, 121, 139, 134, 145, 168, 227,  62,  66, 198,  81, 243,  14, 
 18,  54,  90, 238,  41, 123, 141, 140, 143, 138, 133, 148, 167, 242,  13,  23, 
 57,  75, 221, 124, 132, 151, 162, 253,  28,  36, 108, 180, 199,  82, 246,   1, 
};

static const word8 S[256] = {
 99, 124, 119, 123, 242, 107, 111, 197,  48,   1, 103,  43, 254, 215, 171, 118, 
202, 130, 201, 125, 250,  89,  71, 240, 173, 212, 162, 175, 156, 164, 114, 192, 
183, 253, 147,  38,  54,  63, 247, 204,  52, 165, 229, 241, 113, 216,  49,  21, 
  4, 199,  35, 195,  24, 150,   5, 154,   7,  18, 128, 226, 235,  39, 178, 117, 
  9, 131,  44,  26,  27, 110,  90, 160,  82,  59, 214, 179,  41, 227,  47, 132, 
 83, 209,   0, 237,  32, 252, 177,  91, 106, 203, 190,  57,  74,  76,  88, 207, 
208, 239, 170, 251,  67,  77,  51, 133,  69, 249,   2, 127,  80,  60, 159, 168, 
 81, 163,  64, 143, 146, 157,  56, 245, 188, 182, 218,  33,  16, 255, 243, 210, 
205,  12,  19, 236,  95, 151,  68,  23, 196, 167, 126,  61, 100,  93,  25, 115, 
 96, 129,  79, 220,  34,  42, 144, 136,  70, 238, 184,  20, 222,  94,  11, 219, 
224,  50,  58,  10,  73,   6,  36,  92, 194, 211, 172,  98, 145, 149, 228, 121, 
231, 200,  55, 109, 141, 213,  78, 169, 108,  86, 244, 234, 101, 122, 174,   8, 
186, 120,  37,  46,  28, 166, 180, 198, 232, 221, 116,  31,  75, 189, 139, 138, 
112,  62, 181, 102,  72,   3, 246,  14,  97,  53,  87, 185, 134, 193,  29, 158, 
225, 248, 152,  17, 105, 217, 142, 148, 155,  30, 135, 233, 206,  85,  40, 223, 
140, 161, 137,  13, 191, 230,  66, 104,  65, 153,  45,  15, 176,  84, 187,  22, 
};

static const word8 Si[256] = {
 82,   9, 106, 213,  48,  54, 165,  56, 191,  64, 163, 158, 129, 243, 215, 251, 
124, 227,  57, 130, 155,  47, 255, 135,  52, 142,  67,  68, 196, 222, 233, 203, 
 84, 123, 148,  50, 166, 194,  35,  61, 238,  76, 149,  11,  66, 250, 195,  78, 
  8,  46, 161, 102,  40, 217,  36, 178, 118,  91, 162,  73, 109, 139, 209,  37, 
114, 248, 246, 100, 134, 104, 152,  22, 212, 164,  92, 204,  93, 101, 182, 146, 
108, 112,  72,  80, 253, 237, 185, 218,  94,  21,  70,  87, 167, 141, 157, 132, 
144, 216, 171,   0, 140, 188, 211,  10, 247, 228,  88,   5, 184, 179,  69,   6, 
208,  44,  30, 143, 202,  63,  15,   2, 193, 175, 189,   3,   1,  19, 138, 107, 
 58, 145,  17,  65,  79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115, 
150, 172, 116,  34, 231, 173,  53, 133, 226, 249,  55, 232,  28, 117, 223, 110, 
 71, 241,  26, 113,  29,  41, 197, 137, 111, 183,  98,  14, 170,  24, 190,  27, 
252,  86,  62,  75, 198, 210, 121,  32, 154, 219, 192, 254, 120, 205,  90, 244, 
 31, 221, 168,  51, 136,   7, 199,  49, 177,  18,  16,  89,  39, 128, 236,  95, 
 96,  81, 127, 169,  25, 181,  74,  13,  45, 229, 122, 159, 147, 201, 156, 239, 
160, 224,  59,  77, 174,  42, 245, 176, 200, 235, 187,  60, 131,  83, 153,  97, 
 23,  43,   4, 126, 186, 119, 214,  38, 225, 105,  20,  99,  85,  33,  12, 125, 
};

static const word8 iG[4][4] = {
{ 0x0e, 0x09, 0x0d, 0x0b }, 
{ 0x0b, 0x0e, 0x09, 0x0d },
{ 0x0d, 0x0b, 0x0e, 0x09 }, 
{ 0x09, 0x0d, 0x0b, 0x0e } 
};

static const word32 rcon[30] = { 
  0x01,0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91, };

Added LocalTests/utilLib/bsafeUtils.c.









































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
/*
 * bsafeUtils.c - common routines for CDSA/BSAFE compatibility testing
 */
 
#include <stdlib.h>
#include <stdio.h>
#include <time.h>
#include <string.h>
#include <security_bsafe/bsafe.h>
#include <security_bsafe/aglobal.h>
#include "bsafeUtils.h"
#include <Security/cssmerr.h>
#include "common.h"

/*
 * Convert between BSAFE ITEM and CSSM_DATA
 */
static inline void buItemToCssmData(
	const ITEM 		*item,
	CSSM_DATA_PTR	cdata)
{
	cdata->Data   = item->data;
	cdata->Length = item->len;
}

static inline void buCssmDataToItem(
	const CSSM_DATA		*cdata,
	ITEM 				*item)
{
	item->data = cdata->Data;
	item->len  = cdata->Length;
}

/*
 * BSafe's Chooser table - all we'll ever need.
 */
/*static*/ B_ALGORITHM_METHOD *BSAFE_ALGORITHM_CHOOSER[] = {
    // digests
    &AM_SHA,
    &AM_MD5,
	&AM_MD2,

    // organizational
    &AM_CBC_ENCRYPT,
    &AM_CBC_DECRYPT,
    &AM_ECB_ENCRYPT,
    &AM_ECB_DECRYPT,
    &AM_OFB_ENCRYPT,
    &AM_OFB_DECRYPT,

    // DES & variants
    &AM_DES_ENCRYPT,
    &AM_DES_DECRYPT,
    &AM_DESX_ENCRYPT,
    &AM_DESX_DECRYPT,
    &AM_DES_EDE_ENCRYPT,
    &AM_DES_EDE_DECRYPT,

    // RCn stuff
    &AM_RC2_CBC_ENCRYPT,
    &AM_RC2_CBC_DECRYPT,
    &AM_RC2_ENCRYPT,
    &AM_RC2_DECRYPT,
    &AM_RC4_ENCRYPT,
    &AM_RC4_DECRYPT,
    &AM_RC5_ENCRYPT,
    &AM_RC5_DECRYPT,
    &AM_RC5_CBC_ENCRYPT,
    &AM_RC5_CBC_DECRYPT,

    // RSA
    &AM_RSA_STRONG_KEY_GEN,
    &AM_RSA_KEY_GEN,
    &AM_RSA_CRT_ENCRYPT_BLIND,
    &AM_RSA_CRT_DECRYPT_BLIND,
    &AM_RSA_ENCRYPT,
    &AM_RSA_DECRYPT,

    // DSA
    &AM_DSA_PARAM_GEN,
    &AM_DSA_KEY_GEN,

    // signatures
    &AM_DSA_SIGN,
    &AM_DSA_VERIFY,

    // random number generation
    &AM_MD5_RANDOM,
    &AM_SHA_RANDOM,

    // sentinel
    (B_ALGORITHM_METHOD *)NULL_PTR
};

/* 
 * Convert a BSAFE return to a CSSM error and optionally print the error msg with 
 * the op in which the error occurred.
 */
static CSSM_RETURN buBsafeErrToCssm(
	int brtn, 
	const char *op)
{
	char *errStr = NULL;
	CSSM_RETURN crtn;
	
    switch (brtn) {
		case 0:
			return CSSM_OK;
		case BE_ALLOC:
			crtn = CSSMERR_CSSM_MEMORY_ERROR;
			errStr = "BE_ALLOC";
			break;
		case BE_SIGNATURE:
			crtn = CSSMERR_CSP_VERIFY_FAILED;
			errStr = "BE_SIGNATURE";
			break;
		case BE_OUTPUT_LEN:
			crtn = CSSMERR_CSP_OUTPUT_LENGTH_ERROR;
			errStr = "BE_OUTPUT_LEN";
			break;
		case BE_INPUT_LEN:
			crtn = CSSMERR_CSP_INPUT_LENGTH_ERROR;
			errStr = "BE_INPUT_LEN";
			break;
		case BE_EXPONENT_EVEN:
			crtn = CSSMERR_CSP_INVALID_KEY;
			errStr = "BE_EXPONENT_EVEN";
			break;
		case BE_EXPONENT_LEN:
			crtn = CSSMERR_CSP_INVALID_KEY;
			errStr = "BE_EXPONENT_LEN";
			break;
		case BE_EXPONENT_ONE:
			crtn = CSSMERR_CSP_INVALID_KEY;
			errStr = "BE_EXPONENT_ONE";
			break;
		case BE_DATA:
			crtn = CSSMERR_CSP_INVALID_DATA;
			errStr = "BE_DATA";
			break;
		case BE_INPUT_DATA:
			crtn = CSSMERR_CSP_INVALID_DATA;
			errStr = "BE_INPUT_DATA";
			break;
		case BE_WRONG_KEY_INFO:
			crtn = CSSMERR_CSP_INVALID_KEY;
			errStr = "BE_WRONG_KEY_INFO";
			break;
        default:
			//@@@ translate BSafe errors intelligently
 			crtn = CSSM_ERRCODE_INTERNAL_ERROR;
			errStr = "Other BSAFE error";
			break;
    }
	if(op != NULL) {
		printf("%s: BSAFE error %d (%s)\n", op, brtn, errStr);
	}
	return crtn;
}

/*
 * Non-thread-safe global random B_ALGORITHM_OBJ and a reusable init for it.
 */
static B_ALGORITHM_OBJ 	bsafeRng = NULL;
#define BSAFE_RANDSIZE	64

static B_ALGORITHM_OBJ buGetRng()
{
	int brtn;
	uint8 seed[BSAFE_RANDSIZE];
	
	if(bsafeRng != NULL) {
		return bsafeRng;
	}
	brtn = B_CreateAlgorithmObject(&bsafeRng);
	if(brtn) {
		buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject(&bsafeRng)");
		return NULL;
	}
	brtn = B_SetAlgorithmInfo(bsafeRng, AI_X962Random_V0, NULL_PTR);
	if(brtn) {
		buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo(bsafeRng)");
		return NULL;
	}
	brtn = B_RandomInit(bsafeRng, BSAFE_ALGORITHM_CHOOSER, NULL);
 	if(brtn) {
		buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo(bsafeRng)");
		return NULL;
	}
	appGetRandomBytes(seed, BSAFE_RANDSIZE);
	brtn = B_RandomUpdate(bsafeRng, seed, BSAFE_RANDSIZE, NULL);
	if(brtn) {
		buBsafeErrToCssm(brtn, "B_RandomUpdate");
		return NULL;
	}
	return bsafeRng;
}

/*
 * Create a symmetric key.
 */
CSSM_RETURN  buGenSymKey(
	uint32			keySizeInBits,
	const CSSM_DATA	*keyData,
	BU_KEY			*key)			// RETURNED
{
	int				brtn;
	B_KEY_OBJ		bkey = NULL;
	ITEM			item;
	unsigned		keyBytes = (keySizeInBits + 7) / 8;
	
	if(keyBytes > keyData->Length) {
		/* note it's OK to give us too much key data */
		printf("***buGenSymKey: Insufficient keyData\n");
		return CSSM_ERRCODE_INTERNAL_ERROR;
	}

	/* create a BSAFE key */
	brtn = B_CreateKeyObject(&bkey);
	if(brtn) {
		return buBsafeErrToCssm(brtn, "B_CreateKeyObject");
	}
	
	/* assign data to the key */
	item.data = keyData->Data;
	item.len = keyBytes;
	brtn = B_SetKeyInfo(bkey, KI_Item, (POINTER)&item);
	if(brtn) {
		return buBsafeErrToCssm(brtn, "B_SetKeyInfo");
	}
	else {
		*key = bkey;
		return CSSM_OK;
	}
}

/*
 * Create asymmetric key pair.
 * FIXME - additional params (e.g. DSA params, RSA exponent)?
 */
CSSM_RETURN buGenKeyPair(
	uint32			keySizeInBits,
	CSSM_ALGORITHMS	keyAlg,			// CSSM_ALGID_{RSA,DSA}
	BU_KEY			*pubKey,		// RETURNED
	BU_KEY			*privKey)		// RETURNED
{
	int						brtn;
	B_KEY_OBJ				bPubkey = NULL;
	B_KEY_OBJ				bPrivkey = NULL;
	B_ALGORITHM_OBJ			keypairGen = NULL;
	char					*op = NULL;
	A_RSA_KEY_GEN_PARAMS	params;
	unsigned char 			exp[1] = { 3 };
    B_ALGORITHM_OBJ 		genDsaAlg = NULL;
    B_ALGORITHM_OBJ 		dsaResult = NULL;
	B_DSA_PARAM_GEN_PARAMS 	dsaParams;
	A_DSA_PARAMS 			*kParams = NULL;
	
	/* create algorithm object */
	brtn = B_CreateAlgorithmObject(&keypairGen);
	if(brtn) {
		return CSSMERR_CSSM_MEMORY_ERROR;
	}
	
	/* create two BSAFE keys */
	brtn = B_CreateKeyObject(&bPubkey);
	if(brtn) {
		op ="B_CreateKeyObject";
		goto abort;
	}
	brtn = B_CreateKeyObject(&bPrivkey);
	if(brtn) {
		op ="B_CreateKeyObject";
		goto abort;
	}
	switch(keyAlg) {
		case CSSM_ALGID_RSA:
		{
			/* set RSA-specific params */
			params.modulusBits = keySizeInBits;
			/* hack - parameterize? */
			params.publicExponent.data = exp;
			params.publicExponent.len = 1;
			brtn = B_SetAlgorithmInfo(keypairGen, AI_RSAKeyGen, 
				(POINTER)&params);
			if(brtn) {
				op ="B_SetAlgorithmInfo(AI_RSAKeyGen)";
			}
			break;
		}
		case CSSM_ALGID_DSA:	
		{
			/* jump through hoops generating parameters */
			brtn = B_CreateAlgorithmObject(&genDsaAlg);
			if(brtn) {
				op ="B_CreateAlgorithmObject";
				break;
			}
			dsaParams.primeBits = keySizeInBits;
        	brtn = B_SetAlgorithmInfo(genDsaAlg, AI_DSAParamGen, (POINTER)&dsaParams);
			if(brtn) {
				op = "B_SetAlgorithmInfo(AI_DSAParamGen)";
				break;
			}
			brtn = B_GenerateInit(genDsaAlg, BSAFE_ALGORITHM_CHOOSER, NULL);
			if(brtn) {
				op = "B_GenerateInit(AI_DSAParamGen)";
				break;
			}
        	brtn = B_CreateAlgorithmObject(&dsaResult);
			if(brtn) {
				op = "B_CreateAlgorithmObject";
				break;
			}
        	brtn = B_GenerateParameters(genDsaAlg, dsaResult, buGetRng(), NULL);
			if(brtn) {
				op = "B_GenerateParameters";
				break;
			}
			
			/* dsaResult now has the parameters, which we must extract and then
			 * apply to the keypairGen object. Cool, huh? */
			brtn = B_GetAlgorithmInfo((POINTER *)&kParams, dsaResult, AI_DSAKeyGen);
			if(brtn) {
				op = "B_GetAlgorithmInfo(AI_DSAKeyGen)";
				break;
			}
			brtn = B_SetAlgorithmInfo(keypairGen, AI_DSAKeyGen, (POINTER)kParams);
			if(brtn) {
				op ="B_SetAlgorithmInfo(AI_DSAKeyGen)";
			}
			break;
		}
		default:
			printf("buGenKeyPair: algorithm not supported\n");
			return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
	}
	if(brtn) {
		goto abort;
	}
	
	/* keypairGen all set to go. */
	brtn = B_GenerateInit(keypairGen, 
		BSAFE_ALGORITHM_CHOOSER,
		(A_SURRENDER_CTX *)NULL);
	if(brtn) {
		op = "B_GenerateInit";
		goto abort;
	}
	brtn = B_GenerateKeypair(keypairGen,
		bPubkey,
		bPrivkey,
		buGetRng(),
		NULL);
	if(brtn) {
		op = "B_GenerateInit";
	}
abort:
	B_DestroyAlgorithmObject(&keypairGen);
	B_DestroyAlgorithmObject(&genDsaAlg);
	B_DestroyAlgorithmObject(&dsaResult);
	if(brtn) {
		B_DestroyKeyObject(&bPubkey);
		B_DestroyKeyObject(&bPrivkey);
		return buBsafeErrToCssm(brtn, op);
	}
	else {
		*pubKey = bPubkey;
		*privKey = bPrivkey;
		return CSSM_OK;
	}
}

/*
 * Free a key created in buGenSymKey or buGenKeyPair
 */
CSSM_RETURN buFreeKey(
	BU_KEY			key)
{
	B_KEY_OBJ bkey = (B_KEY_OBJ)key;
	B_DestroyKeyObject(&bkey);
	return CSSM_OK;
}

/*
 * encrypt/decrypt
 */
CSSM_RETURN buEncryptDecrypt(
	BU_KEY				key,
	CSSM_BOOL			forEncrypt,
	CSSM_ALGORITHMS		encrAlg,
	CSSM_ENCRYPT_MODE	mode,				// CSSM_ALGMODE_CBC, etc.
	const CSSM_DATA		*iv,				//Êoptional per mode
	uint32				effectiveKeyBits,	// optional per key alg (actually just RC2)
											// for RSA, key size in bits
	uint32				rounds,				// optional, RC5 only
	const CSSM_DATA		*inData,
	CSSM_DATA_PTR		outData)			// mallocd and RETURNED
{
	B_ALGORITHM_OBJ		alg;
	int 				brtn;
	char				fbCipher = 1;
	uint32				blockSize = 0;
	unsigned			outBufLen;
	unsigned			bytesMoved;
	CSSM_RETURN			crtn;
	char				useIv;
	
	// these variables are used in the switch below and need to 
	// live until after setAlgorithm()
	ITEM	 			bsIv;
    B_BLK_CIPHER_W_FEEDBACK_PARAMS spec;
	A_RC5_PARAMS		rc5Params;
	A_RC2_PARAMS		rc2Params;
	
	brtn = B_CreateAlgorithmObject(&alg);
	if(brtn) {
		return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
	}
	
	/* per-alg setup */
	switch(encrAlg) {
		case CSSM_ALGID_RC4:
			/* the easy one */
			brtn = B_SetAlgorithmInfo(alg, AI_RC4, NULL);
			if(brtn) {
				crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
				goto abort;
			}
			fbCipher = 0;
			break;
			
		case CSSM_ALGID_RSA:
			/* assume encrypt via publicm decrypt via private */
			if(forEncrypt) {
				brtn = B_SetAlgorithmInfo(alg, AI_PKCS_RSAPublic, NULL);
			}
			else {
				brtn = B_SetAlgorithmInfo(alg, AI_PKCS_RSAPrivate, NULL);
			}
			if(brtn) {
				crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo(RSA)");
				goto abort;
			}
			blockSize = (effectiveKeyBits + 7) / 8;
			fbCipher = 0;
			break;
			
		/* common code using AI_FeebackCipher */
        case CSSM_ALGID_DES:
            spec.encryptionMethodName = (POINTER)"des";
			blockSize = 8;
            break;
        case CSSM_ALGID_DESX:
            spec.encryptionMethodName = (POINTER)"desx";
 			blockSize = 8;
			break;
        case CSSM_ALGID_3DES_3KEY_EDE:
            spec.encryptionMethodName = (POINTER)"des_ede";
			blockSize = 8;
            break;
        case CSSM_ALGID_RC5:
            spec.encryptionMethodName = (POINTER)"rc5";
			spec.encryptionParams = (POINTER)&rc5Params;
			rc5Params.version = 0x10;
			rc5Params.rounds = rounds;
			rc5Params.wordSizeInBits = 32;
			blockSize = 8;
            break;
        case CSSM_ALGID_RC2:
            spec.encryptionMethodName = (POINTER)"rc2";
			spec.encryptionParams = (POINTER)&rc2Params;
			rc2Params.effectiveKeyBits = effectiveKeyBits;
 			blockSize = 8;
           break;
		/* add other non-AI_FeebackCipher algorithms here */
		default:
			printf("buEncryptDecrypt: unknown algorithm\n");
			return CSSM_ERRCODE_INTERNAL_ERROR;
	}
	if(fbCipher) {
		useIv = 1;		// default, except for ECB
		switch(mode) {
			case CSSM_ALGMODE_CBCPadIV8:
				spec.feedbackMethodName = (POINTER)"cbc";
				spec.paddingMethodName = (POINTER)"pad";
				break;
			case CSSM_ALGMODE_CBC_IV8: 
				spec.feedbackMethodName = (POINTER)"cbc";
				spec.paddingMethodName = (POINTER)"nopad";
				break;
			case CSSM_ALGMODE_OFB_IV8: 
				spec.feedbackMethodName = (POINTER)"cbc";
				spec.paddingMethodName = (POINTER)"nopad";
				break;
			case CSSM_ALGMODE_ECB: 
				/* this does not seem to work yet - need info from 
				 * RSA. Specify block size as the feedbackParams (per manual)
				 * and get a memmove error trying to copy from address 8; specify
				 * an IV and get BSAFE error 524 (BE_INPUT_DATA) error on the
				 * EncryptInit.
				 */
				spec.feedbackMethodName = (POINTER)"ecb";
				spec.paddingMethodName = (POINTER)"nopad";
				//useIv = 0;
				//spec.feedbackParams = (POINTER)8;
				break;
			default:
				printf("buEncryptDecrypt: unknown mode\n");
				return CSSM_ERRCODE_INTERNAL_ERROR;
		}
		if(useIv && (iv != NULL)) {
			buCssmDataToItem(iv, &bsIv);
			spec.feedbackParams = (POINTER)&bsIv;
		}
		
		brtn = B_SetAlgorithmInfo(alg, AI_FeedbackCipher, (POINTER)&spec);
		if(brtn) {
			crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
			goto abort;
		}
	}
	
	/*
	 * OK, one way or another we have an algorithm object. Set up
	 * output buffer.
	 */
	if(forEncrypt) {
		outBufLen = inData->Length + blockSize;
	}
	else {
		outBufLen = inData->Length;
	}
	outData->Length = 0;
	outData->Data = NULL;
	crtn = appSetupCssmData(outData, outBufLen);
	if(crtn) {
		goto abort;
	}
	if(forEncrypt) {
		brtn = B_EncryptInit(alg, 
			(B_KEY_OBJ)key,
			BSAFE_ALGORITHM_CHOOSER,
			(A_SURRENDER_CTX *)NULL);
		if(brtn) {
			crtn = buBsafeErrToCssm(brtn, "B_EncryptInit");
			goto abort;
		}
		brtn = B_EncryptUpdate(alg,
			outData->Data,
			&bytesMoved,
			outBufLen,
			inData->Data,
			inData->Length,
			buGetRng(),		// randAlg
			NULL);			// surrender
		if(brtn) {
			crtn = buBsafeErrToCssm(brtn, "B_EncryptInit");
			goto abort;
		}
		outData->Length = bytesMoved;
		brtn = B_EncryptFinal(alg,
			outData->Data + bytesMoved,
			&bytesMoved,
			outBufLen - outData->Length,
			buGetRng(),		// randAlg
			NULL);			// surrender
		if(brtn) {
			crtn = buBsafeErrToCssm(brtn, "B_EncryptFinal");
			goto abort;
		}
		outData->Length += bytesMoved;
		crtn = CSSM_OK;
	}
	else {
		brtn = B_DecryptInit(alg, 
			(B_KEY_OBJ)key,
			BSAFE_ALGORITHM_CHOOSER,
			(A_SURRENDER_CTX *)NULL);
		if(brtn) {
			crtn = buBsafeErrToCssm(brtn, "B_DecryptInit");
			goto abort;
		}
		brtn = B_DecryptUpdate(alg,
			outData->Data,
			&bytesMoved,
			outBufLen,
			inData->Data,
			inData->Length,
			NULL,			// randAlg
			NULL);			// surrender
		if(brtn) {
			crtn = buBsafeErrToCssm(brtn, "B_DecryptUpdate");
			goto abort;
		}
		outData->Length = bytesMoved;
		brtn = B_DecryptFinal(alg,
			outData->Data + bytesMoved,
			&bytesMoved,
			outBufLen - outData->Length,
			NULL,			// randAlg
			NULL);			// surrender
		if(brtn) {
			crtn = buBsafeErrToCssm(brtn, "B_DecryptFinal");
			goto abort;
		}
		outData->Length += bytesMoved;
		crtn = CSSM_OK;
	}
abort:
	B_DestroyAlgorithmObject(&alg);
	return crtn;
}

/* CSSM sig alg --> B_INFO_TYPE */
static CSSM_RETURN cssmSigAlgToInfoType(
	CSSM_ALGORITHMS cssmAlg,
	B_INFO_TYPE		*infoType)
{
	switch(cssmAlg) {
		case CSSM_ALGID_SHA1WithRSA:
			*infoType = AI_SHA1WithRSAEncryption;
			break;
		case CSSM_ALGID_MD5WithRSA:
			*infoType = AI_MD5WithRSAEncryption;
			break;
		case CSSM_ALGID_SHA1WithDSA:
			*infoType = AI_DSAWithSHA1;
			break;
		default:
			printf("cssmSigAlgToInfoType: unknown algorithm\n");
			return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
	}
	return CSSM_OK;
}

/*
 * Sign/verify
 */
CSSM_RETURN buSign(
	BU_KEY				key,
	CSSM_ALGORITHMS		sigAlg,
	const CSSM_DATA		*ptext,
	uint32				keySizeInBits,		// to set up sig
	CSSM_DATA_PTR		sig)				// mallocd and RETURNED
{
	B_ALGORITHM_OBJ		alg = NULL;
	int 				brtn;
	B_INFO_TYPE			infoType;
	CSSM_RETURN			crtn;
	unsigned			sigBytes;
	
	brtn = B_CreateAlgorithmObject(&alg);
	if(brtn) {
		return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
	}
	crtn = cssmSigAlgToInfoType(sigAlg, &infoType);
	if(crtn) {
		return crtn;
	}
	brtn = B_SetAlgorithmInfo(alg, infoType, NULL);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
		goto abort;
	}
	brtn = B_SignInit(alg, (B_KEY_OBJ)key, BSAFE_ALGORITHM_CHOOSER, NULL);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_SignInit");
		goto abort;
	}
	brtn = B_SignUpdate(alg, ptext->Data, ptext->Length, NULL);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_SignUpdate");
		goto abort;
	}
	
	/* prepare for sig, size of key */
	sigBytes = (keySizeInBits + 7) / 8;
	sig->Data = (uint8 *)CSSM_MALLOC(sigBytes);
	sig->Length = sigBytes;
	
	brtn = B_SignFinal(alg, sig->Data, &sigBytes, sigBytes, buGetRng(), NULL);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_SignFinal");
		goto abort;
	}
	sig->Length = sigBytes;
	crtn = CSSM_OK;
abort:
	B_DestroyAlgorithmObject(&alg);
	return crtn;
}

CSSM_RETURN buVerify(
	BU_KEY				key,
	CSSM_ALGORITHMS		sigAlg,
	const CSSM_DATA		*ptext,
	const CSSM_DATA		*sig)				// mallocd and RETURNED
{
	B_ALGORITHM_OBJ		alg = NULL;
	int 				brtn;
	B_INFO_TYPE			infoType;
	CSSM_RETURN			crtn;
	
	brtn = B_CreateAlgorithmObject(&alg);
	if(brtn) {
		return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
	}
	crtn = cssmSigAlgToInfoType(sigAlg, &infoType);
	if(crtn) {
		return crtn;
	}
	brtn = B_SetAlgorithmInfo(alg, infoType, NULL);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
		goto abort;
	}
	brtn = B_VerifyInit(alg, (B_KEY_OBJ)key, BSAFE_ALGORITHM_CHOOSER, NULL);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_VerifyInit");
		goto abort;
	}
	brtn = B_VerifyUpdate(alg, ptext->Data, ptext->Length, NULL);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_VerifyUpdate");
		goto abort;
	}
	brtn = B_VerifyFinal(alg, sig->Data, sig->Length, buGetRng(), NULL);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_VerifyFinal");
		goto abort;
	}
	crtn = CSSM_OK;
abort:
	B_DestroyAlgorithmObject(&alg);
	return crtn;
}

/* 
 * generate MAC either one update (updateSizes == NULL) or 
 * specified set of update sizes.
 */
#define MAX_MAC_SIZE	20

CSSM_RETURN buGenMac(
	BU_KEY				key,				// any key, any size
	CSSM_ALGORITHMS		macAlg,				// only CSSM_ALGID_SHA1HMAC for now
	const CSSM_DATA		*ptext,
	unsigned			*updateSizes,		// NULL --> random updates
											// else null-terminated list of sizes
	CSSM_DATA_PTR		mac)				// mallocd and RETURNED 
{
	B_ALGORITHM_OBJ		alg = NULL;
	int 				brtn;
	CSSM_RETURN			crtn;
	B_DIGEST_SPECIFIER	digestInfo;
	B_INFO_TYPE			infoType;
	unsigned			macBytes;
	
	brtn = B_CreateAlgorithmObject(&alg);
	if(brtn) {
		return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
	}
	switch(macAlg) {
		case CSSM_ALGID_SHA1HMAC:
		case CSSM_ALGID_SHA1HMAC_LEGACY:
			digestInfo.digestInfoType = AI_SHA1;
			infoType = AI_HMAC;
			break;
		default:
			printf("buGenMac: alg not supported\n");
			return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
	}
	digestInfo.digestInfoParams = NULL;
	brtn = B_SetAlgorithmInfo(alg, infoType, (POINTER)&digestInfo);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
		goto abort;
	}
	brtn = B_DigestInit(alg, (B_KEY_OBJ)key, BSAFE_ALGORITHM_CHOOSER, NULL);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_DigestInit");
		goto abort;
	}
	if(updateSizes) {
		uint8 *currData = ptext->Data;
		while(*updateSizes) {
			brtn = B_DigestUpdate(alg, currData, *updateSizes, NULL);
			if(brtn) {
				crtn = buBsafeErrToCssm(brtn, "B_DigestUpdate");
				goto abort;
			}
			currData += *updateSizes;
			updateSizes++;
		}
	}
	else {
		/* one-shot */
		brtn = B_DigestUpdate(alg, ptext->Data, ptext->Length, NULL);
		if(brtn) {
			crtn = buBsafeErrToCssm(brtn, "B_DigestUpdate");
			goto abort;
		}
	}
	/* prepare for mac, magically gleaned max size */
	macBytes = MAX_MAC_SIZE;
	mac->Data = (uint8 *)CSSM_MALLOC(macBytes);
	mac->Length = macBytes;
	
	brtn = B_DigestFinal(alg, mac->Data, &macBytes, macBytes, NULL);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_DigestFinal");
		goto abort;
	}
	mac->Length = macBytes;
	crtn = CSSM_OK;
abort:
	B_DestroyAlgorithmObject(&alg);
	return crtn;

}

/* generate digest */
#define MAX_DIGEST_SIZE		20

CSSM_RETURN buGenDigest(
	CSSM_ALGORITHMS		macAlg,				// CSSM_ALGID_SHA1, etc. */
	const CSSM_DATA		*ptext,
	CSSM_DATA_PTR		digest)				// mallocd and RETURNED 
{
	B_ALGORITHM_OBJ		alg = NULL;
	int 				brtn;
	CSSM_RETURN			crtn;
	B_INFO_TYPE			infoType;
	unsigned			hashBytes;
	
	brtn = B_CreateAlgorithmObject(&alg);
	if(brtn) {
		return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
	}
	switch(macAlg) {
		case CSSM_ALGID_SHA1:
			infoType = AI_SHA1;
			break;
		case CSSM_ALGID_MD5:
			infoType = AI_MD5;
			break;
		case CSSM_ALGID_MD2:
			infoType = AI_MD2;
			break;
		default:
			printf("buGenDigest: alg not supported\n");
			return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
	}
	brtn = B_SetAlgorithmInfo(alg, infoType, NULL);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
		goto abort;
	}
	brtn = B_DigestInit(alg, NULL, BSAFE_ALGORITHM_CHOOSER, NULL);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_DigestInit");
		goto abort;
	}
	brtn = B_DigestUpdate(alg, ptext->Data, ptext->Length, NULL);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_DigestUpdate");
		goto abort;
	}
	
	/* prepare for digest, magically gleaned max size */
	hashBytes = MAX_DIGEST_SIZE;
	digest->Data = (uint8 *)CSSM_MALLOC(hashBytes);
	digest->Length = hashBytes;
	
	brtn = B_DigestFinal(alg, digest->Data, &hashBytes, hashBytes, NULL);
	if(brtn) {
		crtn = buBsafeErrToCssm(brtn, "B_DigestFinal");
		goto abort;
	}
	digest->Length = hashBytes;
	crtn = CSSM_OK;
abort:
	B_DestroyAlgorithmObject(&alg);
	return crtn;

}

/*
 * Convert between BSAFE and CDSA private keys
 */
CSSM_RETURN buBsafePrivKeyToCdsa(
	CSSM_ALGORITHMS		keyAlg,
	uint32				keySizeInBits,
	BU_KEY				bsafePrivKey,
	CSSM_KEY_PTR		cdsaPrivKey)
{
	B_INFO_TYPE			infoType;
	ITEM				*keyBlob;
	int					brtn;
	CSSM_KEYBLOB_FORMAT	format;
	CSSM_KEYHEADER_PTR	hdr = &cdsaPrivKey->KeyHeader;
	
	/* what kind of info? */
	switch(keyAlg) {
		case CSSM_ALGID_RSA:
			infoType = KI_PKCS_RSAPrivateBER;
			format = CSSM_KEYBLOB_RAW_FORMAT_PKCS8;
			break;
		case CSSM_ALGID_DSA:
			infoType = KI_DSAPrivateBER;
			format = CSSM_KEYBLOB_RAW_FORMAT_FIPS186;
			break;
		default:
			printf("***buBsafePrivKeyToCdsa: bogus keyAlg\n");
			return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
	}
	
	/* get the blob */
	brtn = B_GetKeyInfo((POINTER *)&keyBlob,
		(B_KEY_OBJ)bsafePrivKey,
		infoType);
	if(brtn) {
		return buBsafeErrToCssm(brtn, "B_GetKeyInfo");
	}
	
	/* copy blob to CDSA key */
	cdsaPrivKey->KeyData.Data = (uint8 *)CSSM_MALLOC(keyBlob->len);
	cdsaPrivKey->KeyData.Length = keyBlob->len;
	memmove(cdsaPrivKey->KeyData.Data, keyBlob->data, keyBlob->len);
	
	/* set up CSSM key header */
	memset(hdr, 0, sizeof(CSSM_KEYHEADER));
	hdr->HeaderVersion = CSSM_KEYHEADER_VERSION;
	hdr->BlobType = CSSM_KEYBLOB_RAW;
	hdr->Format = format;
	hdr->AlgorithmId = keyAlg;
	hdr->KeyClass = CSSM_KEYCLASS_PRIVATE_KEY;
	hdr->LogicalKeySizeInBits = keySizeInBits;
	hdr->KeyAttr = CSSM_KEYATTR_EXTRACTABLE;
	hdr->KeyUsage = CSSM_KEYUSE_ANY;
	return CSSM_OK;
}

CSSM_RETURN buCdsaPrivKeyToBsafe(
	CSSM_KEY_PTR		cdsaPrivKey,
	BU_KEY				*bsafePrivKey)
{
	int 		brtn;
	B_KEY_OBJ	privKey = NULL;
	ITEM		keyBlob;
	B_INFO_TYPE	infoType;
	
	/* what kind of info? */
	switch(cdsaPrivKey->KeyHeader.AlgorithmId) {
		case CSSM_ALGID_RSA:
			infoType = KI_PKCS_RSAPrivateBER;
			break;
		case CSSM_ALGID_DSA:
			infoType = KI_DSAPrivateBER;
			break;
		default:
			printf("***buCdsaPrivKeyToCssm: bogus keyAlg\n");
			return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
	}
	
	/* create caller's key, assign blob to it */
	brtn = B_CreateKeyObject(&privKey);
	if(brtn) {
		return buBsafeErrToCssm(brtn, "B_CreateKeyObject");
	}
	buCssmDataToItem(&cdsaPrivKey->KeyData, &keyBlob);
	brtn = B_SetKeyInfo(privKey, infoType, (POINTER)&keyBlob);
	if(brtn) {
		return buBsafeErrToCssm(brtn, "B_SetKeyInfo");
	}
	*bsafePrivKey = privKey;
	return CSSM_OK;
}

Added LocalTests/utilLib/bsafeUtils.h.



























































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
/*
 * bsafeUtils.h - common routines for CDSA/BSAFE compatibility testing
 */

/*
 * Clients of this module do not need to know about or see anything from the 
 * BSAFE headers. 
 */
#ifndef	_BSAFE_UTILS_H_
#define _BSAFE_UTILS_H_
#include <Security/cssmtype.h>

#ifdef	__cplusplus
extern "C" {
#endif

/* Actually the same as a B_KEY_OBJ, but our callers don't need to know that */
typedef void *BU_KEY;

/*
 * Create a symmetric key.
 */
CSSM_RETURN  buGenSymKey(
	uint32			keySizeInBits,
	const CSSM_DATA	*keyData,
	BU_KEY			*key);			// RETURNED

/*
 * Create asymmetric key pair.
 * FIXME - additional params (e.g. DSA params, RSA exponent)?
 */
CSSM_RETURN buGenKeyPair(
	uint32			keySizeInBits,
	CSSM_ALGORITHMS	keyAlg,			// CSSM_ALGID_{RSA,DSA}
	BU_KEY			*pubKey,		// RETURNED
	BU_KEY			*privKey);		// RETURNED
	
/*
 * Free a key created in buGenSymKey or buGenKeyPair
 */
CSSM_RETURN buFreeKey(
	BU_KEY			key);

/*
 * encrypt/decrypt
 */
CSSM_RETURN buEncryptDecrypt(
	BU_KEY				key,
	CSSM_BOOL			forEncrypt,
	CSSM_ALGORITHMS		encrAlg,
	CSSM_ENCRYPT_MODE	mode,				// CSSM_ALGMODE_CBC, etc.
	const CSSM_DATA		*iv,				//Êoptional per mode
	uint32				effectiveKeyBits,	// optional per key alg (actually just RC2)
											// for RSA, key size in bits
	uint32				rounds,				// optional, RC5 only
	const CSSM_DATA		*inData,
	CSSM_DATA_PTR		outData);			// mallocd and RETURNED

/*
 * Sign/verify
 */
CSSM_RETURN buSign(
	BU_KEY				key,
	CSSM_ALGORITHMS		sigAlg,
	const CSSM_DATA		*ptext,
	uint32				keySizeInBits,		// to set up sig
	CSSM_DATA_PTR		sig);				// mallocd and RETURNED

CSSM_RETURN buVerify(
	BU_KEY				key,
	CSSM_ALGORITHMS		sigAlg,
	const CSSM_DATA		*ptext,
	const CSSM_DATA		*sig);				// mallocd and RETURNED

/* 
 * generate MAC either one update (updateSizes == NULL) or 
 * specified set of update sizes.
 */
CSSM_RETURN buGenMac(
	BU_KEY				key,				// any key, any size
	CSSM_ALGORITHMS		macAlg,				// only CSSM_ALGID_SHA1HMAC for now
	const CSSM_DATA		*ptext,
	unsigned			*updateSizes,		// NULL --> random updates
											// else null-terminated list of sizes
	CSSM_DATA_PTR		mac);				// mallocd and RETURNED 
	
/* generate digest */
CSSM_RETURN buGenDigest(
	CSSM_ALGORITHMS		macAlg,				// CSSM_ALGID_SHA1, etc. */
	const CSSM_DATA		*ptext,
	CSSM_DATA_PTR		digest);			// mallocd and RETURNED 
	
/*
 * Convert between BSAFE and CDSA private keys
 */
CSSM_RETURN buBsafePrivKeyToCdsa(
	CSSM_ALGORITHMS		keyAlg,
	uint32				keySizeInBits,
	BU_KEY				bsafePrivKey,
	CSSM_KEY_PTR		cdsaPrivKey);
CSSM_RETURN buCdsaPrivKeyToBsafe(
	CSSM_KEY_PTR		cdsaPrivKey,
	BU_KEY				*bsafePrivKey);

#ifdef	__cplusplus
}
#endif

#endif	/* _BSAFE_UTILS_H_ */

Added LocalTests/utilLib/common.c.





































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
/* Copyright 1997 Apple Computer, Inc.
 *
 * common.c - Common CSP test code
 *
 * Revision History
 * ----------------
 *   4 May 2000 Doug Mitchell
 *		Ported to X/CDSA2. 
 *   6 Jul 1998 Doug Mitchell at Apple
 *		Added clStartup().
 *  12 Aug 1997	Doug Mitchell at Apple
 *		Created.
 */
 
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <Security/cssm.h>
#include "common.h"
#include <Security/cssmapple.h>			/* apple, not intel */
#include <time.h>

static CSSM_VERSION vers = {2, 0};
//const static uint32 guidPrefix = 0xFADE;
const CSSM_GUID testGuid = { 0xFADE, 0, 0, { 1,2,3,4,5,6,7,0 }};

/*
 * We can't enable this until all of these are fixed and integrated:
 * 2890978 CSP
 * 2927474 CSPDL
 * 2928357 TP
 */
#define DETECT_MALLOC_ABUSE		1	

#if		DETECT_MALLOC_ABUSE

/* 
 * This set of allocator functions detects when we free something
 * which was mallocd by CDSA or a plugin using something other than
 * our callback malloc/realloc/calloc. With proper runtime support
 * (which is present in Jaguar 6C35), the reverse is also detected
 * by malloc (i.e., we malloc something and CDSA or a plugin frees
 * it).
 */
#define APP_MALLOC_MAGIC		'Util'

void * appMalloc (CSSM_SIZE size, void *allocRef) {
	void *ptr;

	/* scribble magic number in first four bytes */
	ptr = malloc(size + 4);
	*(uint32 *)ptr = APP_MALLOC_MAGIC;
	ptr = (char *)ptr + 4;

	return ptr;
}

void appFree (void *ptr, void *allocRef) {
	if(ptr == NULL) {
		return;
	}
	ptr = (char *)ptr - 4;
	if(*(uint32 *)ptr != APP_MALLOC_MAGIC) {
		printf("ERROR: appFree() freeing a block that we didn't allocate!\n");
		return;		// this free is not safe
	}
	*(uint32 *)ptr = 0;
	free(ptr);
}

/* Realloc - adjust both original pointer and size */
void * appRealloc (void *ptr, CSSM_SIZE size, void *allocRef) {
	if(ptr == NULL) {
		/* no ptr, no existing magic number */
		return appMalloc(size, allocRef);
	}
	ptr = (char *)ptr - 4;
	if(*(uint32 *)ptr != APP_MALLOC_MAGIC) {
		printf("ERROR: appRealloc() on a block that we didn't allocate!\n");
	}
	*(uint32 *)ptr = 0;
	ptr = realloc(ptr, size + 4);
	*(uint32 *)ptr = APP_MALLOC_MAGIC;
	ptr = (char *)ptr + 4;
	return ptr;
}

/* Have to do this manually */
void * appCalloc (uint32 num, CSSM_SIZE size, void *allocRef) {
	uint32 memSize = num * size;
	
	void *ptr = appMalloc(memSize, allocRef);
	memset(ptr, 0, memSize);
	return ptr;
}

#else	/* DETECT_MALLOC_ABUSE */
/*
 * Standard app-level memory functions required by CDSA.
 */
void * appMalloc (CSSM_SIZE size, void *allocRef) {
	return( malloc(size) );
}
void appFree (void *mem_ptr, void *allocRef) {
	free(mem_ptr);
 	return;
}
void * appRealloc (void *ptr, CSSM_SIZE size, void *allocRef) {
	return( realloc( ptr, size ) );
}
void * appCalloc (uint32 num, CSSM_SIZE size, void *allocRef) {
	return( calloc( num, size ) );
}
#endif	/* DETECT_MALLOC_ABUSE */

static CSSM_API_MEMORY_FUNCS memFuncs = {
	appMalloc,
	appFree,
	appRealloc,
 	appCalloc,
 	NULL
 };
 
/*
 * Init CSSM; returns CSSM_FALSE on error. Reusable.
 */
static CSSM_BOOL cssmInitd = CSSM_FALSE;

CSSM_BOOL cssmStartup()
{
	CSSM_RETURN  crtn;
    CSSM_PVC_MODE pvcPolicy = CSSM_PVC_NONE;
	
	if(cssmInitd) {
		return CSSM_TRUE;
	}  
	crtn = CSSM_Init (&vers, 
		CSSM_PRIVILEGE_SCOPE_NONE,
		&testGuid,
		CSSM_KEY_HIERARCHY_NONE,
		&pvcPolicy,
		NULL /* reserved */);
	if(crtn != CSSM_OK) 
	{
		printError("CSSM_Init", crtn);
		return CSSM_FALSE;
	}
	else {
		cssmInitd = CSSM_TRUE;
		return CSSM_TRUE;
	}
}

/*
 * Init CSSM and establish a session with the Apple CSP.
 */
CSSM_CSP_HANDLE cspStartup()
{
	return cspDlDbStartup(CSSM_TRUE, NULL);	
}

/* like cspStartup, but also returns DB handle. If incoming dbHandPtr
 * is NULL, no DB startup. */
CSSM_CSP_HANDLE cspDbStartup(
	CSSM_DB_HANDLE *dbHandPtr)
{
	return cspDlDbStartup(CSSM_TRUE, NULL);	
}

CSSM_CSP_HANDLE cspDlDbStartup(
	CSSM_BOOL bareCsp,			// true ==> CSP, false ==> CSP/DL
	CSSM_DB_HANDLE *dbHandPtr)	// optional - TO BE DELETED
{
	CSSM_CSP_HANDLE cspHand;
	CSSM_RETURN		crtn;
	const CSSM_GUID *guid;
	char *modName;
	
	if(dbHandPtr) {
		*dbHandPtr = 0;
	}
	if(cssmStartup() == CSSM_FALSE) {
		return 0;
	}
	if(bareCsp) {
		guid = &gGuidAppleCSP;
		modName = (char*) "AppleCSP";
	}
	else {
		guid = &gGuidAppleCSPDL;
		modName = (char *) "AppleCSPDL";
	}
	crtn = CSSM_ModuleLoad(guid,
		CSSM_KEY_HIERARCHY_NONE,
		NULL,			// eventHandler
		NULL);			// AppNotifyCallbackCtx
	if(crtn) {
		char outStr[100];
		sprintf(outStr, "CSSM_ModuleLoad(%s)", modName);
		printError(outStr, crtn);
		return 0;
	}
	crtn = CSSM_ModuleAttach (guid,
		&vers,
		&memFuncs,			// memFuncs
		0,					// SubserviceID
		CSSM_SERVICE_CSP,	
		0,					// AttachFlags
		CSSM_KEY_HIERARCHY_NONE,
		NULL,				// FunctionTable
		0,					// NumFuncTable
		NULL,				// reserved
		&cspHand);
	if(crtn) {
		char outStr[100];
		sprintf(outStr, "CSSM_ModuleAttach(%s)", modName);
		printError(outStr, crtn);
		return 0;
	}
	return cspHand;
}

/*
 * Detach and unload from a CSP.
 */
CSSM_RETURN cspShutdown(
	CSSM_CSP_HANDLE	cspHand,
	CSSM_BOOL bareCsp)			// true ==> CSP, false ==> CSP/DL
{
	CSSM_RETURN crtn;
	const CSSM_GUID *guid;
	char *modName;
	
	if(bareCsp) {
		guid = &gGuidAppleCSP;
		modName = (char *) "AppleCSP";
	}
	else {
		guid = &gGuidAppleCSPDL;
		modName = (char *) "AppleCSPDL";
	}
	crtn = CSSM_ModuleDetach(cspHand);
	if(crtn) {
		printf("Error detaching from %s\n", modName);
		printError("CSSM_ModuleDetach", crtn);
		return crtn;
	}
	crtn = CSSM_ModuleUnload(guid, NULL, NULL);
	if(crtn) {
		printf("Error unloading %s\n", modName);
		printError("CSSM_ModuleUnload", crtn);
	}
	return crtn;
}

/* Attach to DL side of CSPDL */
CSSM_DL_HANDLE dlStartup()
{
	CSSM_DL_HANDLE 	dlHand = 0;
	CSSM_RETURN		crtn;
	
	if(cssmStartup() == CSSM_FALSE) {
		return 0;
	}
	crtn = CSSM_ModuleLoad(&gGuidAppleCSPDL,
		CSSM_KEY_HIERARCHY_NONE,
		NULL,			// eventHandler
		NULL);			// AppNotifyCallbackCtx
	if(crtn) {
		printError("CSSM_ModuleLoad(Apple CSPDL)", crtn);
		return 0;
	}
	crtn = CSSM_ModuleAttach (&gGuidAppleCSPDL,
		&vers,
		&memFuncs,			// memFuncs
		0,					// SubserviceID
		CSSM_SERVICE_DL,	
		0,					// AttachFlags
		CSSM_KEY_HIERARCHY_NONE,
		NULL,				// FunctionTable
		0,					// NumFuncTable
		NULL,				// reserved
		&dlHand);
	if(crtn) {
		printError("CSSM_ModuleAttach(Apple CSPDL)", crtn);
		return 0;
	}
	return dlHand;
}

/*
 * Delete a DB.
 */
#define DELETE_WITH_AUTHENT		0
CSSM_RETURN dbDelete(
	CSSM_DL_HANDLE		dlHand,			// from dlStartup()
	const char 			*dbName)
{
	return CSSM_DL_DbDelete(dlHand, dbName, NULL, NULL);
}

/*
 * open a DB, ensure it's empty.
 */
CSSM_DB_HANDLE dbStartup(
	CSSM_DL_HANDLE		dlHand,			// from dlStartup()
	const char 			*dbName)
{
	CSSM_DB_HANDLE dbHand = 0;
	
	CSSM_RETURN crtn = dbCreateOpen(dlHand, dbName, 
		CSSM_TRUE,		// create
		CSSM_TRUE,		// delete
		NULL,			// pwd
		&dbHand);
	if(crtn == CSSM_OK) {
		return dbHand;
	}
	else {
		return 0;
	}
}

#if 0
/*
 * Attach to existing DB or create an empty new one.
 */
CSSM_DB_HANDLE dbStartupByName(CSSM_DL_HANDLE dlHand,
	char 		*dbName,
	CSSM_BOOL 	doCreate)
{
	CSSM_RETURN crtn;
	CSSM_DB_HANDLE				dbHand;
	
	/* try to open existing DB in either case */
	
	crtn = CSSM_DL_DbOpen(dlHand,
		dbName, 
		NULL,			// DbLocation
		CSSM_DB_ACCESS_READ | CSSM_DB_ACCESS_WRITE,
		NULL, 			// CSSM_ACCESS_CREDENTIALS *AccessCred
		NULL,			// void *OpenParameters
		&dbHand);
	if(dbHand != 0) {
		return dbHand;
	}
	if(!doCreate) {
		printf("***no such data base (%s)\n", dbName);
		printError("CSSM_DL_DbOpen", crtn);
		return 0;
	}
	/* have to create one */
	return dbStartup(dlHand, dbName);
}
#endif

/*
 * routines which convert various types to untyped byte arrays.
 */
void intToBytes(unsigned i, unsigned char *buf)
{
	*buf++ = (unsigned char)((i >> 24) & 0xff);
	*buf++ = (unsigned char)((i >> 16) & 0xff);
	*buf++ = (unsigned char)((i >> 8)  & 0xff);
	*buf   = (unsigned char)(i & 0xff);
}
void shortToBytes(unsigned short s, unsigned char *buf)
{
	*buf++ = (unsigned char)((s >> 8)  & 0xff);
	*buf   = (unsigned char)(s & 0xff);
}
unsigned bytesToInt(const unsigned char *buf) {
	unsigned result;
	result = (((unsigned)buf[0] << 24) & 0xff000000) |
		(((unsigned)buf[1] << 16) & 0x00ff0000) |
		(((unsigned)buf[2] << 8) & 0xff00) |
		(((unsigned)buf[3]) & 0xff);
	return result;
}
unsigned short bytesToShort(const unsigned char *buf) {
    	unsigned short result;
    	result = (((unsigned short)buf[0] << 8) & 0xff00) |
		 (((unsigned short)buf[1]) & 0xff);
    	return result;
}

/*
 * Given a context specified via a CSSM_CC_HANDLE, add a new
 * CSSM_CONTEXT_ATTRIBUTE to the context as specified by AttributeType,
 * AttributeLength, and an untyped pointer.
 *
 * This is currently used to add a second CSSM_KEY attribute when performing
 * ops with algorithm CSSM_ALGID_FEED and CSSM_ALGID_FEECFILE.
 */
CSSM_RETURN AddContextAttribute(CSSM_CC_HANDLE CCHandle,
	uint32 AttributeType,
	uint32 AttributeLength,
	ContextAttrType attrType,
	/* specify exactly one of these */
	const void *AttributePtr,
	uint32 attributeInt)
{
	CSSM_CONTEXT_ATTRIBUTE		newAttr;	
	CSSM_RETURN					crtn;
	
	newAttr.AttributeType     = AttributeType;
	newAttr.AttributeLength   = AttributeLength;
	if(attrType == CAT_Uint32) {
		newAttr.Attribute.Uint32  = attributeInt;
	}
	else {
		newAttr.Attribute.Data    = (CSSM_DATA_PTR)AttributePtr;
	}
	crtn = CSSM_UpdateContextAttributes(CCHandle, 1, &newAttr);
	if(crtn) {
		printError("CSSM_UpdateContextAttributes", crtn);
	}
	return crtn;
}

/*
 * Set up a CSSM data.
 */
CSSM_RETURN appSetupCssmData(
	CSSM_DATA_PTR	data,
	uint32			numBytes)
{
	if(data == NULL) {
		printf("Hey! appSetupCssmData with NULL Data!\n");
		return CSSMERR_CSSM_INTERNAL_ERROR;
	}
	data->Data = (uint8 *)CSSM_MALLOC(numBytes);
	if(data->Data == NULL) {
		return CSSMERR_CSSM_MEMORY_ERROR;
	}
	data->Length = numBytes;
	return CSSM_OK;
}

/*
 * Free the data referenced by a CSSM data, and optionally, the struct itself.
 */
void appFreeCssmData(CSSM_DATA_PTR data,
	CSSM_BOOL freeStruct)
{
	if(data == NULL) {
		return;
	}
	if(data->Length != 0) {
		CSSM_FREE(data->Data);
	}
	if(freeStruct) {
		CSSM_FREE(data);
	}
	else {
		data->Length = 0;
		data->Data = NULL;
	}
}

/*
 * Copy src to dst, mallocing dst.
 */
CSSM_RETURN appCopyCssmData(const CSSM_DATA *src, 
	CSSM_DATA_PTR dst)
{
	return appCopyData(src->Data, src->Length, dst);
}

/* copy raw data to a CSSM_DATA, mallocing dst. */
CSSM_RETURN  appCopyData(const void *src, 
	uint32 len,
	CSSM_DATA_PTR dst)
{
	dst->Length = 0;
	if(len == 0) {
		dst->Data = NULL;
		return CSSM_OK;
	}
	dst->Data = (uint8 *)CSSM_MALLOC(len);
	if(dst->Data == NULL) {
		return CSSM_ERRCODE_MEMORY_ERROR;
	}
	dst->Length = len;
	memcpy(dst->Data, src, len);
	return CSSM_OK;
}

CSSM_BOOL appCompareCssmData(const CSSM_DATA *d1,
	const CSSM_DATA *d2)
{	
	if(d1->Length != d2->Length) {
		return CSSM_FALSE;
	}
	if(memcmp(d1->Data, d2->Data, d1->Length)) {
		return CSSM_FALSE;
	}
	return CSSM_TRUE;	
}

/* min <= return <= max */
unsigned genRand(unsigned min, unsigned max)
{
	unsigned i;
	if(min == max) {
		return min;
	}
	appGetRandomBytes(&i, 4);
	return (min + (i % (max - min + 1)));
}	

void simpleGenData(CSSM_DATA_PTR dbuf, unsigned minBufSize, unsigned maxBufSize)
{
	unsigned len = genRand(minBufSize, maxBufSize);
	appGetRandomBytes(dbuf->Data, len);
	dbuf->Length = len;
}

#define MIN_OFFSET	0
#define MAX_OFFSET	99
#define MIN_ASCII	'a'
#define MAX_ASCII	'z'

/*
 * Calculate random data size, fill dataPool with that many random bytes.
 *
 * (10**minExp + MIN_OFFSET) <= size <= (10**maxExp + MAX_OFFSET)
 */
unsigned genData(unsigned char *dataPool,
	unsigned minExp,
	unsigned maxExp,
	dataType type)
{
	int 		exp;
	int 		offset;
	int 		size;
	char 		*cp;
	int 		i;
	char		ac;
	
	/*
	 * Calculate "random" size : (10 ** (random exponent)) + random offset
	 */
	exp = genRand(minExp, maxExp);
	offset = genRand(MIN_OFFSET, MAX_OFFSET);
	size = 1;
	while(exp--) {			// size = 10 ** exp
		size *= 10;
	}
	size += offset;
	switch(type) {
	    case DT_Zero:
			bzero(dataPool, size);
			break;
	    case DT_Increment:
			{
				int i;
				for(i=0; i<size; i++) {
					dataPool[i] = i;
				}
			}
			break;
	    case DT_ASCII:
	    	ac = MIN_ASCII;
			cp = (char *)dataPool;
	    	for(i=0; i<size; i++) {
				*cp++ = ac++;
				if(ac > MAX_ASCII) {
					ac = MIN_ASCII;
				}
			}
			break;
	    case DT_Random: 
			appGetRandomBytes(dataPool, size);
			break;
	}
	return size;
}

void dumpBuffer(
	const char *bufName,	// optional
	unsigned char *buf,
	unsigned len)
{
	unsigned i;
	
	if(bufName) {
		printf("%s\n", bufName);
	}
	printf("   ");
	for(i=0; i<len; i++) {
		printf("%02X ", buf[i]);
		if((i % 24) == 23) {
			printf("\n   ");
		}
	}
	printf("\n");
}

int testError(CSSM_BOOL quiet)
{
	char resp;
	
	if(quiet) {
		printf("\n***Test aborting.\n");
		exit(1);
	}
	fpurge(stdin);
	printf("a to abort, c to continue: ");
	resp = getchar();
	return (resp == 'a');
}

void testStartBanner(
	char *testName,
	int argc,
	char **argv)
{
	printf("Starting %s; args: ", testName);
	int i;
	for(i=1; i<argc; i++) {
		printf("%s ", argv[i]);
	}
	printf("\n");
}

Added LocalTests/utilLib/common.h.























































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
/* Copyright 1997 Apple Computer, Inc.
 *
 * common.h - Common CSP test code
 *
 * Revision History
 * ----------------
 *  12 Aug 1997	Doug Mitchell at Apple
 *		Created.
 */
 
#ifndef	_UTIL_LIB_COMMON_H_
#define _UTIL_LIB_COMMON_H_

#include <Security/cssm.h>

#ifdef	__cplusplus
extern "C" {
#endif

#undef COMMON_CSSM_MEMORY
#define COMMON_CSSM_MEMORY 0

#if		COMMON_CSSM_MEMORY
#define CSSM_MALLOC(size)			CSSM_Malloc(size)
#define CSSM_FREE(ptr)				CSSM_Free(ptr)
#define CSSM_CALLOC(num, size)		CSSM_Calloc(num, size)
#define CSSM_REALLOC(ptr, newSize)	CSSM_Realloc(ptr, newSize)
/* used in cspwrap when allocating memory on app's behalf */
#define appMalloc(size, allocRef)	CSSM_Malloc(size)

#else	/* !COMMON_CSSM_MEMORY */

void * appMalloc (CSSM_SIZE size, void *allocRef);
void appFree (void *mem_ptr, void *allocRef);
void * appRealloc (void *ptr, CSSM_SIZE size, void *allocRef);
void * appCalloc (uint32 num, CSSM_SIZE size, void *allocRef);

#define CSSM_MALLOC(size)			appMalloc(size, NULL)
#define CSSM_FREE(ptr)				appFree(ptr, NULL)
#define CSSM_CALLOC(num, size)		appCalloc(num, size, NULL)
#define CSSM_REALLOC(ptr, newSize)	appRealloc(ptr, newSize, NULL)

#endif	/* COMMON_CSSM_MEMORY */

/*
 * As of 23 March 1999, there is no longer a "default DB" available for
 * generating keys. This is the standard DB handle created when 
 * calling cspStartup().
 */
extern CSSM_DB_HANDLE commonDb;

/*
 * Init CSSM; returns CSSM_FALSE on error. Reusable.
 */
extern CSSM_BOOL cssmStartup();

/* various flavors of "start up the CSP with optional DB open" */
CSSM_CSP_HANDLE cspStartup();	// bare bones CSP
CSSM_CSP_HANDLE cspDbStartup(	// bare bones CSP, DB open
	CSSM_DB_HANDLE *dbHandPtr);	
CSSM_DL_HANDLE dlStartup();
CSSM_CSP_HANDLE cspDlDbStartup(	// one size fits all
	CSSM_BOOL bareCsp,			// true ==> CSP, false ==> CSP/DL
	CSSM_DB_HANDLE *dbHandPtr);	// optional
CSSM_RETURN cspShutdown(
	CSSM_CSP_HANDLE	cspHand,
	CSSM_BOOL bareCsp);			// true ==> CSP, false ==> CSP/DL
CSSM_RETURN dbDelete(
	CSSM_DL_HANDLE		dlHand,			// from dlStartup()
	const char 			*dbName);
CSSM_DB_HANDLE dbStartup(
	CSSM_DL_HANDLE		dlHand,			// from dlStartup()
	const char 			*dbName);
CSSM_RETURN dbCreateOpen(
	CSSM_DL_HANDLE		dlHand,			// from dlStartup()
	const char 			*dbName,
	CSSM_BOOL			doCreate,		// if false, must already exist	
	CSSM_BOOL			deleteExist,
	const char			*pwd,			// optional
	CSSM_DB_HANDLE		*dbHand);

extern void intToBytes(unsigned i, unsigned char *buf);
void shortToBytes(unsigned short s, unsigned char *buf);
unsigned bytesToInt(const unsigned char *buf);
unsigned short bytesToShort(const unsigned char *buf);

/* specify either 32-bit integer or a pointer as an added attribute value */
typedef enum {
	CAT_Uint32,
	CAT_Ptr
} ContextAttrType;

CSSM_RETURN AddContextAttribute(CSSM_CC_HANDLE CCHandle,
	uint32 AttributeType,
	uint32 AttributeLength,
	ContextAttrType attrType,
	/* specify exactly one of these */
	const void *AttributePtr,
	uint32 attributeInt);
void printError(const char *op, CSSM_RETURN err);
CSSM_RETURN appSetupCssmData(
	CSSM_DATA_PTR	data,
	uint32			numBytes);
void appFreeCssmData(CSSM_DATA_PTR data,
	CSSM_BOOL freeStruct);
CSSM_RETURN appCopyCssmData(const CSSM_DATA *src, 
	CSSM_DATA_PTR dst);
/* copy raw data to a CSSM_DATAm mallocing dst. */
CSSM_RETURN  appCopyData(const void *src, 
	uint32 len,
	CSSM_DATA_PTR dst);
	
/* returns CSSM_TRUE on success, else CSSM_FALSE */
CSSM_BOOL appCompareCssmData(const CSSM_DATA *d1,
	const CSSM_DATA *d2);
	
const char *cssmErrToStr(CSSM_RETURN err);

/*
 * Calculate random data size, fill dataPool with that many random bytes.
 */
typedef enum {
	DT_Random,
	DT_Increment,
	DT_Zero,
	DT_ASCII
} dataType;

unsigned genData(unsigned char *dataPool,
	unsigned minExp,
	unsigned maxExp,
	dataType type);
void simpleGenData(CSSM_DATA_PTR dbuf, unsigned minBufSize, unsigned maxBufSize);
unsigned genRand(unsigned min, unsigned max);
extern void	appGetRandomBytes(void *buf, unsigned len);

void dumpBuffer(
	const char *bufName,	// optional
	unsigned char *buf,
	unsigned len);

int testError(CSSM_BOOL quiet);

void testStartBanner(
	char *testName,
	int argc,
	char **argv);

#ifdef	__cplusplus
}

#endif
#endif	/* _UTIL_LIB_COMMON_H_*/


Added LocalTests/utilLib/commonCpp.cpp.

































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
//
// throw  C++-dependent stuff in here
//
#include <stdio.h>
#include <Security/cssm.h>
#include "common.h"
#include <Security/SecBasePriv.h>
#include <security_cdsa_client/keychainacl.h>
#include <security_cdsa_utilities/cssmacl.h>
#include <security_cdsa_client/aclclient.h>
#include <security_cdsa_utilities/cssmdata.h>
#include <security_cdsa_utilities/cssmalloc.h>
#include <security_utilities/devrandom.h>
#include <CoreFoundation/CFString.h>
#include "cssmErrorStrings.h"		/* generated error string table */

/*
 * Log CSSM error.
 */
void printError(const char *op, CSSM_RETURN err)
{
	cssmPerror(op, err);
}

const char *cssmErrToStr(CSSM_RETURN err)
{
	const ErrString *esp;
	
	for(esp=errStrings; esp->errStr!=NULL; esp++) {
		if(esp->errCode == err) {
			return esp->errStr;
		}
	}
	
	static char outbuf[512];
	sprintf(outbuf, "UNKNOWN ERROR CODE %d", (int)err);
	return outbuf;
}


/*
 * Open a DB, optionally:
 *
 *		-- ensuring it's empty
 *		-- creating it 
 *		-- Specifying optional password to avoid SecurityAgent UI.
 */
CSSM_RETURN dbCreateOpen(
	CSSM_DL_HANDLE		dlHand,			// from dlStartup()
	const char 			*dbName,
	CSSM_BOOL			doCreate,		// if false, must already exist	
	CSSM_BOOL			deleteExist,
	const char			*pwd,			// optional
	CSSM_DB_HANDLE		*dbHand)
{
	CSSM_RETURN		crtn;
	CSSM_DBINFO		dbInfo;
	
	if(deleteExist) {
		/* first delete possible existing DB, ignore error */
		crtn = dbDelete(dlHand, dbName);
		switch(crtn) {
			/* only allowed error is "no such file" */
			case CSSM_OK:
			case CSSMERR_DL_DATASTORE_DOESNOT_EXIST:
				break;
			default:
				printError("CSSM_DL_DbDelete", crtn);
				return crtn;
		}
		if(!doCreate) {
			printf("***Hey! dbCreateOpen with deleteExist and !doCreate\n");
			exit(1);
		}
	}
	else {
		/* 
		 * Try to open existing DB. This does not have a means
		 * to specify password (yet). 
		 */
		crtn = CSSM_DL_DbOpen(dlHand,
			dbName, 
			NULL,			// DbLocation
			CSSM_DB_ACCESS_READ | CSSM_DB_ACCESS_WRITE,
			NULL, 			// CSSM_ACCESS_CREDENTIALS *AccessCred
			NULL,			// void *OpenParameters
			dbHand);
		if(crtn == CSSM_OK) {
			return crtn;
		}
		if(!doCreate) {
			printError("CSSM_DL_DbOpen", crtn);
			printf("Error opening %s\n", dbName);
			return crtn;
		}
	}
	memset(&dbInfo, 0, sizeof(CSSM_DBINFO));
	
	/* now create it */
	if(pwd) {
		/*
		 * This glorious code copied from crlRefresh. I didn't pretend
		 * to understand it when I put it there either.
		 */
		Allocator &alloc = Allocator::standard();
		CssmClient::AclFactory::PasswordChangeCredentials 
			pCreds((StringData(pwd)), alloc);
		const AccessCredentials* aa = pCreds;
		TypedList subject(alloc, CSSM_ACL_SUBJECT_TYPE_ANY);
		AclEntryPrototype protoType(subject);
		AuthorizationGroup &authGroup = protoType.authorization();
		CSSM_ACL_AUTHORIZATION_TAG tag = CSSM_ACL_AUTHORIZATION_ANY;
		authGroup.NumberOfAuthTags = 1;
		authGroup.AuthTags = &tag;
	
		const ResourceControlContext rcc(protoType, 
			const_cast<AccessCredentials *>(aa));

		crtn = CSSM_DL_DbCreate(dlHand, 
			dbName,
			NULL,						// DbLocation
			&dbInfo,
			// &Security::KeychainCore::Schema::DBInfo,
			CSSM_DB_ACCESS_PRIVILEGED,
			&rcc,						// CredAndAclEntry
			NULL,						// OpenParameters
			dbHand);
	}
	else {
		crtn = CSSM_DL_DbCreate(dlHand, 
			dbName,
			NULL,						// DbLocation
			&dbInfo,
			// &Security::KeychainCore::Schema::DBInfo,
			CSSM_DB_ACCESS_PRIVILEGED,
			NULL,						// CredAndAclEntry
			NULL,						// OpenParameters
			dbHand);
	}
	if(crtn) {
		printError("CSSM_DL_DbCreate", crtn);
	}
	return crtn;
}

/*
 * *The* way for all tests to get random data.
 */
void appGetRandomBytes(void *buf, unsigned len)
{
	try {
		Security::DevRandomGenerator devRand(false);
		devRand.random(buf, len);
	}
	catch(...) {
		printf("***Hey! DevRandomGenerator threw an exception!\n");
		/* Yes, exit - I'd really like to catch one of these */
		exit(1);
	}
}

Added LocalTests/utilLib/cputime.c.





































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <libc.h>
#include "cputime.h"

/* 
 * This returns the frequency of the TBR in cycles per second.
 */
static double GetTBRFreq(void) {
	mach_timebase_info_data_t tinfo;
	mach_timebase_info(&tinfo);
	
	double machRatio = (double)tinfo.numer / (double)tinfo.denom;
	return machRatio;
}

/*
 * Return TBR Frequency, getting it lazily once. May not be thread safe.
 */
static double TbrFreqLocal = 0.0;		// ration for NANOSECONDS
static double tbrFreq()
{
	if(TbrFreqLocal == 0.0) {
		TbrFreqLocal = GetTBRFreq();
		printf("machRatio %e\n", TbrFreqLocal);
	}
	return TbrFreqLocal;
}

// seconds
double CPUTimeDeltaSec(CPUTime from, CPUTime to)	
{
	CPUTime delta = to - from;
	return (double)delta * (tbrFreq() * (double)1e-9);
}

// milliseconds
double CPUTimeDeltaMs(CPUTime from, CPUTime to)
{
	CPUTime delta = to - from;
	return (double)delta * (tbrFreq() * (double)1e-6);
}

// microseconds
double CPUTimeDeltaUs(CPUTime from, CPUTime to)
{
	CPUTime delta = to - from;
	return (double)delta * (tbrFreq() * (double)1e-3);
}
	
/*
 * Calculate the average of an array of doubles. The lowest and highest values
 * are discarded if there are more than two samples. Typically used to get an
 * average of a set of values returned from CPUTimeDelta*().
 */
double CPUTimeAvg(
	const double *array,
	unsigned arraySize)
{
	double sum = 0;
	double lowest = array[0];
	double highest = array[0];
	
	unsigned dex;
	for(dex=0; dex<arraySize; dex++) {
		double curr = array[dex];
		sum += curr;
		if(curr < lowest) {
			lowest = curr;
		}
		if(curr > highest) {
			highest = curr;
		}
	}
	if(arraySize > 2) {
		sum -= lowest;
		sum -= highest;
		arraySize -= 2;
	}
	return sum / (double)arraySize;
}

Added LocalTests/utilLib/cputime.h.



















































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
/*
 * Copyright (c) 2003 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please 
 * obtain a copy of the License at http://www.apple.com/publicsource and 
 * read it before using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 
 * Please see the License for the specific language governing rights and 
 * limitations under the License.
 */

/*
 * cputime.h - high resolution timing module
 *
 * This module uses a highly machine-dependent mechanism to get timestamps
 * directly from CPU registers, without the overhead of a system call. The
 * timestamps are exported as type CPUTime and you should not concern yourself
 * with exactly what that is. 
 *
 * We provide routines to convert a difference between two CPUTimes as a double,
 * in seconds, milliseconds, and microseconds. Th
 *
 * The cost (time) of getting a timestamp (via CPUTimeRead()) generally takes
 * two or fewer times the resolution period, i.e., less than 80 ns on a 100 MHz
 * bus machine, often 40 ns.
 * 
 * The general usage of this module is as follows:
 *
 * {
 *		set up test scenario;
 *		CPUTime startTime = CPUTimeRead();
 *		...critical timed code here...
 *		CPUTime endTime = CPUTimeRead();
 * 		double elapsedMilliseconds = CPUTimeDeltaMs(startTime, endTime);
 * }
 *
 * It's crucial to place the CPUTimeDelta*() call OUTSIDE of the critical timed
 * area. It's really cheap to snag the timestamps, but it's not at all cheap
 * to convert the difference between two timestamps to a double. 
 */
 
#ifndef	_CPUTIME_H_
#define _CPUTIME_H_

#ifdef __cplusplus
extern "C" {
#endif

#include <mach/mach_time.h>


typedef uint64_t CPUTime;

/*
 * Obtain machine-dependent, high resolution, cheap-to-read timestamp.
 */
#define CPUTimeRead() mach_absolute_time()

/*
 * Convert difference between two CPUTimes into various units.
 * Implemented as separate functions to preserve as much precision as possible
 * before required machine-dependent "divide by clock frequency".
 */
extern double CPUTimeDeltaSec(CPUTime from, CPUTime to);	// seconds
extern double CPUTimeDeltaMs(CPUTime from, CPUTime to);		// milliseconds
extern double CPUTimeDeltaUs(CPUTime from, CPUTime to);		// microseconds

/*
 * Calculate the average of an array of doubles. The lowest and highest values
 * are discarded if there are more than two samples. Typically used to get an
 * average of a set of values returned from CPUTimeDelta*().
 */
double CPUTimeAvg(
	const double *array,
	unsigned arraySize);

#ifdef __cplusplus
}
#endif

#endif	/* _CPUTIME_H_ */

Added LocalTests/utilLib/cspdlTesting.h.









































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
/*
 * cspdlTesting.h - workaround flags for testing CSPDL using CSP-oriented tests.
 */

#ifndef	_CSPDL_TESTING_H_
#define _CSPDL_TESTING_H_

#ifdef	__cplusplus
extern "C" {
#endif

/*
 * All generated keys must be reference keys.
 */
#define CSPDL_ALL_KEYS_ARE_REF		1

/*
 * 2nd/public key in two-key FEE ops must be raw. This is because the Security 
 * Server doesn't go in and deal with ref keys which are only found in a
 * Context.
 */
#define CSPDL_2ND_PUB_KEY_IS_RAW	1

/*
 * Ease off on restriction of ptext size == ctext size in case of symmetric 
 * en/decrypt with no padding. The sizes will be equal, but we can't ensure
 * that by mallocing exactly the right amount after because CSPDL doesn't
 * give an exact (proper) outputSize in this case (yet).
 */
#define CSPDL_NOPAD_ENFORCE_SIZE	1

/*
 * CSPDL can't do SHA1HMAC_LEGACY with bug-for-bug compatibility with 
 * BSAFE (sinceÊthe bug-for-bug feature involves doing actual HMAC updates
 * exactly as the app presents them).
 */
#define CSPDL_SHA1HMAC_LEGACY_ENABLE	0

/*
 * CSPDL does not support DSA GenerateAlgorithmParameters. Let the secure CSP
 * do it implicitly during key gen.
 */
#define CSPDL_DSA_GEN_PARAMS			0

/*
 * Can't generate keys with CSSM_KEYATTR_PRIVATE. Is this a bug or a feature?
 * Nobody pays any attention to this except the CSP, which rejects it. Shouldn't
 * either CSPDL or SS look at this and strip it off before sending the request
 * down to the CSP?
 */
#define CSPDL_KEYATTR_PRIVATE			0

/* 
 * ObtainPrivateKeyFromPublic key not implemented yet (if ever).
 */
#define CSPDL_OBTAIN_PRIV_FROM_PUB		0

/*** Workarounds for badattr test only ***/
 
/*
 * Munged header fields in a ref key should result in CSP_INVALID_KEY_REFERENCE,
 * but work fine.
 */
#define CSPDL_MUNGE_HEADER_CHECK		0

/* 
 * ALWAYS_SENSITIVE, NEVER_EXTRACTABLE are ignored, should result in 
 * CSP_INVALID_KEYATTR_MASK at key gen time.
 * FIXED per Radar 2879872.
 */
#define CSPDL_ALWAYS_SENSITIVE_CHECK	1
#define CSPDL_NEVER_EXTRACTABLE_CHECK	1

/*** end of badattr workarounds ***/

/* 
 * <rdar://problem/3732910> certtool can't generate keypair
 *
 * Until this is fixed - actually the underlying problem is in securityd - 
 * CSPDL can not generate a key pair without private and public both being 
 * PERMANENT.
 */
#define CSPDL_ALL_KEYS_ARE_PERMANENT	0


/***
 *** Other differences/bugs/oddities.
 ***/
 
/*
 * 1. SS wraps (encrypt) public keys when encoding them, thus the CSP has to allow
 *    wrapping of public keys. This may not be what we really want. See
 *    AppleCSP/AppleCSP/wrapKey.cpp for workaround per ALLOW_PUB_KEY_WRAP.
 */
 
#ifdef	__cplusplus
}
#endif

#endif	/* _CSPDL_TESTING_H_ */

Added LocalTests/utilLib/cspwrap.c.

















































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
2951
2952
2953
2954
2955
2956
2957
2958
2959
2960
2961
2962
2963
2964
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
2982
2983
2984
2985
2986
2987
2988
2989
2990
2991
2992
2993
2994
2995
2996
2997
2998
2999
3000
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053
3054
3055
3056
3057
3058
3059
3060
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190
3191
3192
/* Copyright 1997 Apple Computer, Inc.
 *
 * cspwrap.c - wrappers to simplify access to CDSA
 *
 * Revision History
 * ----------------
 *   3 May 2000 Doug Mitchell
 *		Ported to X/CDSA2.
 *  12 Aug 1997	Doug Mitchell at Apple
 *		Created.
 */
 
#include <Security/cssmapple.h>
#include <Security/cssm.h>
#include "cspwrap.h"
#include "common.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
/* MCF hack */
// #include <CarbonCore/MacTypes.h>
#include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacTypes.h>
/* end MCF */

#ifndef	NULL
#define NULL ((void *)0)
#endif	/* NULL */
#ifndef	MAX
#define MAX(a,b)	((a > b) ? a : b)
#define MIN(a,b)	((a < b) ? a : b)
#endif

#pragma mark --------- Key Generation ---------

/*
 * Key generation
 */
#define FEE_PRIV_DATA_SIZE	20
/*
 * Debug/test only. BsafeCSP only (long since disabled, in Puma).
 * This results in quicker but less secure RSA key generation.
 */
#define RSA_WEAK_KEYS		0

/*
 * Force bad data in KeyData prior to generating, deriving, or
 * wrapping key to ensure that the CSP ignores incoming
 * KeyData.
 */
static void setBadKeyData(
	CSSM_KEY_PTR key)
{
	key->KeyData.Data = (uint8 *)0xeaaaeaaa;	// bad ptr
	key->KeyData.Length = 1;	// no key can fit here
}

/*
 * Generate key pair of arbitrary algorithm. 
 * FEE keys will have random private data.
 */
CSSM_RETURN cspGenKeyPair(CSSM_CSP_HANDLE cspHand,
	uint32 algorithm,
	const char *keyLabel,
	unsigned keyLabelLen,
	uint32 keySize,					// in bits
	CSSM_KEY_PTR pubKey,			// mallocd by caller
	CSSM_BOOL pubIsRef,				// true - reference key, false - data
	uint32 pubKeyUsage,				// CSSM_KEYUSE_ENCRYPT, etc.
	CSSM_KEYBLOB_FORMAT pubFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
									//   to get the default format. 
	CSSM_KEY_PTR privKey,			// mallocd by caller
	CSSM_BOOL privIsRef,			// true - reference key, false - data
	uint32 privKeyUsage,			// CSSM_KEYUSE_DECRYPT, etc.
	CSSM_KEYBLOB_FORMAT privFormat,	// optional 0 ==> default
	CSSM_BOOL genSeed)				// FEE only. True: we generate seed and CSP
									// will hash it. False: CSP generates random 
									// seed. 
{
	CSSM_RETURN				crtn;
	CSSM_CC_HANDLE 			ccHand;
	CSSM_DATA				privData = {0, NULL};		// mallocd for FEE
	CSSM_CRYPTO_DATA		privCData;
	CSSM_CRYPTO_DATA_PTR	privCDataPtr = NULL;
	CSSM_DATA				keyLabelData;
	uint32					pubAttr;
	uint32					privAttr;
	CSSM_RETURN 			ocrtn = CSSM_OK;
	
	/* pre-context-create algorithm-specific stuff */
	switch(algorithm) {
		case CSSM_ALGID_FEE:
			if(genSeed) {
				/* cook up random privData */
				privData.Data = (uint8 *)CSSM_MALLOC(FEE_PRIV_DATA_SIZE);
				privData.Length = FEE_PRIV_DATA_SIZE;
				appGetRandomBytes(privData.Data, FEE_PRIV_DATA_SIZE);
				privCData.Param = privData;
				privCData.Callback = NULL;
				privCDataPtr = &privCData;
			}
			/* else CSP generates random seed/key */
			
			if(keySize == CSP_KEY_SIZE_DEFAULT) {
				keySize = CSP_FEE_KEY_SIZE_DEFAULT;
			}
			break;
		case CSSM_ALGID_RSA:
			if(keySize == CSP_KEY_SIZE_DEFAULT) {
				keySize = CSP_RSA_KEY_SIZE_DEFAULT;
			}
			break;
		case CSSM_ALGID_DSA:
			if(keySize == CSP_KEY_SIZE_DEFAULT) {
				keySize = CSP_DSA_KEY_SIZE_DEFAULT;
			}
			break;
		default:
			printf("cspGenKeyPair: Unknown algorithm\n");
			/* but what the hey */
			privCDataPtr = NULL;
			break;
	}
	keyLabelData.Data        = (uint8 *)keyLabel,
	keyLabelData.Length      = keyLabelLen;
	memset(pubKey, 0, sizeof(CSSM_KEY));
	memset(privKey, 0, sizeof(CSSM_KEY));
	setBadKeyData(pubKey);
	setBadKeyData(privKey);
	
	crtn = CSSM_CSP_CreateKeyGenContext(cspHand,
		algorithm,
		keySize,
		privCDataPtr,			// Seed
		NULL,					// Salt
		NULL,					// StartDate
		NULL,					// EndDate
		NULL,					// Params
		&ccHand);
	if(crtn) {
		printError("CSSM_CSP_CreateKeyGenContext", crtn);
		ocrtn = crtn;
		goto abort;
	}
	/* cook up attribute bits */
	if(pubIsRef) {
		pubAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
	}
	else {
		pubAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
	}
	if(privIsRef) {
		privAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
	}
	else {
		privAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
	}

	/* post-context-create algorithm-specific stuff */
	switch(algorithm) {
		case CSSM_ALGID_RSA:
		
			#if	RSA_WEAK_KEYS
			{
				/* for testing, speed up key gen by using the
				* undocumented "CUSTOM" key gen mode. This
				* results in the CSP using AI_RsaKeyGen instead of
				* AI_RSAStrongKeyGen.
				*/
				crtn = AddContextAttribute(ccHand,
					CSSM_ATTRIBUTE_MODE,
					sizeof(uint32),		
					CAT_Uint32,
					NULL,
					CSSM_ALGMODE_CUSTOM);
				if(crtn) {
					printError("CSSM_UpdateContextAttributes", crtn);
					return crtn;
				}
			}
			#endif	// RSA_WEAK_KEYS
			break;
		 
		 case CSSM_ALGID_DSA:
			/* 
			 * extra step - generate params - this just adds some
			 * info to the context
			 */
			{
				CSSM_DATA dummy = {0, NULL};
				crtn = CSSM_GenerateAlgorithmParams(ccHand, 
					keySize, &dummy);
				if(crtn) {
					printError("CSSM_GenerateAlgorithmParams", crtn);
					return crtn;
				}
				appFreeCssmData(&dummy, CSSM_FALSE);
			}
			break;
		default:
			break;
	}
	
	/* optional format specifiers */
	if(!pubIsRef && (pubFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE)) {
		crtn = AddContextAttribute(ccHand,
			CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT,
			sizeof(uint32),	
			CAT_Uint32,
			NULL,
			pubFormat);
		if(crtn) {
			printError("AddContextAttribute(CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT)", crtn);
			return crtn;
		}
	}
	if(!privIsRef && (privFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE)) {
		crtn = AddContextAttribute(ccHand,
			CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT,
			sizeof(uint32),			// currently sizeof CSSM_DATA
			CAT_Uint32,
			NULL,
			privFormat);
		if(crtn) {
			printError("AddContextAttribute(CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT)", crtn);
			return crtn;
		}
	}
	crtn = CSSM_GenerateKeyPair(ccHand,
		pubKeyUsage,
		pubAttr,
		&keyLabelData,
		pubKey,
		privKeyUsage,
		privAttr,
		&keyLabelData,			// same labels
		NULL,					// CredAndAclEntry
		privKey);
	if(crtn) {
		printError("CSSM_GenerateKeyPair", crtn);
		ocrtn = crtn;
		goto abort;
	}
	/* basic checks...*/
	if(privIsRef) {
		if(privKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
			printf("privKey blob type: exp %u got %u\n",
				CSSM_KEYBLOB_REFERENCE, (unsigned)privKey->KeyHeader.BlobType);
			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
			goto abort;
		}
	}
	else {
		switch(privKey->KeyHeader.BlobType) {
			case CSSM_KEYBLOB_RAW:
				break;
			default:
				printf("privKey blob type: exp raw, got %u\n",
					(unsigned)privKey->KeyHeader.BlobType);
				ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
				goto abort;
		}
	}
	if(pubIsRef) {
		if(pubKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
			printf("pubKey blob type: exp %u got %u\n",
				CSSM_KEYBLOB_REFERENCE, (unsigned)pubKey->KeyHeader.BlobType);
			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
			goto abort;
		}
	}
	else {
		switch(pubKey->KeyHeader.BlobType) {
			case CSSM_KEYBLOB_RAW:
				break;
			default:
				printf("pubKey blob type: exp raw or raw_berder, got %u\n",
					(unsigned)pubKey->KeyHeader.BlobType);
				ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
				goto abort;
		}
	}
abort:
	if(ccHand != 0) {
		crtn = CSSM_DeleteContext(ccHand);
		if(crtn) {
			printError("CSSM_DeleteContext", crtn);
			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
		}
	}
	if(privData.Data != NULL) {
		CSSM_FREE(privData.Data);
	}
	return ocrtn;
}

/*
 * Generate FEE key pair with optional primeType, curveType, and seed (password) data.
 */
CSSM_RETURN cspGenFEEKeyPair(CSSM_CSP_HANDLE cspHand,
	const char *keyLabel,
	unsigned keyLabelLen,
	uint32 keySize,					// in bits
	uint32 primeType,				// CSSM_FEE_PRIME_TYPE_MERSENNE, etc.
	uint32 curveType,				// CSSM_FEE_CURVE_TYPE_MONTGOMERY, etc.
	CSSM_KEY_PTR pubKey,			// mallocd by caller
	CSSM_BOOL pubIsRef,				// true - reference key, false - data
	uint32 pubKeyUsage,				// CSSM_KEYUSE_ENCRYPT, etc.
	CSSM_KEYBLOB_FORMAT pubFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
									//   to get the default format. 
	CSSM_KEY_PTR privKey,			// mallocd by caller
	CSSM_BOOL privIsRef,			// true - reference key, false - data
	uint32 privKeyUsage,			// CSSM_KEYUSE_DECRYPT, etc.
	CSSM_KEYBLOB_FORMAT privFormat,	// optional 0 ==> default
	const CSSM_DATA *seedData)		// Present: CSP will hash this for private data.
									// NULL: CSP generates random seed. 
{
	CSSM_RETURN				crtn;
	CSSM_CC_HANDLE 			ccHand;
	CSSM_CRYPTO_DATA		privCData;
	CSSM_CRYPTO_DATA_PTR	privCDataPtr = NULL;
	CSSM_DATA				keyLabelData;
	uint32					pubAttr;
	uint32					privAttr;
	CSSM_RETURN 			ocrtn = CSSM_OK;
	
	/* pre-context-create algorithm-specific stuff */
	if(seedData) {
		privCData.Param = *((CSSM_DATA_PTR)seedData);
		privCData.Callback = NULL;
		privCDataPtr = &privCData;
	}
	/* else CSP generates random seed/key */
	
	if(keySize == CSP_KEY_SIZE_DEFAULT) {
		keySize = CSP_FEE_KEY_SIZE_DEFAULT;
	}

	keyLabelData.Data        = (uint8 *)keyLabel,
	keyLabelData.Length      = keyLabelLen;
	memset(pubKey, 0, sizeof(CSSM_KEY));
	memset(privKey, 0, sizeof(CSSM_KEY));
	setBadKeyData(pubKey);
	setBadKeyData(privKey);
	
	crtn = CSSM_CSP_CreateKeyGenContext(cspHand,
		CSSM_ALGID_FEE,
		keySize,
		privCDataPtr,			// Seed
		NULL,					// Salt
		NULL,					// StartDate
		NULL,					// EndDate
		NULL,					// Params
		&ccHand);
	if(crtn) {
		printError("CSSM_CSP_CreateKeyGenContext", crtn);
		ocrtn = crtn;
		goto abort;
	}
	/* cook up attribute bits */
	if(pubIsRef) {
		pubAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
	}
	else {
		pubAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
	}
	if(privIsRef) {
		privAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
	}
	else {
		privAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
	}

	/* optional post-context-create stuff */
	if(primeType != CSSM_FEE_PRIME_TYPE_DEFAULT) {
		crtn = AddContextAttribute(ccHand,
			CSSM_ATTRIBUTE_FEE_PRIME_TYPE,
			sizeof(uint32),		
			CAT_Uint32,
			NULL,
			primeType);
		if(crtn) {
			printError("AddContextAttribute(CSSM_ATTRIBUTE_FEE_PRIME_TYPE)", crtn);
			return crtn;
		}
	}
	if(curveType != CSSM_FEE_CURVE_TYPE_DEFAULT) {
		crtn = AddContextAttribute(ccHand,
			CSSM_ATTRIBUTE_FEE_CURVE_TYPE,
			sizeof(uint32),		
			CAT_Uint32,
			NULL,
			curveType);
		if(crtn) {
			printError("AddContextAttribute(CSSM_ATTRIBUTE_FEE_CURVE_TYPE)", crtn);
			return crtn;
		}
	}
	
	if(pubFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE) {
		crtn = AddContextAttribute(ccHand,
			CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT,
			sizeof(uint32),		
			CAT_Uint32,
			NULL,
			pubFormat);
		if(crtn) {
			printError("AddContextAttribute(CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT)", crtn);
			return crtn;
		}
	}
	if(privFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE) {
		crtn = AddContextAttribute(ccHand,
			CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT,
			sizeof(uint32),			// currently sizeof CSSM_DATA
			CAT_Uint32,
			NULL,
			pubFormat);
		if(crtn) {
			printError("AddContextAttribute(CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT)", crtn);
			return crtn;
		}
	}
	crtn = CSSM_GenerateKeyPair(ccHand,
		pubKeyUsage,
		pubAttr,
		&keyLabelData,
		pubKey,
		privKeyUsage,
		privAttr,
		&keyLabelData,			// same labels
		NULL,					// CredAndAclEntry
		privKey);
	if(crtn) {
		printError("CSSM_GenerateKeyPair", crtn);
		ocrtn = crtn;
		goto abort;
	}
	/* basic checks...*/
	if(privIsRef) {
		if(privKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
			printf("privKey blob type: exp %u got %u\n",
				CSSM_KEYBLOB_REFERENCE, (unsigned)privKey->KeyHeader.BlobType);
			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
			goto abort;
		}
	}
	else {
		switch(privKey->KeyHeader.BlobType) {
			case CSSM_KEYBLOB_RAW:
				break;
			default:
				printf("privKey blob type: exp raw, got %u\n",
					(unsigned)privKey->KeyHeader.BlobType);
				ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
				goto abort;
		}
	}
	if(pubIsRef) {
		if(pubKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
			printf("pubKey blob type: exp %u got %u\n",
				CSSM_KEYBLOB_REFERENCE, (unsigned)pubKey->KeyHeader.BlobType);
			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
			goto abort;
		}
	}
	else {
		switch(pubKey->KeyHeader.BlobType) {
			case CSSM_KEYBLOB_RAW:
				break;
			default:
				printf("pubKey blob type: exp raw or raw_berder, got %u\n",
					(unsigned)pubKey->KeyHeader.BlobType);
				ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
				goto abort;
		}
	}
abort:
	if(ccHand != 0) {
		crtn = CSSM_DeleteContext(ccHand);
		if(crtn) {
			printError("CSSM_DeleteContext", crtn);
			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
		}
	}
	return ocrtn;
}

/*
 * Generate DSA key pair with optional generateAlgParams and optional
 * incoming parameters.
 */
CSSM_RETURN cspGenDSAKeyPair(CSSM_CSP_HANDLE cspHand,
	const char *keyLabel,
	unsigned keyLabelLen,
	uint32 keySize,					// in bits
	CSSM_KEY_PTR pubKey,			// mallocd by caller
	CSSM_BOOL pubIsRef,				// true - reference key, false - data
	uint32 pubKeyUsage,				// CSSM_KEYUSE_ENCRYPT, etc.
	CSSM_KEYBLOB_FORMAT pubFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
									//   to get the default format. 
	CSSM_KEY_PTR privKey,			// mallocd by caller
	CSSM_BOOL privIsRef,			// true - reference key, false - data
	uint32 privKeyUsage,			// CSSM_KEYUSE_DECRYPT, etc.
	CSSM_KEYBLOB_FORMAT privFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
									//   to get the default format. 
	CSSM_BOOL genParams,
	CSSM_DATA_PTR paramData)		// optional	
{
	CSSM_RETURN				crtn;
	CSSM_CC_HANDLE 			ccHand;
	CSSM_DATA				keyLabelData;
	uint32					pubAttr;
	uint32					privAttr;
	CSSM_RETURN 			ocrtn = CSSM_OK;
	
	if(keySize == CSP_KEY_SIZE_DEFAULT) {
		keySize = CSP_DSA_KEY_SIZE_DEFAULT;
	}
	keyLabelData.Data        = (uint8 *)keyLabel,
	keyLabelData.Length      = keyLabelLen;
	memset(pubKey, 0, sizeof(CSSM_KEY));
	memset(privKey, 0, sizeof(CSSM_KEY));
	setBadKeyData(pubKey);
	setBadKeyData(privKey);
	
	crtn = CSSM_CSP_CreateKeyGenContext(cspHand,
		CSSM_ALGID_DSA,
		keySize,
		NULL,					// Seed
		NULL,					// Salt
		NULL,					// StartDate
		NULL,					// EndDate
		paramData,
		&ccHand);
	if(crtn) {
		printError("CSSM_CSP_CreateKeyGenContext", crtn);
		ocrtn = crtn;
		goto abort;
	}
	
	/* cook up attribute bits */
	if(pubIsRef) {
		pubAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
	}
	else {
		pubAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
	}
	if(privIsRef) {
		privAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
	}
	else {
		privAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
	}

	if(genParams) {
		/* 
		 * extra step - generate params - this just adds some
		 * info to the context
		 */
		CSSM_DATA dummy = {0, NULL};
		crtn = CSSM_GenerateAlgorithmParams(ccHand, 
			keySize, &dummy);
		if(crtn) {
			printError("CSSM_GenerateAlgorithmParams", crtn);
			return crtn;
		}
		appFreeCssmData(&dummy, CSSM_FALSE);
	}
	
	/* optional format specifiers */
	if(!pubIsRef && (pubFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE)) {
		crtn = AddContextAttribute(ccHand,
			CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT,
			sizeof(uint32),	
			CAT_Uint32,
			NULL,
			pubFormat);
		if(crtn) {
			printError("AddContextAttribute(CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT)", crtn);
			return crtn;
		}
	}
	if(!privIsRef && (privFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE)) {
		crtn = AddContextAttribute(ccHand,
			CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT,
			sizeof(uint32),			// currently sizeof CSSM_DATA
			CAT_Uint32,
			NULL,
			privFormat);
		if(crtn) {
			printError("AddContextAttribute(CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT)", crtn);
			return crtn;
		}
	}

	crtn = CSSM_GenerateKeyPair(ccHand,
		pubKeyUsage,
		pubAttr,
		&keyLabelData,
		pubKey,
		privKeyUsage,
		privAttr,
		&keyLabelData,			// same labels
		NULL,					// CredAndAclEntry
		privKey);
	if(crtn) {
		printError("CSSM_GenerateKeyPair", crtn);
		ocrtn = crtn;
		goto abort;
	}
	/* basic checks...*/
	if(privIsRef) {
		if(privKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
			printf("privKey blob type: exp %u got %u\n",
				CSSM_KEYBLOB_REFERENCE, (unsigned)privKey->KeyHeader.BlobType);
			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
			goto abort;
		}
	}
	else {
		switch(privKey->KeyHeader.BlobType) {
			case CSSM_KEYBLOB_RAW:
				break;
			default:
				printf("privKey blob type: exp raw, got %u\n",
					(unsigned)privKey->KeyHeader.BlobType);
				ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
				goto abort;
		}
	}
	if(pubIsRef) {
		if(pubKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
			printf("pubKey blob type: exp %u got %u\n",
				CSSM_KEYBLOB_REFERENCE, (unsigned)pubKey->KeyHeader.BlobType);
			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
			goto abort;
		}
	}
	else {
		switch(pubKey->KeyHeader.BlobType) {
			case CSSM_KEYBLOB_RAW:
				break;
			default:
				printf("pubKey blob type: exp raw or raw_berder, got %u\n",
					(unsigned)pubKey->KeyHeader.BlobType);
				ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
				goto abort;
		}
	}
abort:
	if(ccHand != 0) {
		crtn = CSSM_DeleteContext(ccHand);
		if(crtn) {
			printError("CSSM_DeleteContext", crtn);
			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
		}
	}
	return ocrtn;
}


uint32 cspDefaultKeySize(uint32 alg)
{
	uint32 keySizeInBits;
	switch(alg) {
		case CSSM_ALGID_DES:
			keySizeInBits = CSP_DES_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_3DES_3KEY:
		case CSSM_ALGID_DESX:
			keySizeInBits = CSP_DES3_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_RC2:
			keySizeInBits = CSP_RC2_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_RC4:
			keySizeInBits = CSP_RC4_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_RC5:
			keySizeInBits = CSP_RC5_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_ASC:
			keySizeInBits = CSP_ASC_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_BLOWFISH:
			keySizeInBits = CSP_BFISH_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_CAST:
			keySizeInBits = CSP_CAST_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_IDEA:
			keySizeInBits = CSP_IDEA_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_AES:
			keySizeInBits = CSP_AES_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_SHA1HMAC:
			keySizeInBits = CSP_HMAC_SHA_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_MD5HMAC:
			keySizeInBits = CSP_HMAC_MD5_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_FEE:
			keySizeInBits = CSP_FEE_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_RSA:
			keySizeInBits = CSP_RSA_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_DSA:
			keySizeInBits = CSP_DSA_KEY_SIZE_DEFAULT;
			break;
		case CSSM_ALGID_NONE:
			keySizeInBits = CSP_NULL_CRYPT_KEY_SIZE_DEF;
			break;
		default:
			printf("***cspDefaultKeySize: Unknown symmetric algorithm\n");
			keySizeInBits = 0;
			break;
	}
	return keySizeInBits;
}

/*
 * Create a random symmetric key.
 */
CSSM_KEY_PTR cspGenSymKey(CSSM_CSP_HANDLE cspHand,
		uint32 				alg,
		const char 			*keyLabel,
		unsigned 			keyLabelLen,
		uint32 				keyUsage,		// CSSM_KEYUSE_ENCRYPT, etc.
		uint32 				keySizeInBits,
		CSSM_BOOL			refKey)
{
	CSSM_KEY_PTR 		symKey = (CSSM_KEY_PTR)CSSM_MALLOC(sizeof(CSSM_KEY));
	CSSM_RETURN			crtn;
	CSSM_CC_HANDLE 		ccHand;
	uint32				keyAttr;
	CSSM_DATA			dummyLabel;
	
	if(symKey == NULL) {
		printf("Insufficient heap space\n");
		return NULL;
	}
	memset(symKey, 0, sizeof(CSSM_KEY));
	setBadKeyData(symKey);
	if(keySizeInBits == CSP_KEY_SIZE_DEFAULT) {
		keySizeInBits = cspDefaultKeySize(alg);
	}
	crtn = CSSM_CSP_CreateKeyGenContext(cspHand,
		alg,
		keySizeInBits,	// keySizeInBits
		NULL,			// Seed
		NULL,			// Salt
		NULL,			// StartDate
		NULL,			// EndDate
		NULL,			// Params
		&ccHand);
	if(crtn) {
		printError("CSSM_CSP_CreateKeyGenContext", crtn);
		goto errorOut;
	}
	if(refKey) {
		keyAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
	}
	else {
		keyAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
	}
	dummyLabel.Length = keyLabelLen;
	dummyLabel.Data = (uint8 *)keyLabel;

	crtn = CSSM_GenerateKey(ccHand,
		keyUsage,
		keyAttr,
		&dummyLabel,
		NULL,			// ACL
		symKey);
	if(crtn) {
		printError("CSSM_GenerateKey", crtn);
		goto errorOut;
	}
	crtn = CSSM_DeleteContext(ccHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		goto errorOut;
	}
	return symKey;
errorOut:
	CSSM_FREE(symKey);
	return NULL;
}

/*
 * Derive symmetric key.
 * Note in the X CSP, we never return an IV. 
 */
CSSM_KEY_PTR cspDeriveKey(CSSM_CSP_HANDLE cspHand,
		uint32 				deriveAlg,		// CSSM_ALGID_PKCS5_PBKDF2, etc.
		uint32				keyAlg,			// CSSM_ALGID_RC5, etc.
		const char 			*keyLabel,
		unsigned 			keyLabelLen,
		uint32 				keyUsage,		// CSSM_KEYUSE_ENCRYPT, etc.
		uint32 				keySizeInBits,
		CSSM_BOOL			isRefKey,
		CSSM_DATA_PTR		password,		// in PKCS-5 lingo
		CSSM_DATA_PTR		salt,			// ditto
		uint32				iterationCnt,	// ditto
		CSSM_DATA_PTR		initVector)		// mallocd & RETURNED
{
	CSSM_KEY_PTR 				symKey = (CSSM_KEY_PTR)
									CSSM_MALLOC(sizeof(CSSM_KEY));
	CSSM_RETURN					crtn;
	CSSM_CC_HANDLE 				ccHand;
	uint32						keyAttr;
	CSSM_DATA					dummyLabel;
	CSSM_PKCS5_PBKDF2_PARAMS 	pbeParams;
	CSSM_DATA					pbeData;
	CSSM_ACCESS_CREDENTIALS		creds;
	
	if(symKey == NULL) {
		printf("Insufficient heap space\n");
		return NULL;
	}
	memset(symKey, 0, sizeof(CSSM_KEY));
	setBadKeyData(symKey);
	memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
	if(keySizeInBits == CSP_KEY_SIZE_DEFAULT) {
		keySizeInBits = cspDefaultKeySize(keyAlg);
	}
	crtn = CSSM_CSP_CreateDeriveKeyContext(cspHand,
		deriveAlg,
		keyAlg,
		keySizeInBits,
		&creds,
		NULL,			// BaseKey
		iterationCnt,
		salt,
		NULL,			// seed
		&ccHand);
	if(crtn) {
		printError("CSSM_CSP_CreateDeriveKeyContext", crtn);
		goto errorOut;
	}
	keyAttr = CSSM_KEYATTR_EXTRACTABLE;
	if(isRefKey) {
		keyAttr |= (CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_SENSITIVE);
	}
	else {
		keyAttr |= CSSM_KEYATTR_RETURN_DATA;
	}
	dummyLabel.Length = keyLabelLen;
	dummyLabel.Data = (uint8 *)keyLabel;
	
	/* passing in password is pretty strange....*/
	pbeParams.Passphrase = *password;
	pbeParams.PseudoRandomFunction = 
			CSSM_PKCS5_PBKDF2_PRF_HMAC_SHA1;
	pbeData.Data = (uint8 *)&pbeParams;
	pbeData.Length = sizeof(pbeParams);
	crtn = CSSM_DeriveKey(ccHand,
		&pbeData,
		keyUsage,
		keyAttr,
		&dummyLabel,
		NULL,			// cred and acl
		symKey);
	if(crtn) {
		printError("CSSM_DeriveKey", crtn);
		goto errorOut;
	}
	/* copy IV back to caller */
	/* Nope, not supported */
	#if 0
	if(pbeParams.InitVector.Data != NULL) {
		if(initVector->Data != NULL) {
			if(initVector->Length < pbeParams.InitVector.Length) {
				printf("***Insufficient InitVector\n");
				goto errorOut;
			}
		}
		else {
			initVector->Data = 
				(uint8 *)CSSM_MALLOC(pbeParams.InitVector.Length);
		}
		memmove(initVector->Data, pbeParams.InitVector.Data,
				pbeParams.InitVector.Length);
		initVector->Length = pbeParams.InitVector.Length;
		CSSM_FREE(pbeParams.InitVector.Data);
	}
	else {
		printf("***Warning: CSSM_DeriveKey, no InitVector\n");
	}
	#endif
	crtn = CSSM_DeleteContext(ccHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		goto errorOut;
	}
	return symKey;
errorOut:
	CSSM_FREE(symKey);
	return NULL;
}

/*
 * Cook up a symmetric key with specified key bits and other
 * params. Currently the CSPDL can only deal with reference keys except when
 * doing wrap/unwrap, so we manually cook up a raw key, then we null-unwrap it. 
 */
CSSM_RETURN cspGenSymKeyWithBits(
	CSSM_CSP_HANDLE		cspHand,
	CSSM_ALGORITHMS		keyAlg,
	CSSM_KEYUSE			keyUsage,
	const CSSM_DATA		*keyBits,
	unsigned			keySizeInBytes,
	CSSM_KEY_PTR		refKey)				// init'd and RETURNED
{
	CSSM_KEY			rawKey;
	CSSM_KEYHEADER_PTR	hdr = &rawKey.KeyHeader;
	CSSM_RETURN			crtn;
	
	/* set up a raw key the CSP will accept */
	memset(&rawKey, 0, sizeof(CSSM_KEY));
	hdr->HeaderVersion = CSSM_KEYHEADER_VERSION;
	hdr->BlobType = CSSM_KEYBLOB_RAW;
	hdr->Format = CSSM_KEYBLOB_RAW_FORMAT_OCTET_STRING;
	hdr->AlgorithmId = keyAlg;
	hdr->KeyClass = CSSM_KEYCLASS_SESSION_KEY;
	hdr->LogicalKeySizeInBits = keySizeInBytes * 8;
	hdr->KeyAttr = CSSM_KEYATTR_EXTRACTABLE;
	hdr->KeyUsage = keyUsage;
	appSetupCssmData(&rawKey.KeyData, keySizeInBytes);
	memmove(rawKey.KeyData.Data, keyBits->Data, keySizeInBytes);
	
	/* convert to a ref key */
	crtn = cspRawKeyToRef(cspHand, &rawKey, refKey);
	appFreeCssmData(&rawKey.KeyData, CSSM_FALSE);
	return crtn;
}

/*
 * Free a key. This frees a CSP's resources associated with the key if
 * the key is a reference key. It also frees key->KeyData. The CSSM_KEY
 * struct itself is not freed.
 * Note this has no effect on the CSP or DL cached keys unless the incoming
 * key is a reference key.
 */
CSSM_RETURN	cspFreeKey(CSSM_CSP_HANDLE cspHand,
	CSSM_KEY_PTR key)
{
	CSSM_RETURN crtn;
	crtn = CSSM_FreeKey(cspHand, 
		NULL,		// access cred
		key,
		CSSM_FALSE);	// delete - OK? maybe should parameterize?
	if(crtn) {
		printError("CSSM_FreeKey", crtn);
	}
	return crtn;
}

/* generate a random and reasonable key size in bits for specified CSSM algorithm */
uint32 randKeySizeBits(uint32 alg, 
	opType op)			// OT_Encrypt, etc.
{
	uint32 minSize;
	uint32 maxSize;
	uint32 size;
	
	switch(alg) {
		case CSSM_ALGID_DES:
			return CSP_DES_KEY_SIZE_DEFAULT;
		case CSSM_ALGID_3DES_3KEY:
		case CSSM_ALGID_DESX:
			return CSP_DES3_KEY_SIZE_DEFAULT;
		case CSSM_ALGID_ASC:
		case CSSM_ALGID_RC2:
		case CSSM_ALGID_RC4:
		case CSSM_ALGID_RC5:
			minSize = 5 * 8;
			maxSize = MAX_KEY_SIZE_RC245_BYTES * 8 ;	// somewhat arbitrary
			break;
		case CSSM_ALGID_BLOWFISH:
			minSize = 32;
			maxSize = 448;
			break;
		case CSSM_ALGID_CAST:
			minSize = 40;
			maxSize = 128;
			break;
		case CSSM_ALGID_IDEA:
			return CSP_IDEA_KEY_SIZE_DEFAULT;
		case CSSM_ALGID_RSA:
			minSize = CSP_RSA_KEY_SIZE_DEFAULT;
			maxSize = 1024;
			break;
		case CSSM_ALGID_DSA:
			/* signature only, no export restriction */
			minSize = 512;
			maxSize = 1024;
			break;
		case CSSM_ALGID_SHA1HMAC:
			minSize = 20 * 8;
			maxSize = 256 * 8;
			break;
		case CSSM_ALGID_MD5HMAC:
			minSize = 16 * 8;
			maxSize = 256 * 8;
			break;
		case CSSM_ALGID_FEE:
		case CSSM_ALGID_ECDSA:
		case CSSM_ALGID_SHA1WithECDSA:
			/* FEE, ECDSA require discrete sizes */
			size = genRand(1,3);
			switch(size) {
				case 1:
					return 31;
				case 2:
					if(alg == CSSM_ALGID_FEE) {
						return 127;
					}
					else {
						return 128;
					}
				case 3:
					return 161;
				case 5:
					return 192;
				default:
					printf("randKeySizeBits: internal error\n");
					return 0;
			}
		case CSSM_ALGID_AES:
			size = genRand(1, 3);
			switch(size) {
				case 1:
					return 128;
				case 2:
					return 192;
				case 3:
					return 256;
			}
		case CSSM_ALGID_NONE:
			return CSP_NULL_CRYPT_KEY_SIZE_DEF;
		default:
			printf("randKeySizeBits: unknown alg\n");
			return CSP_KEY_SIZE_DEFAULT;
	}
	size = genRand(minSize, maxSize);
	
	/* per-alg postprocessing.... */
	if(alg != CSSM_ALGID_RC2) {
		size &= ~0x7;
	}
	switch(alg) {
		case CSSM_ALGID_RSA:
			// new for X - strong keys */
			size &= ~(16 - 1);
			break;
		case CSSM_ALGID_DSA:
			/* size mod 64 == 0 */
			size &= ~(64 - 1);
			break;
		default:
			break;
	}
	return size;
}

#pragma mark --------- Encrypt/Decrypt ---------

/*
 * Encrypt/Decrypt
 */
/*
 * Common routine for encrypt/decrypt - cook up an appropriate context handle
 */
/*
 * When true, effectiveKeySizeInBits is passed down via the Params argument.
 * Otherwise, we add a customized context attribute.
 * Setting this true works with the stock Intel CSSM; this may well change.
 * Note this overloading prevent us from specifying RC5 rounds....
 */
#define EFFECTIVE_SIZE_VIA_PARAMS		0
CSSM_CC_HANDLE genCryptHandle(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for symmetric algs
		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
		const CSSM_KEY *key0,
		const CSSM_KEY *key1,				// for CSSM_ALGID_FEED only - must be the 
											// public key
		const CSSM_DATA *iv,				// optional
		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
		uint32 rounds)						// ditto
{
	CSSM_CC_HANDLE cryptHand = 0;
	uint32 params;
	CSSM_RETURN crtn;
	CSSM_ACCESS_CREDENTIALS	creds;
	
	memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
	#if	EFFECTIVE_SIZE_VIA_PARAMS
	params = effectiveKeySizeInBits;
	#else
	params = 0;
	#endif
	switch(algorithm) {
		case CSSM_ALGID_DES:
		case CSSM_ALGID_3DES_3KEY_EDE:
		case CSSM_ALGID_DESX:
		case CSSM_ALGID_ASC:
		case CSSM_ALGID_RC2:
		case CSSM_ALGID_RC4:
		case CSSM_ALGID_RC5:
		case CSSM_ALGID_AES:
		case CSSM_ALGID_BLOWFISH:
		case CSSM_ALGID_CAST:
		case CSSM_ALGID_IDEA:
		case CSSM_ALGID_NONE:		// used for wrapKey()
			crtn = CSSM_CSP_CreateSymmetricContext(cspHand,
				algorithm,
				mode,
				NULL,			// access cred
				key0,
				iv,				// InitVector
				padding,	
				NULL,			// Params
				&cryptHand);
			if(crtn) {
				printError("CSSM_CSP_CreateSymmetricContext", crtn);
				return 0;
			}
			break;
		case CSSM_ALGID_FEED:
		case CSSM_ALGID_FEEDEXP:
		case CSSM_ALGID_FEECFILE:
		case CSSM_ALGID_RSA:
			 crtn = CSSM_CSP_CreateAsymmetricContext(cspHand,
				algorithm,
				&creds,			// access
				key0,
				padding,
				&cryptHand);
			if(crtn) {
				printError("CSSM_CSP_CreateAsymmetricContext", crtn);
				return 0;
			}
			if(key1 != NULL) {
				/*
				 * FEED, some CFILE. Add (non-standard) second key attribute.
				 */
				crtn = AddContextAttribute(cryptHand,
						CSSM_ATTRIBUTE_PUBLIC_KEY,
						sizeof(CSSM_KEY),			// currently sizeof CSSM_DATA
						CAT_Ptr,
						key1,
						0);
				if(crtn) {
					printError("AddContextAttribute", crtn);
					return 0;
				}
			}
			if(mode != CSSM_ALGMODE_NONE) {
				/* special case, e.g., CSSM_ALGMODE_PUBLIC_KEY */
				crtn = AddContextAttribute(cryptHand,
						CSSM_ATTRIBUTE_MODE,
						sizeof(uint32),
						CAT_Uint32,
						NULL,
						mode);
				if(crtn) {
					printError("AddContextAttribute", crtn);
					return 0;
				}
			}
			break;
		default:
			printf("genCryptHandle: bogus algorithm\n");
			return 0;
	}
	#if		!EFFECTIVE_SIZE_VIA_PARAMS
	/* add optional EffectiveKeySizeInBits and rounds attributes */
	if(effectiveKeySizeInBits != 0) {
		CSSM_CONTEXT_ATTRIBUTE attr;
		attr.AttributeType = CSSM_ATTRIBUTE_EFFECTIVE_BITS;
		attr.AttributeLength = sizeof(uint32);
		attr.Attribute.Uint32 = effectiveKeySizeInBits;
		crtn = CSSM_UpdateContextAttributes(
			cryptHand,
			1,
			&attr);
		if(crtn) {
			printError("CSSM_UpdateContextAttributes", crtn);
			return crtn;
		}
	}
	#endif
	
	if(rounds != 0) {
		CSSM_CONTEXT_ATTRIBUTE attr;
		attr.AttributeType = CSSM_ATTRIBUTE_ROUNDS;
		attr.AttributeLength = sizeof(uint32);
		attr.Attribute.Uint32 = rounds;
		crtn = CSSM_UpdateContextAttributes(
			cryptHand,
			1,
			&attr);
		if(crtn) {
			printError("CSSM_UpdateContextAttributes", crtn);
			return crtn;
		}
	}

	return cryptHand;
}

CSSM_RETURN cspEncrypt(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for symmetric algs
		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
		const CSSM_KEY *key,				// public or session key
		const CSSM_KEY *pubKey,				// for CSSM_ALGID_FEED, CSSM_ALGID_FEECFILE only
		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
		uint32 rounds,						// ditto
		const CSSM_DATA *iv,				// init vector, optional
		const CSSM_DATA *ptext,
		CSSM_DATA_PTR ctext,				// RETURNED
		CSSM_BOOL mallocCtext)				// if true, and ctext empty, malloc
											// by getting size from CSP
{
	CSSM_CC_HANDLE 	cryptHand;
	CSSM_RETURN		crtn;
	CSSM_SIZE		bytesEncrypted;
	CSSM_DATA		remData = {0, NULL};
	CSSM_RETURN		ocrtn = CSSM_OK;
	unsigned		origCtextLen;			// the amount we malloc, if any
	CSSM_RETURN		savedErr = CSSM_OK;
	CSSM_BOOL		restoreErr = CSSM_FALSE;
	
	cryptHand = genCryptHandle(cspHand, 
		algorithm, 
		mode, 
		padding,
		key, 
		pubKey, 
		iv, 
		effectiveKeySizeInBits,
		rounds);
	if(cryptHand == 0) {
		return CSSMERR_CSSM_INTERNAL_ERROR;
	}
	if(mallocCtext && (ctext->Length == 0)) {
		CSSM_QUERY_SIZE_DATA querySize;
		querySize.SizeInputBlock = ptext->Length;
		crtn = CSSM_QuerySize(cryptHand,
			CSSM_TRUE,						// encrypt
			1,
			&querySize);
		if(crtn) {
			printError("CSSM_QuerySize", crtn);
			ocrtn = crtn;
			goto abort;
		}
		if(querySize.SizeOutputBlock == 0) {
			/* CSP couldn't figure this out; skip our malloc */
			printf("***cspEncrypt: warning: cipherTextSize unknown; "
				"skipping malloc\n");
			origCtextLen = 0;
		}
		else {
			ctext->Data = (uint8 *)
				appMalloc(querySize.SizeOutputBlock, NULL);
			if(ctext->Data == NULL) {
				printf("Insufficient heap space\n");
				ocrtn = CSSM_ERRCODE_MEMORY_ERROR;
				goto abort;
			}
			ctext->Length = origCtextLen = querySize.SizeOutputBlock;
			memset(ctext->Data, 0, ctext->Length);
		}
	}
	else {
		origCtextLen = ctext->Length;
	}
	crtn = CSSM_EncryptData(cryptHand,
		ptext,
		1,
		ctext,
		1,
		&bytesEncrypted,
		&remData);
	if(crtn == CSSM_OK) {
		/*
		 * Deal with remData - its contents are included in bytesEncrypted.
		 */
		if((remData.Length != 0) && mallocCtext) {
			/* shouldn't happen - right? */
			if(bytesEncrypted > origCtextLen) {
				/* malloc and copy a new one */
				uint8 *newCdata = (uint8 *)appMalloc(bytesEncrypted, NULL);
				printf("**Warning: app malloced cipherBuf, but got nonzero "
					"remData!\n");
				if(newCdata == NULL) {
					printf("Insufficient heap space\n");
					ocrtn = CSSM_ERRCODE_MEMORY_ERROR;
					goto abort;
				}
				memmove(newCdata, ctext->Data, ctext->Length);
				memmove(newCdata+ctext->Length, remData.Data, remData.Length);
				CSSM_FREE(ctext->Data);
				ctext->Data = newCdata;
			}
			else {
				/* there's room left over */
				memmove(ctext->Data+ctext->Length, remData.Data, remData.Length);
			}
			ctext->Length = bytesEncrypted;
		}
		// NOTE: We return the proper length in ctext....
		ctext->Length = bytesEncrypted;
	}
	else {
		savedErr = crtn;
		restoreErr = CSSM_TRUE;
		printError("CSSM_EncryptData", crtn);
	}
abort:
	crtn = CSSM_DeleteContext(cryptHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		ocrtn = crtn;
	}
	if(restoreErr) {
		ocrtn = savedErr;
	}
	return ocrtn;
}

#define PAD_IMPLIES_RAND_PTEXTSIZE	1
#define LOG_STAGED_OPS				0
#if		LOG_STAGED_OPS
#define soprintf(s)	printf s
#else
#define soprintf(s)
#endif

CSSM_RETURN cspStagedEncrypt(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for symmetric algs
		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
		const CSSM_KEY *key,				// public or session key
		const CSSM_KEY *pubKey,				// for CSSM_ALGID_FEED, CSSM_ALGID_FEECFILE only
		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
		uint32 cipherBlockSize,				// ditto
		uint32 rounds,						// ditto
		const CSSM_DATA *iv,				// init vector, optional
		const CSSM_DATA *ptext,
		CSSM_DATA_PTR ctext,				// RETURNED, we malloc
		CSSM_BOOL multiUpdates)				// false:single update, true:multi updates
{
	CSSM_CC_HANDLE 	cryptHand;
	CSSM_RETURN		crtn;
	CSSM_SIZE		bytesEncrypted;			// per update
	CSSM_SIZE		bytesEncryptedTotal = 0;
	CSSM_RETURN		ocrtn = CSSM_OK;		// 'our' crtn
	unsigned		toMove;					// remaining
	unsigned		thisMove;				// bytes to encrypt on this update
	CSSM_DATA		thisPtext;				// running ptr into ptext
	CSSM_DATA		ctextWork;				// per update, mallocd by CSP
	CSSM_QUERY_SIZE_DATA querySize;
	uint8			*origCtext;				// initial ctext->Data
	unsigned		origCtextLen;			// amount we mallocd
	CSSM_BOOL		restoreErr = CSSM_FALSE;
	CSSM_RETURN		savedErr = CSSM_OK;
	
	
	cryptHand = genCryptHandle(cspHand, 
		algorithm, 
		mode, 
		padding,
		key, 
		pubKey, 
		iv,
		effectiveKeySizeInBits,
		rounds);
	if(cryptHand == 0) {
		return CSSMERR_CSP_INTERNAL_ERROR;
	}
	if(cipherBlockSize) {
		crtn = AddContextAttribute(cryptHand,
			CSSM_ATTRIBUTE_BLOCK_SIZE,
			sizeof(uint32),
			CAT_Uint32,
			NULL,
			cipherBlockSize);
		if(crtn) {
			printError("CSSM_UpdateContextAttributes", crtn);
			goto abort;
		}
	}
	
	/* obtain total required ciphertext size and block size */
	querySize.SizeInputBlock = ptext->Length;
	crtn = CSSM_QuerySize(cryptHand,
		CSSM_TRUE,						// encrypt
		1,
		&querySize);
	if(crtn) {
		printError("CSSM_QuerySize(1)", crtn);
		ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
		goto abort;
	}
	if(querySize.SizeOutputBlock == 0) {
		/* CSP couldn't figure this out; skip our malloc - caller is taking its
		 * chances */
		printf("***cspStagedEncrypt: warning: cipherTextSize unknown; aborting\n");
		ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
		goto abort;
	}
	else {
		origCtextLen = querySize.SizeOutputBlock;
		if(algorithm == CSSM_ALGID_ASC) {
			/* ASC is weird - the more chunks we do, the bigger the
			 * resulting ctext...*/
			origCtextLen *= 2;
		}
		ctext->Length = origCtextLen;
		ctext->Data   = origCtext = (uint8 *)appMalloc(origCtextLen, NULL);
		if(ctext->Data == NULL) {
			printf("Insufficient heap space\n");
			ocrtn = CSSMERR_CSP_MEMORY_ERROR;
			goto abort;
		}
		memset(ctext->Data, 0, ctext->Length);
	}

	crtn = CSSM_EncryptDataInit(cryptHand);
	if(crtn) {
		printError("CSSM_EncryptDataInit", crtn);
		ocrtn = crtn;
		goto abort;
	}
	
	toMove = ptext->Length;
	thisPtext.Data = ptext->Data;
	while(toMove) {
		if(multiUpdates) {
			thisMove = genRand(1, toMove);
		}
		else {
			/* just do one pass thru this loop */
			thisMove = toMove;
		}
		thisPtext.Length = thisMove;
		/* let CSP do the individual mallocs */
		ctextWork.Data = NULL;
		ctextWork.Length = 0;
		soprintf(("*** EncryptDataUpdate: ptextLen 0x%x\n", thisMove));
		crtn = CSSM_EncryptDataUpdate(cryptHand,
			&thisPtext,
			1,
			&ctextWork,
			1,
			&bytesEncrypted);
		if(crtn) {
			printError("CSSM_EncryptDataUpdate", crtn);
			ocrtn = crtn;
			goto abort;
		}
		// NOTE: We return the proper length in ctext....
		ctextWork.Length = bytesEncrypted;
		soprintf(("*** EncryptDataUpdate: ptextLen 0x%x  bytesEncrypted 0x%x\n",
			thisMove, bytesEncrypted));
		thisPtext.Data += thisMove;
		toMove         -= thisMove;
		if(bytesEncrypted > ctext->Length) {
			printf("cspStagedEncrypt: ctext overflow!\n");
			ocrtn = crtn;
			goto abort;
		}
		if(bytesEncrypted != 0) {
			memmove(ctext->Data, ctextWork.Data, bytesEncrypted);
			bytesEncryptedTotal += bytesEncrypted;
			ctext->Data         += bytesEncrypted;
			ctext->Length       -= bytesEncrypted;
		}
		if(ctextWork.Data != NULL) {
			CSSM_FREE(ctextWork.Data);
		}
	}
	/* OK, one more */
	ctextWork.Data = NULL;
	ctextWork.Length = 0;
	crtn = CSSM_EncryptDataFinal(cryptHand, &ctextWork);
	if(crtn) {
		printError("CSSM_EncryptDataFinal", crtn);
		savedErr = crtn;
		restoreErr = CSSM_TRUE;
		goto abort;
	}
	if(ctextWork.Length != 0) {
		bytesEncryptedTotal += ctextWork.Length;
		if(ctextWork.Length > ctext->Length) {
			printf("cspStagedEncrypt: ctext overflow (2)!\n");
			ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
			goto abort;
		}
		memmove(ctext->Data, ctextWork.Data, ctextWork.Length);
	}
	if(ctextWork.Data) {
		/* this could have gotten mallocd and Length still be zero */
		CSSM_FREE(ctextWork.Data);
	}

	/* retweeze ctext */
	ctext->Data   = origCtext;
	ctext->Length = bytesEncryptedTotal;
abort:
	crtn = CSSM_DeleteContext(cryptHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		ocrtn = crtn;
	}
	if(restoreErr) {
		/* give caller the error from the encrypt */
		ocrtn = savedErr;
	}
	return ocrtn;
}

CSSM_RETURN cspDecrypt(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for symmetric algs
		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
		const CSSM_KEY *key,				// public or session key
		const CSSM_KEY *pubKey,				// for CSSM_ALGID_FEED, CSSM_ALGID_FEECFILE only
		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
		uint32 rounds,						// ditto
		const CSSM_DATA *iv,				// init vector, optional
		const CSSM_DATA *ctext,
		CSSM_DATA_PTR ptext,				// RETURNED
		CSSM_BOOL mallocPtext)				// if true and ptext->Length = 0,
											//   we'll malloc
{
	CSSM_CC_HANDLE 	cryptHand;
	CSSM_RETURN		crtn;
	CSSM_RETURN		ocrtn = CSSM_OK;
	CSSM_SIZE		bytesDecrypted;
	CSSM_DATA		remData = {0, NULL};
	unsigned		origPtextLen;			// the amount we malloc, if any

	cryptHand = genCryptHandle(cspHand, 
		algorithm, 
		mode, 
		padding,
		key, 
		pubKey, 
		iv,
		effectiveKeySizeInBits,
		rounds);
	if(cryptHand == 0) {
		return CSSMERR_CSP_INTERNAL_ERROR;
	}
	if(mallocPtext && (ptext->Length == 0)) {
		CSSM_QUERY_SIZE_DATA querySize;
		querySize.SizeInputBlock = ctext->Length;
		crtn = CSSM_QuerySize(cryptHand,
			CSSM_FALSE,						// encrypt
			1,
			&querySize);
		if(crtn) {
			printError("CSSM_QuerySize", crtn);
			ocrtn = crtn;
			goto abort;
		}
		if(querySize.SizeOutputBlock == 0) {
			/* CSP couldn't figure this one out; skip our malloc */
			printf("***cspDecrypt: warning: plainTextSize unknown; "
				"skipping malloc\n");
			origPtextLen = 0;
		}
		else {
			ptext->Data = 
				(uint8 *)appMalloc(querySize.SizeOutputBlock, NULL);
			if(ptext->Data == NULL) {
				printf("Insufficient heap space\n");
				ocrtn = CSSMERR_CSP_MEMORY_ERROR;
				goto abort;
			}
			ptext->Length = origPtextLen = querySize.SizeOutputBlock;
			memset(ptext->Data, 0, ptext->Length);
		}
	}
	else {
		origPtextLen = ptext->Length;
	}
	crtn = CSSM_DecryptData(cryptHand,
		ctext,
		1,
		ptext,
		1,
		&bytesDecrypted,
		&remData);
	if(crtn == CSSM_OK) {
		/*
		 * Deal with remData - its contents are included in bytesDecrypted.
		 */
		if((remData.Length != 0) && mallocPtext) {
			/* shouldn't happen - right? */
			if(bytesDecrypted > origPtextLen) {
				/* malloc and copy a new one */
				uint8 *newPdata = (uint8 *)appMalloc(bytesDecrypted, NULL);
				printf("**Warning: app malloced ClearBuf, but got nonzero "
					"remData!\n");
				if(newPdata == NULL) {
					printf("Insufficient heap space\n");
					ocrtn = CSSMERR_CSP_MEMORY_ERROR;
					goto abort;
				}
				memmove(newPdata, ptext->Data, ptext->Length);
				memmove(newPdata + ptext->Length,
					remData.Data, remData.Length);
				CSSM_FREE(ptext->Data);
				ptext->Data = newPdata;
			}
			else {
				/* there's room left over */
				memmove(ptext->Data + ptext->Length,
					remData.Data, remData.Length);
			}
			ptext->Length = bytesDecrypted;
		}
		// NOTE: We return the proper length in ptext....
		ptext->Length = bytesDecrypted;
		
		// FIXME - sometimes get mallocd RemData here, but never any valid data
		// there...side effect of CSPFullPluginSession's buffer handling logic;
		// but will we ever actually see valid data in RemData? So far we never
		// have....
		if(remData.Data != NULL) {
			appFree(remData.Data, NULL);
		}
	}
	else {
		printError("CSSM_DecryptData", crtn);
		ocrtn = crtn;
	}
abort:
	crtn = CSSM_DeleteContext(cryptHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		ocrtn = crtn;
	}
	return ocrtn;
}

CSSM_RETURN cspStagedDecrypt(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for symmetric algs
		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
		const CSSM_KEY *key,				// public or session key
		const CSSM_KEY *pubKey,				// for CSSM_ALGID_FEED, CSSM_ALGID_FEECFILE only
		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
		uint32 cipherBlockSize,				// ditto
		uint32 rounds,						// ditto
		const CSSM_DATA *iv,				// init vector, optional
		const CSSM_DATA *ctext,
		CSSM_DATA_PTR ptext,				// RETURNED, we malloc
		CSSM_BOOL multiUpdates)				// false:single update, true:multi updates
{
	CSSM_CC_HANDLE 	cryptHand;
	CSSM_RETURN		crtn;
	CSSM_SIZE		bytesDecrypted;			// per update
	CSSM_SIZE		bytesDecryptedTotal = 0;
	CSSM_RETURN		ocrtn = CSSM_OK;		// 'our' crtn
	unsigned		toMove;					// remaining
	unsigned		thisMove;				// bytes to encrypt on this update
	CSSM_DATA		thisCtext;				// running ptr into ptext
	CSSM_DATA		ptextWork;				// per update, mallocd by CSP
	CSSM_QUERY_SIZE_DATA querySize;
	uint8			*origPtext;				// initial ptext->Data
	unsigned		origPtextLen;			// amount we mallocd
	
	cryptHand = genCryptHandle(cspHand, 
		algorithm, 
		mode, 
		padding,
		key, 
		pubKey, 
		iv,
		effectiveKeySizeInBits,
		rounds);
	if(cryptHand == 0) {
		return CSSMERR_CSP_INTERNAL_ERROR;
	}
	if(cipherBlockSize) {
		crtn = AddContextAttribute(cryptHand,
			CSSM_ATTRIBUTE_BLOCK_SIZE,
			sizeof(uint32),
			CAT_Uint32,
			NULL,
			cipherBlockSize);
		if(crtn) {
			printError("CSSM_UpdateContextAttributes", crtn);
			goto abort;
		}
	}
	
	/* obtain total required ciphertext size and block size */
	querySize.SizeInputBlock = ctext->Length;
	crtn = CSSM_QuerySize(cryptHand,
		CSSM_FALSE,						// encrypt
		1,
		&querySize);
	if(crtn) {
		printError("CSSM_QuerySize(1)", crtn);
		ocrtn = crtn;
		goto abort;
	}
	
	/* required ptext size should be independent of number of chunks */
	if(querySize.SizeOutputBlock == 0) {
		printf("***warning: cspStagedDecrypt: plainTextSize unknown; aborting\n");
		ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
		goto abort;
	}
	else {
		// until exit, ptext->Length indicates remaining bytes of usable data in
		// ptext->Data
		ptext->Length = origPtextLen = querySize.SizeOutputBlock;
		ptext->Data   = origPtext    = 
			(uint8 *)appMalloc(origPtextLen, NULL);
		if(ptext->Data == NULL) {
			printf("Insufficient heap space\n");
			ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
			goto abort;
		}
		memset(ptext->Data, 0, ptext->Length);
	}
	
	crtn = CSSM_DecryptDataInit(cryptHand);
	if(crtn) {
		printError("CSSM_DecryptDataInit", crtn);
		ocrtn = crtn;
		goto abort;
	}
	toMove = ctext->Length;
	thisCtext.Data = ctext->Data;
	while(toMove) {
		if(multiUpdates) {
			thisMove = genRand(1, toMove);
		}
		else {
			/* just do one pass thru this loop */
			thisMove = toMove;
		}
		thisCtext.Length = thisMove;
		/* let CSP do the individual mallocs */
		ptextWork.Data = NULL;
		ptextWork.Length = 0;
		soprintf(("*** DecryptDataUpdate: ctextLen 0x%x\n", thisMove));
		crtn = CSSM_DecryptDataUpdate(cryptHand,
			&thisCtext,
			1,
			&ptextWork,
			1,
			&bytesDecrypted);
		if(crtn) {
			printError("CSSM_DecryptDataUpdate", crtn);
			ocrtn = crtn;
			goto abort;
		}
		//
		// NOTE: We return the proper length in ptext....
		ptextWork.Length = bytesDecrypted;
		thisCtext.Data += thisMove;
		toMove         -= thisMove;
		if(bytesDecrypted > ptext->Length) {
			printf("cspStagedDecrypt: ptext overflow!\n");
			ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
			goto abort;
		}
		if(bytesDecrypted != 0) {
			memmove(ptext->Data, ptextWork.Data, bytesDecrypted);
			bytesDecryptedTotal += bytesDecrypted;
			ptext->Data         += bytesDecrypted;
			ptext->Length       -= bytesDecrypted;
		}
		if(ptextWork.Data != NULL) {
			CSSM_FREE(ptextWork.Data);
		}
	}
	/* OK, one more */
	ptextWork.Data = NULL;
	ptextWork.Length = 0;
	crtn = CSSM_DecryptDataFinal(cryptHand, &ptextWork);
	if(crtn) {
		printError("CSSM_DecryptDataFinal", crtn);
		ocrtn = crtn;
		goto abort;
	}
	if(ptextWork.Length != 0) {
		bytesDecryptedTotal += ptextWork.Length;
		if(ptextWork.Length > ptext->Length) {
			printf("cspStagedDecrypt: ptext overflow (2)!\n");
			ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
			goto abort;
		}
		memmove(ptext->Data, ptextWork.Data, ptextWork.Length);
	}
	if(ptextWork.Data) {
		/* this could have gotten mallocd and Length still be zero */
		CSSM_FREE(ptextWork.Data);
	}
	
	/* retweeze ptext */
	ptext->Data   = origPtext;
	ptext->Length = bytesDecryptedTotal;
abort:
	crtn = CSSM_DeleteContext(cryptHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		ocrtn = crtn;
	}
	return ocrtn;
}

#pragma mark --------- sign/verify/MAC ---------

/*
 * Signature routines
 * This all-in-one sign op has a special case for RSA keys. If the requested
 * alg is MD5 or SHA1, we'll do a manual digest op followed by raw RSA sign. 
 * Likewise, if it's CSSM_ALGID_DSA, we'll do manual SHA1 digest followed by 
 * raw DSA sign.
 */

CSSM_RETURN cspSign(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
		CSSM_KEY_PTR key,					// private key
		const CSSM_DATA *text,
		CSSM_DATA_PTR sig)					// RETURNED
{
	CSSM_CC_HANDLE	sigHand;
	CSSM_RETURN		crtn;
	CSSM_RETURN		ocrtn = CSSM_OK;
	const CSSM_DATA	*ptext;
	CSSM_DATA		digest = {0, NULL};
	CSSM_ALGORITHMS	digestAlg = CSSM_ALGID_NONE;

	/* handle special cases for raw sign */
	switch(algorithm) {
		case CSSM_ALGID_SHA1:
			digestAlg = CSSM_ALGID_SHA1;
			algorithm = CSSM_ALGID_RSA;
			break;
		case CSSM_ALGID_MD5:
			digestAlg = CSSM_ALGID_MD5;
			algorithm = CSSM_ALGID_RSA;
			break;
		case CSSM_ALGID_DSA:
			digestAlg = CSSM_ALGID_SHA1;
			algorithm = CSSM_ALGID_DSA;
			break;
		default:
			break;
	}
	if(digestAlg != CSSM_ALGID_NONE) {
		crtn = cspDigest(cspHand,
			digestAlg,
			CSSM_FALSE,			// mallocDigest
			text,
			&digest);
		if(crtn) {
			return crtn;
		}	
		/* sign digest with raw RSA/DSA */
		ptext = &digest;
	}
	else {
		ptext = text;
	}
	crtn = CSSM_CSP_CreateSignatureContext(cspHand,
		algorithm,
		NULL,				// passPhrase
		key,
		&sigHand);
	if(crtn) {
		printError("CSSM_CSP_CreateSignatureContext (1)", crtn);
		return crtn;
	}
	crtn = CSSM_SignData(sigHand,
		ptext,
		1,
		digestAlg,
		sig);
	if(crtn) {
		printError("CSSM_SignData", crtn);
		ocrtn = crtn;
	}
	crtn = CSSM_DeleteContext(sigHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		ocrtn = crtn;
	}
	if(digest.Data != NULL) {
		CSSM_FREE(digest.Data);
	}
	return ocrtn;
}

/*
 * Staged sign. Each update does a random number of bytes 'till through.
 */
CSSM_RETURN cspStagedSign(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
		CSSM_KEY_PTR key,					// private key
		const CSSM_DATA *text,
		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
		CSSM_DATA_PTR sig)					// RETURNED
{
	CSSM_CC_HANDLE	sigHand;
	CSSM_RETURN		crtn;
	CSSM_RETURN		ocrtn = CSSM_OK;
	unsigned		thisMove;				// this update
	unsigned		toMove;					// total to go
	CSSM_DATA		thisText;				// actaully passed to update
	crtn = CSSM_CSP_CreateSignatureContext(cspHand,
		algorithm,
		NULL,				// passPhrase
		key,
		&sigHand);
	if(crtn) {
		printError("CSSM_CSP_CreateSignatureContext (1)", crtn);
		return crtn;
	}
	crtn = CSSM_SignDataInit(sigHand);
	if(crtn) {
		printError("CSSM_SignDataInit", crtn);
		ocrtn = crtn;
		goto abort;
	}
	toMove = text->Length;
	thisText.Data = text->Data;
	while(toMove) {
		if(multiUpdates) {
			thisMove = genRand(1, toMove);
		}
		else {
			thisMove = toMove;
		}
		thisText.Length = thisMove;
		crtn = CSSM_SignDataUpdate(sigHand,
			&thisText,
			1);
		if(crtn) {
			printError("CSSM_SignDataUpdate", crtn);
			ocrtn = crtn;
			goto abort;
		}
		thisText.Data += thisMove;
		toMove -= thisMove;
	}
	crtn = CSSM_SignDataFinal(sigHand, sig);
	if(crtn) {
		printError("CSSM_SignDataFinal", crtn);
		ocrtn = crtn;
		goto abort;
	}
abort:
	crtn = CSSM_DeleteContext(sigHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		ocrtn = crtn;
	}
	return ocrtn;
}

/*
 * This all-in-one verify op has a special case for RSA keys. If the requested
 * alg is MD5 or SHA1, we'll do a manual digest op followed by raw RSA verify.
 * Likewise, if it's CSSM_ALGID_DSA, we'll do manual SHA1 digest followed by 
 * raw DSA sign.
 */ 
 
CSSM_RETURN cspSigVerify(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
		CSSM_KEY_PTR key,					// public key
		const CSSM_DATA *text,
		const CSSM_DATA *sig,
		CSSM_RETURN expectResult)			// expected result is verify failure
											// CSSM_OK - expect success
{
	CSSM_CC_HANDLE	sigHand;
	CSSM_RETURN		ocrtn = CSSM_OK;
	CSSM_RETURN		crtn;
	const CSSM_DATA	*ptext;
	CSSM_DATA		digest = {0, NULL};
	CSSM_ALGORITHMS	digestAlg = CSSM_ALGID_NONE;
	
	/* handle special cases for raw sign */
	switch(algorithm) {
		case CSSM_ALGID_SHA1:
			digestAlg = CSSM_ALGID_SHA1;
			algorithm = CSSM_ALGID_RSA;
			break;
		case CSSM_ALGID_MD5:
			digestAlg = CSSM_ALGID_MD5;
			algorithm = CSSM_ALGID_RSA;
			break;
		case CSSM_ALGID_DSA:
			digestAlg = CSSM_ALGID_SHA1;
			algorithm = CSSM_ALGID_DSA;
			break;
		default:
			break;
	}
	if(digestAlg != CSSM_ALGID_NONE) {
		crtn = cspDigest(cspHand,
			digestAlg,
			CSSM_FALSE,			// mallocDigest
			text,
			&digest);
		if(crtn) {
			return crtn;
		}	
		/* sign digest with raw RSA/DSA */
		ptext = &digest;
	}
	else {
		ptext = text;
	}
	crtn = CSSM_CSP_CreateSignatureContext(cspHand,
		algorithm,
		NULL,				// passPhrase
		key,
		&sigHand);
	if(crtn) {
		printError("CSSM_CSP_CreateSignatureContext (3)", crtn);
		return crtn;
	}
	
	crtn = CSSM_VerifyData(sigHand,
		ptext,
		1,
		digestAlg,
		sig);
	if(crtn != expectResult) {
		if(!crtn) {
			printf("Unexpected good Sig Verify\n");
		}
		else {
			printError("CSSM_VerifyData", crtn);
		}
		ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
	}
	crtn = CSSM_DeleteContext(sigHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		ocrtn = crtn;
	}
	if(digest.Data != NULL) {
		CSSM_FREE(digest.Data);
	}
	return ocrtn;
}

/*
 * Staged verify. Each update does a random number of bytes 'till through.
 */
CSSM_RETURN cspStagedSigVerify(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
		CSSM_KEY_PTR key,					// private key
		const CSSM_DATA *text,
		const CSSM_DATA *sig,
		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
		CSSM_RETURN expectResult)			// expected result is verify failure
											// CSSM_TRUE - expect success
{
	CSSM_CC_HANDLE	sigHand;
	CSSM_RETURN		crtn;
	CSSM_RETURN		ocrtn = CSSM_OK;
	unsigned		thisMove;				// this update
	unsigned		toMove;					// total to go
	CSSM_DATA		thisText;				// actaully passed to update
	crtn = CSSM_CSP_CreateSignatureContext(cspHand,
		algorithm,
		NULL,				// passPhrase
		key,
		&sigHand);
	if(crtn) {
		printError("CSSM_CSP_CreateSignatureContext (4)", crtn);
		return crtn;
	}
	crtn = CSSM_VerifyDataInit(sigHand);
	if(crtn) {
		printError("CSSM_VerifyDataInit", crtn);
		ocrtn = crtn;
		goto abort;
	}
	toMove = text->Length;
	thisText.Data = text->Data;
	while(toMove) {
		if(multiUpdates) {
			thisMove = genRand(1, toMove);
		}
		else {
			thisMove = toMove;
		}
		thisText.Length = thisMove;
		crtn = CSSM_VerifyDataUpdate(sigHand,
			&thisText,
			1);
		if(crtn) {
			printError("CSSM_VerifyDataUpdate", crtn);
			ocrtn = crtn;
			goto abort;
		}
		thisText.Data += thisMove;
		toMove -= thisMove;
	}
	crtn = CSSM_VerifyDataFinal(sigHand, sig);
	if(crtn != expectResult) {
		if(crtn) {
			printError("CSSM_VerifyDataFinal", crtn);
		}
		else {
			printf("Unexpected good Staged Sig Verify\n");
		}
		ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
	}
abort:
	crtn = CSSM_DeleteContext(sigHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		ocrtn = crtn;
	}
	return ocrtn;
}

/*
 * MAC routines
 */
CSSM_RETURN cspGenMac(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
		CSSM_KEY_PTR key,					// session key
		const CSSM_DATA *text,
		CSSM_DATA_PTR mac)					// RETURNED
{
	CSSM_CC_HANDLE	macHand;
	CSSM_RETURN		crtn;
	CSSM_RETURN		ocrtn = CSSM_OK;
	crtn = CSSM_CSP_CreateMacContext(cspHand,
		algorithm,
		key,
		&macHand);
	if(crtn) {
		printError("CSSM_CSP_CreateMacContext (1)", crtn);
		return crtn;
	}
	crtn = CSSM_GenerateMac(macHand,
		text,
		1,
		mac);
	if(crtn) {
		printError("CSSM_GenerateMac", crtn);
		ocrtn = crtn;
	}
	crtn = CSSM_DeleteContext(macHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		ocrtn = crtn;
	}
	return ocrtn;
}

/*
 * Staged generate mac. 
 */
CSSM_RETURN cspStagedGenMac(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
		CSSM_KEY_PTR key,					// private key
		const CSSM_DATA *text,
		CSSM_BOOL mallocMac,				// if true and digest->Length = 0, we'll 
											//		malloc
		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
		CSSM_DATA_PTR mac)					// RETURNED
{
	CSSM_CC_HANDLE	macHand;
	CSSM_RETURN		crtn;
	CSSM_RETURN		ocrtn = CSSM_OK;
	unsigned		thisMove;				// this update
	unsigned		toMove;					// total to go
	CSSM_DATA		thisText;				// actaully passed to update
	
	crtn = CSSM_CSP_CreateMacContext(cspHand,
		algorithm,
		key,
		&macHand);
	if(crtn) {
		printError("CSSM_CSP_CreateMacContext (2)", crtn);
		return crtn;
	}

	if(mallocMac && (mac->Length == 0)) {
		/* malloc mac - ask CSP for size */
		CSSM_QUERY_SIZE_DATA	querySize = {0, 0};
		crtn = CSSM_QuerySize(macHand,
			CSSM_TRUE,						// encrypt
			1,
			&querySize);
		if(crtn) {
			printError("CSSM_QuerySize(mac)", crtn);
			ocrtn = crtn;
			goto abort;
		}
		if(querySize.SizeOutputBlock == 0) {
			printf("Unknown mac size\n");
			ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
			goto abort;
		}
		mac->Data = (uint8 *)appMalloc(querySize.SizeOutputBlock, NULL);
		if(mac->Data == NULL) {
			printf("malloc failure\n");
			ocrtn = CSSMERR_CSSM_MEMORY_ERROR;
			goto abort;
		}
		mac->Length = querySize.SizeOutputBlock;
	}

	crtn = CSSM_GenerateMacInit(macHand);
	if(crtn) {
		printError("CSSM_GenerateMacInit", crtn);
		ocrtn = crtn;
		goto abort;
	}
	toMove = text->Length;
	thisText.Data = text->Data;
	
	while(toMove) {
		if(multiUpdates) {
			thisMove = genRand(1, toMove);
		}
		else {
			thisMove = toMove;
		}
		thisText.Length = thisMove;
		crtn = CSSM_GenerateMacUpdate(macHand,
			&thisText,
			1);
		if(crtn) {
			printError("CSSM_GenerateMacUpdate", crtn);
			ocrtn = crtn;
			goto abort;
		}
		thisText.Data += thisMove;
		toMove -= thisMove;
	}
	crtn = CSSM_GenerateMacFinal(macHand, mac);
	if(crtn) {
		printError("CSSM_GenerateMacFinal", crtn);
		ocrtn = crtn;
		goto abort;
	}
abort:
	crtn = CSSM_DeleteContext(macHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		ocrtn = crtn;
	}
	return ocrtn;
}

CSSM_RETURN cspMacVerify(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
		CSSM_KEY_PTR key,					// public key
		const CSSM_DATA *text,
		const CSSM_DATA_PTR mac,
		CSSM_RETURN expectResult)			// expected result 
											// CSSM_OK - expect success
{
	CSSM_CC_HANDLE	macHand;
	CSSM_RETURN		ocrtn = CSSM_OK;
	CSSM_RETURN		crtn;
	crtn = CSSM_CSP_CreateMacContext(cspHand,
		algorithm,
		key,
		&macHand);
	if(crtn) {
		printError("CSSM_CSP_CreateMacContext (3)", crtn);
		return crtn;
	}
	crtn = CSSM_VerifyMac(macHand,
		text,
		1,
		mac);
	if(crtn != expectResult) {
		if(crtn) {
			printError("CSSM_VerifyMac", crtn);
		}
		else {
			printf("Unexpected good Mac Verify\n");
		}
		ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
	}
	crtn = CSSM_DeleteContext(macHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		ocrtn = crtn;
	}
	return ocrtn;
}

/*
 * Staged mac verify. Each update does a random number of bytes 'till through.
 */
CSSM_RETURN cspStagedMacVerify(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
		CSSM_KEY_PTR key,					// private key
		const CSSM_DATA *text,
		const CSSM_DATA_PTR mac,
		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
		CSSM_RETURN expectResult)			// expected result is verify failure
											// CSSM_OK - expect success
{
	CSSM_CC_HANDLE	macHand;
	CSSM_RETURN		crtn;
	CSSM_RETURN		ocrtn = CSSM_OK;
	unsigned		thisMove;				// this update
	unsigned		toMove;					// total to go
	CSSM_DATA		thisText;				// actaully passed to update

	crtn = CSSM_CSP_CreateMacContext(cspHand,
		algorithm,
		key,
		&macHand);
	if(crtn) {
		printError("CSSM_CSP_CreateMacContext (4)", crtn);
		return crtn;
	}
	crtn = CSSM_VerifyMacInit(macHand);
	if(crtn) {
		printError("CSSM_VerifyMacInit", crtn);
		ocrtn = crtn;
		goto abort;
	}
	toMove = text->Length;
	thisText.Data = text->Data;
	
	while(toMove) {
		if(multiUpdates) {
			thisMove = genRand(1, toMove);
		}
		else {
			thisMove = toMove;
		}
		thisText.Length = thisMove;
		crtn = CSSM_VerifyMacUpdate(macHand,
			&thisText,
			1);
		if(crtn) {
			printError("CSSM_VerifyMacUpdate", crtn);
			ocrtn = crtn;
			goto abort;
		}
		thisText.Data += thisMove;
		toMove -= thisMove;
	}
	crtn = CSSM_VerifyMacFinal(macHand, mac);
	if(crtn != expectResult) {
		if(crtn) {
			printError("CSSM_VerifyMacFinal", crtn);
		}
		else {
			printf("Unexpected good Staged Mac Verify\n");
		}
		ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
	}
abort:
	crtn = CSSM_DeleteContext(macHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		ocrtn = crtn;
	}
	return ocrtn;
}

#pragma mark --------- Digest ---------

/*
 * Digest functions
 */
CSSM_RETURN cspDigest(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_MD5, etc.
		CSSM_BOOL mallocDigest,				// if true and digest->Length = 0, we'll malloc
		const CSSM_DATA *text,
		CSSM_DATA_PTR digest)
{
	CSSM_CC_HANDLE	digestHand;
	CSSM_RETURN		crtn;
	CSSM_RETURN		ocrtn = CSSM_OK;
	
	crtn = CSSM_CSP_CreateDigestContext(cspHand,
		algorithm,
		&digestHand);
	if(crtn) {
		printError("CSSM_CSP_CreateDIgestContext (1)", crtn);
		return crtn;
	}
	if(mallocDigest && (digest->Length == 0)) {
		/* malloc digest - ask CSP for size */
		CSSM_QUERY_SIZE_DATA	querySize = {0, 0};
		crtn = CSSM_QuerySize(digestHand,
			CSSM_FALSE,						// encrypt
			1,
			&querySize);
		if(crtn) {
			printError("CSSM_QuerySize(3)", crtn);
			ocrtn = crtn;
			goto abort;
		}
		if(querySize.SizeOutputBlock == 0) {
			printf("Unknown digest size\n");
			ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
			goto abort;
		}
		digest->Data = (uint8 *)appMalloc(querySize.SizeOutputBlock, NULL);
		if(digest->Data == NULL) {
			printf("malloc failure\n");
			ocrtn = CSSMERR_CSSM_MEMORY_ERROR;
			goto abort;
		}
		digest->Length = querySize.SizeOutputBlock;
	}
	crtn = CSSM_DigestData(digestHand,
		text,
		1,
		digest);
	if(crtn) {
		printError("CSSM_DigestData", crtn);
		ocrtn = crtn;
	}
abort:
	crtn = CSSM_DeleteContext(digestHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		ocrtn = crtn;
	}
	return ocrtn;
}

CSSM_RETURN cspStagedDigest(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_MD5, etc.
		CSSM_BOOL mallocDigest,				// if true and digest->Length = 0, we'll 
											//		malloc
		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
		const CSSM_DATA *text,
		CSSM_DATA_PTR digest)
{
	CSSM_CC_HANDLE	digestHand;
	CSSM_RETURN		crtn;
	CSSM_RETURN		ocrtn = CSSM_OK;
	unsigned		thisMove;				// this update
	unsigned		toMove;					// total to go
	CSSM_DATA		thisText;				// actually passed to update
	
	crtn = CSSM_CSP_CreateDigestContext(cspHand,
		algorithm,
		&digestHand);
	if(crtn) {
		printError("CSSM_CSP_CreateDigestContext (2)", crtn);
		return crtn;
	}
	if(mallocDigest && (digest->Length == 0)) {
		/* malloc digest - ask CSP for size */
		CSSM_QUERY_SIZE_DATA	querySize = {0, 0};
		crtn = CSSM_QuerySize(digestHand,
			CSSM_FALSE,						// encrypt
			1,
			&querySize);
		if(crtn) {
			printError("CSSM_QuerySize(4)", crtn);
			ocrtn = crtn;
			goto abort;
		}
		if(querySize.SizeOutputBlock == 0) {
			printf("Unknown digest size\n");
			ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
			goto abort;
		}
		digest->Data = (uint8 *)appMalloc(querySize.SizeOutputBlock, NULL);
		if(digest->Data == NULL) {
			printf("malloc failure\n");
			ocrtn = CSSMERR_CSSM_MEMORY_ERROR;
			goto abort;
		}
		digest->Length = querySize.SizeOutputBlock;
	}
	crtn = CSSM_DigestDataInit(digestHand);
	if(crtn) {
		printError("CSSM_DigestDataInit", crtn);
		ocrtn = crtn;
		goto abort;
	}
	toMove = text->Length;
	thisText.Data = text->Data;
	while(toMove) {
		if(multiUpdates) {
			thisMove = genRand(1, toMove);
		}
		else {
			thisMove = toMove;
		}
		thisText.Length = thisMove;
		crtn = CSSM_DigestDataUpdate(digestHand,
			&thisText,
			1);
		if(crtn) {
			printError("CSSM_DigestDataUpdate", crtn);
			ocrtn = crtn;
			goto abort;
		}
		thisText.Data += thisMove;
		toMove -= thisMove;
	}
	crtn = CSSM_DigestDataFinal(digestHand, digest);
	if(crtn) {
		printError("CSSM_DigestDataFinal", crtn);
		ocrtn = crtn;
		goto abort;
	}
abort:
	crtn = CSSM_DeleteContext(digestHand);
	if(crtn) {
		printError("CSSM_DeleteContext", crtn);
		ocrtn = crtn;
	}
	return ocrtn;
}

#pragma mark --------- wrap/unwrap ---------

/* wrap key function. */
CSSM_RETURN cspWrapKey(CSSM_CSP_HANDLE cspHand,
	const CSSM_KEY			*unwrappedKey,	
	const CSSM_KEY			*wrappingKey,
	CSSM_ALGORITHMS			wrapAlg,
	CSSM_ENCRYPT_MODE		wrapMode,
	CSSM_KEYBLOB_FORMAT		wrapFormat,			// NONE, PKCS7, PKCS8
	CSSM_PADDING			wrapPad,
	CSSM_DATA_PTR			initVector,			// for some wrapping algs
	CSSM_DATA_PTR			descrData,			// optional 
	CSSM_KEY_PTR			wrappedKey)			// RETURNED
{
	CSSM_CC_HANDLE		ccHand;
	CSSM_RETURN			crtn;
	CSSM_ACCESS_CREDENTIALS	creds;
	
	memset(wrappedKey, 0, sizeof(CSSM_KEY));
	setBadKeyData(wrappedKey);
	memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
	/* special case for NULL wrap - no wrapping key */
	if((wrappingKey == NULL) ||
	   (wrappingKey->KeyHeader.KeyClass == CSSM_KEYCLASS_SESSION_KEY)) {
		crtn = CSSM_CSP_CreateSymmetricContext(cspHand,
				wrapAlg,
				wrapMode,
				&creds,			// passPhrase,
				wrappingKey,
				initVector,
				wrapPad,		// Padding
				0,				// Params
				&ccHand);
	}
	else {
		crtn = CSSM_CSP_CreateAsymmetricContext(cspHand,
				wrapAlg,
				&creds,	
				wrappingKey,
				wrapPad,		// padding
				&ccHand);
		if(crtn) {
			printError("cspWrapKey/CreateContext", crtn);
			return crtn;
		}
		if(initVector) {
			/* manually add IV for CMS. The actual low-level encrypt doesn't
			 * use it (and must ignore it). */
			crtn = AddContextAttribute(ccHand,
				CSSM_ATTRIBUTE_INIT_VECTOR,
				sizeof(CSSM_DATA),
				CAT_Ptr,
				initVector,
				0);
			if(crtn) {
				printError("CSSM_UpdateContextAttributes", crtn);
				return crtn;
			}
		}
	}
	if(crtn) {
		printError("cspWrapKey/CreateContext", crtn);
		return crtn;
	}
	if(wrapFormat != CSSM_KEYBLOB_WRAPPED_FORMAT_NONE) {
		/* only add this attribute if it's not the default */
		CSSM_CONTEXT_ATTRIBUTE attr;
		attr.AttributeType = CSSM_ATTRIBUTE_WRAPPED_KEY_FORMAT;
		attr.AttributeLength = sizeof(uint32);
		attr.Attribute.Uint32 = wrapFormat;
		crtn = CSSM_UpdateContextAttributes(
			ccHand,
			1,
			&attr);
		if(crtn) {
			printError("CSSM_UpdateContextAttributes", crtn);
			return crtn;
		}
	}
	crtn = CSSM_WrapKey(ccHand,
		&creds,
		unwrappedKey,
		descrData,			// DescriptiveData
		wrappedKey);
	if(crtn != CSSM_OK) {
		printError("CSSM_WrapKey", crtn);
	}
	if(CSSM_DeleteContext(ccHand)) {
		printf("CSSM_DeleteContext failure\n");
	}
	return crtn;
}

/* unwrap key function. */
CSSM_RETURN cspUnwrapKey(CSSM_CSP_HANDLE cspHand,
	const CSSM_KEY			*wrappedKey,
	const CSSM_KEY			*unwrappingKey,
	CSSM_ALGORITHMS			unwrapAlg,
	CSSM_ENCRYPT_MODE		unwrapMode,
	CSSM_PADDING 			unwrapPad,
	CSSM_DATA_PTR			initVector,			// for some wrapping algs
	CSSM_KEY_PTR			unwrappedKey,		// RETURNED
	CSSM_DATA_PTR			descrData,			// required
	const char 				*keyLabel,
	unsigned 				keyLabelLen)
{
	CSSM_CC_HANDLE		ccHand;
	CSSM_RETURN			crtn;
	CSSM_DATA			labelData;
	uint32				keyAttr;
	CSSM_ACCESS_CREDENTIALS	creds;
	
	memset(unwrappedKey, 0, sizeof(CSSM_KEY));
	setBadKeyData(unwrappedKey);
	memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
	if((unwrappingKey == NULL) ||
	   (unwrappingKey->KeyHeader.KeyClass == CSSM_KEYCLASS_SESSION_KEY)) {
		crtn = CSSM_CSP_CreateSymmetricContext(cspHand,
				unwrapAlg,
				unwrapMode,
				&creds,
				unwrappingKey,
				initVector,
				unwrapPad,
				0,				// Params
				&ccHand);
	}
	else {
		crtn = CSSM_CSP_CreateAsymmetricContext(cspHand,
				unwrapAlg,
				&creds,			// passPhrase,
				unwrappingKey,
				unwrapPad,		// Padding
				&ccHand);
		if(crtn) {
			printError("cspUnwrapKey/CreateContext", crtn);
			return crtn;
		}
		if(initVector) {
			/* manually add IV for CMS. The actual low-level encrypt doesn't
			 * use it (and must ignore it). */
			crtn = AddContextAttribute(ccHand,
				CSSM_ATTRIBUTE_INIT_VECTOR,
				sizeof(CSSM_DATA),
				CAT_Ptr,
				initVector,
				0);
			if(crtn) {
				printError("CSSM_UpdateContextAttributes", crtn);
				return crtn;
			}
		}
	}
	if(crtn) {
		printError("cspUnwrapKey/CreateContext", crtn);
		return crtn;
	}
	labelData.Data = (uint8 *)keyLabel;
	labelData.Length = keyLabelLen;
	
	/*
	 * New keyAttr - clear some old bits, make sure we ask for ref key
	 */
	keyAttr = wrappedKey->KeyHeader.KeyAttr;
	keyAttr &= ~(CSSM_KEYATTR_ALWAYS_SENSITIVE | CSSM_KEYATTR_NEVER_EXTRACTABLE);
	keyAttr |= CSSM_KEYATTR_RETURN_REF;
	crtn = CSSM_UnwrapKey(ccHand,
		NULL,				// PublicKey
		wrappedKey,
		wrappedKey->KeyHeader.KeyUsage,
		keyAttr,
		&labelData,
		NULL,				// CredAndAclEntry
		unwrappedKey,
		descrData);			// required
	if(crtn != CSSM_OK) {
		printError("CSSM_UnwrapKey", crtn);
	}
	if(CSSM_DeleteContext(ccHand)) {
		printf("CSSM_DeleteContext failure\n");
	}
	return crtn;
}

/*
 * Simple NULL wrap to convert a reference key to a raw key.
 */
CSSM_RETURN cspRefKeyToRaw(
	CSSM_CSP_HANDLE cspHand,
	const CSSM_KEY *refKey,
	CSSM_KEY_PTR rawKey)		// init'd and RETURNED
{
	CSSM_DATA descData = {0, 0};
	
	memset(rawKey, 0, sizeof(CSSM_KEY));
	return cspWrapKey(cspHand,
		refKey,
		NULL,					// unwrappingKey
		CSSM_ALGID_NONE,
		CSSM_ALGMODE_NONE,
		CSSM_KEYBLOB_WRAPPED_FORMAT_NONE,
		CSSM_PADDING_NONE,
		NULL,					// IV
		&descData,
		rawKey);
}

/* unwrap raw key --> ref */
CSSM_RETURN cspRawKeyToRef(
	CSSM_CSP_HANDLE cspHand,
	const CSSM_KEY *rawKey,
	CSSM_KEY_PTR refKey)				// init'd and RETURNED
{
	CSSM_DATA descData = {0, 0};

	memset(refKey, 0, sizeof(CSSM_KEY));
	return cspUnwrapKey(cspHand,
		rawKey,
		NULL,		// unwrappingKey
		CSSM_ALGID_NONE,
		CSSM_ALGMODE_NONE,
		CSSM_PADDING_NONE,
		NULL,		// init vector
		refKey,
		&descData,
		"noLabel",
		7);
}


#pragma mark --------- FEE key/curve support ---------

/*
 * Generate random key size, primeType, curveType for FEE key for specified op.
 *
 * First just enumerate the curves we know about, with ECDSA-INcapable first
 */
 
typedef struct {
	uint32	keySizeInBits;
	uint32 	primeType;				// CSSM_FEE_PRIME_TYPE_xxx
	uint32 	curveType;				// CSSM_FEE_CURVE_TYPE_xxx
} feeCurveParams;

#define FEE_PROTOTYPE_CURVES	0
#if 	FEE_PROTOTYPE_CURVES
/* obsolete as of 4/9/2001 */
static feeCurveParams feeCurves[] = {
	{	31,		CSSM_FEE_PRIME_TYPE_MERSENNE,	CSSM_FEE_CURVE_TYPE_MONTGOMERY },
	{	127,	CSSM_FEE_PRIME_TYPE_MERSENNE,	CSSM_FEE_CURVE_TYPE_MONTGOMERY },
	{	127,	CSSM_FEE_PRIME_TYPE_GENERAL,	CSSM_FEE_CURVE_TYPE_MONTGOMERY },
	#define NUM_NON_ECDSA_CURVES	3
	
	/* start of Weierstrass, IEEE P1363-capable curves */
	{	31,		CSSM_FEE_PRIME_TYPE_MERSENNE,	CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
	{	40,		CSSM_FEE_PRIME_TYPE_FEE,		CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
	{	127,	CSSM_FEE_PRIME_TYPE_MERSENNE,	CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
	{	160,	CSSM_FEE_PRIME_TYPE_FEE,		CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
	{	160,	CSSM_FEE_PRIME_TYPE_GENERAL,	CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
	{	192,	CSSM_FEE_PRIME_TYPE_FEE,		CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
};
#else	/* FEE_PROTOTYPE_CURVES */
static feeCurveParams feeCurves[] = {
	{	31,		CSSM_FEE_PRIME_TYPE_MERSENNE,	CSSM_FEE_CURVE_TYPE_MONTGOMERY },
	{	127,	CSSM_FEE_PRIME_TYPE_MERSENNE,	CSSM_FEE_CURVE_TYPE_MONTGOMERY },
	#define NUM_NON_ECDSA_CURVES	2
	
	/* start of Weierstrass, IEEE P1363-capable curves */
	{	31,		CSSM_FEE_PRIME_TYPE_MERSENNE,	CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
	{	128,	CSSM_FEE_PRIME_TYPE_FEE,		CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
	{	161,	CSSM_FEE_PRIME_TYPE_FEE,		CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
	{	161,	CSSM_FEE_PRIME_TYPE_GENERAL,	CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
	{	192,	CSSM_FEE_PRIME_TYPE_GENERAL,	CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
};
#endif	/* FEE_PROTOTYPE_CURVES */
#define NUM_FEE_CURVES	(sizeof(feeCurves) / sizeof(feeCurveParams))

void randFeeKeyParams(
	CSSM_ALGORITHMS	alg,			// ALGID_FEED, CSSM_ALGID_FEE_MD5, etc.
	uint32			*keySizeInBits,	// RETURNED
	uint32 			*primeType,		// CSSM_FEE_PRIME_TYPE_xxx, RETURNED
	uint32 			*curveType)		// CSSM_FEE_CURVE_TYPE_xxx, RETURNED
{
	unsigned minParams;
	unsigned die;
	feeCurveParams *feeParams;
	
	switch(alg) {
		case CSSM_ALGID_SHA1WithECDSA:
			minParams = NUM_NON_ECDSA_CURVES;
			break;
		default:
			minParams = 0;
			break;
	}
	die = genRand(minParams, (NUM_FEE_CURVES - 1));
	feeParams = &feeCurves[die];
	*keySizeInBits = feeParams->keySizeInBits;
	*primeType = feeParams->primeType;
	*curveType = feeParams->curveType;
}

/*
 * Obtain strings for primeType and curveType.
 */
const char *primeTypeStr(uint32 primeType)
{
	const char *p;
	switch(primeType) {
		case CSSM_FEE_PRIME_TYPE_MERSENNE:
			p = "Mersenne";
			break;
		case CSSM_FEE_PRIME_TYPE_FEE:
			p = "FEE";
			break;
		case CSSM_FEE_PRIME_TYPE_GENERAL:
			p = "General";
			break;
		case CSSM_FEE_PRIME_TYPE_DEFAULT:
			p = "Default";
			break;
		default:
			p = "***UNKNOWN***";
			break;
	}
	return p;
}

const char *curveTypeStr(uint32 curveType)
{
	const char *c;
	switch(curveType) {
		case CSSM_FEE_CURVE_TYPE_DEFAULT:
			c = "Default";
			break;
		case CSSM_FEE_CURVE_TYPE_MONTGOMERY:
			c = "Montgomery";
			break;
		case CSSM_FEE_CURVE_TYPE_WEIERSTRASS:
			c = "Weierstrass";
			break;
		default:
			c = "***UNKNOWN***";
			break;
	}
	return c;
}

/*
 * Perform FEE Key exchange via CSSM_DeriveKey. 
 */
#if 0
/* Not implemented in OS X */
CSSM_RETURN cspFeeKeyExchange(CSSM_CSP_HANDLE cspHand,
	CSSM_KEY_PTR 	privKey,
	CSSM_KEY_PTR 	pubKey,
	CSSM_KEY_PTR 	derivedKey,		// mallocd by caller
	
	/* remaining fields apply to derivedKey */
	uint32 			keyAlg,
	const char 		*keyLabel,
	unsigned 		keyLabelLen,
	uint32 			keyUsage,		// CSSM_KEYUSE_ENCRYPT, etc.
	uint32 			keySizeInBits)
{
	CSSM_CC_HANDLE	dkHand;
	CSSM_RETURN 	crtn;
	CSSM_DATA		labelData;
	
	if(derivedKey == NULL) {
		printf("cspFeeKeyExchange: no derivedKey\n");
		return CSSMERR_CSSM_INTERNAL_ERROR;
	}
	if((pubKey == NULL) ||
	   (pubKey->KeyHeader.KeyClass != CSSM_KEYCLASS_PUBLIC_KEY) ||
	   (pubKey->KeyHeader.BlobType != CSSM_KEYBLOB_RAW)) {
	 	printf("cspFeeKeyExchange: bad pubKey\n");
	 	return CSSMERR_CSSM_INTERNAL_ERROR;
	}
	if((privKey == NULL) ||
	   (privKey->KeyHeader.KeyClass != CSSM_KEYCLASS_PRIVATE_KEY) ||
	   (privKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE)) {
	 	printf("cspFeeKeyExchange: bad privKey\n");
	 	return CSSMERR_CSSM_INTERNAL_ERROR;
	}
	memset(derivedKey, 0, sizeof(CSSM_KEY));
	
	crtn = CSSM_CSP_CreateDeriveKeyContext(cspHand,
		CSSM_ALGID_FEE_KEYEXCH,			// AlgorithmID
		keyAlg,							// alg of the derived key
		keySizeInBits,
		NULL,							// access creds
		// FIXME
		0,								// IterationCount
		NULL,							// Salt
		NULL,							// Seed
		NULL);							// PassPhrase
	if(dkHand == 0) {
		printError("CSSM_CSP_CreateDeriveKeyContext");
		return CSSM_FAIL;
	} 
	labelData.Length = keyLabelLen;
	labelData.Data = (uint8 *)keyLabel;
	crtn = CSSM_DeriveKey(dkHand,
		privKey,
		&pubKey->KeyData,		// Param - pub key blob
		keyUsage,
		CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE |
				  CSSM_KEYATTR_SENSITIVE,
		&labelData,
		derivedKey);
	
	/* FIXME - save/restore error */
	CSSM_DeleteContext(dkHand);
	if(crtn) {
		printError("CSSM_DeriveKey");
	}
	return crtn;
}
#endif

#pragma mark --------- Key/DL/DB support ---------

/*
 * Add a DL/DB handle to a crypto context.
 */
CSSM_RETURN cspAddDlDbToContext(
	CSSM_CC_HANDLE ccHand,
	CSSM_DL_HANDLE dlHand,
	CSSM_DB_HANDLE dbHand)
{
	CSSM_DL_DB_HANDLE dlDb = { dlHand, dbHand };
	return AddContextAttribute(ccHand, 
		CSSM_ATTRIBUTE_DL_DB_HANDLE,
		sizeof(CSSM_ATTRIBUTE_DL_DB_HANDLE),
		CAT_Ptr,
		&dlDb,
		0);
}
	
/* 
 * Common routine to do a basic DB lookup by label and key type.
 * Query is aborted prior to exit.
 */
static CSSM_DB_UNIQUE_RECORD_PTR dlLookup(
	CSSM_DL_DB_HANDLE	dlDbHand,
	const CSSM_DATA		*keyLabel,
	CT_KeyType 			keyType,
	CSSM_HANDLE 		*resultHand,			// RETURNED
	CSSM_DATA_PTR		theData,				// RETURED
	CSSM_DB_RECORDTYPE	*recordType)			// RETURNED
{
	CSSM_QUERY						query;
	CSSM_SELECTION_PREDICATE		predicate;
	CSSM_DB_UNIQUE_RECORD_PTR		record = NULL;
	CSSM_RETURN						crtn;
	
	switch(keyType) {
		case CKT_Public:
			query.RecordType = *recordType = CSSM_DL_DB_RECORD_PUBLIC_KEY;
			break;
		case CKT_Private:
			query.RecordType = *recordType = CSSM_DL_DB_RECORD_PRIVATE_KEY;
			break;
		case CKT_Session:
			query.RecordType = *recordType = CSSM_DL_DB_RECORD_SYMMETRIC_KEY;
			break;
		default:
			printf("Hey bozo! Give me a valid key type!\n");
			return NULL;
	}
	query.Conjunctive = CSSM_DB_NONE;
	query.NumSelectionPredicates = 1;
	predicate.DbOperator = CSSM_DB_EQUAL;
	
	predicate.Attribute.Info.AttributeNameFormat = 
		CSSM_DB_ATTRIBUTE_NAME_AS_STRING;
	predicate.Attribute.Info.Label.AttributeName = (char *) "Label";
	predicate.Attribute.Info.AttributeFormat = CSSM_DB_ATTRIBUTE_FORMAT_BLOB;
	/* hope this cast is OK */
	predicate.Attribute.Value = (CSSM_DATA_PTR)keyLabel;
	query.SelectionPredicate = &predicate;
	
	query.QueryLimits.TimeLimit = 0;	// FIXME - meaningful?
	query.QueryLimits.SizeLimit = 1;	// FIXME - meaningful?
	query.QueryFlags = CSSM_QUERY_RETURN_DATA;	// FIXME - used?
	
	crtn = CSSM_DL_DataGetFirst(dlDbHand,
		&query,
		resultHand,
		NULL,
		theData,
		&record);
	/* abort only on success */
	if(crtn == CSSM_OK) {
		crtn = CSSM_DL_DataAbortQuery(dlDbHand, *resultHand);
		if(crtn) {
			printError("CSSM_DL_AbortQuery", crtn);
			return NULL;
		}
	}
	return record;
}

/*
 * Look up a key by label and type.
 */
CSSM_KEY_PTR cspLookUpKeyByLabel(
	CSSM_DL_HANDLE dlHand, 
	CSSM_DB_HANDLE dbHand, 
	const CSSM_DATA *labelData, 
	CT_KeyType keyType)
{
	CSSM_DB_UNIQUE_RECORD_PTR	record;
	CSSM_HANDLE					resultHand;
	CSSM_DATA					theData;
	CSSM_KEY_PTR				key;
	CSSM_DB_RECORDTYPE 			recordType;
	CSSM_DL_DB_HANDLE			dlDbHand;
	
	dlDbHand.DLHandle = dlHand;
	dlDbHand.DBHandle = dbHand;
	
	theData.Length = 0;
	theData.Data = NULL;
	
	record = dlLookup(dlDbHand,
		labelData,
		keyType,
		&resultHand,
		&theData,
		&recordType);
	if(record == NULL) {
		//printf("cspLookUpKeyByLabel: key not found\n");
		return NULL;
	}
	key = (CSSM_KEY_PTR)theData.Data;
	CSSM_DL_FreeUniqueRecord(dlDbHand, record);
	return key;
}

/*
 * Delete and free a key 
 */
CSSM_RETURN cspDeleteKey(
	CSSM_CSP_HANDLE		cspHand,		// for free
	CSSM_DL_HANDLE		dlHand,			// for delete
	CSSM_DB_HANDLE		dbHand,			// ditto
	const CSSM_DATA 	*labelData, 
	CSSM_KEY_PTR		key)
{
	CSSM_DB_UNIQUE_RECORD_PTR	record;
	CSSM_HANDLE					resultHand;
	CT_KeyType					keyType;
	CSSM_RETURN					crtn = CSSM_OK;
	CSSM_DB_RECORDTYPE 			recordType;
	CSSM_DL_DB_HANDLE			dlDbHand;
	
	if(key->KeyHeader.KeyAttr & CSSM_KEYATTR_PERMANENT) {
		/* first do a lookup based in this key's fields */
		switch(key->KeyHeader.KeyClass) {
			case CSSM_KEYCLASS_PUBLIC_KEY:
				keyType = CKT_Public;
				break;
			case CSSM_KEYCLASS_PRIVATE_KEY:
				keyType = CKT_Private;
				break;
			case CSSM_KEYCLASS_SESSION_KEY:
				keyType = CKT_Session;
				break;
			default:
				printf("Hey bozo! Give me a valid key type!\n");
				return -1;
		}

		dlDbHand.DLHandle = dlHand;
		dlDbHand.DBHandle = dbHand;
		
		record = dlLookup(dlDbHand,
			labelData,
			keyType,
			&resultHand,
			NULL,			// don't want actual data
			&recordType);
		if(record == NULL) {
			printf("cspDeleteKey: key not found in DL\n");
			return CSSMERR_DL_RECORD_NOT_FOUND;
		}
		
		/* OK, nuke it */
		crtn = CSSM_DL_DataDelete(dlDbHand, record);
		if(crtn) {
			printError("CSSM_DL_DataDelete", crtn);
		}
		CSSM_DL_FreeUniqueRecord(dlDbHand, record);
	}
		
	/* CSSM_FreeKey() should fail due to the delete, but it will
	 * still free KeyData....
	 * FIXME - we should be able to do this in this one single call - right?
	 */
	CSSM_FreeKey(cspHand, NULL, key, CSSM_FALSE);

	return crtn;
}

/*
 * Given any key in either blob or reference format,
 * obtain the associated SHA-1 hash. 
 */
CSSM_RETURN cspKeyHash(
	CSSM_CSP_HANDLE		cspHand,	
	const CSSM_KEY_PTR	key,			/* public key */
	CSSM_DATA_PTR		*hashData)		/* hash mallocd and RETURNED here */
{
	CSSM_CC_HANDLE		ccHand;
	CSSM_RETURN			crtn;
	CSSM_DATA_PTR		dp;
	
	*hashData = NULL;
	
	/* validate input params */
	if((key == NULL) ||
	   (hashData == NULL)) {
	   	printf("cspKeyHash: bogus args\n");
		return CSSMERR_CSSM_INTERNAL_ERROR;				
	}
	
	/* cook up a context for a passthrough op */
	crtn = CSSM_CSP_CreatePassThroughContext(cspHand,
	 	key,
		&ccHand);
	if(ccHand == 0) {
		printError("CSSM_CSP_CreatePassThroughContext", crtn);
		return crtn;
	}
	
	/* now it's up to the CSP */
	crtn = CSSM_CSP_PassThrough(ccHand,
		CSSM_APPLECSP_KEYDIGEST,
		NULL,
		(void **)&dp);
	if(crtn) {
		printError("CSSM_CSP_PassThrough(PUBKEYHASH)", crtn);
	}
	else {
		*hashData = dp;
		crtn = CSSM_OK;
	}
	CSSM_DeleteContext(ccHand);
	return crtn;
}

Added LocalTests/utilLib/cspwrap.h.



























































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
/* Copyright 1997 Apple Computer, Inc.
 *
 * cspwrap.h - wrappers to simplify access to CDSA
 *
 * Revision History
 * ----------------
 *   3 May 2000 Doug Mitchell
 *		Ported to X/CDSA2.
 *  12 Aug 1997	Doug Mitchell at Apple
 *		Created.
 */
 
#ifndef	_CSPWRAP_H_
#define _CSPWRAP_H_
#include <Security/cssm.h>

#ifdef	__cplusplus
extern "C" {
#endif

/* 
 * Bug/feature workaround flags
 */
 
/* 
 * Doing a WrapKey requires Access Creds, which should be 
 * optional. Looks like this is not a bug.
 */
#define WRAP_KEY_REQUIRES_CREDS	1

/*
 * encrypt/decrypt - cook up a context handle
 */
CSSM_CC_HANDLE genCryptHandle(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for symmetric algs
		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
		const CSSM_KEY *key0,
		const CSSM_KEY *key1,				// for CSSM_ALGID_FEED only - must be the 
											// public key
		const CSSM_DATA *iv,				// optional
		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
		uint32 rounds);						// ditto
/*
 * Key generation
 */
/*
 * Specifying a keySize of CSP_KEY_SIZE_DEFAULT results in using the default
 * key size for the specified algorithm.
 */
#define CSP_KEY_SIZE_DEFAULT		0

/* symmetric key sizes in bits */
#define CSP_ASC_KEY_SIZE_DEFAULT	(16 * 8)
#define CSP_DES_KEY_SIZE_DEFAULT	(8 * 8)
#define CSP_DES3_KEY_SIZE_DEFAULT	(24 * 8)
#define CSP_RC2_KEY_SIZE_DEFAULT	(10 * 8)
#define CSP_RC4_KEY_SIZE_DEFAULT	(10 * 8)
#define CSP_RC5_KEY_SIZE_DEFAULT	(10 * 8)
#define CSP_AES_KEY_SIZE_DEFAULT	128
#define CSP_BFISH_KEY_SIZE_DEFAULT	128
#define CSP_CAST_KEY_SIZE_DEFAULT	128
#define CSP_IDEA_KEY_SIZE_DEFAULT	128				/* fixed */
#define CSP_HMAC_SHA_KEY_SIZE_DEFAULT	(20 * 8)
#define CSP_HMAC_MD5_KEY_SIZE_DEFAULT	(16 * 8)
#define CSP_NULL_CRYPT_KEY_SIZE_DEF	(16 * 8)

/* asymmetric key sizes in bits */
/* note: we now use AI_RSAStrongKeyGen for RSA key pair 
 * generate; this requires at least 512 bits and also that
 * the key size be a multiple of 16. */
#define CSP_FEE_KEY_SIZE_DEFAULT	128

#define CSP_RSA_KEY_SIZE_DEFAULT	1024		/* min for SHA512/RSA */
#define CSP_DSA_KEY_SIZE_DEFAULT	512

/*
 * Generate key pair of arbitrary algorithm. 
 */
extern CSSM_RETURN cspGenKeyPair(CSSM_CSP_HANDLE cspHand,	
	uint32 algorithm,
	const char *keyLabel,
	unsigned keyLabelLen,
	uint32 keySizeInBits,
	CSSM_KEY_PTR pubKey,			// mallocd by caller
	CSSM_BOOL pubIsRef,				// true - reference key, false - data
	uint32 pubKeyUsage,				// CSSM_KEYUSE_ENCRYPT, etc.
	CSSM_KEYBLOB_FORMAT pubFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
									//   to get the default format. 
	CSSM_KEY_PTR privKey,			// mallocd by caller - always returned as ref
	CSSM_BOOL privIsRef,			// true - reference key, false - data
	uint32 privKeyUsage,			// CSSM_KEYUSE_DECRYPT, etc.
	CSSM_KEYBLOB_FORMAT privFormat,	// optional 0 ==> default
	CSSM_BOOL genSeed);				// FEE only. True: we generate seed and CSP
									//   will hash it. False: CSP generates random 
									//   seed. 

/*
 * Generate FEE key pair with optional primeType, curveType, and seed (password) data.
 */
extern CSSM_RETURN cspGenFEEKeyPair(CSSM_CSP_HANDLE cspHand,
	const char *keyLabel,
	unsigned keyLabelLen,
	uint32 keySize,					// in bits
	uint32 primeType,				// CSSM_FEE_PRIME_TYPE_MERSENNE, etc.
	uint32 curveType,				// CSSM_FEE_CURVE_TYPE_MONTGOMERY, etc.
	CSSM_KEY_PTR pubKey,			// mallocd by caller
	CSSM_BOOL pubIsRef,				// true - reference key, false - data
	uint32 pubKeyUsage,				// CSSM_KEYUSE_ENCRYPT, etc.
	CSSM_KEYBLOB_FORMAT pubFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
									//   to get the default format. 
	CSSM_KEY_PTR privKey,			// mallocd by caller
	CSSM_BOOL privIsRef,			// true - reference key, false - data
	uint32 privKeyUsage,			// CSSM_KEYUSE_DECRYPT, etc.
	CSSM_KEYBLOB_FORMAT privFormat,	// optional 0 ==> default
	const CSSM_DATA *seedData);		// Present: CSP will hash this for private data.
									// NULL: CSP generates random seed. 

/*
 * Generate DSA key pair with optional generateAlgParams.
 */
extern CSSM_RETURN cspGenDSAKeyPair(CSSM_CSP_HANDLE cspHand,
	const char *keyLabel,
	unsigned keyLabelLen,
	uint32 keySize,					// in bits
	CSSM_KEY_PTR pubKey,			// mallocd by caller
	CSSM_BOOL pubIsRef,				// true - reference key, false - data
	uint32 pubKeyUsage,				// CSSM_KEYUSE_ENCRYPT, etc.
	CSSM_KEYBLOB_FORMAT pubFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
									//   to get the default format. 
	CSSM_KEY_PTR privKey,			// mallocd by caller
	CSSM_BOOL privIsRef,			// true - reference key, false - data
	uint32 privKeyUsage,			// CSSM_KEYUSE_DECRYPT, etc.
	CSSM_KEYBLOB_FORMAT privFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
									//   to get the default format. 
	CSSM_BOOL genParams,
	CSSM_DATA_PTR paramData);		// optional

/*
 * Create a symmetric key.
 */
extern CSSM_KEY_PTR cspGenSymKey(CSSM_CSP_HANDLE cspHand,
		uint32 				alg,
		const char 			*keyLabel,
		unsigned 			keyLabelLen,
		uint32 				keyUsage,		// CSSM_KEYUSE_ENCRYPT, etc.
		uint32 				keySizeInBits,
		CSSM_BOOL			refKey); // true - reference key, false - data

/*
 * Derive symmetric key using PBE.
 */
CSSM_KEY_PTR cspDeriveKey(CSSM_CSP_HANDLE cspHand,
		uint32 				deriveAlg,		// CSSM_ALGID_MD5_PBE, etc.
		uint32				keyAlg,			// CSSM_ALGID_RC5, etc.
		const char 			*keyLabel,
		unsigned 			keyLabelLen,
		uint32 				keyUsage,		// CSSM_KEYUSE_ENCRYPT, etc.
		uint32 				keySizeInBits,
		CSSM_BOOL			isRefKey,
		CSSM_DATA_PTR		password,		// in PKCS-5 lingo
		CSSM_DATA_PTR		salt,			// ditto
		uint32				iterationCnt,	// ditto
		CSSM_DATA_PTR		initVector);	// mallocd & RETURNED

/*
 * Encrypt/Decrypt - these work for both symmetric and asymmetric algorithms.
 */
CSSM_RETURN cspEncrypt(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for 
											//    symmetric algs
		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
		const CSSM_KEY *key,				// public or session key
		const CSSM_KEY *pubKey,				// for CSSM_ALGID_{FEED,FEECFILE} only
		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
		uint32 rounds,						// ditto
		const CSSM_DATA *iv,				// init vector, optional
		const CSSM_DATA *ptext,
		CSSM_DATA_PTR ctext,				// RETURNED
		CSSM_BOOL mallocCtext);
		
CSSM_RETURN cspStagedEncrypt(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for 
											//    symmetric algs
		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
		const CSSM_KEY *key,				// public or session key
		const CSSM_KEY *pubKey,				// for CSSM_ALGID_{FEED,FEECFILE} only
		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
		uint32 cipherBlockSize,				// ditto, block size in bytes
		uint32 rounds,						// ditto
		const CSSM_DATA *iv,				// init vector, optional
		const CSSM_DATA *ptext,
		CSSM_DATA_PTR ctext,				// RETURNED, we malloc
		CSSM_BOOL multiUpdates);			// false:single update, true:multi updates
		
CSSM_RETURN cspDecrypt(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for 
											//    symmetric algs
		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
		const CSSM_KEY *key,				// private or session key
		const CSSM_KEY *pubKey,				// for CSSM_ALGID_{FEED,FEECFILE} only
		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
		uint32 rounds,						// ditto
		const CSSM_DATA *iv,				// init vector, optional
		const CSSM_DATA *ctext,
		CSSM_DATA_PTR ptext,				// RETURNED
		CSSM_BOOL mallocPtext);
		
CSSM_RETURN cspStagedDecrypt(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for 
											//    symmetric algs
		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
		const CSSM_KEY *key,				// private or session key
		const CSSM_KEY *pubKey,				// for CSSM_ALGID_{FEED,FEECFILE} only
		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
		uint32 cipherBlockSize,				// ditto, block size in bytes
		uint32 rounds,						// ditto
		const CSSM_DATA *iv,				// init vector, optional
		const CSSM_DATA *ctext,
		CSSM_DATA_PTR ptext,				// RETURNED, we malloc
		CSSM_BOOL multiUpdates);			// false:single update, true:multi updates

/*
 * Signature routines
 */
CSSM_RETURN cspSign(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
		CSSM_KEY_PTR key,					// private key
		const CSSM_DATA *text,
		CSSM_DATA_PTR sig);					// RETURNED
CSSM_RETURN cspStagedSign(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
		CSSM_KEY_PTR key,					// private key
		const CSSM_DATA *text,
		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
		CSSM_DATA_PTR sig);					// RETURNED
CSSM_RETURN cspSigVerify(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
		CSSM_KEY_PTR key,					// public key
		const CSSM_DATA *text,
		const CSSM_DATA *sig,
		CSSM_RETURN expectResult);			// expected result is verify failure
											// CSSM_OK - expect success
CSSM_RETURN cspStagedSigVerify(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
		CSSM_KEY_PTR key,					// private key
		const CSSM_DATA *text,
		const CSSM_DATA *sig,
		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
		CSSM_RETURN expectResult);			// expected result is verify failure
											// CSSM_OK - expect success

/*
 * MAC routines
 */
CSSM_RETURN cspGenMac(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_DES, etc.
		CSSM_KEY_PTR key,					// session key
		const CSSM_DATA *text,
		CSSM_DATA_PTR mac);					// RETURNED
CSSM_RETURN cspStagedGenMac(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
		CSSM_KEY_PTR key,					// private key
		const CSSM_DATA *text,
		CSSM_BOOL mallocMac,				// if true and digest->Length = 0, we'll 
											//		malloc
		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
		CSSM_DATA_PTR mac);					// RETURNED
CSSM_RETURN cspMacVerify(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					
		CSSM_KEY_PTR key,					// public key
		const CSSM_DATA *text,
		const CSSM_DATA_PTR mac,
		CSSM_RETURN expectResult);		
CSSM_RETURN cspStagedMacVerify(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					
		CSSM_KEY_PTR key,					// private key
		const CSSM_DATA *text,
		const CSSM_DATA_PTR mac,
		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
		CSSM_RETURN expectResult);			

/*
 * Digest functions
 */
CSSM_RETURN cspDigest(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_MD5, etc.
		CSSM_BOOL mallocDigest,				// if true and digest->Length = 0, we'll malloc
		const CSSM_DATA *text,
		CSSM_DATA_PTR digest);
CSSM_RETURN cspStagedDigest(CSSM_CSP_HANDLE cspHand,
		uint32 algorithm,					// CSSM_ALGID_MD5, etc.
		CSSM_BOOL mallocDigest,				// if true and digest->Length = 0, we'll malloc
		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
		const CSSM_DATA *text,
		CSSM_DATA_PTR digest);
CSSM_RETURN	cspFreeKey(CSSM_CSP_HANDLE cspHand,
	CSSM_KEY_PTR key);

/*
 * Perform FEE Key exchange via CSSM_DeriveKey. 
 */
CSSM_RETURN cspFeeKeyExchange(CSSM_CSP_HANDLE cspHand,
	CSSM_KEY_PTR 	privKey,
	CSSM_KEY_PTR 	pubKey,
	CSSM_KEY_PTR 	derivedKey,		// mallocd by caller
	
	/* remaining fields apply to derivedKey */
	uint32 			keyAlg,
	const char 		*keyLabel,
	unsigned 		keyLabelLen,
	uint32 			keyUsage,		// CSSM_KEYUSE_ENCRYPT, etc.
	uint32 			keySizeInBits);

/* 
 * wrap/unwrap key functions. 
 */
CSSM_RETURN cspWrapKey(CSSM_CSP_HANDLE cspHand,
	const CSSM_KEY			*unwrappedKey,	
	const CSSM_KEY			*wrappingKey,
	CSSM_ALGORITHMS			wrapAlg,
	CSSM_ENCRYPT_MODE		wrapMode,
	CSSM_KEYBLOB_FORMAT		wrapFormat,			// NONE, PKCS7, PKCS8
	CSSM_PADDING			wrapPad,
	CSSM_DATA_PTR			initVector,			// for some wrapping algs
	CSSM_DATA_PTR			descrData,			// optional 
	CSSM_KEY_PTR			wrappedKey);		// RETURNED
CSSM_RETURN cspUnwrapKey(CSSM_CSP_HANDLE cspHand,
	const CSSM_KEY			*wrappedKey,
	const CSSM_KEY			*unwrappingKey,
	CSSM_ALGORITHMS			unwrapAlg,
	CSSM_ENCRYPT_MODE		unwrapMode,
	CSSM_PADDING 			unwrapPad,
	CSSM_DATA_PTR			initVector,			// for some wrapping algs
	CSSM_KEY_PTR			unwrappedKey,		// RETURNED
	CSSM_DATA_PTR			descrData,			// required
	const char 				*keyLabel,
	unsigned 				keyLabelLen);

/* generate a random and reasonable key size in bits for specified CSSM algorithm */
typedef enum {
	OT_Sign,
	OT_Encrypt,
	OT_KeyExch
} opType;

#define MAX_KEY_SIZE_RC245_BYTES		64	/* max bytes, RC2, RC4, RC5 */

uint32 randKeySizeBits(uint32 alg, opType op);
uint32 cspDefaultKeySize(uint32 alg);

/*
 * Generate random key size, primeType, curveType for FEE key for specified op.
 */
void randFeeKeyParams(
	CSSM_ALGORITHMS	alg,			// ALGID_FEED, CSSM_ALGID_FEE_MD5, etc.
	uint32			*keySizeInBits,	// RETURNED
	uint32 			*primeType,		// CSSM_FEE_PRIME_TYPE_xxx, RETURNED
	uint32 			*curveType);	// CSSM_FEE_CURVE_TYPE_xxx, RETURNED

/*
 * Obtain strings for primeType and curveType.
 */
const char *primeTypeStr(uint32 primeType);
const char *curveTypeStr(uint32 curveType);

/*
 * Given any key in either blob or reference format,
 * obtain the associated SHA-1 hash. 
 */
CSSM_RETURN cspKeyHash(
	CSSM_CSP_HANDLE		cspHand,	
	const CSSM_KEY_PTR	key,			/* public key */
	CSSM_DATA_PTR		*hashData);		/* hash mallocd and RETURNED here */

/* wrap ref key --> raw key */
CSSM_RETURN cspRefKeyToRaw(
	CSSM_CSP_HANDLE cspHand,
	const CSSM_KEY *refKey,
	CSSM_KEY_PTR rawKey);				// init'd and RETURNED

/* unwrap raw key --> ref */
CSSM_RETURN cspRawKeyToRef(
	CSSM_CSP_HANDLE cspHand,
	const CSSM_KEY *rawKey,
	CSSM_KEY_PTR refKey);				// init'd and RETURNED

/*
 * Cook up a symmetric key with specified key bits and other
 * params. Currently the CSPDL can only deal with reference keys except when
 * doing wrap/unwrap, so we manually cook up a raw key, then we null-unwrap it. 
 */
CSSM_RETURN cspGenSymKeyWithBits(
	CSSM_CSP_HANDLE		cspHand,
	CSSM_ALGORITHMS		keyAlg,
	CSSM_KEYUSE			keyUsage,
	const CSSM_DATA		*keyBits,
	unsigned			keySizeInBytes,
	CSSM_KEY_PTR		refKey);			// init'd and RETURNED

/*
 * Add a DL/DB handle to a crypto context.
 */
CSSM_RETURN cspAddDlDbToContext(
	CSSM_CC_HANDLE ccHand,
	CSSM_DL_HANDLE dlHand,
	CSSM_DB_HANDLE dbHand);

/*
 * Look up a key by label and type.
 */
typedef enum {
	CKT_Public = 1,
	CKT_Private = 2,
	CKT_Session = 3
	/* any others? */
} CT_KeyType;

CSSM_KEY_PTR cspLookUpKeyByLabel(
	CSSM_DL_HANDLE dlHand, 
	CSSM_DB_HANDLE dbHand, 
	const CSSM_DATA *labelData, 
	CT_KeyType keyType);

/*
 * Delete and free a key 
 */
CSSM_RETURN cspDeleteKey(
	CSSM_CSP_HANDLE		cspHand,		// for free
	CSSM_DL_HANDLE		dlHand,			// for delete
	CSSM_DB_HANDLE		dbHand,			// ditto
	const CSSM_DATA 	*labelData, 
	CSSM_KEY_PTR		key);

// temp hack
#define	CSSM_ALGID_FEECFILE		(CSSM_ALGID_VENDOR_DEFINED + 102)

#ifdef	__cplusplus
}
#endif
#endif	/* _CSPWRAP_H_ */

Added LocalTests/utilLib/cssmErrorStrings.h.









































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
/*
 * This file autogenerated by genErrorStrings. Do not edit. 
 */

#include <Security/Security.h>

typedef struct {
	CSSM_RETURN errCode;
	const char *errStr;
} ErrString;

static const ErrString errStrings[] = {
	{ CSSM_OK,"CSSM_OK"},
	/* Error codes from cssmerr.h */
	{ CSSMERR_CSSM_INVALID_ADDIN_HANDLE,"CSSMERR_CSSM_INVALID_ADDIN_HANDLE"},
	{ CSSMERR_CSSM_NOT_INITIALIZED,"CSSMERR_CSSM_NOT_INITIALIZED"},
	{ CSSMERR_CSSM_INVALID_HANDLE_USAGE,"CSSMERR_CSSM_INVALID_HANDLE_USAGE"},
	{ CSSMERR_CSSM_PVC_REFERENT_NOT_FOUND,"CSSMERR_CSSM_PVC_REFERENT_NOT_FOUND"},
	{ CSSMERR_CSSM_FUNCTION_INTEGRITY_FAIL,"CSSMERR_CSSM_FUNCTION_INTEGRITY_FAIL"},
	{ CSSMERR_CSSM_INTERNAL_ERROR,"CSSMERR_CSSM_INTERNAL_ERROR"},
	{ CSSMERR_CSSM_MEMORY_ERROR,"CSSMERR_CSSM_MEMORY_ERROR"},
	{ CSSMERR_CSSM_MDS_ERROR,"CSSMERR_CSSM_MDS_ERROR"},
	{ CSSMERR_CSSM_INVALID_POINTER,"CSSMERR_CSSM_INVALID_POINTER"},
	{ CSSMERR_CSSM_INVALID_INPUT_POINTER,"CSSMERR_CSSM_INVALID_INPUT_POINTER"},
	{ CSSMERR_CSSM_INVALID_OUTPUT_POINTER,"CSSMERR_CSSM_INVALID_OUTPUT_POINTER"},
	{ CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED,"CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED"},
	{ CSSMERR_CSSM_SELF_CHECK_FAILED,"CSSMERR_CSSM_SELF_CHECK_FAILED"},
	{ CSSMERR_CSSM_OS_ACCESS_DENIED,"CSSMERR_CSSM_OS_ACCESS_DENIED"},
	{ CSSMERR_CSSM_FUNCTION_FAILED,"CSSMERR_CSSM_FUNCTION_FAILED"},
	{ CSSMERR_CSSM_MODULE_MANIFEST_VERIFY_FAILED,"CSSMERR_CSSM_MODULE_MANIFEST_VERIFY_FAILED"},
	{ CSSMERR_CSSM_INVALID_GUID,"CSSMERR_CSSM_INVALID_GUID"},
	{ CSSMERR_CSSM_INVALID_CONTEXT_HANDLE,"CSSMERR_CSSM_INVALID_CONTEXT_HANDLE"},
	{ CSSMERR_CSSM_INCOMPATIBLE_VERSION,"CSSMERR_CSSM_INCOMPATIBLE_VERSION"},
	{ CSSMERR_CSSM_PRIVILEGE_NOT_GRANTED,"CSSMERR_CSSM_PRIVILEGE_NOT_GRANTED"},
	{ CSSMERR_CSSM_SCOPE_NOT_SUPPORTED,"CSSMERR_CSSM_SCOPE_NOT_SUPPORTED"},
	{ CSSMERR_CSSM_PVC_ALREADY_CONFIGURED,"CSSMERR_CSSM_PVC_ALREADY_CONFIGURED"},
	{ CSSMERR_CSSM_INVALID_PVC,"CSSMERR_CSSM_INVALID_PVC"},
	{ CSSMERR_CSSM_EMM_LOAD_FAILED,"CSSMERR_CSSM_EMM_LOAD_FAILED"},
	{ CSSMERR_CSSM_EMM_UNLOAD_FAILED,"CSSMERR_CSSM_EMM_UNLOAD_FAILED"},
	{ CSSMERR_CSSM_ADDIN_LOAD_FAILED,"CSSMERR_CSSM_ADDIN_LOAD_FAILED"},
	{ CSSMERR_CSSM_INVALID_KEY_HIERARCHY,"CSSMERR_CSSM_INVALID_KEY_HIERARCHY"},
	{ CSSMERR_CSSM_ADDIN_UNLOAD_FAILED,"CSSMERR_CSSM_ADDIN_UNLOAD_FAILED"},
	{ CSSMERR_CSSM_LIB_REF_NOT_FOUND,"CSSMERR_CSSM_LIB_REF_NOT_FOUND"},
	{ CSSMERR_CSSM_INVALID_ADDIN_FUNCTION_TABLE,"CSSMERR_CSSM_INVALID_ADDIN_FUNCTION_TABLE"},
	{ CSSMERR_CSSM_EMM_AUTHENTICATE_FAILED,"CSSMERR_CSSM_EMM_AUTHENTICATE_FAILED"},
	{ CSSMERR_CSSM_ADDIN_AUTHENTICATE_FAILED,"CSSMERR_CSSM_ADDIN_AUTHENTICATE_FAILED"},
	{ CSSMERR_CSSM_INVALID_SERVICE_MASK,"CSSMERR_CSSM_INVALID_SERVICE_MASK"},
	{ CSSMERR_CSSM_MODULE_NOT_LOADED,"CSSMERR_CSSM_MODULE_NOT_LOADED"},
	{ CSSMERR_CSSM_INVALID_SUBSERVICEID,"CSSMERR_CSSM_INVALID_SUBSERVICEID"},
	{ CSSMERR_CSSM_BUFFER_TOO_SMALL,"CSSMERR_CSSM_BUFFER_TOO_SMALL"},
	{ CSSMERR_CSSM_INVALID_ATTRIBUTE,"CSSMERR_CSSM_INVALID_ATTRIBUTE"},
	{ CSSMERR_CSSM_ATTRIBUTE_NOT_IN_CONTEXT,"CSSMERR_CSSM_ATTRIBUTE_NOT_IN_CONTEXT"},
	{ CSSMERR_CSSM_MODULE_MANAGER_INITIALIZE_FAIL,"CSSMERR_CSSM_MODULE_MANAGER_INITIALIZE_FAIL"},
	{ CSSMERR_CSSM_MODULE_MANAGER_NOT_FOUND,"CSSMERR_CSSM_MODULE_MANAGER_NOT_FOUND"},
	{ CSSMERR_CSSM_EVENT_NOTIFICATION_CALLBACK_NOT_FOUND,"CSSMERR_CSSM_EVENT_NOTIFICATION_CALLBACK_NOT_FOUND"},
	{ CSSMERR_CSP_INTERNAL_ERROR,"CSSMERR_CSP_INTERNAL_ERROR"},
	{ CSSMERR_CSP_MEMORY_ERROR,"CSSMERR_CSP_MEMORY_ERROR"},
	{ CSSMERR_CSP_MDS_ERROR,"CSSMERR_CSP_MDS_ERROR"},
	{ CSSMERR_CSP_INVALID_POINTER,"CSSMERR_CSP_INVALID_POINTER"},
	{ CSSMERR_CSP_INVALID_INPUT_POINTER,"CSSMERR_CSP_INVALID_INPUT_POINTER"},
	{ CSSMERR_CSP_INVALID_OUTPUT_POINTER,"CSSMERR_CSP_INVALID_OUTPUT_POINTER"},
	{ CSSMERR_CSP_FUNCTION_NOT_IMPLEMENTED,"CSSMERR_CSP_FUNCTION_NOT_IMPLEMENTED"},
	{ CSSMERR_CSP_SELF_CHECK_FAILED,"CSSMERR_CSP_SELF_CHECK_FAILED"},
	{ CSSMERR_CSP_OS_ACCESS_DENIED,"CSSMERR_CSP_OS_ACCESS_DENIED"},
	{ CSSMERR_CSP_FUNCTION_FAILED,"CSSMERR_CSP_FUNCTION_FAILED"},
	{ CSSMERR_CSP_OPERATION_AUTH_DENIED,"CSSMERR_CSP_OPERATION_AUTH_DENIED"},
	{ CSSMERR_CSP_OBJECT_USE_AUTH_DENIED,"CSSMERR_CSP_OBJECT_USE_AUTH_DENIED"},
	{ CSSMERR_CSP_OBJECT_MANIP_AUTH_DENIED,"CSSMERR_CSP_OBJECT_MANIP_AUTH_DENIED"},
	{ CSSMERR_CSP_OBJECT_ACL_NOT_SUPPORTED,"CSSMERR_CSP_OBJECT_ACL_NOT_SUPPORTED"},
	{ CSSMERR_CSP_OBJECT_ACL_REQUIRED,"CSSMERR_CSP_OBJECT_ACL_REQUIRED"},
	{ CSSMERR_CSP_INVALID_ACCESS_CREDENTIALS,"CSSMERR_CSP_INVALID_ACCESS_CREDENTIALS"},
	{ CSSMERR_CSP_INVALID_ACL_BASE_CERTS,"CSSMERR_CSP_INVALID_ACL_BASE_CERTS"},
	{ CSSMERR_CSP_ACL_BASE_CERTS_NOT_SUPPORTED,"CSSMERR_CSP_ACL_BASE_CERTS_NOT_SUPPORTED"},
	{ CSSMERR_CSP_INVALID_SAMPLE_VALUE,"CSSMERR_CSP_INVALID_SAMPLE_VALUE"},
	{ CSSMERR_CSP_SAMPLE_VALUE_NOT_SUPPORTED,"CSSMERR_CSP_SAMPLE_VALUE_NOT_SUPPORTED"},
	{ CSSMERR_CSP_INVALID_ACL_SUBJECT_VALUE,"CSSMERR_CSP_INVALID_ACL_SUBJECT_VALUE"},
	{ CSSMERR_CSP_ACL_SUBJECT_TYPE_NOT_SUPPORTED,"CSSMERR_CSP_ACL_SUBJECT_TYPE_NOT_SUPPORTED"},
	{ CSSMERR_CSP_INVALID_ACL_CHALLENGE_CALLBACK,"CSSMERR_CSP_INVALID_ACL_CHALLENGE_CALLBACK"},
	{ CSSMERR_CSP_ACL_CHALLENGE_CALLBACK_FAILED,"CSSMERR_CSP_ACL_CHALLENGE_CALLBACK_FAILED"},
	{ CSSMERR_CSP_INVALID_ACL_ENTRY_TAG,"CSSMERR_CSP_INVALID_ACL_ENTRY_TAG"},
	{ CSSMERR_CSP_ACL_ENTRY_TAG_NOT_FOUND,"CSSMERR_CSP_ACL_ENTRY_TAG_NOT_FOUND"},
	{ CSSMERR_CSP_INVALID_ACL_EDIT_MODE,"CSSMERR_CSP_INVALID_ACL_EDIT_MODE"},
	{ CSSMERR_CSP_ACL_CHANGE_FAILED,"CSSMERR_CSP_ACL_CHANGE_FAILED"},
	{ CSSMERR_CSP_INVALID_NEW_ACL_ENTRY,"CSSMERR_CSP_INVALID_NEW_ACL_ENTRY"},
	{ CSSMERR_CSP_INVALID_NEW_ACL_OWNER,"CSSMERR_CSP_INVALID_NEW_ACL_OWNER"},
	{ CSSMERR_CSP_ACL_DELETE_FAILED,"CSSMERR_CSP_ACL_DELETE_FAILED"},
	{ CSSMERR_CSP_ACL_REPLACE_FAILED,"CSSMERR_CSP_ACL_REPLACE_FAILED"},
	{ CSSMERR_CSP_ACL_ADD_FAILED,"CSSMERR_CSP_ACL_ADD_FAILED"},
	{ CSSMERR_CSP_INVALID_CONTEXT_HANDLE,"CSSMERR_CSP_INVALID_CONTEXT_HANDLE"},
	{ CSSMERR_CSP_PRIVILEGE_NOT_GRANTED,"CSSMERR_CSP_PRIVILEGE_NOT_GRANTED"},
	{ CSSMERR_CSP_INVALID_DATA,"CSSMERR_CSP_INVALID_DATA"},
	{ CSSMERR_CSP_INVALID_PASSTHROUGH_ID,"CSSMERR_CSP_INVALID_PASSTHROUGH_ID"},
	{ CSSMERR_CSP_INVALID_CRYPTO_DATA,"CSSMERR_CSP_INVALID_CRYPTO_DATA"},
	{ CSSMERR_CSP_INPUT_LENGTH_ERROR,"CSSMERR_CSP_INPUT_LENGTH_ERROR"},
	{ CSSMERR_CSP_OUTPUT_LENGTH_ERROR,"CSSMERR_CSP_OUTPUT_LENGTH_ERROR"},
	{ CSSMERR_CSP_PRIVILEGE_NOT_SUPPORTED,"CSSMERR_CSP_PRIVILEGE_NOT_SUPPORTED"},
	{ CSSMERR_CSP_DEVICE_ERROR,"CSSMERR_CSP_DEVICE_ERROR"},
	{ CSSMERR_CSP_DEVICE_MEMORY_ERROR,"CSSMERR_CSP_DEVICE_MEMORY_ERROR"},
	{ CSSMERR_CSP_ATTACH_HANDLE_BUSY,"CSSMERR_CSP_ATTACH_HANDLE_BUSY"},
	{ CSSMERR_CSP_NOT_LOGGED_IN,"CSSMERR_CSP_NOT_LOGGED_IN"},
	{ CSSMERR_CSP_INVALID_KEY,"CSSMERR_CSP_INVALID_KEY"},
	{ CSSMERR_CSP_INVALID_KEY_REFERENCE,"CSSMERR_CSP_INVALID_KEY_REFERENCE"},
	{ CSSMERR_CSP_INVALID_KEY_CLASS,"CSSMERR_CSP_INVALID_KEY_CLASS"},
	{ CSSMERR_CSP_ALGID_MISMATCH,"CSSMERR_CSP_ALGID_MISMATCH"},
	{ CSSMERR_CSP_KEY_USAGE_INCORRECT,"CSSMERR_CSP_KEY_USAGE_INCORRECT"},
	{ CSSMERR_CSP_KEY_BLOB_TYPE_INCORRECT,"CSSMERR_CSP_KEY_BLOB_TYPE_INCORRECT"},
	{ CSSMERR_CSP_KEY_HEADER_INCONSISTENT,"CSSMERR_CSP_KEY_HEADER_INCONSISTENT"},
	{ CSSMERR_CSP_UNSUPPORTED_KEY_FORMAT,"CSSMERR_CSP_UNSUPPORTED_KEY_FORMAT"},
	{ CSSMERR_CSP_UNSUPPORTED_KEY_SIZE,"CSSMERR_CSP_UNSUPPORTED_KEY_SIZE"},
	{ CSSMERR_CSP_INVALID_KEY_POINTER,"CSSMERR_CSP_INVALID_KEY_POINTER"},
	{ CSSMERR_CSP_INVALID_KEYUSAGE_MASK,"CSSMERR_CSP_INVALID_KEYUSAGE_MASK"},
	{ CSSMERR_CSP_UNSUPPORTED_KEYUSAGE_MASK,"CSSMERR_CSP_UNSUPPORTED_KEYUSAGE_MASK"},
	{ CSSMERR_CSP_INVALID_KEYATTR_MASK,"CSSMERR_CSP_INVALID_KEYATTR_MASK"},
	{ CSSMERR_CSP_UNSUPPORTED_KEYATTR_MASK,"CSSMERR_CSP_UNSUPPORTED_KEYATTR_MASK"},
	{ CSSMERR_CSP_INVALID_KEY_LABEL,"CSSMERR_CSP_INVALID_KEY_LABEL"},
	{ CSSMERR_CSP_UNSUPPORTED_KEY_LABEL,"CSSMERR_CSP_UNSUPPORTED_KEY_LABEL"},
	{ CSSMERR_CSP_INVALID_KEY_FORMAT,"CSSMERR_CSP_INVALID_KEY_FORMAT"},
	{ CSSMERR_CSP_INVALID_DATA_COUNT,"CSSMERR_CSP_INVALID_DATA_COUNT"},
	{ CSSMERR_CSP_VECTOR_OF_BUFS_UNSUPPORTED,"CSSMERR_CSP_VECTOR_OF_BUFS_UNSUPPORTED"},
	{ CSSMERR_CSP_INVALID_INPUT_VECTOR,"CSSMERR_CSP_INVALID_INPUT_VECTOR"},
	{ CSSMERR_CSP_INVALID_OUTPUT_VECTOR,"CSSMERR_CSP_INVALID_OUTPUT_VECTOR"},
	{ CSSMERR_CSP_INVALID_CONTEXT,"CSSMERR_CSP_INVALID_CONTEXT"},
	{ CSSMERR_CSP_INVALID_ALGORITHM,"CSSMERR_CSP_INVALID_ALGORITHM"},
	{ CSSMERR_CSP_INVALID_ATTR_KEY,"CSSMERR_CSP_INVALID_ATTR_KEY"},
	{ CSSMERR_CSP_MISSING_ATTR_KEY,"CSSMERR_CSP_MISSING_ATTR_KEY"},
	{ CSSMERR_CSP_INVALID_ATTR_INIT_VECTOR,"CSSMERR_CSP_INVALID_ATTR_INIT_VECTOR"},
	{ CSSMERR_CSP_MISSING_ATTR_INIT_VECTOR,"CSSMERR_CSP_MISSING_ATTR_INIT_VECTOR"},
	{ CSSMERR_CSP_INVALID_ATTR_SALT,"CSSMERR_CSP_INVALID_ATTR_SALT"},
	{ CSSMERR_CSP_MISSING_ATTR_SALT,"CSSMERR_CSP_MISSING_ATTR_SALT"},
	{ CSSMERR_CSP_INVALID_ATTR_PADDING,"CSSMERR_CSP_INVALID_ATTR_PADDING"},
	{ CSSMERR_CSP_MISSING_ATTR_PADDING,"CSSMERR_CSP_MISSING_ATTR_PADDING"},
	{ CSSMERR_CSP_INVALID_ATTR_RANDOM,"CSSMERR_CSP_INVALID_ATTR_RANDOM"},
	{ CSSMERR_CSP_MISSING_ATTR_RANDOM,"CSSMERR_CSP_MISSING_ATTR_RANDOM"},
	{ CSSMERR_CSP_INVALID_ATTR_SEED,"CSSMERR_CSP_INVALID_ATTR_SEED"},
	{ CSSMERR_CSP_MISSING_ATTR_SEED,"CSSMERR_CSP_MISSING_ATTR_SEED"},
	{ CSSMERR_CSP_INVALID_ATTR_PASSPHRASE,"CSSMERR_CSP_INVALID_ATTR_PASSPHRASE"},
	{ CSSMERR_CSP_MISSING_ATTR_PASSPHRASE,"CSSMERR_CSP_MISSING_ATTR_PASSPHRASE"},
	{ CSSMERR_CSP_INVALID_ATTR_KEY_LENGTH,"CSSMERR_CSP_INVALID_ATTR_KEY_LENGTH"},
	{ CSSMERR_CSP_MISSING_ATTR_KEY_LENGTH,"CSSMERR_CSP_MISSING_ATTR_KEY_LENGTH"},
	{ CSSMERR_CSP_INVALID_ATTR_BLOCK_SIZE,"CSSMERR_CSP_INVALID_ATTR_BLOCK_SIZE"},
	{ CSSMERR_CSP_MISSING_ATTR_BLOCK_SIZE,"CSSMERR_CSP_MISSING_ATTR_BLOCK_SIZE"},
	{ CSSMERR_CSP_INVALID_ATTR_OUTPUT_SIZE,"CSSMERR_CSP_INVALID_ATTR_OUTPUT_SIZE"},
	{ CSSMERR_CSP_MISSING_ATTR_OUTPUT_SIZE,"CSSMERR_CSP_MISSING_ATTR_OUTPUT_SIZE"},
	{ CSSMERR_CSP_INVALID_ATTR_ROUNDS,"CSSMERR_CSP_INVALID_ATTR_ROUNDS"},
	{ CSSMERR_CSP_MISSING_ATTR_ROUNDS,"CSSMERR_CSP_MISSING_ATTR_ROUNDS"},
	{ CSSMERR_CSP_INVALID_ATTR_ALG_PARAMS,"CSSMERR_CSP_INVALID_ATTR_ALG_PARAMS"},
	{ CSSMERR_CSP_MISSING_ATTR_ALG_PARAMS,"CSSMERR_CSP_MISSING_ATTR_ALG_PARAMS"},
	{ CSSMERR_CSP_INVALID_ATTR_LABEL,"CSSMERR_CSP_INVALID_ATTR_LABEL"},
	{ CSSMERR_CSP_MISSING_ATTR_LABEL,"CSSMERR_CSP_MISSING_ATTR_LABEL"},
	{ CSSMERR_CSP_INVALID_ATTR_KEY_TYPE,"CSSMERR_CSP_INVALID_ATTR_KEY_TYPE"},
	{ CSSMERR_CSP_MISSING_ATTR_KEY_TYPE,"CSSMERR_CSP_MISSING_ATTR_KEY_TYPE"},
	{ CSSMERR_CSP_INVALID_ATTR_MODE,"CSSMERR_CSP_INVALID_ATTR_MODE"},
	{ CSSMERR_CSP_MISSING_ATTR_MODE,"CSSMERR_CSP_MISSING_ATTR_MODE"},
	{ CSSMERR_CSP_INVALID_ATTR_EFFECTIVE_BITS,"CSSMERR_CSP_INVALID_ATTR_EFFECTIVE_BITS"},
	{ CSSMERR_CSP_MISSING_ATTR_EFFECTIVE_BITS,"CSSMERR_CSP_MISSING_ATTR_EFFECTIVE_BITS"},
	{ CSSMERR_CSP_INVALID_ATTR_START_DATE,"CSSMERR_CSP_INVALID_ATTR_START_DATE"},
	{ CSSMERR_CSP_MISSING_ATTR_START_DATE,"CSSMERR_CSP_MISSING_ATTR_START_DATE"},
	{ CSSMERR_CSP_INVALID_ATTR_END_DATE,"CSSMERR_CSP_INVALID_ATTR_END_DATE"},
	{ CSSMERR_CSP_MISSING_ATTR_END_DATE,"CSSMERR_CSP_MISSING_ATTR_END_DATE"},
	{ CSSMERR_CSP_INVALID_ATTR_VERSION,"CSSMERR_CSP_INVALID_ATTR_VERSION"},
	{ CSSMERR_CSP_MISSING_ATTR_VERSION,"CSSMERR_CSP_MISSING_ATTR_VERSION"},
	{ CSSMERR_CSP_INVALID_ATTR_PRIME,"CSSMERR_CSP_INVALID_ATTR_PRIME"},
	{ CSSMERR_CSP_MISSING_ATTR_PRIME,"CSSMERR_CSP_MISSING_ATTR_PRIME"},
	{ CSSMERR_CSP_INVALID_ATTR_BASE,"CSSMERR_CSP_INVALID_ATTR_BASE"},
	{ CSSMERR_CSP_MISSING_ATTR_BASE,"CSSMERR_CSP_MISSING_ATTR_BASE"},
	{ CSSMERR_CSP_INVALID_ATTR_SUBPRIME,"CSSMERR_CSP_INVALID_ATTR_SUBPRIME"},
	{ CSSMERR_CSP_MISSING_ATTR_SUBPRIME,"CSSMERR_CSP_MISSING_ATTR_SUBPRIME"},
	{ CSSMERR_CSP_INVALID_ATTR_ITERATION_COUNT,"CSSMERR_CSP_INVALID_ATTR_ITERATION_COUNT"},
	{ CSSMERR_CSP_MISSING_ATTR_ITERATION_COUNT,"CSSMERR_CSP_MISSING_ATTR_ITERATION_COUNT"},
	{ CSSMERR_CSP_INVALID_ATTR_DL_DB_HANDLE,"CSSMERR_CSP_INVALID_ATTR_DL_DB_HANDLE"},
	{ CSSMERR_CSP_MISSING_ATTR_DL_DB_HANDLE,"CSSMERR_CSP_MISSING_ATTR_DL_DB_HANDLE"},
	{ CSSMERR_CSP_INVALID_ATTR_ACCESS_CREDENTIALS,"CSSMERR_CSP_INVALID_ATTR_ACCESS_CREDENTIALS"},
	{ CSSMERR_CSP_MISSING_ATTR_ACCESS_CREDENTIALS,"CSSMERR_CSP_MISSING_ATTR_ACCESS_CREDENTIALS"},
	{ CSSMERR_CSP_INVALID_ATTR_PUBLIC_KEY_FORMAT,"CSSMERR_CSP_INVALID_ATTR_PUBLIC_KEY_FORMAT"},
	{ CSSMERR_CSP_MISSING_ATTR_PUBLIC_KEY_FORMAT,"CSSMERR_CSP_MISSING_ATTR_PUBLIC_KEY_FORMAT"},
	{ CSSMERR_CSP_INVALID_ATTR_PRIVATE_KEY_FORMAT,"CSSMERR_CSP_INVALID_ATTR_PRIVATE_KEY_FORMAT"},
	{ CSSMERR_CSP_MISSING_ATTR_PRIVATE_KEY_FORMAT,"CSSMERR_CSP_MISSING_ATTR_PRIVATE_KEY_FORMAT"},
	{ CSSMERR_CSP_INVALID_ATTR_SYMMETRIC_KEY_FORMAT,"CSSMERR_CSP_INVALID_ATTR_SYMMETRIC_KEY_FORMAT"},
	{ CSSMERR_CSP_MISSING_ATTR_SYMMETRIC_KEY_FORMAT,"CSSMERR_CSP_MISSING_ATTR_SYMMETRIC_KEY_FORMAT"},
	{ CSSMERR_CSP_INVALID_ATTR_WRAPPED_KEY_FORMAT,"CSSMERR_CSP_INVALID_ATTR_WRAPPED_KEY_FORMAT"},
	{ CSSMERR_CSP_MISSING_ATTR_WRAPPED_KEY_FORMAT,"CSSMERR_CSP_MISSING_ATTR_WRAPPED_KEY_FORMAT"},
	{ CSSMERR_CSP_STAGED_OPERATION_IN_PROGRESS,"CSSMERR_CSP_STAGED_OPERATION_IN_PROGRESS"},
	{ CSSMERR_CSP_STAGED_OPERATION_NOT_STARTED,"CSSMERR_CSP_STAGED_OPERATION_NOT_STARTED"},
	{ CSSMERR_CSP_VERIFY_FAILED,"CSSMERR_CSP_VERIFY_FAILED"},
	{ CSSMERR_CSP_INVALID_SIGNATURE,"CSSMERR_CSP_INVALID_SIGNATURE"},
	{ CSSMERR_CSP_QUERY_SIZE_UNKNOWN,"CSSMERR_CSP_QUERY_SIZE_UNKNOWN"},
	{ CSSMERR_CSP_BLOCK_SIZE_MISMATCH,"CSSMERR_CSP_BLOCK_SIZE_MISMATCH"},
	{ CSSMERR_CSP_PRIVATE_KEY_NOT_FOUND,"CSSMERR_CSP_PRIVATE_KEY_NOT_FOUND"},
	{ CSSMERR_CSP_PUBLIC_KEY_INCONSISTENT,"CSSMERR_CSP_PUBLIC_KEY_INCONSISTENT"},
	{ CSSMERR_CSP_DEVICE_VERIFY_FAILED,"CSSMERR_CSP_DEVICE_VERIFY_FAILED"},
	{ CSSMERR_CSP_INVALID_LOGIN_NAME,"CSSMERR_CSP_INVALID_LOGIN_NAME"},
	{ CSSMERR_CSP_ALREADY_LOGGED_IN,"CSSMERR_CSP_ALREADY_LOGGED_IN"},
	{ CSSMERR_CSP_PRIVATE_KEY_ALREADY_EXISTS,"CSSMERR_CSP_PRIVATE_KEY_ALREADY_EXISTS"},
	{ CSSMERR_CSP_KEY_LABEL_ALREADY_EXISTS,"CSSMERR_CSP_KEY_LABEL_ALREADY_EXISTS"},
	{ CSSMERR_CSP_INVALID_DIGEST_ALGORITHM,"CSSMERR_CSP_INVALID_DIGEST_ALGORITHM"},
	{ CSSMERR_CSP_CRYPTO_DATA_CALLBACK_FAILED,"CSSMERR_CSP_CRYPTO_DATA_CALLBACK_FAILED"},
	{ CSSMERR_TP_INTERNAL_ERROR,"CSSMERR_TP_INTERNAL_ERROR"},
	{ CSSMERR_TP_MEMORY_ERROR,"CSSMERR_TP_MEMORY_ERROR"},
	{ CSSMERR_TP_MDS_ERROR,"CSSMERR_TP_MDS_ERROR"},
	{ CSSMERR_TP_INVALID_POINTER,"CSSMERR_TP_INVALID_POINTER"},
	{ CSSMERR_TP_INVALID_INPUT_POINTER,"CSSMERR_TP_INVALID_INPUT_POINTER"},
	{ CSSMERR_TP_INVALID_OUTPUT_POINTER,"CSSMERR_TP_INVALID_OUTPUT_POINTER"},
	{ CSSMERR_TP_FUNCTION_NOT_IMPLEMENTED,"CSSMERR_TP_FUNCTION_NOT_IMPLEMENTED"},
	{ CSSMERR_TP_SELF_CHECK_FAILED,"CSSMERR_TP_SELF_CHECK_FAILED"},
	{ CSSMERR_TP_OS_ACCESS_DENIED,"CSSMERR_TP_OS_ACCESS_DENIED"},
	{ CSSMERR_TP_FUNCTION_FAILED,"CSSMERR_TP_FUNCTION_FAILED"},
	{ CSSMERR_TP_INVALID_CONTEXT_HANDLE,"CSSMERR_TP_INVALID_CONTEXT_HANDLE"},
	{ CSSMERR_TP_INVALID_DATA,"CSSMERR_TP_INVALID_DATA"},
	{ CSSMERR_TP_INVALID_DB_LIST,"CSSMERR_TP_INVALID_DB_LIST"},
	{ CSSMERR_TP_INVALID_CERTGROUP_POINTER,"CSSMERR_TP_INVALID_CERTGROUP_POINTER"},
	{ CSSMERR_TP_INVALID_CERT_POINTER,"CSSMERR_TP_INVALID_CERT_POINTER"},
	{ CSSMERR_TP_INVALID_CRL_POINTER,"CSSMERR_TP_INVALID_CRL_POINTER"},
	{ CSSMERR_TP_INVALID_FIELD_POINTER,"CSSMERR_TP_INVALID_FIELD_POINTER"},
	{ CSSMERR_TP_INVALID_NETWORK_ADDR,"CSSMERR_TP_INVALID_NETWORK_ADDR"},
	{ CSSMERR_TP_CRL_ALREADY_SIGNED,"CSSMERR_TP_CRL_ALREADY_SIGNED"},
	{ CSSMERR_TP_INVALID_NUMBER_OF_FIELDS,"CSSMERR_TP_INVALID_NUMBER_OF_FIELDS"},
	{ CSSMERR_TP_VERIFICATION_FAILURE,"CSSMERR_TP_VERIFICATION_FAILURE"},
	{ CSSMERR_TP_INVALID_DB_HANDLE,"CSSMERR_TP_INVALID_DB_HANDLE"},
	{ CSSMERR_TP_UNKNOWN_FORMAT,"CSSMERR_TP_UNKNOWN_FORMAT"},
	{ CSSMERR_TP_UNKNOWN_TAG,"CSSMERR_TP_UNKNOWN_TAG"},
	{ CSSMERR_TP_INVALID_PASSTHROUGH_ID,"CSSMERR_TP_INVALID_PASSTHROUGH_ID"},
	{ CSSMERR_TP_INVALID_CSP_HANDLE,"CSSMERR_TP_INVALID_CSP_HANDLE"},
	{ CSSMERR_TP_INVALID_DL_HANDLE,"CSSMERR_TP_INVALID_DL_HANDLE"},
	{ CSSMERR_TP_INVALID_CL_HANDLE,"CSSMERR_TP_INVALID_CL_HANDLE"},
	{ CSSMERR_TP_INVALID_DB_LIST_POINTER,"CSSMERR_TP_INVALID_DB_LIST_POINTER"},
	{ CSSMERR_TP_INVALID_CALLERAUTH_CONTEXT_POINTER,"CSSMERR_TP_INVALID_CALLERAUTH_CONTEXT_POINTER"},
	{ CSSMERR_TP_INVALID_IDENTIFIER_POINTER,"CSSMERR_TP_INVALID_IDENTIFIER_POINTER"},
	{ CSSMERR_TP_INVALID_KEYCACHE_HANDLE,"CSSMERR_TP_INVALID_KEYCACHE_HANDLE"},
	{ CSSMERR_TP_INVALID_CERTGROUP,"CSSMERR_TP_INVALID_CERTGROUP"},
	{ CSSMERR_TP_INVALID_CRLGROUP,"CSSMERR_TP_INVALID_CRLGROUP"},
	{ CSSMERR_TP_INVALID_CRLGROUP_POINTER,"CSSMERR_TP_INVALID_CRLGROUP_POINTER"},
	{ CSSMERR_TP_AUTHENTICATION_FAILED,"CSSMERR_TP_AUTHENTICATION_FAILED"},
	{ CSSMERR_TP_CERTGROUP_INCOMPLETE,"CSSMERR_TP_CERTGROUP_INCOMPLETE"},
	{ CSSMERR_TP_CERTIFICATE_CANT_OPERATE,"CSSMERR_TP_CERTIFICATE_CANT_OPERATE"},
	{ CSSMERR_TP_CERT_EXPIRED,"CSSMERR_TP_CERT_EXPIRED"},
	{ CSSMERR_TP_CERT_NOT_VALID_YET,"CSSMERR_TP_CERT_NOT_VALID_YET"},
	{ CSSMERR_TP_CERT_REVOKED,"CSSMERR_TP_CERT_REVOKED"},
	{ CSSMERR_TP_CERT_SUSPENDED,"CSSMERR_TP_CERT_SUSPENDED"},
	{ CSSMERR_TP_INSUFFICIENT_CREDENTIALS,"CSSMERR_TP_INSUFFICIENT_CREDENTIALS"},
	{ CSSMERR_TP_INVALID_ACTION,"CSSMERR_TP_INVALID_ACTION"},
	{ CSSMERR_TP_INVALID_ACTION_DATA,"CSSMERR_TP_INVALID_ACTION_DATA"},
	{ CSSMERR_TP_INVALID_ANCHOR_CERT,"CSSMERR_TP_INVALID_ANCHOR_CERT"},
	{ CSSMERR_TP_INVALID_AUTHORITY,"CSSMERR_TP_INVALID_AUTHORITY"},
	{ CSSMERR_TP_VERIFY_ACTION_FAILED,"CSSMERR_TP_VERIFY_ACTION_FAILED"},
	{ CSSMERR_TP_INVALID_CERTIFICATE,"CSSMERR_TP_INVALID_CERTIFICATE"},
	{ CSSMERR_TP_INVALID_CERT_AUTHORITY,"CSSMERR_TP_INVALID_CERT_AUTHORITY"},
	{ CSSMERR_TP_INVALID_CRL_AUTHORITY,"CSSMERR_TP_INVALID_CRL_AUTHORITY"},
	{ CSSMERR_TP_INVALID_CRL_ENCODING,"CSSMERR_TP_INVALID_CRL_ENCODING"},
	{ CSSMERR_TP_INVALID_CRL_TYPE,"CSSMERR_TP_INVALID_CRL_TYPE"},
	{ CSSMERR_TP_INVALID_CRL,"CSSMERR_TP_INVALID_CRL"},
	{ CSSMERR_TP_INVALID_FORM_TYPE,"CSSMERR_TP_INVALID_FORM_TYPE"},
	{ CSSMERR_TP_INVALID_ID,"CSSMERR_TP_INVALID_ID"},
	{ CSSMERR_TP_INVALID_IDENTIFIER,"CSSMERR_TP_INVALID_IDENTIFIER"},
	{ CSSMERR_TP_INVALID_INDEX,"CSSMERR_TP_INVALID_INDEX"},
	{ CSSMERR_TP_INVALID_NAME,"CSSMERR_TP_INVALID_NAME"},
	{ CSSMERR_TP_INVALID_POLICY_IDENTIFIERS,"CSSMERR_TP_INVALID_POLICY_IDENTIFIERS"},
	{ CSSMERR_TP_INVALID_TIMESTRING,"CSSMERR_TP_INVALID_TIMESTRING"},
	{ CSSMERR_TP_INVALID_REASON,"CSSMERR_TP_INVALID_REASON"},
	{ CSSMERR_TP_INVALID_REQUEST_INPUTS,"CSSMERR_TP_INVALID_REQUEST_INPUTS"},
	{ CSSMERR_TP_INVALID_RESPONSE_VECTOR,"CSSMERR_TP_INVALID_RESPONSE_VECTOR"},
	{ CSSMERR_TP_INVALID_SIGNATURE,"CSSMERR_TP_INVALID_SIGNATURE"},
	{ CSSMERR_TP_INVALID_STOP_ON_POLICY,"CSSMERR_TP_INVALID_STOP_ON_POLICY"},
	{ CSSMERR_TP_INVALID_CALLBACK,"CSSMERR_TP_INVALID_CALLBACK"},
	{ CSSMERR_TP_INVALID_TUPLE,"CSSMERR_TP_INVALID_TUPLE"},
	{ CSSMERR_TP_NOT_SIGNER,"CSSMERR_TP_NOT_SIGNER"},
	{ CSSMERR_TP_NOT_TRUSTED,"CSSMERR_TP_NOT_TRUSTED"},
	{ CSSMERR_TP_NO_DEFAULT_AUTHORITY,"CSSMERR_TP_NO_DEFAULT_AUTHORITY"},
	{ CSSMERR_TP_REJECTED_FORM,"CSSMERR_TP_REJECTED_FORM"},
	{ CSSMERR_TP_REQUEST_LOST,"CSSMERR_TP_REQUEST_LOST"},
	{ CSSMERR_TP_REQUEST_REJECTED,"CSSMERR_TP_REQUEST_REJECTED"},
	{ CSSMERR_TP_UNSUPPORTED_ADDR_TYPE,"CSSMERR_TP_UNSUPPORTED_ADDR_TYPE"},
	{ CSSMERR_TP_UNSUPPORTED_SERVICE,"CSSMERR_TP_UNSUPPORTED_SERVICE"},
	{ CSSMERR_TP_INVALID_TUPLEGROUP_POINTER,"CSSMERR_TP_INVALID_TUPLEGROUP_POINTER"},
	{ CSSMERR_TP_INVALID_TUPLEGROUP,"CSSMERR_TP_INVALID_TUPLEGROUP"},
	{ CSSMERR_AC_INTERNAL_ERROR,"CSSMERR_AC_INTERNAL_ERROR"},
	{ CSSMERR_AC_MEMORY_ERROR,"CSSMERR_AC_MEMORY_ERROR"},
	{ CSSMERR_AC_MDS_ERROR,"CSSMERR_AC_MDS_ERROR"},
	{ CSSMERR_AC_INVALID_POINTER,"CSSMERR_AC_INVALID_POINTER"},
	{ CSSMERR_AC_INVALID_INPUT_POINTER,"CSSMERR_AC_INVALID_INPUT_POINTER"},
	{ CSSMERR_AC_INVALID_OUTPUT_POINTER,"CSSMERR_AC_INVALID_OUTPUT_POINTER"},
	{ CSSMERR_AC_FUNCTION_NOT_IMPLEMENTED,"CSSMERR_AC_FUNCTION_NOT_IMPLEMENTED"},
	{ CSSMERR_AC_SELF_CHECK_FAILED,"CSSMERR_AC_SELF_CHECK_FAILED"},
	{ CSSMERR_AC_OS_ACCESS_DENIED,"CSSMERR_AC_OS_ACCESS_DENIED"},
	{ CSSMERR_AC_FUNCTION_FAILED,"CSSMERR_AC_FUNCTION_FAILED"},
	{ CSSMERR_AC_INVALID_CONTEXT_HANDLE,"CSSMERR_AC_INVALID_CONTEXT_HANDLE"},
	{ CSSMERR_AC_INVALID_DATA,"CSSMERR_AC_INVALID_DATA"},
	{ CSSMERR_AC_INVALID_DB_LIST,"CSSMERR_AC_INVALID_DB_LIST"},
	{ CSSMERR_AC_INVALID_PASSTHROUGH_ID,"CSSMERR_AC_INVALID_PASSTHROUGH_ID"},
	{ CSSMERR_AC_INVALID_DL_HANDLE,"CSSMERR_AC_INVALID_DL_HANDLE"},
	{ CSSMERR_AC_INVALID_CL_HANDLE,"CSSMERR_AC_INVALID_CL_HANDLE"},
	{ CSSMERR_AC_INVALID_TP_HANDLE,"CSSMERR_AC_INVALID_TP_HANDLE"},
	{ CSSMERR_AC_INVALID_DB_HANDLE,"CSSMERR_AC_INVALID_DB_HANDLE"},
	{ CSSMERR_AC_INVALID_DB_LIST_POINTER,"CSSMERR_AC_INVALID_DB_LIST_POINTER"},
	{ CSSMERR_AC_INVALID_BASE_ACLS,"CSSMERR_AC_INVALID_BASE_ACLS"},
	{ CSSMERR_AC_INVALID_TUPLE_CREDENTIALS,"CSSMERR_AC_INVALID_TUPLE_CREDENTIALS"},
	{ CSSMERR_AC_INVALID_ENCODING,"CSSMERR_AC_INVALID_ENCODING"},
	{ CSSMERR_AC_INVALID_VALIDITY_PERIOD,"CSSMERR_AC_INVALID_VALIDITY_PERIOD"},
	{ CSSMERR_AC_INVALID_REQUESTOR,"CSSMERR_AC_INVALID_REQUESTOR"},
	{ CSSMERR_AC_INVALID_REQUEST_DESCRIPTOR,"CSSMERR_AC_INVALID_REQUEST_DESCRIPTOR"},
	{ CSSMERR_CL_INTERNAL_ERROR,"CSSMERR_CL_INTERNAL_ERROR"},
	{ CSSMERR_CL_MEMORY_ERROR,"CSSMERR_CL_MEMORY_ERROR"},
	{ CSSMERR_CL_MDS_ERROR,"CSSMERR_CL_MDS_ERROR"},
	{ CSSMERR_CL_INVALID_POINTER,"CSSMERR_CL_INVALID_POINTER"},
	{ CSSMERR_CL_INVALID_INPUT_POINTER,"CSSMERR_CL_INVALID_INPUT_POINTER"},
	{ CSSMERR_CL_INVALID_OUTPUT_POINTER,"CSSMERR_CL_INVALID_OUTPUT_POINTER"},
	{ CSSMERR_CL_FUNCTION_NOT_IMPLEMENTED,"CSSMERR_CL_FUNCTION_NOT_IMPLEMENTED"},
	{ CSSMERR_CL_SELF_CHECK_FAILED,"CSSMERR_CL_SELF_CHECK_FAILED"},
	{ CSSMERR_CL_OS_ACCESS_DENIED,"CSSMERR_CL_OS_ACCESS_DENIED"},
	{ CSSMERR_CL_FUNCTION_FAILED,"CSSMERR_CL_FUNCTION_FAILED"},
	{ CSSMERR_CL_INVALID_CONTEXT_HANDLE,"CSSMERR_CL_INVALID_CONTEXT_HANDLE"},
	{ CSSMERR_CL_INVALID_CERTGROUP_POINTER,"CSSMERR_CL_INVALID_CERTGROUP_POINTER"},
	{ CSSMERR_CL_INVALID_CERT_POINTER,"CSSMERR_CL_INVALID_CERT_POINTER"},
	{ CSSMERR_CL_INVALID_CRL_POINTER,"CSSMERR_CL_INVALID_CRL_POINTER"},
	{ CSSMERR_CL_INVALID_FIELD_POINTER,"CSSMERR_CL_INVALID_FIELD_POINTER"},
	{ CSSMERR_CL_INVALID_DATA,"CSSMERR_CL_INVALID_DATA"},
	{ CSSMERR_CL_CRL_ALREADY_SIGNED,"CSSMERR_CL_CRL_ALREADY_SIGNED"},
	{ CSSMERR_CL_INVALID_NUMBER_OF_FIELDS,"CSSMERR_CL_INVALID_NUMBER_OF_FIELDS"},
	{ CSSMERR_CL_VERIFICATION_FAILURE,"CSSMERR_CL_VERIFICATION_FAILURE"},
	{ CSSMERR_CL_UNKNOWN_FORMAT,"CSSMERR_CL_UNKNOWN_FORMAT"},
	{ CSSMERR_CL_UNKNOWN_TAG,"CSSMERR_CL_UNKNOWN_TAG"},
	{ CSSMERR_CL_INVALID_PASSTHROUGH_ID,"CSSMERR_CL_INVALID_PASSTHROUGH_ID"},
	{ CSSMERR_CL_INVALID_BUNDLE_POINTER,"CSSMERR_CL_INVALID_BUNDLE_POINTER"},
	{ CSSMERR_CL_INVALID_CACHE_HANDLE,"CSSMERR_CL_INVALID_CACHE_HANDLE"},
	{ CSSMERR_CL_INVALID_RESULTS_HANDLE,"CSSMERR_CL_INVALID_RESULTS_HANDLE"},
	{ CSSMERR_CL_INVALID_BUNDLE_INFO,"CSSMERR_CL_INVALID_BUNDLE_INFO"},
	{ CSSMERR_CL_INVALID_CRL_INDEX,"CSSMERR_CL_INVALID_CRL_INDEX"},
	{ CSSMERR_CL_INVALID_SCOPE,"CSSMERR_CL_INVALID_SCOPE"},
	{ CSSMERR_CL_NO_FIELD_VALUES,"CSSMERR_CL_NO_FIELD_VALUES"},
	{ CSSMERR_CL_SCOPE_NOT_SUPPORTED,"CSSMERR_CL_SCOPE_NOT_SUPPORTED"},
	{ CSSMERR_DL_INTERNAL_ERROR,"CSSMERR_DL_INTERNAL_ERROR"},
	{ CSSMERR_DL_MEMORY_ERROR,"CSSMERR_DL_MEMORY_ERROR"},
	{ CSSMERR_DL_MDS_ERROR,"CSSMERR_DL_MDS_ERROR"},
	{ CSSMERR_DL_INVALID_POINTER,"CSSMERR_DL_INVALID_POINTER"},
	{ CSSMERR_DL_INVALID_INPUT_POINTER,"CSSMERR_DL_INVALID_INPUT_POINTER"},
	{ CSSMERR_DL_INVALID_OUTPUT_POINTER,"CSSMERR_DL_INVALID_OUTPUT_POINTER"},
	{ CSSMERR_DL_FUNCTION_NOT_IMPLEMENTED,"CSSMERR_DL_FUNCTION_NOT_IMPLEMENTED"},
	{ CSSMERR_DL_SELF_CHECK_FAILED,"CSSMERR_DL_SELF_CHECK_FAILED"},
	{ CSSMERR_DL_OS_ACCESS_DENIED,"CSSMERR_DL_OS_ACCESS_DENIED"},
	{ CSSMERR_DL_FUNCTION_FAILED,"CSSMERR_DL_FUNCTION_FAILED"},
	{ CSSMERR_DL_INVALID_CSP_HANDLE,"CSSMERR_DL_INVALID_CSP_HANDLE"},
	{ CSSMERR_DL_INVALID_DL_HANDLE,"CSSMERR_DL_INVALID_DL_HANDLE"},
	{ CSSMERR_DL_INVALID_CL_HANDLE,"CSSMERR_DL_INVALID_CL_HANDLE"},
	{ CSSMERR_DL_INVALID_DB_LIST_POINTER,"CSSMERR_DL_INVALID_DB_LIST_POINTER"},
	{ CSSMERR_DL_OPERATION_AUTH_DENIED,"CSSMERR_DL_OPERATION_AUTH_DENIED"},
	{ CSSMERR_DL_OBJECT_USE_AUTH_DENIED,"CSSMERR_DL_OBJECT_USE_AUTH_DENIED"},
	{ CSSMERR_DL_OBJECT_MANIP_AUTH_DENIED,"CSSMERR_DL_OBJECT_MANIP_AUTH_DENIED"},
	{ CSSMERR_DL_OBJECT_ACL_NOT_SUPPORTED,"CSSMERR_DL_OBJECT_ACL_NOT_SUPPORTED"},
	{ CSSMERR_DL_OBJECT_ACL_REQUIRED,"CSSMERR_DL_OBJECT_ACL_REQUIRED"},
	{ CSSMERR_DL_INVALID_ACCESS_CREDENTIALS,"CSSMERR_DL_INVALID_ACCESS_CREDENTIALS"},
	{ CSSMERR_DL_INVALID_ACL_BASE_CERTS,"CSSMERR_DL_INVALID_ACL_BASE_CERTS"},
	{ CSSMERR_DL_ACL_BASE_CERTS_NOT_SUPPORTED,"CSSMERR_DL_ACL_BASE_CERTS_NOT_SUPPORTED"},
	{ CSSMERR_DL_INVALID_SAMPLE_VALUE,"CSSMERR_DL_INVALID_SAMPLE_VALUE"},
	{ CSSMERR_DL_SAMPLE_VALUE_NOT_SUPPORTED,"CSSMERR_DL_SAMPLE_VALUE_NOT_SUPPORTED"},
	{ CSSMERR_DL_INVALID_ACL_SUBJECT_VALUE,"CSSMERR_DL_INVALID_ACL_SUBJECT_VALUE"},
	{ CSSMERR_DL_ACL_SUBJECT_TYPE_NOT_SUPPORTED,"CSSMERR_DL_ACL_SUBJECT_TYPE_NOT_SUPPORTED"},
	{ CSSMERR_DL_INVALID_ACL_CHALLENGE_CALLBACK,"CSSMERR_DL_INVALID_ACL_CHALLENGE_CALLBACK"},
	{ CSSMERR_DL_ACL_CHALLENGE_CALLBACK_FAILED,"CSSMERR_DL_ACL_CHALLENGE_CALLBACK_FAILED"},
	{ CSSMERR_DL_INVALID_ACL_ENTRY_TAG,"CSSMERR_DL_INVALID_ACL_ENTRY_TAG"},
	{ CSSMERR_DL_ACL_ENTRY_TAG_NOT_FOUND,"CSSMERR_DL_ACL_ENTRY_TAG_NOT_FOUND"},
	{ CSSMERR_DL_INVALID_ACL_EDIT_MODE,"CSSMERR_DL_INVALID_ACL_EDIT_MODE"},
	{ CSSMERR_DL_ACL_CHANGE_FAILED,"CSSMERR_DL_ACL_CHANGE_FAILED"},
	{ CSSMERR_DL_INVALID_NEW_ACL_ENTRY,"CSSMERR_DL_INVALID_NEW_ACL_ENTRY"},
	{ CSSMERR_DL_INVALID_NEW_ACL_OWNER,"CSSMERR_DL_INVALID_NEW_ACL_OWNER"},
	{ CSSMERR_DL_ACL_DELETE_FAILED,"CSSMERR_DL_ACL_DELETE_FAILED"},
	{ CSSMERR_DL_ACL_REPLACE_FAILED,"CSSMERR_DL_ACL_REPLACE_FAILED"},
	{ CSSMERR_DL_ACL_ADD_FAILED,"CSSMERR_DL_ACL_ADD_FAILED"},
	{ CSSMERR_DL_INVALID_DB_HANDLE,"CSSMERR_DL_INVALID_DB_HANDLE"},
	{ CSSMERR_DL_INVALID_PASSTHROUGH_ID,"CSSMERR_DL_INVALID_PASSTHROUGH_ID"},
	{ CSSMERR_DL_INVALID_NETWORK_ADDR,"CSSMERR_DL_INVALID_NETWORK_ADDR"},
	{ CSSMERR_DL_DATABASE_CORRUPT,"CSSMERR_DL_DATABASE_CORRUPT"},
	{ CSSMERR_DL_INVALID_RECORD_INDEX,"CSSMERR_DL_INVALID_RECORD_INDEX"},
	{ CSSMERR_DL_INVALID_RECORDTYPE,"CSSMERR_DL_INVALID_RECORDTYPE"},
	{ CSSMERR_DL_INVALID_FIELD_NAME,"CSSMERR_DL_INVALID_FIELD_NAME"},
	{ CSSMERR_DL_UNSUPPORTED_FIELD_FORMAT,"CSSMERR_DL_UNSUPPORTED_FIELD_FORMAT"},
	{ CSSMERR_DL_UNSUPPORTED_INDEX_INFO,"CSSMERR_DL_UNSUPPORTED_INDEX_INFO"},
	{ CSSMERR_DL_UNSUPPORTED_LOCALITY,"CSSMERR_DL_UNSUPPORTED_LOCALITY"},
	{ CSSMERR_DL_UNSUPPORTED_NUM_ATTRIBUTES,"CSSMERR_DL_UNSUPPORTED_NUM_ATTRIBUTES"},
	{ CSSMERR_DL_UNSUPPORTED_NUM_INDEXES,"CSSMERR_DL_UNSUPPORTED_NUM_INDEXES"},
	{ CSSMERR_DL_UNSUPPORTED_NUM_RECORDTYPES,"CSSMERR_DL_UNSUPPORTED_NUM_RECORDTYPES"},
	{ CSSMERR_DL_UNSUPPORTED_RECORDTYPE,"CSSMERR_DL_UNSUPPORTED_RECORDTYPE"},
	{ CSSMERR_DL_FIELD_SPECIFIED_MULTIPLE,"CSSMERR_DL_FIELD_SPECIFIED_MULTIPLE"},
	{ CSSMERR_DL_INCOMPATIBLE_FIELD_FORMAT,"CSSMERR_DL_INCOMPATIBLE_FIELD_FORMAT"},
	{ CSSMERR_DL_INVALID_PARSING_MODULE,"CSSMERR_DL_INVALID_PARSING_MODULE"},
	{ CSSMERR_DL_INVALID_DB_NAME,"CSSMERR_DL_INVALID_DB_NAME"},
	{ CSSMERR_DL_DATASTORE_DOESNOT_EXIST,"CSSMERR_DL_DATASTORE_DOESNOT_EXIST"},
	{ CSSMERR_DL_DATASTORE_ALREADY_EXISTS,"CSSMERR_DL_DATASTORE_ALREADY_EXISTS"},
	{ CSSMERR_DL_DB_LOCKED,"CSSMERR_DL_DB_LOCKED"},
	{ CSSMERR_DL_DATASTORE_IS_OPEN,"CSSMERR_DL_DATASTORE_IS_OPEN"},
	{ CSSMERR_DL_RECORD_NOT_FOUND,"CSSMERR_DL_RECORD_NOT_FOUND"},
	{ CSSMERR_DL_MISSING_VALUE,"CSSMERR_DL_MISSING_VALUE"},
	{ CSSMERR_DL_UNSUPPORTED_QUERY,"CSSMERR_DL_UNSUPPORTED_QUERY"},
	{ CSSMERR_DL_UNSUPPORTED_QUERY_LIMITS,"CSSMERR_DL_UNSUPPORTED_QUERY_LIMITS"},
	{ CSSMERR_DL_UNSUPPORTED_NUM_SELECTION_PREDS,"CSSMERR_DL_UNSUPPORTED_NUM_SELECTION_PREDS"},
	{ CSSMERR_DL_UNSUPPORTED_OPERATOR,"CSSMERR_DL_UNSUPPORTED_OPERATOR"},
	{ CSSMERR_DL_INVALID_RESULTS_HANDLE,"CSSMERR_DL_INVALID_RESULTS_HANDLE"},
	{ CSSMERR_DL_INVALID_DB_LOCATION,"CSSMERR_DL_INVALID_DB_LOCATION"},
	{ CSSMERR_DL_INVALID_ACCESS_REQUEST,"CSSMERR_DL_INVALID_ACCESS_REQUEST"},
	{ CSSMERR_DL_INVALID_INDEX_INFO,"CSSMERR_DL_INVALID_INDEX_INFO"},
	{ CSSMERR_DL_INVALID_SELECTION_TAG,"CSSMERR_DL_INVALID_SELECTION_TAG"},
	{ CSSMERR_DL_INVALID_NEW_OWNER,"CSSMERR_DL_INVALID_NEW_OWNER"},
	{ CSSMERR_DL_INVALID_RECORD_UID,"CSSMERR_DL_INVALID_RECORD_UID"},
	{ CSSMERR_DL_INVALID_UNIQUE_INDEX_DATA,"CSSMERR_DL_INVALID_UNIQUE_INDEX_DATA"},
	{ CSSMERR_DL_INVALID_MODIFY_MODE,"CSSMERR_DL_INVALID_MODIFY_MODE"},
	{ CSSMERR_DL_INVALID_OPEN_PARAMETERS,"CSSMERR_DL_INVALID_OPEN_PARAMETERS"},
	{ CSSMERR_DL_RECORD_MODIFIED,"CSSMERR_DL_RECORD_MODIFIED"},
	{ CSSMERR_DL_ENDOFDATA,"CSSMERR_DL_ENDOFDATA"},
	{ CSSMERR_DL_INVALID_QUERY,"CSSMERR_DL_INVALID_QUERY"},
	{ CSSMERR_DL_INVALID_VALUE,"CSSMERR_DL_INVALID_VALUE"},
	{ CSSMERR_DL_MULTIPLE_VALUES_UNSUPPORTED,"CSSMERR_DL_MULTIPLE_VALUES_UNSUPPORTED"},
	{ CSSMERR_DL_STALE_UNIQUE_RECORD,"CSSMERR_DL_STALE_UNIQUE_RECORD"},
	/* Error codes from cssmapple.h */
	{ CSSMERR_CSSM_NO_USER_INTERACTION,"CSSMERR_CSSM_NO_USER_INTERACTION"},
	{ CSSMERR_AC_NO_USER_INTERACTION,"CSSMERR_AC_NO_USER_INTERACTION"},
	{ CSSMERR_CSP_NO_USER_INTERACTION,"CSSMERR_CSP_NO_USER_INTERACTION"},
	{ CSSMERR_CL_NO_USER_INTERACTION,"CSSMERR_CL_NO_USER_INTERACTION"},
	{ CSSMERR_DL_NO_USER_INTERACTION,"CSSMERR_DL_NO_USER_INTERACTION"},
	{ CSSMERR_TP_NO_USER_INTERACTION,"CSSMERR_TP_NO_USER_INTERACTION"},
	{ CSSMERR_CSSM_USER_CANCELED,"CSSMERR_CSSM_USER_CANCELED"},
	{ CSSMERR_AC_USER_CANCELED,"CSSMERR_AC_USER_CANCELED"},
	{ CSSMERR_CSP_USER_CANCELED,"CSSMERR_CSP_USER_CANCELED"},
	{ CSSMERR_CL_USER_CANCELED,"CSSMERR_CL_USER_CANCELED"},
	{ CSSMERR_DL_USER_CANCELED,"CSSMERR_DL_USER_CANCELED"},
	{ CSSMERR_TP_USER_CANCELED,"CSSMERR_TP_USER_CANCELED"},
	{ CSSMERR_CSSM_SERVICE_NOT_AVAILABLE,"CSSMERR_CSSM_SERVICE_NOT_AVAILABLE"},
	{ CSSMERR_AC_SERVICE_NOT_AVAILABLE,"CSSMERR_AC_SERVICE_NOT_AVAILABLE"},
	{ CSSMERR_CSP_SERVICE_NOT_AVAILABLE,"CSSMERR_CSP_SERVICE_NOT_AVAILABLE"},
	{ CSSMERR_CL_SERVICE_NOT_AVAILABLE,"CSSMERR_CL_SERVICE_NOT_AVAILABLE"},
	{ CSSMERR_DL_SERVICE_NOT_AVAILABLE,"CSSMERR_DL_SERVICE_NOT_AVAILABLE"},
	{ CSSMERR_TP_SERVICE_NOT_AVAILABLE,"CSSMERR_TP_SERVICE_NOT_AVAILABLE"},
	{ CSSMERR_CSSM_INSUFFICIENT_CLIENT_IDENTIFICATION,"CSSMERR_CSSM_INSUFFICIENT_CLIENT_IDENTIFICATION"},
	{ CSSMERR_AC_INSUFFICIENT_CLIENT_IDENTIFICATION,"CSSMERR_AC_INSUFFICIENT_CLIENT_IDENTIFICATION"},
	{ CSSMERR_CSP_INSUFFICIENT_CLIENT_IDENTIFICATION,"CSSMERR_CSP_INSUFFICIENT_CLIENT_IDENTIFICATION"},
	{ CSSMERR_CL_INSUFFICIENT_CLIENT_IDENTIFICATION,"CSSMERR_CL_INSUFFICIENT_CLIENT_IDENTIFICATION"},
	{ CSSMERR_DL_INSUFFICIENT_CLIENT_IDENTIFICATION,"CSSMERR_DL_INSUFFICIENT_CLIENT_IDENTIFICATION"},
	{ CSSMERR_TP_INSUFFICIENT_CLIENT_IDENTIFICATION,"CSSMERR_TP_INSUFFICIENT_CLIENT_IDENTIFICATION"},
	{ CSSMERR_CSSM_DEVICE_RESET,"CSSMERR_CSSM_DEVICE_RESET"},
	{ CSSMERR_AC_DEVICE_RESET,"CSSMERR_AC_DEVICE_RESET"},
	{ CSSMERR_CSP_DEVICE_RESET,"CSSMERR_CSP_DEVICE_RESET"},
	{ CSSMERR_CL_DEVICE_RESET,"CSSMERR_CL_DEVICE_RESET"},
	{ CSSMERR_DL_DEVICE_RESET,"CSSMERR_DL_DEVICE_RESET"},
	{ CSSMERR_TP_DEVICE_RESET,"CSSMERR_TP_DEVICE_RESET"},
	{ CSSMERR_CSSM_DEVICE_FAILED,"CSSMERR_CSSM_DEVICE_FAILED"},
	{ CSSMERR_AC_DEVICE_FAILED,"CSSMERR_AC_DEVICE_FAILED"},
	{ CSSMERR_CSP_DEVICE_FAILED,"CSSMERR_CSP_DEVICE_FAILED"},
	{ CSSMERR_CL_DEVICE_FAILED,"CSSMERR_CL_DEVICE_FAILED"},
	{ CSSMERR_DL_DEVICE_FAILED,"CSSMERR_DL_DEVICE_FAILED"},
	{ CSSMERR_TP_DEVICE_FAILED,"CSSMERR_TP_DEVICE_FAILED"},
	{ CSSMERR_CSP_APPLE_ADD_APPLICATION_ACL_SUBJECT,"CSSMERR_CSP_APPLE_ADD_APPLICATION_ACL_SUBJECT"},
	{ CSSMERR_CSP_APPLE_PUBLIC_KEY_INCOMPLETE,"CSSMERR_CSP_APPLE_PUBLIC_KEY_INCOMPLETE"},
	{ CSSMERR_CSP_APPLE_SIGNATURE_MISMATCH,"CSSMERR_CSP_APPLE_SIGNATURE_MISMATCH"},
	{ CSSMERR_CSP_APPLE_INVALID_KEY_START_DATE,"CSSMERR_CSP_APPLE_INVALID_KEY_START_DATE"},
	{ CSSMERR_CSP_APPLE_INVALID_KEY_END_DATE,"CSSMERR_CSP_APPLE_INVALID_KEY_END_DATE"},
	{ CSSMERR_CSPDL_APPLE_DL_CONVERSION_ERROR,"CSSMERR_CSPDL_APPLE_DL_CONVERSION_ERROR"},
	{ CSSMERR_CSP_APPLE_SSLv2_ROLLBACK,"CSSMERR_CSP_APPLE_SSLv2_ROLLBACK"},
	{ CSSMERR_APPLEDL_INVALID_OPEN_PARAMETERS,"CSSMERR_APPLEDL_INVALID_OPEN_PARAMETERS"},
	{ CSSMERR_APPLEDL_DISK_FULL,"CSSMERR_APPLEDL_DISK_FULL"},
	{ CSSMERR_APPLEDL_QUOTA_EXCEEDED,"CSSMERR_APPLEDL_QUOTA_EXCEEDED"},
	{ CSSMERR_APPLEDL_FILE_TOO_BIG,"CSSMERR_APPLEDL_FILE_TOO_BIG"},
	{ CSSMERR_APPLEDL_INVALID_DATABASE_BLOB,"CSSMERR_APPLEDL_INVALID_DATABASE_BLOB"},
	{ CSSMERR_APPLEDL_INVALID_KEY_BLOB,"CSSMERR_APPLEDL_INVALID_KEY_BLOB"},
	{ CSSMERR_APPLEDL_INCOMPATIBLE_DATABASE_BLOB,"CSSMERR_APPLEDL_INCOMPATIBLE_DATABASE_BLOB"},
	{ CSSMERR_APPLEDL_INCOMPATIBLE_KEY_BLOB,"CSSMERR_APPLEDL_INCOMPATIBLE_KEY_BLOB"},
	{ CSSMERR_APPLETP_HOSTNAME_MISMATCH,"CSSMERR_APPLETP_HOSTNAME_MISMATCH"},
	{ CSSMERR_APPLETP_UNKNOWN_CRITICAL_EXTEN,"CSSMERR_APPLETP_UNKNOWN_CRITICAL_EXTEN"},
	{ CSSMERR_APPLETP_NO_BASIC_CONSTRAINTS,"CSSMERR_APPLETP_NO_BASIC_CONSTRAINTS"},
	{ CSSMERR_APPLETP_INVALID_CA,"CSSMERR_APPLETP_INVALID_CA"},
	{ CSSMERR_APPLETP_INVALID_AUTHORITY_ID,"CSSMERR_APPLETP_INVALID_AUTHORITY_ID"},
	{ CSSMERR_APPLETP_INVALID_SUBJECT_ID,"CSSMERR_APPLETP_INVALID_SUBJECT_ID"},
	{ CSSMERR_APPLETP_INVALID_KEY_USAGE,"CSSMERR_APPLETP_INVALID_KEY_USAGE"},
	{ CSSMERR_APPLETP_INVALID_EXTENDED_KEY_USAGE,"CSSMERR_APPLETP_INVALID_EXTENDED_KEY_USAGE"},
	{ CSSMERR_APPLETP_INVALID_ID_LINKAGE,"CSSMERR_APPLETP_INVALID_ID_LINKAGE"},
	{ CSSMERR_APPLETP_PATH_LEN_CONSTRAINT,"CSSMERR_APPLETP_PATH_LEN_CONSTRAINT"},
	{ CSSMERR_APPLETP_INVALID_ROOT,"CSSMERR_APPLETP_INVALID_ROOT"},
	{ CSSMERR_APPLETP_CRL_EXPIRED,"CSSMERR_APPLETP_CRL_EXPIRED"},
	{ CSSMERR_APPLETP_CRL_NOT_VALID_YET,"CSSMERR_APPLETP_CRL_NOT_VALID_YET"},
	{ CSSMERR_APPLETP_CRL_NOT_FOUND,"CSSMERR_APPLETP_CRL_NOT_FOUND"},
	{ CSSMERR_APPLETP_CRL_SERVER_DOWN,"CSSMERR_APPLETP_CRL_SERVER_DOWN"},
	{ CSSMERR_APPLETP_CRL_BAD_URI,"CSSMERR_APPLETP_CRL_BAD_URI"},
	{ CSSMERR_APPLETP_UNKNOWN_CERT_EXTEN,"CSSMERR_APPLETP_UNKNOWN_CERT_EXTEN"},
	{ CSSMERR_APPLETP_UNKNOWN_CRL_EXTEN,"CSSMERR_APPLETP_UNKNOWN_CRL_EXTEN"},
	{ CSSMERR_APPLETP_CRL_NOT_TRUSTED,"CSSMERR_APPLETP_CRL_NOT_TRUSTED"},
	{ CSSMERR_APPLETP_CRL_INVALID_ANCHOR_CERT,"CSSMERR_APPLETP_CRL_INVALID_ANCHOR_CERT"},
	{ CSSMERR_APPLETP_CRL_POLICY_FAIL,"CSSMERR_APPLETP_CRL_POLICY_FAIL"},
	{ CSSMERR_APPLETP_IDP_FAIL,"CSSMERR_APPLETP_IDP_FAIL"},
	{ CSSMERR_APPLETP_CERT_NOT_FOUND_FROM_ISSUER,"CSSMERR_APPLETP_CERT_NOT_FOUND_FROM_ISSUER"},
	{ CSSMERR_APPLETP_BAD_CERT_FROM_ISSUER,"CSSMERR_APPLETP_BAD_CERT_FROM_ISSUER"},
	{ CSSMERR_APPLETP_SMIME_EMAIL_ADDRS_NOT_FOUND,"CSSMERR_APPLETP_SMIME_EMAIL_ADDRS_NOT_FOUND"},
	{ CSSMERR_APPLETP_SMIME_BAD_EXT_KEY_USE,"CSSMERR_APPLETP_SMIME_BAD_EXT_KEY_USE"},
	{ CSSMERR_APPLETP_SMIME_BAD_KEY_USE,"CSSMERR_APPLETP_SMIME_BAD_KEY_USE"},
	{ CSSMERR_APPLETP_SMIME_KEYUSAGE_NOT_CRITICAL,"CSSMERR_APPLETP_SMIME_KEYUSAGE_NOT_CRITICAL"},
	{ CSSMERR_APPLETP_SMIME_NO_EMAIL_ADDRS,"CSSMERR_APPLETP_SMIME_NO_EMAIL_ADDRS"},
	{ CSSMERR_APPLETP_SMIME_SUBJ_ALT_NAME_NOT_CRIT,"CSSMERR_APPLETP_SMIME_SUBJ_ALT_NAME_NOT_CRIT"},
	{ CSSMERR_APPLETP_SSL_BAD_EXT_KEY_USE,"CSSMERR_APPLETP_SSL_BAD_EXT_KEY_USE"},
	{ CSSMERR_APPLETP_OCSP_BAD_RESPONSE,"CSSMERR_APPLETP_OCSP_BAD_RESPONSE"},
	{ CSSMERR_APPLETP_OCSP_BAD_REQUEST,"CSSMERR_APPLETP_OCSP_BAD_REQUEST"},
	{ CSSMERR_APPLETP_OCSP_UNAVAILABLE,"CSSMERR_APPLETP_OCSP_UNAVAILABLE"},
	{ CSSMERR_APPLETP_OCSP_STATUS_UNRECOGNIZED,"CSSMERR_APPLETP_OCSP_STATUS_UNRECOGNIZED"},
	{ CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK,"CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK"},
	{ CSSMERR_APPLETP_NETWORK_FAILURE,"CSSMERR_APPLETP_NETWORK_FAILURE"},
	{ CSSMERR_APPLETP_OCSP_NOT_TRUSTED,"CSSMERR_APPLETP_OCSP_NOT_TRUSTED"},
	{ CSSMERR_APPLETP_OCSP_INVALID_ANCHOR_CERT,"CSSMERR_APPLETP_OCSP_INVALID_ANCHOR_CERT"},
	{ CSSMERR_APPLETP_OCSP_SIG_ERROR,"CSSMERR_APPLETP_OCSP_SIG_ERROR"},
	{ CSSMERR_APPLETP_OCSP_NO_SIGNER,"CSSMERR_APPLETP_OCSP_NO_SIGNER"},
	{ CSSMERR_APPLETP_OCSP_RESP_MALFORMED_REQ,"CSSMERR_APPLETP_OCSP_RESP_MALFORMED_REQ"},
	{ CSSMERR_APPLETP_OCSP_RESP_INTERNAL_ERR,"CSSMERR_APPLETP_OCSP_RESP_INTERNAL_ERR"},
	{ CSSMERR_APPLETP_OCSP_RESP_TRY_LATER,"CSSMERR_APPLETP_OCSP_RESP_TRY_LATER"},
	{ CSSMERR_APPLETP_OCSP_RESP_SIG_REQUIRED,"CSSMERR_APPLETP_OCSP_RESP_SIG_REQUIRED"},
	{ CSSMERR_APPLETP_OCSP_RESP_UNAUTHORIZED,"CSSMERR_APPLETP_OCSP_RESP_UNAUTHORIZED"},
	{ CSSMERR_APPLETP_OCSP_NONCE_MISMATCH,"CSSMERR_APPLETP_OCSP_NONCE_MISMATCH"},
	{ CSSMERR_APPLETP_CS_BAD_CERT_CHAIN_LENGTH,"CSSMERR_APPLETP_CS_BAD_CERT_CHAIN_LENGTH"},
	{ CSSMERR_APPLETP_CS_NO_BASIC_CONSTRAINTS,"CSSMERR_APPLETP_CS_NO_BASIC_CONSTRAINTS"},
	{ CSSMERR_APPLETP_CS_BAD_PATH_LENGTH,"CSSMERR_APPLETP_CS_BAD_PATH_LENGTH"},
	{ CSSMERR_APPLETP_CS_NO_EXTENDED_KEY_USAGE,"CSSMERR_APPLETP_CS_NO_EXTENDED_KEY_USAGE"},
	{ CSSMERR_APPLETP_CODE_SIGN_DEVELOPMENT,"CSSMERR_APPLETP_CODE_SIGN_DEVELOPMENT"},
	{ CSSMERR_APPLETP_RS_BAD_CERT_CHAIN_LENGTH,"CSSMERR_APPLETP_RS_BAD_CERT_CHAIN_LENGTH"},
	{ CSSMERR_APPLETP_RS_BAD_EXTENDED_KEY_USAGE,"CSSMERR_APPLETP_RS_BAD_EXTENDED_KEY_USAGE"},
	{ CSSMERR_APPLETP_TRUST_SETTING_DENY,"CSSMERR_APPLETP_TRUST_SETTING_DENY"},
	{ CSSMERR_APPLETP_INVALID_EMPTY_SUBJECT,"CSSMERR_APPLETP_INVALID_EMPTY_SUBJECT"},
	{ CSSMERR_APPLETP_UNKNOWN_QUAL_CERT_STATEMENT,"CSSMERR_APPLETP_UNKNOWN_QUAL_CERT_STATEMENT"},
	{ CSSMERR_APPLE_DOTMAC_REQ_QUEUED,"CSSMERR_APPLE_DOTMAC_REQ_QUEUED"},
	{ CSSMERR_APPLE_DOTMAC_REQ_REDIRECT,"CSSMERR_APPLE_DOTMAC_REQ_REDIRECT"},
	{ CSSMERR_APPLE_DOTMAC_REQ_SERVER_ERR,"CSSMERR_APPLE_DOTMAC_REQ_SERVER_ERR"},
	{ CSSMERR_APPLE_DOTMAC_REQ_SERVER_PARAM,"CSSMERR_APPLE_DOTMAC_REQ_SERVER_PARAM"},
	{ CSSMERR_APPLE_DOTMAC_REQ_SERVER_AUTH,"CSSMERR_APPLE_DOTMAC_REQ_SERVER_AUTH"},
	{ CSSMERR_APPLE_DOTMAC_REQ_SERVER_UNIMPL,"CSSMERR_APPLE_DOTMAC_REQ_SERVER_UNIMPL"},
	{ CSSMERR_APPLE_DOTMAC_REQ_SERVER_NOT_AVAIL,"CSSMERR_APPLE_DOTMAC_REQ_SERVER_NOT_AVAIL"},
	{ CSSMERR_APPLE_DOTMAC_REQ_SERVER_ALREADY_EXIST,"CSSMERR_APPLE_DOTMAC_REQ_SERVER_ALREADY_EXIST"},
	{ CSSMERR_APPLE_DOTMAC_REQ_SERVER_SERVICE_ERROR,"CSSMERR_APPLE_DOTMAC_REQ_SERVER_SERVICE_ERROR"},
	{ CSSMERR_APPLE_DOTMAC_REQ_IS_PENDING,"CSSMERR_APPLE_DOTMAC_REQ_IS_PENDING"},
	{ CSSMERR_APPLE_DOTMAC_NO_REQ_PENDING,"CSSMERR_APPLE_DOTMAC_NO_REQ_PENDING"},
	{0, NULL}
};

Added LocalTests/utilLib/fileIo.c.

































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
#include <unistd.h>
#include <fcntl.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/stat.h>
#include "fileIo.h"

int cspWriteFile(
	const char			*fileName,
	const unsigned char	*bytes,
	unsigned			numBytes)
{
	int		rtn;
	int 	fd;
	
	fd = open(fileName, O_RDWR | O_CREAT | O_TRUNC, 0600);
	if(fd <= 0) {
		return errno;
	}
	rtn = lseek(fd, 0, SEEK_SET);
	if(rtn < 0) {
		return errno;
	}
	rtn = write(fd, bytes, (size_t)numBytes);
	if(rtn != (int)numBytes) {
		if(rtn >= 0) {
			printf("writeFile: short write\n");
		}
		rtn = EIO;
	}
	else {
		rtn = 0;
	}
	close(fd);
	return rtn;
}
	
/*
 * Read entire file. 
 */
int cspReadFile(
	const char		*fileName,
	unsigned char	**bytes,		// mallocd and returned
	unsigned		*numBytes)		// returned
{
	int ourRtn = 0;
	int fd;
	char *buf;
	char *thisBuf;
	struct stat	sb;
	unsigned size;
	size_t toMove;
	ssize_t thisMoved;
	int irtn;
	off_t lrtn = 0;
	
	*numBytes = 0;
	*bytes = NULL;
	fd = open(fileName, O_RDONLY, 0);
	if(fd <= 0) {
		perror("open");
		return errno;
	}
	irtn = fstat(fd, &sb);
	if(irtn) {
		ourRtn = errno;
		if(ourRtn == 0) {
			fprintf(stderr, "***Bogus zero error on fstat\n");
			ourRtn = -1;
		}
		else {
			perror("fstat");
		}
		goto errOut;
	}
	size = sb.st_size;
	buf = thisBuf = (char *)malloc(size);
	if(buf == NULL) {
		ourRtn = ENOMEM;
		goto errOut;
	}
	lrtn = lseek(fd, 0, SEEK_SET);
	if(lrtn < 0) {
		ourRtn = errno;
		if(ourRtn == 0) {
			fprintf(stderr, "***Bogus zero error on lseek\n");
			ourRtn = -1;
		}
		else {
			perror("lseek");
		}
		goto errOut;
	}
	toMove = size;
	
	/*
	 * On ppc this read ALWAYS returns the entire file. On i386, not so. 
	 */
	do {
		thisMoved = read(fd, thisBuf, toMove);
		if(thisMoved == 0) {
			/* reading empty file: done */
			break;
		}
		else if(thisMoved < 0) {
			ourRtn = errno;
			perror("read");
			break;
		}
		size_t uThisMoved = (size_t)thisMoved;
		if(uThisMoved != toMove) {
			fprintf(stderr, "===Short read: asked for %ld, got %lu\n", 
				toMove, uThisMoved);
		}
		toMove  -= thisMoved;
		thisBuf += thisMoved;
	} while(toMove);
	
	if(ourRtn == 0) {
		*bytes = (unsigned char *)buf;
		*numBytes = size;
	}
errOut:
	close(fd);
	return ourRtn;
}

Added LocalTests/utilLib/fileIo.h.









































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
/*
 * Read entire file. 
 */
#ifdef __cplusplus
extern "C" {
#endif

int cspReadFile(
	const char			*fileName,
	unsigned char		**bytes,		// mallocd and returned
	unsigned			*numBytes);		// returned

int cspWriteFile(
	const char			*fileName,
	const unsigned char	*bytes,
	unsigned			numBytes);

#ifdef __cplusplus
}
#endif

Added LocalTests/utilLib/nssAppUtils.cpp.





















































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
/*
 * Copyright (c) 2003 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please 
 * obtain a copy of the License at http://www.apple.com/publicsource and 
 * read it before using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 
 * Please see the License for the specific language governing rights and 
 * limitations under the License.
 */
/*
 * nssAppUtils.cpp
 */
 
#include "nssAppUtils.h"
#include "common.h"
#include "cspwrap.h"
#include <Security/SecAsn1Coder.h>
#include <Security/osKeyTemplates.h>	
#include <stdlib.h>
#include <stdio.h>
#include <strings.h>

/*
 * Create pubKeyPartial as copy of pubKey without the DSA params.
 * Returned partial key is RAW. Incoming key can be raw or ref.
 */
CSSM_RETURN extractDsaPartial(
	CSSM_CSP_HANDLE cspHand,
	const CSSM_KEY *pubKey, 
	CSSM_KEY_PTR pubKeyPartial)
{
	const CSSM_KEY *thePubKey = pubKey;
	CSSM_KEY rawPubKey;
	CSSM_RETURN crtn;
	
	if(pubKey->KeyHeader.BlobType == CSSM_KEYBLOB_REFERENCE) {
		/* first get this in raw form */
		crtn = cspRefKeyToRaw(cspHand, pubKey, &rawPubKey);
		if(crtn) {
			return crtn;
		}
		thePubKey = &rawPubKey;
	}
	
	/* decode raw public key */
	NSS_DSAPublicKeyX509 nssPub;
	SecAsn1CoderRef coder;
	
	OSStatus ortn = SecAsn1CoderCreate(&coder);
	if(ortn) {
		cssmPerror("SecAsn1CoderCreate", ortn);
		return ortn;
	}
	memset(&nssPub, 0, sizeof(nssPub));
	if(SecAsn1DecodeData(coder, &thePubKey->KeyData, kSecAsn1DSAPublicKeyX509Template,
			&nssPub)) {
		printf("***Error decoding DSA public key. Aborting.\n");
		return 1;
	}
	
	/* zero out the params and reencode */
	nssPub.dsaAlg.params = NULL;
	CSSM_DATA newKey = {0, NULL};
	if(SecAsn1EncodeItem(coder, &nssPub, kSecAsn1DSAPublicKeyX509Template,
			&newKey)) {
		printf("***Error reencoding DSA pub key\n");
		return 1;
	}
	
	/* copy - newKey is in coder space */
	*pubKeyPartial = *thePubKey;
	appCopyCssmData(&newKey, &pubKeyPartial->KeyData);

	if(pubKey->KeyHeader.BlobType == CSSM_KEYBLOB_REFERENCE) {
		/* free the KeyData mallocd by cspRefKeyToRaw */
		CSSM_FREE(thePubKey->KeyData.Data);
		pubKeyPartial->KeyHeader.BlobType = CSSM_KEYBLOB_RAW;
	}
	pubKeyPartial->KeyHeader.KeyAttr |= CSSM_KEYATTR_PARTIAL;
	SecAsn1CoderRelease(coder);
	return CSSM_OK;
}

Added LocalTests/utilLib/nssAppUtils.h.



















































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
/*
 * Copyright (c) 2003 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please 
 * obtain a copy of the License at http://www.apple.com/publicsource and 
 * read it before using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 
 * Please see the License for the specific language governing rights and 
 * limitations under the License.
 */
/*
 * nssAppUtils.h
 */
 
#ifndef	_NSS_APP_UTILS_H_
#define _NSS_APP_UTILS_H_

#include <Security/cssmtype.h>

#ifdef __cplusplus
extern "C" {
#endif

CSSM_RETURN extractDsaPartial(
	CSSM_CSP_HANDLE cspHand,
	const CSSM_KEY *pubKey, 
	CSSM_KEY_PTR pubKeyPartial);

#ifdef __cplusplus
}
#endif

#endif	/* _NSS_APP_UTILS_H_ */

Added LocalTests/utilLib/rijndael-alg-ref.c.











































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
/* rijndael-alg-ref.c   v2.0   August '99
 * Reference ANSI C code
 * authors: Paulo Barreto
 *          Vincent Rijmen
 */

#include <stdio.h>
#include <stdlib.h>

#include "rijndael-alg-ref.h"

#define SC	((BC - 4) >> 1)

#include "boxes-ref.h"

static const word8 shifts[3][4][2] = {
 { { 0, 0 },
   { 1, 3 },
   { 2, 2 },
   { 3, 1 }
 },
 { { 0, 0 },
   { 1, 5 },
   { 2, 4 },
   { 3, 3 }
 },
 { { 0, 0 },
   { 1, 7 },
   { 3, 5 },
   { 4, 4 }
 }
}; 


static word8 mul(word8 a, word8 b) {
   /* multiply two elements of GF(2^m)
    * needed for MixColumn and InvMixColumn
    */
	if (a && b) return Alogtable[(Logtable[a] + Logtable[b])%255];
	else return 0;
}

static void KeyAddition(word8 a[4][MAXBC], word8 rk[4][MAXBC], word8 BC) {
	/* Exor corresponding text input and round key input bytes
	 */
	int i, j;
	
	for(i = 0; i < 4; i++)
   		for(j = 0; j < BC; j++) a[i][j] ^= rk[i][j];
}

static void ShiftRow(word8 a[4][MAXBC], word8 d, word8 BC) {
	/* Row 0 remains unchanged
	 * The other three rows are shifted a variable amount
	 */
	word8 tmp[MAXBC];
	int i, j;
	
	for(i = 1; i < 4; i++) {
		for(j = 0; j < BC; j++) tmp[j] = a[i][(j + shifts[SC][i][d]) % BC];
		for(j = 0; j < BC; j++) a[i][j] = tmp[j];
	}
}

static void Substitution(word8 a[4][MAXBC], const word8 box[256], word8 BC) {
	/* Replace every byte of the input by the byte at that place
	 * in the nonlinear S-box
	 */
	int i, j;
	
	for(i = 0; i < 4; i++)
		for(j = 0; j < BC; j++) a[i][j] = box[a[i][j]] ;
}
   
static void MixColumn(word8 a[4][MAXBC], word8 BC) {
        /* Mix the four bytes of every column in a linear way
	 */
	word8 b[4][MAXBC];
	int i, j;
		
	for(j = 0; j < BC; j++)
		for(i = 0; i < 4; i++)
			b[i][j] = mul(2,a[i][j])
				^ mul(3,a[(i + 1) % 4][j])
				^ a[(i + 2) % 4][j]
				^ a[(i + 3) % 4][j];
	for(i = 0; i < 4; i++)
		for(j = 0; j < BC; j++) a[i][j] = b[i][j];
}

static void InvMixColumn(word8 a[4][MAXBC], word8 BC) {
        /* Mix the four bytes of every column in a linear way
	 * This is the opposite operation of Mixcolumn
	 */
	word8 b[4][MAXBC];
	int i, j;
	
	for(j = 0; j < BC; j++)
	for(i = 0; i < 4; i++)             
		b[i][j] = mul(0xe,a[i][j])
			^ mul(0xb,a[(i + 1) % 4][j])                 
			^ mul(0xd,a[(i + 2) % 4][j])
			^ mul(0x9,a[(i + 3) % 4][j]);                        
	for(i = 0; i < 4; i++)
		for(j = 0; j < BC; j++) a[i][j] = b[i][j];
}

int _rijndaelKeySched (word8 k[4][MAXKC], int keyBits, int blockBits, word8 W[MAXROUNDS+1][4][MAXBC]) {
	/* Calculate the necessary round keys
	 * The number of calculations depends on keyBits and blockBits
	 */
	int KC, BC, ROUNDS;
	int i, j, t, rconpointer = 0;
	word8 tk[4][MAXKC];   

	switch (keyBits) {
	case 128: KC = 4; break;
	case 192: KC = 6; break;
	case 256: KC = 8; break;
	default : return (-1);
	}

	switch (blockBits) {
	case 128: BC = 4; break;
	case 192: BC = 6; break;
	case 256: BC = 8; break;
	default : return (-2);
	}

	switch (keyBits >= blockBits ? keyBits : blockBits) {
	case 128: ROUNDS = 10; break;
	case 192: ROUNDS = 12; break;
	case 256: ROUNDS = 14; break;
	default : return (-3); /* this cannot happen */
	}

	
	for(j = 0; j < KC; j++)
		for(i = 0; i < 4; i++)
			tk[i][j] = k[i][j];
	t = 0;
	/* copy values into round key array */
	for(j = 0; (j < KC) && (t < (ROUNDS+1)*BC); j++, t++)
		for(i = 0; i < 4; i++) W[t / BC][i][t % BC] = tk[i][j];
		
	while (t < (ROUNDS+1)*BC) { /* while not enough round key material calculated */
		/* calculate new values */
		for(i = 0; i < 4; i++)
			tk[i][0] ^= S[tk[(i+1)%4][KC-1]];
		tk[0][0] ^= rcon[rconpointer++];

		if (KC != 8)
			for(j = 1; j < KC; j++)
				for(i = 0; i < 4; i++) tk[i][j] ^= tk[i][j-1];
		else {
			for(j = 1; j < KC/2; j++)
				for(i = 0; i < 4; i++) tk[i][j] ^= tk[i][j-1];
			for(i = 0; i < 4; i++) tk[i][KC/2] ^= S[tk[i][KC/2 - 1]];
			for(j = KC/2 + 1; j < KC; j++)
				for(i = 0; i < 4; i++) tk[i][j] ^= tk[i][j-1];
	}
	/* copy values into round key array */
	for(j = 0; (j < KC) && (t < (ROUNDS+1)*BC); j++, t++)
		for(i = 0; i < 4; i++) W[t / BC][i][t % BC] = tk[i][j];
	}		

	return 0;
}
      
int _rijndaelEncrypt (word8 a[4][MAXBC], int keyBits, int blockBits, word8 rk[MAXROUNDS+1][4][MAXBC])
{
	/* Encryption of one block. 
	 */
	int r, BC, ROUNDS;

	switch (blockBits) {
	case 128: BC = 4; break;
	case 192: BC = 6; break;
	case 256: BC = 8; break;
	default : return (-2);
	}

	switch (keyBits >= blockBits ? keyBits : blockBits) {
	case 128: ROUNDS = 10; break;
	case 192: ROUNDS = 12; break;
	case 256: ROUNDS = 14; break;
	default : return (-3); /* this cannot happen */
	}

	/* begin with a key addition
	 */
	KeyAddition(a,rk[0],BC); 

        /* ROUNDS-1 ordinary rounds
	 */
	for(r = 1; r < ROUNDS; r++) {
		Substitution(a,S,BC);
		ShiftRow(a,0,BC);
		MixColumn(a,BC);
		KeyAddition(a,rk[r],BC);
	}
	
	/* Last round is special: there is no MixColumn
	 */
	Substitution(a,S,BC);
	ShiftRow(a,0,BC);
	KeyAddition(a,rk[ROUNDS],BC);

	return 0;
}   


#ifndef	__APPLE__

int rijndaelEncryptRound (word8 a[4][MAXBC], int keyBits, int blockBits, 
		word8 rk[MAXROUNDS+1][4][MAXBC], int rounds)
/* Encrypt only a certain number of rounds.
 * Only used in the Intermediate Value Known Answer Test.
 */
{
	int r, BC, ROUNDS;

	switch (blockBits) {
	case 128: BC = 4; break;
	case 192: BC = 6; break;
	case 256: BC = 8; break;
	default : return (-2);
	}

	switch (keyBits >= blockBits ? keyBits : blockBits) {
	case 128: ROUNDS = 10; break;
	case 192: ROUNDS = 12; break;
	case 256: ROUNDS = 14; break;
	default : return (-3); /* this cannot happen */
	}

	/* make number of rounds sane */
	if (rounds > ROUNDS) rounds = ROUNDS;

	/* begin with a key addition
	 */
	KeyAddition(a,rk[0],BC);
        
	/* at most ROUNDS-1 ordinary rounds
	 */
	for(r = 1; (r <= rounds) && (r < ROUNDS); r++) {
		Substitution(a,S,BC);
		ShiftRow(a,0,BC);
		MixColumn(a,BC);
		KeyAddition(a,rk[r],BC);
	}
	
	/* if necessary, do the last, special, round: 
	 */
	if (rounds == ROUNDS) {
		Substitution(a,S,BC);
		ShiftRow(a,0,BC);
		KeyAddition(a,rk[ROUNDS],BC);
	}

	return 0;
}   
#endif	/* __APPLE__ */

int _rijndaelDecrypt (word8 a[4][MAXBC], int keyBits, int blockBits, word8 rk[MAXROUNDS+1][4][MAXBC])
{
	int r, BC, ROUNDS;
	
	switch (blockBits) {
	case 128: BC = 4; break;
	case 192: BC = 6; break;
	case 256: BC = 8; break;
	default : return (-2);
	}

	switch (keyBits >= blockBits ? keyBits : blockBits) {
	case 128: ROUNDS = 10; break;
	case 192: ROUNDS = 12; break;
	case 256: ROUNDS = 14; break;
	default : return (-3); /* this cannot happen */
	}

	/* To decrypt: apply the inverse operations of the encrypt routine,
	 *             in opposite order
	 * 
	 * (KeyAddition is an involution: it 's equal to its inverse)
	 * (the inverse of Substitution with table S is Substitution with the inverse table of S)
	 * (the inverse of Shiftrow is Shiftrow over a suitable distance)
	 */

        /* First the special round:
	 *   without InvMixColumn
	 *   with extra KeyAddition
	 */
	KeyAddition(a,rk[ROUNDS],BC);
	Substitution(a,Si,BC);
	ShiftRow(a,1,BC);              
	
	/* ROUNDS-1 ordinary rounds
	 */
	for(r = ROUNDS-1; r > 0; r--) {
		KeyAddition(a,rk[r],BC);
		InvMixColumn(a,BC);      
		Substitution(a,Si,BC);
		ShiftRow(a,1,BC);                
	}
	
	/* End with the extra key addition
	 */
	
	KeyAddition(a,rk[0],BC);    

	return 0;
}

#ifndef	__APPLE__

int rijndaelDecryptRound (word8 a[4][MAXBC], int keyBits, int blockBits, 
	word8 rk[MAXROUNDS+1][4][MAXBC], int rounds)
/* Decrypt only a certain number of rounds.
 * Only used in the Intermediate Value Known Answer Test.
 * Operations rearranged such that the intermediate values
 * of decryption correspond with the intermediate values
 * of encryption.
 */
{
	int r, BC, ROUNDS;
	
	switch (blockBits) {
	case 128: BC = 4; break;
	case 192: BC = 6; break;
	case 256: BC = 8; break;
	default : return (-2);
	}

	switch (keyBits >= blockBits ? keyBits : blockBits) {
	case 128: ROUNDS = 10; break;
	case 192: ROUNDS = 12; break;
	case 256: ROUNDS = 14; break;
	default : return (-3); /* this cannot happen */
	}


	/* make number of rounds sane */
	if (rounds > ROUNDS) rounds = ROUNDS;

        /* First the special round:
	 *   without InvMixColumn
	 *   with extra KeyAddition
	 */
	KeyAddition(a,rk[ROUNDS],BC);
	Substitution(a,Si,BC);
	ShiftRow(a,1,BC);              
	
	/* ROUNDS-1 ordinary rounds
	 */
	for(r = ROUNDS-1; r > rounds; r--) {
		KeyAddition(a,rk[r],BC);
		InvMixColumn(a,BC);      
		Substitution(a,Si,BC);
		ShiftRow(a,1,BC);                
	}
	
	if (rounds == 0) {
		/* End with the extra key addition
		 */	
		KeyAddition(a,rk[0],BC);
	}    

	return 0;
}

#endif	/* __APPLE__ */

Added LocalTests/utilLib/rijndael-alg-ref.h.











































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
/* rijndael-alg-ref.h   v2.0   August '99
 * Reference ANSI C code
 * authors: Paulo Barreto
 *          Vincent Rijmen
 */
#ifndef __RIJNDAEL_ALG_H
#define __RIJNDAEL_ALG_H

#ifdef	__APPLE__
#define MIN_AES_KEY_BITS		128
#define MID_AES_KEY_BITS		192
#define MAX_AES_KEY_BITS		256
#define MAX_AES_KEY_BYTES		(MAX_AES_KEY_BITS / 8)

#define MIN_AES_BLOCK_BITS		128
#define MID_AES_BLOCK_BITS		192
#define MAX_AES_BLOCK_BITS		256
#define MIN_AES_BLOCK_BYTES		(MIN_AES_BLOCK_BITS / 8)

#endif
#define MAXBC				(MAX_AES_BLOCK_BITS/32)
#define MAXKC				(MAX_AES_KEY_BITS/32)
#define MAXROUNDS			14

#ifdef	__cplusplus
extern "C" {
#endif

typedef unsigned char		word8;	
typedef unsigned short		word16;	
typedef unsigned long		word32;


int _rijndaelKeySched (word8 k[4][MAXKC], int keyBits, int blockBits, 
		word8 rk[MAXROUNDS+1][4][MAXBC]);
int _rijndaelEncrypt (word8 a[4][MAXBC], int keyBits, int blockBits, 
		word8 rk[MAXROUNDS+1][4][MAXBC]);
#ifndef	__APPLE__
int rijndaelEncryptRound (word8 a[4][MAXBC], int keyBits, int blockBits, 
		word8 rk[MAXROUNDS+1][4][MAXBC], int rounds);
#endif
int _rijndaelDecrypt (word8 a[4][MAXBC], int keyBits, int blockBits, 
		word8 rk[MAXROUNDS+1][4][MAXBC]);
#ifndef	__APPLE__
int rijndaelDecryptRound (word8 a[4][MAXBC], int keyBits, int blockBits, 
		word8 rk[MAXROUNDS+1][4][MAXBC], int rounds);
#endif

#ifdef	__cplusplus
}
#endif

#endif /* __RIJNDAEL_ALG_H */

Added LocalTests/utilLib/rijndaelApi.c.











































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
/* 
 * rijndaelApi.c  -  AES API layer
 *
 * Based on rijndael-api-ref.h v2.0 written by Paulo Barreto
 * and Vincent Rijmen
 */
#include <stdlib.h>
#include <string.h>

#include "rijndael-alg-ref.h"
#include "rijndaelApi.h"

#define CBC_DEBUG		0
#if 	CBC_DEBUG
static void dumpChainBuf(cipherInstance *cipher, char *op)
{
	int t,j;
	int columns = cipher->blockLen / 32;

	printf("chainBuf %s: ", op);
	for (j = 0; j < columns; j++) {
		for(t = 0; t < 4; t++) {
			printf("%02x ", cipher->chainBlock[t][j]);
		}
	}
	printf("\n");
}
#else
#define dumpChainBuf(c, o)
#endif

int _makeKey(	keyInstance *key, 
	BYTE direction, 
	int keyLen, 		// in BITS
	int blockLen,		// in BITS
	BYTE *keyMaterial)
{
	word8 k[4][MAXKC];
	unsigned keyBytes;
	unsigned  i;

	if (key == NULL) {
		return BAD_KEY_INSTANCE;
	}
	if(keyMaterial == NULL) {
		return BAD_KEY_MAT;
	}
	if ((direction == DIR_ENCRYPT) || (direction == DIR_DECRYPT)) {
		key->direction = direction;
	} else {
		return BAD_KEY_DIR;
	}

	if ((keyLen == 128) || (keyLen == 192) || (keyLen == 256)) { 
		key->keyLen = keyLen;
	} else {
		return BAD_KEY_MAT;
	}
	key->blockLen = blockLen;

	/* initialize key schedule: */ 
	keyBytes = keyLen / 8;
 	for(i = 0; i < keyBytes; i++) {
		k[i % 4][i / 4] = keyMaterial[i]; 
	}	
	_rijndaelKeySched (k, key->keyLen, key->blockLen, key->keySched);	
	memset(k, 0, 4 * MAXKC);
	return TRUE;
}

int _cipherInit(	cipherInstance *cipher, 
	BYTE mode, 
	int blockLen,		// in BITS
	BYTE *IV)
{
	int t, j;
	int columns = blockLen / 32;
	
	/* MODE_CFB1 not supported */
	if ((mode == MODE_ECB) || (mode == MODE_CBC)) {
		cipher->mode = mode;
	} else {
		return BAD_CIPHER_MODE;
	}
	cipher->blockLen = blockLen;
	
	if (IV != NULL) {
		/* Save IV in rectangular block format */
		for (j = 0; j < columns; j++) {
			for(t = 0; t < 4; t++) {
				/* parse initial value into rectangular array */
				cipher->chainBlock[t][j] = IV[t+4*j];
			}
		}
	}
	dumpChainBuf(cipher, "init  ");	
	return TRUE;
}


int _blockEncrypt(cipherInstance *cipher,
	keyInstance *key, BYTE *input, int inputLen, BYTE *outBuffer)
{
	int i, j, t, numBlocks;
	unsigned blockSizeBytes;
	int columns;
	
	/* check parameter consistency: */
	if (key == NULL ||
		key->direction != DIR_ENCRYPT ||
		(key->keyLen != 128 && key->keyLen != 192 && key->keyLen != 256)) {
		return BAD_KEY_MAT;
	}
	if (cipher == NULL ||
		(cipher->mode != MODE_ECB && cipher->mode != MODE_CBC) ||
		(cipher->blockLen != 128 && cipher->blockLen != 192 && cipher->blockLen != 256)) {
			return BAD_CIPHER_STATE;
	}

	numBlocks = inputLen/cipher->blockLen;
	blockSizeBytes = cipher->blockLen / 8;
	columns = cipher->blockLen / 32;
	
	switch (cipher->mode) {
	case MODE_ECB: 
		for (i = 0; i < numBlocks; i++) {
			for (j = 0; j < columns; j++) {
				for(t = 0; t < 4; t++)
				/* parse input stream into rectangular array */
					cipher->chainBlock[t][j] = input[4*j+t];
			}
			_rijndaelEncrypt (cipher->chainBlock, key->keyLen, cipher->blockLen, key->keySched);
			for (j = 0; j < columns; j++) {
				/* parse rectangular array into output ciphertext bytes */
				for(t = 0; t < 4; t++)
					outBuffer[4*j+t] = (BYTE) cipher->chainBlock[t][j];
			}
			input += blockSizeBytes;
			outBuffer += blockSizeBytes;
			dumpChainBuf(cipher, "encr ECB");
		}
		break;
		
	case MODE_CBC:
		for (i = 0; i < numBlocks; i++) {
			for (j = 0; j < columns; j++) {
				for(t = 0; t < 4; t++)
				/* parse input stream into rectangular array and exor with 
				   IV or the previous ciphertext */
					cipher->chainBlock[t][j] ^= input[4*j+t];
			}
			_rijndaelEncrypt (cipher->chainBlock, key->keyLen, cipher->blockLen, key->keySched);
			for (j = 0; j < columns; j++) {
				/* parse rectangular array into output ciphertext bytes */
				for(t = 0; t < 4; t++)
					outBuffer[4*j+t] = (BYTE) cipher->chainBlock[t][j];
			}
			/* Hey! This code was broken for multi-block ops! */
			input += blockSizeBytes;
			outBuffer += blockSizeBytes;
			dumpChainBuf(cipher, "encr CBC");
		}
		break;
	
	default: return BAD_CIPHER_STATE;
	}
	
	return numBlocks*cipher->blockLen;
}

int _blockDecrypt(cipherInstance *cipher,
	keyInstance *key, BYTE *input, int inputLen, BYTE *outBuffer)
{
	int i, j, t, numBlocks;
	word8 block[4][MAXBC];		// working memory: encrypt/decrypt in place here
	unsigned blockSizeBytes;
	word8 cblock[4][MAXBC];		// saved ciphertext
	int columns;

	if (cipher == NULL ||
		key == NULL ||
		key->direction == DIR_ENCRYPT ||
		cipher->blockLen != key->blockLen) {
		return BAD_CIPHER_STATE;
	}

	/* check parameter consistency: */
	if (key == NULL ||
		key->direction != DIR_DECRYPT ||
		(key->keyLen != 128 && key->keyLen != 192 && key->keyLen != 256)) {
		return BAD_KEY_MAT;
	}
	if (cipher == NULL ||
		(cipher->mode != MODE_ECB && cipher->mode != MODE_CBC) ||
		(cipher->blockLen != 128 && cipher->blockLen != 192 && cipher->blockLen != 256)) {
		return BAD_CIPHER_STATE;
	}
	
	numBlocks = inputLen/cipher->blockLen;
	blockSizeBytes = cipher->blockLen / 8;
	columns = cipher->blockLen / 32;
	
	switch (cipher->mode) {
	case MODE_ECB: 
		for (i = 0; i < numBlocks; i++) {
			for (j = 0; j < columns; j++) {
				for(t = 0; t < 4; t++)
				/* parse input stream into rectangular array */
					block[t][j] = input[4*j+t];
			}
			_rijndaelDecrypt (block, key->keyLen, cipher->blockLen, key->keySched);
			for (j = 0; j < columns; j++) {
				/* parse rectangular array into output ciphertext bytes */
				for(t = 0; t < 4; t++)
					outBuffer[4*j+t] = (BYTE) block[t][j];
			}
			input += blockSizeBytes;
			outBuffer += blockSizeBytes;
			dumpChainBuf(cipher, "decr ECB");
		}
		break;
		
	case MODE_CBC:
		for (i = 0; i < numBlocks; i++) {
			for (j = 0; j < columns; j++) {
				for(t = 0; t < 4; t++)
				/* parse input stream into rectangular array */
					block[t][j] = input[4*j+t];
			}
			
			/* save a copoy of incoming ciphertext for later chain; decrypt */
			memmove(cblock, block, 4*MAXBC);
			_rijndaelDecrypt (block, key->keyLen, cipher->blockLen, key->keySched);
			
			/* 
			 * exor with last ciphertext --> plaintext out
			 * save this ciphertext in lastBlock
			 * FIXME - we can optimize this by avoiding the copy into 
			 * lastBlock on all but last time thru...
			 */
			for (j = 0; j < columns; j++) {
				for(t = 0; t < 4; t++) {
					outBuffer[4*j+t] = (block[t][j] ^ cipher->chainBlock[t][j]);
				}
			}
			memmove(cipher->chainBlock, cblock, 4 * MAXBC);
			input += blockSizeBytes;
			outBuffer += blockSizeBytes;
			dumpChainBuf(cipher, "decr CBC");
		}
		break;
	
	default: return BAD_CIPHER_STATE;
	}
	memset(block, 0, 4 * MAXBC);
	memset(cblock, 0, 4 * MAXBC);
	return numBlocks*cipher->blockLen;
}

/*
 * Apple addenda 3/28/2001: simplified single-block encrypt/decrypt.
 * Used when chaining and padding is done in elsewhere. 
 */
#define AES_CONSISTENCY_CHECK		1

int _rijndaelBlockEncrypt(
	cipherInstance *cipher,
	keyInstance *key, 
	BYTE *input, 
	BYTE *outBuffer)
{
	int j, t;
	unsigned blockSizeBytes;
	int columns;
	
	#if		AES_CONSISTENCY_CHECK
	/* check parameter consistency: */
	if (key == NULL ||
		key->direction != DIR_ENCRYPT ||
		(key->keyLen != 128 && key->keyLen != 192 && key->keyLen != 256)) {
		return BAD_KEY_MAT;
	}
	if (cipher == NULL ||
		(cipher->mode != MODE_ECB && cipher->mode != MODE_CBC) ||
		(cipher->blockLen != 128 && cipher->blockLen != 192 && cipher->blockLen != 256)) {
			return BAD_CIPHER_STATE;
	}
	#endif	/* AES_CONSISTENCY_CHECK */
	
	blockSizeBytes = cipher->blockLen >> 3;	/* was / 8; should just save in cipher */
	columns = cipher->blockLen >> 5;		/* was / 32; ditto */
	
	for (j = 0; j < columns; j++) {
		for(t = 0; t < 4; t++)
		/* parse input stream into rectangular array */
			cipher->chainBlock[t][j] = input[4*j+t];
	}
	_rijndaelEncrypt (cipher->chainBlock, key->keyLen, cipher->blockLen, 
		key->keySched);
	for (j = 0; j < columns; j++) {
		/* parse rectangular array into output ciphertext bytes */
		for(t = 0; t < 4; t++)
			outBuffer[4*j+t] = (BYTE) cipher->chainBlock[t][j];
	}
	return cipher->blockLen;
}

int _rijndaelBlockDecrypt(
	cipherInstance *cipher,
	keyInstance *key, 
	BYTE *input, 
	BYTE *outBuffer)
{
	int j, t;
	word8 block[4][MAXBC];		// working memory: encrypt/decrypt in place here
	unsigned blockSizeBytes;
	int columns;

	#if		AES_CONSISTENCY_CHECK
	if (cipher == NULL ||
		key == NULL ||
		key->direction == DIR_ENCRYPT ||
		cipher->blockLen != key->blockLen) {
		return BAD_CIPHER_STATE;
	}

	/* check parameter consistency: */
	if (key == NULL ||
		key->direction != DIR_DECRYPT ||
		(key->keyLen != 128 && key->keyLen != 192 && key->keyLen != 256)) {
		return BAD_KEY_MAT;
	}
	if (cipher == NULL ||
		(cipher->mode != MODE_ECB && cipher->mode != MODE_CBC) ||
		(cipher->blockLen != 128 && cipher->blockLen != 192 && cipher->blockLen != 256)) {
		return BAD_CIPHER_STATE;
	}
	#endif		/* AES_CONSISTENCY_CHECK */
	
	blockSizeBytes = cipher->blockLen >> 3;	/* was / 8; should just save in cipher */
	columns = cipher->blockLen >> 5;		/* was / 32; ditto */
	
	for (j = 0; j < columns; j++) {
		for(t = 0; t < 4; t++)
		/* parse input stream into rectangular array */
			block[t][j] = input[4*j+t];
	}
	_rijndaelDecrypt (block, key->keyLen, cipher->blockLen, key->keySched);
	for (j = 0; j < columns; j++) {
		/* parse rectangular array into output ciphertext bytes */
		for(t = 0; t < 4; t++)
			outBuffer[4*j+t] = (BYTE) block[t][j];
	}
			
	return cipher->blockLen;
}

Added LocalTests/utilLib/rijndaelApi.h.

























































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
/* 
 * rijndaelApi.h  -  AES API layer
 *
 * Based on rijndael-api-ref.h v2.0 written by Paulo Barreto
 * and Vincent Rijmen
 */

#ifndef	_RIJNDAEL_API_REF_H_
#define _RIJNDAEL_API_REF_H_

#include <stdio.h>
#include "rijndael-alg-ref.h"

#ifdef	__cplusplus
extern "C" {
#endif

#define     DIR_ENCRYPT     0    /*  Are we encrpyting?  */
#define     DIR_DECRYPT     1    /*  Are we decrpyting?  */
#define     MODE_ECB        1    /*  Are we ciphering in ECB mode?   */
#define     MODE_CBC        2    /*  Are we ciphering in CBC mode?   */

#define     TRUE            1
#define     FALSE           0

/*  Error Codes  */
#define     BAD_KEY_DIR        -1  /*  Key direction is invalid, e.g.,
									   unknown value */
#define     BAD_KEY_MAT        -2  /*  Key material not of correct 
									   length */
#define     BAD_KEY_INSTANCE   -3  /*  Key passed is not valid  */
#define     BAD_CIPHER_MODE    -4  /*  Params struct passed to 
									   cipherInit invalid */
#define     BAD_CIPHER_STATE   -5  /*  Cipher in wrong state (e.g., not 
									   initialized) */
#define     BAD_CIPHER_INSTANCE   -7 

#define     MAX_AES_KEY_SIZE	(MAX_AES_KEY_BITS / 8)
#define 	MAX_AES_BLOCK_SIZE	(MAX_AES_BLOCK_BITS / 8)
#define     MAX_AES_IV_SIZE		MAX_AES_BLOCK_SIZE
	
typedef    unsigned char    BYTE;

/*  The structure for key information */
typedef struct {
      BYTE  direction;	/* Key used for encrypting or decrypting? */
      int   keyLen;		/* Length of the key in bits */
      int   blockLen;   /* Length of block in bits */
      word8 keySched[MAXROUNDS+1][4][MAXBC];	/* key schedule		*/
      } keyInstance;

/*  The structure for cipher information */
typedef struct {
      BYTE  mode;           /* MODE_ECB, MODE_CBC, or MODE_CFB1 */
	  word8 chainBlock[4][MAXBC];      
	  int   blockLen;    	/* block length in bits */
      } cipherInstance;


int _makeKey(
	keyInstance *key, 
	BYTE direction, 
	int keyLen, 		// in BITS
	int blockLen,		// in BITS
	BYTE *keyMaterial);

int _cipherInit(
	cipherInstance *cipher, 
	BYTE mode, 
	int blockLen,		// in BITS
	BYTE *IV);

int _blockEncrypt(
	cipherInstance *cipher, 
	keyInstance *key, 
	BYTE *input, 
	int inputLen, 		// in BITS
	BYTE *outBuffer);

int _blockDecrypt(
	cipherInstance *cipher, 
	keyInstance *key, 
	BYTE *input,
	int inputLen, 		// in BITS
	BYTE *outBuffer);

/*
 * Apple addenda 3/28/2001: simplified single-block encrypt/decrypt.
 * Used when chaining and padding is done in elsewhere. 
 */
int _rijndaelBlockEncrypt(
	cipherInstance *cipher,
	keyInstance *key, 
	BYTE *input, 
	BYTE *outBuffer);
int _rijndaelBlockDecrypt(
	cipherInstance *cipher,
	keyInstance *key, 
	BYTE *input, 
	BYTE *outBuffer);
	
#ifdef	__cplusplus
}
#endif	// cplusplus

#endif	// RIJNDAEL_API_REF


Added LocalTests/utilLib/ssleayUtils.cpp.





















































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
/*
 * ssleayUtils.c - common routines for CDSA/openssl compatibility testing
 */
 
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <openssl/blowfish.h>
#include <openssl/cast.h>
#include <openssl/evp.h>
#include "ssleayUtils.h"
#include <Security/cssmerr.h>
#include "common.h"

/*
 * Caller sees EAY_KEY, we see a pointer to this.
 */
typedef struct {
	CSSM_ALGORITHMS alg;
	union {
		BF_KEY				bf;		// blowfish
		CAST_KEY			cast;
	} key;
} EayKeyPriv;

/*
 * Create a symmetric key.
 */
CSSM_RETURN  eayGenSymKey(
	CSSM_ALGORITHMS alg,
	CSSM_BOOL		forEncr,
	const CSSM_DATA	*keyData,
	EAY_KEY			*key)			// RETURNED
{
	EayKeyPriv *ekp = (EayKeyPriv *)malloc(sizeof(EayKeyPriv));
	memset(ekp, 0, sizeof(*ekp));
	switch(alg) {
		case CSSM_ALGID_BLOWFISH:
			BF_set_key(&ekp->key.bf, keyData->Length, keyData->Data);
			break;
		case CSSM_ALGID_CAST:		// cast128 only
			CAST_set_key(&ekp->key.cast, keyData->Length, keyData->Data);
			break;
		default:
			printf("***eayGenSymKey: bad alg\n");
			return -1;
	}
	ekp->alg = alg;
	*key = (EAY_KEY)ekp;
	return CSSM_OK;
}

/*
 * Free a key created in eayGenSymKey
 */
CSSM_RETURN eayFreeKey(
	EAY_KEY			key)
{
	memset(key, 0, sizeof(EayKeyPriv));
	free(key);
	return CSSM_OK;
}

/*
 * encrypt/decrypt
 */
CSSM_RETURN eayEncryptDecrypt(
	EAY_KEY				key,
	CSSM_BOOL			forEncrypt,
	CSSM_ALGORITHMS		encrAlg,
	CSSM_ENCRYPT_MODE	mode,				// CSSM_ALGMODE_CBC ONLY!
	const CSSM_DATA		*iv,				//Êoptional per mode
	const CSSM_DATA		*inData,
	CSSM_DATA_PTR		outData)			// CSSM_MALLOCd and RETURNED
{
	EayKeyPriv *ekp = (EayKeyPriv *)key;
	if((mode != CSSM_ALGMODE_CBC_IV8) && (mode != CSSM_ALGMODE_ECB)) {
		printf("***eayEncryptDecrypt only does CBC_IV8, ECB\n");
		return -1;
	}
	
	bool cbc = (mode == CSSM_ALGMODE_ECB) ? false : true;
	
	outData->Data = (uint8 *)CSSM_MALLOC(inData->Length);
	outData->Length = inData->Length;
	
	/* BF_cbc_encrypt actually writes to IV */
	CSSM_DATA ivc = {0, NULL};
	if(cbc) {
		ivc.Data = (uint8 *)malloc(iv->Length);
		ivc.Length = iv->Length;
		memmove(ivc.Data, iv->Data, ivc.Length);
	}
	switch(encrAlg) {
		case CSSM_ALGID_BLOWFISH:
			if(cbc) {
				BF_cbc_encrypt(inData->Data,
					outData->Data,
					inData->Length,
					&ekp->key.bf,
					ivc.Data,
					forEncrypt ? BF_ENCRYPT : BF_DECRYPT);
			}
			else {
				CSSM_DATA intext = *inData;
				CSSM_DATA outtext = *outData;
				while(intext.Length) {
					BF_ecb_encrypt(intext.Data,
						outtext.Data,
						&ekp->key.bf,
						forEncrypt ? BF_ENCRYPT : BF_DECRYPT);
					intext.Data   += 8;
					outtext.Data  += 8;
					intext.Length -= 8;
				}
			}
			break;
		case CSSM_ALGID_CAST:		// cast128 only
			CAST_cbc_encrypt(inData->Data,
				outData->Data,
				inData->Length,
				&ekp->key.cast,
				ivc.Data,
				forEncrypt ? CAST_ENCRYPT : CAST_DECRYPT);
			break;
		default:
			printf("***eayEncryptDecrypt: bad alg\n");
			return -1;
	}
	if(ivc.Data) {
		free(ivc.Data);
	}
	return CSSM_OK;
}

/*** EVP-based encrypt/decrypt ***/

int evpEncryptDecrypt(
	CSSM_ALGORITHMS		alg,				// AES 128 only for now 
	CSSM_BOOL			forEncr,
	const CSSM_DATA		*keyData,			// may be larger than the key size we use
	unsigned			keyLengthInBits,
	CSSM_ENCRYPT_MODE	mode,				// CSSM_ALGMODE_CBC_IV8, ECB, always padding
	const CSSM_DATA		*iv,				// optional per mode
	const CSSM_DATA		*inData,
	CSSM_DATA_PTR		outData)			// CSSM_MALLOCd and RETURNED
{
	EVP_CIPHER_CTX ctx;
	const EVP_CIPHER *cipher;
	unsigned blockSize;
	unsigned outLen = inData->Length;
	bool noPad = false;
	
	switch(alg) {
		case CSSM_ALGID_AES:
			switch(mode) {
				case CSSM_ALGMODE_CBCPadIV8:
					switch(keyLengthInBits) {
						case 128:
							cipher = EVP_aes_128_cbc();
							break;
						case 192:
							cipher = EVP_aes_192_cbc();
							break;
						case 256:
							cipher = EVP_aes_256_cbc();
							break;
						default:
							printf("***Bad AES key length (%u)\n", keyLengthInBits);
							return -1;
					}
					break;
				case CSSM_ALGMODE_ECB:
					switch(keyLengthInBits) {
						case 128:
							cipher = EVP_aes_128_ecb();
							break;
						case 192:
							cipher = EVP_aes_192_ecb();
							break;
						case 256:
							cipher = EVP_aes_256_ecb();
							break;
						default:
							printf("***Bad AES key length (%u)\n", keyLengthInBits);
							return -1;
					}
					noPad = true;
					break;
				default:
					printf("***evpEncryptDecrypt only does CBC and ECB for now\n");
					return -1;
			}
			blockSize = 16;
			break;
		case CSSM_ALGID_DES:
			switch(mode) {
				case CSSM_ALGMODE_CBCPadIV8:
					cipher = EVP_des_cbc();
					break;
				case CSSM_ALGMODE_ECB:
					cipher = EVP_des_ecb();
					noPad = true;
					break;
				default:
					printf("***evpEncryptDecrypt only does CBC and ECB for now\n");
					return -1;
			}
			blockSize = 8;
			break;
		default:
			printf("***evpEncryptDecrypt only does DES and AES 128 for now\n");
			return -1;
	}
	outLen += blockSize;
	unsigned char *outp = (uint8 *)CSSM_MALLOC(outLen);
	int outl = outLen;
	outData->Data = outp;
	
	if(forEncr) {
		int rtn = EVP_EncryptInit(&ctx, cipher, keyData->Data, iv ? iv->Data : NULL);
		if(!rtn) {
			printf("EVP_EncryptInit error\n");
			return -1;
		}
		if(noPad) {
			EVP_CIPHER_CTX_set_padding(&ctx, 0);
		}
		if(!EVP_EncryptUpdate(&ctx, outp, &outl, inData->Data, inData->Length)) {
			printf("EVP_EncryptUpdate error\n");
			return -1;
		}
	}
	else {
		int rtn = EVP_DecryptInit(&ctx, cipher, keyData->Data, iv ? iv->Data : NULL);
		if(!rtn) {
			printf("EVP_DecryptInit error\n");
			return -1;
		}
		if(noPad) {
			EVP_CIPHER_CTX_set_padding(&ctx, 0);
		}
		
		if(!EVP_DecryptUpdate(&ctx, outp, &outl, inData->Data, inData->Length)) {
			printf("EVP_DecryptUpdate error\n");
			return -1;
		}
	}
	outData->Length = outl;
	outp += outl;
	outl = outLen - outl;
	if(forEncr) {
		if(!EVP_EncryptFinal(&ctx, outp, &outl)) {
			printf("EVP_EncryptFinal error\n");
			return -1;
		}
	}
	else {
		if(!EVP_DecryptFinal(&ctx, outp, &outl)) {
			printf("EVP_DecryptFinal error\n");
			return -1;
		}
	}
	outData->Length += outl;
	return 0;
}

Added LocalTests/utilLib/ssleayUtils.h.













































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
/*
 * ssleayUtils.h - common routines for CDSA/openssl compatibility testing
 */

/*
 * Clients of this module do not need to know about or see anything from the 
 * libcrypt headers. 
 */
#ifndef	_SSLEAY_UTILS_H_
#define _SSLEAY_UTILS_H_
#include <Security/cssmtype.h>

typedef void *EAY_KEY;

/*
 * Create a symmetric key.
 */
CSSM_RETURN  eayGenSymKey(
	CSSM_ALGORITHMS alg,
	CSSM_BOOL		forEncr,
	const CSSM_DATA	*keyData,
	EAY_KEY			*key);			// RETURNED

/*
 * Free a key created in eayGenSymKey
 */
CSSM_RETURN eayFreeKey(
	EAY_KEY			key);

/*
 * encrypt/decrypt
 */
CSSM_RETURN eayEncryptDecrypt(
	EAY_KEY				key,
	CSSM_BOOL			forEncrypt,
	CSSM_ALGORITHMS		encrAlg,
	CSSM_ENCRYPT_MODE	mode,				// CSSM_ALGMODE_CBC ONLY!
	const CSSM_DATA		*iv,				//Êoptional per mode
	const CSSM_DATA		*inData,
	CSSM_DATA_PTR		outData);			// mallocd and RETURNED

/*** EVP-based encrypt/decrypt ***/

int evpEncryptDecrypt(
	CSSM_ALGORITHMS		alg,				// AES 128 only for now 
	CSSM_BOOL			forEncr,
	const CSSM_DATA		*keyData,			// may be larger than the key size we use
	unsigned			keyLengthInBits,
	CSSM_ENCRYPT_MODE	mode,				// CSSM_ALGMODE_CBC_IV8, ECB, always padding
	const CSSM_DATA		*iv,				// optional per mode
	const CSSM_DATA		*inData,
	CSSM_DATA_PTR		outData);			// CSSM_MALLOCd and RETURNED

#endif	/* _EAY_UTILS_H_ */

Added LocalTests/utilLib/t_stdlib.c.

















































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <security_bsafe/bsafe.h>

void T_free(POINTER block)
{
    if (block != NULL_PTR) {
		free(block);
    }
}

POINTER T_malloc(unsigned int len)
{
    return (POINTER) malloc(len ? len : 1);
}

/* these are not needed - they are in system.c in security_bsafe */
#if 0
int T_memcmp(POINTER firstBlock, POINTER secondBlock, unsigned int len)
{
    if (len == 0) {
		return 0;
    }
    return memcmp(firstBlock, secondBlock, len);
}

void T_memcpy(POINTER output, POINTER input, unsigned int len)
{
    if (len != 0) {
		memcpy(output, input, len);
    }
}

void T_memmove(POINTER output, POINTER input, unsigned int len)
{
    if (len != 0) {
		memmove(output, input, len);
    }
}

void T_memset(POINTER output, int value, unsigned int len)
{
    if (len != 0) {
		memset(output, value, len);
    }
}
#endif

POINTER T_realloc(POINTER block, unsigned int len)
{
    if (block == NULL_PTR)
		return (POINTER) malloc(len ? len : 1);
	
	return (POINTER)realloc(block, len);
}

Added Source/AESedp/AES.c.

































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
#include "AESAssembly.h"

// Generate object code iff this implementation is requested.
#if defined UseAESedp


/*	This module must not be compiled with -fstrict-aliasing.

	We are forced to do some aliasing in this module, because we must conform
	to an external API but need to do four-byte word manipulations for
	efficiency.  For example, chainBuf in the aes_cc_ctx structure is an array
	of char, but we operate in units of four-byte words (or bigger).
*/


#if defined UseAESedp_GeneralC


static void XorBlock(AESData *a, const AESData *b, const AESData *c)
{
	a->w[0] = b->w[0] ^ c->w[0];
	a->w[1] = b->w[1] ^ c->w[1];
	a->w[2] = b->w[2] ^ c->w[2];
	a->w[3] = b->w[3] ^ c->w[3];
}


/*	The code inside this preprocessor conditional clause is retained as an
	illustration of how the assembly implementation works.  For the most part,
	the code here implements AES in the same way the accompanying Intel
	assembly code does.

	While the assembly implementation performs well on an Intel processor, the
	code GCC generates for this C code is not particularly fast.

	Key expansion differs somewhat from the assembly implementation.  AES
	presents an Inverse Cipher for decryption that is not immediately suitable
	to table implementation.  AES also offers an Equivalent Inverse Cipher
	which is suitable for table implementation.  In the Equivalent Inverse
	Cipher, the InvMixColumn operation is switched with an XOR with the key.
	Fortunately, InvMixColumn distributes over XOR (it is a linear combination
	of its operands in a Galois field the AES defines, and the XOR is an
	addition in the field), so the swap can be made by applying InvMixColumn to
	the blocks of the key that will be used in the swapped operations.

	In the C code, InvMixColumn is applied in a separate step after expanded
	the key, in a for-loop inside the aes_cc_set_key routine.  In the assembly
	code, InvMixColumn is integrated into the key expansion code.
*/


#include "Data.c"	// Include tables with precalculated AES functions.


/*	This implements the InvMixColumn operation of the AES algorithm.  It is
	needed as a separate function during key expansion for decryption.
*/
static Word InvMixColumn(Word w)
{
	union { Word w; Byte b[4]; } b = { w };
	Byte 
		s0 = b.b[0],
		s1 = b.b[1],
		s2 = b.b[2],
		s3 = b.b[3];

	return
		  AESInvMixColumnTable[0][s0]
		^ AESInvMixColumnTable[1][s1]
		^ AESInvMixColumnTable[2][s2]
		^ AESInvMixColumnTable[3][s3];
}


// Expand the user's cipher key according to the AES key schedule.
static void AESExpandKey(Word *ExpandedKey, const AESKey *Key, long Nk)
{
	const Word (*T)[256] = AESSubBytesWordTable;
	const Byte *R = AESRcon;

	Word * const E = ExpandedKey;

	switch (Nk)
	{
		default:
		case 4:
		{
			const int Nr = 10;

			// The first words are just copies of the key.
			Word
				e0 = E[0] = Key->w[0],
				e1 = E[1] = Key->w[1],
				e2 = E[2] = Key->w[2],
				e3 = E[3] = Key->w[3];

			for (int i = Nk; i < Nb * (Nr + 1); i += Nk)
			{
				Word temp;
				{
					Byte * const b = (Byte *) &e3;

					Byte b0 = b[0], b1 = b[1], b2 = b[2], b3 = b[3];
					temp = T[0][b1] ^ T[1][b2] ^ T[2][b3] ^ T[3][b0];
				}
				temp ^= *++R;
				E[i+0] = e0 ^= temp;
				E[i+1] = e1 ^= e0;
				E[i+2] = e2 ^= e1;
				E[i+3] = e3 ^= e2;
			}
			break;
		}
		case 6:
		{
			const int Nr = 12;

			// The first words are just copies of the key.
			for (int i = 0; i < Nk; ++i)
				E[i] = Key->w[i];

			Word temp = E[Nk-1];
			for (int i = Nk; 1; i += Nk)
			{
				{
					Byte * const b = (Byte *) &temp;

					Byte b0 = b[0], b1 = b[1], b2 = b[2], b3 = b[3];
					temp = T[0][b1] ^ T[1][b2] ^ T[2][b3] ^ T[3][b0];
					temp ^= *++R;
				}
				E[i+0] = temp ^= E[i+0-Nk];
				E[i+1] = temp ^= E[i+1-Nk];
				E[i+2] = temp ^= E[i+2-Nk];
				E[i+3] = temp ^= E[i+3-Nk];

				if (Nb * Nr <= i)
					break;

				E[i+4] = temp ^= E[i+4-Nk];
				E[i+5] = temp ^= E[i+5-Nk];
			}
			break;
		}
		case 8:
		{
			const int Nr = 14;

			// The first words are just copies of the key.
			for (int i = 0; i < Nk; ++i)
				E[i] = Key->w[i];

			Word temp = E[Nk-1];
			for (int i = Nk; 1; i += Nk)
			{
				{
					Byte * const b = (Byte *) &temp;

					Byte b0 = b[0], b1 = b[1], b2 = b[2], b3 = b[3];
					temp = T[0][b1] ^ T[1][b2] ^ T[2][b3] ^ T[3][b0];
					temp ^= *++R;
				}
				E[i+0] = temp ^= E[i+0-Nk];
				E[i+1] = temp ^= E[i+1-Nk];
				E[i+2] = temp ^= E[i+2-Nk];
				E[i+3] = temp ^= E[i+3-Nk];

				if (Nb * Nr <= i)
					break;

				{
					Byte * const b = (Byte *) &temp;

					Byte b0 = b[0], b1 = b[1], b2 = b[2], b3 = b[3];
					temp = T[0][b0] ^ T[1][b1] ^ T[2][b2] ^ T[3][b3];
				}
				E[i+4] = temp ^= E[i+4-Nk];
				E[i+5] = temp ^= E[i+5-Nk];
				E[i+6] = temp ^= E[i+6-Nk];
				E[i+7] = temp ^= E[i+7-Nk];
			}
			break;
		}
	}
}


// This is the main encryption routine.
static void AESEncryptWithExpandedKey(Byte *Ciphertext, const Byte *Plaintext,
	const AESData *ExpandedKey, long Nr)
{
	AESData State;

	XorBlock(&State, (const AESData *) Plaintext, &ExpandedKey[0]);

	{
		const Word (*T)[256] = AESEncryptTable;

		for (int round = 1; round < Nr; ++round)
		{
			const AESData *Key = &ExpandedKey[round];

			const union { Word w; Byte b[4]; }
				w0 = { State.w[0] },
				w1 = { State.w[1] },
				w2 = { State.w[2] },
				w3 = { State.w[3] };

			State.w[0] = Key->w[0]
				^ T[0][w0.b[0]] ^ T[1][w1.b[1]] ^ T[2][w2.b[2]] ^ T[3][w3.b[3]];
			State.w[1] = Key->w[1]
				^ T[0][w1.b[0]] ^ T[1][w2.b[1]] ^ T[2][w3.b[2]] ^ T[3][w0.b[3]];
			State.w[2] = Key->w[2]
				^ T[0][w2.b[0]] ^ T[1][w3.b[1]] ^ T[2][w0.b[2]] ^ T[3][w1.b[3]];
			State.w[3] = Key->w[3]
				^ T[0][w3.b[0]] ^ T[1][w0.b[1]] ^ T[2][w1.b[2]] ^ T[3][w2.b[3]];
		}
	}

	{
		const Word (*T)[256] = AESSubBytesWordTable;

		const AESData *Key = &ExpandedKey[Nr];

		const union { Word w; Byte b[4]; }
			w0 = { State.w[0] },
			w1 = { State.w[1] },
			w2 = { State.w[2] },
			w3 = { State.w[3] };

		State.w[0] = Key->w[0]
			^ T[0][w0.b[0]] ^ T[1][w1.b[1]] ^ T[2][w2.b[2]] ^ T[3][w3.b[3]];
		State.w[1] = Key->w[1]
			^ T[0][w1.b[0]] ^ T[1][w2.b[1]] ^ T[2][w3.b[2]] ^ T[3][w0.b[3]];
		State.w[2] = Key->w[2]
			^ T[0][w2.b[0]] ^ T[1][w3.b[1]] ^ T[2][w0.b[2]] ^ T[3][w1.b[3]];
		State.w[3] = Key->w[3]
			^ T[0][w3.b[0]] ^ T[1][w0.b[1]] ^ T[2][w1.b[2]] ^ T[3][w2.b[3]];
	}

	* (AESData *) Ciphertext = State;
}


// This is the main decryption routine.
static void AESDecryptWithExpandedKey(Byte *Plaintext, const Byte *Ciphertext,
	const AESData *ExpandedKey, long Nr)
{
	AESData State;
	
	XorBlock(&State, (const AESData *) Ciphertext, &ExpandedKey[Nr]);

	{
		const Word (*T)[256] = AESDecryptTable;

		for (int round = Nr-1; 0 < round; --round)
		{
			const AESData *Key = &ExpandedKey[round];

			const union { Word w; Byte b[4]; }
				w0 = { State.w[0] },
				w1 = { State.w[1] },
				w2 = { State.w[2] },
				w3 = { State.w[3] };

			State.w[0] = Key->w[0]
				^ T[0][w0.b[0]] ^ T[1][w3.b[1]] ^ T[2][w2.b[2]] ^ T[3][w1.b[3]];
			State.w[1] = Key->w[1]
				^ T[0][w1.b[0]] ^ T[1][w0.b[1]] ^ T[2][w3.b[2]] ^ T[3][w2.b[3]];
			State.w[2] = Key->w[2]
				^ T[0][w2.b[0]] ^ T[1][w1.b[1]] ^ T[2][w0.b[2]] ^ T[3][w3.b[3]];
			State.w[3] = Key->w[3]
				^ T[0][w3.b[0]] ^ T[1][w2.b[1]] ^ T[2][w1.b[2]] ^ T[3][w0.b[3]];
		}
	}

	{
		const Word (*T)[256] = AESInvSubBytesWordTable;

		const AESData *Key = &ExpandedKey[0];

		const union { Word w; Byte b[4]; }
			w0 = { State.w[0] },
			w1 = { State.w[1] },
			w2 = { State.w[2] },
			w3 = { State.w[3] };

		State.w[0] = Key->w[0]
			^ T[0][w0.b[0]] ^ T[1][w3.b[1]] ^ T[2][w2.b[2]] ^ T[3][w1.b[3]];
		State.w[1] = Key->w[1]
			^ T[0][w1.b[0]] ^ T[1][w0.b[1]] ^ T[2][w3.b[2]] ^ T[3][w2.b[3]];
		State.w[2] = Key->w[2]
			^ T[0][w2.b[0]] ^ T[1][w1.b[1]] ^ T[2][w0.b[2]] ^ T[3][w3.b[3]];
		State.w[3] = Key->w[3]
			^ T[0][w3.b[0]] ^ T[1][w2.b[1]] ^ T[2][w1.b[2]] ^ T[3][w0.b[3]];
	}

	* (AESData *) Plaintext = State;
}


#else	// defined UseAESedp_GeneralC

	// Declare routines implemented elsewhere.
	void AESExpandKeyForEncryption(Word *ExpandedKey, const AESKey *Key,
		long Nk);
	void AESExpandKeyForDecryption(Word *ExpandedKey, const AESKey *Key,
		long Nk);
	void AESEncryptWithExpandedKey(Byte *OutputText, const Byte *InputText,
		const AESData *ExpandedKey, long Nr);
	void AESDecryptWithExpandedKey(Byte *OutputText, const Byte *InputText,
		const AESData *ExpandedKey, long Nr);
	void AESEncryptCBC(void *Output, const void *Input,
		void *ChainBuffer, void *Key, long Blocks, long Rounds);
	void AESDecryptCBC(void *Output, const void *Input,
		void *ChainBuffer, void *Key, long Blocks, long Rounds);

#endif	// defined UseAESedp_GeneralC


/*	Expand a key and store the expansion in the cryptor context.

	CommonCrypto calls this routine.
*/
int aes_cc_set_key(
		aes_cc_ctx *Context,	// Cryptor context.
		const void *Key,		// Key.
		aes_32t KeyLength,		// Number of bytes in key.
		int ForEncryption		// True for encryption, false for decryption.
	)
{
	// Test for invalid key length.
	if (KeyLength != 16 && KeyLength != 24 && KeyLength != 32)
		return -1;

	// Set Nk to number of four-byte words in key.
	const int Nk = KeyLength / 4;

	// Remember the number of rounds.
	Context->encrypt.rn = Nk + 6;

	#if defined UseAESedp_GeneralC

		AESExpandKey(Context->encrypt.ks, Key, Nk);

		if (!ForEncryption)
		{

			/*	Change the expanded key so we can swap the InvMixColumns and
				XorBlock operations during decryption.
			*/
			Word *E = Context->encrypt.ks;
			int Nr = Context->encrypt.rn;
			for (int i = Nb; i < Nr * Nb; ++i)
				E[i] = InvMixColumn(E[i]);
		}

	#else	// defined UseAESedp_GeneralC

		if (ForEncryption)
			AESExpandKeyForEncryption(Context->encrypt.ks, Key, Nk);
		else
			AESExpandKeyForDecryption(Context->encrypt.ks, Key, Nk);

	#endif	// defined UseAESedp_GeneralC

	// Indicate there is no initial value stored.
	Context->encrypt.cbcEnable = 0;

	return 0;
}


#include <string.h>	// For memcpy.


/*	Store an initial value (or lack thereof) in the cryptor context.

	CommonCrypto calls this routine.
*/
void aes_cc_set_iv(aes_cc_ctx *Context, int ForEncryption, const void *IV)
{
	if (IV == 0)
		// Indicate there is no initial value stored.
		Context->encrypt.cbcEnable = 0;
	else
	{
		// Indicate there is an initial value stored.
		Context->encrypt.cbcEnable = 1;
		memcpy(Context->encrypt.chainBuf, IV, sizeof Context->encrypt.chainBuf);
	}
}


/*	Encrypt blocks of data.

	CommonCrypto calls this routine.
*/
void aes_cc_encrypt(
		aes_cc_ctx *Context,	// Cryptor context.
		const void *Input,		// Input.
		aes_32t Blocks,			// Number of 16-byte blocks to process.
		void *Output			// Output.
	)
{
	// Alias to more convenient pointers for referring to blocks.
	const AESData *I = Input;
	      AESData *O = Output;

	// If we have an initial value, use Cipher Block Chaining (CBC) mode.
	if (Context->encrypt.cbcEnable)
	{
		#if defined UseAESedp_GeneralC
			// Get chain value.
			AESData State = * (AESData *) Context->encrypt.chainBuf;

			// Chain and encrypt.
			while (Blocks--)
			{
				XorBlock(&State, &State, I++);
				AESEncryptWithExpandedKey(State.b, State.b,
					(const void *) Context->encrypt.ks,
					Context->encrypt.rn);
				*O++ = State;
			}

			// Save updated chain value.
			* (AESData *) Context->encrypt.chainBuf = State;
		#else	// defined UseAESedp_GeneralC
			AESEncryptCBC(O, I, Context->encrypt.chainBuf,
				Context->encrypt.ks, Blocks, Context->encrypt.rn);
		#endif	// defined UseAESedp_GeneralC
	}

	// If we have no initial value, use Electronic Code Book (ECB) mode.
	else
	{
		aes_32t i;
		for (i = 0; i < Blocks; ++i)
			AESEncryptWithExpandedKey(O[i].b, I[i].b,
				(const void *) Context->encrypt.ks, Context->encrypt.rn);
	}
}


/*	Alternate interface to encryption, same as aes_cc_encrypt, except that if
	InitialValue is non-null, it points to an initial value which is used for
	CBC mode, regardless of the cbcEnable flag and the initial/chain value in
	the context structure.  The updated chain value is written to written to
	the context structure.
*/
aes_rval aes_encrypt_cbc(
	const unsigned char *Input,
	const unsigned char *InitialValue,
	unsigned int Blocks,
	unsigned char *Output,
	aes_encrypt_ctx *Context)
{
	// Alias to more convenient pointers for referring to blocks.
	const AESData *I = (const AESData *) Input;
	      AESData *O = (      AESData *) Output;

	// If we have an initial value, use Cipher Block Chaining (CBC) mode.
	if (Context->cbcEnable || InitialValue)
	{
		#if defined UseAESedp_GeneralC
			// Get chain value.
			AESData State = InitialValue
				? * (const AESData *) InitialValue
				: * (const AESData *) Context->chainBuf;

			// Chain and encrypt.
			while (Blocks--)
			{
				XorBlock(&State, &State, I++);
				AESEncryptWithExpandedKey(State.b, State.b,
					(const void *) Context->ks,
					Context->rn);
				*O++ = State;
			}

			// Save updated chain value.
			* (AESData *) Context->chainBuf = State;
		#else	// defined UseAESedp_GeneralC
			AESEncryptCBC(O, I, Context->chainBuf,
				Context->ks, Blocks, Context->rn);
		#endif	// defined UseAESedp_GeneralC
	}

	// If we have no initial value, use Electronic Code Book (ECB) mode.
	else
	{
		aes_32t i;
		for (i = 0; i < Blocks; ++i)
			AESEncryptWithExpandedKey(O[i].b, I[i].b,
				(const void *) Context->ks, Context->rn);
	}
}


/*	Decrypt blocks of data.

	CommonCrypto calls this routine.
*/
void aes_cc_decrypt(
		aes_cc_ctx *Context,	// Cryptor context.
		const void *Input,		// Input.
		aes_32t Blocks,			// Number of 16-byte blocks to process.
		void *Output			// Output.
	)
{
	// Alias to more convenient pointers for referring to blocks.
	const AESData *I = Input;
	      AESData *O = Output;

	// If we have an initial value, use Cipher Block Chaining (CBC) mode.
	if (Context->encrypt.cbcEnable)
	{
		#if defined UseAESedp_GeneralC
			// Get chain value.
			AESData NextChainValue = * (AESData *) Context->encrypt.chainBuf;

			// Decrypt and chain.
			while (Blocks--)
			{
				AESData ChainValue = NextChainValue, State;
				NextChainValue = *I++;
				AESDecryptWithExpandedKey(State.b, NextChainValue.b,
					(const void *) Context->encrypt.ks, Context->encrypt.rn);
				XorBlock(O++, &State, &ChainValue);
			}

			// Save updated chain value.
			* (AESData *) Context->encrypt.chainBuf = NextChainValue;
		#else	// defined UseAESedp_GeneralC
			AESDecryptCBC(O, I, Context->encrypt.chainBuf,
				Context->encrypt.ks, Blocks, Context->encrypt.rn);
		#endif	// defined UseAESedp_GeneralC
	}

	// If we have no initial value, use Electronic Code Book (ECB) mode.
	else
	{
		aes_32t i;
		for (i = 0; i < Blocks; ++i)
			AESDecryptWithExpandedKey(O[i].b, I[i].b,
				(const void *) Context->encrypt.ks, Context->encrypt.rn);
	}
}


/*	Alternate interface to decryption, same as aes_cc_decrypt, except that if
	InitialValue is non-null, it points to an initial value which is used for
	CBC mode, regardless of the cbcEnable flag and the initial/chain value in
	the context structure.  The updated chain value is written to written to
	the context structure.
*/
aes_rval aes_decrypt_cbc(
	const unsigned char *Input,
	const unsigned char *InitialValue,
	unsigned int Blocks,
	unsigned char *Output,
	aes_decrypt_ctx *Context)
{
	// Alias to more convenient pointers for referring to blocks.
	const AESData *I = (const AESData *) Input;
	      AESData *O = (      AESData *) Output;

	// If we have an initial value, use Cipher Block Chaining (CBC) mode.
	if (Context->cbcEnable || InitialValue)
	{
		#if defined UseAESedp_GeneralC
			// Get chain value.
			AESData NextChainValue = InitialValue
				? * (const AESData *) InitialValue
				: * (const AESData *) Context->chainBuf;

			// Decrypt and chain.
			while (Blocks--)
			{
				AESData ChainValue = NextChainValue, State;
				NextChainValue = *I++;
				AESDecryptWithExpandedKey(State.b, NextChainValue.b,
					(const void *) Context->ks, Context->rn);
				XorBlock(O++, &State, &ChainValue);
			}

			// Save updated chain value.
			* (AESData *) Context->chainBuf = NextChainValue;
		#else	// defined UseAESedp_GeneralC
			AESDecryptCBC(O, I, Context->chainBuf,
				Context->ks, Blocks, Context->rn);
		#endif	// defined UseAESedp_GeneralC
	}

	// If we have no initial value, use Electronic Code Book (ECB) mode.
	else
	{
		aes_32t i;
		for (i = 0; i < Blocks; ++i)
			AESDecryptWithExpandedKey(O[i].b, I[i].b,
				(const void *) Context->ks, Context->rn);
	}
}



#endif	// defined UseAESedp

Added Source/AESedp/AESAssembly.h.

















































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#if !defined AES_h
#define AES_h


// Include aesopt.h to get the UseAESedp symbol.  We use nothing else from it.
#include <CommonCrypto/aesopt.h>


// Generate object code iff UseAESedp is defined.
#if defined UseAESedp


// Select which implementation to use.
#if 1
	#define	UseAESedp_IntelAssembly
#else
	#define	UseAESedp_GeneralC
#endif


/*	MaxNb is the maximum value of Nb, the number of four-byte words in one data
	block.
*/
#define	MaxNb	4

/*	Nb is the number of four-byte words in one data block.  AES fixes Nb at 4,
	although Rijndael allows up to 8.
*/
#define	Nb		4

/*	MaxNk is the maximum value of Nk, the number of four-byte words in a key.
	AES and Rijndael allow up to 8.
*/
#define	MaxNk	8

/*	Nk is not defined here because different key sizes are supported
	dynamically.
*/

/*	MaxRcon is the maximum number of round constants that might be needed.
	The number needed is (Nb*(Nr+1)-1) / Nk + 1.  For AES, Nr is Nk + 6.  (For
	Rijndael, Nr is max(Nk, Nb) + 6.)  For AES, we have:

		(Nb*(Nr+1)-1) / Nk + 1.
		(Nb*(Nk+6+1)-1) / Nk + 1.
		(Nb*Nk + Nb*7 - 1) / Nk + 1.
		Nb + (Nb*7-1)/Nk + 1.

	Clearly this is greatest when Nk is smallest.  Nk is at least 4.  In AES,
	Nb is 4, so we have 4 + 27/4 + 1 = 11.

	(In Rijndael, the maximum is 30, occurring when Nb is 8 and Nk is 4.)
*/
#define	MaxRcon	11


#if !__ASSEMBLER__

	#include <stdint.h>

	typedef uint8_t Byte;
	typedef uint32_t Word;
	typedef union { Byte b[MaxNb*4]; Word w[MaxNb]; } AESData;
	typedef union { Byte b[MaxNk*4]; Word w[MaxNk]; } AESKey ;

#endif


#endif	// defined UseAESedp


#endif	// !defined AES_h

Added Source/AESedp/Data.c.























































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
2951
2952
2953
2954
2955
2956
2957
2958
2959
2960
2961
2962
2963
2964
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
2982
2983
2984
2985
2986
2987
2988
2989
2990
2991
2992
2993
2994
2995
2996
2997
2998
2999
3000
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053
3054
3055
3056
3057
3058
3059
3060
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190
3191
3192
3193
3194
3195
3196
3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209
3210
3211
3212
3213
3214
3215
3216
3217
3218
3219
3220
3221
3222
3223
3224
3225
3226
3227
3228
3229
3230
3231
3232
3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
3251
3252
3253
3254
3255
3256
3257
3258
3259
3260
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
3362
3363
3364
3365
3366
3367
3368
3369
3370
3371
3372
3373
3374
3375
3376
3377
3378
3379
3380
3381
3382
3383
3384
3385
3386
3387
3388
3389
3390
3391
3392
3393
3394
3395
3396
3397
3398
3399
3400
3401
3402
3403
3404
3405
3406
3407
3408
3409
3410
3411
3412
3413
3414
3415
3416
3417
3418
3419
3420
3421
3422
3423
3424
3425
3426
3427
3428
3429
3430
3431
3432
3433
3434
3435
3436
3437
3438
3439
3440
3441
3442
3443
3444
3445
3446
3447
3448
3449
3450
3451
3452
3453
3454
3455
3456
3457
3458
3459
3460
3461
3462
3463
3464
3465
3466
3467
3468
3469
3470
3471
3472
3473
3474
3475
3476
3477
3478
3479
3480
3481
3482
3483
3484
3485
3486
3487
3488
3489
3490
3491
3492
3493
3494
3495
3496
3497
3498
3499
3500
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510
3511
3512
3513
3514
3515
3516
3517
3518
3519
3520
3521
3522
3523
3524
3525
3526
3527
3528
3529
3530
3531
3532
3533
3534
3535
3536
3537
3538
3539
3540
3541
3542
3543
3544
3545
3546
3547
3548
3549
3550
3551
3552
3553
3554
3555
3556
3557
3558
3559
3560
3561
3562
3563
3564
3565
3566
3567
3568
3569
3570
3571
3572
3573
3574
3575
3576
3577
3578
3579
3580
3581
3582
3583
3584
3585
3586
3587
3588
3589
3590
3591
3592
3593
3594
3595
3596
3597
3598
3599
3600
3601
3602
3603
3604
3605
3606
3607
3608
3609
3610
3611
3612
3613
3614
3615
3616
3617
3618
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
3684
3685
3686
3687
3688
3689
3690
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
3713
3714
3715
3716
3717
3718
3719
3720
3721
3722
3723
3724
3725
3726
3727
3728
3729
3730
3731
3732
3733
3734
3735
3736
3737
3738
3739
3740
3741
3742
3743
3744
3745
3746
3747
3748
3749
3750
3751
3752
3753
3754
3755
3756
3757
3758
3759
3760
3761
3762
3763
3764
3765
3766
3767
3768
3769
3770
3771
3772
3773
3774
3775
3776
3777
3778
3779
3780
3781
3782
3783
3784
3785
3786
3787
3788
3789
3790
3791
3792
3793
3794
3795
3796
3797
3798
3799
3800
3801
3802
3803
3804
3805
3806
3807
3808
3809
3810
3811
3812
3813
3814
3815
3816
3817
3818
3819
3820
3821
3822
3823
3824
3825
3826
3827
3828
3829
3830
3831
3832
3833
3834
3835
3836
3837
3838
3839
3840
3841
3842
3843
3844
3845
3846
3847
3848
3849
3850
3851
3852
3853
3854
3855
3856
3857
3858
3859
3860
3861
3862
3863
3864
3865
3866
3867
3868
3869
3870
3871
3872
3873
3874
3875
3876
3877
3878
3879
3880
3881
3882
3883
3884
3885
3886
3887
3888
3889
3890
3891
3892
3893
3894
3895
3896
3897
3898
3899
3900
3901
3902
3903
3904
3905
3906
3907
3908
3909
3910
3911
3912
3913
3914
3915
3916
3917
3918
3919
3920
3921
3922
3923
3924
3925
3926
3927
3928
3929
3930
3931
3932
3933
3934
3935
3936
3937
3938
3939
3940
3941
3942
3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
3953
3954
3955
3956
3957
3958
3959
3960
3961
3962
3963
3964
3965
3966
3967
3968
3969
3970
3971
3972
3973
3974
3975
3976
3977
3978
3979
3980
3981
3982
3983
3984
3985
3986
3987
3988
3989
3990
3991
3992
3993
3994
3995
3996
3997
3998
3999
4000
4001
4002
4003
4004
4005
4006
4007
4008
4009
4010
4011
4012
4013
4014
4015
4016
4017
4018
4019
4020
4021
4022
4023
4024
4025
4026
4027
4028
4029
4030
4031
4032
4033
4034
4035
4036
4037
4038
4039
4040
4041
4042
4043
4044
4045
4046
4047
4048
4049
4050
4051
4052
4053
4054
4055
4056
4057
4058
4059
4060
4061
4062
4063
4064
4065
4066
4067
4068
4069
4070
4071
4072
4073
4074
4075
4076
4077
4078
4079
4080
4081
4082
4083
4084
4085
4086
4087
4088
4089
4090
4091
4092
4093
4094
4095
4096
4097
4098
4099
4100
4101
4102
4103
4104
4105
4106
4107
4108
4109
4110
4111
4112
4113
4114
4115
4116
4117
4118
4119
4120
4121
4122
4123
4124
4125
4126
4127
4128
4129
4130
4131
4132
4133
4134
4135
4136
4137
4138
4139
4140
4141
4142
4143
4144
4145
4146
4147
4148
4149
4150
4151
4152
4153
4154
4155
4156
4157
4158
4159
4160
4161
4162
4163
4164
4165
4166
4167
4168
4169
4170
4171
4172
4173
4174
4175
4176
4177
4178
4179
4180
4181
4182
4183
4184
4185
4186
4187
4188
4189
4190
4191
4192
4193
4194
4195
4196
4197
4198
4199
4200
4201
4202
4203
4204
4205
4206
4207
4208
4209
4210
4211
4212
4213
4214
4215
4216
4217
4218
4219
4220
4221
4222
4223
4224
4225
4226
4227
4228
4229
4230
4231
4232
4233
4234
4235
4236
4237
4238
4239
4240
4241
4242
4243
4244
4245
4246
4247
4248
4249
4250
4251
4252
4253
4254
4255
4256
4257
4258
4259
4260
4261
4262
4263
4264
4265
4266
4267
4268
4269
4270
4271
4272
4273
4274
4275
4276
4277
4278
4279
4280
4281
4282
4283
4284
4285
4286
4287
4288
4289
4290
4291
4292
4293
4294
4295
4296
4297
4298
4299
4300
4301
4302
4303
4304
4305
4306
4307
4308
4309
4310
4311
4312
4313
4314
4315
4316
4317
4318
4319
4320
4321
4322
4323
4324
4325
4326
4327
4328
4329
4330
4331
4332
4333
4334
4335
4336
4337
4338
4339
4340
4341
4342
4343
4344
4345
4346
4347
4348
4349
4350
4351
4352
4353
4354
4355
4356
4357
4358
4359
4360
4361
4362
4363
4364
4365
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
4384
4385
4386
4387
4388
4389
4390
4391
4392
4393
4394
4395
4396
4397
4398
4399
4400
4401
4402
4403
4404
4405
4406
4407
4408
4409
4410
4411
4412
4413
4414
4415
4416
4417
4418
4419
4420
4421
4422
4423
4424
4425
4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443
4444
4445
4446
4447
4448
4449
4450
4451
4452
4453
4454
4455
4456
4457
4458
4459
4460
4461
4462
4463
4464
4465
4466
4467
4468
4469
4470
4471
4472
4473
4474
4475
4476
4477
4478
4479
4480
4481
4482
4483
4484
4485
4486
4487
4488
4489
4490
4491
4492
4493
4494
4495
4496
4497
4498
4499
4500
4501
4502
4503
4504
4505
4506
4507
4508
4509
4510
4511
4512
4513
4514
4515
4516
4517
4518
4519
4520
4521
4522
4523
4524
4525
4526
4527
4528
4529
4530
4531
4532
4533
4534
4535
4536
4537
4538
4539
4540
4541
4542
4543
4544
4545
4546
4547
4548
4549
4550
4551
4552
4553
4554
4555
4556
4557
4558
4559
4560
4561
4562
4563
4564
4565
4566
4567
4568
4569
4570
4571
4572
4573
4574
4575
4576
4577
4578
4579
4580
4581
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
4633
4634
4635
4636
4637
4638
4639
4640
4641
4642
4643
4644
4645
4646
4647
4648
4649
4650
4651
4652
4653
4654
4655
4656
4657
4658
4659
4660
4661
4662
4663
4664
4665
4666
4667
4668
4669
4670
4671
4672
4673
4674
4675
4676
4677
4678
4679
4680
4681
4682
4683
4684
4685
4686
4687
4688
4689
4690
4691
4692
4693
4694
4695
4696
4697
4698
4699
4700
4701
4702
4703
4704
4705
4706
4707
4708
4709
4710
4711
4712
4713
4714
4715
4716
4717
4718
4719
4720
4721
4722
4723
4724
4725
4726
4727
4728
4729
4730
4731
4732
4733
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
4744
4745
4746
4747
4748
4749
4750
4751
4752
4753
4754
4755
4756
4757
4758
4759
4760
4761
4762
4763
4764
4765
4766
4767
4768
4769
4770
4771
4772
4773
4774
4775
4776
4777
4778
4779
4780
4781
4782
4783
4784
4785
4786
4787
4788
4789
4790
4791
4792
4793
4794
4795
4796
4797
4798
4799
4800
4801
4802
4803
4804
4805
4806
4807
4808
4809
4810
4811
4812
4813
4814
4815
4816
4817
4818
4819
4820
4821
4822
4823
4824
4825
4826
4827
4828
4829
4830
4831
4832
4833
4834
4835
4836
4837
4838
4839
4840
4841
4842
4843
4844
4845
4846
4847
4848
4849
4850
4851
4852
4853
4854
4855
4856
4857
4858
4859
4860
4861
4862
4863
4864
4865
4866
4867
4868
4869
4870
4871
4872
4873
4874
4875
4876
4877
4878
4879
4880
4881
4882
4883
4884
4885
4886
4887
4888
4889
4890
4891
4892
4893
4894
4895
4896
4897
4898
4899
4900
4901
4902
4903
4904
4905
4906
4907
4908
4909
4910
4911
4912
4913
4914
4915
4916
4917
4918
4919
4920
4921
4922
4923
4924
4925
4926
4927
4928
4929
4930
4931
4932
4933
4934
4935
4936
4937
4938
4939
4940
4941
4942
4943
4944
4945
4946
4947
4948
4949
4950
4951
4952
4953
4954
4955
4956
4957
4958
4959
4960
4961
4962
4963
4964
4965
4966
4967
4968
4969
4970
4971
4972
4973
4974
4975
4976
4977
4978
4979
4980
4981
4982
4983
4984
4985
4986
4987
4988
4989
4990
4991
4992
4993
4994
4995
4996
4997
4998
4999
5000
5001
5002
5003
5004
5005
5006
5007
5008
5009
5010
5011
5012
5013
5014
5015
5016
5017
5018
5019
5020
5021
5022
5023
5024
5025
5026
5027
5028
5029
5030
5031
5032
5033
5034
5035
5036
5037
5038
5039
5040
5041
5042
5043
5044
5045
5046
5047
5048
5049
5050
5051
5052
5053
5054
5055
5056
5057
5058
5059
5060
5061
5062
5063
5064
5065
5066
5067
5068
5069
5070
5071
5072
5073
5074
5075
5076
5077
5078
5079
5080
5081
5082
5083
5084
5085
5086
5087
5088
5089
5090
5091
5092
5093
5094
5095
5096
5097
5098
5099
5100
5101
5102
5103
5104
5105
5106
5107
5108
5109
5110
5111
5112
5113
5114
5115
5116
5117
5118
5119
5120
5121
5122
5123
5124
5125
5126
5127
5128
5129
5130
5131
5132
5133
5134
5135
5136
5137
5138
5139
5140
5141
5142
5143
5144
5145
5146
5147
5148
5149
5150
5151
5152
5153
5154
5155
5156
5157
5158
5159
5160
5161
5162
5163
5164
5165
5166
5167
5168
5169
5170
5171
5172
5173
5174
5175
5176
5177
5178
5179
5180
5181
5182
5183
5184
5185
5186
5187
5188
5189
5190
5191
5192
5193
5194
5195
5196
5197
5198
5199
5200
5201
5202
5203
5204
5205
5206
5207
5208
5209
5210
5211
// This file was generated by MakeData.c.


#include "AESAssembly.h"


// Round constants.
const Byte AESRcon[] =
{
	0,	// Not used, included for indexing simplicity.
	0x01,
	0x02,
	0x04,
	0x08,
	0x10,
	0x20,
	0x40,
	0x80,
	0x1b,
	0x36,
};


// Tables for InvMixColumn.
const Word AESInvMixColumnTable[4][256] =
{
	{
		0x00000000,
		0x0b0d090e,
		0x161a121c,
		0x1d171b12,
		0x2c342438,
		0x27392d36,
		0x3a2e3624,
		0x31233f2a,
		0x58684870,
		0x5365417e,
		0x4e725a6c,
		0x457f5362,
		0x745c6c48,
		0x7f516546,
		0x62467e54,
		0x694b775a,
		0xb0d090e0,
		0xbbdd99ee,
		0xa6ca82fc,
		0xadc78bf2,
		0x9ce4b4d8,
		0x97e9bdd6,
		0x8afea6c4,
		0x81f3afca,
		0xe8b8d890,
		0xe3b5d19e,
		0xfea2ca8c,
		0xf5afc382,
		0xc48cfca8,
		0xcf81f5a6,
		0xd296eeb4,
		0xd99be7ba,
		0x7bbb3bdb,
		0x70b632d5,
		0x6da129c7,
		0x66ac20c9,
		0x578f1fe3,
		0x5c8216ed,
		0x41950dff,
		0x4a9804f1,
		0x23d373ab,
		0x28de7aa5,
		0x35c961b7,
		0x3ec468b9,
		0x0fe75793,
		0x04ea5e9d,
		0x19fd458f,
		0x12f04c81,
		0xcb6bab3b,
		0xc066a235,
		0xdd71b927,
		0xd67cb029,
		0xe75f8f03,
		0xec52860d,
		0xf1459d1f,
		0xfa489411,
		0x9303e34b,
		0x980eea45,
		0x8519f157,
		0x8e14f859,
		0xbf37c773,
		0xb43ace7d,
		0xa92dd56f,
		0xa220dc61,
		0xf66d76ad,
		0xfd607fa3,
		0xe07764b1,
		0xeb7a6dbf,
		0xda595295,
		0xd1545b9b,
		0xcc434089,
		0xc74e4987,
		0xae053edd,
		0xa50837d3,
		0xb81f2cc1,
		0xb31225cf,
		0x82311ae5,
		0x893c13eb,
		0x942b08f9,
		0x9f2601f7,
		0x46bde64d,
		0x4db0ef43,
		0x50a7f451,
		0x5baafd5f,
		0x6a89c275,
		0x6184cb7b,
		0x7c93d069,
		0x779ed967,
		0x1ed5ae3d,
		0x15d8a733,
		0x08cfbc21,
		0x03c2b52f,
		0x32e18a05,
		0x39ec830b,
		0x24fb9819,
		0x2ff69117,
		0x8dd64d76,
		0x86db4478,
		0x9bcc5f6a,
		0x90c15664,
		0xa1e2694e,
		0xaaef6040,
		0xb7f87b52,
		0xbcf5725c,
		0xd5be0506,
		0xdeb30c08,
		0xc3a4171a,
		0xc8a91e14,
		0xf98a213e,
		0xf2872830,
		0xef903322,
		0xe49d3a2c,
		0x3d06dd96,
		0x360bd498,
		0x2b1ccf8a,
		0x2011c684,
		0x1132f9ae,
		0x1a3ff0a0,
		0x0728ebb2,
		0x0c25e2bc,
		0x656e95e6,
		0x6e639ce8,
		0x737487fa,
		0x78798ef4,
		0x495ab1de,
		0x4257b8d0,
		0x5f40a3c2,
		0x544daacc,
		0xf7daec41,
		0xfcd7e54f,
		0xe1c0fe5d,
		0xeacdf753,
		0xdbeec879,
		0xd0e3c177,
		0xcdf4da65,
		0xc6f9d36b,
		0xafb2a431,
		0xa4bfad3f,
		0xb9a8b62d,
		0xb2a5bf23,
		0x83868009,
		0x888b8907,
		0x959c9215,
		0x9e919b1b,
		0x470a7ca1,
		0x4c0775af,
		0x51106ebd,
		0x5a1d67b3,
		0x6b3e5899,
		0x60335197,
		0x7d244a85,
		0x7629438b,
		0x1f6234d1,
		0x146f3ddf,
		0x097826cd,
		0x02752fc3,
		0x335610e9,
		0x385b19e7,
		0x254c02f5,
		0x2e410bfb,
		0x8c61d79a,
		0x876cde94,
		0x9a7bc586,
		0x9176cc88,
		0xa055f3a2,
		0xab58faac,
		0xb64fe1be,
		0xbd42e8b0,
		0xd4099fea,
		0xdf0496e4,
		0xc2138df6,
		0xc91e84f8,
		0xf83dbbd2,
		0xf330b2dc,
		0xee27a9ce,
		0xe52aa0c0,
		0x3cb1477a,
		0x37bc4e74,
		0x2aab5566,
		0x21a65c68,
		0x10856342,
		0x1b886a4c,
		0x069f715e,
		0x0d927850,
		0x64d90f0a,
		0x6fd40604,
		0x72c31d16,
		0x79ce1418,
		0x48ed2b32,
		0x43e0223c,
		0x5ef7392e,
		0x55fa3020,
		0x01b79aec,
		0x0aba93e2,
		0x17ad88f0,
		0x1ca081fe,
		0x2d83bed4,
		0x268eb7da,
		0x3b99acc8,
		0x3094a5c6,
		0x59dfd29c,
		0x52d2db92,
		0x4fc5c080,
		0x44c8c98e,
		0x75ebf6a4,
		0x7ee6ffaa,
		0x63f1e4b8,
		0x68fcedb6,
		0xb1670a0c,
		0xba6a0302,
		0xa77d1810,
		0xac70111e,
		0x9d532e34,
		0x965e273a,
		0x8b493c28,
		0x80443526,
		0xe90f427c,
		0xe2024b72,
		0xff155060,
		0xf418596e,
		0xc53b6644,
		0xce366f4a,
		0xd3217458,
		0xd82c7d56,
		0x7a0ca137,
		0x7101a839,
		0x6c16b32b,
		0x671bba25,
		0x5638850f,
		0x5d358c01,
		0x40229713,
		0x4b2f9e1d,
		0x2264e947,
		0x2969e049,
		0x347efb5b,
		0x3f73f255,
		0x0e50cd7f,
		0x055dc471,
		0x184adf63,
		0x1347d66d,
		0xcadc31d7,
		0xc1d138d9,
		0xdcc623cb,
		0xd7cb2ac5,
		0xe6e815ef,
		0xede51ce1,
		0xf0f207f3,
		0xfbff0efd,
		0x92b479a7,
		0x99b970a9,
		0x84ae6bbb,
		0x8fa362b5,
		0xbe805d9f,
		0xb58d5491,
		0xa89a4f83,
		0xa397468d,
	},
	{
		0x00000000,
		0x0d090e0b,
		0x1a121c16,
		0x171b121d,
		0x3424382c,
		0x392d3627,
		0x2e36243a,
		0x233f2a31,
		0x68487058,
		0x65417e53,
		0x725a6c4e,
		0x7f536245,
		0x5c6c4874,
		0x5165467f,
		0x467e5462,
		0x4b775a69,
		0xd090e0b0,
		0xdd99eebb,
		0xca82fca6,
		0xc78bf2ad,
		0xe4b4d89c,
		0xe9bdd697,
		0xfea6c48a,
		0xf3afca81,
		0xb8d890e8,
		0xb5d19ee3,
		0xa2ca8cfe,
		0xafc382f5,
		0x8cfca8c4,
		0x81f5a6cf,
		0x96eeb4d2,
		0x9be7bad9,
		0xbb3bdb7b,
		0xb632d570,
		0xa129c76d,
		0xac20c966,
		0x8f1fe357,
		0x8216ed5c,
		0x950dff41,
		0x9804f14a,
		0xd373ab23,
		0xde7aa528,
		0xc961b735,
		0xc468b93e,
		0xe757930f,
		0xea5e9d04,
		0xfd458f19,
		0xf04c8112,
		0x6bab3bcb,
		0x66a235c0,
		0x71b927dd,
		0x7cb029d6,
		0x5f8f03e7,
		0x52860dec,
		0x459d1ff1,
		0x489411fa,
		0x03e34b93,
		0x0eea4598,
		0x19f15785,
		0x14f8598e,
		0x37c773bf,
		0x3ace7db4,
		0x2dd56fa9,
		0x20dc61a2,
		0x6d76adf6,
		0x607fa3fd,
		0x7764b1e0,
		0x7a6dbfeb,
		0x595295da,
		0x545b9bd1,
		0x434089cc,
		0x4e4987c7,
		0x053eddae,
		0x0837d3a5,
		0x1f2cc1b8,
		0x1225cfb3,
		0x311ae582,
		0x3c13eb89,
		0x2b08f994,
		0x2601f79f,
		0xbde64d46,
		0xb0ef434d,
		0xa7f45150,
		0xaafd5f5b,
		0x89c2756a,
		0x84cb7b61,
		0x93d0697c,
		0x9ed96777,
		0xd5ae3d1e,
		0xd8a73315,
		0xcfbc2108,
		0xc2b52f03,
		0xe18a0532,
		0xec830b39,
		0xfb981924,
		0xf691172f,
		0xd64d768d,
		0xdb447886,
		0xcc5f6a9b,
		0xc1566490,
		0xe2694ea1,
		0xef6040aa,
		0xf87b52b7,
		0xf5725cbc,
		0xbe0506d5,
		0xb30c08de,
		0xa4171ac3,
		0xa91e14c8,
		0x8a213ef9,
		0x872830f2,
		0x903322ef,
		0x9d3a2ce4,
		0x06dd963d,
		0x0bd49836,
		0x1ccf8a2b,
		0x11c68420,
		0x32f9ae11,
		0x3ff0a01a,
		0x28ebb207,
		0x25e2bc0c,
		0x6e95e665,
		0x639ce86e,
		0x7487fa73,
		0x798ef478,
		0x5ab1de49,
		0x57b8d042,
		0x40a3c25f,
		0x4daacc54,
		0xdaec41f7,
		0xd7e54ffc,
		0xc0fe5de1,
		0xcdf753ea,
		0xeec879db,
		0xe3c177d0,
		0xf4da65cd,
		0xf9d36bc6,
		0xb2a431af,
		0xbfad3fa4,
		0xa8b62db9,
		0xa5bf23b2,
		0x86800983,
		0x8b890788,
		0x9c921595,
		0x919b1b9e,
		0x0a7ca147,
		0x0775af4c,
		0x106ebd51,
		0x1d67b35a,
		0x3e58996b,
		0x33519760,
		0x244a857d,
		0x29438b76,
		0x6234d11f,
		0x6f3ddf14,
		0x7826cd09,
		0x752fc302,
		0x5610e933,
		0x5b19e738,
		0x4c02f525,
		0x410bfb2e,
		0x61d79a8c,
		0x6cde9487,
		0x7bc5869a,
		0x76cc8891,
		0x55f3a2a0,
		0x58faacab,
		0x4fe1beb6,
		0x42e8b0bd,
		0x099fead4,
		0x0496e4df,
		0x138df6c2,
		0x1e84f8c9,
		0x3dbbd2f8,
		0x30b2dcf3,
		0x27a9ceee,
		0x2aa0c0e5,
		0xb1477a3c,
		0xbc4e7437,
		0xab55662a,
		0xa65c6821,
		0x85634210,
		0x886a4c1b,
		0x9f715e06,
		0x9278500d,
		0xd90f0a64,
		0xd406046f,
		0xc31d1672,
		0xce141879,
		0xed2b3248,
		0xe0223c43,
		0xf7392e5e,
		0xfa302055,
		0xb79aec01,
		0xba93e20a,
		0xad88f017,
		0xa081fe1c,
		0x83bed42d,
		0x8eb7da26,
		0x99acc83b,
		0x94a5c630,
		0xdfd29c59,
		0xd2db9252,
		0xc5c0804f,
		0xc8c98e44,
		0xebf6a475,
		0xe6ffaa7e,
		0xf1e4b863,
		0xfcedb668,
		0x670a0cb1,
		0x6a0302ba,
		0x7d1810a7,
		0x70111eac,
		0x532e349d,
		0x5e273a96,
		0x493c288b,
		0x44352680,
		0x0f427ce9,
		0x024b72e2,
		0x155060ff,
		0x18596ef4,
		0x3b6644c5,
		0x366f4ace,
		0x217458d3,
		0x2c7d56d8,
		0x0ca1377a,
		0x01a83971,
		0x16b32b6c,
		0x1bba2567,
		0x38850f56,
		0x358c015d,
		0x22971340,
		0x2f9e1d4b,
		0x64e94722,
		0x69e04929,
		0x7efb5b34,
		0x73f2553f,
		0x50cd7f0e,
		0x5dc47105,
		0x4adf6318,
		0x47d66d13,
		0xdc31d7ca,
		0xd138d9c1,
		0xc623cbdc,
		0xcb2ac5d7,
		0xe815efe6,
		0xe51ce1ed,
		0xf207f3f0,
		0xff0efdfb,
		0xb479a792,
		0xb970a999,
		0xae6bbb84,
		0xa362b58f,
		0x805d9fbe,
		0x8d5491b5,
		0x9a4f83a8,
		0x97468da3,
	},
	{
		0x00000000,
		0x090e0b0d,
		0x121c161a,
		0x1b121d17,
		0x24382c34,
		0x2d362739,
		0x36243a2e,
		0x3f2a3123,
		0x48705868,
		0x417e5365,
		0x5a6c4e72,
		0x5362457f,
		0x6c48745c,
		0x65467f51,
		0x7e546246,
		0x775a694b,
		0x90e0b0d0,
		0x99eebbdd,
		0x82fca6ca,
		0x8bf2adc7,
		0xb4d89ce4,
		0xbdd697e9,
		0xa6c48afe,
		0xafca81f3,
		0xd890e8b8,
		0xd19ee3b5,
		0xca8cfea2,
		0xc382f5af,
		0xfca8c48c,
		0xf5a6cf81,
		0xeeb4d296,
		0xe7bad99b,
		0x3bdb7bbb,
		0x32d570b6,
		0x29c76da1,
		0x20c966ac,
		0x1fe3578f,
		0x16ed5c82,
		0x0dff4195,
		0x04f14a98,
		0x73ab23d3,
		0x7aa528de,
		0x61b735c9,
		0x68b93ec4,
		0x57930fe7,
		0x5e9d04ea,
		0x458f19fd,
		0x4c8112f0,
		0xab3bcb6b,
		0xa235c066,
		0xb927dd71,
		0xb029d67c,
		0x8f03e75f,
		0x860dec52,
		0x9d1ff145,
		0x9411fa48,
		0xe34b9303,
		0xea45980e,
		0xf1578519,
		0xf8598e14,
		0xc773bf37,
		0xce7db43a,
		0xd56fa92d,
		0xdc61a220,
		0x76adf66d,
		0x7fa3fd60,
		0x64b1e077,
		0x6dbfeb7a,
		0x5295da59,
		0x5b9bd154,
		0x4089cc43,
		0x4987c74e,
		0x3eddae05,
		0x37d3a508,
		0x2cc1b81f,
		0x25cfb312,
		0x1ae58231,
		0x13eb893c,
		0x08f9942b,
		0x01f79f26,
		0xe64d46bd,
		0xef434db0,
		0xf45150a7,
		0xfd5f5baa,
		0xc2756a89,
		0xcb7b6184,
		0xd0697c93,
		0xd967779e,
		0xae3d1ed5,
		0xa73315d8,
		0xbc2108cf,
		0xb52f03c2,
		0x8a0532e1,
		0x830b39ec,
		0x981924fb,
		0x91172ff6,
		0x4d768dd6,
		0x447886db,
		0x5f6a9bcc,
		0x566490c1,
		0x694ea1e2,
		0x6040aaef,
		0x7b52b7f8,
		0x725cbcf5,
		0x0506d5be,
		0x0c08deb3,
		0x171ac3a4,
		0x1e14c8a9,
		0x213ef98a,
		0x2830f287,
		0x3322ef90,
		0x3a2ce49d,
		0xdd963d06,
		0xd498360b,
		0xcf8a2b1c,
		0xc6842011,
		0xf9ae1132,
		0xf0a01a3f,
		0xebb20728,
		0xe2bc0c25,
		0x95e6656e,
		0x9ce86e63,
		0x87fa7374,
		0x8ef47879,
		0xb1de495a,
		0xb8d04257,
		0xa3c25f40,
		0xaacc544d,
		0xec41f7da,
		0xe54ffcd7,
		0xfe5de1c0,
		0xf753eacd,
		0xc879dbee,
		0xc177d0e3,
		0xda65cdf4,
		0xd36bc6f9,
		0xa431afb2,
		0xad3fa4bf,
		0xb62db9a8,
		0xbf23b2a5,
		0x80098386,
		0x8907888b,
		0x9215959c,
		0x9b1b9e91,
		0x7ca1470a,
		0x75af4c07,
		0x6ebd5110,
		0x67b35a1d,
		0x58996b3e,
		0x51976033,
		0x4a857d24,
		0x438b7629,
		0x34d11f62,
		0x3ddf146f,
		0x26cd0978,
		0x2fc30275,
		0x10e93356,
		0x19e7385b,
		0x02f5254c,
		0x0bfb2e41,
		0xd79a8c61,
		0xde94876c,
		0xc5869a7b,
		0xcc889176,
		0xf3a2a055,
		0xfaacab58,
		0xe1beb64f,
		0xe8b0bd42,
		0x9fead409,
		0x96e4df04,
		0x8df6c213,
		0x84f8c91e,
		0xbbd2f83d,
		0xb2dcf330,
		0xa9ceee27,
		0xa0c0e52a,
		0x477a3cb1,
		0x4e7437bc,
		0x55662aab,
		0x5c6821a6,
		0x63421085,
		0x6a4c1b88,
		0x715e069f,
		0x78500d92,
		0x0f0a64d9,
		0x06046fd4,
		0x1d1672c3,
		0x141879ce,
		0x2b3248ed,
		0x223c43e0,
		0x392e5ef7,
		0x302055fa,
		0x9aec01b7,
		0x93e20aba,
		0x88f017ad,
		0x81fe1ca0,
		0xbed42d83,
		0xb7da268e,
		0xacc83b99,
		0xa5c63094,
		0xd29c59df,
		0xdb9252d2,
		0xc0804fc5,
		0xc98e44c8,
		0xf6a475eb,
		0xffaa7ee6,
		0xe4b863f1,
		0xedb668fc,
		0x0a0cb167,
		0x0302ba6a,
		0x1810a77d,
		0x111eac70,
		0x2e349d53,
		0x273a965e,
		0x3c288b49,
		0x35268044,
		0x427ce90f,
		0x4b72e202,
		0x5060ff15,
		0x596ef418,
		0x6644c53b,
		0x6f4ace36,
		0x7458d321,
		0x7d56d82c,
		0xa1377a0c,
		0xa8397101,
		0xb32b6c16,
		0xba25671b,
		0x850f5638,
		0x8c015d35,
		0x97134022,
		0x9e1d4b2f,
		0xe9472264,
		0xe0492969,
		0xfb5b347e,
		0xf2553f73,
		0xcd7f0e50,
		0xc471055d,
		0xdf63184a,
		0xd66d1347,
		0x31d7cadc,
		0x38d9c1d1,
		0x23cbdcc6,
		0x2ac5d7cb,
		0x15efe6e8,
		0x1ce1ede5,
		0x07f3f0f2,
		0x0efdfbff,
		0x79a792b4,
		0x70a999b9,
		0x6bbb84ae,
		0x62b58fa3,
		0x5d9fbe80,
		0x5491b58d,
		0x4f83a89a,
		0x468da397,
	},
	{
		0x00000000,
		0x0e0b0d09,
		0x1c161a12,
		0x121d171b,
		0x382c3424,
		0x3627392d,
		0x243a2e36,
		0x2a31233f,
		0x70586848,
		0x7e536541,
		0x6c4e725a,
		0x62457f53,
		0x48745c6c,
		0x467f5165,
		0x5462467e,
		0x5a694b77,
		0xe0b0d090,
		0xeebbdd99,
		0xfca6ca82,
		0xf2adc78b,
		0xd89ce4b4,
		0xd697e9bd,
		0xc48afea6,
		0xca81f3af,
		0x90e8b8d8,
		0x9ee3b5d1,
		0x8cfea2ca,
		0x82f5afc3,
		0xa8c48cfc,
		0xa6cf81f5,
		0xb4d296ee,
		0xbad99be7,
		0xdb7bbb3b,
		0xd570b632,
		0xc76da129,
		0xc966ac20,
		0xe3578f1f,
		0xed5c8216,
		0xff41950d,
		0xf14a9804,
		0xab23d373,
		0xa528de7a,
		0xb735c961,
		0xb93ec468,
		0x930fe757,
		0x9d04ea5e,
		0x8f19fd45,
		0x8112f04c,
		0x3bcb6bab,
		0x35c066a2,
		0x27dd71b9,
		0x29d67cb0,
		0x03e75f8f,
		0x0dec5286,
		0x1ff1459d,
		0x11fa4894,
		0x4b9303e3,
		0x45980eea,
		0x578519f1,
		0x598e14f8,
		0x73bf37c7,
		0x7db43ace,
		0x6fa92dd5,
		0x61a220dc,
		0xadf66d76,
		0xa3fd607f,
		0xb1e07764,
		0xbfeb7a6d,
		0x95da5952,
		0x9bd1545b,
		0x89cc4340,
		0x87c74e49,
		0xddae053e,
		0xd3a50837,
		0xc1b81f2c,
		0xcfb31225,
		0xe582311a,
		0xeb893c13,
		0xf9942b08,
		0xf79f2601,
		0x4d46bde6,
		0x434db0ef,
		0x5150a7f4,
		0x5f5baafd,
		0x756a89c2,
		0x7b6184cb,
		0x697c93d0,
		0x67779ed9,
		0x3d1ed5ae,
		0x3315d8a7,
		0x2108cfbc,
		0x2f03c2b5,
		0x0532e18a,
		0x0b39ec83,
		0x1924fb98,
		0x172ff691,
		0x768dd64d,
		0x7886db44,
		0x6a9bcc5f,
		0x6490c156,
		0x4ea1e269,
		0x40aaef60,
		0x52b7f87b,
		0x5cbcf572,
		0x06d5be05,
		0x08deb30c,
		0x1ac3a417,
		0x14c8a91e,
		0x3ef98a21,
		0x30f28728,
		0x22ef9033,
		0x2ce49d3a,
		0x963d06dd,
		0x98360bd4,
		0x8a2b1ccf,
		0x842011c6,
		0xae1132f9,
		0xa01a3ff0,
		0xb20728eb,
		0xbc0c25e2,
		0xe6656e95,
		0xe86e639c,
		0xfa737487,
		0xf478798e,
		0xde495ab1,
		0xd04257b8,
		0xc25f40a3,
		0xcc544daa,
		0x41f7daec,
		0x4ffcd7e5,
		0x5de1c0fe,
		0x53eacdf7,
		0x79dbeec8,
		0x77d0e3c1,
		0x65cdf4da,
		0x6bc6f9d3,
		0x31afb2a4,
		0x3fa4bfad,
		0x2db9a8b6,
		0x23b2a5bf,
		0x09838680,
		0x07888b89,
		0x15959c92,
		0x1b9e919b,
		0xa1470a7c,
		0xaf4c0775,
		0xbd51106e,
		0xb35a1d67,
		0x996b3e58,
		0x97603351,
		0x857d244a,
		0x8b762943,
		0xd11f6234,
		0xdf146f3d,
		0xcd097826,
		0xc302752f,
		0xe9335610,
		0xe7385b19,
		0xf5254c02,
		0xfb2e410b,
		0x9a8c61d7,
		0x94876cde,
		0x869a7bc5,
		0x889176cc,
		0xa2a055f3,
		0xacab58fa,
		0xbeb64fe1,
		0xb0bd42e8,
		0xead4099f,
		0xe4df0496,
		0xf6c2138d,
		0xf8c91e84,
		0xd2f83dbb,
		0xdcf330b2,
		0xceee27a9,
		0xc0e52aa0,
		0x7a3cb147,
		0x7437bc4e,
		0x662aab55,
		0x6821a65c,
		0x42108563,
		0x4c1b886a,
		0x5e069f71,
		0x500d9278,
		0x0a64d90f,
		0x046fd406,
		0x1672c31d,
		0x1879ce14,
		0x3248ed2b,
		0x3c43e022,
		0x2e5ef739,
		0x2055fa30,
		0xec01b79a,
		0xe20aba93,
		0xf017ad88,
		0xfe1ca081,
		0xd42d83be,
		0xda268eb7,
		0xc83b99ac,
		0xc63094a5,
		0x9c59dfd2,
		0x9252d2db,
		0x804fc5c0,
		0x8e44c8c9,
		0xa475ebf6,
		0xaa7ee6ff,
		0xb863f1e4,
		0xb668fced,
		0x0cb1670a,
		0x02ba6a03,
		0x10a77d18,
		0x1eac7011,
		0x349d532e,
		0x3a965e27,
		0x288b493c,
		0x26804435,
		0x7ce90f42,
		0x72e2024b,
		0x60ff1550,
		0x6ef41859,
		0x44c53b66,
		0x4ace366f,
		0x58d32174,
		0x56d82c7d,
		0x377a0ca1,
		0x397101a8,
		0x2b6c16b3,
		0x25671bba,
		0x0f563885,
		0x015d358c,
		0x13402297,
		0x1d4b2f9e,
		0x472264e9,
		0x492969e0,
		0x5b347efb,
		0x553f73f2,
		0x7f0e50cd,
		0x71055dc4,
		0x63184adf,
		0x6d1347d6,
		0xd7cadc31,
		0xd9c1d138,
		0xcbdcc623,
		0xc5d7cb2a,
		0xefe6e815,
		0xe1ede51c,
		0xf3f0f207,
		0xfdfbff0e,
		0xa792b479,
		0xa999b970,
		0xbb84ae6b,
		0xb58fa362,
		0x9fbe805d,
		0x91b58d54,
		0x83a89a4f,
		0x8da39746,
	},
};


// Tables for main encryption iterations.
const Word AESEncryptTable[4][256] =
{
	{
		0xa56363c6,
		0x847c7cf8,
		0x997777ee,
		0x8d7b7bf6,
		0x0df2f2ff,
		0xbd6b6bd6,
		0xb16f6fde,
		0x54c5c591,
		0x50303060,
		0x03010102,
		0xa96767ce,
		0x7d2b2b56,
		0x19fefee7,
		0x62d7d7b5,
		0xe6abab4d,
		0x9a7676ec,
		0x45caca8f,
		0x9d82821f,
		0x40c9c989,
		0x877d7dfa,
		0x15fafaef,
		0xeb5959b2,
		0xc947478e,
		0x0bf0f0fb,
		0xecadad41,
		0x67d4d4b3,
		0xfda2a25f,
		0xeaafaf45,
		0xbf9c9c23,
		0xf7a4a453,
		0x967272e4,
		0x5bc0c09b,
		0xc2b7b775,
		0x1cfdfde1,
		0xae93933d,
		0x6a26264c,
		0x5a36366c,
		0x413f3f7e,
		0x02f7f7f5,
		0x4fcccc83,
		0x5c343468,
		0xf4a5a551,
		0x34e5e5d1,
		0x08f1f1f9,
		0x937171e2,
		0x73d8d8ab,
		0x53313162,
		0x3f15152a,
		0x0c040408,
		0x52c7c795,
		0x65232346,
		0x5ec3c39d,
		0x28181830,
		0xa1969637,
		0x0f05050a,
		0xb59a9a2f,
		0x0907070e,
		0x36121224,
		0x9b80801b,
		0x3de2e2df,
		0x26ebebcd,
		0x6927274e,
		0xcdb2b27f,
		0x9f7575ea,
		0x1b090912,
		0x9e83831d,
		0x742c2c58,
		0x2e1a1a34,
		0x2d1b1b36,
		0xb26e6edc,
		0xee5a5ab4,
		0xfba0a05b,
		0xf65252a4,
		0x4d3b3b76,
		0x61d6d6b7,
		0xceb3b37d,
		0x7b292952,
		0x3ee3e3dd,
		0x712f2f5e,
		0x97848413,
		0xf55353a6,
		0x68d1d1b9,
		0x00000000,
		0x2cededc1,
		0x60202040,
		0x1ffcfce3,
		0xc8b1b179,
		0xed5b5bb6,
		0xbe6a6ad4,
		0x46cbcb8d,
		0xd9bebe67,
		0x4b393972,
		0xde4a4a94,
		0xd44c4c98,
		0xe85858b0,
		0x4acfcf85,
		0x6bd0d0bb,
		0x2aefefc5,
		0xe5aaaa4f,
		0x16fbfbed,
		0xc5434386,
		0xd74d4d9a,
		0x55333366,
		0x94858511,
		0xcf45458a,
		0x10f9f9e9,
		0x06020204,
		0x817f7ffe,
		0xf05050a0,
		0x443c3c78,
		0xba9f9f25,
		0xe3a8a84b,
		0xf35151a2,
		0xfea3a35d,
		0xc0404080,
		0x8a8f8f05,
		0xad92923f,
		0xbc9d9d21,
		0x48383870,
		0x04f5f5f1,
		0xdfbcbc63,
		0xc1b6b677,
		0x75dadaaf,
		0x63212142,
		0x30101020,
		0x1affffe5,
		0x0ef3f3fd,
		0x6dd2d2bf,
		0x4ccdcd81,
		0x140c0c18,
		0x35131326,
		0x2fececc3,
		0xe15f5fbe,
		0xa2979735,
		0xcc444488,
		0x3917172e,
		0x57c4c493,
		0xf2a7a755,
		0x827e7efc,
		0x473d3d7a,
		0xac6464c8,
		0xe75d5dba,
		0x2b191932,
		0x957373e6,
		0xa06060c0,
		0x98818119,
		0xd14f4f9e,
		0x7fdcdca3,
		0x66222244,
		0x7e2a2a54,
		0xab90903b,
		0x8388880b,
		0xca46468c,
		0x29eeeec7,
		0xd3b8b86b,
		0x3c141428,
		0x79dedea7,
		0xe25e5ebc,
		0x1d0b0b16,
		0x76dbdbad,
		0x3be0e0db,
		0x56323264,
		0x4e3a3a74,
		0x1e0a0a14,
		0xdb494992,
		0x0a06060c,
		0x6c242448,
		0xe45c5cb8,
		0x5dc2c29f,
		0x6ed3d3bd,
		0xefacac43,
		0xa66262c4,
		0xa8919139,
		0xa4959531,
		0x37e4e4d3,
		0x8b7979f2,
		0x32e7e7d5,
		0x43c8c88b,
		0x5937376e,
		0xb76d6dda,
		0x8c8d8d01,
		0x64d5d5b1,
		0xd24e4e9c,
		0xe0a9a949,
		0xb46c6cd8,
		0xfa5656ac,
		0x07f4f4f3,
		0x25eaeacf,
		0xaf6565ca,
		0x8e7a7af4,
		0xe9aeae47,
		0x18080810,
		0xd5baba6f,
		0x887878f0,
		0x6f25254a,
		0x722e2e5c,
		0x241c1c38,
		0xf1a6a657,
		0xc7b4b473,
		0x51c6c697,
		0x23e8e8cb,
		0x7cdddda1,
		0x9c7474e8,
		0x211f1f3e,
		0xdd4b4b96,
		0xdcbdbd61,
		0x868b8b0d,
		0x858a8a0f,
		0x907070e0,
		0x423e3e7c,
		0xc4b5b571,
		0xaa6666cc,
		0xd8484890,
		0x05030306,
		0x01f6f6f7,
		0x120e0e1c,
		0xa36161c2,
		0x5f35356a,
		0xf95757ae,
		0xd0b9b969,
		0x91868617,
		0x58c1c199,
		0x271d1d3a,
		0xb99e9e27,
		0x38e1e1d9,
		0x13f8f8eb,
		0xb398982b,
		0x33111122,
		0xbb6969d2,
		0x70d9d9a9,
		0x898e8e07,
		0xa7949433,
		0xb69b9b2d,
		0x221e1e3c,
		0x92878715,
		0x20e9e9c9,
		0x49cece87,
		0xff5555aa,
		0x78282850,
		0x7adfdfa5,
		0x8f8c8c03,
		0xf8a1a159,
		0x80898909,
		0x170d0d1a,
		0xdabfbf65,
		0x31e6e6d7,
		0xc6424284,
		0xb86868d0,
		0xc3414182,
		0xb0999929,
		0x772d2d5a,
		0x110f0f1e,
		0xcbb0b07b,
		0xfc5454a8,
		0xd6bbbb6d,
		0x3a16162c,
	},
	{
		0x6363c6a5,
		0x7c7cf884,
		0x7777ee99,
		0x7b7bf68d,
		0xf2f2ff0d,
		0x6b6bd6bd,
		0x6f6fdeb1,
		0xc5c59154,
		0x30306050,
		0x01010203,
		0x6767cea9,
		0x2b2b567d,
		0xfefee719,
		0xd7d7b562,
		0xabab4de6,
		0x7676ec9a,
		0xcaca8f45,
		0x82821f9d,
		0xc9c98940,
		0x7d7dfa87,
		0xfafaef15,
		0x5959b2eb,
		0x47478ec9,
		0xf0f0fb0b,
		0xadad41ec,
		0xd4d4b367,
		0xa2a25ffd,
		0xafaf45ea,
		0x9c9c23bf,
		0xa4a453f7,
		0x7272e496,
		0xc0c09b5b,
		0xb7b775c2,
		0xfdfde11c,
		0x93933dae,
		0x26264c6a,
		0x36366c5a,
		0x3f3f7e41,
		0xf7f7f502,
		0xcccc834f,
		0x3434685c,
		0xa5a551f4,
		0xe5e5d134,
		0xf1f1f908,
		0x7171e293,
		0xd8d8ab73,
		0x31316253,
		0x15152a3f,
		0x0404080c,
		0xc7c79552,
		0x23234665,
		0xc3c39d5e,
		0x18183028,
		0x969637a1,
		0x05050a0f,
		0x9a9a2fb5,
		0x07070e09,
		0x12122436,
		0x80801b9b,
		0xe2e2df3d,
		0xebebcd26,
		0x27274e69,
		0xb2b27fcd,
		0x7575ea9f,
		0x0909121b,
		0x83831d9e,
		0x2c2c5874,
		0x1a1a342e,
		0x1b1b362d,
		0x6e6edcb2,
		0x5a5ab4ee,
		0xa0a05bfb,
		0x5252a4f6,
		0x3b3b764d,
		0xd6d6b761,
		0xb3b37dce,
		0x2929527b,
		0xe3e3dd3e,
		0x2f2f5e71,
		0x84841397,
		0x5353a6f5,
		0xd1d1b968,
		0x00000000,
		0xededc12c,
		0x20204060,
		0xfcfce31f,
		0xb1b179c8,
		0x5b5bb6ed,
		0x6a6ad4be,
		0xcbcb8d46,
		0xbebe67d9,
		0x3939724b,
		0x4a4a94de,
		0x4c4c98d4,
		0x5858b0e8,
		0xcfcf854a,
		0xd0d0bb6b,
		0xefefc52a,
		0xaaaa4fe5,
		0xfbfbed16,
		0x434386c5,
		0x4d4d9ad7,
		0x33336655,
		0x85851194,
		0x45458acf,
		0xf9f9e910,
		0x02020406,
		0x7f7ffe81,
		0x5050a0f0,
		0x3c3c7844,
		0x9f9f25ba,
		0xa8a84be3,
		0x5151a2f3,
		0xa3a35dfe,
		0x404080c0,
		0x8f8f058a,
		0x92923fad,
		0x9d9d21bc,
		0x38387048,
		0xf5f5f104,
		0xbcbc63df,
		0xb6b677c1,
		0xdadaaf75,
		0x21214263,
		0x10102030,
		0xffffe51a,
		0xf3f3fd0e,
		0xd2d2bf6d,
		0xcdcd814c,
		0x0c0c1814,
		0x13132635,
		0xececc32f,
		0x5f5fbee1,
		0x979735a2,
		0x444488cc,
		0x17172e39,
		0xc4c49357,
		0xa7a755f2,
		0x7e7efc82,
		0x3d3d7a47,
		0x6464c8ac,
		0x5d5dbae7,
		0x1919322b,
		0x7373e695,
		0x6060c0a0,
		0x81811998,
		0x4f4f9ed1,
		0xdcdca37f,
		0x22224466,
		0x2a2a547e,
		0x90903bab,
		0x88880b83,
		0x46468cca,
		0xeeeec729,
		0xb8b86bd3,
		0x1414283c,
		0xdedea779,
		0x5e5ebce2,
		0x0b0b161d,
		0xdbdbad76,
		0xe0e0db3b,
		0x32326456,
		0x3a3a744e,
		0x0a0a141e,
		0x494992db,
		0x06060c0a,
		0x2424486c,
		0x5c5cb8e4,
		0xc2c29f5d,
		0xd3d3bd6e,
		0xacac43ef,
		0x6262c4a6,
		0x919139a8,
		0x959531a4,
		0xe4e4d337,
		0x7979f28b,
		0xe7e7d532,
		0xc8c88b43,
		0x37376e59,
		0x6d6ddab7,
		0x8d8d018c,
		0xd5d5b164,
		0x4e4e9cd2,
		0xa9a949e0,
		0x6c6cd8b4,
		0x5656acfa,
		0xf4f4f307,
		0xeaeacf25,
		0x6565caaf,
		0x7a7af48e,
		0xaeae47e9,
		0x08081018,
		0xbaba6fd5,
		0x7878f088,
		0x25254a6f,
		0x2e2e5c72,
		0x1c1c3824,
		0xa6a657f1,
		0xb4b473c7,
		0xc6c69751,
		0xe8e8cb23,
		0xdddda17c,
		0x7474e89c,
		0x1f1f3e21,
		0x4b4b96dd,
		0xbdbd61dc,
		0x8b8b0d86,
		0x8a8a0f85,
		0x7070e090,
		0x3e3e7c42,
		0xb5b571c4,
		0x6666ccaa,
		0x484890d8,
		0x03030605,
		0xf6f6f701,
		0x0e0e1c12,
		0x6161c2a3,
		0x35356a5f,
		0x5757aef9,
		0xb9b969d0,
		0x86861791,
		0xc1c19958,
		0x1d1d3a27,
		0x9e9e27b9,
		0xe1e1d938,
		0xf8f8eb13,
		0x98982bb3,
		0x11112233,
		0x6969d2bb,
		0xd9d9a970,
		0x8e8e0789,
		0x949433a7,
		0x9b9b2db6,
		0x1e1e3c22,
		0x87871592,
		0xe9e9c920,
		0xcece8749,
		0x5555aaff,
		0x28285078,
		0xdfdfa57a,
		0x8c8c038f,
		0xa1a159f8,
		0x89890980,
		0x0d0d1a17,
		0xbfbf65da,
		0xe6e6d731,
		0x424284c6,
		0x6868d0b8,
		0x414182c3,
		0x999929b0,
		0x2d2d5a77,
		0x0f0f1e11,
		0xb0b07bcb,
		0x5454a8fc,
		0xbbbb6dd6,
		0x16162c3a,
	},
	{
		0x63c6a563,
		0x7cf8847c,
		0x77ee9977,
		0x7bf68d7b,
		0xf2ff0df2,
		0x6bd6bd6b,
		0x6fdeb16f,
		0xc59154c5,
		0x30605030,
		0x01020301,
		0x67cea967,
		0x2b567d2b,
		0xfee719fe,
		0xd7b562d7,
		0xab4de6ab,
		0x76ec9a76,
		0xca8f45ca,
		0x821f9d82,
		0xc98940c9,
		0x7dfa877d,
		0xfaef15fa,
		0x59b2eb59,
		0x478ec947,
		0xf0fb0bf0,
		0xad41ecad,
		0xd4b367d4,
		0xa25ffda2,
		0xaf45eaaf,
		0x9c23bf9c,
		0xa453f7a4,
		0x72e49672,
		0xc09b5bc0,
		0xb775c2b7,
		0xfde11cfd,
		0x933dae93,
		0x264c6a26,
		0x366c5a36,
		0x3f7e413f,
		0xf7f502f7,
		0xcc834fcc,
		0x34685c34,
		0xa551f4a5,
		0xe5d134e5,
		0xf1f908f1,
		0x71e29371,
		0xd8ab73d8,
		0x31625331,
		0x152a3f15,
		0x04080c04,
		0xc79552c7,
		0x23466523,
		0xc39d5ec3,
		0x18302818,
		0x9637a196,
		0x050a0f05,
		0x9a2fb59a,
		0x070e0907,
		0x12243612,
		0x801b9b80,
		0xe2df3de2,
		0xebcd26eb,
		0x274e6927,
		0xb27fcdb2,
		0x75ea9f75,
		0x09121b09,
		0x831d9e83,
		0x2c58742c,
		0x1a342e1a,
		0x1b362d1b,
		0x6edcb26e,
		0x5ab4ee5a,
		0xa05bfba0,
		0x52a4f652,
		0x3b764d3b,
		0xd6b761d6,
		0xb37dceb3,
		0x29527b29,
		0xe3dd3ee3,
		0x2f5e712f,
		0x84139784,
		0x53a6f553,
		0xd1b968d1,
		0x00000000,
		0xedc12ced,
		0x20406020,
		0xfce31ffc,
		0xb179c8b1,
		0x5bb6ed5b,
		0x6ad4be6a,
		0xcb8d46cb,
		0xbe67d9be,
		0x39724b39,
		0x4a94de4a,
		0x4c98d44c,
		0x58b0e858,
		0xcf854acf,
		0xd0bb6bd0,
		0xefc52aef,
		0xaa4fe5aa,
		0xfbed16fb,
		0x4386c543,
		0x4d9ad74d,
		0x33665533,
		0x85119485,
		0x458acf45,
		0xf9e910f9,
		0x02040602,
		0x7ffe817f,
		0x50a0f050,
		0x3c78443c,
		0x9f25ba9f,
		0xa84be3a8,
		0x51a2f351,
		0xa35dfea3,
		0x4080c040,
		0x8f058a8f,
		0x923fad92,
		0x9d21bc9d,
		0x38704838,
		0xf5f104f5,
		0xbc63dfbc,
		0xb677c1b6,
		0xdaaf75da,
		0x21426321,
		0x10203010,
		0xffe51aff,
		0xf3fd0ef3,
		0xd2bf6dd2,
		0xcd814ccd,
		0x0c18140c,
		0x13263513,
		0xecc32fec,
		0x5fbee15f,
		0x9735a297,
		0x4488cc44,
		0x172e3917,
		0xc49357c4,
		0xa755f2a7,
		0x7efc827e,
		0x3d7a473d,
		0x64c8ac64,
		0x5dbae75d,
		0x19322b19,
		0x73e69573,
		0x60c0a060,
		0x81199881,
		0x4f9ed14f,
		0xdca37fdc,
		0x22446622,
		0x2a547e2a,
		0x903bab90,
		0x880b8388,
		0x468cca46,
		0xeec729ee,
		0xb86bd3b8,
		0x14283c14,
		0xdea779de,
		0x5ebce25e,
		0x0b161d0b,
		0xdbad76db,
		0xe0db3be0,
		0x32645632,
		0x3a744e3a,
		0x0a141e0a,
		0x4992db49,
		0x060c0a06,
		0x24486c24,
		0x5cb8e45c,
		0xc29f5dc2,
		0xd3bd6ed3,
		0xac43efac,
		0x62c4a662,
		0x9139a891,
		0x9531a495,
		0xe4d337e4,
		0x79f28b79,
		0xe7d532e7,
		0xc88b43c8,
		0x376e5937,
		0x6ddab76d,
		0x8d018c8d,
		0xd5b164d5,
		0x4e9cd24e,
		0xa949e0a9,
		0x6cd8b46c,
		0x56acfa56,
		0xf4f307f4,
		0xeacf25ea,
		0x65caaf65,
		0x7af48e7a,
		0xae47e9ae,
		0x08101808,
		0xba6fd5ba,
		0x78f08878,
		0x254a6f25,
		0x2e5c722e,
		0x1c38241c,
		0xa657f1a6,
		0xb473c7b4,
		0xc69751c6,
		0xe8cb23e8,
		0xdda17cdd,
		0x74e89c74,
		0x1f3e211f,
		0x4b96dd4b,
		0xbd61dcbd,
		0x8b0d868b,
		0x8a0f858a,
		0x70e09070,
		0x3e7c423e,
		0xb571c4b5,
		0x66ccaa66,
		0x4890d848,
		0x03060503,
		0xf6f701f6,
		0x0e1c120e,
		0x61c2a361,
		0x356a5f35,
		0x57aef957,
		0xb969d0b9,
		0x86179186,
		0xc19958c1,
		0x1d3a271d,
		0x9e27b99e,
		0xe1d938e1,
		0xf8eb13f8,
		0x982bb398,
		0x11223311,
		0x69d2bb69,
		0xd9a970d9,
		0x8e07898e,
		0x9433a794,
		0x9b2db69b,
		0x1e3c221e,
		0x87159287,
		0xe9c920e9,
		0xce8749ce,
		0x55aaff55,
		0x28507828,
		0xdfa57adf,
		0x8c038f8c,
		0xa159f8a1,
		0x89098089,
		0x0d1a170d,
		0xbf65dabf,
		0xe6d731e6,
		0x4284c642,
		0x68d0b868,
		0x4182c341,
		0x9929b099,
		0x2d5a772d,
		0x0f1e110f,
		0xb07bcbb0,
		0x54a8fc54,
		0xbb6dd6bb,
		0x162c3a16,
	},
	{
		0xc6a56363,
		0xf8847c7c,
		0xee997777,
		0xf68d7b7b,
		0xff0df2f2,
		0xd6bd6b6b,
		0xdeb16f6f,
		0x9154c5c5,
		0x60503030,
		0x02030101,
		0xcea96767,
		0x567d2b2b,
		0xe719fefe,
		0xb562d7d7,
		0x4de6abab,
		0xec9a7676,
		0x8f45caca,
		0x1f9d8282,
		0x8940c9c9,
		0xfa877d7d,
		0xef15fafa,
		0xb2eb5959,
		0x8ec94747,
		0xfb0bf0f0,
		0x41ecadad,
		0xb367d4d4,
		0x5ffda2a2,
		0x45eaafaf,
		0x23bf9c9c,
		0x53f7a4a4,
		0xe4967272,
		0x9b5bc0c0,
		0x75c2b7b7,
		0xe11cfdfd,
		0x3dae9393,
		0x4c6a2626,
		0x6c5a3636,
		0x7e413f3f,
		0xf502f7f7,
		0x834fcccc,
		0x685c3434,
		0x51f4a5a5,
		0xd134e5e5,
		0xf908f1f1,
		0xe2937171,
		0xab73d8d8,
		0x62533131,
		0x2a3f1515,
		0x080c0404,
		0x9552c7c7,
		0x46652323,
		0x9d5ec3c3,
		0x30281818,
		0x37a19696,
		0x0a0f0505,
		0x2fb59a9a,
		0x0e090707,
		0x24361212,
		0x1b9b8080,
		0xdf3de2e2,
		0xcd26ebeb,
		0x4e692727,
		0x7fcdb2b2,
		0xea9f7575,
		0x121b0909,
		0x1d9e8383,
		0x58742c2c,
		0x342e1a1a,
		0x362d1b1b,
		0xdcb26e6e,
		0xb4ee5a5a,
		0x5bfba0a0,
		0xa4f65252,
		0x764d3b3b,
		0xb761d6d6,
		0x7dceb3b3,
		0x527b2929,
		0xdd3ee3e3,
		0x5e712f2f,
		0x13978484,
		0xa6f55353,
		0xb968d1d1,
		0x00000000,
		0xc12ceded,
		0x40602020,
		0xe31ffcfc,
		0x79c8b1b1,
		0xb6ed5b5b,
		0xd4be6a6a,
		0x8d46cbcb,
		0x67d9bebe,
		0x724b3939,
		0x94de4a4a,
		0x98d44c4c,
		0xb0e85858,
		0x854acfcf,
		0xbb6bd0d0,
		0xc52aefef,
		0x4fe5aaaa,
		0xed16fbfb,
		0x86c54343,
		0x9ad74d4d,
		0x66553333,
		0x11948585,
		0x8acf4545,
		0xe910f9f9,
		0x04060202,
		0xfe817f7f,
		0xa0f05050,
		0x78443c3c,
		0x25ba9f9f,
		0x4be3a8a8,
		0xa2f35151,
		0x5dfea3a3,
		0x80c04040,
		0x058a8f8f,
		0x3fad9292,
		0x21bc9d9d,
		0x70483838,
		0xf104f5f5,
		0x63dfbcbc,
		0x77c1b6b6,
		0xaf75dada,
		0x42632121,
		0x20301010,
		0xe51affff,
		0xfd0ef3f3,
		0xbf6dd2d2,
		0x814ccdcd,
		0x18140c0c,
		0x26351313,
		0xc32fecec,
		0xbee15f5f,
		0x35a29797,
		0x88cc4444,
		0x2e391717,
		0x9357c4c4,
		0x55f2a7a7,
		0xfc827e7e,
		0x7a473d3d,
		0xc8ac6464,
		0xbae75d5d,
		0x322b1919,
		0xe6957373,
		0xc0a06060,
		0x19988181,
		0x9ed14f4f,
		0xa37fdcdc,
		0x44662222,
		0x547e2a2a,
		0x3bab9090,
		0x0b838888,
		0x8cca4646,
		0xc729eeee,
		0x6bd3b8b8,
		0x283c1414,
		0xa779dede,
		0xbce25e5e,
		0x161d0b0b,
		0xad76dbdb,
		0xdb3be0e0,
		0x64563232,
		0x744e3a3a,
		0x141e0a0a,
		0x92db4949,
		0x0c0a0606,
		0x486c2424,
		0xb8e45c5c,
		0x9f5dc2c2,
		0xbd6ed3d3,
		0x43efacac,
		0xc4a66262,
		0x39a89191,
		0x31a49595,
		0xd337e4e4,
		0xf28b7979,
		0xd532e7e7,
		0x8b43c8c8,
		0x6e593737,
		0xdab76d6d,
		0x018c8d8d,
		0xb164d5d5,
		0x9cd24e4e,
		0x49e0a9a9,
		0xd8b46c6c,
		0xacfa5656,
		0xf307f4f4,
		0xcf25eaea,
		0xcaaf6565,
		0xf48e7a7a,
		0x47e9aeae,
		0x10180808,
		0x6fd5baba,
		0xf0887878,
		0x4a6f2525,
		0x5c722e2e,
		0x38241c1c,
		0x57f1a6a6,
		0x73c7b4b4,
		0x9751c6c6,
		0xcb23e8e8,
		0xa17cdddd,
		0xe89c7474,
		0x3e211f1f,
		0x96dd4b4b,
		0x61dcbdbd,
		0x0d868b8b,
		0x0f858a8a,
		0xe0907070,
		0x7c423e3e,
		0x71c4b5b5,
		0xccaa6666,
		0x90d84848,
		0x06050303,
		0xf701f6f6,
		0x1c120e0e,
		0xc2a36161,
		0x6a5f3535,
		0xaef95757,
		0x69d0b9b9,
		0x17918686,
		0x9958c1c1,
		0x3a271d1d,
		0x27b99e9e,
		0xd938e1e1,
		0xeb13f8f8,
		0x2bb39898,
		0x22331111,
		0xd2bb6969,
		0xa970d9d9,
		0x07898e8e,
		0x33a79494,
		0x2db69b9b,
		0x3c221e1e,
		0x15928787,
		0xc920e9e9,
		0x8749cece,
		0xaaff5555,
		0x50782828,
		0xa57adfdf,
		0x038f8c8c,
		0x59f8a1a1,
		0x09808989,
		0x1a170d0d,
		0x65dabfbf,
		0xd731e6e6,
		0x84c64242,
		0xd0b86868,
		0x82c34141,
		0x29b09999,
		0x5a772d2d,
		0x1e110f0f,
		0x7bcbb0b0,
		0xa8fc5454,
		0x6dd6bbbb,
		0x2c3a1616,
	},
};


// Tables for main decryption iterations.
const Word AESDecryptTable[4][256] =
{
	{
		0x50a7f451,
		0x5365417e,
		0xc3a4171a,
		0x965e273a,
		0xcb6bab3b,
		0xf1459d1f,
		0xab58faac,
		0x9303e34b,
		0x55fa3020,
		0xf66d76ad,
		0x9176cc88,
		0x254c02f5,
		0xfcd7e54f,
		0xd7cb2ac5,
		0x80443526,
		0x8fa362b5,
		0x495ab1de,
		0x671bba25,
		0x980eea45,
		0xe1c0fe5d,
		0x02752fc3,
		0x12f04c81,
		0xa397468d,
		0xc6f9d36b,
		0xe75f8f03,
		0x959c9215,
		0xeb7a6dbf,
		0xda595295,
		0x2d83bed4,
		0xd3217458,
		0x2969e049,
		0x44c8c98e,
		0x6a89c275,
		0x78798ef4,
		0x6b3e5899,
		0xdd71b927,
		0xb64fe1be,
		0x17ad88f0,
		0x66ac20c9,
		0xb43ace7d,
		0x184adf63,
		0x82311ae5,
		0x60335197,
		0x457f5362,
		0xe07764b1,
		0x84ae6bbb,
		0x1ca081fe,
		0x942b08f9,
		0x58684870,
		0x19fd458f,
		0x876cde94,
		0xb7f87b52,
		0x23d373ab,
		0xe2024b72,
		0x578f1fe3,
		0x2aab5566,
		0x0728ebb2,
		0x03c2b52f,
		0x9a7bc586,
		0xa50837d3,
		0xf2872830,
		0xb2a5bf23,
		0xba6a0302,
		0x5c8216ed,
		0x2b1ccf8a,
		0x92b479a7,
		0xf0f207f3,
		0xa1e2694e,
		0xcdf4da65,
		0xd5be0506,
		0x1f6234d1,
		0x8afea6c4,
		0x9d532e34,
		0xa055f3a2,
		0x32e18a05,
		0x75ebf6a4,
		0x39ec830b,
		0xaaef6040,
		0x069f715e,
		0x51106ebd,
		0xf98a213e,
		0x3d06dd96,
		0xae053edd,
		0x46bde64d,
		0xb58d5491,
		0x055dc471,
		0x6fd40604,
		0xff155060,
		0x24fb9819,
		0x97e9bdd6,
		0xcc434089,
		0x779ed967,
		0xbd42e8b0,
		0x888b8907,
		0x385b19e7,
		0xdbeec879,
		0x470a7ca1,
		0xe90f427c,
		0xc91e84f8,
		0x00000000,
		0x83868009,
		0x48ed2b32,
		0xac70111e,
		0x4e725a6c,
		0xfbff0efd,
		0x5638850f,
		0x1ed5ae3d,
		0x27392d36,
		0x64d90f0a,
		0x21a65c68,
		0xd1545b9b,
		0x3a2e3624,
		0xb1670a0c,
		0x0fe75793,
		0xd296eeb4,
		0x9e919b1b,
		0x4fc5c080,
		0xa220dc61,
		0x694b775a,
		0x161a121c,
		0x0aba93e2,
		0xe52aa0c0,
		0x43e0223c,
		0x1d171b12,
		0x0b0d090e,
		0xadc78bf2,
		0xb9a8b62d,
		0xc8a91e14,
		0x8519f157,
		0x4c0775af,
		0xbbdd99ee,
		0xfd607fa3,
		0x9f2601f7,
		0xbcf5725c,
		0xc53b6644,
		0x347efb5b,
		0x7629438b,
		0xdcc623cb,
		0x68fcedb6,
		0x63f1e4b8,
		0xcadc31d7,
		0x10856342,
		0x40229713,
		0x2011c684,
		0x7d244a85,
		0xf83dbbd2,
		0x1132f9ae,
		0x6da129c7,
		0x4b2f9e1d,
		0xf330b2dc,
		0xec52860d,
		0xd0e3c177,
		0x6c16b32b,
		0x99b970a9,
		0xfa489411,
		0x2264e947,
		0xc48cfca8,
		0x1a3ff0a0,
		0xd82c7d56,
		0xef903322,
		0xc74e4987,
		0xc1d138d9,
		0xfea2ca8c,
		0x360bd498,
		0xcf81f5a6,
		0x28de7aa5,
		0x268eb7da,
		0xa4bfad3f,
		0xe49d3a2c,
		0x0d927850,
		0x9bcc5f6a,
		0x62467e54,
		0xc2138df6,
		0xe8b8d890,
		0x5ef7392e,
		0xf5afc382,
		0xbe805d9f,
		0x7c93d069,
		0xa92dd56f,
		0xb31225cf,
		0x3b99acc8,
		0xa77d1810,
		0x6e639ce8,
		0x7bbb3bdb,
		0x097826cd,
		0xf418596e,
		0x01b79aec,
		0xa89a4f83,
		0x656e95e6,
		0x7ee6ffaa,
		0x08cfbc21,
		0xe6e815ef,
		0xd99be7ba,
		0xce366f4a,
		0xd4099fea,
		0xd67cb029,
		0xafb2a431,
		0x31233f2a,
		0x3094a5c6,
		0xc066a235,
		0x37bc4e74,
		0xa6ca82fc,
		0xb0d090e0,
		0x15d8a733,
		0x4a9804f1,
		0xf7daec41,
		0x0e50cd7f,
		0x2ff69117,
		0x8dd64d76,
		0x4db0ef43,
		0x544daacc,
		0xdf0496e4,
		0xe3b5d19e,
		0x1b886a4c,
		0xb81f2cc1,
		0x7f516546,
		0x04ea5e9d,
		0x5d358c01,
		0x737487fa,
		0x2e410bfb,
		0x5a1d67b3,
		0x52d2db92,
		0x335610e9,
		0x1347d66d,
		0x8c61d79a,
		0x7a0ca137,
		0x8e14f859,
		0x893c13eb,
		0xee27a9ce,
		0x35c961b7,
		0xede51ce1,
		0x3cb1477a,
		0x59dfd29c,
		0x3f73f255,
		0x79ce1418,
		0xbf37c773,
		0xeacdf753,
		0x5baafd5f,
		0x146f3ddf,
		0x86db4478,
		0x81f3afca,
		0x3ec468b9,
		0x2c342438,
		0x5f40a3c2,
		0x72c31d16,
		0x0c25e2bc,
		0x8b493c28,
		0x41950dff,
		0x7101a839,
		0xdeb30c08,
		0x9ce4b4d8,
		0x90c15664,
		0x6184cb7b,
		0x70b632d5,
		0x745c6c48,
		0x4257b8d0,
	},
	{
		0xa7f45150,
		0x65417e53,
		0xa4171ac3,
		0x5e273a96,
		0x6bab3bcb,
		0x459d1ff1,
		0x58faacab,
		0x03e34b93,
		0xfa302055,
		0x6d76adf6,
		0x76cc8891,
		0x4c02f525,
		0xd7e54ffc,
		0xcb2ac5d7,
		0x44352680,
		0xa362b58f,
		0x5ab1de49,
		0x1bba2567,
		0x0eea4598,
		0xc0fe5de1,
		0x752fc302,
		0xf04c8112,
		0x97468da3,
		0xf9d36bc6,
		0x5f8f03e7,
		0x9c921595,
		0x7a6dbfeb,
		0x595295da,
		0x83bed42d,
		0x217458d3,
		0x69e04929,
		0xc8c98e44,
		0x89c2756a,
		0x798ef478,
		0x3e58996b,
		0x71b927dd,
		0x4fe1beb6,
		0xad88f017,
		0xac20c966,
		0x3ace7db4,
		0x4adf6318,
		0x311ae582,
		0x33519760,
		0x7f536245,
		0x7764b1e0,
		0xae6bbb84,
		0xa081fe1c,
		0x2b08f994,
		0x68487058,
		0xfd458f19,
		0x6cde9487,
		0xf87b52b7,
		0xd373ab23,
		0x024b72e2,
		0x8f1fe357,
		0xab55662a,
		0x28ebb207,
		0xc2b52f03,
		0x7bc5869a,
		0x0837d3a5,
		0x872830f2,
		0xa5bf23b2,
		0x6a0302ba,
		0x8216ed5c,
		0x1ccf8a2b,
		0xb479a792,
		0xf207f3f0,
		0xe2694ea1,
		0xf4da65cd,
		0xbe0506d5,
		0x6234d11f,
		0xfea6c48a,
		0x532e349d,
		0x55f3a2a0,
		0xe18a0532,
		0xebf6a475,
		0xec830b39,
		0xef6040aa,
		0x9f715e06,
		0x106ebd51,
		0x8a213ef9,
		0x06dd963d,
		0x053eddae,
		0xbde64d46,
		0x8d5491b5,
		0x5dc47105,
		0xd406046f,
		0x155060ff,
		0xfb981924,
		0xe9bdd697,
		0x434089cc,
		0x9ed96777,
		0x42e8b0bd,
		0x8b890788,
		0x5b19e738,
		0xeec879db,
		0x0a7ca147,
		0x0f427ce9,
		0x1e84f8c9,
		0x00000000,
		0x86800983,
		0xed2b3248,
		0x70111eac,
		0x725a6c4e,
		0xff0efdfb,
		0x38850f56,
		0xd5ae3d1e,
		0x392d3627,
		0xd90f0a64,
		0xa65c6821,
		0x545b9bd1,
		0x2e36243a,
		0x670a0cb1,
		0xe757930f,
		0x96eeb4d2,
		0x919b1b9e,
		0xc5c0804f,
		0x20dc61a2,
		0x4b775a69,
		0x1a121c16,
		0xba93e20a,
		0x2aa0c0e5,
		0xe0223c43,
		0x171b121d,
		0x0d090e0b,
		0xc78bf2ad,
		0xa8b62db9,
		0xa91e14c8,
		0x19f15785,
		0x0775af4c,
		0xdd99eebb,
		0x607fa3fd,
		0x2601f79f,
		0xf5725cbc,
		0x3b6644c5,
		0x7efb5b34,
		0x29438b76,
		0xc623cbdc,
		0xfcedb668,
		0xf1e4b863,
		0xdc31d7ca,
		0x85634210,
		0x22971340,
		0x11c68420,
		0x244a857d,
		0x3dbbd2f8,
		0x32f9ae11,
		0xa129c76d,
		0x2f9e1d4b,
		0x30b2dcf3,
		0x52860dec,
		0xe3c177d0,
		0x16b32b6c,
		0xb970a999,
		0x489411fa,
		0x64e94722,
		0x8cfca8c4,
		0x3ff0a01a,
		0x2c7d56d8,
		0x903322ef,
		0x4e4987c7,
		0xd138d9c1,
		0xa2ca8cfe,
		0x0bd49836,
		0x81f5a6cf,
		0xde7aa528,
		0x8eb7da26,
		0xbfad3fa4,
		0x9d3a2ce4,
		0x9278500d,
		0xcc5f6a9b,
		0x467e5462,
		0x138df6c2,
		0xb8d890e8,
		0xf7392e5e,
		0xafc382f5,
		0x805d9fbe,
		0x93d0697c,
		0x2dd56fa9,
		0x1225cfb3,
		0x99acc83b,
		0x7d1810a7,
		0x639ce86e,
		0xbb3bdb7b,
		0x7826cd09,
		0x18596ef4,
		0xb79aec01,
		0x9a4f83a8,
		0x6e95e665,
		0xe6ffaa7e,
		0xcfbc2108,
		0xe815efe6,
		0x9be7bad9,
		0x366f4ace,
		0x099fead4,
		0x7cb029d6,
		0xb2a431af,
		0x233f2a31,
		0x94a5c630,
		0x66a235c0,
		0xbc4e7437,
		0xca82fca6,
		0xd090e0b0,
		0xd8a73315,
		0x9804f14a,
		0xdaec41f7,
		0x50cd7f0e,
		0xf691172f,
		0xd64d768d,
		0xb0ef434d,
		0x4daacc54,
		0x0496e4df,
		0xb5d19ee3,
		0x886a4c1b,
		0x1f2cc1b8,
		0x5165467f,
		0xea5e9d04,
		0x358c015d,
		0x7487fa73,
		0x410bfb2e,
		0x1d67b35a,
		0xd2db9252,
		0x5610e933,
		0x47d66d13,
		0x61d79a8c,
		0x0ca1377a,
		0x14f8598e,
		0x3c13eb89,
		0x27a9ceee,
		0xc961b735,
		0xe51ce1ed,
		0xb1477a3c,
		0xdfd29c59,
		0x73f2553f,
		0xce141879,
		0x37c773bf,
		0xcdf753ea,
		0xaafd5f5b,
		0x6f3ddf14,
		0xdb447886,
		0xf3afca81,
		0xc468b93e,
		0x3424382c,
		0x40a3c25f,
		0xc31d1672,
		0x25e2bc0c,
		0x493c288b,
		0x950dff41,
		0x01a83971,
		0xb30c08de,
		0xe4b4d89c,
		0xc1566490,
		0x84cb7b61,
		0xb632d570,
		0x5c6c4874,
		0x57b8d042,
	},
	{
		0xf45150a7,
		0x417e5365,
		0x171ac3a4,
		0x273a965e,
		0xab3bcb6b,
		0x9d1ff145,
		0xfaacab58,
		0xe34b9303,
		0x302055fa,
		0x76adf66d,
		0xcc889176,
		0x02f5254c,
		0xe54ffcd7,
		0x2ac5d7cb,
		0x35268044,
		0x62b58fa3,
		0xb1de495a,
		0xba25671b,
		0xea45980e,
		0xfe5de1c0,
		0x2fc30275,
		0x4c8112f0,
		0x468da397,
		0xd36bc6f9,
		0x8f03e75f,
		0x9215959c,
		0x6dbfeb7a,
		0x5295da59,
		0xbed42d83,
		0x7458d321,
		0xe0492969,
		0xc98e44c8,
		0xc2756a89,
		0x8ef47879,
		0x58996b3e,
		0xb927dd71,
		0xe1beb64f,
		0x88f017ad,
		0x20c966ac,
		0xce7db43a,
		0xdf63184a,
		0x1ae58231,
		0x51976033,
		0x5362457f,
		0x64b1e077,
		0x6bbb84ae,
		0x81fe1ca0,
		0x08f9942b,
		0x48705868,
		0x458f19fd,
		0xde94876c,
		0x7b52b7f8,
		0x73ab23d3,
		0x4b72e202,
		0x1fe3578f,
		0x55662aab,
		0xebb20728,
		0xb52f03c2,
		0xc5869a7b,
		0x37d3a508,
		0x2830f287,
		0xbf23b2a5,
		0x0302ba6a,
		0x16ed5c82,
		0xcf8a2b1c,
		0x79a792b4,
		0x07f3f0f2,
		0x694ea1e2,
		0xda65cdf4,
		0x0506d5be,
		0x34d11f62,
		0xa6c48afe,
		0x2e349d53,
		0xf3a2a055,
		0x8a0532e1,
		0xf6a475eb,
		0x830b39ec,
		0x6040aaef,
		0x715e069f,
		0x6ebd5110,
		0x213ef98a,
		0xdd963d06,
		0x3eddae05,
		0xe64d46bd,
		0x5491b58d,
		0xc471055d,
		0x06046fd4,
		0x5060ff15,
		0x981924fb,
		0xbdd697e9,
		0x4089cc43,
		0xd967779e,
		0xe8b0bd42,
		0x8907888b,
		0x19e7385b,
		0xc879dbee,
		0x7ca1470a,
		0x427ce90f,
		0x84f8c91e,
		0x00000000,
		0x80098386,
		0x2b3248ed,
		0x111eac70,
		0x5a6c4e72,
		0x0efdfbff,
		0x850f5638,
		0xae3d1ed5,
		0x2d362739,
		0x0f0a64d9,
		0x5c6821a6,
		0x5b9bd154,
		0x36243a2e,
		0x0a0cb167,
		0x57930fe7,
		0xeeb4d296,
		0x9b1b9e91,
		0xc0804fc5,
		0xdc61a220,
		0x775a694b,
		0x121c161a,
		0x93e20aba,
		0xa0c0e52a,
		0x223c43e0,
		0x1b121d17,
		0x090e0b0d,
		0x8bf2adc7,
		0xb62db9a8,
		0x1e14c8a9,
		0xf1578519,
		0x75af4c07,
		0x99eebbdd,
		0x7fa3fd60,
		0x01f79f26,
		0x725cbcf5,
		0x6644c53b,
		0xfb5b347e,
		0x438b7629,
		0x23cbdcc6,
		0xedb668fc,
		0xe4b863f1,
		0x31d7cadc,
		0x63421085,
		0x97134022,
		0xc6842011,
		0x4a857d24,
		0xbbd2f83d,
		0xf9ae1132,
		0x29c76da1,
		0x9e1d4b2f,
		0xb2dcf330,
		0x860dec52,
		0xc177d0e3,
		0xb32b6c16,
		0x70a999b9,
		0x9411fa48,
		0xe9472264,
		0xfca8c48c,
		0xf0a01a3f,
		0x7d56d82c,
		0x3322ef90,
		0x4987c74e,
		0x38d9c1d1,
		0xca8cfea2,
		0xd498360b,
		0xf5a6cf81,
		0x7aa528de,
		0xb7da268e,
		0xad3fa4bf,
		0x3a2ce49d,
		0x78500d92,
		0x5f6a9bcc,
		0x7e546246,
		0x8df6c213,
		0xd890e8b8,
		0x392e5ef7,
		0xc382f5af,
		0x5d9fbe80,
		0xd0697c93,
		0xd56fa92d,
		0x25cfb312,
		0xacc83b99,
		0x1810a77d,
		0x9ce86e63,
		0x3bdb7bbb,
		0x26cd0978,
		0x596ef418,
		0x9aec01b7,
		0x4f83a89a,
		0x95e6656e,
		0xffaa7ee6,
		0xbc2108cf,
		0x15efe6e8,
		0xe7bad99b,
		0x6f4ace36,
		0x9fead409,
		0xb029d67c,
		0xa431afb2,
		0x3f2a3123,
		0xa5c63094,
		0xa235c066,
		0x4e7437bc,
		0x82fca6ca,
		0x90e0b0d0,
		0xa73315d8,
		0x04f14a98,
		0xec41f7da,
		0xcd7f0e50,
		0x91172ff6,
		0x4d768dd6,
		0xef434db0,
		0xaacc544d,
		0x96e4df04,
		0xd19ee3b5,
		0x6a4c1b88,
		0x2cc1b81f,
		0x65467f51,
		0x5e9d04ea,
		0x8c015d35,
		0x87fa7374,
		0x0bfb2e41,
		0x67b35a1d,
		0xdb9252d2,
		0x10e93356,
		0xd66d1347,
		0xd79a8c61,
		0xa1377a0c,
		0xf8598e14,
		0x13eb893c,
		0xa9ceee27,
		0x61b735c9,
		0x1ce1ede5,
		0x477a3cb1,
		0xd29c59df,
		0xf2553f73,
		0x141879ce,
		0xc773bf37,
		0xf753eacd,
		0xfd5f5baa,
		0x3ddf146f,
		0x447886db,
		0xafca81f3,
		0x68b93ec4,
		0x24382c34,
		0xa3c25f40,
		0x1d1672c3,
		0xe2bc0c25,
		0x3c288b49,
		0x0dff4195,
		0xa8397101,
		0x0c08deb3,
		0xb4d89ce4,
		0x566490c1,
		0xcb7b6184,
		0x32d570b6,
		0x6c48745c,
		0xb8d04257,
	},
	{
		0x5150a7f4,
		0x7e536541,
		0x1ac3a417,
		0x3a965e27,
		0x3bcb6bab,
		0x1ff1459d,
		0xacab58fa,
		0x4b9303e3,
		0x2055fa30,
		0xadf66d76,
		0x889176cc,
		0xf5254c02,
		0x4ffcd7e5,
		0xc5d7cb2a,
		0x26804435,
		0xb58fa362,
		0xde495ab1,
		0x25671bba,
		0x45980eea,
		0x5de1c0fe,
		0xc302752f,
		0x8112f04c,
		0x8da39746,
		0x6bc6f9d3,
		0x03e75f8f,
		0x15959c92,
		0xbfeb7a6d,
		0x95da5952,
		0xd42d83be,
		0x58d32174,
		0x492969e0,
		0x8e44c8c9,
		0x756a89c2,
		0xf478798e,
		0x996b3e58,
		0x27dd71b9,
		0xbeb64fe1,
		0xf017ad88,
		0xc966ac20,
		0x7db43ace,
		0x63184adf,
		0xe582311a,
		0x97603351,
		0x62457f53,
		0xb1e07764,
		0xbb84ae6b,
		0xfe1ca081,
		0xf9942b08,
		0x70586848,
		0x8f19fd45,
		0x94876cde,
		0x52b7f87b,
		0xab23d373,
		0x72e2024b,
		0xe3578f1f,
		0x662aab55,
		0xb20728eb,
		0x2f03c2b5,
		0x869a7bc5,
		0xd3a50837,
		0x30f28728,
		0x23b2a5bf,
		0x02ba6a03,
		0xed5c8216,
		0x8a2b1ccf,
		0xa792b479,
		0xf3f0f207,
		0x4ea1e269,
		0x65cdf4da,
		0x06d5be05,
		0xd11f6234,
		0xc48afea6,
		0x349d532e,
		0xa2a055f3,
		0x0532e18a,
		0xa475ebf6,
		0x0b39ec83,
		0x40aaef60,
		0x5e069f71,
		0xbd51106e,
		0x3ef98a21,
		0x963d06dd,
		0xddae053e,
		0x4d46bde6,
		0x91b58d54,
		0x71055dc4,
		0x046fd406,
		0x60ff1550,
		0x1924fb98,
		0xd697e9bd,
		0x89cc4340,
		0x67779ed9,
		0xb0bd42e8,
		0x07888b89,
		0xe7385b19,
		0x79dbeec8,
		0xa1470a7c,
		0x7ce90f42,
		0xf8c91e84,
		0x00000000,
		0x09838680,
		0x3248ed2b,
		0x1eac7011,
		0x6c4e725a,
		0xfdfbff0e,
		0x0f563885,
		0x3d1ed5ae,
		0x3627392d,
		0x0a64d90f,
		0x6821a65c,
		0x9bd1545b,
		0x243a2e36,
		0x0cb1670a,
		0x930fe757,
		0xb4d296ee,
		0x1b9e919b,
		0x804fc5c0,
		0x61a220dc,
		0x5a694b77,
		0x1c161a12,
		0xe20aba93,
		0xc0e52aa0,
		0x3c43e022,
		0x121d171b,
		0x0e0b0d09,
		0xf2adc78b,
		0x2db9a8b6,
		0x14c8a91e,
		0x578519f1,
		0xaf4c0775,
		0xeebbdd99,
		0xa3fd607f,
		0xf79f2601,
		0x5cbcf572,
		0x44c53b66,
		0x5b347efb,
		0x8b762943,
		0xcbdcc623,
		0xb668fced,
		0xb863f1e4,
		0xd7cadc31,
		0x42108563,
		0x13402297,
		0x842011c6,
		0x857d244a,
		0xd2f83dbb,
		0xae1132f9,
		0xc76da129,
		0x1d4b2f9e,
		0xdcf330b2,
		0x0dec5286,
		0x77d0e3c1,
		0x2b6c16b3,
		0xa999b970,
		0x11fa4894,
		0x472264e9,
		0xa8c48cfc,
		0xa01a3ff0,
		0x56d82c7d,
		0x22ef9033,
		0x87c74e49,
		0xd9c1d138,
		0x8cfea2ca,
		0x98360bd4,
		0xa6cf81f5,
		0xa528de7a,
		0xda268eb7,
		0x3fa4bfad,
		0x2ce49d3a,
		0x500d9278,
		0x6a9bcc5f,
		0x5462467e,
		0xf6c2138d,
		0x90e8b8d8,
		0x2e5ef739,
		0x82f5afc3,
		0x9fbe805d,
		0x697c93d0,
		0x6fa92dd5,
		0xcfb31225,
		0xc83b99ac,
		0x10a77d18,
		0xe86e639c,
		0xdb7bbb3b,
		0xcd097826,
		0x6ef41859,
		0xec01b79a,
		0x83a89a4f,
		0xe6656e95,
		0xaa7ee6ff,
		0x2108cfbc,
		0xefe6e815,
		0xbad99be7,
		0x4ace366f,
		0xead4099f,
		0x29d67cb0,
		0x31afb2a4,
		0x2a31233f,
		0xc63094a5,
		0x35c066a2,
		0x7437bc4e,
		0xfca6ca82,
		0xe0b0d090,
		0x3315d8a7,
		0xf14a9804,
		0x41f7daec,
		0x7f0e50cd,
		0x172ff691,
		0x768dd64d,
		0x434db0ef,
		0xcc544daa,
		0xe4df0496,
		0x9ee3b5d1,
		0x4c1b886a,
		0xc1b81f2c,
		0x467f5165,
		0x9d04ea5e,
		0x015d358c,
		0xfa737487,
		0xfb2e410b,
		0xb35a1d67,
		0x9252d2db,
		0xe9335610,
		0x6d1347d6,
		0x9a8c61d7,
		0x377a0ca1,
		0x598e14f8,
		0xeb893c13,
		0xceee27a9,
		0xb735c961,
		0xe1ede51c,
		0x7a3cb147,
		0x9c59dfd2,
		0x553f73f2,
		0x1879ce14,
		0x73bf37c7,
		0x53eacdf7,
		0x5f5baafd,
		0xdf146f3d,
		0x7886db44,
		0xca81f3af,
		0xb93ec468,
		0x382c3424,
		0xc25f40a3,
		0x1672c31d,
		0xbc0c25e2,
		0x288b493c,
		0xff41950d,
		0x397101a8,
		0x08deb30c,
		0xd89ce4b4,
		0x6490c156,
		0x7b6184cb,
		0xd570b632,
		0x48745c6c,
		0xd04257b8,
	},
};


// SubBytes embedded in words tables.
const Word AESSubBytesWordTable[4][256] =
{
	{
		0x00000063,
		0x0000007c,
		0x00000077,
		0x0000007b,
		0x000000f2,
		0x0000006b,
		0x0000006f,
		0x000000c5,
		0x00000030,
		0x00000001,
		0x00000067,
		0x0000002b,
		0x000000fe,
		0x000000d7,
		0x000000ab,
		0x00000076,
		0x000000ca,
		0x00000082,
		0x000000c9,
		0x0000007d,
		0x000000fa,
		0x00000059,
		0x00000047,
		0x000000f0,
		0x000000ad,
		0x000000d4,
		0x000000a2,
		0x000000af,
		0x0000009c,
		0x000000a4,
		0x00000072,
		0x000000c0,
		0x000000b7,
		0x000000fd,
		0x00000093,
		0x00000026,
		0x00000036,
		0x0000003f,
		0x000000f7,
		0x000000cc,
		0x00000034,
		0x000000a5,
		0x000000e5,
		0x000000f1,
		0x00000071,
		0x000000d8,
		0x00000031,
		0x00000015,
		0x00000004,
		0x000000c7,
		0x00000023,
		0x000000c3,
		0x00000018,
		0x00000096,
		0x00000005,
		0x0000009a,
		0x00000007,
		0x00000012,
		0x00000080,
		0x000000e2,
		0x000000eb,
		0x00000027,
		0x000000b2,
		0x00000075,
		0x00000009,
		0x00000083,
		0x0000002c,
		0x0000001a,
		0x0000001b,
		0x0000006e,
		0x0000005a,
		0x000000a0,
		0x00000052,
		0x0000003b,
		0x000000d6,
		0x000000b3,
		0x00000029,
		0x000000e3,
		0x0000002f,
		0x00000084,
		0x00000053,
		0x000000d1,
		0x00000000,
		0x000000ed,
		0x00000020,
		0x000000fc,
		0x000000b1,
		0x0000005b,
		0x0000006a,
		0x000000cb,
		0x000000be,
		0x00000039,
		0x0000004a,
		0x0000004c,
		0x00000058,
		0x000000cf,
		0x000000d0,
		0x000000ef,
		0x000000aa,
		0x000000fb,
		0x00000043,
		0x0000004d,
		0x00000033,
		0x00000085,
		0x00000045,
		0x000000f9,
		0x00000002,
		0x0000007f,
		0x00000050,
		0x0000003c,
		0x0000009f,
		0x000000a8,
		0x00000051,
		0x000000a3,
		0x00000040,
		0x0000008f,
		0x00000092,
		0x0000009d,
		0x00000038,
		0x000000f5,
		0x000000bc,
		0x000000b6,
		0x000000da,
		0x00000021,
		0x00000010,
		0x000000ff,
		0x000000f3,
		0x000000d2,
		0x000000cd,
		0x0000000c,
		0x00000013,
		0x000000ec,
		0x0000005f,
		0x00000097,
		0x00000044,
		0x00000017,
		0x000000c4,
		0x000000a7,
		0x0000007e,
		0x0000003d,
		0x00000064,
		0x0000005d,
		0x00000019,
		0x00000073,
		0x00000060,
		0x00000081,
		0x0000004f,
		0x000000dc,
		0x00000022,
		0x0000002a,
		0x00000090,
		0x00000088,
		0x00000046,
		0x000000ee,
		0x000000b8,
		0x00000014,
		0x000000de,
		0x0000005e,
		0x0000000b,
		0x000000db,
		0x000000e0,
		0x00000032,
		0x0000003a,
		0x0000000a,
		0x00000049,
		0x00000006,
		0x00000024,
		0x0000005c,
		0x000000c2,
		0x000000d3,
		0x000000ac,
		0x00000062,
		0x00000091,
		0x00000095,
		0x000000e4,
		0x00000079,
		0x000000e7,
		0x000000c8,
		0x00000037,
		0x0000006d,
		0x0000008d,
		0x000000d5,
		0x0000004e,
		0x000000a9,
		0x0000006c,
		0x00000056,
		0x000000f4,
		0x000000ea,
		0x00000065,
		0x0000007a,
		0x000000ae,
		0x00000008,
		0x000000ba,
		0x00000078,
		0x00000025,
		0x0000002e,
		0x0000001c,
		0x000000a6,
		0x000000b4,
		0x000000c6,
		0x000000e8,
		0x000000dd,
		0x00000074,
		0x0000001f,
		0x0000004b,
		0x000000bd,
		0x0000008b,
		0x0000008a,
		0x00000070,
		0x0000003e,
		0x000000b5,
		0x00000066,
		0x00000048,
		0x00000003,
		0x000000f6,
		0x0000000e,
		0x00000061,
		0x00000035,
		0x00000057,
		0x000000b9,
		0x00000086,
		0x000000c1,
		0x0000001d,
		0x0000009e,
		0x000000e1,
		0x000000f8,
		0x00000098,
		0x00000011,
		0x00000069,
		0x000000d9,
		0x0000008e,
		0x00000094,
		0x0000009b,
		0x0000001e,
		0x00000087,
		0x000000e9,
		0x000000ce,
		0x00000055,
		0x00000028,
		0x000000df,
		0x0000008c,
		0x000000a1,
		0x00000089,
		0x0000000d,
		0x000000bf,
		0x000000e6,
		0x00000042,
		0x00000068,
		0x00000041,
		0x00000099,
		0x0000002d,
		0x0000000f,
		0x000000b0,
		0x00000054,
		0x000000bb,
		0x00000016,
	},
	{
		0x00006300,
		0x00007c00,
		0x00007700,
		0x00007b00,
		0x0000f200,
		0x00006b00,
		0x00006f00,
		0x0000c500,
		0x00003000,
		0x00000100,
		0x00006700,
		0x00002b00,
		0x0000fe00,
		0x0000d700,
		0x0000ab00,
		0x00007600,
		0x0000ca00,
		0x00008200,
		0x0000c900,
		0x00007d00,
		0x0000fa00,
		0x00005900,
		0x00004700,
		0x0000f000,
		0x0000ad00,
		0x0000d400,
		0x0000a200,
		0x0000af00,
		0x00009c00,
		0x0000a400,
		0x00007200,
		0x0000c000,
		0x0000b700,
		0x0000fd00,
		0x00009300,
		0x00002600,
		0x00003600,
		0x00003f00,
		0x0000f700,
		0x0000cc00,
		0x00003400,
		0x0000a500,
		0x0000e500,
		0x0000f100,
		0x00007100,
		0x0000d800,
		0x00003100,
		0x00001500,
		0x00000400,
		0x0000c700,
		0x00002300,
		0x0000c300,
		0x00001800,
		0x00009600,
		0x00000500,
		0x00009a00,
		0x00000700,
		0x00001200,
		0x00008000,
		0x0000e200,
		0x0000eb00,
		0x00002700,
		0x0000b200,
		0x00007500,
		0x00000900,
		0x00008300,
		0x00002c00,
		0x00001a00,
		0x00001b00,
		0x00006e00,
		0x00005a00,
		0x0000a000,
		0x00005200,
		0x00003b00,
		0x0000d600,
		0x0000b300,
		0x00002900,
		0x0000e300,
		0x00002f00,
		0x00008400,
		0x00005300,
		0x0000d100,
		0x00000000,
		0x0000ed00,
		0x00002000,
		0x0000fc00,
		0x0000b100,
		0x00005b00,
		0x00006a00,
		0x0000cb00,
		0x0000be00,
		0x00003900,
		0x00004a00,
		0x00004c00,
		0x00005800,
		0x0000cf00,
		0x0000d000,
		0x0000ef00,
		0x0000aa00,
		0x0000fb00,
		0x00004300,
		0x00004d00,
		0x00003300,
		0x00008500,
		0x00004500,
		0x0000f900,
		0x00000200,
		0x00007f00,
		0x00005000,
		0x00003c00,
		0x00009f00,
		0x0000a800,
		0x00005100,
		0x0000a300,
		0x00004000,
		0x00008f00,
		0x00009200,
		0x00009d00,
		0x00003800,
		0x0000f500,
		0x0000bc00,
		0x0000b600,
		0x0000da00,
		0x00002100,
		0x00001000,
		0x0000ff00,
		0x0000f300,
		0x0000d200,
		0x0000cd00,
		0x00000c00,
		0x00001300,
		0x0000ec00,
		0x00005f00,
		0x00009700,
		0x00004400,
		0x00001700,
		0x0000c400,
		0x0000a700,
		0x00007e00,
		0x00003d00,
		0x00006400,
		0x00005d00,
		0x00001900,
		0x00007300,
		0x00006000,
		0x00008100,
		0x00004f00,
		0x0000dc00,
		0x00002200,
		0x00002a00,
		0x00009000,
		0x00008800,
		0x00004600,
		0x0000ee00,
		0x0000b800,
		0x00001400,
		0x0000de00,
		0x00005e00,
		0x00000b00,
		0x0000db00,
		0x0000e000,
		0x00003200,
		0x00003a00,
		0x00000a00,
		0x00004900,
		0x00000600,
		0x00002400,
		0x00005c00,
		0x0000c200,
		0x0000d300,
		0x0000ac00,
		0x00006200,
		0x00009100,
		0x00009500,
		0x0000e400,
		0x00007900,
		0x0000e700,
		0x0000c800,
		0x00003700,
		0x00006d00,
		0x00008d00,
		0x0000d500,
		0x00004e00,
		0x0000a900,
		0x00006c00,
		0x00005600,
		0x0000f400,
		0x0000ea00,
		0x00006500,
		0x00007a00,
		0x0000ae00,
		0x00000800,
		0x0000ba00,
		0x00007800,
		0x00002500,
		0x00002e00,
		0x00001c00,
		0x0000a600,
		0x0000b400,
		0x0000c600,
		0x0000e800,
		0x0000dd00,
		0x00007400,
		0x00001f00,
		0x00004b00,
		0x0000bd00,
		0x00008b00,
		0x00008a00,
		0x00007000,
		0x00003e00,
		0x0000b500,
		0x00006600,
		0x00004800,
		0x00000300,
		0x0000f600,
		0x00000e00,
		0x00006100,
		0x00003500,
		0x00005700,
		0x0000b900,
		0x00008600,
		0x0000c100,
		0x00001d00,
		0x00009e00,
		0x0000e100,
		0x0000f800,
		0x00009800,
		0x00001100,
		0x00006900,
		0x0000d900,
		0x00008e00,
		0x00009400,
		0x00009b00,
		0x00001e00,
		0x00008700,
		0x0000e900,
		0x0000ce00,
		0x00005500,
		0x00002800,
		0x0000df00,
		0x00008c00,
		0x0000a100,
		0x00008900,
		0x00000d00,
		0x0000bf00,
		0x0000e600,
		0x00004200,
		0x00006800,
		0x00004100,
		0x00009900,
		0x00002d00,
		0x00000f00,
		0x0000b000,
		0x00005400,
		0x0000bb00,
		0x00001600,
	},
	{
		0x00630000,
		0x007c0000,
		0x00770000,
		0x007b0000,
		0x00f20000,
		0x006b0000,
		0x006f0000,
		0x00c50000,
		0x00300000,
		0x00010000,
		0x00670000,
		0x002b0000,
		0x00fe0000,
		0x00d70000,
		0x00ab0000,
		0x00760000,
		0x00ca0000,
		0x00820000,
		0x00c90000,
		0x007d0000,
		0x00fa0000,
		0x00590000,
		0x00470000,
		0x00f00000,
		0x00ad0000,
		0x00d40000,
		0x00a20000,
		0x00af0000,
		0x009c0000,
		0x00a40000,
		0x00720000,
		0x00c00000,
		0x00b70000,
		0x00fd0000,
		0x00930000,
		0x00260000,
		0x00360000,
		0x003f0000,
		0x00f70000,
		0x00cc0000,
		0x00340000,
		0x00a50000,
		0x00e50000,
		0x00f10000,
		0x00710000,
		0x00d80000,
		0x00310000,
		0x00150000,
		0x00040000,
		0x00c70000,
		0x00230000,
		0x00c30000,
		0x00180000,
		0x00960000,
		0x00050000,
		0x009a0000,
		0x00070000,
		0x00120000,
		0x00800000,
		0x00e20000,
		0x00eb0000,
		0x00270000,
		0x00b20000,
		0x00750000,
		0x00090000,
		0x00830000,
		0x002c0000,
		0x001a0000,
		0x001b0000,
		0x006e0000,
		0x005a0000,
		0x00a00000,
		0x00520000,
		0x003b0000,
		0x00d60000,
		0x00b30000,
		0x00290000,
		0x00e30000,
		0x002f0000,
		0x00840000,
		0x00530000,
		0x00d10000,
		0x00000000,
		0x00ed0000,
		0x00200000,
		0x00fc0000,
		0x00b10000,
		0x005b0000,
		0x006a0000,
		0x00cb0000,
		0x00be0000,
		0x00390000,
		0x004a0000,
		0x004c0000,
		0x00580000,
		0x00cf0000,
		0x00d00000,
		0x00ef0000,
		0x00aa0000,
		0x00fb0000,
		0x00430000,
		0x004d0000,
		0x00330000,
		0x00850000,
		0x00450000,
		0x00f90000,
		0x00020000,
		0x007f0000,
		0x00500000,
		0x003c0000,
		0x009f0000,
		0x00a80000,
		0x00510000,
		0x00a30000,
		0x00400000,
		0x008f0000,
		0x00920000,
		0x009d0000,
		0x00380000,
		0x00f50000,
		0x00bc0000,
		0x00b60000,
		0x00da0000,
		0x00210000,
		0x00100000,
		0x00ff0000,
		0x00f30000,
		0x00d20000,
		0x00cd0000,
		0x000c0000,
		0x00130000,
		0x00ec0000,
		0x005f0000,
		0x00970000,
		0x00440000,
		0x00170000,
		0x00c40000,
		0x00a70000,
		0x007e0000,
		0x003d0000,
		0x00640000,
		0x005d0000,
		0x00190000,
		0x00730000,
		0x00600000,
		0x00810000,
		0x004f0000,
		0x00dc0000,
		0x00220000,
		0x002a0000,
		0x00900000,
		0x00880000,
		0x00460000,
		0x00ee0000,
		0x00b80000,
		0x00140000,
		0x00de0000,
		0x005e0000,
		0x000b0000,
		0x00db0000,
		0x00e00000,
		0x00320000,
		0x003a0000,
		0x000a0000,
		0x00490000,
		0x00060000,
		0x00240000,
		0x005c0000,
		0x00c20000,
		0x00d30000,
		0x00ac0000,
		0x00620000,
		0x00910000,
		0x00950000,
		0x00e40000,
		0x00790000,
		0x00e70000,
		0x00c80000,
		0x00370000,
		0x006d0000,
		0x008d0000,
		0x00d50000,
		0x004e0000,
		0x00a90000,
		0x006c0000,
		0x00560000,
		0x00f40000,
		0x00ea0000,
		0x00650000,
		0x007a0000,
		0x00ae0000,
		0x00080000,
		0x00ba0000,
		0x00780000,
		0x00250000,
		0x002e0000,
		0x001c0000,
		0x00a60000,
		0x00b40000,
		0x00c60000,
		0x00e80000,
		0x00dd0000,
		0x00740000,
		0x001f0000,
		0x004b0000,
		0x00bd0000,
		0x008b0000,
		0x008a0000,
		0x00700000,
		0x003e0000,
		0x00b50000,
		0x00660000,
		0x00480000,
		0x00030000,
		0x00f60000,
		0x000e0000,
		0x00610000,
		0x00350000,
		0x00570000,
		0x00b90000,
		0x00860000,
		0x00c10000,
		0x001d0000,
		0x009e0000,
		0x00e10000,
		0x00f80000,
		0x00980000,
		0x00110000,
		0x00690000,
		0x00d90000,
		0x008e0000,
		0x00940000,
		0x009b0000,
		0x001e0000,
		0x00870000,
		0x00e90000,
		0x00ce0000,
		0x00550000,
		0x00280000,
		0x00df0000,
		0x008c0000,
		0x00a10000,
		0x00890000,
		0x000d0000,
		0x00bf0000,
		0x00e60000,
		0x00420000,
		0x00680000,
		0x00410000,
		0x00990000,
		0x002d0000,
		0x000f0000,
		0x00b00000,
		0x00540000,
		0x00bb0000,
		0x00160000,
	},
	{
		0x63000000,
		0x7c000000,
		0x77000000,
		0x7b000000,
		0xf2000000,
		0x6b000000,
		0x6f000000,
		0xc5000000,
		0x30000000,
		0x01000000,
		0x67000000,
		0x2b000000,
		0xfe000000,
		0xd7000000,
		0xab000000,
		0x76000000,
		0xca000000,
		0x82000000,
		0xc9000000,
		0x7d000000,
		0xfa000000,
		0x59000000,
		0x47000000,
		0xf0000000,
		0xad000000,
		0xd4000000,
		0xa2000000,
		0xaf000000,
		0x9c000000,
		0xa4000000,
		0x72000000,
		0xc0000000,
		0xb7000000,
		0xfd000000,
		0x93000000,
		0x26000000,
		0x36000000,
		0x3f000000,
		0xf7000000,
		0xcc000000,
		0x34000000,
		0xa5000000,
		0xe5000000,
		0xf1000000,
		0x71000000,
		0xd8000000,
		0x31000000,
		0x15000000,
		0x04000000,
		0xc7000000,
		0x23000000,
		0xc3000000,
		0x18000000,
		0x96000000,
		0x05000000,
		0x9a000000,
		0x07000000,
		0x12000000,
		0x80000000,
		0xe2000000,
		0xeb000000,
		0x27000000,
		0xb2000000,
		0x75000000,
		0x09000000,
		0x83000000,
		0x2c000000,
		0x1a000000,
		0x1b000000,
		0x6e000000,
		0x5a000000,
		0xa0000000,
		0x52000000,
		0x3b000000,
		0xd6000000,
		0xb3000000,
		0x29000000,
		0xe3000000,
		0x2f000000,
		0x84000000,
		0x53000000,
		0xd1000000,
		0x00000000,
		0xed000000,
		0x20000000,
		0xfc000000,
		0xb1000000,
		0x5b000000,
		0x6a000000,
		0xcb000000,
		0xbe000000,
		0x39000000,
		0x4a000000,
		0x4c000000,
		0x58000000,
		0xcf000000,
		0xd0000000,
		0xef000000,
		0xaa000000,
		0xfb000000,
		0x43000000,
		0x4d000000,
		0x33000000,
		0x85000000,
		0x45000000,
		0xf9000000,
		0x02000000,
		0x7f000000,
		0x50000000,
		0x3c000000,
		0x9f000000,
		0xa8000000,
		0x51000000,
		0xa3000000,
		0x40000000,
		0x8f000000,
		0x92000000,
		0x9d000000,
		0x38000000,
		0xf5000000,
		0xbc000000,
		0xb6000000,
		0xda000000,
		0x21000000,
		0x10000000,
		0xff000000,
		0xf3000000,
		0xd2000000,
		0xcd000000,
		0x0c000000,
		0x13000000,
		0xec000000,
		0x5f000000,
		0x97000000,
		0x44000000,
		0x17000000,
		0xc4000000,
		0xa7000000,
		0x7e000000,
		0x3d000000,
		0x64000000,
		0x5d000000,
		0x19000000,
		0x73000000,
		0x60000000,
		0x81000000,
		0x4f000000,
		0xdc000000,
		0x22000000,
		0x2a000000,
		0x90000000,
		0x88000000,
		0x46000000,
		0xee000000,
		0xb8000000,
		0x14000000,
		0xde000000,
		0x5e000000,
		0x0b000000,
		0xdb000000,
		0xe0000000,
		0x32000000,
		0x3a000000,
		0x0a000000,
		0x49000000,
		0x06000000,
		0x24000000,
		0x5c000000,
		0xc2000000,
		0xd3000000,
		0xac000000,
		0x62000000,
		0x91000000,
		0x95000000,
		0xe4000000,
		0x79000000,
		0xe7000000,
		0xc8000000,
		0x37000000,
		0x6d000000,
		0x8d000000,
		0xd5000000,
		0x4e000000,
		0xa9000000,
		0x6c000000,
		0x56000000,
		0xf4000000,
		0xea000000,
		0x65000000,
		0x7a000000,
		0xae000000,
		0x08000000,
		0xba000000,
		0x78000000,
		0x25000000,
		0x2e000000,
		0x1c000000,
		0xa6000000,
		0xb4000000,
		0xc6000000,
		0xe8000000,
		0xdd000000,
		0x74000000,
		0x1f000000,
		0x4b000000,
		0xbd000000,
		0x8b000000,
		0x8a000000,
		0x70000000,
		0x3e000000,
		0xb5000000,
		0x66000000,
		0x48000000,
		0x03000000,
		0xf6000000,
		0x0e000000,
		0x61000000,
		0x35000000,
		0x57000000,
		0xb9000000,
		0x86000000,
		0xc1000000,
		0x1d000000,
		0x9e000000,
		0xe1000000,
		0xf8000000,
		0x98000000,
		0x11000000,
		0x69000000,
		0xd9000000,
		0x8e000000,
		0x94000000,
		0x9b000000,
		0x1e000000,
		0x87000000,
		0xe9000000,
		0xce000000,
		0x55000000,
		0x28000000,
		0xdf000000,
		0x8c000000,
		0xa1000000,
		0x89000000,
		0x0d000000,
		0xbf000000,
		0xe6000000,
		0x42000000,
		0x68000000,
		0x41000000,
		0x99000000,
		0x2d000000,
		0x0f000000,
		0xb0000000,
		0x54000000,
		0xbb000000,
		0x16000000,
	},
};


// InvSubBytes embedded in words tables.
const Word AESInvSubBytesWordTable[4][256] =
{
	{
		0x00000052,
		0x00000009,
		0x0000006a,
		0x000000d5,
		0x00000030,
		0x00000036,
		0x000000a5,
		0x00000038,
		0x000000bf,
		0x00000040,
		0x000000a3,
		0x0000009e,
		0x00000081,
		0x000000f3,
		0x000000d7,
		0x000000fb,
		0x0000007c,
		0x000000e3,
		0x00000039,
		0x00000082,
		0x0000009b,
		0x0000002f,
		0x000000ff,
		0x00000087,
		0x00000034,
		0x0000008e,
		0x00000043,
		0x00000044,
		0x000000c4,
		0x000000de,
		0x000000e9,
		0x000000cb,
		0x00000054,
		0x0000007b,
		0x00000094,
		0x00000032,
		0x000000a6,
		0x000000c2,
		0x00000023,
		0x0000003d,
		0x000000ee,
		0x0000004c,
		0x00000095,
		0x0000000b,
		0x00000042,
		0x000000fa,
		0x000000c3,
		0x0000004e,
		0x00000008,
		0x0000002e,
		0x000000a1,
		0x00000066,
		0x00000028,
		0x000000d9,
		0x00000024,
		0x000000b2,
		0x00000076,
		0x0000005b,
		0x000000a2,
		0x00000049,
		0x0000006d,
		0x0000008b,
		0x000000d1,
		0x00000025,
		0x00000072,
		0x000000f8,
		0x000000f6,
		0x00000064,
		0x00000086,
		0x00000068,
		0x00000098,
		0x00000016,
		0x000000d4,
		0x000000a4,
		0x0000005c,
		0x000000cc,
		0x0000005d,
		0x00000065,
		0x000000b6,
		0x00000092,
		0x0000006c,
		0x00000070,
		0x00000048,
		0x00000050,
		0x000000fd,
		0x000000ed,
		0x000000b9,
		0x000000da,
		0x0000005e,
		0x00000015,
		0x00000046,
		0x00000057,
		0x000000a7,
		0x0000008d,
		0x0000009d,
		0x00000084,
		0x00000090,
		0x000000d8,
		0x000000ab,
		0x00000000,
		0x0000008c,
		0x000000bc,
		0x000000d3,
		0x0000000a,
		0x000000f7,
		0x000000e4,
		0x00000058,
		0x00000005,
		0x000000b8,
		0x000000b3,
		0x00000045,
		0x00000006,
		0x000000d0,
		0x0000002c,
		0x0000001e,
		0x0000008f,
		0x000000ca,
		0x0000003f,
		0x0000000f,
		0x00000002,
		0x000000c1,
		0x000000af,
		0x000000bd,
		0x00000003,
		0x00000001,
		0x00000013,
		0x0000008a,
		0x0000006b,
		0x0000003a,
		0x00000091,
		0x00000011,
		0x00000041,
		0x0000004f,
		0x00000067,
		0x000000dc,
		0x000000ea,
		0x00000097,
		0x000000f2,
		0x000000cf,
		0x000000ce,
		0x000000f0,
		0x000000b4,
		0x000000e6,
		0x00000073,
		0x00000096,
		0x000000ac,
		0x00000074,
		0x00000022,
		0x000000e7,
		0x000000ad,
		0x00000035,
		0x00000085,
		0x000000e2,
		0x000000f9,
		0x00000037,
		0x000000e8,
		0x0000001c,
		0x00000075,
		0x000000df,
		0x0000006e,
		0x00000047,
		0x000000f1,
		0x0000001a,
		0x00000071,
		0x0000001d,
		0x00000029,
		0x000000c5,
		0x00000089,
		0x0000006f,
		0x000000b7,
		0x00000062,
		0x0000000e,
		0x000000aa,
		0x00000018,
		0x000000be,
		0x0000001b,
		0x000000fc,
		0x00000056,
		0x0000003e,
		0x0000004b,
		0x000000c6,
		0x000000d2,
		0x00000079,
		0x00000020,
		0x0000009a,
		0x000000db,
		0x000000c0,
		0x000000fe,
		0x00000078,
		0x000000cd,
		0x0000005a,
		0x000000f4,
		0x0000001f,
		0x000000dd,
		0x000000a8,
		0x00000033,
		0x00000088,
		0x00000007,
		0x000000c7,
		0x00000031,
		0x000000b1,
		0x00000012,
		0x00000010,
		0x00000059,
		0x00000027,
		0x00000080,
		0x000000ec,
		0x0000005f,
		0x00000060,
		0x00000051,
		0x0000007f,
		0x000000a9,
		0x00000019,
		0x000000b5,
		0x0000004a,
		0x0000000d,
		0x0000002d,
		0x000000e5,
		0x0000007a,
		0x0000009f,
		0x00000093,
		0x000000c9,
		0x0000009c,
		0x000000ef,
		0x000000a0,
		0x000000e0,
		0x0000003b,
		0x0000004d,
		0x000000ae,
		0x0000002a,
		0x000000f5,
		0x000000b0,
		0x000000c8,
		0x000000eb,
		0x000000bb,
		0x0000003c,
		0x00000083,
		0x00000053,
		0x00000099,
		0x00000061,
		0x00000017,
		0x0000002b,
		0x00000004,
		0x0000007e,
		0x000000ba,
		0x00000077,
		0x000000d6,
		0x00000026,
		0x000000e1,
		0x00000069,
		0x00000014,
		0x00000063,
		0x00000055,
		0x00000021,
		0x0000000c,
		0x0000007d,
	},
	{
		0x00005200,
		0x00000900,
		0x00006a00,
		0x0000d500,
		0x00003000,
		0x00003600,
		0x0000a500,
		0x00003800,
		0x0000bf00,
		0x00004000,
		0x0000a300,
		0x00009e00,
		0x00008100,
		0x0000f300,
		0x0000d700,
		0x0000fb00,
		0x00007c00,
		0x0000e300,
		0x00003900,
		0x00008200,
		0x00009b00,
		0x00002f00,
		0x0000ff00,
		0x00008700,
		0x00003400,
		0x00008e00,
		0x00004300,
		0x00004400,
		0x0000c400,
		0x0000de00,
		0x0000e900,
		0x0000cb00,
		0x00005400,
		0x00007b00,
		0x00009400,
		0x00003200,
		0x0000a600,
		0x0000c200,
		0x00002300,
		0x00003d00,
		0x0000ee00,
		0x00004c00,
		0x00009500,
		0x00000b00,
		0x00004200,
		0x0000fa00,
		0x0000c300,
		0x00004e00,
		0x00000800,
		0x00002e00,
		0x0000a100,
		0x00006600,
		0x00002800,
		0x0000d900,
		0x00002400,
		0x0000b200,
		0x00007600,
		0x00005b00,
		0x0000a200,
		0x00004900,
		0x00006d00,
		0x00008b00,
		0x0000d100,
		0x00002500,
		0x00007200,
		0x0000f800,
		0x0000f600,
		0x00006400,
		0x00008600,
		0x00006800,
		0x00009800,
		0x00001600,
		0x0000d400,
		0x0000a400,
		0x00005c00,
		0x0000cc00,
		0x00005d00,
		0x00006500,
		0x0000b600,
		0x00009200,
		0x00006c00,
		0x00007000,
		0x00004800,
		0x00005000,
		0x0000fd00,
		0x0000ed00,
		0x0000b900,
		0x0000da00,
		0x00005e00,
		0x00001500,
		0x00004600,
		0x00005700,
		0x0000a700,
		0x00008d00,
		0x00009d00,
		0x00008400,
		0x00009000,
		0x0000d800,
		0x0000ab00,
		0x00000000,
		0x00008c00,
		0x0000bc00,
		0x0000d300,
		0x00000a00,
		0x0000f700,
		0x0000e400,
		0x00005800,
		0x00000500,
		0x0000b800,
		0x0000b300,
		0x00004500,
		0x00000600,
		0x0000d000,
		0x00002c00,
		0x00001e00,
		0x00008f00,
		0x0000ca00,
		0x00003f00,
		0x00000f00,
		0x00000200,
		0x0000c100,
		0x0000af00,
		0x0000bd00,
		0x00000300,
		0x00000100,
		0x00001300,
		0x00008a00,
		0x00006b00,
		0x00003a00,
		0x00009100,
		0x00001100,
		0x00004100,
		0x00004f00,
		0x00006700,
		0x0000dc00,
		0x0000ea00,
		0x00009700,
		0x0000f200,
		0x0000cf00,
		0x0000ce00,
		0x0000f000,
		0x0000b400,
		0x0000e600,
		0x00007300,
		0x00009600,
		0x0000ac00,
		0x00007400,
		0x00002200,
		0x0000e700,
		0x0000ad00,
		0x00003500,
		0x00008500,
		0x0000e200,
		0x0000f900,
		0x00003700,
		0x0000e800,
		0x00001c00,
		0x00007500,
		0x0000df00,
		0x00006e00,
		0x00004700,
		0x0000f100,
		0x00001a00,
		0x00007100,
		0x00001d00,
		0x00002900,
		0x0000c500,
		0x00008900,
		0x00006f00,
		0x0000b700,
		0x00006200,
		0x00000e00,
		0x0000aa00,
		0x00001800,
		0x0000be00,
		0x00001b00,
		0x0000fc00,
		0x00005600,
		0x00003e00,
		0x00004b00,
		0x0000c600,
		0x0000d200,
		0x00007900,
		0x00002000,
		0x00009a00,
		0x0000db00,
		0x0000c000,
		0x0000fe00,
		0x00007800,
		0x0000cd00,
		0x00005a00,
		0x0000f400,
		0x00001f00,
		0x0000dd00,
		0x0000a800,
		0x00003300,
		0x00008800,
		0x00000700,
		0x0000c700,
		0x00003100,
		0x0000b100,
		0x00001200,
		0x00001000,
		0x00005900,
		0x00002700,
		0x00008000,
		0x0000ec00,
		0x00005f00,
		0x00006000,
		0x00005100,
		0x00007f00,
		0x0000a900,
		0x00001900,
		0x0000b500,
		0x00004a00,
		0x00000d00,
		0x00002d00,
		0x0000e500,
		0x00007a00,
		0x00009f00,
		0x00009300,
		0x0000c900,
		0x00009c00,
		0x0000ef00,
		0x0000a000,
		0x0000e000,
		0x00003b00,
		0x00004d00,
		0x0000ae00,
		0x00002a00,
		0x0000f500,
		0x0000b000,
		0x0000c800,
		0x0000eb00,
		0x0000bb00,
		0x00003c00,
		0x00008300,
		0x00005300,
		0x00009900,
		0x00006100,
		0x00001700,
		0x00002b00,
		0x00000400,
		0x00007e00,
		0x0000ba00,
		0x00007700,
		0x0000d600,
		0x00002600,
		0x0000e100,
		0x00006900,
		0x00001400,
		0x00006300,
		0x00005500,
		0x00002100,
		0x00000c00,
		0x00007d00,
	},
	{
		0x00520000,
		0x00090000,
		0x006a0000,
		0x00d50000,
		0x00300000,
		0x00360000,
		0x00a50000,
		0x00380000,
		0x00bf0000,
		0x00400000,
		0x00a30000,
		0x009e0000,
		0x00810000,
		0x00f30000,
		0x00d70000,
		0x00fb0000,
		0x007c0000,
		0x00e30000,
		0x00390000,
		0x00820000,
		0x009b0000,
		0x002f0000,
		0x00ff0000,
		0x00870000,
		0x00340000,
		0x008e0000,
		0x00430000,
		0x00440000,
		0x00c40000,
		0x00de0000,
		0x00e90000,
		0x00cb0000,
		0x00540000,
		0x007b0000,
		0x00940000,
		0x00320000,
		0x00a60000,
		0x00c20000,
		0x00230000,
		0x003d0000,
		0x00ee0000,
		0x004c0000,
		0x00950000,
		0x000b0000,
		0x00420000,
		0x00fa0000,
		0x00c30000,
		0x004e0000,
		0x00080000,
		0x002e0000,
		0x00a10000,
		0x00660000,
		0x00280000,
		0x00d90000,
		0x00240000,
		0x00b20000,
		0x00760000,
		0x005b0000,
		0x00a20000,
		0x00490000,
		0x006d0000,
		0x008b0000,
		0x00d10000,
		0x00250000,
		0x00720000,
		0x00f80000,
		0x00f60000,
		0x00640000,
		0x00860000,
		0x00680000,
		0x00980000,
		0x00160000,
		0x00d40000,
		0x00a40000,
		0x005c0000,
		0x00cc0000,
		0x005d0000,
		0x00650000,
		0x00b60000,
		0x00920000,
		0x006c0000,
		0x00700000,
		0x00480000,
		0x00500000,
		0x00fd0000,
		0x00ed0000,
		0x00b90000,
		0x00da0000,
		0x005e0000,
		0x00150000,
		0x00460000,
		0x00570000,
		0x00a70000,
		0x008d0000,
		0x009d0000,
		0x00840000,
		0x00900000,
		0x00d80000,
		0x00ab0000,
		0x00000000,
		0x008c0000,
		0x00bc0000,
		0x00d30000,
		0x000a0000,
		0x00f70000,
		0x00e40000,
		0x00580000,
		0x00050000,
		0x00b80000,
		0x00b30000,
		0x00450000,
		0x00060000,
		0x00d00000,
		0x002c0000,
		0x001e0000,
		0x008f0000,
		0x00ca0000,
		0x003f0000,
		0x000f0000,
		0x00020000,
		0x00c10000,
		0x00af0000,
		0x00bd0000,
		0x00030000,
		0x00010000,
		0x00130000,
		0x008a0000,
		0x006b0000,
		0x003a0000,
		0x00910000,
		0x00110000,
		0x00410000,
		0x004f0000,
		0x00670000,
		0x00dc0000,
		0x00ea0000,
		0x00970000,
		0x00f20000,
		0x00cf0000,
		0x00ce0000,
		0x00f00000,
		0x00b40000,
		0x00e60000,
		0x00730000,
		0x00960000,
		0x00ac0000,
		0x00740000,
		0x00220000,
		0x00e70000,
		0x00ad0000,
		0x00350000,
		0x00850000,
		0x00e20000,
		0x00f90000,
		0x00370000,
		0x00e80000,
		0x001c0000,
		0x00750000,
		0x00df0000,
		0x006e0000,
		0x00470000,
		0x00f10000,
		0x001a0000,
		0x00710000,
		0x001d0000,
		0x00290000,
		0x00c50000,
		0x00890000,
		0x006f0000,
		0x00b70000,
		0x00620000,
		0x000e0000,
		0x00aa0000,
		0x00180000,
		0x00be0000,
		0x001b0000,
		0x00fc0000,
		0x00560000,
		0x003e0000,
		0x004b0000,
		0x00c60000,
		0x00d20000,
		0x00790000,
		0x00200000,
		0x009a0000,
		0x00db0000,
		0x00c00000,
		0x00fe0000,
		0x00780000,
		0x00cd0000,
		0x005a0000,
		0x00f40000,
		0x001f0000,
		0x00dd0000,
		0x00a80000,
		0x00330000,
		0x00880000,
		0x00070000,
		0x00c70000,
		0x00310000,
		0x00b10000,
		0x00120000,
		0x00100000,
		0x00590000,
		0x00270000,
		0x00800000,
		0x00ec0000,
		0x005f0000,
		0x00600000,
		0x00510000,
		0x007f0000,
		0x00a90000,
		0x00190000,
		0x00b50000,
		0x004a0000,
		0x000d0000,
		0x002d0000,
		0x00e50000,
		0x007a0000,
		0x009f0000,
		0x00930000,
		0x00c90000,
		0x009c0000,
		0x00ef0000,
		0x00a00000,
		0x00e00000,
		0x003b0000,
		0x004d0000,
		0x00ae0000,
		0x002a0000,
		0x00f50000,
		0x00b00000,
		0x00c80000,
		0x00eb0000,
		0x00bb0000,
		0x003c0000,
		0x00830000,
		0x00530000,
		0x00990000,
		0x00610000,
		0x00170000,
		0x002b0000,
		0x00040000,
		0x007e0000,
		0x00ba0000,
		0x00770000,
		0x00d60000,
		0x00260000,
		0x00e10000,
		0x00690000,
		0x00140000,
		0x00630000,
		0x00550000,
		0x00210000,
		0x000c0000,
		0x007d0000,
	},
	{
		0x52000000,
		0x09000000,
		0x6a000000,
		0xd5000000,
		0x30000000,
		0x36000000,
		0xa5000000,
		0x38000000,
		0xbf000000,
		0x40000000,
		0xa3000000,
		0x9e000000,
		0x81000000,
		0xf3000000,
		0xd7000000,
		0xfb000000,
		0x7c000000,
		0xe3000000,
		0x39000000,
		0x82000000,
		0x9b000000,
		0x2f000000,
		0xff000000,
		0x87000000,
		0x34000000,
		0x8e000000,
		0x43000000,
		0x44000000,
		0xc4000000,
		0xde000000,
		0xe9000000,
		0xcb000000,
		0x54000000,
		0x7b000000,
		0x94000000,
		0x32000000,
		0xa6000000,
		0xc2000000,
		0x23000000,
		0x3d000000,
		0xee000000,
		0x4c000000,
		0x95000000,
		0x0b000000,
		0x42000000,
		0xfa000000,
		0xc3000000,
		0x4e000000,
		0x08000000,
		0x2e000000,
		0xa1000000,
		0x66000000,
		0x28000000,
		0xd9000000,
		0x24000000,
		0xb2000000,
		0x76000000,
		0x5b000000,
		0xa2000000,
		0x49000000,
		0x6d000000,
		0x8b000000,
		0xd1000000,
		0x25000000,
		0x72000000,
		0xf8000000,
		0xf6000000,
		0x64000000,
		0x86000000,
		0x68000000,
		0x98000000,
		0x16000000,
		0xd4000000,
		0xa4000000,
		0x5c000000,
		0xcc000000,
		0x5d000000,
		0x65000000,
		0xb6000000,
		0x92000000,
		0x6c000000,
		0x70000000,
		0x48000000,
		0x50000000,
		0xfd000000,
		0xed000000,
		0xb9000000,
		0xda000000,
		0x5e000000,
		0x15000000,
		0x46000000,
		0x57000000,
		0xa7000000,
		0x8d000000,
		0x9d000000,
		0x84000000,
		0x90000000,
		0xd8000000,
		0xab000000,
		0x00000000,
		0x8c000000,
		0xbc000000,
		0xd3000000,
		0x0a000000,
		0xf7000000,
		0xe4000000,
		0x58000000,
		0x05000000,
		0xb8000000,
		0xb3000000,
		0x45000000,
		0x06000000,
		0xd0000000,
		0x2c000000,
		0x1e000000,
		0x8f000000,
		0xca000000,
		0x3f000000,
		0x0f000000,
		0x02000000,
		0xc1000000,
		0xaf000000,
		0xbd000000,
		0x03000000,
		0x01000000,
		0x13000000,
		0x8a000000,
		0x6b000000,
		0x3a000000,
		0x91000000,
		0x11000000,
		0x41000000,
		0x4f000000,
		0x67000000,
		0xdc000000,
		0xea000000,
		0x97000000,
		0xf2000000,
		0xcf000000,
		0xce000000,
		0xf0000000,
		0xb4000000,
		0xe6000000,
		0x73000000,
		0x96000000,
		0xac000000,
		0x74000000,
		0x22000000,
		0xe7000000,
		0xad000000,
		0x35000000,
		0x85000000,
		0xe2000000,
		0xf9000000,
		0x37000000,
		0xe8000000,
		0x1c000000,
		0x75000000,
		0xdf000000,
		0x6e000000,
		0x47000000,
		0xf1000000,
		0x1a000000,
		0x71000000,
		0x1d000000,
		0x29000000,
		0xc5000000,
		0x89000000,
		0x6f000000,
		0xb7000000,
		0x62000000,
		0x0e000000,
		0xaa000000,
		0x18000000,
		0xbe000000,
		0x1b000000,
		0xfc000000,
		0x56000000,
		0x3e000000,
		0x4b000000,
		0xc6000000,
		0xd2000000,
		0x79000000,
		0x20000000,
		0x9a000000,
		0xdb000000,
		0xc0000000,
		0xfe000000,
		0x78000000,
		0xcd000000,
		0x5a000000,
		0xf4000000,
		0x1f000000,
		0xdd000000,
		0xa8000000,
		0x33000000,
		0x88000000,
		0x07000000,
		0xc7000000,
		0x31000000,
		0xb1000000,
		0x12000000,
		0x10000000,
		0x59000000,
		0x27000000,
		0x80000000,
		0xec000000,
		0x5f000000,
		0x60000000,
		0x51000000,
		0x7f000000,
		0xa9000000,
		0x19000000,
		0xb5000000,
		0x4a000000,
		0x0d000000,
		0x2d000000,
		0xe5000000,
		0x7a000000,
		0x9f000000,
		0x93000000,
		0xc9000000,
		0x9c000000,
		0xef000000,
		0xa0000000,
		0xe0000000,
		0x3b000000,
		0x4d000000,
		0xae000000,
		0x2a000000,
		0xf5000000,
		0xb0000000,
		0xc8000000,
		0xeb000000,
		0xbb000000,
		0x3c000000,
		0x83000000,
		0x53000000,
		0x99000000,
		0x61000000,
		0x17000000,
		0x2b000000,
		0x04000000,
		0x7e000000,
		0xba000000,
		0x77000000,
		0xd6000000,
		0x26000000,
		0xe1000000,
		0x69000000,
		0x14000000,
		0x63000000,
		0x55000000,
		0x21000000,
		0x0c000000,
		0x7d000000,
	},
};

Added Source/AESedp/Intel/AES.s.

















































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
#include "../AESAssembly.h"


// Generate object code only if this implementation has been requested.
#if defined UseAESedp_IntelAssembly


/*	AES.s -- Core AES routines for Intel processors.

	Written by Eric Postpischil, December 13, 2007.
*/


/*	We build these AES routines as a single module because the routines refer
	to labels in Data.s and it is easier and faster to refer to them as local
	labels.

	A local label can be referred to with position-independent assembler
	expressions such as "label-base(register)", where <base> is a local label
	whose address has been loaded into <register>.  (On i386, this is typically
	done with the idiom of a call to the next instrution and a pop of that
	return address into a register.)  Without local labels, the references must
	be done using spaces for addresses "lazy symbols" that are filled in by the
	dynamic loader and loaded by the code that wants the address.

	So the various routines in other files are assembled here via #include
	directives.
*/
#include "Data.s"


#define	TableSize	(256*4)
	/*	Each of the arrays defined in Data.s except for the round constants
		in _AESRcon is composed of four tables of 256 entries of four bytes
		each.  TableSize is the number of bytes in one of those four tables.
	*/


/*	Define a macro to select a value based on architecture.  This reduces
	some of the architecture conditionalization later in the source.
*/
#if defined __i386__
	#define	Arch(i386, x86_64)	i386
#elif defined __x86_64__
	#define	Arch(i386, x86_64)	x86_64
#endif


// Define an instruction for moving pointers.
#define	movp	Arch(movd, movd)
	// Latter argument should be "movq", but the assembler uses "movd".


/*	Rename the general registers.  This makes it easier to keep track of them
	and provides names for the "whole register" that are uniform between i386
	and x86_64.
*/
#if defined __i386__
	#define	r0	%eax	// Available for any use.
	#define	r1	%ecx	// Available for any use, some special purposes (loop).
	#define	r2	%edx	// Available for any use.
	#define	r3	%ebx	// Must be preserved by called routine.
	#define	r4	%esp	// Stack pointer.
	#define	r5	%ebp	// Frame pointer, must preserve, no bare indirect.
	#define	r6	%esi	// Must be preserved by called routine.
	#define	r7	%edi	// Must be preserved by called routine.
#elif defined __x86_64__
	#define	r0	%rax	// Available for any use.
	#define	r1	%rcx	// Available for any use.
	#define	r2	%rdx	// Available for any use.
	#define	r3	%rbx	// Must be preserved by called routine.
	#define	r4	%rsp	// Stack pointer.
	#define	r5	%rbp	// Frame pointer.  Must be preserved by called routine.
	#define	r6	%rsi	// Available for any use.
	#define	r7	%rdi	// Available for any use.
	#define	r8	%r8		// Available for any use.
	#define	r9	%r9		// Available for any use.
	#define	r10	%r10	// Available for any use.
	#define	r11	%r11	// Available for any use.
	#define	r12	%r12	// Must be preserved by called routine.
	#define	r13	%r13	// Must be preserved by called routine.
	#define	r14	%r14	// Must be preserved by called routine.
	#define	r15	%r15	// Must be preserved by called routine.
#else
	#error "Unknown architecture."
#endif

// Define names for parts of registers.

#define	r0d		%eax	// Low 32 bits of r0.
#define	r1d		%ecx	// Low 32 bits of r1.
#define	r2d		%edx	// Low 32 bits of r2.
#define	r3d		%ebx	// Low 32 bits of r3.
#define	r5d		%ebp	// Low 32 bits of r5.
#define	r6d		%esi	// Low 32 bits of r6.
#define	r7d		%edi	// Low 32 bits of r7.
#define	r8d		%r8d	// Low 32 bits of r8.
#define	r9d		%r9d	// Low 32 bits of r9.
#define	r11d	%r11d	// Low 32 bits of r11.

#define	r0l		%al		// Low byte of r0.
#define	r1l		%cl		// Low byte of r1.
#define	r2l		%dl		// Low byte of r2.
#define	r3l		%bl		// Low byte of r3.
#define	r5l		%bpl	// Low byte of r5.

#define	r0h		%ah		// Second lowest byte of r0.
#define	r1h		%ch		// Second lowest byte of r1.
#define	r2h		%dh		// Second lowest byte of r2.
#define	r3h		%bh		// Second lowest byte of r3.


	.text


// Define encryption routine, _AESEncryptWithExpandedKey
#define	Select	0
#include "EncryptDecrypt.s"
#undef	Select


// Define decryption routine, _AESDecryptWithExpandedKey
#define	Select	1
#include "EncryptDecrypt.s"
#undef	Select


// Define key expansion routine for encryption, _AESExpandKeyForEncryption.
#include "ExpandKeyForEncryption.s"


// Define key expansion for decryption routine, _AESExpandKeyForDecryption.
#include "ExpandKeyForDecryption.s"


#endif	// defined UseAESedp_IntelAssembly

Added Source/AESedp/Intel/Data.s.

























































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
2951
2952
2953
2954
2955
2956
2957
2958
2959
2960
2961
2962
2963
2964
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
2982
2983
2984
2985
2986
2987
2988
2989
2990
2991
2992
2993
2994
2995
2996
2997
2998
2999
3000
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053
3054
3055
3056
3057
3058
3059
3060
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190
3191
3192
3193
3194
3195
3196
3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209
3210
3211
3212
3213
3214
3215
3216
3217
3218
3219
3220
3221
3222
3223
3224
3225
3226
3227
3228
3229
3230
3231
3232
3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
3251
3252
3253
3254
3255
3256
3257
3258
3259
3260
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
3362
3363
3364
3365
3366
3367
3368
3369
3370
3371
3372
3373
3374
3375
3376
3377
3378
3379
3380
3381
3382
3383
3384
3385
3386
3387
3388
3389
3390
3391
3392
3393
3394
3395
3396
3397
3398
3399
3400
3401
3402
3403
3404
3405
3406
3407
3408
3409
3410
3411
3412
3413
3414
3415
3416
3417
3418
3419
3420
3421
3422
3423
3424
3425
3426
3427
3428
3429
3430
3431
3432
3433
3434
3435
3436
3437
3438
3439
3440
3441
3442
3443
3444
3445
3446
3447
3448
3449
3450
3451
3452
3453
3454
3455
3456
3457
3458
3459
3460
3461
3462
3463
3464
3465
3466
3467
3468
3469
3470
3471
3472
3473
3474
3475
3476
3477
3478
3479
3480
3481
3482
3483
3484
3485
3486
3487
3488
3489
3490
3491
3492
3493
3494
3495
3496
3497
3498
3499
3500
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510
3511
3512
3513
3514
3515
3516
3517
3518
3519
3520
3521
3522
3523
3524
3525
3526
3527
3528
3529
3530
3531
3532
3533
3534
3535
3536
3537
3538
3539
3540
3541
3542
3543
3544
3545
3546
3547
3548
3549
3550
3551
3552
3553
3554
3555
3556
3557
3558
3559
3560
3561
3562
3563
3564
3565
3566
3567
3568
3569
3570
3571
3572
3573
3574
3575
3576
3577
3578
3579
3580
3581
3582
3583
3584
3585
3586
3587
3588
3589
3590
3591
3592
3593
3594
3595
3596
3597
3598
3599
3600
3601
3602
3603
3604
3605
3606
3607
3608
3609
3610
3611
3612
3613
3614
3615
3616
3617
3618
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
3684
3685
3686
3687
3688
3689
3690
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
3713
3714
3715
3716
3717
3718
3719
3720
3721
3722
3723
3724
3725
3726
3727
3728
3729
3730
3731
3732
3733
3734
3735
3736
3737
3738
3739
3740
3741
3742
3743
3744
3745
3746
3747
3748
3749
3750
3751
3752
3753
3754
3755
3756
3757
3758
3759
3760
3761
3762
3763
3764
3765
3766
3767
3768
3769
3770
3771
3772
3773
3774
3775
3776
3777
3778
3779
3780
3781
3782
3783
3784
3785
3786
3787
3788
3789
3790
3791
3792
3793
3794
3795
3796
3797
3798
3799
3800
3801
3802
3803
3804
3805
3806
3807
3808
3809
3810
3811
3812
3813
3814
3815
3816
3817
3818
3819
3820
3821
3822
3823
3824
3825
3826
3827
3828
3829
3830
3831
3832
3833
3834
3835
3836
3837
3838
3839
3840
3841
3842
3843
3844
3845
3846
3847
3848
3849
3850
3851
3852
3853
3854
3855
3856
3857
3858
3859
3860
3861
3862
3863
3864
3865
3866
3867
3868
3869
3870
3871
3872
3873
3874
3875
3876
3877
3878
3879
3880
3881
3882
3883
3884
3885
3886
3887
3888
3889
3890
3891
3892
3893
3894
3895
3896
3897
3898
3899
3900
3901
3902
3903
3904
3905
3906
3907
3908
3909
3910
3911
3912
3913
3914
3915
3916
3917
3918
3919
3920
3921
3922
3923
3924
3925
3926
3927
3928
3929
3930
3931
3932
3933
3934
3935
3936
3937
3938
3939
3940
3941
3942
3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
3953
3954
3955
3956
3957
3958
3959
3960
3961
3962
3963
3964
3965
3966
3967
3968
3969
3970
3971
3972
3973
3974
3975
3976
3977
3978
3979
3980
3981
3982
3983
3984
3985
3986
3987
3988
3989
3990
3991
3992
3993
3994
3995
3996
3997
3998
3999
4000
4001
4002
4003
4004
4005
4006
4007
4008
4009
4010
4011
4012
4013
4014
4015
4016
4017
4018
4019
4020
4021
4022
4023
4024
4025
4026
4027
4028
4029
4030
4031
4032
4033
4034
4035
4036
4037
4038
4039
4040
4041
4042
4043
4044
4045
4046
4047
4048
4049
4050
4051
4052
4053
4054
4055
4056
4057
4058
4059
4060
4061
4062
4063
4064
4065
4066
4067
4068
4069
4070
4071
4072
4073
4074
4075
4076
4077
4078
4079
4080
4081
4082
4083
4084
4085
4086
4087
4088
4089
4090
4091
4092
4093
4094
4095
4096
4097
4098
4099
4100
4101
4102
4103
4104
4105
4106
4107
4108
4109
4110
4111
4112
4113
4114
4115
4116
4117
4118
4119
4120
4121
4122
4123
4124
4125
4126
4127
4128
4129
4130
4131
4132
4133
4134
4135
4136
4137
4138
4139
4140
4141
4142
4143
4144
4145
4146
4147
4148
4149
4150
4151
4152
4153
4154
4155
4156
4157
4158
4159
4160
4161
4162
4163
4164
4165
4166
4167
4168
4169
4170
4171
4172
4173
4174
4175
4176
4177
4178
4179
4180
4181
4182
4183
4184
4185
4186
4187
4188
4189
4190
4191
4192
4193
4194
4195
4196
4197
4198
4199
4200
4201
4202
4203
4204
4205
4206
4207
4208
4209
4210
4211
4212
4213
4214
4215
4216
4217
4218
4219
4220
4221
4222
4223
4224
4225
4226
4227
4228
4229
4230
4231
4232
4233
4234
4235
4236
4237
4238
4239
4240
4241
4242
4243
4244
4245
4246
4247
4248
4249
4250
4251
4252
4253
4254
4255
4256
4257
4258
4259
4260
4261
4262
4263
4264
4265
4266
4267
4268
4269
4270
4271
4272
4273
4274
4275
4276
4277
4278
4279
4280
4281
4282
4283
4284
4285
4286
4287
4288
4289
4290
4291
4292
4293
4294
4295
4296
4297
4298
4299
4300
4301
4302
4303
4304
4305
4306
4307
4308
4309
4310
4311
4312
4313
4314
4315
4316
4317
4318
4319
4320
4321
4322
4323
4324
4325
4326
4327
4328
4329
4330
4331
4332
4333
4334
4335
4336
4337
4338
4339
4340
4341
4342
4343
4344
4345
4346
4347
4348
4349
4350
4351
4352
4353
4354
4355
4356
4357
4358
4359
4360
4361
4362
4363
4364
4365
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
4384
4385
4386
4387
4388
4389
4390
4391
4392
4393
4394
4395
4396
4397
4398
4399
4400
4401
4402
4403
4404
4405
4406
4407
4408
4409
4410
4411
4412
4413
4414
4415
4416
4417
4418
4419
4420
4421
4422
4423
4424
4425
4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443
4444
4445
4446
4447
4448
4449
4450
4451
4452
4453
4454
4455
4456
4457
4458
4459
4460
4461
4462
4463
4464
4465
4466
4467
4468
4469
4470
4471
4472
4473
4474
4475
4476
4477
4478
4479
4480
4481
4482
4483
4484
4485
4486
4487
4488
4489
4490
4491
4492
4493
4494
4495
4496
4497
4498
4499
4500
4501
4502
4503
4504
4505
4506
4507
4508
4509
4510
4511
4512
4513
4514
4515
4516
4517
4518
4519
4520
4521
4522
4523
4524
4525
4526
4527
4528
4529
4530
4531
4532
4533
4534
4535
4536
4537
4538
4539
4540
4541
4542
4543
4544
4545
4546
4547
4548
4549
4550
4551
4552
4553
4554
4555
4556
4557
4558
4559
4560
4561
4562
4563
4564
4565
4566
4567
4568
4569
4570
4571
4572
4573
4574
4575
4576
4577
4578
4579
4580
4581
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
4633
4634
4635
4636
4637
4638
4639
4640
4641
4642
4643
4644
4645
4646
4647
4648
4649
4650
4651
4652
4653
4654
4655
4656
4657
4658
4659
4660
4661
4662
4663
4664
4665
4666
4667
4668
4669
4670
4671
4672
4673
4674
4675
4676
4677
4678
4679
4680
4681
4682
4683
4684
4685
4686
4687
4688
4689
4690
4691
4692
4693
4694
4695
4696
4697
4698
4699
4700
4701
4702
4703
4704
4705
4706
4707
4708
4709
4710
4711
4712
4713
4714
4715
4716
4717
4718
4719
4720
4721
4722
4723
4724
4725
4726
4727
4728
4729
4730
4731
4732
4733
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
4744
4745
4746
4747
4748
4749
4750
4751
4752
4753
4754
4755
4756
4757
4758
4759
4760
4761
4762
4763
4764
4765
4766
4767
4768
4769
4770
4771
4772
4773
4774
4775
4776
4777
4778
4779
4780
4781
4782
4783
4784
4785
4786
4787
4788
4789
4790
4791
4792
4793
4794
4795
4796
4797
4798
4799
4800
4801
4802
4803
4804
4805
4806
4807
4808
4809
4810
4811
4812
4813
4814
4815
4816
4817
4818
4819
4820
4821
4822
4823
4824
4825
4826
4827
4828
4829
4830
4831
4832
4833
4834
4835
4836
4837
4838
4839
4840
4841
4842
4843
4844
4845
4846
4847
4848
4849
4850
4851
4852
4853
4854
4855
4856
4857
4858
4859
4860
4861
4862
4863
4864
4865
4866
4867
4868
4869
4870
4871
4872
4873
4874
4875
4876
4877
4878
4879
4880
4881
4882
4883
4884
4885
4886
4887
4888
4889
4890
4891
4892
4893
4894
4895
4896
4897
4898
4899
4900
4901
4902
4903
4904
4905
4906
4907
4908
4909
4910
4911
4912
4913
4914
4915
4916
4917
4918
4919
4920
4921
4922
4923
4924
4925
4926
4927
4928
4929
4930
4931
4932
4933
4934
4935
4936
4937
4938
4939
4940
4941
4942
4943
4944
4945
4946
4947
4948
4949
4950
4951
4952
4953
4954
4955
4956
4957
4958
4959
4960
4961
4962
4963
4964
4965
4966
4967
4968
4969
4970
4971
4972
4973
4974
4975
4976
4977
4978
4979
4980
4981
4982
4983
4984
4985
4986
4987
4988
4989
4990
4991
4992
4993
4994
4995
4996
4997
4998
4999
5000
5001
5002
5003
5004
5005
5006
5007
5008
5009
5010
5011
5012
5013
5014
5015
5016
5017
5018
5019
5020
5021
5022
5023
5024
5025
5026
5027
5028
5029
5030
5031
5032
5033
5034
5035
5036
5037
5038
5039
5040
5041
5042
5043
5044
5045
5046
5047
5048
5049
5050
5051
5052
5053
5054
5055
5056
5057
5058
5059
5060
5061
5062
5063
5064
5065
5066
5067
5068
5069
5070
5071
5072
5073
5074
5075
5076
5077
5078
5079
5080
5081
5082
5083
5084
5085
5086
5087
5088
5089
5090
5091
5092
5093
5094
5095
5096
5097
5098
5099
5100
5101
5102
5103
5104
5105
5106
5107
5108
5109
5110
5111
5112
5113
5114
5115
5116
5117
5118
5119
5120
5121
5122
5123
5124
5125
5126
5127
5128
5129
5130
5131
5132
5133
5134
5135
5136
5137
5138
5139
5140
5141
5142
5143
5144
5145
5146
5147
5148
5149
5150
5151
5152
5153
5154
5155
5156
5157
5158
5159
5160
5161
5162
5163
5164
5165
5166
5167
5168
5169
5170
5171
5172
5173
5174
5175
5176
5177
5178
5179
5180
5181
5182
5183
5184
5185
5186
5187
5188
5189
5190
5191
5192
5193
5194
5195
5196
// This file was generated by MakeData.c.


	.section .rodata


// Round constants.
	.globl	_AESRcon
	.private_extern	_AESRcon
_AESRcon:
	.byte	0	// Not used, included for indexing simplicity.
	.byte	0x01
	.byte	0x02
	.byte	0x04
	.byte	0x08
	.byte	0x10
	.byte	0x20
	.byte	0x40
	.byte	0x80
	.byte	0x1b
	.byte	0x36


// Tables for InvMixColumn.
	.globl	_AESInvMixColumnTable
	.private_extern	_AESInvMixColumnTable
	.align	2
_AESInvMixColumnTable:
	// Table 0.
	.long	0x00000000
	.long	0x0b0d090e
	.long	0x161a121c
	.long	0x1d171b12
	.long	0x2c342438
	.long	0x27392d36
	.long	0x3a2e3624
	.long	0x31233f2a
	.long	0x58684870
	.long	0x5365417e
	.long	0x4e725a6c
	.long	0x457f5362
	.long	0x745c6c48
	.long	0x7f516546
	.long	0x62467e54
	.long	0x694b775a
	.long	0xb0d090e0
	.long	0xbbdd99ee
	.long	0xa6ca82fc
	.long	0xadc78bf2
	.long	0x9ce4b4d8
	.long	0x97e9bdd6
	.long	0x8afea6c4
	.long	0x81f3afca
	.long	0xe8b8d890
	.long	0xe3b5d19e
	.long	0xfea2ca8c
	.long	0xf5afc382
	.long	0xc48cfca8
	.long	0xcf81f5a6
	.long	0xd296eeb4
	.long	0xd99be7ba
	.long	0x7bbb3bdb
	.long	0x70b632d5
	.long	0x6da129c7
	.long	0x66ac20c9
	.long	0x578f1fe3
	.long	0x5c8216ed
	.long	0x41950dff
	.long	0x4a9804f1
	.long	0x23d373ab
	.long	0x28de7aa5
	.long	0x35c961b7
	.long	0x3ec468b9
	.long	0x0fe75793
	.long	0x04ea5e9d
	.long	0x19fd458f
	.long	0x12f04c81
	.long	0xcb6bab3b
	.long	0xc066a235
	.long	0xdd71b927
	.long	0xd67cb029
	.long	0xe75f8f03
	.long	0xec52860d
	.long	0xf1459d1f
	.long	0xfa489411
	.long	0x9303e34b
	.long	0x980eea45
	.long	0x8519f157
	.long	0x8e14f859
	.long	0xbf37c773
	.long	0xb43ace7d
	.long	0xa92dd56f
	.long	0xa220dc61
	.long	0xf66d76ad
	.long	0xfd607fa3
	.long	0xe07764b1
	.long	0xeb7a6dbf
	.long	0xda595295
	.long	0xd1545b9b
	.long	0xcc434089
	.long	0xc74e4987
	.long	0xae053edd
	.long	0xa50837d3
	.long	0xb81f2cc1
	.long	0xb31225cf
	.long	0x82311ae5
	.long	0x893c13eb
	.long	0x942b08f9
	.long	0x9f2601f7
	.long	0x46bde64d
	.long	0x4db0ef43
	.long	0x50a7f451
	.long	0x5baafd5f
	.long	0x6a89c275
	.long	0x6184cb7b
	.long	0x7c93d069
	.long	0x779ed967
	.long	0x1ed5ae3d
	.long	0x15d8a733
	.long	0x08cfbc21
	.long	0x03c2b52f
	.long	0x32e18a05
	.long	0x39ec830b
	.long	0x24fb9819
	.long	0x2ff69117
	.long	0x8dd64d76
	.long	0x86db4478
	.long	0x9bcc5f6a
	.long	0x90c15664
	.long	0xa1e2694e
	.long	0xaaef6040
	.long	0xb7f87b52
	.long	0xbcf5725c
	.long	0xd5be0506
	.long	0xdeb30c08
	.long	0xc3a4171a
	.long	0xc8a91e14
	.long	0xf98a213e
	.long	0xf2872830
	.long	0xef903322
	.long	0xe49d3a2c
	.long	0x3d06dd96
	.long	0x360bd498
	.long	0x2b1ccf8a
	.long	0x2011c684
	.long	0x1132f9ae
	.long	0x1a3ff0a0
	.long	0x0728ebb2
	.long	0x0c25e2bc
	.long	0x656e95e6
	.long	0x6e639ce8
	.long	0x737487fa
	.long	0x78798ef4
	.long	0x495ab1de
	.long	0x4257b8d0
	.long	0x5f40a3c2
	.long	0x544daacc
	.long	0xf7daec41
	.long	0xfcd7e54f
	.long	0xe1c0fe5d
	.long	0xeacdf753
	.long	0xdbeec879
	.long	0xd0e3c177
	.long	0xcdf4da65
	.long	0xc6f9d36b
	.long	0xafb2a431
	.long	0xa4bfad3f
	.long	0xb9a8b62d
	.long	0xb2a5bf23
	.long	0x83868009
	.long	0x888b8907
	.long	0x959c9215
	.long	0x9e919b1b
	.long	0x470a7ca1
	.long	0x4c0775af
	.long	0x51106ebd
	.long	0x5a1d67b3
	.long	0x6b3e5899
	.long	0x60335197
	.long	0x7d244a85
	.long	0x7629438b
	.long	0x1f6234d1
	.long	0x146f3ddf
	.long	0x097826cd
	.long	0x02752fc3
	.long	0x335610e9
	.long	0x385b19e7
	.long	0x254c02f5
	.long	0x2e410bfb
	.long	0x8c61d79a
	.long	0x876cde94
	.long	0x9a7bc586
	.long	0x9176cc88
	.long	0xa055f3a2
	.long	0xab58faac
	.long	0xb64fe1be
	.long	0xbd42e8b0
	.long	0xd4099fea
	.long	0xdf0496e4
	.long	0xc2138df6
	.long	0xc91e84f8
	.long	0xf83dbbd2
	.long	0xf330b2dc
	.long	0xee27a9ce
	.long	0xe52aa0c0
	.long	0x3cb1477a
	.long	0x37bc4e74
	.long	0x2aab5566
	.long	0x21a65c68
	.long	0x10856342
	.long	0x1b886a4c
	.long	0x069f715e
	.long	0x0d927850
	.long	0x64d90f0a
	.long	0x6fd40604
	.long	0x72c31d16
	.long	0x79ce1418
	.long	0x48ed2b32
	.long	0x43e0223c
	.long	0x5ef7392e
	.long	0x55fa3020
	.long	0x01b79aec
	.long	0x0aba93e2
	.long	0x17ad88f0
	.long	0x1ca081fe
	.long	0x2d83bed4
	.long	0x268eb7da
	.long	0x3b99acc8
	.long	0x3094a5c6
	.long	0x59dfd29c
	.long	0x52d2db92
	.long	0x4fc5c080
	.long	0x44c8c98e
	.long	0x75ebf6a4
	.long	0x7ee6ffaa
	.long	0x63f1e4b8
	.long	0x68fcedb6
	.long	0xb1670a0c
	.long	0xba6a0302
	.long	0xa77d1810
	.long	0xac70111e
	.long	0x9d532e34
	.long	0x965e273a
	.long	0x8b493c28
	.long	0x80443526
	.long	0xe90f427c
	.long	0xe2024b72
	.long	0xff155060
	.long	0xf418596e
	.long	0xc53b6644
	.long	0xce366f4a
	.long	0xd3217458
	.long	0xd82c7d56
	.long	0x7a0ca137
	.long	0x7101a839
	.long	0x6c16b32b
	.long	0x671bba25
	.long	0x5638850f
	.long	0x5d358c01
	.long	0x40229713
	.long	0x4b2f9e1d
	.long	0x2264e947
	.long	0x2969e049
	.long	0x347efb5b
	.long	0x3f73f255
	.long	0x0e50cd7f
	.long	0x055dc471
	.long	0x184adf63
	.long	0x1347d66d
	.long	0xcadc31d7
	.long	0xc1d138d9
	.long	0xdcc623cb
	.long	0xd7cb2ac5
	.long	0xe6e815ef
	.long	0xede51ce1
	.long	0xf0f207f3
	.long	0xfbff0efd
	.long	0x92b479a7
	.long	0x99b970a9
	.long	0x84ae6bbb
	.long	0x8fa362b5
	.long	0xbe805d9f
	.long	0xb58d5491
	.long	0xa89a4f83
	.long	0xa397468d
	// Table 1.
	.long	0x00000000
	.long	0x0d090e0b
	.long	0x1a121c16
	.long	0x171b121d
	.long	0x3424382c
	.long	0x392d3627
	.long	0x2e36243a
	.long	0x233f2a31
	.long	0x68487058
	.long	0x65417e53
	.long	0x725a6c4e
	.long	0x7f536245
	.long	0x5c6c4874
	.long	0x5165467f
	.long	0x467e5462
	.long	0x4b775a69
	.long	0xd090e0b0
	.long	0xdd99eebb
	.long	0xca82fca6
	.long	0xc78bf2ad
	.long	0xe4b4d89c
	.long	0xe9bdd697
	.long	0xfea6c48a
	.long	0xf3afca81
	.long	0xb8d890e8
	.long	0xb5d19ee3
	.long	0xa2ca8cfe
	.long	0xafc382f5
	.long	0x8cfca8c4
	.long	0x81f5a6cf
	.long	0x96eeb4d2
	.long	0x9be7bad9
	.long	0xbb3bdb7b
	.long	0xb632d570
	.long	0xa129c76d
	.long	0xac20c966
	.long	0x8f1fe357
	.long	0x8216ed5c
	.long	0x950dff41
	.long	0x9804f14a
	.long	0xd373ab23
	.long	0xde7aa528
	.long	0xc961b735
	.long	0xc468b93e
	.long	0xe757930f
	.long	0xea5e9d04
	.long	0xfd458f19
	.long	0xf04c8112
	.long	0x6bab3bcb
	.long	0x66a235c0
	.long	0x71b927dd
	.long	0x7cb029d6
	.long	0x5f8f03e7
	.long	0x52860dec
	.long	0x459d1ff1
	.long	0x489411fa
	.long	0x03e34b93
	.long	0x0eea4598
	.long	0x19f15785
	.long	0x14f8598e
	.long	0x37c773bf
	.long	0x3ace7db4
	.long	0x2dd56fa9
	.long	0x20dc61a2
	.long	0x6d76adf6
	.long	0x607fa3fd
	.long	0x7764b1e0
	.long	0x7a6dbfeb
	.long	0x595295da
	.long	0x545b9bd1
	.long	0x434089cc
	.long	0x4e4987c7
	.long	0x053eddae
	.long	0x0837d3a5
	.long	0x1f2cc1b8
	.long	0x1225cfb3
	.long	0x311ae582
	.long	0x3c13eb89
	.long	0x2b08f994
	.long	0x2601f79f
	.long	0xbde64d46
	.long	0xb0ef434d
	.long	0xa7f45150
	.long	0xaafd5f5b
	.long	0x89c2756a
	.long	0x84cb7b61
	.long	0x93d0697c
	.long	0x9ed96777
	.long	0xd5ae3d1e
	.long	0xd8a73315
	.long	0xcfbc2108
	.long	0xc2b52f03
	.long	0xe18a0532
	.long	0xec830b39
	.long	0xfb981924
	.long	0xf691172f
	.long	0xd64d768d
	.long	0xdb447886
	.long	0xcc5f6a9b
	.long	0xc1566490
	.long	0xe2694ea1
	.long	0xef6040aa
	.long	0xf87b52b7
	.long	0xf5725cbc
	.long	0xbe0506d5
	.long	0xb30c08de
	.long	0xa4171ac3
	.long	0xa91e14c8
	.long	0x8a213ef9
	.long	0x872830f2
	.long	0x903322ef
	.long	0x9d3a2ce4
	.long	0x06dd963d
	.long	0x0bd49836
	.long	0x1ccf8a2b
	.long	0x11c68420
	.long	0x32f9ae11
	.long	0x3ff0a01a
	.long	0x28ebb207
	.long	0x25e2bc0c
	.long	0x6e95e665
	.long	0x639ce86e
	.long	0x7487fa73
	.long	0x798ef478
	.long	0x5ab1de49
	.long	0x57b8d042
	.long	0x40a3c25f
	.long	0x4daacc54
	.long	0xdaec41f7
	.long	0xd7e54ffc
	.long	0xc0fe5de1
	.long	0xcdf753ea
	.long	0xeec879db
	.long	0xe3c177d0
	.long	0xf4da65cd
	.long	0xf9d36bc6
	.long	0xb2a431af
	.long	0xbfad3fa4
	.long	0xa8b62db9
	.long	0xa5bf23b2
	.long	0x86800983
	.long	0x8b890788
	.long	0x9c921595
	.long	0x919b1b9e
	.long	0x0a7ca147
	.long	0x0775af4c
	.long	0x106ebd51
	.long	0x1d67b35a
	.long	0x3e58996b
	.long	0x33519760
	.long	0x244a857d
	.long	0x29438b76
	.long	0x6234d11f
	.long	0x6f3ddf14
	.long	0x7826cd09
	.long	0x752fc302
	.long	0x5610e933
	.long	0x5b19e738
	.long	0x4c02f525
	.long	0x410bfb2e
	.long	0x61d79a8c
	.long	0x6cde9487
	.long	0x7bc5869a
	.long	0x76cc8891
	.long	0x55f3a2a0
	.long	0x58faacab
	.long	0x4fe1beb6
	.long	0x42e8b0bd
	.long	0x099fead4
	.long	0x0496e4df
	.long	0x138df6c2
	.long	0x1e84f8c9
	.long	0x3dbbd2f8
	.long	0x30b2dcf3
	.long	0x27a9ceee
	.long	0x2aa0c0e5
	.long	0xb1477a3c
	.long	0xbc4e7437
	.long	0xab55662a
	.long	0xa65c6821
	.long	0x85634210
	.long	0x886a4c1b
	.long	0x9f715e06
	.long	0x9278500d
	.long	0xd90f0a64
	.long	0xd406046f
	.long	0xc31d1672
	.long	0xce141879
	.long	0xed2b3248
	.long	0xe0223c43
	.long	0xf7392e5e
	.long	0xfa302055
	.long	0xb79aec01
	.long	0xba93e20a
	.long	0xad88f017
	.long	0xa081fe1c
	.long	0x83bed42d
	.long	0x8eb7da26
	.long	0x99acc83b
	.long	0x94a5c630
	.long	0xdfd29c59
	.long	0xd2db9252
	.long	0xc5c0804f
	.long	0xc8c98e44
	.long	0xebf6a475
	.long	0xe6ffaa7e
	.long	0xf1e4b863
	.long	0xfcedb668
	.long	0x670a0cb1
	.long	0x6a0302ba
	.long	0x7d1810a7
	.long	0x70111eac
	.long	0x532e349d
	.long	0x5e273a96
	.long	0x493c288b
	.long	0x44352680
	.long	0x0f427ce9
	.long	0x024b72e2
	.long	0x155060ff
	.long	0x18596ef4
	.long	0x3b6644c5
	.long	0x366f4ace
	.long	0x217458d3
	.long	0x2c7d56d8
	.long	0x0ca1377a
	.long	0x01a83971
	.long	0x16b32b6c
	.long	0x1bba2567
	.long	0x38850f56
	.long	0x358c015d
	.long	0x22971340
	.long	0x2f9e1d4b
	.long	0x64e94722
	.long	0x69e04929
	.long	0x7efb5b34
	.long	0x73f2553f
	.long	0x50cd7f0e
	.long	0x5dc47105
	.long	0x4adf6318
	.long	0x47d66d13
	.long	0xdc31d7ca
	.long	0xd138d9c1
	.long	0xc623cbdc
	.long	0xcb2ac5d7
	.long	0xe815efe6
	.long	0xe51ce1ed
	.long	0xf207f3f0
	.long	0xff0efdfb
	.long	0xb479a792
	.long	0xb970a999
	.long	0xae6bbb84
	.long	0xa362b58f
	.long	0x805d9fbe
	.long	0x8d5491b5
	.long	0x9a4f83a8
	.long	0x97468da3
	// Table 2.
	.long	0x00000000
	.long	0x090e0b0d
	.long	0x121c161a
	.long	0x1b121d17
	.long	0x24382c34
	.long	0x2d362739
	.long	0x36243a2e
	.long	0x3f2a3123
	.long	0x48705868
	.long	0x417e5365
	.long	0x5a6c4e72
	.long	0x5362457f
	.long	0x6c48745c
	.long	0x65467f51
	.long	0x7e546246
	.long	0x775a694b
	.long	0x90e0b0d0
	.long	0x99eebbdd
	.long	0x82fca6ca
	.long	0x8bf2adc7
	.long	0xb4d89ce4
	.long	0xbdd697e9
	.long	0xa6c48afe
	.long	0xafca81f3
	.long	0xd890e8b8
	.long	0xd19ee3b5
	.long	0xca8cfea2
	.long	0xc382f5af
	.long	0xfca8c48c
	.long	0xf5a6cf81
	.long	0xeeb4d296
	.long	0xe7bad99b
	.long	0x3bdb7bbb
	.long	0x32d570b6
	.long	0x29c76da1
	.long	0x20c966ac
	.long	0x1fe3578f
	.long	0x16ed5c82
	.long	0x0dff4195
	.long	0x04f14a98
	.long	0x73ab23d3
	.long	0x7aa528de
	.long	0x61b735c9
	.long	0x68b93ec4
	.long	0x57930fe7
	.long	0x5e9d04ea
	.long	0x458f19fd
	.long	0x4c8112f0
	.long	0xab3bcb6b
	.long	0xa235c066
	.long	0xb927dd71
	.long	0xb029d67c
	.long	0x8f03e75f
	.long	0x860dec52
	.long	0x9d1ff145
	.long	0x9411fa48
	.long	0xe34b9303
	.long	0xea45980e
	.long	0xf1578519
	.long	0xf8598e14
	.long	0xc773bf37
	.long	0xce7db43a
	.long	0xd56fa92d
	.long	0xdc61a220
	.long	0x76adf66d
	.long	0x7fa3fd60
	.long	0x64b1e077
	.long	0x6dbfeb7a
	.long	0x5295da59
	.long	0x5b9bd154
	.long	0x4089cc43
	.long	0x4987c74e
	.long	0x3eddae05
	.long	0x37d3a508
	.long	0x2cc1b81f
	.long	0x25cfb312
	.long	0x1ae58231
	.long	0x13eb893c
	.long	0x08f9942b
	.long	0x01f79f26
	.long	0xe64d46bd
	.long	0xef434db0
	.long	0xf45150a7
	.long	0xfd5f5baa
	.long	0xc2756a89
	.long	0xcb7b6184
	.long	0xd0697c93
	.long	0xd967779e
	.long	0xae3d1ed5
	.long	0xa73315d8
	.long	0xbc2108cf
	.long	0xb52f03c2
	.long	0x8a0532e1
	.long	0x830b39ec
	.long	0x981924fb
	.long	0x91172ff6
	.long	0x4d768dd6
	.long	0x447886db
	.long	0x5f6a9bcc
	.long	0x566490c1
	.long	0x694ea1e2
	.long	0x6040aaef
	.long	0x7b52b7f8
	.long	0x725cbcf5
	.long	0x0506d5be
	.long	0x0c08deb3
	.long	0x171ac3a4
	.long	0x1e14c8a9
	.long	0x213ef98a
	.long	0x2830f287
	.long	0x3322ef90
	.long	0x3a2ce49d
	.long	0xdd963d06
	.long	0xd498360b
	.long	0xcf8a2b1c
	.long	0xc6842011
	.long	0xf9ae1132
	.long	0xf0a01a3f
	.long	0xebb20728
	.long	0xe2bc0c25
	.long	0x95e6656e
	.long	0x9ce86e63
	.long	0x87fa7374
	.long	0x8ef47879
	.long	0xb1de495a
	.long	0xb8d04257
	.long	0xa3c25f40
	.long	0xaacc544d
	.long	0xec41f7da
	.long	0xe54ffcd7
	.long	0xfe5de1c0
	.long	0xf753eacd
	.long	0xc879dbee
	.long	0xc177d0e3
	.long	0xda65cdf4
	.long	0xd36bc6f9
	.long	0xa431afb2
	.long	0xad3fa4bf
	.long	0xb62db9a8
	.long	0xbf23b2a5
	.long	0x80098386
	.long	0x8907888b
	.long	0x9215959c
	.long	0x9b1b9e91
	.long	0x7ca1470a
	.long	0x75af4c07
	.long	0x6ebd5110
	.long	0x67b35a1d
	.long	0x58996b3e
	.long	0x51976033
	.long	0x4a857d24
	.long	0x438b7629
	.long	0x34d11f62
	.long	0x3ddf146f
	.long	0x26cd0978
	.long	0x2fc30275
	.long	0x10e93356
	.long	0x19e7385b
	.long	0x02f5254c
	.long	0x0bfb2e41
	.long	0xd79a8c61
	.long	0xde94876c
	.long	0xc5869a7b
	.long	0xcc889176
	.long	0xf3a2a055
	.long	0xfaacab58
	.long	0xe1beb64f
	.long	0xe8b0bd42
	.long	0x9fead409
	.long	0x96e4df04
	.long	0x8df6c213
	.long	0x84f8c91e
	.long	0xbbd2f83d
	.long	0xb2dcf330
	.long	0xa9ceee27
	.long	0xa0c0e52a
	.long	0x477a3cb1
	.long	0x4e7437bc
	.long	0x55662aab
	.long	0x5c6821a6
	.long	0x63421085
	.long	0x6a4c1b88
	.long	0x715e069f
	.long	0x78500d92
	.long	0x0f0a64d9
	.long	0x06046fd4
	.long	0x1d1672c3
	.long	0x141879ce
	.long	0x2b3248ed
	.long	0x223c43e0
	.long	0x392e5ef7
	.long	0x302055fa
	.long	0x9aec01b7
	.long	0x93e20aba
	.long	0x88f017ad
	.long	0x81fe1ca0
	.long	0xbed42d83
	.long	0xb7da268e
	.long	0xacc83b99
	.long	0xa5c63094
	.long	0xd29c59df
	.long	0xdb9252d2
	.long	0xc0804fc5
	.long	0xc98e44c8
	.long	0xf6a475eb
	.long	0xffaa7ee6
	.long	0xe4b863f1
	.long	0xedb668fc
	.long	0x0a0cb167
	.long	0x0302ba6a
	.long	0x1810a77d
	.long	0x111eac70
	.long	0x2e349d53
	.long	0x273a965e
	.long	0x3c288b49
	.long	0x35268044
	.long	0x427ce90f
	.long	0x4b72e202
	.long	0x5060ff15
	.long	0x596ef418
	.long	0x6644c53b
	.long	0x6f4ace36
	.long	0x7458d321
	.long	0x7d56d82c
	.long	0xa1377a0c
	.long	0xa8397101
	.long	0xb32b6c16
	.long	0xba25671b
	.long	0x850f5638
	.long	0x8c015d35
	.long	0x97134022
	.long	0x9e1d4b2f
	.long	0xe9472264
	.long	0xe0492969
	.long	0xfb5b347e
	.long	0xf2553f73
	.long	0xcd7f0e50
	.long	0xc471055d
	.long	0xdf63184a
	.long	0xd66d1347
	.long	0x31d7cadc
	.long	0x38d9c1d1
	.long	0x23cbdcc6
	.long	0x2ac5d7cb
	.long	0x15efe6e8
	.long	0x1ce1ede5
	.long	0x07f3f0f2
	.long	0x0efdfbff
	.long	0x79a792b4
	.long	0x70a999b9
	.long	0x6bbb84ae
	.long	0x62b58fa3
	.long	0x5d9fbe80
	.long	0x5491b58d
	.long	0x4f83a89a
	.long	0x468da397
	// Table 3.
	.long	0x00000000
	.long	0x0e0b0d09
	.long	0x1c161a12
	.long	0x121d171b
	.long	0x382c3424
	.long	0x3627392d
	.long	0x243a2e36
	.long	0x2a31233f
	.long	0x70586848
	.long	0x7e536541
	.long	0x6c4e725a
	.long	0x62457f53
	.long	0x48745c6c
	.long	0x467f5165
	.long	0x5462467e
	.long	0x5a694b77
	.long	0xe0b0d090
	.long	0xeebbdd99
	.long	0xfca6ca82
	.long	0xf2adc78b
	.long	0xd89ce4b4
	.long	0xd697e9bd
	.long	0xc48afea6
	.long	0xca81f3af
	.long	0x90e8b8d8
	.long	0x9ee3b5d1
	.long	0x8cfea2ca
	.long	0x82f5afc3
	.long	0xa8c48cfc
	.long	0xa6cf81f5
	.long	0xb4d296ee
	.long	0xbad99be7
	.long	0xdb7bbb3b
	.long	0xd570b632
	.long	0xc76da129
	.long	0xc966ac20
	.long	0xe3578f1f
	.long	0xed5c8216
	.long	0xff41950d
	.long	0xf14a9804
	.long	0xab23d373
	.long	0xa528de7a
	.long	0xb735c961
	.long	0xb93ec468
	.long	0x930fe757
	.long	0x9d04ea5e
	.long	0x8f19fd45
	.long	0x8112f04c
	.long	0x3bcb6bab
	.long	0x35c066a2
	.long	0x27dd71b9
	.long	0x29d67cb0
	.long	0x03e75f8f
	.long	0x0dec5286
	.long	0x1ff1459d
	.long	0x11fa4894
	.long	0x4b9303e3
	.long	0x45980eea
	.long	0x578519f1
	.long	0x598e14f8
	.long	0x73bf37c7
	.long	0x7db43ace
	.long	0x6fa92dd5
	.long	0x61a220dc
	.long	0xadf66d76
	.long	0xa3fd607f
	.long	0xb1e07764
	.long	0xbfeb7a6d
	.long	0x95da5952
	.long	0x9bd1545b
	.long	0x89cc4340
	.long	0x87c74e49
	.long	0xddae053e
	.long	0xd3a50837
	.long	0xc1b81f2c
	.long	0xcfb31225
	.long	0xe582311a
	.long	0xeb893c13
	.long	0xf9942b08
	.long	0xf79f2601
	.long	0x4d46bde6
	.long	0x434db0ef
	.long	0x5150a7f4
	.long	0x5f5baafd
	.long	0x756a89c2
	.long	0x7b6184cb
	.long	0x697c93d0
	.long	0x67779ed9
	.long	0x3d1ed5ae
	.long	0x3315d8a7
	.long	0x2108cfbc
	.long	0x2f03c2b5
	.long	0x0532e18a
	.long	0x0b39ec83
	.long	0x1924fb98
	.long	0x172ff691
	.long	0x768dd64d
	.long	0x7886db44
	.long	0x6a9bcc5f
	.long	0x6490c156
	.long	0x4ea1e269
	.long	0x40aaef60
	.long	0x52b7f87b
	.long	0x5cbcf572
	.long	0x06d5be05
	.long	0x08deb30c
	.long	0x1ac3a417
	.long	0x14c8a91e
	.long	0x3ef98a21
	.long	0x30f28728
	.long	0x22ef9033
	.long	0x2ce49d3a
	.long	0x963d06dd
	.long	0x98360bd4
	.long	0x8a2b1ccf
	.long	0x842011c6
	.long	0xae1132f9
	.long	0xa01a3ff0
	.long	0xb20728eb
	.long	0xbc0c25e2
	.long	0xe6656e95
	.long	0xe86e639c
	.long	0xfa737487
	.long	0xf478798e
	.long	0xde495ab1
	.long	0xd04257b8
	.long	0xc25f40a3
	.long	0xcc544daa
	.long	0x41f7daec
	.long	0x4ffcd7e5
	.long	0x5de1c0fe
	.long	0x53eacdf7
	.long	0x79dbeec8
	.long	0x77d0e3c1
	.long	0x65cdf4da
	.long	0x6bc6f9d3
	.long	0x31afb2a4
	.long	0x3fa4bfad
	.long	0x2db9a8b6
	.long	0x23b2a5bf
	.long	0x09838680
	.long	0x07888b89
	.long	0x15959c92
	.long	0x1b9e919b
	.long	0xa1470a7c
	.long	0xaf4c0775
	.long	0xbd51106e
	.long	0xb35a1d67
	.long	0x996b3e58
	.long	0x97603351
	.long	0x857d244a
	.long	0x8b762943
	.long	0xd11f6234
	.long	0xdf146f3d
	.long	0xcd097826
	.long	0xc302752f
	.long	0xe9335610
	.long	0xe7385b19
	.long	0xf5254c02
	.long	0xfb2e410b
	.long	0x9a8c61d7
	.long	0x94876cde
	.long	0x869a7bc5
	.long	0x889176cc
	.long	0xa2a055f3
	.long	0xacab58fa
	.long	0xbeb64fe1
	.long	0xb0bd42e8
	.long	0xead4099f
	.long	0xe4df0496
	.long	0xf6c2138d
	.long	0xf8c91e84
	.long	0xd2f83dbb
	.long	0xdcf330b2
	.long	0xceee27a9
	.long	0xc0e52aa0
	.long	0x7a3cb147
	.long	0x7437bc4e
	.long	0x662aab55
	.long	0x6821a65c
	.long	0x42108563
	.long	0x4c1b886a
	.long	0x5e069f71
	.long	0x500d9278
	.long	0x0a64d90f
	.long	0x046fd406
	.long	0x1672c31d
	.long	0x1879ce14
	.long	0x3248ed2b
	.long	0x3c43e022
	.long	0x2e5ef739
	.long	0x2055fa30
	.long	0xec01b79a
	.long	0xe20aba93
	.long	0xf017ad88
	.long	0xfe1ca081
	.long	0xd42d83be
	.long	0xda268eb7
	.long	0xc83b99ac
	.long	0xc63094a5
	.long	0x9c59dfd2
	.long	0x9252d2db
	.long	0x804fc5c0
	.long	0x8e44c8c9
	.long	0xa475ebf6
	.long	0xaa7ee6ff
	.long	0xb863f1e4
	.long	0xb668fced
	.long	0x0cb1670a
	.long	0x02ba6a03
	.long	0x10a77d18
	.long	0x1eac7011
	.long	0x349d532e
	.long	0x3a965e27
	.long	0x288b493c
	.long	0x26804435
	.long	0x7ce90f42
	.long	0x72e2024b
	.long	0x60ff1550
	.long	0x6ef41859
	.long	0x44c53b66
	.long	0x4ace366f
	.long	0x58d32174
	.long	0x56d82c7d
	.long	0x377a0ca1
	.long	0x397101a8
	.long	0x2b6c16b3
	.long	0x25671bba
	.long	0x0f563885
	.long	0x015d358c
	.long	0x13402297
	.long	0x1d4b2f9e
	.long	0x472264e9
	.long	0x492969e0
	.long	0x5b347efb
	.long	0x553f73f2
	.long	0x7f0e50cd
	.long	0x71055dc4
	.long	0x63184adf
	.long	0x6d1347d6
	.long	0xd7cadc31
	.long	0xd9c1d138
	.long	0xcbdcc623
	.long	0xc5d7cb2a
	.long	0xefe6e815
	.long	0xe1ede51c
	.long	0xf3f0f207
	.long	0xfdfbff0e
	.long	0xa792b479
	.long	0xa999b970
	.long	0xbb84ae6b
	.long	0xb58fa362
	.long	0x9fbe805d
	.long	0x91b58d54
	.long	0x83a89a4f
	.long	0x8da39746


// Tables for main encryption iterations.
	.globl	_AESEncryptTable
	.private_extern	_AESEncryptTable
	.align	2
_AESEncryptTable:
	// Table 0.
	.long	0xa56363c6
	.long	0x847c7cf8
	.long	0x997777ee
	.long	0x8d7b7bf6
	.long	0x0df2f2ff
	.long	0xbd6b6bd6
	.long	0xb16f6fde
	.long	0x54c5c591
	.long	0x50303060
	.long	0x03010102
	.long	0xa96767ce
	.long	0x7d2b2b56
	.long	0x19fefee7
	.long	0x62d7d7b5
	.long	0xe6abab4d
	.long	0x9a7676ec
	.long	0x45caca8f
	.long	0x9d82821f
	.long	0x40c9c989
	.long	0x877d7dfa
	.long	0x15fafaef
	.long	0xeb5959b2
	.long	0xc947478e
	.long	0x0bf0f0fb
	.long	0xecadad41
	.long	0x67d4d4b3
	.long	0xfda2a25f
	.long	0xeaafaf45
	.long	0xbf9c9c23
	.long	0xf7a4a453
	.long	0x967272e4
	.long	0x5bc0c09b
	.long	0xc2b7b775
	.long	0x1cfdfde1
	.long	0xae93933d
	.long	0x6a26264c
	.long	0x5a36366c
	.long	0x413f3f7e
	.long	0x02f7f7f5
	.long	0x4fcccc83
	.long	0x5c343468
	.long	0xf4a5a551
	.long	0x34e5e5d1
	.long	0x08f1f1f9
	.long	0x937171e2
	.long	0x73d8d8ab
	.long	0x53313162
	.long	0x3f15152a
	.long	0x0c040408
	.long	0x52c7c795
	.long	0x65232346
	.long	0x5ec3c39d
	.long	0x28181830
	.long	0xa1969637
	.long	0x0f05050a
	.long	0xb59a9a2f
	.long	0x0907070e
	.long	0x36121224
	.long	0x9b80801b
	.long	0x3de2e2df
	.long	0x26ebebcd
	.long	0x6927274e
	.long	0xcdb2b27f
	.long	0x9f7575ea
	.long	0x1b090912
	.long	0x9e83831d
	.long	0x742c2c58
	.long	0x2e1a1a34
	.long	0x2d1b1b36
	.long	0xb26e6edc
	.long	0xee5a5ab4
	.long	0xfba0a05b
	.long	0xf65252a4
	.long	0x4d3b3b76
	.long	0x61d6d6b7
	.long	0xceb3b37d
	.long	0x7b292952
	.long	0x3ee3e3dd
	.long	0x712f2f5e
	.long	0x97848413
	.long	0xf55353a6
	.long	0x68d1d1b9
	.long	0x00000000
	.long	0x2cededc1
	.long	0x60202040
	.long	0x1ffcfce3
	.long	0xc8b1b179
	.long	0xed5b5bb6
	.long	0xbe6a6ad4
	.long	0x46cbcb8d
	.long	0xd9bebe67
	.long	0x4b393972
	.long	0xde4a4a94
	.long	0xd44c4c98
	.long	0xe85858b0
	.long	0x4acfcf85
	.long	0x6bd0d0bb
	.long	0x2aefefc5
	.long	0xe5aaaa4f
	.long	0x16fbfbed
	.long	0xc5434386
	.long	0xd74d4d9a
	.long	0x55333366
	.long	0x94858511
	.long	0xcf45458a
	.long	0x10f9f9e9
	.long	0x06020204
	.long	0x817f7ffe
	.long	0xf05050a0
	.long	0x443c3c78
	.long	0xba9f9f25
	.long	0xe3a8a84b
	.long	0xf35151a2
	.long	0xfea3a35d
	.long	0xc0404080
	.long	0x8a8f8f05
	.long	0xad92923f
	.long	0xbc9d9d21
	.long	0x48383870
	.long	0x04f5f5f1
	.long	0xdfbcbc63
	.long	0xc1b6b677
	.long	0x75dadaaf
	.long	0x63212142
	.long	0x30101020
	.long	0x1affffe5
	.long	0x0ef3f3fd
	.long	0x6dd2d2bf
	.long	0x4ccdcd81
	.long	0x140c0c18
	.long	0x35131326
	.long	0x2fececc3
	.long	0xe15f5fbe
	.long	0xa2979735
	.long	0xcc444488
	.long	0x3917172e
	.long	0x57c4c493
	.long	0xf2a7a755
	.long	0x827e7efc
	.long	0x473d3d7a
	.long	0xac6464c8
	.long	0xe75d5dba
	.long	0x2b191932
	.long	0x957373e6
	.long	0xa06060c0
	.long	0x98818119
	.long	0xd14f4f9e
	.long	0x7fdcdca3
	.long	0x66222244
	.long	0x7e2a2a54
	.long	0xab90903b
	.long	0x8388880b
	.long	0xca46468c
	.long	0x29eeeec7
	.long	0xd3b8b86b
	.long	0x3c141428
	.long	0x79dedea7
	.long	0xe25e5ebc
	.long	0x1d0b0b16
	.long	0x76dbdbad
	.long	0x3be0e0db
	.long	0x56323264
	.long	0x4e3a3a74
	.long	0x1e0a0a14
	.long	0xdb494992
	.long	0x0a06060c
	.long	0x6c242448
	.long	0xe45c5cb8
	.long	0x5dc2c29f
	.long	0x6ed3d3bd
	.long	0xefacac43
	.long	0xa66262c4
	.long	0xa8919139
	.long	0xa4959531
	.long	0x37e4e4d3
	.long	0x8b7979f2
	.long	0x32e7e7d5
	.long	0x43c8c88b
	.long	0x5937376e
	.long	0xb76d6dda
	.long	0x8c8d8d01
	.long	0x64d5d5b1
	.long	0xd24e4e9c
	.long	0xe0a9a949
	.long	0xb46c6cd8
	.long	0xfa5656ac
	.long	0x07f4f4f3
	.long	0x25eaeacf
	.long	0xaf6565ca
	.long	0x8e7a7af4
	.long	0xe9aeae47
	.long	0x18080810
	.long	0xd5baba6f
	.long	0x887878f0
	.long	0x6f25254a
	.long	0x722e2e5c
	.long	0x241c1c38
	.long	0xf1a6a657
	.long	0xc7b4b473
	.long	0x51c6c697
	.long	0x23e8e8cb
	.long	0x7cdddda1
	.long	0x9c7474e8
	.long	0x211f1f3e
	.long	0xdd4b4b96
	.long	0xdcbdbd61
	.long	0x868b8b0d
	.long	0x858a8a0f
	.long	0x907070e0
	.long	0x423e3e7c
	.long	0xc4b5b571
	.long	0xaa6666cc
	.long	0xd8484890
	.long	0x05030306
	.long	0x01f6f6f7
	.long	0x120e0e1c
	.long	0xa36161c2
	.long	0x5f35356a
	.long	0xf95757ae
	.long	0xd0b9b969
	.long	0x91868617
	.long	0x58c1c199
	.long	0x271d1d3a
	.long	0xb99e9e27
	.long	0x38e1e1d9
	.long	0x13f8f8eb
	.long	0xb398982b
	.long	0x33111122
	.long	0xbb6969d2
	.long	0x70d9d9a9
	.long	0x898e8e07
	.long	0xa7949433
	.long	0xb69b9b2d
	.long	0x221e1e3c
	.long	0x92878715
	.long	0x20e9e9c9
	.long	0x49cece87
	.long	0xff5555aa
	.long	0x78282850
	.long	0x7adfdfa5
	.long	0x8f8c8c03
	.long	0xf8a1a159
	.long	0x80898909
	.long	0x170d0d1a
	.long	0xdabfbf65
	.long	0x31e6e6d7
	.long	0xc6424284
	.long	0xb86868d0
	.long	0xc3414182
	.long	0xb0999929
	.long	0x772d2d5a
	.long	0x110f0f1e
	.long	0xcbb0b07b
	.long	0xfc5454a8
	.long	0xd6bbbb6d
	.long	0x3a16162c
	// Table 1.
	.long	0x6363c6a5
	.long	0x7c7cf884
	.long	0x7777ee99
	.long	0x7b7bf68d
	.long	0xf2f2ff0d
	.long	0x6b6bd6bd
	.long	0x6f6fdeb1
	.long	0xc5c59154
	.long	0x30306050
	.long	0x01010203
	.long	0x6767cea9
	.long	0x2b2b567d
	.long	0xfefee719
	.long	0xd7d7b562
	.long	0xabab4de6
	.long	0x7676ec9a
	.long	0xcaca8f45
	.long	0x82821f9d
	.long	0xc9c98940
	.long	0x7d7dfa87
	.long	0xfafaef15
	.long	0x5959b2eb
	.long	0x47478ec9
	.long	0xf0f0fb0b
	.long	0xadad41ec
	.long	0xd4d4b367
	.long	0xa2a25ffd
	.long	0xafaf45ea
	.long	0x9c9c23bf
	.long	0xa4a453f7
	.long	0x7272e496
	.long	0xc0c09b5b
	.long	0xb7b775c2
	.long	0xfdfde11c
	.long	0x93933dae
	.long	0x26264c6a
	.long	0x36366c5a
	.long	0x3f3f7e41
	.long	0xf7f7f502
	.long	0xcccc834f
	.long	0x3434685c
	.long	0xa5a551f4
	.long	0xe5e5d134
	.long	0xf1f1f908
	.long	0x7171e293
	.long	0xd8d8ab73
	.long	0x31316253
	.long	0x15152a3f
	.long	0x0404080c
	.long	0xc7c79552
	.long	0x23234665
	.long	0xc3c39d5e
	.long	0x18183028
	.long	0x969637a1
	.long	0x05050a0f
	.long	0x9a9a2fb5
	.long	0x07070e09
	.long	0x12122436
	.long	0x80801b9b
	.long	0xe2e2df3d
	.long	0xebebcd26
	.long	0x27274e69
	.long	0xb2b27fcd
	.long	0x7575ea9f
	.long	0x0909121b
	.long	0x83831d9e
	.long	0x2c2c5874
	.long	0x1a1a342e
	.long	0x1b1b362d
	.long	0x6e6edcb2
	.long	0x5a5ab4ee
	.long	0xa0a05bfb
	.long	0x5252a4f6
	.long	0x3b3b764d
	.long	0xd6d6b761
	.long	0xb3b37dce
	.long	0x2929527b
	.long	0xe3e3dd3e
	.long	0x2f2f5e71
	.long	0x84841397
	.long	0x5353a6f5
	.long	0xd1d1b968
	.long	0x00000000
	.long	0xededc12c
	.long	0x20204060
	.long	0xfcfce31f
	.long	0xb1b179c8
	.long	0x5b5bb6ed
	.long	0x6a6ad4be
	.long	0xcbcb8d46
	.long	0xbebe67d9
	.long	0x3939724b
	.long	0x4a4a94de
	.long	0x4c4c98d4
	.long	0x5858b0e8
	.long	0xcfcf854a
	.long	0xd0d0bb6b
	.long	0xefefc52a
	.long	0xaaaa4fe5
	.long	0xfbfbed16
	.long	0x434386c5
	.long	0x4d4d9ad7
	.long	0x33336655
	.long	0x85851194
	.long	0x45458acf
	.long	0xf9f9e910
	.long	0x02020406
	.long	0x7f7ffe81
	.long	0x5050a0f0
	.long	0x3c3c7844
	.long	0x9f9f25ba
	.long	0xa8a84be3
	.long	0x5151a2f3
	.long	0xa3a35dfe
	.long	0x404080c0
	.long	0x8f8f058a
	.long	0x92923fad
	.long	0x9d9d21bc
	.long	0x38387048
	.long	0xf5f5f104
	.long	0xbcbc63df
	.long	0xb6b677c1
	.long	0xdadaaf75
	.long	0x21214263
	.long	0x10102030
	.long	0xffffe51a
	.long	0xf3f3fd0e
	.long	0xd2d2bf6d
	.long	0xcdcd814c
	.long	0x0c0c1814
	.long	0x13132635
	.long	0xececc32f
	.long	0x5f5fbee1
	.long	0x979735a2
	.long	0x444488cc
	.long	0x17172e39
	.long	0xc4c49357
	.long	0xa7a755f2
	.long	0x7e7efc82
	.long	0x3d3d7a47
	.long	0x6464c8ac
	.long	0x5d5dbae7
	.long	0x1919322b
	.long	0x7373e695
	.long	0x6060c0a0
	.long	0x81811998
	.long	0x4f4f9ed1
	.long	0xdcdca37f
	.long	0x22224466
	.long	0x2a2a547e
	.long	0x90903bab
	.long	0x88880b83
	.long	0x46468cca
	.long	0xeeeec729
	.long	0xb8b86bd3
	.long	0x1414283c
	.long	0xdedea779
	.long	0x5e5ebce2
	.long	0x0b0b161d
	.long	0xdbdbad76
	.long	0xe0e0db3b
	.long	0x32326456
	.long	0x3a3a744e
	.long	0x0a0a141e
	.long	0x494992db
	.long	0x06060c0a
	.long	0x2424486c
	.long	0x5c5cb8e4
	.long	0xc2c29f5d
	.long	0xd3d3bd6e
	.long	0xacac43ef
	.long	0x6262c4a6
	.long	0x919139a8
	.long	0x959531a4
	.long	0xe4e4d337
	.long	0x7979f28b
	.long	0xe7e7d532
	.long	0xc8c88b43
	.long	0x37376e59
	.long	0x6d6ddab7
	.long	0x8d8d018c
	.long	0xd5d5b164
	.long	0x4e4e9cd2
	.long	0xa9a949e0
	.long	0x6c6cd8b4
	.long	0x5656acfa
	.long	0xf4f4f307
	.long	0xeaeacf25
	.long	0x6565caaf
	.long	0x7a7af48e
	.long	0xaeae47e9
	.long	0x08081018
	.long	0xbaba6fd5
	.long	0x7878f088
	.long	0x25254a6f
	.long	0x2e2e5c72
	.long	0x1c1c3824
	.long	0xa6a657f1
	.long	0xb4b473c7
	.long	0xc6c69751
	.long	0xe8e8cb23
	.long	0xdddda17c
	.long	0x7474e89c
	.long	0x1f1f3e21
	.long	0x4b4b96dd
	.long	0xbdbd61dc
	.long	0x8b8b0d86
	.long	0x8a8a0f85
	.long	0x7070e090
	.long	0x3e3e7c42
	.long	0xb5b571c4
	.long	0x6666ccaa
	.long	0x484890d8
	.long	0x03030605
	.long	0xf6f6f701
	.long	0x0e0e1c12
	.long	0x6161c2a3
	.long	0x35356a5f
	.long	0x5757aef9
	.long	0xb9b969d0
	.long	0x86861791
	.long	0xc1c19958
	.long	0x1d1d3a27
	.long	0x9e9e27b9
	.long	0xe1e1d938
	.long	0xf8f8eb13
	.long	0x98982bb3
	.long	0x11112233
	.long	0x6969d2bb
	.long	0xd9d9a970
	.long	0x8e8e0789
	.long	0x949433a7
	.long	0x9b9b2db6
	.long	0x1e1e3c22
	.long	0x87871592
	.long	0xe9e9c920
	.long	0xcece8749
	.long	0x5555aaff
	.long	0x28285078
	.long	0xdfdfa57a
	.long	0x8c8c038f
	.long	0xa1a159f8
	.long	0x89890980
	.long	0x0d0d1a17
	.long	0xbfbf65da
	.long	0xe6e6d731
	.long	0x424284c6
	.long	0x6868d0b8
	.long	0x414182c3
	.long	0x999929b0
	.long	0x2d2d5a77
	.long	0x0f0f1e11
	.long	0xb0b07bcb
	.long	0x5454a8fc
	.long	0xbbbb6dd6
	.long	0x16162c3a
	// Table 2.
	.long	0x63c6a563
	.long	0x7cf8847c
	.long	0x77ee9977
	.long	0x7bf68d7b
	.long	0xf2ff0df2
	.long	0x6bd6bd6b
	.long	0x6fdeb16f
	.long	0xc59154c5
	.long	0x30605030
	.long	0x01020301
	.long	0x67cea967
	.long	0x2b567d2b
	.long	0xfee719fe
	.long	0xd7b562d7
	.long	0xab4de6ab
	.long	0x76ec9a76
	.long	0xca8f45ca
	.long	0x821f9d82
	.long	0xc98940c9
	.long	0x7dfa877d
	.long	0xfaef15fa
	.long	0x59b2eb59
	.long	0x478ec947
	.long	0xf0fb0bf0
	.long	0xad41ecad
	.long	0xd4b367d4
	.long	0xa25ffda2
	.long	0xaf45eaaf
	.long	0x9c23bf9c
	.long	0xa453f7a4
	.long	0x72e49672
	.long	0xc09b5bc0
	.long	0xb775c2b7
	.long	0xfde11cfd
	.long	0x933dae93
	.long	0x264c6a26
	.long	0x366c5a36
	.long	0x3f7e413f
	.long	0xf7f502f7
	.long	0xcc834fcc
	.long	0x34685c34
	.long	0xa551f4a5
	.long	0xe5d134e5
	.long	0xf1f908f1
	.long	0x71e29371
	.long	0xd8ab73d8
	.long	0x31625331
	.long	0x152a3f15
	.long	0x04080c04
	.long	0xc79552c7
	.long	0x23466523
	.long	0xc39d5ec3
	.long	0x18302818
	.long	0x9637a196
	.long	0x050a0f05
	.long	0x9a2fb59a
	.long	0x070e0907
	.long	0x12243612
	.long	0x801b9b80
	.long	0xe2df3de2
	.long	0xebcd26eb
	.long	0x274e6927
	.long	0xb27fcdb2
	.long	0x75ea9f75
	.long	0x09121b09
	.long	0x831d9e83
	.long	0x2c58742c
	.long	0x1a342e1a
	.long	0x1b362d1b
	.long	0x6edcb26e
	.long	0x5ab4ee5a
	.long	0xa05bfba0
	.long	0x52a4f652
	.long	0x3b764d3b
	.long	0xd6b761d6
	.long	0xb37dceb3
	.long	0x29527b29
	.long	0xe3dd3ee3
	.long	0x2f5e712f
	.long	0x84139784
	.long	0x53a6f553
	.long	0xd1b968d1
	.long	0x00000000
	.long	0xedc12ced
	.long	0x20406020
	.long	0xfce31ffc
	.long	0xb179c8b1
	.long	0x5bb6ed5b
	.long	0x6ad4be6a
	.long	0xcb8d46cb
	.long	0xbe67d9be
	.long	0x39724b39
	.long	0x4a94de4a
	.long	0x4c98d44c
	.long	0x58b0e858
	.long	0xcf854acf
	.long	0xd0bb6bd0
	.long	0xefc52aef
	.long	0xaa4fe5aa
	.long	0xfbed16fb
	.long	0x4386c543
	.long	0x4d9ad74d
	.long	0x33665533
	.long	0x85119485
	.long	0x458acf45
	.long	0xf9e910f9
	.long	0x02040602
	.long	0x7ffe817f
	.long	0x50a0f050
	.long	0x3c78443c
	.long	0x9f25ba9f
	.long	0xa84be3a8
	.long	0x51a2f351
	.long	0xa35dfea3
	.long	0x4080c040
	.long	0x8f058a8f
	.long	0x923fad92
	.long	0x9d21bc9d
	.long	0x38704838
	.long	0xf5f104f5
	.long	0xbc63dfbc
	.long	0xb677c1b6
	.long	0xdaaf75da
	.long	0x21426321
	.long	0x10203010
	.long	0xffe51aff
	.long	0xf3fd0ef3
	.long	0xd2bf6dd2
	.long	0xcd814ccd
	.long	0x0c18140c
	.long	0x13263513
	.long	0xecc32fec
	.long	0x5fbee15f
	.long	0x9735a297
	.long	0x4488cc44
	.long	0x172e3917
	.long	0xc49357c4
	.long	0xa755f2a7
	.long	0x7efc827e
	.long	0x3d7a473d
	.long	0x64c8ac64
	.long	0x5dbae75d
	.long	0x19322b19
	.long	0x73e69573
	.long	0x60c0a060
	.long	0x81199881
	.long	0x4f9ed14f
	.long	0xdca37fdc
	.long	0x22446622
	.long	0x2a547e2a
	.long	0x903bab90
	.long	0x880b8388
	.long	0x468cca46
	.long	0xeec729ee
	.long	0xb86bd3b8
	.long	0x14283c14
	.long	0xdea779de
	.long	0x5ebce25e
	.long	0x0b161d0b
	.long	0xdbad76db
	.long	0xe0db3be0
	.long	0x32645632
	.long	0x3a744e3a
	.long	0x0a141e0a
	.long	0x4992db49
	.long	0x060c0a06
	.long	0x24486c24
	.long	0x5cb8e45c
	.long	0xc29f5dc2
	.long	0xd3bd6ed3
	.long	0xac43efac
	.long	0x62c4a662
	.long	0x9139a891
	.long	0x9531a495
	.long	0xe4d337e4
	.long	0x79f28b79
	.long	0xe7d532e7
	.long	0xc88b43c8
	.long	0x376e5937
	.long	0x6ddab76d
	.long	0x8d018c8d
	.long	0xd5b164d5
	.long	0x4e9cd24e
	.long	0xa949e0a9
	.long	0x6cd8b46c
	.long	0x56acfa56
	.long	0xf4f307f4
	.long	0xeacf25ea
	.long	0x65caaf65
	.long	0x7af48e7a
	.long	0xae47e9ae
	.long	0x08101808
	.long	0xba6fd5ba
	.long	0x78f08878
	.long	0x254a6f25
	.long	0x2e5c722e
	.long	0x1c38241c
	.long	0xa657f1a6
	.long	0xb473c7b4
	.long	0xc69751c6
	.long	0xe8cb23e8
	.long	0xdda17cdd
	.long	0x74e89c74
	.long	0x1f3e211f
	.long	0x4b96dd4b
	.long	0xbd61dcbd
	.long	0x8b0d868b
	.long	0x8a0f858a
	.long	0x70e09070
	.long	0x3e7c423e
	.long	0xb571c4b5
	.long	0x66ccaa66
	.long	0x4890d848
	.long	0x03060503
	.long	0xf6f701f6
	.long	0x0e1c120e
	.long	0x61c2a361
	.long	0x356a5f35
	.long	0x57aef957
	.long	0xb969d0b9
	.long	0x86179186
	.long	0xc19958c1
	.long	0x1d3a271d
	.long	0x9e27b99e
	.long	0xe1d938e1
	.long	0xf8eb13f8
	.long	0x982bb398
	.long	0x11223311
	.long	0x69d2bb69
	.long	0xd9a970d9
	.long	0x8e07898e
	.long	0x9433a794
	.long	0x9b2db69b
	.long	0x1e3c221e
	.long	0x87159287
	.long	0xe9c920e9
	.long	0xce8749ce
	.long	0x55aaff55
	.long	0x28507828
	.long	0xdfa57adf
	.long	0x8c038f8c
	.long	0xa159f8a1
	.long	0x89098089
	.long	0x0d1a170d
	.long	0xbf65dabf
	.long	0xe6d731e6
	.long	0x4284c642
	.long	0x68d0b868
	.long	0x4182c341
	.long	0x9929b099
	.long	0x2d5a772d
	.long	0x0f1e110f
	.long	0xb07bcbb0
	.long	0x54a8fc54
	.long	0xbb6dd6bb
	.long	0x162c3a16
	// Table 3.
	.long	0xc6a56363
	.long	0xf8847c7c
	.long	0xee997777
	.long	0xf68d7b7b
	.long	0xff0df2f2
	.long	0xd6bd6b6b
	.long	0xdeb16f6f
	.long	0x9154c5c5
	.long	0x60503030
	.long	0x02030101
	.long	0xcea96767
	.long	0x567d2b2b
	.long	0xe719fefe
	.long	0xb562d7d7
	.long	0x4de6abab
	.long	0xec9a7676
	.long	0x8f45caca
	.long	0x1f9d8282
	.long	0x8940c9c9
	.long	0xfa877d7d
	.long	0xef15fafa
	.long	0xb2eb5959
	.long	0x8ec94747
	.long	0xfb0bf0f0
	.long	0x41ecadad
	.long	0xb367d4d4
	.long	0x5ffda2a2
	.long	0x45eaafaf
	.long	0x23bf9c9c
	.long	0x53f7a4a4
	.long	0xe4967272
	.long	0x9b5bc0c0
	.long	0x75c2b7b7
	.long	0xe11cfdfd
	.long	0x3dae9393
	.long	0x4c6a2626
	.long	0x6c5a3636
	.long	0x7e413f3f
	.long	0xf502f7f7
	.long	0x834fcccc
	.long	0x685c3434
	.long	0x51f4a5a5
	.long	0xd134e5e5
	.long	0xf908f1f1
	.long	0xe2937171
	.long	0xab73d8d8
	.long	0x62533131
	.long	0x2a3f1515
	.long	0x080c0404
	.long	0x9552c7c7
	.long	0x46652323
	.long	0x9d5ec3c3
	.long	0x30281818
	.long	0x37a19696
	.long	0x0a0f0505
	.long	0x2fb59a9a
	.long	0x0e090707
	.long	0x24361212
	.long	0x1b9b8080
	.long	0xdf3de2e2
	.long	0xcd26ebeb
	.long	0x4e692727
	.long	0x7fcdb2b2
	.long	0xea9f7575
	.long	0x121b0909
	.long	0x1d9e8383
	.long	0x58742c2c
	.long	0x342e1a1a
	.long	0x362d1b1b
	.long	0xdcb26e6e
	.long	0xb4ee5a5a
	.long	0x5bfba0a0
	.long	0xa4f65252
	.long	0x764d3b3b
	.long	0xb761d6d6
	.long	0x7dceb3b3
	.long	0x527b2929
	.long	0xdd3ee3e3
	.long	0x5e712f2f
	.long	0x13978484
	.long	0xa6f55353
	.long	0xb968d1d1
	.long	0x00000000
	.long	0xc12ceded
	.long	0x40602020
	.long	0xe31ffcfc
	.long	0x79c8b1b1
	.long	0xb6ed5b5b
	.long	0xd4be6a6a
	.long	0x8d46cbcb
	.long	0x67d9bebe
	.long	0x724b3939
	.long	0x94de4a4a
	.long	0x98d44c4c
	.long	0xb0e85858
	.long	0x854acfcf
	.long	0xbb6bd0d0
	.long	0xc52aefef
	.long	0x4fe5aaaa
	.long	0xed16fbfb
	.long	0x86c54343
	.long	0x9ad74d4d
	.long	0x66553333
	.long	0x11948585
	.long	0x8acf4545
	.long	0xe910f9f9
	.long	0x04060202
	.long	0xfe817f7f
	.long	0xa0f05050
	.long	0x78443c3c
	.long	0x25ba9f9f
	.long	0x4be3a8a8
	.long	0xa2f35151
	.long	0x5dfea3a3
	.long	0x80c04040
	.long	0x058a8f8f
	.long	0x3fad9292
	.long	0x21bc9d9d
	.long	0x70483838
	.long	0xf104f5f5
	.long	0x63dfbcbc
	.long	0x77c1b6b6
	.long	0xaf75dada
	.long	0x42632121
	.long	0x20301010
	.long	0xe51affff
	.long	0xfd0ef3f3
	.long	0xbf6dd2d2
	.long	0x814ccdcd
	.long	0x18140c0c
	.long	0x26351313
	.long	0xc32fecec
	.long	0xbee15f5f
	.long	0x35a29797
	.long	0x88cc4444
	.long	0x2e391717
	.long	0x9357c4c4
	.long	0x55f2a7a7
	.long	0xfc827e7e
	.long	0x7a473d3d
	.long	0xc8ac6464
	.long	0xbae75d5d
	.long	0x322b1919
	.long	0xe6957373
	.long	0xc0a06060
	.long	0x19988181
	.long	0x9ed14f4f
	.long	0xa37fdcdc
	.long	0x44662222
	.long	0x547e2a2a
	.long	0x3bab9090
	.long	0x0b838888
	.long	0x8cca4646
	.long	0xc729eeee
	.long	0x6bd3b8b8
	.long	0x283c1414
	.long	0xa779dede
	.long	0xbce25e5e
	.long	0x161d0b0b
	.long	0xad76dbdb
	.long	0xdb3be0e0
	.long	0x64563232
	.long	0x744e3a3a
	.long	0x141e0a0a
	.long	0x92db4949
	.long	0x0c0a0606
	.long	0x486c2424
	.long	0xb8e45c5c
	.long	0x9f5dc2c2
	.long	0xbd6ed3d3
	.long	0x43efacac
	.long	0xc4a66262
	.long	0x39a89191
	.long	0x31a49595
	.long	0xd337e4e4
	.long	0xf28b7979
	.long	0xd532e7e7
	.long	0x8b43c8c8
	.long	0x6e593737
	.long	0xdab76d6d
	.long	0x018c8d8d
	.long	0xb164d5d5
	.long	0x9cd24e4e
	.long	0x49e0a9a9
	.long	0xd8b46c6c
	.long	0xacfa5656
	.long	0xf307f4f4
	.long	0xcf25eaea
	.long	0xcaaf6565
	.long	0xf48e7a7a
	.long	0x47e9aeae
	.long	0x10180808
	.long	0x6fd5baba
	.long	0xf0887878
	.long	0x4a6f2525
	.long	0x5c722e2e
	.long	0x38241c1c
	.long	0x57f1a6a6
	.long	0x73c7b4b4
	.long	0x9751c6c6
	.long	0xcb23e8e8
	.long	0xa17cdddd
	.long	0xe89c7474
	.long	0x3e211f1f
	.long	0x96dd4b4b
	.long	0x61dcbdbd
	.long	0x0d868b8b
	.long	0x0f858a8a
	.long	0xe0907070
	.long	0x7c423e3e
	.long	0x71c4b5b5
	.long	0xccaa6666
	.long	0x90d84848
	.long	0x06050303
	.long	0xf701f6f6
	.long	0x1c120e0e
	.long	0xc2a36161
	.long	0x6a5f3535
	.long	0xaef95757
	.long	0x69d0b9b9
	.long	0x17918686
	.long	0x9958c1c1
	.long	0x3a271d1d
	.long	0x27b99e9e
	.long	0xd938e1e1
	.long	0xeb13f8f8
	.long	0x2bb39898
	.long	0x22331111
	.long	0xd2bb6969
	.long	0xa970d9d9
	.long	0x07898e8e
	.long	0x33a79494
	.long	0x2db69b9b
	.long	0x3c221e1e
	.long	0x15928787
	.long	0xc920e9e9
	.long	0x8749cece
	.long	0xaaff5555
	.long	0x50782828
	.long	0xa57adfdf
	.long	0x038f8c8c
	.long	0x59f8a1a1
	.long	0x09808989
	.long	0x1a170d0d
	.long	0x65dabfbf
	.long	0xd731e6e6
	.long	0x84c64242
	.long	0xd0b86868
	.long	0x82c34141
	.long	0x29b09999
	.long	0x5a772d2d
	.long	0x1e110f0f
	.long	0x7bcbb0b0
	.long	0xa8fc5454
	.long	0x6dd6bbbb
	.long	0x2c3a1616


// Tables for main decryption iterations.
	.globl	_AESDecryptTable
	.private_extern	_AESDecryptTable
	.align	2
_AESDecryptTable:
	// Table 0.
	.long	0x50a7f451
	.long	0x5365417e
	.long	0xc3a4171a
	.long	0x965e273a
	.long	0xcb6bab3b
	.long	0xf1459d1f
	.long	0xab58faac
	.long	0x9303e34b
	.long	0x55fa3020
	.long	0xf66d76ad
	.long	0x9176cc88
	.long	0x254c02f5
	.long	0xfcd7e54f
	.long	0xd7cb2ac5
	.long	0x80443526
	.long	0x8fa362b5
	.long	0x495ab1de
	.long	0x671bba25
	.long	0x980eea45
	.long	0xe1c0fe5d
	.long	0x02752fc3
	.long	0x12f04c81
	.long	0xa397468d
	.long	0xc6f9d36b
	.long	0xe75f8f03
	.long	0x959c9215
	.long	0xeb7a6dbf
	.long	0xda595295
	.long	0x2d83bed4
	.long	0xd3217458
	.long	0x2969e049
	.long	0x44c8c98e
	.long	0x6a89c275
	.long	0x78798ef4
	.long	0x6b3e5899
	.long	0xdd71b927
	.long	0xb64fe1be
	.long	0x17ad88f0
	.long	0x66ac20c9
	.long	0xb43ace7d
	.long	0x184adf63
	.long	0x82311ae5
	.long	0x60335197
	.long	0x457f5362
	.long	0xe07764b1
	.long	0x84ae6bbb
	.long	0x1ca081fe
	.long	0x942b08f9
	.long	0x58684870
	.long	0x19fd458f
	.long	0x876cde94
	.long	0xb7f87b52
	.long	0x23d373ab
	.long	0xe2024b72
	.long	0x578f1fe3
	.long	0x2aab5566
	.long	0x0728ebb2
	.long	0x03c2b52f
	.long	0x9a7bc586
	.long	0xa50837d3
	.long	0xf2872830
	.long	0xb2a5bf23
	.long	0xba6a0302
	.long	0x5c8216ed
	.long	0x2b1ccf8a
	.long	0x92b479a7
	.long	0xf0f207f3
	.long	0xa1e2694e
	.long	0xcdf4da65
	.long	0xd5be0506
	.long	0x1f6234d1
	.long	0x8afea6c4
	.long	0x9d532e34
	.long	0xa055f3a2
	.long	0x32e18a05
	.long	0x75ebf6a4
	.long	0x39ec830b
	.long	0xaaef6040
	.long	0x069f715e
	.long	0x51106ebd
	.long	0xf98a213e
	.long	0x3d06dd96
	.long	0xae053edd
	.long	0x46bde64d
	.long	0xb58d5491
	.long	0x055dc471
	.long	0x6fd40604
	.long	0xff155060
	.long	0x24fb9819
	.long	0x97e9bdd6
	.long	0xcc434089
	.long	0x779ed967
	.long	0xbd42e8b0
	.long	0x888b8907
	.long	0x385b19e7
	.long	0xdbeec879
	.long	0x470a7ca1
	.long	0xe90f427c
	.long	0xc91e84f8
	.long	0x00000000
	.long	0x83868009
	.long	0x48ed2b32
	.long	0xac70111e
	.long	0x4e725a6c
	.long	0xfbff0efd
	.long	0x5638850f
	.long	0x1ed5ae3d
	.long	0x27392d36
	.long	0x64d90f0a
	.long	0x21a65c68
	.long	0xd1545b9b
	.long	0x3a2e3624
	.long	0xb1670a0c
	.long	0x0fe75793
	.long	0xd296eeb4
	.long	0x9e919b1b
	.long	0x4fc5c080
	.long	0xa220dc61
	.long	0x694b775a
	.long	0x161a121c
	.long	0x0aba93e2
	.long	0xe52aa0c0
	.long	0x43e0223c
	.long	0x1d171b12
	.long	0x0b0d090e
	.long	0xadc78bf2
	.long	0xb9a8b62d
	.long	0xc8a91e14
	.long	0x8519f157
	.long	0x4c0775af
	.long	0xbbdd99ee
	.long	0xfd607fa3
	.long	0x9f2601f7
	.long	0xbcf5725c
	.long	0xc53b6644
	.long	0x347efb5b
	.long	0x7629438b
	.long	0xdcc623cb
	.long	0x68fcedb6
	.long	0x63f1e4b8
	.long	0xcadc31d7
	.long	0x10856342
	.long	0x40229713
	.long	0x2011c684
	.long	0x7d244a85
	.long	0xf83dbbd2
	.long	0x1132f9ae
	.long	0x6da129c7
	.long	0x4b2f9e1d
	.long	0xf330b2dc
	.long	0xec52860d
	.long	0xd0e3c177
	.long	0x6c16b32b
	.long	0x99b970a9
	.long	0xfa489411
	.long	0x2264e947
	.long	0xc48cfca8
	.long	0x1a3ff0a0
	.long	0xd82c7d56
	.long	0xef903322
	.long	0xc74e4987
	.long	0xc1d138d9
	.long	0xfea2ca8c
	.long	0x360bd498
	.long	0xcf81f5a6
	.long	0x28de7aa5
	.long	0x268eb7da
	.long	0xa4bfad3f
	.long	0xe49d3a2c
	.long	0x0d927850
	.long	0x9bcc5f6a
	.long	0x62467e54
	.long	0xc2138df6
	.long	0xe8b8d890
	.long	0x5ef7392e
	.long	0xf5afc382
	.long	0xbe805d9f
	.long	0x7c93d069
	.long	0xa92dd56f
	.long	0xb31225cf
	.long	0x3b99acc8
	.long	0xa77d1810
	.long	0x6e639ce8
	.long	0x7bbb3bdb
	.long	0x097826cd
	.long	0xf418596e
	.long	0x01b79aec
	.long	0xa89a4f83
	.long	0x656e95e6
	.long	0x7ee6ffaa
	.long	0x08cfbc21
	.long	0xe6e815ef
	.long	0xd99be7ba
	.long	0xce366f4a
	.long	0xd4099fea
	.long	0xd67cb029
	.long	0xafb2a431
	.long	0x31233f2a
	.long	0x3094a5c6
	.long	0xc066a235
	.long	0x37bc4e74
	.long	0xa6ca82fc
	.long	0xb0d090e0
	.long	0x15d8a733
	.long	0x4a9804f1
	.long	0xf7daec41
	.long	0x0e50cd7f
	.long	0x2ff69117
	.long	0x8dd64d76
	.long	0x4db0ef43
	.long	0x544daacc
	.long	0xdf0496e4
	.long	0xe3b5d19e
	.long	0x1b886a4c
	.long	0xb81f2cc1
	.long	0x7f516546
	.long	0x04ea5e9d
	.long	0x5d358c01
	.long	0x737487fa
	.long	0x2e410bfb
	.long	0x5a1d67b3
	.long	0x52d2db92
	.long	0x335610e9
	.long	0x1347d66d
	.long	0x8c61d79a
	.long	0x7a0ca137
	.long	0x8e14f859
	.long	0x893c13eb
	.long	0xee27a9ce
	.long	0x35c961b7
	.long	0xede51ce1
	.long	0x3cb1477a
	.long	0x59dfd29c
	.long	0x3f73f255
	.long	0x79ce1418
	.long	0xbf37c773
	.long	0xeacdf753
	.long	0x5baafd5f
	.long	0x146f3ddf
	.long	0x86db4478
	.long	0x81f3afca
	.long	0x3ec468b9
	.long	0x2c342438
	.long	0x5f40a3c2
	.long	0x72c31d16
	.long	0x0c25e2bc
	.long	0x8b493c28
	.long	0x41950dff
	.long	0x7101a839
	.long	0xdeb30c08
	.long	0x9ce4b4d8
	.long	0x90c15664
	.long	0x6184cb7b
	.long	0x70b632d5
	.long	0x745c6c48
	.long	0x4257b8d0
	// Table 1.
	.long	0xa7f45150
	.long	0x65417e53
	.long	0xa4171ac3
	.long	0x5e273a96
	.long	0x6bab3bcb
	.long	0x459d1ff1
	.long	0x58faacab
	.long	0x03e34b93
	.long	0xfa302055
	.long	0x6d76adf6
	.long	0x76cc8891
	.long	0x4c02f525
	.long	0xd7e54ffc
	.long	0xcb2ac5d7
	.long	0x44352680
	.long	0xa362b58f
	.long	0x5ab1de49
	.long	0x1bba2567
	.long	0x0eea4598
	.long	0xc0fe5de1
	.long	0x752fc302
	.long	0xf04c8112
	.long	0x97468da3
	.long	0xf9d36bc6
	.long	0x5f8f03e7
	.long	0x9c921595
	.long	0x7a6dbfeb
	.long	0x595295da
	.long	0x83bed42d
	.long	0x217458d3
	.long	0x69e04929
	.long	0xc8c98e44
	.long	0x89c2756a
	.long	0x798ef478
	.long	0x3e58996b
	.long	0x71b927dd
	.long	0x4fe1beb6
	.long	0xad88f017
	.long	0xac20c966
	.long	0x3ace7db4
	.long	0x4adf6318
	.long	0x311ae582
	.long	0x33519760
	.long	0x7f536245
	.long	0x7764b1e0
	.long	0xae6bbb84
	.long	0xa081fe1c
	.long	0x2b08f994
	.long	0x68487058
	.long	0xfd458f19
	.long	0x6cde9487
	.long	0xf87b52b7
	.long	0xd373ab23
	.long	0x024b72e2
	.long	0x8f1fe357
	.long	0xab55662a
	.long	0x28ebb207
	.long	0xc2b52f03
	.long	0x7bc5869a
	.long	0x0837d3a5
	.long	0x872830f2
	.long	0xa5bf23b2
	.long	0x6a0302ba
	.long	0x8216ed5c
	.long	0x1ccf8a2b
	.long	0xb479a792
	.long	0xf207f3f0
	.long	0xe2694ea1
	.long	0xf4da65cd
	.long	0xbe0506d5
	.long	0x6234d11f
	.long	0xfea6c48a
	.long	0x532e349d
	.long	0x55f3a2a0
	.long	0xe18a0532
	.long	0xebf6a475
	.long	0xec830b39
	.long	0xef6040aa
	.long	0x9f715e06
	.long	0x106ebd51
	.long	0x8a213ef9
	.long	0x06dd963d
	.long	0x053eddae
	.long	0xbde64d46
	.long	0x8d5491b5
	.long	0x5dc47105
	.long	0xd406046f
	.long	0x155060ff
	.long	0xfb981924
	.long	0xe9bdd697
	.long	0x434089cc
	.long	0x9ed96777
	.long	0x42e8b0bd
	.long	0x8b890788
	.long	0x5b19e738
	.long	0xeec879db
	.long	0x0a7ca147
	.long	0x0f427ce9
	.long	0x1e84f8c9
	.long	0x00000000
	.long	0x86800983
	.long	0xed2b3248
	.long	0x70111eac
	.long	0x725a6c4e
	.long	0xff0efdfb
	.long	0x38850f56
	.long	0xd5ae3d1e
	.long	0x392d3627
	.long	0xd90f0a64
	.long	0xa65c6821
	.long	0x545b9bd1
	.long	0x2e36243a
	.long	0x670a0cb1
	.long	0xe757930f
	.long	0x96eeb4d2
	.long	0x919b1b9e
	.long	0xc5c0804f
	.long	0x20dc61a2
	.long	0x4b775a69
	.long	0x1a121c16
	.long	0xba93e20a
	.long	0x2aa0c0e5
	.long	0xe0223c43
	.long	0x171b121d
	.long	0x0d090e0b
	.long	0xc78bf2ad
	.long	0xa8b62db9
	.long	0xa91e14c8
	.long	0x19f15785
	.long	0x0775af4c
	.long	0xdd99eebb
	.long	0x607fa3fd
	.long	0x2601f79f
	.long	0xf5725cbc
	.long	0x3b6644c5
	.long	0x7efb5b34
	.long	0x29438b76
	.long	0xc623cbdc
	.long	0xfcedb668
	.long	0xf1e4b863
	.long	0xdc31d7ca
	.long	0x85634210
	.long	0x22971340
	.long	0x11c68420
	.long	0x244a857d
	.long	0x3dbbd2f8
	.long	0x32f9ae11
	.long	0xa129c76d
	.long	0x2f9e1d4b
	.long	0x30b2dcf3
	.long	0x52860dec
	.long	0xe3c177d0
	.long	0x16b32b6c
	.long	0xb970a999
	.long	0x489411fa
	.long	0x64e94722
	.long	0x8cfca8c4
	.long	0x3ff0a01a
	.long	0x2c7d56d8
	.long	0x903322ef
	.long	0x4e4987c7
	.long	0xd138d9c1
	.long	0xa2ca8cfe
	.long	0x0bd49836
	.long	0x81f5a6cf
	.long	0xde7aa528
	.long	0x8eb7da26
	.long	0xbfad3fa4
	.long	0x9d3a2ce4
	.long	0x9278500d
	.long	0xcc5f6a9b
	.long	0x467e5462
	.long	0x138df6c2
	.long	0xb8d890e8
	.long	0xf7392e5e
	.long	0xafc382f5
	.long	0x805d9fbe
	.long	0x93d0697c
	.long	0x2dd56fa9
	.long	0x1225cfb3
	.long	0x99acc83b
	.long	0x7d1810a7
	.long	0x639ce86e
	.long	0xbb3bdb7b
	.long	0x7826cd09
	.long	0x18596ef4
	.long	0xb79aec01
	.long	0x9a4f83a8
	.long	0x6e95e665
	.long	0xe6ffaa7e
	.long	0xcfbc2108
	.long	0xe815efe6
	.long	0x9be7bad9
	.long	0x366f4ace
	.long	0x099fead4
	.long	0x7cb029d6
	.long	0xb2a431af
	.long	0x233f2a31
	.long	0x94a5c630
	.long	0x66a235c0
	.long	0xbc4e7437
	.long	0xca82fca6
	.long	0xd090e0b0
	.long	0xd8a73315
	.long	0x9804f14a
	.long	0xdaec41f7
	.long	0x50cd7f0e
	.long	0xf691172f
	.long	0xd64d768d
	.long	0xb0ef434d
	.long	0x4daacc54
	.long	0x0496e4df
	.long	0xb5d19ee3
	.long	0x886a4c1b
	.long	0x1f2cc1b8
	.long	0x5165467f
	.long	0xea5e9d04
	.long	0x358c015d
	.long	0x7487fa73
	.long	0x410bfb2e
	.long	0x1d67b35a
	.long	0xd2db9252
	.long	0x5610e933
	.long	0x47d66d13
	.long	0x61d79a8c
	.long	0x0ca1377a
	.long	0x14f8598e
	.long	0x3c13eb89
	.long	0x27a9ceee
	.long	0xc961b735
	.long	0xe51ce1ed
	.long	0xb1477a3c
	.long	0xdfd29c59
	.long	0x73f2553f
	.long	0xce141879
	.long	0x37c773bf
	.long	0xcdf753ea
	.long	0xaafd5f5b
	.long	0x6f3ddf14
	.long	0xdb447886
	.long	0xf3afca81
	.long	0xc468b93e
	.long	0x3424382c
	.long	0x40a3c25f
	.long	0xc31d1672
	.long	0x25e2bc0c
	.long	0x493c288b
	.long	0x950dff41
	.long	0x01a83971
	.long	0xb30c08de
	.long	0xe4b4d89c
	.long	0xc1566490
	.long	0x84cb7b61
	.long	0xb632d570
	.long	0x5c6c4874
	.long	0x57b8d042
	// Table 2.
	.long	0xf45150a7
	.long	0x417e5365
	.long	0x171ac3a4
	.long	0x273a965e
	.long	0xab3bcb6b
	.long	0x9d1ff145
	.long	0xfaacab58
	.long	0xe34b9303
	.long	0x302055fa
	.long	0x76adf66d
	.long	0xcc889176
	.long	0x02f5254c
	.long	0xe54ffcd7
	.long	0x2ac5d7cb
	.long	0x35268044
	.long	0x62b58fa3
	.long	0xb1de495a
	.long	0xba25671b
	.long	0xea45980e
	.long	0xfe5de1c0
	.long	0x2fc30275
	.long	0x4c8112f0
	.long	0x468da397
	.long	0xd36bc6f9
	.long	0x8f03e75f
	.long	0x9215959c
	.long	0x6dbfeb7a
	.long	0x5295da59
	.long	0xbed42d83
	.long	0x7458d321
	.long	0xe0492969
	.long	0xc98e44c8
	.long	0xc2756a89
	.long	0x8ef47879
	.long	0x58996b3e
	.long	0xb927dd71
	.long	0xe1beb64f
	.long	0x88f017ad
	.long	0x20c966ac
	.long	0xce7db43a
	.long	0xdf63184a
	.long	0x1ae58231
	.long	0x51976033
	.long	0x5362457f
	.long	0x64b1e077
	.long	0x6bbb84ae
	.long	0x81fe1ca0
	.long	0x08f9942b
	.long	0x48705868
	.long	0x458f19fd
	.long	0xde94876c
	.long	0x7b52b7f8
	.long	0x73ab23d3
	.long	0x4b72e202
	.long	0x1fe3578f
	.long	0x55662aab
	.long	0xebb20728
	.long	0xb52f03c2
	.long	0xc5869a7b
	.long	0x37d3a508
	.long	0x2830f287
	.long	0xbf23b2a5
	.long	0x0302ba6a
	.long	0x16ed5c82
	.long	0xcf8a2b1c
	.long	0x79a792b4
	.long	0x07f3f0f2
	.long	0x694ea1e2
	.long	0xda65cdf4
	.long	0x0506d5be
	.long	0x34d11f62
	.long	0xa6c48afe
	.long	0x2e349d53
	.long	0xf3a2a055
	.long	0x8a0532e1
	.long	0xf6a475eb
	.long	0x830b39ec
	.long	0x6040aaef
	.long	0x715e069f
	.long	0x6ebd5110
	.long	0x213ef98a
	.long	0xdd963d06
	.long	0x3eddae05
	.long	0xe64d46bd
	.long	0x5491b58d
	.long	0xc471055d
	.long	0x06046fd4
	.long	0x5060ff15
	.long	0x981924fb
	.long	0xbdd697e9
	.long	0x4089cc43
	.long	0xd967779e
	.long	0xe8b0bd42
	.long	0x8907888b
	.long	0x19e7385b
	.long	0xc879dbee
	.long	0x7ca1470a
	.long	0x427ce90f
	.long	0x84f8c91e
	.long	0x00000000
	.long	0x80098386
	.long	0x2b3248ed
	.long	0x111eac70
	.long	0x5a6c4e72
	.long	0x0efdfbff
	.long	0x850f5638
	.long	0xae3d1ed5
	.long	0x2d362739
	.long	0x0f0a64d9
	.long	0x5c6821a6
	.long	0x5b9bd154
	.long	0x36243a2e
	.long	0x0a0cb167
	.long	0x57930fe7
	.long	0xeeb4d296
	.long	0x9b1b9e91
	.long	0xc0804fc5
	.long	0xdc61a220
	.long	0x775a694b
	.long	0x121c161a
	.long	0x93e20aba
	.long	0xa0c0e52a
	.long	0x223c43e0
	.long	0x1b121d17
	.long	0x090e0b0d
	.long	0x8bf2adc7
	.long	0xb62db9a8
	.long	0x1e14c8a9
	.long	0xf1578519
	.long	0x75af4c07
	.long	0x99eebbdd
	.long	0x7fa3fd60
	.long	0x01f79f26
	.long	0x725cbcf5
	.long	0x6644c53b
	.long	0xfb5b347e
	.long	0x438b7629
	.long	0x23cbdcc6
	.long	0xedb668fc
	.long	0xe4b863f1
	.long	0x31d7cadc
	.long	0x63421085
	.long	0x97134022
	.long	0xc6842011
	.long	0x4a857d24
	.long	0xbbd2f83d
	.long	0xf9ae1132
	.long	0x29c76da1
	.long	0x9e1d4b2f
	.long	0xb2dcf330
	.long	0x860dec52
	.long	0xc177d0e3
	.long	0xb32b6c16
	.long	0x70a999b9
	.long	0x9411fa48
	.long	0xe9472264
	.long	0xfca8c48c
	.long	0xf0a01a3f
	.long	0x7d56d82c
	.long	0x3322ef90
	.long	0x4987c74e
	.long	0x38d9c1d1
	.long	0xca8cfea2
	.long	0xd498360b
	.long	0xf5a6cf81
	.long	0x7aa528de
	.long	0xb7da268e
	.long	0xad3fa4bf
	.long	0x3a2ce49d
	.long	0x78500d92
	.long	0x5f6a9bcc
	.long	0x7e546246
	.long	0x8df6c213
	.long	0xd890e8b8
	.long	0x392e5ef7
	.long	0xc382f5af
	.long	0x5d9fbe80
	.long	0xd0697c93
	.long	0xd56fa92d
	.long	0x25cfb312
	.long	0xacc83b99
	.long	0x1810a77d
	.long	0x9ce86e63
	.long	0x3bdb7bbb
	.long	0x26cd0978
	.long	0x596ef418
	.long	0x9aec01b7
	.long	0x4f83a89a
	.long	0x95e6656e
	.long	0xffaa7ee6
	.long	0xbc2108cf
	.long	0x15efe6e8
	.long	0xe7bad99b
	.long	0x6f4ace36
	.long	0x9fead409
	.long	0xb029d67c
	.long	0xa431afb2
	.long	0x3f2a3123
	.long	0xa5c63094
	.long	0xa235c066
	.long	0x4e7437bc
	.long	0x82fca6ca
	.long	0x90e0b0d0
	.long	0xa73315d8
	.long	0x04f14a98
	.long	0xec41f7da
	.long	0xcd7f0e50
	.long	0x91172ff6
	.long	0x4d768dd6
	.long	0xef434db0
	.long	0xaacc544d
	.long	0x96e4df04
	.long	0xd19ee3b5
	.long	0x6a4c1b88
	.long	0x2cc1b81f
	.long	0x65467f51
	.long	0x5e9d04ea
	.long	0x8c015d35
	.long	0x87fa7374
	.long	0x0bfb2e41
	.long	0x67b35a1d
	.long	0xdb9252d2
	.long	0x10e93356
	.long	0xd66d1347
	.long	0xd79a8c61
	.long	0xa1377a0c
	.long	0xf8598e14
	.long	0x13eb893c
	.long	0xa9ceee27
	.long	0x61b735c9
	.long	0x1ce1ede5
	.long	0x477a3cb1
	.long	0xd29c59df
	.long	0xf2553f73
	.long	0x141879ce
	.long	0xc773bf37
	.long	0xf753eacd
	.long	0xfd5f5baa
	.long	0x3ddf146f
	.long	0x447886db
	.long	0xafca81f3
	.long	0x68b93ec4
	.long	0x24382c34
	.long	0xa3c25f40
	.long	0x1d1672c3
	.long	0xe2bc0c25
	.long	0x3c288b49
	.long	0x0dff4195
	.long	0xa8397101
	.long	0x0c08deb3
	.long	0xb4d89ce4
	.long	0x566490c1
	.long	0xcb7b6184
	.long	0x32d570b6
	.long	0x6c48745c
	.long	0xb8d04257
	// Table 3.
	.long	0x5150a7f4
	.long	0x7e536541
	.long	0x1ac3a417
	.long	0x3a965e27
	.long	0x3bcb6bab
	.long	0x1ff1459d
	.long	0xacab58fa
	.long	0x4b9303e3
	.long	0x2055fa30
	.long	0xadf66d76
	.long	0x889176cc
	.long	0xf5254c02
	.long	0x4ffcd7e5
	.long	0xc5d7cb2a
	.long	0x26804435
	.long	0xb58fa362
	.long	0xde495ab1
	.long	0x25671bba
	.long	0x45980eea
	.long	0x5de1c0fe
	.long	0xc302752f
	.long	0x8112f04c
	.long	0x8da39746
	.long	0x6bc6f9d3
	.long	0x03e75f8f
	.long	0x15959c92
	.long	0xbfeb7a6d
	.long	0x95da5952
	.long	0xd42d83be
	.long	0x58d32174
	.long	0x492969e0
	.long	0x8e44c8c9
	.long	0x756a89c2
	.long	0xf478798e
	.long	0x996b3e58
	.long	0x27dd71b9
	.long	0xbeb64fe1
	.long	0xf017ad88
	.long	0xc966ac20
	.long	0x7db43ace
	.long	0x63184adf
	.long	0xe582311a
	.long	0x97603351
	.long	0x62457f53
	.long	0xb1e07764
	.long	0xbb84ae6b
	.long	0xfe1ca081
	.long	0xf9942b08
	.long	0x70586848
	.long	0x8f19fd45
	.long	0x94876cde
	.long	0x52b7f87b
	.long	0xab23d373
	.long	0x72e2024b
	.long	0xe3578f1f
	.long	0x662aab55
	.long	0xb20728eb
	.long	0x2f03c2b5
	.long	0x869a7bc5
	.long	0xd3a50837
	.long	0x30f28728
	.long	0x23b2a5bf
	.long	0x02ba6a03
	.long	0xed5c8216
	.long	0x8a2b1ccf
	.long	0xa792b479
	.long	0xf3f0f207
	.long	0x4ea1e269
	.long	0x65cdf4da
	.long	0x06d5be05
	.long	0xd11f6234
	.long	0xc48afea6
	.long	0x349d532e
	.long	0xa2a055f3
	.long	0x0532e18a
	.long	0xa475ebf6
	.long	0x0b39ec83
	.long	0x40aaef60
	.long	0x5e069f71
	.long	0xbd51106e
	.long	0x3ef98a21
	.long	0x963d06dd
	.long	0xddae053e
	.long	0x4d46bde6
	.long	0x91b58d54
	.long	0x71055dc4
	.long	0x046fd406
	.long	0x60ff1550
	.long	0x1924fb98
	.long	0xd697e9bd
	.long	0x89cc4340
	.long	0x67779ed9
	.long	0xb0bd42e8
	.long	0x07888b89
	.long	0xe7385b19
	.long	0x79dbeec8
	.long	0xa1470a7c
	.long	0x7ce90f42
	.long	0xf8c91e84
	.long	0x00000000
	.long	0x09838680
	.long	0x3248ed2b
	.long	0x1eac7011
	.long	0x6c4e725a
	.long	0xfdfbff0e
	.long	0x0f563885
	.long	0x3d1ed5ae
	.long	0x3627392d
	.long	0x0a64d90f
	.long	0x6821a65c
	.long	0x9bd1545b
	.long	0x243a2e36
	.long	0x0cb1670a
	.long	0x930fe757
	.long	0xb4d296ee
	.long	0x1b9e919b
	.long	0x804fc5c0
	.long	0x61a220dc
	.long	0x5a694b77
	.long	0x1c161a12
	.long	0xe20aba93
	.long	0xc0e52aa0
	.long	0x3c43e022
	.long	0x121d171b
	.long	0x0e0b0d09
	.long	0xf2adc78b
	.long	0x2db9a8b6
	.long	0x14c8a91e
	.long	0x578519f1
	.long	0xaf4c0775
	.long	0xeebbdd99
	.long	0xa3fd607f
	.long	0xf79f2601
	.long	0x5cbcf572
	.long	0x44c53b66
	.long	0x5b347efb
	.long	0x8b762943
	.long	0xcbdcc623
	.long	0xb668fced
	.long	0xb863f1e4
	.long	0xd7cadc31
	.long	0x42108563
	.long	0x13402297
	.long	0x842011c6
	.long	0x857d244a
	.long	0xd2f83dbb
	.long	0xae1132f9
	.long	0xc76da129
	.long	0x1d4b2f9e
	.long	0xdcf330b2
	.long	0x0dec5286
	.long	0x77d0e3c1
	.long	0x2b6c16b3
	.long	0xa999b970
	.long	0x11fa4894
	.long	0x472264e9
	.long	0xa8c48cfc
	.long	0xa01a3ff0
	.long	0x56d82c7d
	.long	0x22ef9033
	.long	0x87c74e49
	.long	0xd9c1d138
	.long	0x8cfea2ca
	.long	0x98360bd4
	.long	0xa6cf81f5
	.long	0xa528de7a
	.long	0xda268eb7
	.long	0x3fa4bfad
	.long	0x2ce49d3a
	.long	0x500d9278
	.long	0x6a9bcc5f
	.long	0x5462467e
	.long	0xf6c2138d
	.long	0x90e8b8d8
	.long	0x2e5ef739
	.long	0x82f5afc3
	.long	0x9fbe805d
	.long	0x697c93d0
	.long	0x6fa92dd5
	.long	0xcfb31225
	.long	0xc83b99ac
	.long	0x10a77d18
	.long	0xe86e639c
	.long	0xdb7bbb3b
	.long	0xcd097826
	.long	0x6ef41859
	.long	0xec01b79a
	.long	0x83a89a4f
	.long	0xe6656e95
	.long	0xaa7ee6ff
	.long	0x2108cfbc
	.long	0xefe6e815
	.long	0xbad99be7
	.long	0x4ace366f
	.long	0xead4099f
	.long	0x29d67cb0
	.long	0x31afb2a4
	.long	0x2a31233f
	.long	0xc63094a5
	.long	0x35c066a2
	.long	0x7437bc4e
	.long	0xfca6ca82
	.long	0xe0b0d090
	.long	0x3315d8a7
	.long	0xf14a9804
	.long	0x41f7daec
	.long	0x7f0e50cd
	.long	0x172ff691
	.long	0x768dd64d
	.long	0x434db0ef
	.long	0xcc544daa
	.long	0xe4df0496
	.long	0x9ee3b5d1
	.long	0x4c1b886a
	.long	0xc1b81f2c
	.long	0x467f5165
	.long	0x9d04ea5e
	.long	0x015d358c
	.long	0xfa737487
	.long	0xfb2e410b
	.long	0xb35a1d67
	.long	0x9252d2db
	.long	0xe9335610
	.long	0x6d1347d6
	.long	0x9a8c61d7
	.long	0x377a0ca1
	.long	0x598e14f8
	.long	0xeb893c13
	.long	0xceee27a9
	.long	0xb735c961
	.long	0xe1ede51c
	.long	0x7a3cb147
	.long	0x9c59dfd2
	.long	0x553f73f2
	.long	0x1879ce14
	.long	0x73bf37c7
	.long	0x53eacdf7
	.long	0x5f5baafd
	.long	0xdf146f3d
	.long	0x7886db44
	.long	0xca81f3af
	.long	0xb93ec468
	.long	0x382c3424
	.long	0xc25f40a3
	.long	0x1672c31d
	.long	0xbc0c25e2
	.long	0x288b493c
	.long	0xff41950d
	.long	0x397101a8
	.long	0x08deb30c
	.long	0xd89ce4b4
	.long	0x6490c156
	.long	0x7b6184cb
	.long	0xd570b632
	.long	0x48745c6c
	.long	0xd04257b8


// SubBytes embedded in words tables.
	.globl	_AESSubBytesWordTable
	.private_extern	_AESSubBytesWordTable
	.align	2
_AESSubBytesWordTable:
	// Table 0.
	.long	0x00000063
	.long	0x0000007c
	.long	0x00000077
	.long	0x0000007b
	.long	0x000000f2
	.long	0x0000006b
	.long	0x0000006f
	.long	0x000000c5
	.long	0x00000030
	.long	0x00000001
	.long	0x00000067
	.long	0x0000002b
	.long	0x000000fe
	.long	0x000000d7
	.long	0x000000ab
	.long	0x00000076
	.long	0x000000ca
	.long	0x00000082
	.long	0x000000c9
	.long	0x0000007d
	.long	0x000000fa
	.long	0x00000059
	.long	0x00000047
	.long	0x000000f0
	.long	0x000000ad
	.long	0x000000d4
	.long	0x000000a2
	.long	0x000000af
	.long	0x0000009c
	.long	0x000000a4
	.long	0x00000072
	.long	0x000000c0
	.long	0x000000b7
	.long	0x000000fd
	.long	0x00000093
	.long	0x00000026
	.long	0x00000036
	.long	0x0000003f
	.long	0x000000f7
	.long	0x000000cc
	.long	0x00000034
	.long	0x000000a5
	.long	0x000000e5
	.long	0x000000f1
	.long	0x00000071
	.long	0x000000d8
	.long	0x00000031
	.long	0x00000015
	.long	0x00000004
	.long	0x000000c7
	.long	0x00000023
	.long	0x000000c3
	.long	0x00000018
	.long	0x00000096
	.long	0x00000005
	.long	0x0000009a
	.long	0x00000007
	.long	0x00000012
	.long	0x00000080
	.long	0x000000e2
	.long	0x000000eb
	.long	0x00000027
	.long	0x000000b2
	.long	0x00000075
	.long	0x00000009
	.long	0x00000083
	.long	0x0000002c
	.long	0x0000001a
	.long	0x0000001b
	.long	0x0000006e
	.long	0x0000005a
	.long	0x000000a0
	.long	0x00000052
	.long	0x0000003b
	.long	0x000000d6
	.long	0x000000b3
	.long	0x00000029
	.long	0x000000e3
	.long	0x0000002f
	.long	0x00000084
	.long	0x00000053
	.long	0x000000d1
	.long	0x00000000
	.long	0x000000ed
	.long	0x00000020
	.long	0x000000fc
	.long	0x000000b1
	.long	0x0000005b
	.long	0x0000006a
	.long	0x000000cb
	.long	0x000000be
	.long	0x00000039
	.long	0x0000004a
	.long	0x0000004c
	.long	0x00000058
	.long	0x000000cf
	.long	0x000000d0
	.long	0x000000ef
	.long	0x000000aa
	.long	0x000000fb
	.long	0x00000043
	.long	0x0000004d
	.long	0x00000033
	.long	0x00000085
	.long	0x00000045
	.long	0x000000f9
	.long	0x00000002
	.long	0x0000007f
	.long	0x00000050
	.long	0x0000003c
	.long	0x0000009f
	.long	0x000000a8
	.long	0x00000051
	.long	0x000000a3
	.long	0x00000040
	.long	0x0000008f
	.long	0x00000092
	.long	0x0000009d
	.long	0x00000038
	.long	0x000000f5
	.long	0x000000bc
	.long	0x000000b6
	.long	0x000000da
	.long	0x00000021
	.long	0x00000010
	.long	0x000000ff
	.long	0x000000f3
	.long	0x000000d2
	.long	0x000000cd
	.long	0x0000000c
	.long	0x00000013
	.long	0x000000ec
	.long	0x0000005f
	.long	0x00000097
	.long	0x00000044
	.long	0x00000017
	.long	0x000000c4
	.long	0x000000a7
	.long	0x0000007e
	.long	0x0000003d
	.long	0x00000064
	.long	0x0000005d
	.long	0x00000019
	.long	0x00000073
	.long	0x00000060
	.long	0x00000081
	.long	0x0000004f
	.long	0x000000dc
	.long	0x00000022
	.long	0x0000002a
	.long	0x00000090
	.long	0x00000088
	.long	0x00000046
	.long	0x000000ee
	.long	0x000000b8
	.long	0x00000014
	.long	0x000000de
	.long	0x0000005e
	.long	0x0000000b
	.long	0x000000db
	.long	0x000000e0
	.long	0x00000032
	.long	0x0000003a
	.long	0x0000000a
	.long	0x00000049
	.long	0x00000006
	.long	0x00000024
	.long	0x0000005c
	.long	0x000000c2
	.long	0x000000d3
	.long	0x000000ac
	.long	0x00000062
	.long	0x00000091
	.long	0x00000095
	.long	0x000000e4
	.long	0x00000079
	.long	0x000000e7
	.long	0x000000c8
	.long	0x00000037
	.long	0x0000006d
	.long	0x0000008d
	.long	0x000000d5
	.long	0x0000004e
	.long	0x000000a9
	.long	0x0000006c
	.long	0x00000056
	.long	0x000000f4
	.long	0x000000ea
	.long	0x00000065
	.long	0x0000007a
	.long	0x000000ae
	.long	0x00000008
	.long	0x000000ba
	.long	0x00000078
	.long	0x00000025
	.long	0x0000002e
	.long	0x0000001c
	.long	0x000000a6
	.long	0x000000b4
	.long	0x000000c6
	.long	0x000000e8
	.long	0x000000dd
	.long	0x00000074
	.long	0x0000001f
	.long	0x0000004b
	.long	0x000000bd
	.long	0x0000008b
	.long	0x0000008a
	.long	0x00000070
	.long	0x0000003e
	.long	0x000000b5
	.long	0x00000066
	.long	0x00000048
	.long	0x00000003
	.long	0x000000f6
	.long	0x0000000e
	.long	0x00000061
	.long	0x00000035
	.long	0x00000057
	.long	0x000000b9
	.long	0x00000086
	.long	0x000000c1
	.long	0x0000001d
	.long	0x0000009e
	.long	0x000000e1
	.long	0x000000f8
	.long	0x00000098
	.long	0x00000011
	.long	0x00000069
	.long	0x000000d9
	.long	0x0000008e
	.long	0x00000094
	.long	0x0000009b
	.long	0x0000001e
	.long	0x00000087
	.long	0x000000e9
	.long	0x000000ce
	.long	0x00000055
	.long	0x00000028
	.long	0x000000df
	.long	0x0000008c
	.long	0x000000a1
	.long	0x00000089
	.long	0x0000000d
	.long	0x000000bf
	.long	0x000000e6
	.long	0x00000042
	.long	0x00000068
	.long	0x00000041
	.long	0x00000099
	.long	0x0000002d
	.long	0x0000000f
	.long	0x000000b0
	.long	0x00000054
	.long	0x000000bb
	.long	0x00000016
	// Table 1.
	.long	0x00006300
	.long	0x00007c00
	.long	0x00007700
	.long	0x00007b00
	.long	0x0000f200
	.long	0x00006b00
	.long	0x00006f00
	.long	0x0000c500
	.long	0x00003000
	.long	0x00000100
	.long	0x00006700
	.long	0x00002b00
	.long	0x0000fe00
	.long	0x0000d700
	.long	0x0000ab00
	.long	0x00007600
	.long	0x0000ca00
	.long	0x00008200
	.long	0x0000c900
	.long	0x00007d00
	.long	0x0000fa00
	.long	0x00005900
	.long	0x00004700
	.long	0x0000f000
	.long	0x0000ad00
	.long	0x0000d400
	.long	0x0000a200
	.long	0x0000af00
	.long	0x00009c00
	.long	0x0000a400
	.long	0x00007200
	.long	0x0000c000
	.long	0x0000b700
	.long	0x0000fd00
	.long	0x00009300
	.long	0x00002600
	.long	0x00003600
	.long	0x00003f00
	.long	0x0000f700
	.long	0x0000cc00
	.long	0x00003400
	.long	0x0000a500
	.long	0x0000e500
	.long	0x0000f100
	.long	0x00007100
	.long	0x0000d800
	.long	0x00003100
	.long	0x00001500
	.long	0x00000400
	.long	0x0000c700
	.long	0x00002300
	.long	0x0000c300
	.long	0x00001800
	.long	0x00009600
	.long	0x00000500
	.long	0x00009a00
	.long	0x00000700
	.long	0x00001200
	.long	0x00008000
	.long	0x0000e200
	.long	0x0000eb00
	.long	0x00002700
	.long	0x0000b200
	.long	0x00007500
	.long	0x00000900
	.long	0x00008300
	.long	0x00002c00
	.long	0x00001a00
	.long	0x00001b00
	.long	0x00006e00
	.long	0x00005a00
	.long	0x0000a000
	.long	0x00005200
	.long	0x00003b00
	.long	0x0000d600
	.long	0x0000b300
	.long	0x00002900
	.long	0x0000e300
	.long	0x00002f00
	.long	0x00008400
	.long	0x00005300
	.long	0x0000d100
	.long	0x00000000
	.long	0x0000ed00
	.long	0x00002000
	.long	0x0000fc00
	.long	0x0000b100
	.long	0x00005b00
	.long	0x00006a00
	.long	0x0000cb00
	.long	0x0000be00
	.long	0x00003900
	.long	0x00004a00
	.long	0x00004c00
	.long	0x00005800
	.long	0x0000cf00
	.long	0x0000d000
	.long	0x0000ef00
	.long	0x0000aa00
	.long	0x0000fb00
	.long	0x00004300
	.long	0x00004d00
	.long	0x00003300
	.long	0x00008500
	.long	0x00004500
	.long	0x0000f900
	.long	0x00000200
	.long	0x00007f00
	.long	0x00005000
	.long	0x00003c00
	.long	0x00009f00
	.long	0x0000a800
	.long	0x00005100
	.long	0x0000a300
	.long	0x00004000
	.long	0x00008f00
	.long	0x00009200
	.long	0x00009d00
	.long	0x00003800
	.long	0x0000f500
	.long	0x0000bc00
	.long	0x0000b600
	.long	0x0000da00
	.long	0x00002100
	.long	0x00001000
	.long	0x0000ff00
	.long	0x0000f300
	.long	0x0000d200
	.long	0x0000cd00
	.long	0x00000c00
	.long	0x00001300
	.long	0x0000ec00
	.long	0x00005f00
	.long	0x00009700
	.long	0x00004400
	.long	0x00001700
	.long	0x0000c400
	.long	0x0000a700
	.long	0x00007e00
	.long	0x00003d00
	.long	0x00006400
	.long	0x00005d00
	.long	0x00001900
	.long	0x00007300
	.long	0x00006000
	.long	0x00008100
	.long	0x00004f00
	.long	0x0000dc00
	.long	0x00002200
	.long	0x00002a00
	.long	0x00009000
	.long	0x00008800
	.long	0x00004600
	.long	0x0000ee00
	.long	0x0000b800
	.long	0x00001400
	.long	0x0000de00
	.long	0x00005e00
	.long	0x00000b00
	.long	0x0000db00
	.long	0x0000e000
	.long	0x00003200
	.long	0x00003a00
	.long	0x00000a00
	.long	0x00004900
	.long	0x00000600
	.long	0x00002400
	.long	0x00005c00
	.long	0x0000c200
	.long	0x0000d300
	.long	0x0000ac00
	.long	0x00006200
	.long	0x00009100
	.long	0x00009500
	.long	0x0000e400
	.long	0x00007900
	.long	0x0000e700
	.long	0x0000c800
	.long	0x00003700
	.long	0x00006d00
	.long	0x00008d00
	.long	0x0000d500
	.long	0x00004e00
	.long	0x0000a900
	.long	0x00006c00
	.long	0x00005600
	.long	0x0000f400
	.long	0x0000ea00
	.long	0x00006500
	.long	0x00007a00
	.long	0x0000ae00
	.long	0x00000800
	.long	0x0000ba00
	.long	0x00007800
	.long	0x00002500
	.long	0x00002e00
	.long	0x00001c00
	.long	0x0000a600
	.long	0x0000b400
	.long	0x0000c600
	.long	0x0000e800
	.long	0x0000dd00
	.long	0x00007400
	.long	0x00001f00
	.long	0x00004b00
	.long	0x0000bd00
	.long	0x00008b00
	.long	0x00008a00
	.long	0x00007000
	.long	0x00003e00
	.long	0x0000b500
	.long	0x00006600
	.long	0x00004800
	.long	0x00000300
	.long	0x0000f600
	.long	0x00000e00
	.long	0x00006100
	.long	0x00003500
	.long	0x00005700
	.long	0x0000b900
	.long	0x00008600
	.long	0x0000c100
	.long	0x00001d00
	.long	0x00009e00
	.long	0x0000e100
	.long	0x0000f800
	.long	0x00009800
	.long	0x00001100
	.long	0x00006900
	.long	0x0000d900
	.long	0x00008e00
	.long	0x00009400
	.long	0x00009b00
	.long	0x00001e00
	.long	0x00008700
	.long	0x0000e900
	.long	0x0000ce00
	.long	0x00005500
	.long	0x00002800
	.long	0x0000df00
	.long	0x00008c00
	.long	0x0000a100
	.long	0x00008900
	.long	0x00000d00
	.long	0x0000bf00
	.long	0x0000e600
	.long	0x00004200
	.long	0x00006800
	.long	0x00004100
	.long	0x00009900
	.long	0x00002d00
	.long	0x00000f00
	.long	0x0000b000
	.long	0x00005400
	.long	0x0000bb00
	.long	0x00001600
	// Table 2.
	.long	0x00630000
	.long	0x007c0000
	.long	0x00770000
	.long	0x007b0000
	.long	0x00f20000
	.long	0x006b0000
	.long	0x006f0000
	.long	0x00c50000
	.long	0x00300000
	.long	0x00010000
	.long	0x00670000
	.long	0x002b0000
	.long	0x00fe0000
	.long	0x00d70000
	.long	0x00ab0000
	.long	0x00760000
	.long	0x00ca0000
	.long	0x00820000
	.long	0x00c90000
	.long	0x007d0000
	.long	0x00fa0000
	.long	0x00590000
	.long	0x00470000
	.long	0x00f00000
	.long	0x00ad0000
	.long	0x00d40000
	.long	0x00a20000
	.long	0x00af0000
	.long	0x009c0000
	.long	0x00a40000
	.long	0x00720000
	.long	0x00c00000
	.long	0x00b70000
	.long	0x00fd0000
	.long	0x00930000
	.long	0x00260000
	.long	0x00360000
	.long	0x003f0000
	.long	0x00f70000
	.long	0x00cc0000
	.long	0x00340000
	.long	0x00a50000
	.long	0x00e50000
	.long	0x00f10000
	.long	0x00710000
	.long	0x00d80000
	.long	0x00310000
	.long	0x00150000
	.long	0x00040000
	.long	0x00c70000
	.long	0x00230000
	.long	0x00c30000
	.long	0x00180000
	.long	0x00960000
	.long	0x00050000
	.long	0x009a0000
	.long	0x00070000
	.long	0x00120000
	.long	0x00800000
	.long	0x00e20000
	.long	0x00eb0000
	.long	0x00270000
	.long	0x00b20000
	.long	0x00750000
	.long	0x00090000
	.long	0x00830000
	.long	0x002c0000
	.long	0x001a0000
	.long	0x001b0000
	.long	0x006e0000
	.long	0x005a0000
	.long	0x00a00000
	.long	0x00520000
	.long	0x003b0000
	.long	0x00d60000
	.long	0x00b30000
	.long	0x00290000
	.long	0x00e30000
	.long	0x002f0000
	.long	0x00840000
	.long	0x00530000
	.long	0x00d10000
	.long	0x00000000
	.long	0x00ed0000
	.long	0x00200000
	.long	0x00fc0000
	.long	0x00b10000
	.long	0x005b0000
	.long	0x006a0000
	.long	0x00cb0000
	.long	0x00be0000
	.long	0x00390000
	.long	0x004a0000
	.long	0x004c0000
	.long	0x00580000
	.long	0x00cf0000
	.long	0x00d00000
	.long	0x00ef0000
	.long	0x00aa0000
	.long	0x00fb0000
	.long	0x00430000
	.long	0x004d0000
	.long	0x00330000
	.long	0x00850000
	.long	0x00450000
	.long	0x00f90000
	.long	0x00020000
	.long	0x007f0000
	.long	0x00500000
	.long	0x003c0000
	.long	0x009f0000
	.long	0x00a80000
	.long	0x00510000
	.long	0x00a30000
	.long	0x00400000
	.long	0x008f0000
	.long	0x00920000
	.long	0x009d0000
	.long	0x00380000
	.long	0x00f50000
	.long	0x00bc0000
	.long	0x00b60000
	.long	0x00da0000
	.long	0x00210000
	.long	0x00100000
	.long	0x00ff0000
	.long	0x00f30000
	.long	0x00d20000
	.long	0x00cd0000
	.long	0x000c0000
	.long	0x00130000
	.long	0x00ec0000
	.long	0x005f0000
	.long	0x00970000
	.long	0x00440000
	.long	0x00170000
	.long	0x00c40000
	.long	0x00a70000
	.long	0x007e0000
	.long	0x003d0000
	.long	0x00640000
	.long	0x005d0000
	.long	0x00190000
	.long	0x00730000
	.long	0x00600000
	.long	0x00810000
	.long	0x004f0000
	.long	0x00dc0000
	.long	0x00220000
	.long	0x002a0000
	.long	0x00900000
	.long	0x00880000
	.long	0x00460000
	.long	0x00ee0000
	.long	0x00b80000
	.long	0x00140000
	.long	0x00de0000
	.long	0x005e0000
	.long	0x000b0000
	.long	0x00db0000
	.long	0x00e00000
	.long	0x00320000
	.long	0x003a0000
	.long	0x000a0000
	.long	0x00490000
	.long	0x00060000
	.long	0x00240000
	.long	0x005c0000
	.long	0x00c20000
	.long	0x00d30000
	.long	0x00ac0000
	.long	0x00620000
	.long	0x00910000
	.long	0x00950000
	.long	0x00e40000
	.long	0x00790000
	.long	0x00e70000
	.long	0x00c80000
	.long	0x00370000
	.long	0x006d0000
	.long	0x008d0000
	.long	0x00d50000
	.long	0x004e0000
	.long	0x00a90000
	.long	0x006c0000
	.long	0x00560000
	.long	0x00f40000
	.long	0x00ea0000
	.long	0x00650000
	.long	0x007a0000
	.long	0x00ae0000
	.long	0x00080000
	.long	0x00ba0000
	.long	0x00780000
	.long	0x00250000
	.long	0x002e0000
	.long	0x001c0000
	.long	0x00a60000
	.long	0x00b40000
	.long	0x00c60000
	.long	0x00e80000
	.long	0x00dd0000
	.long	0x00740000
	.long	0x001f0000
	.long	0x004b0000
	.long	0x00bd0000
	.long	0x008b0000
	.long	0x008a0000
	.long	0x00700000
	.long	0x003e0000
	.long	0x00b50000
	.long	0x00660000
	.long	0x00480000
	.long	0x00030000
	.long	0x00f60000
	.long	0x000e0000
	.long	0x00610000
	.long	0x00350000
	.long	0x00570000
	.long	0x00b90000
	.long	0x00860000
	.long	0x00c10000
	.long	0x001d0000
	.long	0x009e0000
	.long	0x00e10000
	.long	0x00f80000
	.long	0x00980000
	.long	0x00110000
	.long	0x00690000
	.long	0x00d90000
	.long	0x008e0000
	.long	0x00940000
	.long	0x009b0000
	.long	0x001e0000
	.long	0x00870000
	.long	0x00e90000
	.long	0x00ce0000
	.long	0x00550000
	.long	0x00280000
	.long	0x00df0000
	.long	0x008c0000
	.long	0x00a10000
	.long	0x00890000
	.long	0x000d0000
	.long	0x00bf0000
	.long	0x00e60000
	.long	0x00420000
	.long	0x00680000
	.long	0x00410000
	.long	0x00990000
	.long	0x002d0000
	.long	0x000f0000
	.long	0x00b00000
	.long	0x00540000
	.long	0x00bb0000
	.long	0x00160000
	// Table 3.
	.long	0x63000000
	.long	0x7c000000
	.long	0x77000000
	.long	0x7b000000
	.long	0xf2000000
	.long	0x6b000000
	.long	0x6f000000
	.long	0xc5000000
	.long	0x30000000
	.long	0x01000000
	.long	0x67000000
	.long	0x2b000000
	.long	0xfe000000
	.long	0xd7000000
	.long	0xab000000
	.long	0x76000000
	.long	0xca000000
	.long	0x82000000
	.long	0xc9000000
	.long	0x7d000000
	.long	0xfa000000
	.long	0x59000000
	.long	0x47000000
	.long	0xf0000000
	.long	0xad000000
	.long	0xd4000000
	.long	0xa2000000
	.long	0xaf000000
	.long	0x9c000000
	.long	0xa4000000
	.long	0x72000000
	.long	0xc0000000
	.long	0xb7000000
	.long	0xfd000000
	.long	0x93000000
	.long	0x26000000
	.long	0x36000000
	.long	0x3f000000
	.long	0xf7000000
	.long	0xcc000000
	.long	0x34000000
	.long	0xa5000000
	.long	0xe5000000
	.long	0xf1000000
	.long	0x71000000
	.long	0xd8000000
	.long	0x31000000
	.long	0x15000000
	.long	0x04000000
	.long	0xc7000000
	.long	0x23000000
	.long	0xc3000000
	.long	0x18000000
	.long	0x96000000
	.long	0x05000000
	.long	0x9a000000
	.long	0x07000000
	.long	0x12000000
	.long	0x80000000
	.long	0xe2000000
	.long	0xeb000000
	.long	0x27000000
	.long	0xb2000000
	.long	0x75000000
	.long	0x09000000
	.long	0x83000000
	.long	0x2c000000
	.long	0x1a000000
	.long	0x1b000000
	.long	0x6e000000
	.long	0x5a000000
	.long	0xa0000000
	.long	0x52000000
	.long	0x3b000000
	.long	0xd6000000
	.long	0xb3000000
	.long	0x29000000
	.long	0xe3000000
	.long	0x2f000000
	.long	0x84000000
	.long	0x53000000
	.long	0xd1000000
	.long	0x00000000
	.long	0xed000000
	.long	0x20000000
	.long	0xfc000000
	.long	0xb1000000
	.long	0x5b000000
	.long	0x6a000000
	.long	0xcb000000
	.long	0xbe000000
	.long	0x39000000
	.long	0x4a000000
	.long	0x4c000000
	.long	0x58000000
	.long	0xcf000000
	.long	0xd0000000
	.long	0xef000000
	.long	0xaa000000
	.long	0xfb000000
	.long	0x43000000
	.long	0x4d000000
	.long	0x33000000
	.long	0x85000000
	.long	0x45000000
	.long	0xf9000000
	.long	0x02000000
	.long	0x7f000000
	.long	0x50000000
	.long	0x3c000000
	.long	0x9f000000
	.long	0xa8000000
	.long	0x51000000
	.long	0xa3000000
	.long	0x40000000
	.long	0x8f000000
	.long	0x92000000
	.long	0x9d000000
	.long	0x38000000
	.long	0xf5000000
	.long	0xbc000000
	.long	0xb6000000
	.long	0xda000000
	.long	0x21000000
	.long	0x10000000
	.long	0xff000000
	.long	0xf3000000
	.long	0xd2000000
	.long	0xcd000000
	.long	0x0c000000
	.long	0x13000000
	.long	0xec000000
	.long	0x5f000000
	.long	0x97000000
	.long	0x44000000
	.long	0x17000000
	.long	0xc4000000
	.long	0xa7000000
	.long	0x7e000000
	.long	0x3d000000
	.long	0x64000000
	.long	0x5d000000
	.long	0x19000000
	.long	0x73000000
	.long	0x60000000
	.long	0x81000000
	.long	0x4f000000
	.long	0xdc000000
	.long	0x22000000
	.long	0x2a000000
	.long	0x90000000
	.long	0x88000000
	.long	0x46000000
	.long	0xee000000
	.long	0xb8000000
	.long	0x14000000
	.long	0xde000000
	.long	0x5e000000
	.long	0x0b000000
	.long	0xdb000000
	.long	0xe0000000
	.long	0x32000000
	.long	0x3a000000
	.long	0x0a000000
	.long	0x49000000
	.long	0x06000000
	.long	0x24000000
	.long	0x5c000000
	.long	0xc2000000
	.long	0xd3000000
	.long	0xac000000
	.long	0x62000000
	.long	0x91000000
	.long	0x95000000
	.long	0xe4000000
	.long	0x79000000
	.long	0xe7000000
	.long	0xc8000000
	.long	0x37000000
	.long	0x6d000000
	.long	0x8d000000
	.long	0xd5000000
	.long	0x4e000000
	.long	0xa9000000
	.long	0x6c000000
	.long	0x56000000
	.long	0xf4000000
	.long	0xea000000
	.long	0x65000000
	.long	0x7a000000
	.long	0xae000000
	.long	0x08000000
	.long	0xba000000
	.long	0x78000000
	.long	0x25000000
	.long	0x2e000000
	.long	0x1c000000
	.long	0xa6000000
	.long	0xb4000000
	.long	0xc6000000
	.long	0xe8000000
	.long	0xdd000000
	.long	0x74000000
	.long	0x1f000000
	.long	0x4b000000
	.long	0xbd000000
	.long	0x8b000000
	.long	0x8a000000
	.long	0x70000000
	.long	0x3e000000
	.long	0xb5000000
	.long	0x66000000
	.long	0x48000000
	.long	0x03000000
	.long	0xf6000000
	.long	0x0e000000
	.long	0x61000000
	.long	0x35000000
	.long	0x57000000
	.long	0xb9000000
	.long	0x86000000
	.long	0xc1000000
	.long	0x1d000000
	.long	0x9e000000
	.long	0xe1000000
	.long	0xf8000000
	.long	0x98000000
	.long	0x11000000
	.long	0x69000000
	.long	0xd9000000
	.long	0x8e000000
	.long	0x94000000
	.long	0x9b000000
	.long	0x1e000000
	.long	0x87000000
	.long	0xe9000000
	.long	0xce000000
	.long	0x55000000
	.long	0x28000000
	.long	0xdf000000
	.long	0x8c000000
	.long	0xa1000000
	.long	0x89000000
	.long	0x0d000000
	.long	0xbf000000
	.long	0xe6000000
	.long	0x42000000
	.long	0x68000000
	.long	0x41000000
	.long	0x99000000
	.long	0x2d000000
	.long	0x0f000000
	.long	0xb0000000
	.long	0x54000000
	.long	0xbb000000
	.long	0x16000000


// InvSubBytes embedded in words tables.
	.globl	_AESInvSubBytesWordTable
	.private_extern	_AESInvSubBytesWordTable
	.align	2
_AESInvSubBytesWordTable:
	// Table 0.
	.long	0x00000052
	.long	0x00000009
	.long	0x0000006a
	.long	0x000000d5
	.long	0x00000030
	.long	0x00000036
	.long	0x000000a5
	.long	0x00000038
	.long	0x000000bf
	.long	0x00000040
	.long	0x000000a3
	.long	0x0000009e
	.long	0x00000081
	.long	0x000000f3
	.long	0x000000d7
	.long	0x000000fb
	.long	0x0000007c
	.long	0x000000e3
	.long	0x00000039
	.long	0x00000082
	.long	0x0000009b
	.long	0x0000002f
	.long	0x000000ff
	.long	0x00000087
	.long	0x00000034
	.long	0x0000008e
	.long	0x00000043
	.long	0x00000044
	.long	0x000000c4
	.long	0x000000de
	.long	0x000000e9
	.long	0x000000cb
	.long	0x00000054
	.long	0x0000007b
	.long	0x00000094
	.long	0x00000032
	.long	0x000000a6
	.long	0x000000c2
	.long	0x00000023
	.long	0x0000003d
	.long	0x000000ee
	.long	0x0000004c
	.long	0x00000095
	.long	0x0000000b
	.long	0x00000042
	.long	0x000000fa
	.long	0x000000c3
	.long	0x0000004e
	.long	0x00000008
	.long	0x0000002e
	.long	0x000000a1
	.long	0x00000066
	.long	0x00000028
	.long	0x000000d9
	.long	0x00000024
	.long	0x000000b2
	.long	0x00000076
	.long	0x0000005b
	.long	0x000000a2
	.long	0x00000049
	.long	0x0000006d
	.long	0x0000008b
	.long	0x000000d1
	.long	0x00000025
	.long	0x00000072
	.long	0x000000f8
	.long	0x000000f6
	.long	0x00000064
	.long	0x00000086
	.long	0x00000068
	.long	0x00000098
	.long	0x00000016
	.long	0x000000d4
	.long	0x000000a4
	.long	0x0000005c
	.long	0x000000cc
	.long	0x0000005d
	.long	0x00000065
	.long	0x000000b6
	.long	0x00000092
	.long	0x0000006c
	.long	0x00000070
	.long	0x00000048
	.long	0x00000050
	.long	0x000000fd
	.long	0x000000ed
	.long	0x000000b9
	.long	0x000000da
	.long	0x0000005e
	.long	0x00000015
	.long	0x00000046
	.long	0x00000057
	.long	0x000000a7
	.long	0x0000008d
	.long	0x0000009d
	.long	0x00000084
	.long	0x00000090
	.long	0x000000d8
	.long	0x000000ab
	.long	0x00000000
	.long	0x0000008c
	.long	0x000000bc
	.long	0x000000d3
	.long	0x0000000a
	.long	0x000000f7
	.long	0x000000e4
	.long	0x00000058
	.long	0x00000005
	.long	0x000000b8
	.long	0x000000b3
	.long	0x00000045
	.long	0x00000006
	.long	0x000000d0
	.long	0x0000002c
	.long	0x0000001e
	.long	0x0000008f
	.long	0x000000ca
	.long	0x0000003f
	.long	0x0000000f
	.long	0x00000002
	.long	0x000000c1
	.long	0x000000af
	.long	0x000000bd
	.long	0x00000003
	.long	0x00000001
	.long	0x00000013
	.long	0x0000008a
	.long	0x0000006b
	.long	0x0000003a
	.long	0x00000091
	.long	0x00000011
	.long	0x00000041
	.long	0x0000004f
	.long	0x00000067
	.long	0x000000dc
	.long	0x000000ea
	.long	0x00000097
	.long	0x000000f2
	.long	0x000000cf
	.long	0x000000ce
	.long	0x000000f0
	.long	0x000000b4
	.long	0x000000e6
	.long	0x00000073
	.long	0x00000096
	.long	0x000000ac
	.long	0x00000074
	.long	0x00000022
	.long	0x000000e7
	.long	0x000000ad
	.long	0x00000035
	.long	0x00000085
	.long	0x000000e2
	.long	0x000000f9
	.long	0x00000037
	.long	0x000000e8
	.long	0x0000001c
	.long	0x00000075
	.long	0x000000df
	.long	0x0000006e
	.long	0x00000047
	.long	0x000000f1
	.long	0x0000001a
	.long	0x00000071
	.long	0x0000001d
	.long	0x00000029
	.long	0x000000c5
	.long	0x00000089
	.long	0x0000006f
	.long	0x000000b7
	.long	0x00000062
	.long	0x0000000e
	.long	0x000000aa
	.long	0x00000018
	.long	0x000000be
	.long	0x0000001b
	.long	0x000000fc
	.long	0x00000056
	.long	0x0000003e
	.long	0x0000004b
	.long	0x000000c6
	.long	0x000000d2
	.long	0x00000079
	.long	0x00000020
	.long	0x0000009a
	.long	0x000000db
	.long	0x000000c0
	.long	0x000000fe
	.long	0x00000078
	.long	0x000000cd
	.long	0x0000005a
	.long	0x000000f4
	.long	0x0000001f
	.long	0x000000dd
	.long	0x000000a8
	.long	0x00000033
	.long	0x00000088
	.long	0x00000007
	.long	0x000000c7
	.long	0x00000031
	.long	0x000000b1
	.long	0x00000012
	.long	0x00000010
	.long	0x00000059
	.long	0x00000027
	.long	0x00000080
	.long	0x000000ec
	.long	0x0000005f
	.long	0x00000060
	.long	0x00000051
	.long	0x0000007f
	.long	0x000000a9
	.long	0x00000019
	.long	0x000000b5
	.long	0x0000004a
	.long	0x0000000d
	.long	0x0000002d
	.long	0x000000e5
	.long	0x0000007a
	.long	0x0000009f
	.long	0x00000093
	.long	0x000000c9
	.long	0x0000009c
	.long	0x000000ef
	.long	0x000000a0
	.long	0x000000e0
	.long	0x0000003b
	.long	0x0000004d
	.long	0x000000ae
	.long	0x0000002a
	.long	0x000000f5
	.long	0x000000b0
	.long	0x000000c8
	.long	0x000000eb
	.long	0x000000bb
	.long	0x0000003c
	.long	0x00000083
	.long	0x00000053
	.long	0x00000099
	.long	0x00000061
	.long	0x00000017
	.long	0x0000002b
	.long	0x00000004
	.long	0x0000007e
	.long	0x000000ba
	.long	0x00000077
	.long	0x000000d6
	.long	0x00000026
	.long	0x000000e1
	.long	0x00000069
	.long	0x00000014
	.long	0x00000063
	.long	0x00000055
	.long	0x00000021
	.long	0x0000000c
	.long	0x0000007d
	// Table 1.
	.long	0x00005200
	.long	0x00000900
	.long	0x00006a00
	.long	0x0000d500
	.long	0x00003000
	.long	0x00003600
	.long	0x0000a500
	.long	0x00003800
	.long	0x0000bf00
	.long	0x00004000
	.long	0x0000a300
	.long	0x00009e00
	.long	0x00008100
	.long	0x0000f300
	.long	0x0000d700
	.long	0x0000fb00
	.long	0x00007c00
	.long	0x0000e300
	.long	0x00003900
	.long	0x00008200
	.long	0x00009b00
	.long	0x00002f00
	.long	0x0000ff00
	.long	0x00008700
	.long	0x00003400
	.long	0x00008e00
	.long	0x00004300
	.long	0x00004400
	.long	0x0000c400
	.long	0x0000de00
	.long	0x0000e900
	.long	0x0000cb00
	.long	0x00005400
	.long	0x00007b00
	.long	0x00009400
	.long	0x00003200
	.long	0x0000a600
	.long	0x0000c200
	.long	0x00002300
	.long	0x00003d00
	.long	0x0000ee00
	.long	0x00004c00
	.long	0x00009500
	.long	0x00000b00
	.long	0x00004200
	.long	0x0000fa00
	.long	0x0000c300
	.long	0x00004e00
	.long	0x00000800
	.long	0x00002e00
	.long	0x0000a100
	.long	0x00006600
	.long	0x00002800
	.long	0x0000d900
	.long	0x00002400
	.long	0x0000b200
	.long	0x00007600
	.long	0x00005b00
	.long	0x0000a200
	.long	0x00004900
	.long	0x00006d00
	.long	0x00008b00
	.long	0x0000d100
	.long	0x00002500
	.long	0x00007200
	.long	0x0000f800
	.long	0x0000f600
	.long	0x00006400
	.long	0x00008600
	.long	0x00006800
	.long	0x00009800
	.long	0x00001600
	.long	0x0000d400
	.long	0x0000a400
	.long	0x00005c00
	.long	0x0000cc00
	.long	0x00005d00
	.long	0x00006500
	.long	0x0000b600
	.long	0x00009200
	.long	0x00006c00
	.long	0x00007000
	.long	0x00004800
	.long	0x00005000
	.long	0x0000fd00
	.long	0x0000ed00
	.long	0x0000b900
	.long	0x0000da00
	.long	0x00005e00
	.long	0x00001500
	.long	0x00004600
	.long	0x00005700
	.long	0x0000a700
	.long	0x00008d00
	.long	0x00009d00
	.long	0x00008400
	.long	0x00009000
	.long	0x0000d800
	.long	0x0000ab00
	.long	0x00000000
	.long	0x00008c00
	.long	0x0000bc00
	.long	0x0000d300
	.long	0x00000a00
	.long	0x0000f700
	.long	0x0000e400
	.long	0x00005800
	.long	0x00000500
	.long	0x0000b800
	.long	0x0000b300
	.long	0x00004500
	.long	0x00000600
	.long	0x0000d000
	.long	0x00002c00
	.long	0x00001e00
	.long	0x00008f00
	.long	0x0000ca00
	.long	0x00003f00
	.long	0x00000f00
	.long	0x00000200
	.long	0x0000c100
	.long	0x0000af00
	.long	0x0000bd00
	.long	0x00000300
	.long	0x00000100
	.long	0x00001300
	.long	0x00008a00
	.long	0x00006b00
	.long	0x00003a00
	.long	0x00009100
	.long	0x00001100
	.long	0x00004100
	.long	0x00004f00
	.long	0x00006700
	.long	0x0000dc00
	.long	0x0000ea00
	.long	0x00009700
	.long	0x0000f200
	.long	0x0000cf00
	.long	0x0000ce00
	.long	0x0000f000
	.long	0x0000b400
	.long	0x0000e600
	.long	0x00007300
	.long	0x00009600
	.long	0x0000ac00
	.long	0x00007400
	.long	0x00002200
	.long	0x0000e700
	.long	0x0000ad00
	.long	0x00003500
	.long	0x00008500
	.long	0x0000e200
	.long	0x0000f900
	.long	0x00003700
	.long	0x0000e800
	.long	0x00001c00
	.long	0x00007500
	.long	0x0000df00
	.long	0x00006e00
	.long	0x00004700
	.long	0x0000f100
	.long	0x00001a00
	.long	0x00007100
	.long	0x00001d00
	.long	0x00002900
	.long	0x0000c500
	.long	0x00008900
	.long	0x00006f00
	.long	0x0000b700
	.long	0x00006200
	.long	0x00000e00
	.long	0x0000aa00
	.long	0x00001800
	.long	0x0000be00
	.long	0x00001b00
	.long	0x0000fc00
	.long	0x00005600
	.long	0x00003e00
	.long	0x00004b00
	.long	0x0000c600
	.long	0x0000d200
	.long	0x00007900
	.long	0x00002000
	.long	0x00009a00
	.long	0x0000db00
	.long	0x0000c000
	.long	0x0000fe00
	.long	0x00007800
	.long	0x0000cd00
	.long	0x00005a00
	.long	0x0000f400
	.long	0x00001f00
	.long	0x0000dd00
	.long	0x0000a800
	.long	0x00003300
	.long	0x00008800
	.long	0x00000700
	.long	0x0000c700
	.long	0x00003100
	.long	0x0000b100
	.long	0x00001200
	.long	0x00001000
	.long	0x00005900
	.long	0x00002700
	.long	0x00008000
	.long	0x0000ec00
	.long	0x00005f00
	.long	0x00006000
	.long	0x00005100
	.long	0x00007f00
	.long	0x0000a900
	.long	0x00001900
	.long	0x0000b500
	.long	0x00004a00
	.long	0x00000d00
	.long	0x00002d00
	.long	0x0000e500
	.long	0x00007a00
	.long	0x00009f00
	.long	0x00009300
	.long	0x0000c900
	.long	0x00009c00
	.long	0x0000ef00
	.long	0x0000a000
	.long	0x0000e000
	.long	0x00003b00
	.long	0x00004d00
	.long	0x0000ae00
	.long	0x00002a00
	.long	0x0000f500
	.long	0x0000b000
	.long	0x0000c800
	.long	0x0000eb00
	.long	0x0000bb00
	.long	0x00003c00
	.long	0x00008300
	.long	0x00005300
	.long	0x00009900
	.long	0x00006100
	.long	0x00001700
	.long	0x00002b00
	.long	0x00000400
	.long	0x00007e00
	.long	0x0000ba00
	.long	0x00007700
	.long	0x0000d600
	.long	0x00002600
	.long	0x0000e100
	.long	0x00006900
	.long	0x00001400
	.long	0x00006300
	.long	0x00005500
	.long	0x00002100
	.long	0x00000c00
	.long	0x00007d00
	// Table 2.
	.long	0x00520000
	.long	0x00090000
	.long	0x006a0000
	.long	0x00d50000
	.long	0x00300000
	.long	0x00360000
	.long	0x00a50000
	.long	0x00380000
	.long	0x00bf0000
	.long	0x00400000
	.long	0x00a30000
	.long	0x009e0000
	.long	0x00810000
	.long	0x00f30000
	.long	0x00d70000
	.long	0x00fb0000
	.long	0x007c0000
	.long	0x00e30000
	.long	0x00390000
	.long	0x00820000
	.long	0x009b0000
	.long	0x002f0000
	.long	0x00ff0000
	.long	0x00870000
	.long	0x00340000
	.long	0x008e0000
	.long	0x00430000
	.long	0x00440000
	.long	0x00c40000
	.long	0x00de0000
	.long	0x00e90000
	.long	0x00cb0000
	.long	0x00540000
	.long	0x007b0000
	.long	0x00940000
	.long	0x00320000
	.long	0x00a60000
	.long	0x00c20000
	.long	0x00230000
	.long	0x003d0000
	.long	0x00ee0000
	.long	0x004c0000
	.long	0x00950000
	.long	0x000b0000
	.long	0x00420000
	.long	0x00fa0000
	.long	0x00c30000
	.long	0x004e0000
	.long	0x00080000
	.long	0x002e0000
	.long	0x00a10000
	.long	0x00660000
	.long	0x00280000
	.long	0x00d90000
	.long	0x00240000
	.long	0x00b20000
	.long	0x00760000
	.long	0x005b0000
	.long	0x00a20000
	.long	0x00490000
	.long	0x006d0000
	.long	0x008b0000
	.long	0x00d10000
	.long	0x00250000
	.long	0x00720000
	.long	0x00f80000
	.long	0x00f60000
	.long	0x00640000
	.long	0x00860000
	.long	0x00680000
	.long	0x00980000
	.long	0x00160000
	.long	0x00d40000
	.long	0x00a40000
	.long	0x005c0000
	.long	0x00cc0000
	.long	0x005d0000
	.long	0x00650000
	.long	0x00b60000
	.long	0x00920000
	.long	0x006c0000
	.long	0x00700000
	.long	0x00480000
	.long	0x00500000
	.long	0x00fd0000
	.long	0x00ed0000
	.long	0x00b90000
	.long	0x00da0000
	.long	0x005e0000
	.long	0x00150000
	.long	0x00460000
	.long	0x00570000
	.long	0x00a70000
	.long	0x008d0000
	.long	0x009d0000
	.long	0x00840000
	.long	0x00900000
	.long	0x00d80000
	.long	0x00ab0000
	.long	0x00000000
	.long	0x008c0000
	.long	0x00bc0000
	.long	0x00d30000
	.long	0x000a0000
	.long	0x00f70000
	.long	0x00e40000
	.long	0x00580000
	.long	0x00050000
	.long	0x00b80000
	.long	0x00b30000
	.long	0x00450000
	.long	0x00060000
	.long	0x00d00000
	.long	0x002c0000
	.long	0x001e0000
	.long	0x008f0000
	.long	0x00ca0000
	.long	0x003f0000
	.long	0x000f0000
	.long	0x00020000
	.long	0x00c10000
	.long	0x00af0000
	.long	0x00bd0000
	.long	0x00030000
	.long	0x00010000
	.long	0x00130000
	.long	0x008a0000
	.long	0x006b0000
	.long	0x003a0000
	.long	0x00910000
	.long	0x00110000
	.long	0x00410000
	.long	0x004f0000
	.long	0x00670000
	.long	0x00dc0000
	.long	0x00ea0000
	.long	0x00970000
	.long	0x00f20000
	.long	0x00cf0000
	.long	0x00ce0000
	.long	0x00f00000
	.long	0x00b40000
	.long	0x00e60000
	.long	0x00730000
	.long	0x00960000
	.long	0x00ac0000
	.long	0x00740000
	.long	0x00220000
	.long	0x00e70000
	.long	0x00ad0000
	.long	0x00350000
	.long	0x00850000
	.long	0x00e20000
	.long	0x00f90000
	.long	0x00370000
	.long	0x00e80000
	.long	0x001c0000
	.long	0x00750000
	.long	0x00df0000
	.long	0x006e0000
	.long	0x00470000
	.long	0x00f10000
	.long	0x001a0000
	.long	0x00710000
	.long	0x001d0000
	.long	0x00290000
	.long	0x00c50000
	.long	0x00890000
	.long	0x006f0000
	.long	0x00b70000
	.long	0x00620000
	.long	0x000e0000
	.long	0x00aa0000
	.long	0x00180000
	.long	0x00be0000
	.long	0x001b0000
	.long	0x00fc0000
	.long	0x00560000
	.long	0x003e0000
	.long	0x004b0000
	.long	0x00c60000
	.long	0x00d20000
	.long	0x00790000
	.long	0x00200000
	.long	0x009a0000
	.long	0x00db0000
	.long	0x00c00000
	.long	0x00fe0000
	.long	0x00780000
	.long	0x00cd0000
	.long	0x005a0000
	.long	0x00f40000
	.long	0x001f0000
	.long	0x00dd0000
	.long	0x00a80000
	.long	0x00330000
	.long	0x00880000
	.long	0x00070000
	.long	0x00c70000
	.long	0x00310000
	.long	0x00b10000
	.long	0x00120000
	.long	0x00100000
	.long	0x00590000
	.long	0x00270000
	.long	0x00800000
	.long	0x00ec0000
	.long	0x005f0000
	.long	0x00600000
	.long	0x00510000
	.long	0x007f0000
	.long	0x00a90000
	.long	0x00190000
	.long	0x00b50000
	.long	0x004a0000
	.long	0x000d0000
	.long	0x002d0000
	.long	0x00e50000
	.long	0x007a0000
	.long	0x009f0000
	.long	0x00930000
	.long	0x00c90000
	.long	0x009c0000
	.long	0x00ef0000
	.long	0x00a00000
	.long	0x00e00000
	.long	0x003b0000
	.long	0x004d0000
	.long	0x00ae0000
	.long	0x002a0000
	.long	0x00f50000
	.long	0x00b00000
	.long	0x00c80000
	.long	0x00eb0000
	.long	0x00bb0000
	.long	0x003c0000
	.long	0x00830000
	.long	0x00530000
	.long	0x00990000
	.long	0x00610000
	.long	0x00170000
	.long	0x002b0000
	.long	0x00040000
	.long	0x007e0000
	.long	0x00ba0000
	.long	0x00770000
	.long	0x00d60000
	.long	0x00260000
	.long	0x00e10000
	.long	0x00690000
	.long	0x00140000
	.long	0x00630000
	.long	0x00550000
	.long	0x00210000
	.long	0x000c0000
	.long	0x007d0000
	// Table 3.
	.long	0x52000000
	.long	0x09000000
	.long	0x6a000000
	.long	0xd5000000
	.long	0x30000000
	.long	0x36000000
	.long	0xa5000000
	.long	0x38000000
	.long	0xbf000000
	.long	0x40000000
	.long	0xa3000000
	.long	0x9e000000
	.long	0x81000000
	.long	0xf3000000
	.long	0xd7000000
	.long	0xfb000000
	.long	0x7c000000
	.long	0xe3000000
	.long	0x39000000
	.long	0x82000000
	.long	0x9b000000
	.long	0x2f000000
	.long	0xff000000
	.long	0x87000000
	.long	0x34000000
	.long	0x8e000000
	.long	0x43000000
	.long	0x44000000
	.long	0xc4000000
	.long	0xde000000
	.long	0xe9000000
	.long	0xcb000000
	.long	0x54000000
	.long	0x7b000000
	.long	0x94000000
	.long	0x32000000
	.long	0xa6000000
	.long	0xc2000000
	.long	0x23000000
	.long	0x3d000000
	.long	0xee000000
	.long	0x4c000000
	.long	0x95000000
	.long	0x0b000000
	.long	0x42000000
	.long	0xfa000000
	.long	0xc3000000
	.long	0x4e000000
	.long	0x08000000
	.long	0x2e000000
	.long	0xa1000000
	.long	0x66000000
	.long	0x28000000
	.long	0xd9000000
	.long	0x24000000
	.long	0xb2000000
	.long	0x76000000
	.long	0x5b000000
	.long	0xa2000000
	.long	0x49000000
	.long	0x6d000000
	.long	0x8b000000
	.long	0xd1000000
	.long	0x25000000
	.long	0x72000000
	.long	0xf8000000
	.long	0xf6000000
	.long	0x64000000
	.long	0x86000000
	.long	0x68000000
	.long	0x98000000
	.long	0x16000000
	.long	0xd4000000
	.long	0xa4000000
	.long	0x5c000000
	.long	0xcc000000
	.long	0x5d000000
	.long	0x65000000
	.long	0xb6000000
	.long	0x92000000
	.long	0x6c000000
	.long	0x70000000
	.long	0x48000000
	.long	0x50000000
	.long	0xfd000000
	.long	0xed000000
	.long	0xb9000000
	.long	0xda000000
	.long	0x5e000000
	.long	0x15000000
	.long	0x46000000
	.long	0x57000000
	.long	0xa7000000
	.long	0x8d000000
	.long	0x9d000000
	.long	0x84000000
	.long	0x90000000
	.long	0xd8000000
	.long	0xab000000
	.long	0x00000000
	.long	0x8c000000
	.long	0xbc000000
	.long	0xd3000000
	.long	0x0a000000
	.long	0xf7000000
	.long	0xe4000000
	.long	0x58000000
	.long	0x05000000
	.long	0xb8000000
	.long	0xb3000000
	.long	0x45000000
	.long	0x06000000
	.long	0xd0000000
	.long	0x2c000000
	.long	0x1e000000
	.long	0x8f000000
	.long	0xca000000
	.long	0x3f000000
	.long	0x0f000000
	.long	0x02000000
	.long	0xc1000000
	.long	0xaf000000
	.long	0xbd000000
	.long	0x03000000
	.long	0x01000000
	.long	0x13000000
	.long	0x8a000000
	.long	0x6b000000
	.long	0x3a000000
	.long	0x91000000
	.long	0x11000000
	.long	0x41000000
	.long	0x4f000000
	.long	0x67000000
	.long	0xdc000000
	.long	0xea000000
	.long	0x97000000
	.long	0xf2000000
	.long	0xcf000000
	.long	0xce000000
	.long	0xf0000000
	.long	0xb4000000
	.long	0xe6000000
	.long	0x73000000
	.long	0x96000000
	.long	0xac000000
	.long	0x74000000
	.long	0x22000000
	.long	0xe7000000
	.long	0xad000000
	.long	0x35000000
	.long	0x85000000
	.long	0xe2000000
	.long	0xf9000000
	.long	0x37000000
	.long	0xe8000000
	.long	0x1c000000
	.long	0x75000000
	.long	0xdf000000
	.long	0x6e000000
	.long	0x47000000
	.long	0xf1000000
	.long	0x1a000000
	.long	0x71000000
	.long	0x1d000000
	.long	0x29000000
	.long	0xc5000000
	.long	0x89000000
	.long	0x6f000000
	.long	0xb7000000
	.long	0x62000000
	.long	0x0e000000
	.long	0xaa000000
	.long	0x18000000
	.long	0xbe000000
	.long	0x1b000000
	.long	0xfc000000
	.long	0x56000000
	.long	0x3e000000
	.long	0x4b000000
	.long	0xc6000000
	.long	0xd2000000
	.long	0x79000000
	.long	0x20000000
	.long	0x9a000000
	.long	0xdb000000
	.long	0xc0000000
	.long	0xfe000000
	.long	0x78000000
	.long	0xcd000000
	.long	0x5a000000
	.long	0xf4000000
	.long	0x1f000000
	.long	0xdd000000
	.long	0xa8000000
	.long	0x33000000
	.long	0x88000000
	.long	0x07000000
	.long	0xc7000000
	.long	0x31000000
	.long	0xb1000000
	.long	0x12000000
	.long	0x10000000
	.long	0x59000000
	.long	0x27000000
	.long	0x80000000
	.long	0xec000000
	.long	0x5f000000
	.long	0x60000000
	.long	0x51000000
	.long	0x7f000000
	.long	0xa9000000
	.long	0x19000000
	.long	0xb5000000
	.long	0x4a000000
	.long	0x0d000000
	.long	0x2d000000
	.long	0xe5000000
	.long	0x7a000000
	.long	0x9f000000
	.long	0x93000000
	.long	0xc9000000
	.long	0x9c000000
	.long	0xef000000
	.long	0xa0000000
	.long	0xe0000000
	.long	0x3b000000
	.long	0x4d000000
	.long	0xae000000
	.long	0x2a000000
	.long	0xf5000000
	.long	0xb0000000
	.long	0xc8000000
	.long	0xeb000000
	.long	0xbb000000
	.long	0x3c000000
	.long	0x83000000
	.long	0x53000000
	.long	0x99000000
	.long	0x61000000
	.long	0x17000000
	.long	0x2b000000
	.long	0x04000000
	.long	0x7e000000
	.long	0xba000000
	.long	0x77000000
	.long	0xd6000000
	.long	0x26000000
	.long	0xe1000000
	.long	0x69000000
	.long	0x14000000
	.long	0x63000000
	.long	0x55000000
	.long	0x21000000
	.long	0x0c000000
	.long	0x7d000000

Added Source/AESedp/Intel/DecryptCBC.s.













































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
#include "../AESAssembly.h"


// Generate object code only if this implementation has been requested.
#if defined UseAESedp_IntelAssembly


/*	AESDecryptCBC.s -- Decrypt blocks with AES in Cipher Block Chaining mode.

	Written by Eric Postpischil, January 24, 2008.
*/


/*	Define a macro to select a value based on architecture.  This reduces
	some of the architecture conditionalization later in the source.
*/
#if defined __i386__
	#define	Arch(i386, x86_64)	i386
#elif defined __x86_64__
	#define	Arch(i386, x86_64)	x86_64
#endif


/*	Rename the general registers.  This makes it easier to keep track of them
	and provides names for the "whole register" that are uniform between i386
	and x86_64.
*/
#if defined __i386__
	#define	r0	%eax	// Available for any use.
	#define	r1	%ecx	// Available for any use, some special purposes (loop).
	#define	r2	%edx	// Available for any use.
	#define	r3	%ebx	// Must be preserved by called routine.
	#define	r4	%esp	// Stack pointer.
	#define	r5	%ebp	// Frame pointer, must preserve, no bare indirect.
	#define	r6	%esi	// Must be preserved by called routine.
	#define	r7	%edi	// Must be preserved by called routine.
#elif defined __x86_64__
	#define	r0	%rax	// Available for any use.
	#define	r1	%rcx	// Available for any use.
	#define	r2	%rdx	// Available for any use.
	#define	r3	%rbx	// Must be preserved by called routine.
	#define	r4	%rsp	// Stack pointer.
	#define	r5	%rbp	// Frame pointer.  Must be preserved by called routine.
	#define	r6	%rsi	// Available for any use.
	#define	r7	%rdi	// Available for any use.
	#define	r8	%r8		// Available for any use.
	#define	r9	%r9		// Available for any use.
	#define	r10	%r10	// Available for any use.
	#define	r11	%r11	// Available for any use.
	#define	r12	%r12	// Must be preserved by called routine.
	#define	r13	%r13	// Must be preserved by called routine.
	#define	r14	%r14	// Must be preserved by called routine.
	#define	r15	%r15	// Must be preserved by called routine.
#else
	#error "Unknown architecture."
#endif


/*	Routine:

		_AESDecryptCBC.

	Function:

		This routine uses _AESDecryptWithExpandedKey to decrypt blocks in
		Cipher Block Chaining mode, which requires chaining the AES state
		from block to block.  In CBC mode, each output block is (after the
		underlying decryption) XORed with the previous input block.  On the
		first iteration, the previous input block is supplied from a chain
		buffer.

	Input:

		void *O				// Output
		const void *I		// Input
		void *ChainBuffer	// Chain buffer / initial value.
		void *Key			// Expanded Key.
		long Blocks			// Number of 16-byte blocks to process.
		long Rounds			// Number of rounds.

	Output:

		Decrypted text is written to *O.

		The final input block is written to *ChainBuffer.
*/
	.globl _AESDecryptCBC
	.private_extern	_AESDecryptCBC
_AESDecryptCBC:

	// Push new stack frame.
	push	r5

	// Save registers.
	push	r3
	#if defined __i386__
		push	r6
		push	r7
		#define	RegisterSaveSize	(3*4)
	#elif defined __x86_64__
		push	r12
		push	r13
		push	r14
		push	r15
		#define	RegisterSaveSize	(5*8)
	#endif

/*	B is the number of bytes from the top of stack just before the instruction
	that called this routine to the top of stack after we push the frame
	pointer and other registers.  It provides information needed to align our
	stack frame.
*/
#define	B	(RegisterSaveSize + 2*Arch(4, 8))

/*	Allocate space on the stack for 16 bytes for the AES state, 16 bytes to
	save the chain value, and, on i386, 16 bytes for four four-byte arguments,
	and padding needed to produce 16-byte alignment.
*/
#define	LocalsSize	((16*2 + Arch(16, 0) + B + 15 & -16) - B)
#define	StackFrame	(LocalsSize + B)

/*	LocalState is the offset from the stack pointer to where we store the AES
 	state.
*/
#define	LocalState	Arch(16, 0)
#define	SavedChain	Arch(32, 16)	// Offset to saved chain value.

	#if 0 < LocalsSize
		sub		$LocalsSize, r4	// Allocate space on stack.
	#endif

// Non-volatile registers.
#define	I			r3
#define	O			r5
#define	Blocks		Arch(r6, r12)
#define	ChainBuffer	Arch(r7, r13)
#define	Rounds		Arch(Not used, r14)
#define	Key			Arch(Not used, r15)

// Volatile registers.
#define	t0			r0
#define	v0			%xmm0
#define	vState0		%xmm4

// Arguments passed to us.
#if defined __i386__
	// Define location of argument i.
	#define	Argument(i)	StackFrame+4*(i)(r4)
#endif
#define	ArgO			Arch(Argument(0), r7)
#define	ArgI			Arch(Argument(1), r6)
#define	ArgChainBuffer	Arch(Argument(2), r2)
#define	ArgKey			Arch(Argument(3), r1)
#define	ArgBlocks		Arch(Argument(4), r8)
#define	ArgRounds		Arch(Argument(5), r9)

	/*	Get some arguments.  We need to move these from the stack (on i386)
		or volatile registers (on x86_64) to non-volatile registers where we
		can use them and keep them during calls to a subroutine.
	*/
	mov		ArgO, O
	mov		ArgI, I
	mov		ArgChainBuffer, ChainBuffer
	mov		ArgBlocks, Blocks

	// Convert Blocks from number of blocks to displacement in bytes.
	imul	$16, Blocks
	je		done	// Leave if we were given zero blocks.

	// Save last input block to write to ChainBuffer later.
	movupd	-16(I, Blocks), v0
	movapd	v0, SavedChain(r4)

	#if defined __i386__

		// Put arguments we will pass on stack.
		mov		ArgRounds, t0
		mov		t0,    3*4(r4)

		mov		ArgKey, t0
		mov		t0,    2*4(r4)

		lea		LocalState(r4), t0
		mov		t0,    0*4(r4)

	#else

		// Put arguments we will pass into non-volatile registers.
		mov		ArgRounds, Rounds
		mov		ArgKey,    Key

	#endif

	add		$-16, Blocks

	jle		2f			// Skip main loop if there was only one block.

// Main loop.
1:
	#if defined __i386__

		// Pass address of current input block.
		lea		(I, Blocks), t0
		mov		t0, 1*4(r4)

	#else

		// Pass arguments to subroutine.
		#define	PassedRounds	r1
		#define	PassedKey		r2
		#define	PassedInput		r6
		#define	PassedOutput	r7
		mov		Rounds,         PassedRounds
		mov		Key,            PassedKey
		lea		(I, Blocks),    PassedInput
		lea		LocalState(r4), PassedOutput

	#endif

	// Decrypt state.
	call	_AESDecryptWithExpandedKey

	// XOR decrypted block with previous chain value.
	movapd	LocalState(r4), vState0
	movupd	-16(I, Blocks), v0
	pxor	v0, vState0

	// Write to output.
	movupd	vState0, 0*4(O, Blocks)

	add		$-16, Blocks

	jg		1b
2:

/*	First block is separate because it gets chain value from ChainBuffer
	rather than from the input stream.
*/
	#if defined __i386__

		// Pass address of current input block.
		lea		(I, Blocks), t0
		mov		t0, 1*4(r4)

	#else

		// Pass arguments to subroutine.
		#define	PassedRounds	r1
		#define	PassedKey		r2
		#define	PassedInput		r6
		#define	PassedOutput	r7
		mov		Rounds,         PassedRounds
		mov		Key,            PassedKey
		lea		(I, Blocks),    PassedInput
		lea		LocalState(r4), PassedOutput

	#endif

	// Decrypt state.
	call	_AESDecryptWithExpandedKey

	// XOR decrypted block with previous chain value.
	movapd	LocalState(r4), vState0
	movupd	(ChainBuffer), v0
	pxor	v0, vState0

	// Write to output.
	movupd	vState0, 0*4(O, Blocks)

	// Save state for chaining in future calls.
	movapd	SavedChain(r4), v0
	movupd	v0, (ChainBuffer)

done:
	// Pop stack and restore registers.
	#if 0 < LocalsSize
		add		$LocalsSize, r4
	#endif
	#if defined __i386__
		pop		r7
		pop		r6
	#elif defined __x86_64__
		pop		r15
		pop		r14
		pop		r13
		pop		r12
	#endif
	pop		r3
	pop		r5

	ret


#endif	// defined UseAESedp_IntelAssembly

Added Source/AESedp/Intel/EncryptCBC.s.





















































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
#include "../AESAssembly.h"


// Generate object code only if this implementation has been requested.
#if defined UseAESedp_IntelAssembly


/*	AESEncryptCBC.s -- Encrypt blocks with AES in Cipher Block Chaining mode.

	Written by Eric Postpischil, January 24, 2008.
*/


/*	Define a macro to select a value based on architecture.  This reduces
	some of the architecture conditionalization later in the source.
*/
#if defined __i386__
	#define	Arch(i386, x86_64)	i386
#elif defined __x86_64__
	#define	Arch(i386, x86_64)	x86_64
#endif


/*	Rename the general registers.  This makes it easier to keep track of them
	and provides names for the "whole register" that are uniform between i386
	and x86_64.
*/
#if defined __i386__
	#define	r0	%eax	// Available for any use.
	#define	r1	%ecx	// Available for any use, some special purposes (loop).
	#define	r2	%edx	// Available for any use.
	#define	r3	%ebx	// Must be preserved by called routine.
	#define	r4	%esp	// Stack pointer.
	#define	r5	%ebp	// Frame pointer, must preserve, no bare indirect.
	#define	r6	%esi	// Must be preserved by called routine.
	#define	r7	%edi	// Must be preserved by called routine.
#elif defined __x86_64__
	#define	r0	%rax	// Available for any use.
	#define	r1	%rcx	// Available for any use.
	#define	r2	%rdx	// Available for any use.
	#define	r3	%rbx	// Must be preserved by called routine.
	#define	r4	%rsp	// Stack pointer.
	#define	r5	%rbp	// Frame pointer.  Must be preserved by called routine.
	#define	r6	%rsi	// Available for any use.
	#define	r7	%rdi	// Available for any use.
	#define	r8	%r8		// Available for any use.
	#define	r9	%r9		// Available for any use.
	#define	r10	%r10	// Available for any use.
	#define	r11	%r11	// Available for any use.
	#define	r12	%r12	// Must be preserved by called routine.
	#define	r13	%r13	// Must be preserved by called routine.
	#define	r14	%r14	// Must be preserved by called routine.
	#define	r15	%r15	// Must be preserved by called routine.
#else
	#error "Unknown architecture."
#endif


/*	Routine:

		_AESEncryptCBC.

	Function:

		This routine uses _AESEncryptWithExpandedKey to encrypt blocks in
		Cipher Block Chaining mode, which requires chaining the AES state
		from block to block.  In CBC mode, an initial block is XORed with the
		first input block, and then each output block is XORed with the next
		input block.

	Input:

		void *O				// Output
		const void *I		// Input
		void *ChainBuffer	// Chain buffer / initial value.
		void *Key			// Expanded Key.
		long Blocks			// Number of 16-byte blocks to process.
		long Rounds			// Number of rounds.

	Output:

		Encrypted text is written to *O.

		The final output block is written to *ChainBuffer.
*/
	.globl _AESEncryptCBC
	.private_extern	_AESEncryptCBC
_AESEncryptCBC:

	// Push new stack frame.
	push	r5

	// Save registers.
	push	r3
	#if defined __i386__
		push	r6
		push	r7
		#define	RegisterSaveSize	(3*4)
	#elif defined __x86_64__
		push	r12
		push	r13
		push	r14
		push	r15
		#define	RegisterSaveSize	(5*8)
	#endif

/*	B is the number of bytes from the top of stack just before the instruction
	that called this routine to the top of stack after we push the frame
	pointer and other registers.  It provides information needed to align our
	stack frame.
*/
#define	B	(RegisterSaveSize + 2*Arch(4, 8))

/*	Allocate space on the stack for 16 bytes for the AES state and, on i386,
	16 bytes for four four-byte arguments, and padding needed to produce
	16-byte alignment.
*/
#define	LocalsSize	((16 + Arch(16, 0) + B + 15 & -16) - B)
#define	StackFrame	(LocalsSize + B)

/*	LocalState is the offset from the stack pointer to where we store the AES
 	state.
*/
#define	LocalState	Arch(16, 0)

	#if 0 < LocalsSize
		sub		$LocalsSize, r4	// Allocate space on stack.
	#endif

// Non-volatile registers.
#define	I			r3
#define	O			r5
#define	Blocks		Arch(r6, r12)
#define	ChainBuffer	Arch(r7, r13)
#define	Rounds		Arch(Not used, r14)
#define	Key			Arch(Not used, r15)

// Volatile registers.
#define	t0			r0
#define	v0			%xmm0
#define	v1			%xmm1
#define	v2			%xmm2
#define	v3			%xmm3
#define	vState0		%xmm4
#define	vState1		%xmm5
#define	vState2		%xmm6
#define	vState3		%xmm7

// Arguments passed to us.
#if defined __i386__
	// Define location of argument i.
	#define	Argument(i)	StackFrame+4*(i)(r4)
#endif
#define	ArgO			Arch(Argument(0), r7)
#define	ArgI			Arch(Argument(1), r6)
#define	ArgChainBuffer	Arch(Argument(2), r2)
#define	ArgKey			Arch(Argument(3), r1)
#define	ArgBlocks		Arch(Argument(4), r8)
#define	ArgRounds		Arch(Argument(5), r9)

	/*	Get some arguments.  We need to move these from the stack (on i386)
		or volatile registers (on x86_64) to non-volatile registers where we
		can use them and keep them during calls to a subroutine.
	*/
	mov		ArgO, O
	mov		ArgI, I
	mov		ArgChainBuffer, ChainBuffer
	mov		ArgBlocks, Blocks

	// Read the initial value from the chain buffer.
	movd	0*4(ChainBuffer), vState0
	movd	1*4(ChainBuffer), vState1
	movd	2*4(ChainBuffer), vState2
	movd	3*4(ChainBuffer), vState3

	/*	Convert Blocks from number of blocks to displacement in bytes from
		end of input to current input location.  (We will increment it from
		iteration to iteration.  When it reaches zero, we are done.)
	*/
	imul	$-16, Blocks
	je		done	// Leave if we were given zero blocks.

	// Adjust input and output pointers to use ends as base addresses.
	sub		Blocks, I
	sub		Blocks, O

	#if defined __i386__

		// Put arguments we will pass on stack.
		mov		ArgRounds, t0
		mov		t0,    3*4(r4)

		mov		ArgKey, t0
		mov		t0,    2*4(r4)

		lea		LocalState(r4), t0
		mov		t0,    1*4(r4)
		mov		t0,    0*4(r4)

	#else

		// Put arguments we will pass into non-volatile registers.
		mov		ArgRounds, Rounds
		mov		ArgKey,    Key

	#endif

1:
	// Read next input block.
	movd	0*4(I, Blocks), v0
	movd	1*4(I, Blocks), v1
	movd	2*4(I, Blocks), v2
	movd	3*4(I, Blocks), v3

	// Chain block with state.
	pxor	v0, vState0
	pxor	v1, vState1
	pxor	v2, vState2
	pxor	v3, vState3

	// Store state for passing to encryption routine.
	movd	vState0, 0*4+LocalState(r4)
	movd	vState1, 1*4+LocalState(r4)
	movd	vState2, 2*4+LocalState(r4)
	movd	vState3, 3*4+LocalState(r4)

	#if defined __x86_64__

		// Pass arguments to subroutine.
		#define	PassedRounds	r1
		#define	PassedKey		r2
		#define	PassedInput		r6
		#define	PassedOutput	r7
		mov		Rounds,         PassedRounds
		mov		Key,            PassedKey
		lea		LocalState(r4), PassedInput
		lea		(O, Blocks),    PassedOutput

	#endif

	// Encrypt state.
	call	_AESEncryptWithExpandedKey

	#if defined __i386__

		// Get encrypted state.
		movd	0*4+LocalState(r4), vState0
		movd	1*4+LocalState(r4), vState1
		movd	2*4+LocalState(r4), vState2
		movd	3*4+LocalState(r4), vState3

		// Write to output.
		movd	vState0, 0*4(O, Blocks)
		movd	vState1, 1*4(O, Blocks)
		movd	vState2, 2*4(O, Blocks)
		movd	vState3, 3*4(O, Blocks)

	#else

		// Get output for chaining.
		movd	0*4(O, Blocks), vState0
		movd	1*4(O, Blocks), vState1
		movd	2*4(O, Blocks), vState2
		movd	3*4(O, Blocks), vState3

	#endif

	add		$16, Blocks

	jl		1b

	// Save state for chaining in future calls.
	movd	vState0, 0*4(ChainBuffer)
	movd	vState1, 1*4(ChainBuffer)
	movd	vState2, 2*4(ChainBuffer)
	movd	vState3, 3*4(ChainBuffer)

done:
	// Pop stack and restore registers.
	#if 0 < LocalsSize
		add		$LocalsSize, r4
	#endif
	#if defined __i386__
		pop		r7
		pop		r6
	#elif defined __x86_64__
		pop		r15
		pop		r14
		pop		r13
		pop		r12
	#endif
	pop		r3
	pop		r5

	ret


#endif	// defined UseAESedp_IntelAssembly

Added Source/AESedp/Intel/EncryptDecrypt.s.



















































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
/*	This file defines _AESEncryptWithExpandedKey or _AESDecryptWithExpandedKey,
	according to the value of the Select preprocessor symbol.  This file is
	designed to be included in another assembly file using the preprocessor
	#include directive, to benefit from some assembly-time calculations.

	These two routines are nearly identical.  They differ only in the tables
	they use, the direction they iterate through the key, and the permutation
	performed on part of the state.

	Written by Eric Postpischil, January 2008.
*/


#if Select == 0
	#define	Name		_AESEncryptWithExpandedKey	// Routine name.
	#define	MTable		_AESEncryptTable			// Main table.
	#define	FTable		_AESSubBytesWordTable		// Final table.
	#define	P0			S0							// State permutation.
	#define	P1			S1
	#define	P2			S2
	#define	P3			S3
	#define	Increment	+16							// ExpandedKey increment.
#elif Select == 1
	#define	Name		_AESDecryptWithExpandedKey	// Routine name.
	#define	MTable		_AESDecryptTable			// Main table.
	#define	FTable		_AESInvSubBytesWordTable	// Final table.
	#define	P0			S2							// State permutation.
	#define	P1			S3
	#define	P2			S0
	#define	P3			S1
	#define	Increment	-16							// ExpandedKey increment.
#endif	// Select


/*	Routine:

		_AESEncryptWithExpandedKey (if Select is 0) or
		_AESDecryptWithExpandedKey (if Select is 1).

	Function:

		Perform the AES cipher or its inverse as defined in Federal Information
		Processing Standards Publication 197 (FIPS-197), November 26, 2001.

		The inverse cipher here is the "Equivalent Inverse Cipher" in FIPS-197.

	Input:

		Constant data:
				
			For encryption:

				The following names must be locally defined so the assembler
				can calculate certain offsets.

				static const Word _AESEncryptTable[4][256].

					_AESEncryptTable[i] contains the tables T[i] defined in AES
					Proposal: Rijndael, version 2, 03/09/99, by Joan Daemen and
					Vincent Rijmen, section 5.2.1, page 18.  These tables
					combine the SubBytes and MixColumns operations.

				static const Word _AESSubBytesWordTable[256].

					_AESSubBytesWordTable[i][j] = SubBytes(j) << 8*i, where
					SubBytes is defined in FIPS-197.  _AESSubBytesWordTable
					differs from _AESEncryptTable in that it does not include
					the MixColumn operation.  It is used in performing the last
					round, which differs fromm the previous rounds in that it
					does not include the MixColumn operation.

			For decryption:

				static const Word _AESDecryptTable[4][256].

					The analog of _AESEncryptTable for decryption.

				static const Word _AESSubBytesWordTable[256].

					_AESInvSubBytesWordTable[i][j] = InvSubBytes(j) << 8*i,
					where InvSubBytes is defined in FIPS-197.
					_AESInvSubBytesWordTable differs from _AESDecryptTable in
					that it does not include the InvMixColumn operation.  It is
					used in performing the last round, which differs fromm the
					previous rounds in that it does not include the
					InvMixColumn operation.

		Arguments:

			Byte *OutputText.

				Address of output, 16 bytes.  Best if four-byte aligned.

			const Byte *InputText.

				Address of input, 16 bytes.  Best if four-byte aligned.

			const Byte *ExpandedKey.

				Address of expanded key, which has 4 * (Nr+1) bytes.  Best if
				four-byte aligned.

			int Nr

				Number of rounds.

	Output:

		Encrypted or decrypted data is written to *OutputText.
*/
	.globl Name
	.private_extern	Name
Name:

	// Push new stack frame.
	push	r5

	// Save registers and set RegisterSave size to the number of bytes used.
	push	r3
	#if defined __i386__
		push	r6
		push	r7
		#define	RegisterSaveSize	(3*4)
	#elif defined __x86_64__
		#define	RegisterSaveSize	(1*8)
	#endif

#define	LocalsSize	Arch(4, 0)	// Number of bytes used for local variables.

	#if 0 < LocalsSize
		sub		$LocalsSize, r4	// Allocate space on stack.
	#endif

// Number of bytes from the stack pointer to the return address.
#define	StackFrame	(LocalsSize+RegisterSaveSize)

#if defined __i386__

	// Define location of argument i (presuming 4-byte arguments).
	#define	Argument(i)	StackFrame+8+4*(i)(%esp)

	#define	ArgOutputText	Argument(0)
	#define	ArgInputText	Argument(1)
	#define	ArgExpandedKey	Argument(2)
	#define	ArgNr			Argument(3)

#elif defined __x86_64__

	// Arguments.
	#define	OutputText		r7	// Needed near end of routine.
	#define	InputText		r6	// Used early then overwritten for other use.
	#define	ArgExpandedKey	r2
	#define	ArgNr			r1
		/*	The arguments passed in r1 and r2 overlaps registers we need for
		 	other work, so they must be moved early in the routine.
		*/

#endif

#define	BaseP		Arch(r7, r9)	// Base pointer for addressing global data.
#define	ExpandedKey	Arch(t0, r10)	// Address of expanded key.

/*	The Work registers defined below are used to hold parts of the AES state
	while we dissect or assemble it.  They must be assigned to the A, B, C, and
	D registers so that we can access the bytes in %al, %ah, and so on.
*/
#define	Work0d	r0d
#define	Work0l	r0l
#define	Work0h	r0h
#define	Work1d	r3d
#define	Work1l	r3l
#define	Work1h	r3h
#define	Work2d	r1d
#define	Work2l	r1l
#define	Work2h	r1h
#define	Work3d	r2d
#define	Work3l	r2l
#define	Work3h	r2h

#define	t0		r5
#define	t0d		r5d		// Low 32 bits of t0.
#define	t0l		r5l		// Low byte of t0.

#define	t1		r6

/*	S0, S1, S2, and S3 are where we assemble the new AES state when computing
	a regular round.  S1, S2, and S3 are assigned to the Work registers, but
	S0 needs to go somewhere else because Work0 holds part of the old state.
*/
#define	S0		Arch(t1, r8d)
#define	S1		Work1d
#define	S2		Work2d
#define	S3		Work3d

/*	These XMM registers are used as holding space, because it is faster to
	spill to these registers than to the stack.  (On x86_64, we do not need
	to spill, because there are additional general registers available.
	However, using more general registers requires saving them to the stack
	and restoring them.  I timed it, and no time was saved.)
*/
#define	vS1		%xmm1
#define	vS2		%xmm2
#define	vS3		%xmm3
#if defined __i386__
	#define	vExpandedKey	%xmm4
	#define	vIncrement		%xmm5
#endif

	// Get argument.
	mov	ArgExpandedKey, ExpandedKey

// Store sentinel value of ExpandedKey on stack on i386, a register on x86_64.
#define	ExpandedKeyEnd	Arch((r4), r11)

	/*	Convert ArgNr from rounds to number of bytes to move through expanded
		key to get to (but not beyond) last 16-byte block.
	*/
	mov		ArgNr, r0
	shl		$4, r0

	#if Select == 0
		// For encryption, prepare to iterate forward through expanded key.
		add		ExpandedKey, r0
		mov		r0, ExpandedKeyEnd
	#else
		// For decryption, prepare to iterate backward through expanded key.
		mov		ExpandedKey, ExpandedKeyEnd
		add		r0, ExpandedKey
	#endif

	// Initialize State from input text.
	#if defined __i386__
		mov		ArgInputText, BaseP
		#define	InputText	BaseP
	#endif
	mov		0*4(InputText), Work0d
	mov		1*4(InputText), S1
	mov		2*4(InputText), S2
	mov		3*4(InputText), S3
#undef	InputText	// Register is reused after this for other purposes.

	// Add round key and save results.
	xor		0*4(ExpandedKey), Work0d	// S0 is in dissection register.
	xor		1*4(ExpandedKey), S1
	movd	S1, vS1						// Save S1 to S3 in vector registers.
	xor		2*4(ExpandedKey), S2
	movd	S2, vS2
	xor		3*4(ExpandedKey), S3
	movd	S3, vS3

	add		$Increment, ExpandedKey		 // Advance to next round key.

	#if defined __i386__
		// Save expanded key address and increment in vector registers.
		mov		$Increment, t1
		movp	ExpandedKey, vExpandedKey
		movp	t1, vIncrement
	#endif

	// Set up relative addressing.
	#if defined __i386__

		// Get address of 0 in BaseP.
			call	0f				// Push program counter onto stack.
		0:
			pop		BaseP			// Get program counter.

		// Define macros to help address data.
#define	LookupM(table, index)	MTable-0b+(table)*TableSize(BaseP, index, 4)
#define LookupF(table, index)	FTable-0b+(table)*TableSize(BaseP, index, 4)

	#elif defined __x86_64__

		lea	MTable(%rip), BaseP

		// Define macros to help address data.
		#define	LookupM(table, index)	(table)*TableSize(BaseP, index, 4)
		#define	LookupF(table, index)	(table)*TableSize(BaseP, index, 4)

/*	With these definitions of LookupM and LookupF, BaseP must be loaded with
	the address of the table at the point where it is used.  So we need an
	instruction to change BaseP after we are done with MTable and before we
	start using FTable.  I would prefer to use something like:

		.set	FMinusM, FTable - MTable
		#define LookupF(table, index)	\
			FMinusM+(table)*TableSize(BaseP, index, 4)

	Then BaseP would not need to change.  However, this fails due to an
	assembler/linker bug, <rdar://problem/5683882>.
*/

	#endif

	// Get round key.
	mov		0*4(ExpandedKey), S0
	mov		1*4(ExpandedKey), S1
	mov		2*4(ExpandedKey), S2
	mov		3*4(ExpandedKey), S3

1:
	/*	Word 0 of the current state must be in Work0 now, and the next round
		key must be in S0 to S3.
	*/

	// Process previous S0.
	movzx	Work0l, t0
	xor		LookupM(0, t0), S0
	movzx	Work0h, t0d
	xor		LookupM(1, t0), P3
	shr		$16, Work0d
	movzx	Work0l, t0d
	xor		LookupM(2, t0), S2
	movzx	Work0h, t0d
	xor		LookupM(3, t0), P1

	// Process previous S1.
	movd	vS1, Work0d
	movzx	Work0l, t0d
	xor		LookupM(0, t0), S1
	movzx	Work0h, t0d
	xor		LookupM(1, t0), P0
	shr		$16, Work0d
	movzx	Work0l, t0d
	xor		LookupM(2, t0), S3
	movzx	Work0h, t0d
	xor		LookupM(3, t0), P2

	// Process previous S2.
	movd	vS2, Work0d
	movzx	Work0l, t0d
	xor		LookupM(0, t0), S2
	movzx	Work0h, t0d
	xor		LookupM(1, t0), P1
	shr		$16, Work0d
	movzx	Work0l, t0d
	xor		LookupM(2, t0), S0
	movzx	Work0h, t0d
	xor		LookupM(3, t0), P3

	// Process previous S3.
	movd	vS3, Work0d
	movzx	Work0l, t0d
	xor		LookupM(0, t0), S3
	movzx	Work0h, t0d
	xor		LookupM(1, t0), P2
	shr		$16, Work0d
	movzx	Work0l, t0d
	xor		LookupM(2, t0), S1
	movzx	Work0h, t0d
	xor		LookupM(3, t0), P0

	#if defined __i386__
		paddd	vIncrement, vExpandedKey
		movp	vExpandedKey, ExpandedKey
	#else
		add		$Increment, ExpandedKey
	#endif

	// Save state for next iteration and load next round key.
	mov		S0, Work0d
	mov		0*4(ExpandedKey), S0
	movd	S1, vS1
	mov		1*4(ExpandedKey), S1
	movd	S2, vS2
	mov		2*4(ExpandedKey), S2
	movd	S3, vS3
	mov		3*4(ExpandedKey), S3

	cmp		ExpandedKeyEnd, ExpandedKey
	jne		1b

	/*	Word 0 of the current state must be in Work0 now, and the next round
		key must be in S0 to S3.
	*/

	// Work around assembler bug.  See comments above about Radar 5683882.
	#if defined __x86_64__
		lea	FTable(%rip), BaseP
	#endif

	// Process previous S0.
	movzx	Work0l, t0
	xor		LookupF(0, t0), S0
	movzx	Work0h, t0d
	xor		LookupF(1, t0), P3
	shr		$16, Work0d
	movzx	Work0l, t0d
	xor		LookupF(2, t0), S2
	movzx	Work0h, t0d
	xor		LookupF(3, t0), P1

	// Process previous S1.
	movd	vS1, Work0d
	movzx	Work0l, t0d
	xor		LookupF(0, t0), S1
	movzx	Work0h, t0d
	xor		LookupF(1, t0), P0
	shr		$16, Work0d
	movzx	Work0l, t0d
	xor		LookupF(2, t0), S3
	movzx	Work0h, t0d
	xor		LookupF(3, t0), P2

	// Process previous S2.
	movd	vS2, Work0d
	movzx	Work0l, t0d
	xor		LookupF(0, t0), S2
	movzx	Work0h, t0d
	xor		LookupF(1, t0), P1
	shr		$16, Work0d
	movzx	Work0l, t0d
	xor		LookupF(2, t0), S0
	movzx	Work0h, t0d
	xor		LookupF(3, t0), P3

	// Process previous S3.
	movd	vS3, Work0d
	movzx	Work0l, t0d
	xor		LookupF(0, t0), S3
	movzx	Work0h, t0d
	xor		LookupF(1, t0), P2
	shr		$16, Work0d
	movzx	Work0l, t0d
	xor		LookupF(2, t0), S1
	movzx	Work0h, t0d
	xor		LookupF(3, t0), P0

	#if defined __i386__	// Architecture.
		// Get OutputText address.
		#define	OutputText	BaseP
		mov		ArgOutputText, OutputText
	#endif	// Architecture.

	// Write output.
	mov		S0, 0*4(OutputText)
	mov		S1, 1*4(OutputText)
	mov		S2, 2*4(OutputText)
	mov		S3, 3*4(OutputText)

	// Pop stack and restore registers.
	#if 0 < LocalsSize
		add		$LocalsSize, r4
	#endif
	#if defined __i386__
		pop		r7
		pop		r6
	#elif defined __x86_64__
	#endif
	pop		r3
	pop		r5

	ret


#undef	ArgExpandedKey
#undef	ArgInputText
#undef	ArgNr
#undef	ArgOutputText
#undef	Argument
#undef	BaseP
#undef	ExpandedKey
#undef	ExpandedKeyEnd
#undef	FTable
#undef	InputText
#undef	LocalsSize
#undef	LookupM
#undef	LookupF
#undef	MTable
#undef	OutputText
#undef	RegisterSaveSize
#undef	S0
#undef	S1
#undef	S2
#undef	S3
#undef	StackFrame
#undef	Work0d
#undef	Work0h
#undef	Work0l
#undef	Work1d
#undef	Work1h
#undef	Work1l
#undef	Work2d
#undef	Work2h
#undef	Work2l
#undef	Work3d
#undef	Work3h
#undef	Work3l
#undef	t0
#undef	t0d
#undef	t0l
#undef	t1
#undef	vExpandedKey
#undef	vS1
#undef	vS2
#undef	vS3

#undef	Name
#undef	MTable
#undef	FTable
#undef	P0
#undef	P1
#undef	P2
#undef	P3
#undef	Increment

Added Source/AESedp/Intel/ExpandKeyForDecryption.s.





































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
/*	This file defines _AESExpandKeyForDecryption.  It is designed to be
	included in another assembly file with the preprocessor #include directive,
	to benefit from some assembly-time calculations.

	Written by Eric Postpischil, January 2008.

	The comments here do not say much about the algorithm; the code just
	follows the FIPS-197 specification.  I recommend reading the specification
	before working with this code or examining the C code in the parent
	directory that illustrates key expansion.

	One complication is that this routine both expands the key and applies
	InvMixColumn to most of the words in the expanded key.  This modifies the
	key for use with the Equivalent Inverse Cipher.

	During key expansion, there are sequences of four or six words that are
	produced like this:

		E[i+0] = E[i+0-Nk] ^ f(E[i-1]), where f is some function.
		E[i+1] = E[i+1-Nk] ^ E[i+0].
		E[i+2] = E[i+2-Nk] ^ E[i+1].
		E[i+3] = E[i+3-Nk] ^ E[i+2].

	When Nk is four or eight, the sequence stops there.  When it is six, it
	goes on for two more words.  Let I be the InvMixColumn function.  for the
	Equivalent Inverse Cipher, we want to store I(E[i+0]), I(E[i+1]),
	I(E[i+2]), I(E[i+3]) (and two more when Nk is six).  However, we do not
	need to calculate I four times.  In AES' finite field, I is a linear
	combination of the four bytes of its input.  The ^ operation on the bits
	that represent field elements is an addition in the Galois field.  So
	I(a ^ b) = I(a) ^ I(b).  Then we have:

		I(E[i+0]) = I(E[i+0-Nk] ^ f(E[i-1])) = I(E[i+0-Nk]) ^ I(f(E[i-1])).
		I(E[i+1]) = I(E[i+1-Nk]) ^ I(E[i+0]).
		I(E[i+2]) = I(E[i+2-Nk]) ^ I(E[i+1]).
		I(E[i+3]) = I(E[i+3-Nk]) ^ I(E[i+2]).

	To compute this, we compute I(f(E[i-1])) and XOR it with the previously
	stored E[i+0-Nk])) to get I(E[i+0])).  Then we XOR that with the previously
	stored E[i+1-Nk])) to get I(E[i+1])), and so on.

	Note that to compute I(f(E[i-1])), we need to have E[i-1].  So we have to
	compute the pre-InvMixColumn words of the expanded key; it is not
	sufficient to have the post-InvMixColumn words.
*/


/*	Routine:

		_AESExpandKeyForDecryption.

	Function:

		Expand the user's cipher key into the key schedule, as defined in
		Federal Information Processing Standards Publication 197 (FIPS-197),
		November 26, 2001.

		For decryption, the key is modified as shown in Figure 15 in FIPS-197,
		to support the Equivalent Inverse Cipher.

	Input:

		Constant data:

			The following names must be locally defined so the assembler
			can calculate certain offsets.

			static const Word _AESSubBytesWordTable[4][256].

				_AESSubBytesWordTable[i][j] = SubBytes(j) << 8*i, where
				SubBytes is defined in FIPS-197.  _AESSubBytesWordTable
				differs from _AESEncryptTable in that it does not include
				the MixColumn operation.  It is used in performing the last
				round, which differs fromm the previous rounds in that it
				does not include the MixColumn operation.

			static const Word _AESSInvMixColumnTable[4][256].

				_AESInvMixColumnTable[i][j] contains the contribution of byte
				j to element i of the InvMixColumn operation.

				The four bytes of the word _AESInvMixColumnTable[0][j] are:

					{0xe}*{j}, {0x9}*{j}, {0xd}*{j}, {0xb}*{j},

				listed in increasing address order, where multiplication is
				performed in the Galois field.  {j} designates the element of
				the Galois field represented by j.  _AESInvMixColumn[i][j] has
				the same bytes, rotated right in the order shown above.

			static const Byte _AESRcon[].

				Round constants, beginning with AESRcon[1] for the first round
				(AESRcon[0] is padding.)
	
		Arguments:

			Word *ExpandedKey

				Address of output.

			const AESKey *Key

				Address of user's cipher key.

			long Nk

				Number of four-byte words in user's cipher key.

	Output:

		The expanded key is written to *ExpandedKey.
*/

#define	dr		r0d				// Dissection register.
#define	drl		r0l				// Low 8 bits of dissection register.
#define	drh		r0h				// Second-lowest 8 bits of dissection register.

#define	t0		r1
#define	t0d		r1d				// Low 32 bits of t0.

#define	STable	r2				// Address of SubBytes table.  Overlaps Nk.
#define	ITable	r3				// Address of InvMixColumn table.
#define	offset	r5				// Address offset and loop sentinel.

#define	R		r6				// Address of round constant.
#define	K		r6				// User key pointer, second x86_64 argument.
	// R and K overlap.

#define	E		r7				// Expanded key pointer, first x86_64 argument.

#define	ve0		%xmm0
#define	ve1		%xmm1
#define	ve2		%xmm2
#define	ve3		%xmm3
#define	ve4		%xmm4
#define	ve5		%xmm5
#define	vt1		%xmm6
#define	vt0		%xmm7

#define	LookupS(table, index)	(table)*TableSize(STable, index, 4)
#define	LookupI(table, index)	(table)*TableSize(ITable, index, 4)


/*	InvMixColumn puts InvMixColumn(dr) into vt0.  This is a non-standard
	subroutine.  It does not conform to the ABI.  It is an integral part of
	_ExpandKeyForDecryption and shares register use with it.
*/
InvMixColumn:
	movzx	drl, t0
	movd	LookupI(0, t0), vt0		// Look up byte 0 in table 0.
	movzx	drh, t0d
	movd	LookupI(1, t0), vt1		// Look up byte 1 in table 1.
	pxor	vt1, vt0
	shr		$16, dr
	movzx	drl, t0d
	movd	LookupI(2, t0), vt1		// Look up byte 2 in table 2.
	pxor	vt1, vt0
	movzx	drh, t0d
	movd	LookupI(3, t0), vt1		// Look up byte 3 in table 3.
	pxor	vt1, vt0
	ret


	// SubWordRotWord adds (XORs) SubWord(RotWord(dr)) to vt0.
	.macro	SubWordRotWord
		movzx	drl, t0
		movd	LookupS(3, t0), vt1		// Look up byte 0 in table 3.
		pxor	vt1, vt0
		movzx	drh, t0d
		movd	LookupS(0, t0), vt1		// Look up byte 1 in table 0.
		pxor	vt1, vt0
		shr		$$16, dr
		movzx	drl, t0d
		movd	LookupS(1, t0), vt1		// Look up byte 2 in table 1.
		pxor	vt1, vt0
		movzx	drh, t0d
		movd	LookupS(2, t0), vt1		// Look up byte 3 in table 2.
		pxor	vt1, vt0
	.endm


	// SubWord puts SubWord(dr) into vt0.
	.macro	SubWord
		movzx	drl, t0
		movd	LookupS(0, t0), vt0		// Look up byte 0 in table 0.
		movzx	drh, t0d
		movd	LookupS(1, t0), vt1		// Look up byte 1 in table 1.
		pxor	vt1,vt0
		shr		$$16, dr
		movzx	drl, t0d
		movd	LookupS(2, t0), vt1		// Look up byte 2 in table 2.
		pxor	vt1,vt0
		movzx	drh, t0d
		movd	LookupS(3, t0), vt1		// Look up byte 3 in table 3.
		pxor	vt1,vt0
	.endm


	.globl _AESExpandKeyForDecryption
	.private_extern	_AESExpandKeyForDecryption
_AESExpandKeyForDecryption:

	// Push new stack frame.
	push	r5

	// Save registers.
	push	r3
	#if defined __i386__
		push	r6
		push	r7
		#define	RegisterSaveSize	(3*4)
	#elif defined __x86_64__
		#define	RegisterSaveSize	(1*8)
		// Add pushes of r12 to r15 if used.
	#endif

#define	LocalsSize	0
#define	StackFrame	(LocalsSize+RegisterSaveSize)
	// Locals plus the registers we pushed after the new stack frame.

/*	Define stack offset to storage space for local data.  This is in the red
	zone.  We point far enough down to allow space for eight four-byte words
	plus a return address (4 or 8 bytes on i386 or x86_64) for our internal
	subroutine calls.
*/
#define	Local	(-8*4-8)

#if defined __i386__

	// Define location of argument i.
	#define	Argument(i)	StackFrame+8+4*(i)(r4)

	// Load arguments.
	mov		Argument(0), E
	mov		Argument(1), K
	#define	Nk	Argument(2)

#elif defined __x86_64__

	#define	Nk		r2			// Number of words in key.  Overlaps STable.

#endif

	cmp		$6,	 Nk

	#if 0 < LocalsSize
		sub		$LocalsSize, r4	// Allocate space on stack.
	#endif

	// First words of expanded key are copied from user key.
	movd	0*4(K), ve0
	movd	1*4(K), ve1
	movd	2*4(K), ve2
	movd	3*4(K), ve3
	je		DKeyHas6Words
	jg		DKeyHas8Words
	// Fall through to DKeyHas4Words.

DKeyHas4Words:

	// K cannot be used after we write to R, since they use the same register.

	#if defined __i386__
		// Get address of 0 in R.
			call	0f			// Push program counter onto stack.
		0:
			pop		STable		// Get program counter.

		lea		_AESRcon-0b(STable), R
		lea		_AESInvMixColumnTable-0b(STable), ITable
		lea		_AESSubBytesWordTable-0b(STable), STable

	#elif defined __x86_64__

		lea		_AESRcon(%rip), R
		lea		_AESInvMixColumnTable(%rip), ITable
		lea		_AESSubBytesWordTable(%rip), STable

	#endif

	/*	With a four-word key, there are ten rounds (eleven 16-byte key blocks),
		nine of which have InvMixColumn applied.
	*/
	mov		$-9*4*4, offset
	sub		offset, E

	// Store initial words of expanded key, which are copies of user's key.
	movd	ve0, 0*4(E, offset)
	movd	ve1, 1*4(E, offset)
	movd	ve2, 2*4(E, offset)
	movd	ve3, 3*4(E, offset)

/*	Here is the first iteration of the key expansion.  It is separate from the
	main loop below because we need to apply InvMixColumn to each of the
	outputs, in ve0 through ve3.  In the main loop, the technique described at
	the top of this file is used to compute the proper outputs while using
	InvMixColumn only once.
*/
	add		$1, R					// Advance pointer.
	movd	ve3, dr					// Put previous word into work register.
	movzx	(R), t0d				// Get round constant.
	movd	t0d, vt0

	SubWordRotWord
	pxor	vt0, ve0

	// Chain to successive words.
	pxor	ve0, ve1
	pxor	ve1, ve2
	pxor	ve2, ve3

	add		$4*4, offset

	/*	Apply InvMixColumn to each word.  The transformed values are stored in
		the expanded key.  The original values are retained in registers for
		further computation.
	*/
	movd	ve0, dr
	call	InvMixColumn
	movd	vt0, 0*4(E, offset)

	movd	ve1, dr
	call	InvMixColumn
	movd	vt0, 1*4(E, offset)

	movd	ve2, dr
	call	InvMixColumn
	movd	vt0, 2*4(E, offset)

	movd	ve3, dr
	call	InvMixColumn
	movd	vt0, 3*4(E, offset)

//	Here is the main loop.
1:
	add		$1, R					// Advance pointer.
	movd	ve3, dr					// Put previous word into work register.
	movzx	(R), t0d				// Get round constant.
	movd	t0d, vt0

	SubWordRotWord
	pxor	vt0, ve0

	// Chain to successive words.
	pxor	ve0, ve1
	pxor	ve1, ve2
	pxor	ve2, ve3
		/*	Dr. Brian Gladman uses a technique with a single XOR here instead
			of the previous four.  There is some periodic behavior in the key
			expansion, and Gladman maintains E[4*i+3] for the latest four
			values of i.  XORing the value in vt0 with one of these yields its
			replacement.  However, using this technique requires additional
			instructions before the loop (to initialize the values) and after
			it (to extract the final values to be stored) and either some way
			to rotate or index four values in the loop or a four-fold unrolling
			of the loop to provide the indexing.  Experiment suggests the
			former is not worthwhile.  Unrolling the loop might give a small
			gain, at the cost of increased use of instruction cache, increased
			instructions loads the first time the routine is executed, and
			increased code complexity, so I decided against it.
		*/

	// Apply InvMixColumn to the difference.
	movd	vt0, dr
	call	InvMixColumn

	add		$4*4, offset

	// Chain the transformed difference to previously transformed outputs.
	movd	(0-4)*4(E, offset), vt1
	pxor	vt1, vt0
	movd	vt0, 0*4(E, offset)

	movd	(1-4)*4(E, offset), vt1
	pxor	vt1, vt0
	movd	vt0, 1*4(E, offset)

	movd	(2-4)*4(E, offset), vt1
	pxor	vt1, vt0
	movd	vt0, 2*4(E, offset)

	movd	(3-4)*4(E, offset), vt1
	pxor	vt1, vt0
	movd	vt0, 3*4(E, offset)

	jl		1b

// Here is the final iteration, which does not perform InvMixColumn.

	movd	ve3, dr					// Put previous word into work register.
	movzx	1(R), t0d				// Get round constant.
	movd	t0d, vt0

	SubWordRotWord
	pxor	vt0, ve0

	// Chain to successive words.
	movd	ve0, 4*4(E, offset)
	pxor	ve0, ve1
	movd	ve1, 5*4(E, offset)
	pxor	ve1, ve2
	movd	ve2, 6*4(E, offset)
	pxor	ve2, ve3
	movd	ve3, 7*4(E, offset)

	// Pop stack and restore registers.
	#if 0 < LocalsSize
		add		$LocalsSize, r4
	#endif
	#if defined __i386__
		// Add pops of r15 to r12 if used.
		pop		r7
		pop		r6
	#elif defined __x86_64__
	#endif
	pop		r3
	pop		r5

	ret


DKeyHas6Words:
	movd	4*4(K), ve4
	movd	5*4(K), ve5

	// K cannot be used after we write to R, since they use the same register.

	#if defined __i386__
		// Get address of 0 in R.
			call	0f			// Push program counter onto stack.
		0:
			pop		STable		// Get program counter.

		lea		_AESRcon-0b(STable), R
		lea		_AESInvMixColumnTable-0b(STable), ITable
		lea		_AESSubBytesWordTable-0b(STable), STable

	#elif defined __x86_64__

		lea		_AESRcon(%rip), R
		lea		_AESInvMixColumnTable(%rip), ITable
		lea		_AESSubBytesWordTable(%rip), STable

	#endif

	/*	With a six-word key, there are twelve rounds (thirteen 16-byte key
		blocks), eleven of which have InvMixColumn applied.  The key expansion
		proceeds in iterations of six four-byte words, so the termination
		condition is a bit complicated.  We set offset to the negative of 10
		four four-byte words, and the loop branch does another iteration if
		offset is less than or equal to zero, meaning the number of iterations
		performed so far is less than or equal to 10.  Thus, after ten
		iterations, it branches again.  After the eleventh iteration, it
		stops.  Code after the end of the loop computes the twelfth key block,
		which does not have InvMixColumn applied.
	*/
	mov		$-10*4*4, offset
	sub		offset, E

	// Store initial words of expanded key, which are copies of user's key.
	movd	ve0, 0*4(E, offset)
	movd	ve1, 1*4(E, offset)
	movd	ve2, 2*4(E, offset)
	movd	ve3, 3*4(E, offset)

	/*	The first four words are stored untransformed.  After that, words in
		the expanded key are transformed by InvMixColumn.
	*/
	movd	ve4, dr
	call	InvMixColumn
	movd	vt0, 4*4(E, offset)

	movd	ve5, dr
	call	InvMixColumn
	movd	vt0, 5*4(E, offset)

/*	Here is the first iteration of the key expansion.  It is separate from the
	main loop below because we need to apply InvMixColumn to each of the
	outputs, in ve0 through ve5.  In the main loop, the technique described at
	the top of this file is used to compute the proper outputs while using
	InvMixColumn only once.
*/
	add		$1, R					// Advance pointer.
	movd	ve5, dr					// Put previous word into work register.
	movzx	(R), t0d				// Get round constant.
	movd	t0d, vt0

	SubWordRotWord
	pxor	vt0, ve0

	// Chain to successive words.
	pxor	ve0, ve1
	pxor	ve1, ve2
	pxor	ve2, ve3
	pxor	ve3, ve4
	pxor	ve4, ve5

	add		$6*4, offset

	/*	Apply InvMixColumn to each word.  The transformed values are stored in
		the expanded key.  The original values are retained in registers for
		further computation.
	*/
	movd	ve0, dr
	call	InvMixColumn
	movd	vt0, 0*4(E, offset)

	movd	ve1, dr
	call	InvMixColumn
	movd	vt0, 1*4(E, offset)

	movd	ve2, dr
	call	InvMixColumn
	movd	vt0, 2*4(E, offset)

	movd	ve3, dr
	call	InvMixColumn
	movd	vt0, 3*4(E, offset)

	movd	(4-6)*4(E, offset), vt1
	pxor	vt1, vt0
	movd	vt0, 4*4(E, offset)

	movd	(5-6)*4(E, offset), vt1
	pxor	vt1, vt0
	movd	vt0, 5*4(E, offset)

//	Here is the main loop.
1:
	add		$1, R					// Advance pointer.
	movd	ve5, dr					// Put previous word into work register.
	movzx	(R), t0d				// Get round constant.
	movd	t0d, vt0

	SubWordRotWord
	pxor	vt0, ve0

	// Chain to successive words.
	pxor	ve0, ve1
	pxor	ve1, ve2
	pxor	ve2, ve3
	pxor	ve3, ve4
	pxor	ve4, ve5

	// Apply InvMixColumn to the difference.
	movd	vt0, dr
	call	InvMixColumn

	add		$6*4, offset

	// Chain the transformed difference to previously transformed outputs.
	movd	(0-6)*4(E, offset), vt1
	pxor	vt1, vt0
	movd	vt0, 0*4(E, offset)

	movd	(1-6)*4(E, offset), vt1
	pxor	vt1, vt0
	movd	vt0, 1*4(E, offset)

	movd	(2-6)*4(E, offset), vt1
	pxor	vt1, vt0
	movd	vt0, 2*4(E, offset)

	movd	(3-6)*4(E, offset), vt1
	pxor	vt1, vt0
	movd	vt0, 3*4(E, offset)

	movd	(4-6)*4(E, offset), vt1
	pxor	vt1, vt0
	movd	vt0, 4*4(E, offset)

	movd	(5-6)*4(E, offset), vt1
	pxor	vt1, vt0
	movd	vt0, 5*4(E, offset)

	jle		1b

// Here is the final iteration, which does not perform InvMixColumn.

	movd	ve5, dr					// Put previous word into work register.
	movzx	1(R), t0d				// Get round constant.
	movd	t0d, vt0

	SubWordRotWord
	pxor	vt0, ve0

	// Chain to successive words.
	movd	ve0, 6*4(E, offset)
	pxor	ve0, ve1
	movd	ve1, 7*4(E, offset)
	pxor	ve1, ve2
	movd	ve2, 8*4(E, offset)
	pxor	ve2, ve3
	movd	ve3, 9*4(E, offset)

	// Pop stack and restore registers.
	#if 0 < LocalsSize
		add		$LocalsSize, r4
	#endif
	#if defined __i386__
		// Add pops of r15 to r12 if used.
		pop		r7
		pop		r6
	#elif defined __x86_64__
	#endif
	pop		r3
	pop		r5

	ret


DKeyHas8Words:

	// Store initial words of expanded key, which are copies of user's key.
	movd	ve0, 0*4(E)
	movd	ve1, 1*4(E)
	movd	ve2, 2*4(E)
	movd	ve3, 3*4(E)
	movd	4*4(K), ve0
	movd	5*4(K), ve1
	movd	6*4(K), ve2
	movd	7*4(K), ve3

	// K cannot be used after we write to R, since they use the same register.

	#if defined __i386__
		// Get address of 0 in R.
			call	0f			// Push program counter onto stack.
		0:
			pop		STable		// Get program counter.

		lea		_AESRcon-0b(STable), R
		lea		_AESInvMixColumnTable-0b(STable), ITable
		lea		_AESSubBytesWordTable-0b(STable), STable

	#elif defined __x86_64__

		lea		_AESRcon(%rip), R
		lea		_AESInvMixColumnTable(%rip), ITable
		lea		_AESSubBytesWordTable(%rip), STable

	#endif

	/*	With an eight-word key, there are fourteen rounds (fifteen 16-byte key
		blocks), thirteen of which have InvMixColumn applied.
	*/
	mov		$-12*4*4, offset
	sub		offset, E

	// Save untransformed values in stack area.
	movd	ve0, 4*4+Local(r4)
	movd	ve1, 5*4+Local(r4)
	movd	ve2, 6*4+Local(r4)
	movd	ve3, 7*4+Local(r4)

	/*	Apply InvMixColumn to words 4 through 7.  The transformed values are
		stored in the expanded key.  The original values are saved in the stack
		area for further computation.
	*/
	movd	ve0, dr
	call	InvMixColumn
	movd	vt0, 4*4(E, offset)

	movd	ve1, dr
	call	InvMixColumn
	movd	vt0, 5*4(E, offset)

	movd	ve2, dr
	call	InvMixColumn
	movd	vt0, 6*4(E, offset)

	movd	ve3, dr
	call	InvMixColumn
	movd	vt0, 7*4(E, offset)

/*	Here is the first iteration of the key expansion.  It is separate from the
	main loop below because we need to apply InvMixColumn to each of the
	outputs, in ve0 through ve3.  In the main loop, the technique described at
	the top of this file is used to compute the proper outputs while using
	InvMixColumn only once.
*/
	add		$1, R					// Advance pointer.
	movd	ve3, dr					// Put previous word into work register.
	movzx	(R), t0d				// Get round constant.
	movd	t0d, vt0

	SubWordRotWord

	add		$8*4, offset

	movd	(0-8)*4(E, offset), ve0		// Get old word.
	pxor	vt0, ve0
	movd	ve0, 0*4+Local(r4)			// Save on stack.
	movd	ve0, dr
	call	InvMixColumn
	movd	vt0, 0*4(E, offset)			// Write to expanded key.

	/*	 Chain to successive words and apply InvMixColumn to each word.  The
		 transformed values are stored in the expanded key.  The original
		 values are retained in local data for further computation.
	*/
	movd	(1-8)*4(E, offset), ve1		// Get old word.
	pxor	ve0, ve1					// Chain.
	movd	ve1, 1*4+Local(r4)			// Save on stack.
	movd	ve1, dr
	call	InvMixColumn
	movd	vt0, 1*4(E, offset)			// Write to expanded key.

	movd	(2-8)*4(E, offset), ve2		// Get old word.
	pxor	ve1, ve2					// Chain.
	movd	ve2, 2*4+Local(r4)			// Save on stack.
	movd	ve2, dr
	call	InvMixColumn
	movd	vt0, 2*4(E, offset)			// Write to expanded key.

	movd	(3-8)*4(E, offset), ve3		// Get old word.
	pxor	ve2, ve3					// Chain.
	movd	ve3, 3*4+Local(r4)			// Save on stack.
	movd	ve3, dr
	call	InvMixColumn
	movd	vt0, 3*4(E, offset)			// Write to expanded key.

	movd	ve3, dr						// Put previous word into work register.
	SubWord

	movd	4*4+Local(r4), ve0			// Get old word.
	pxor	vt0, ve0					// Chain.
	movd	ve0, 4*4+Local(r4)			// Save on stack.

	movd	5*4+Local(r4), ve1			// Get old word.
	pxor	ve0, ve1					// Chain.
	movd	ve1, 5*4+Local(r4)			// Save on stack.

	movd	6*4+Local(r4), ve2			// Get old word.
	pxor	ve1, ve2					// Chain.
	movd	ve2, 6*4+Local(r4)			// Save on stack.

	movd	7*4+Local(r4), ve3			// Get old word.
	pxor	ve2, ve3					// Chain.
	movd	ve3, 7*4+Local(r4)			// Save on stack.

	movd	vt0, dr						// Move change to work register.
	call	InvMixColumn

	movd	(4-8)*4(E, offset), vt1		// Get old word.
	pxor	vt1, vt0					// Chain.
	movd	vt0, 4*4(E, offset)			// Write new word to expanded key.

	movd	(5-8)*4(E, offset), vt1		// Get old word.
	pxor	vt1, vt0					// Chain.
	movd	vt0, 5*4(E, offset)			// Write new word to expanded key.

	movd	(6-8)*4(E, offset), vt1		// Get old word.
	pxor	vt1, vt0					// Chain.
	movd	vt0, 6*4(E, offset)			// Write new word to expanded key.

	movd	(7-8)*4(E, offset), vt1		// Get old word.
	pxor	vt1, vt0					// Chain.
	movd	vt0, 7*4(E, offset)			// Write new word to expanded key.

//	Here is the main loop.
1:
	add		$1, R						// Advance pointer.
	movd	ve3, dr						// Put previous word into work register.
	movzx	(R), t0d					// Get round constant.
	movd	t0d, vt0

	SubWordRotWord

	movd	0*4+Local(r4), ve0			// Get old word.
	pxor	vt0, ve0
	movd	ve0, 0*4+Local(r4)			// Save on stack.

	// Chain to successive words.
	movd	1*4+Local(r4), ve1			// Get old word.
	pxor	ve0, ve1					// Chain.
	movd	ve1, 1*4+Local(r4)			// Save on stack.

	movd	2*4+Local(r4), ve2			// Get old word.
	pxor	ve1, ve2					// Chain.
	movd	ve2, 2*4+Local(r4)			// Save on stack.

	movd	3*4+Local(r4), ve3			// Get old word.
	pxor	ve2, ve3					// Chain.
	movd	ve3, 3*4+Local(r4)			// Save on stack.

	movd	vt0, dr						// Move change to work register.
	call	InvMixColumn

	movd	0*4(E, offset), vt1			// Get old word.
	pxor	vt1, vt0					// Chain.
	movd	vt0, (0+8)*4(E, offset)		// Write new word to expanded key.

	movd	1*4(E, offset), vt1			// Get old word.
	pxor	vt1, vt0					// Chain.
	movd	vt0, (1+8)*4(E, offset)		// Write new word to expanded key.

	movd	2*4(E, offset), vt1			// Get old word.
	pxor	vt1, vt0					// Chain.
	movd	vt0, (2+8)*4(E, offset)		// Write new word to expanded key.

	movd	3*4(E, offset), vt1			// Get old word.
	pxor	vt1, vt0					// Chain.
	movd	vt0, (3+8)*4(E, offset)		// Write new word to expanded key.

	movd	ve3, dr						// Put previous word into work register.
	SubWord

	movd	4*4+Local(r4), ve0			// Get old word.
	pxor	vt0, ve0					// Chain.
	movd	ve0, 4*4+Local(r4)			// Save on stack.

	movd	5*4+Local(r4), ve1			// Get old word.
	pxor	ve0, ve1					// Chain.
	movd	ve1, 5*4+Local(r4)			// Save on stack.

	movd	6*4+Local(r4), ve2			// Get old word.
	pxor	ve1, ve2					// Chain.
	movd	ve2, 6*4+Local(r4)			// Save on stack.

	movd	7*4+Local(r4), ve3			// Get old word.
	pxor	ve2, ve3					// Chain.
	movd	ve3, 7*4+Local(r4)			// Save on stack.

	movd	vt0, dr						// Move change to work register.
	call	InvMixColumn

	movd	4*4(E, offset), vt1			// Get old word.
	pxor	vt1, vt0					// Chain.
	movd	vt0, (4+8)*4(E, offset)		// Write new word to expanded key.

	movd	5*4(E, offset), vt1			// Get old word.
	pxor	vt1, vt0					// Chain.
	movd	vt0, (5+8)*4(E, offset)		// Write new word to expanded key.

	movd	6*4(E, offset), vt1			// Get old word.
	pxor	vt1, vt0					// Chain.
	movd	vt0, (6+8)*4(E, offset)		// Write new word to expanded key.

	movd	7*4(E, offset), vt1			// Get old word.
	pxor	vt1, vt0					// Chain.
	movd	vt0, (7+8)*4(E, offset)		// Write new word to expanded key.

	add		$8*4, offset

	jl		1b

	movd	ve3, dr						// Put previous word into work register.
	movzx	1(R), t0d					// Get round constant.
	movd	t0d, vt0

	SubWordRotWord

	movd	0*4+Local(r4), ve0			// Get old word.
	pxor	vt0, ve0					// Chain.
	movd	ve0, (0+8)*4(E, offset)

	// Chain to successive words.
	movd	1*4+Local(r4), ve1			// Get old word.
	pxor	ve0, ve1					// Chain.
	movd	ve1, (1+8)*4(E, offset)

	movd	2*4+Local(r4), ve2			// Get old word.
	pxor	ve1, ve2					// Chain.
	movd	ve2, (2+8)*4(E, offset)

	movd	3*4+Local(r4), ve3			// Get old word.
	pxor	ve2, ve3					// Chain.
	movd	ve3, (3+8)*4(E, offset)

	// Pop stack and restore registers.
	#if 0 < LocalsSize
		add		$LocalsSize, r4
	#endif
	#if defined __i386__
		// Add pops of r15 to r12 if used.
		pop		r7
		pop		r6
	#elif defined __x86_64__
	#endif
	pop		r3
	pop		r5

	ret


#undef	Address
#undef	Argument
#undef	E
#undef	ITable
#undef	K
#undef	LocalsSize
#undef	LookupI
#undef	LookupS
#undef	Nk
#undef	R
#undef	RegisterSaveSize
#undef	STable
#undef	StackFrame
#undef	dr
#undef	drh
#undef	drl
#undef	offset
#undef	t0
#undef	t0d
#undef	ve0
#undef	ve1
#undef	ve2
#undef	ve3
#undef	ve4
#undef	ve5
#undef	vt0
#undef	vt1

Added Source/AESedp/Intel/ExpandKeyForEncryption.s.

































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
/*	This file defines _AESExpandKeyForEncryption.  It is designed to be
	included in another assembly file with the preprocessor #include directive,
	to benefit from some assembly-time calculations.

	Written by Eric Postpischil, January 2008.

	The comments here do not say much about the algorithm; the code just
	follows the FIPS-197 specification.  I recommend reading the specification
	before working with this code or examining the C code in the parent
	directory that illustrates key expansion.
*/


/*	Routine:

		_AESExpandKeyForEncryption.

	Function:

		Expand the user's cipher key into the key schedule, as defined in
		Federal Information Processing Standards Publication 197 (FIPS-197),
		November 26, 2001.

	Input:

		Constant data:

			The following names must be locally defined so the assembler
			can calculate certain offsets.

			static const Word _AESSubBytesWordTable[4][256].

				_AESSubBytesWordTable[i][j] = SubBytes(j) << 8*i, where
				SubBytes is defined in FIPS-197.  _AESSubBytesWordTable
				differs from _AESEncryptTable in that it does not include
				the MixColumn operation.  It is used in performing the last
				round, which differs fromm the previous rounds in that it
				does not include the MixColumn operation.

			static const Byte _AESRcon[].

				Round constants, beginning with AESRcon[1] for the first round
				(AESRcon[0] is padding.)
	
		Arguments:

			Word *ExpandedKey

				Address of output.

			const AESKey *Key

				Address of user's cipher key.

			long Nk

				Number of four-byte words in user's cipher key.

	Output:

		The expanded key is written to *ExpandedKey.
*/
	.globl _AESExpandKeyForEncryption
	.private_extern	_AESExpandKeyForEncryption
_AESExpandKeyForEncryption:

#define	dr		r0d				// Dissection register.
#define	drl		r0l				// Low 8 bits of dissection register.
#define	drh		r0h				// Second-lowest 8 bits of dissection register.

#define	t0		r1
#define	t0d		r1d				// Low 32 bits of t0.

#define	offset	r5				// Address offset and loop sentinel.

#define	R		r6				// Address of round constant.
#define	K		r6				// User key pointer, second x86_64 argument.
	// R and K overlap.

#define	E		r7				// Expanded key pointer, first x86_64 argument.

#define	ve0		%xmm0
#define	ve1		%xmm1
#define	ve2		%xmm2
#define	ve3		%xmm3
#define	vt3		%xmm4
#define	vt2		%xmm5
#define	vt1		%xmm6
#define	vt0		%xmm7

#define	LookupS(table, index)	(table)*TableSize(STable, index, 4)

	// Push new stack frame.
	push	r5

	// Save registers.
	#if defined __i386__
		push	r6
		push	r7
		#define	RegisterSaveSize	(2*4)
	#elif defined __x86_64__
		#define	RegisterSaveSize	(0*8)
		// Add pushes of r12 to r15 if used.
	#endif

#define	LocalsSize	0
#define	StackFrame	(LocalsSize+RegisterSaveSize)
	// Locals plus the registers we pushed after the new stack frame.

#if defined __i386__

	// Define location of argument i.
	#define	Argument(i)	StackFrame+8+4*(i)(r4)

	// Load arguments.
	mov		Argument(0), E
	mov		Argument(1), K
	#define	Nk	Argument(2)

#elif defined __x86_64__

	#define	Nk		r2			// Number of words in key.  Overlaps STable.

#endif

	cmp		$6,	 Nk
// Stop using r2 for Nk and start using it for STable.
#undef	Nk
#define	STable	r2

	#if 0 < LocalsSize
		sub		$LocalsSize, r4	// Allocate space on stack.
	#endif

	// First words of expanded key are copied from user key.
	movd	0*4(K), ve0
	movd	1*4(K), ve1
	movd	2*4(K), ve2
	movd	3*4(K), ve3
	je		EKeyHas6Words
	jg		EKeyHas8Words
	// Fall through to EKeyHas4Words.

EKeyHas4Words:

	// K cannot be used after we write to R, since they use the same register.

	#if defined __i386__
		// Get address of 0 in R.
			call	0f			// Push program counter onto stack.
		0:
			pop		STable		// Get program counter.

		lea		_AESRcon-0b(STable), R
		lea		_AESSubBytesWordTable-0b(STable), STable

	#elif defined __x86_64__

		lea		_AESRcon(%rip), R
		lea		_AESSubBytesWordTable(%rip), STable

	#endif

	// With a four-word key, there are ten rounds (eleven 16-byte key blocks).
	mov		$-10*4*4, offset
	sub		offset, E

	// Store initial words of expanded key, which are copies of user's key.
	movd	ve0, 0*4(E, offset)
	movd	ve1, 1*4(E, offset)
	movd	ve2, 2*4(E, offset)
	movd	ve3, 3*4(E, offset)

1:
	add		$1, R				// Advance pointer.
	movd	ve3, dr				// Put previous word into dissection register.
	movzx	(R), t0d			// Get round constant.
	movd	t0d, vt3
	pxor	vt3, ve0			// XOR with word from four words back.

	// Perform SubWord(RotWord(dr)).
	movzx	drl, t0
	movd	LookupS(3, t0), vt0		// Look up byte 0 in table 3.
	movzx	drh, t0d
	movd	LookupS(0, t0), vt1		// Look up byte 1 in table 0.
	shr		$16, dr
	movzx	drl, t0d
	movd	LookupS(1, t0), vt2		// Look up byte 2 in table 1.
	movzx	drh, t0d
	movd	LookupS(2, t0), vt3		// Look up byte 3 in table 2.
	pxor	vt1, vt0
	pxor	vt3, vt2
	pxor	vt0, ve0
	pxor	vt2, ve0

	add		$4*4, offset

	// Chain to successive words.
	movd	ve0, 0*4(E, offset)
	pxor	ve0, ve1
	movd	ve1, 1*4(E, offset)
	pxor	ve1, ve2
	movd	ve2, 2*4(E, offset)
	pxor	ve2, ve3
	movd	ve3, 3*4(E, offset)

	jne		1b

	// Pop stack and restore registers.
	#if 0 < LocalsSize
		add		$LocalsSize, r4
	#endif
	#if defined __i386__
		// Add pops of r15 to r12 if used.
		pop		r7
		pop		r6
	#elif defined __x86_64
	#endif
	pop		r5

	ret


// Reset definitions for next case.
#undef	vt3
#undef	vt2
#define	ve4	%xmm4
#define	ve5	%xmm5


EKeyHas6Words:
	movd	4*4(K), ve4
	movd	5*4(K), ve5

	// K cannot be used after we write to R, since they use the same register.

	#if defined __i386__
		// Get address of 0 in R.
			call	0f			// Push program counter onto stack.
		0:
			pop		STable		// Get program counter.

		lea		_AESRcon-0b(STable), R
		lea		_AESSubBytesWordTable-0b(STable), STable

	#elif defined __x86_64__

		lea		_AESRcon(%rip), R
		lea		_AESSubBytesWordTable(%rip), STable

	#endif

	/*	With a six-word key, there are twelve rounds (thirteen 16-byte key
		blocks).
	*/
	mov		$-12*4*4, offset
	sub		offset, E

	// Store initial words of expanded key, which are copies of user's key.
	movd	ve0, 0*4(E, offset)
	movd	ve1, 1*4(E, offset)
	movd	ve2, 2*4(E, offset)
	movd	ve3, 3*4(E, offset)
	movd	ve4, 4*4(E, offset)
	movd	ve5, 5*4(E, offset)

/*	Jump into loop body.  The key expansion processes six four-byte words per
	iteration.  52 are needed in the key.  So only four are needed in the last
	iteration.
*/
	jmp		2f		
1:
	// Continue chaining to successive words.
	pxor	ve3, ve4
	movd	ve4, 4*4(E, offset)
	pxor	ve4, ve5
	movd	ve5, 5*4(E, offset)
2:
	add		$1, R				// Advance pointer.
	movd	ve5, dr				// Put previous word into dissection register.
	movzx	(R), t0				// Get round constant.
	movd	t0d, vt1
	pxor	vt1, ve0			// XOR with word from six words back.

	// Perform SubWord(RotWord(dr)).
	movzx	drl, t0d
	movd	LookupS(3, t0), vt0		// Look up byte 0 in table 3.
	movzx	drh, t0d
	movd	LookupS(0, t0), vt1		// Look up byte 1 in table 0.
	shr		$16, dr
	movzx	drl, t0d
	pxor	vt1, vt0
	pxor	vt0, ve0
	movd	LookupS(1, t0), vt0		// Look up byte 2 in table 1.
	movzx	drh, t0d
	movd	LookupS(2, t0), vt1		// Look up byte 3 in table 2.
	pxor	vt1, vt0
	pxor	vt0, ve0

	add		$6*4, offset

	// Chain to successive words.
	movd	ve0, 0*4(E, offset)
	pxor	ve0, ve1
	movd	ve1, 1*4(E, offset)
	pxor	ve1, ve2
	movd	ve2, 2*4(E, offset)
	pxor	ve2, ve3
	movd	ve3, 3*4(E, offset)

	jne		1b

	// Pop stack and restore registers.
	#if 0 < LocalsSize
		add		$LocalsSize, r4
	#endif
	#if defined __i386__
		// Add pops of r15 to r12 if used.
		pop		r7
		pop		r6
	#elif defined __x86_64
	#endif
	pop		r5

	ret


// Reset definitions for next case.
#undef	ve4
#undef	ve5
#define	vt3	%xmm4
#define	vt2	%xmm5


EKeyHas8Words:

	// Store initial words of expanded key, which are copies of user's key.
	movd	ve0, 0*4(E)
	movd	ve1, 1*4(E)
	movd	ve2, 2*4(E)
	movd	ve3, 3*4(E)
	movd	4*4(K), ve0
	movd	5*4(K), ve1
	movd	6*4(K), ve2
	movd	7*4(K), ve3

	// K cannot be used after we write to R, since they use the same register.

	#if defined __i386__
		// Get address of 0 in R.
			call	0f			// Push program counter onto stack.
		0:
			pop		STable		// Get program counter.

		lea		_AESRcon-0b(STable), R
		lea		_AESSubBytesWordTable-0b(STable), STable

	#elif defined __x86_64__

		lea		_AESRcon(%rip), R
		lea		_AESSubBytesWordTable(%rip), STable

	#endif

	/*	With an eight-word key, there are fourteen rounds (fifteen 16-byte key
	 	blocks).
	*/
	mov		$-14*4*4, offset
	sub		offset, E

	// Store initial words of expanded key, which are copies of user's key.
	movd	ve0, 4*4(E, offset)
	movd	ve1, 5*4(E, offset)
	movd	ve2, 6*4(E, offset)
	movd	ve3, 7*4(E, offset)

/*	Jump into loop body.  The key expansion processes eight four-byte words per
	iteration.  60 are needed in the key.  So only four are needed in the last
	iteration.
*/
	jmp		2f		
1:
	movd	ve3, dr				// Put previous word into dissection register.

	/*	Get word from eight words back (it is four words back from where E
	 	currently points, and we use it to prepare the value to be stored
		four words beyond where E currently points).
	*/
	movd	-4*4(E, offset), ve0

	// Perform SubWord(dr).
	movzx	drl, t0
	movd	LookupS(0, t0), vt0		// Look up byte 0 in table 0.
	movzx	drh, t0d
	movd	LookupS(1, t0), vt1		// Look up byte 1 in table 1.
	shr		$16, dr
	movzx	drl, t0d
	movd	LookupS(2, t0), vt2		// Look up byte 2 in table 2.
	movzx	drh, t0d
	movd	LookupS(3, t0), vt3		// Look up byte 3 in table 3.
	pxor	vt1, vt0
	pxor	vt3, vt2
	pxor	vt0, ve0
	pxor	vt2, ve0

	movd	-3*4(E, offset), ve1	// Get words from eight words back.
	movd	-2*4(E, offset), ve2
	movd	-1*4(E, offset), ve3

	// Chain to successive words.
	movd	ve0, 4*4(E, offset)
	pxor	ve0, ve1
	movd	ve1, 5*4(E, offset)
	pxor	ve1, ve2
	movd	ve2, 6*4(E, offset)
	pxor	ve2, ve3
	movd	ve3, 7*4(E, offset)

2:
	add		$1, R				// Advance pointer.
	movd	ve3, dr				// Put previous word into dissection register.
	movzx	(R), t0d			// Get round constant.
	movd	t0d, vt1
	movd	0*4(E, offset), ve0	// Get word from eight words back.
	pxor	vt1, ve0

	// Perform SubWord(RotWord(dr)).
	movzx	drl, t0
	movd	LookupS(3, t0), vt0		// Look up byte 0 in table 3.
	movzx	drh, t0d
	movd	LookupS(0, t0), vt1		// Look up byte 1 in table 0.
	shr		$16, dr
	movzx	drl, t0d
	movd	LookupS(1, t0), vt2		// Look up byte 2 in table 1.
	movzx	drh, t0d
	movd	LookupS(2, t0), vt3		// Look up byte 3 in table 2.
	pxor	vt1, vt0
	pxor	vt3, vt2
	pxor	vt0, ve0
	pxor	vt2, ve0

	movd	1*4(E, offset), ve1
	movd	2*4(E, offset), ve2
	movd	3*4(E, offset), ve3

	add		$8*4, offset

	// Chain to successive words.
	movd	ve0, 0*4(E, offset)
	pxor	ve0, ve1
	movd	ve1, 1*4(E, offset)
	pxor	ve1, ve2
	movd	ve2, 2*4(E, offset)
	pxor	ve2, ve3
	movd	ve3, 3*4(E, offset)

	jne		1b

	// Pop stack and restore registers.
	#if 0 < LocalsSize
		add		$LocalsSize, r4
	#endif
	#if defined __i386__
		// Add pops of r15 to r12 if used.
		pop		r7
		pop		r6
	#elif defined __x86_64
	#endif
	pop		r5

	ret


#undef	Address
#undef	Argument
#undef	E
#undef	LocalsSize
#undef	LookupS
#undef	R
#undef	RegisterSaveSize
#undef	STable
#undef	StackFrame
#undef	dr
#undef	drh
#undef	drl
#undef	offset
#undef	t0
#undef	t0d
#undef	ve0
#undef	ve1
#undef	ve2
#undef	ve3
#undef	vt0
#undef	vt1
#undef	vt2
#undef	vt3

Added Source/AESedp/Intel/ReadMe.txt.









>
>
>
>
1
2
3
4
This directory contains implementations of core AES routines (the actual
encryption, decryption, and key expansion) for the i386 (IA-32) and x86_64
(EMT64) architectures.  These routines are intended to be called by routines
in the parent directory.

Added Source/AESedp/MakeData.c.



































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#define	UseAESedp	// Tell AES.h to define things for AESedp.
#include "AES.h"


/*	In comments below, {n} designates the Galois field element represented by
	the byte n.  See notes about Galois field multiplication in ReadMe.txt.

	So 3+5 is addition of ordinary integers, and 3+5 == 8, while {3}+{5} is
	addition in the field, and {3} + {5} = {3 XOR 5} = {6}.)
*/


// Define constants for languages.
typedef enum { C, IntelAssembly } Language;


/*	LogBase3[i] will contain the base-three logarithm of i in the 256-element
	Galois field defined by AES.  That is, {3}**LogBase3[i] == {3}**i.
*/
static Byte LogBase3[256];

/*	AntilogBase3[i] will contain {3}**i in the 256-element Galois field defined
	by AES.  It contains extra elements so that the antilog of a+b can be found
	by looking up a+b directly, without having to reduce modulo the period, for
	0 <= a, b < 255.

	(254 is the greatest value we encounter.  Each a or b we use is the
	base-three logarithm of some element.  As a primitive root, the powers of
	three cycle through all non-zero elements of the field, of which there are
	255, so the exponents cover 0 to 254 before the powers repeat.)
*/
static Byte AntilogBase3[254+254+1];


static void InitializeLogTables(void)
{
	// log({1}) is zero, so start {p} (power) at {1} and l (logarithm) at 0.
	Byte p = 1;
	int l = 0;
	do
	{
		// Record table entries.
		LogBase3[p] = l;
		AntilogBase3[l] = p;

		/*	Observe that {2}*{p} is {p << 1 ^ (a & 0x80 ? 0x1b : 0)}, per notes
			in ReadMe.txt.  We produce {3}*{p}:

				{3}*{p}
					= {1}*{p} + {2}*{p}
					= {1}*{p} + {p << 1 ^ (a & 0x80 ? 0x1b : 0)}
					= {p ^ p << 1 ^ (p & 0x80 ? 0x1b : 0)}.
		*/
		p ^= p << 1 ^ (p & 0x80 ? 0x1b : 0);
		++l;

	} while (p != 1);	// Stop when we have gone around completely.

	/*	The antilogarithms are periodic with a period of 255, and we want to
		look up elements as high as 254+254 (the largest that a sum of two
		logarithms could be), so we replicate the table beyond the first
		period.
	*/
	for (l = 255; l < 254+254; ++l)
		AntilogBase3[l] = AntilogBase3[l-255];
}


/*	MultiplyByte(Byte b, Byte c) returns {b}*{c}.  It requires tables that must
	be initialized before this routine is used.
*/
static Byte MultiplyByte(Byte b, Byte c)
{
	// Calculate product by adding logarithms, but avoid logarithms of zero.
	return b == 0 || c == 0 ? 0 : AntilogBase3[LogBase3[b] + LogBase3[c]];
}


// Return {0} if {b} is {0} and the multiplicative inverse of {b} otherwise.
static Byte InverseByte(Byte b)
{
	return b == 0 ? 0 : AntilogBase3[255 - LogBase3[b]];
}


// Perform AES' SubBytes operation on a single byte.
static Byte SubByte(Byte b)
{
	unsigned int r = InverseByte(b);

	// Duplicate r as a proxy for a rotate operation.
	r = r | r<<8;

	// Apply the standard's affine transformation.
	return r ^ r>>4 ^ r>>5 ^ r>>6 ^ r>>7 ^ 0x63;
}


// Define and populate tables for the SubBytes and InvSubBytes operations.
static Byte SubBytesTable[256];
static Byte InvSubBytesTable[256];


static void InitializeSubBytesTable(void)
{
	for (int i = 0; i < 256; ++i)
		SubBytesTable[i] = SubByte((Byte) i);
}


static void InitializeInvSubBytesTable(void)
{
	for (int i = 0; i < 256; ++i)
		InvSubBytesTable[SubByte((Byte) i)] = i;
}


/*	Print tables for SubBytes function providing the output byte embedded in
	various places in a word, so that the table entries can be used with
	fewer byte manipulations.
*/
static void PrintSubBytesWordTable(Language language)
{
	switch (language)
	{
		case C:
			printf("\n\n"
				"// SubBytes embedded in words tables.\n"
				"const Word AESSubBytesWordTable[4][256] =\n"
				"{\n");
			for (int j = 0; j < 4; ++j)
			{
				printf("\t{\n");
				for (int i = 0; i < 256; ++i)
					printf("\t\t0x%08x,\n", SubBytesTable[i] << j*8);
				printf("\t},\n");
			}
			printf("};\n");
			break;

		case IntelAssembly:
			printf("\n\n"
				"// SubBytes embedded in words tables.\n"
				"\t.globl\t_AESSubBytesWordTable\n"
				"\t.private_extern\t_AESSubBytesWordTable\n"
				"\t.align\t2\n"
				"_AESSubBytesWordTable:\n");
			for (int j = 0; j < 4; ++j)
			{
				printf("\t// Table %d.\n", j);
				for (int i = 0; i < 256; ++i)
					printf("\t.long\t0x%08x\n", SubBytesTable[i] << j*8);
			}
			break;
	}
}


/*	Print tables for InvSubBytes function providing the output byte embedded in
	various places in a word, so that the table entries can be used with
	fewer byte manipulations.
*/
static void PrintInvSubBytesWordTable(Language language)
{
	switch (language)
	{
		case C:
			printf("\n\n"
				"// InvSubBytes embedded in words tables.\n"
				"const Word AESInvSubBytesWordTable[4][256] =\n"
				"{\n");
			for (int j = 0; j < 4; ++j)
			{
				printf("\t{\n");
				for (int i = 0; i < 256; ++i)
					printf("\t\t0x%08x,\n", InvSubBytesTable[i] << j*8);
				printf("\t},\n");
			}
			printf("};\n");
			break;

		case IntelAssembly:
			printf("\n\n"
				"// InvSubBytes embedded in words tables.\n"
				"\t.globl\t_AESInvSubBytesWordTable\n"
				"\t.private_extern\t_AESInvSubBytesWordTable\n"
				"\t.align\t2\n"
				"_AESInvSubBytesWordTable:\n");
			for (int j = 0; j < 4; ++j)
			{
				printf("\t// Table %d.\n", j);
				for (int i = 0; i < 256; ++i)
					printf("\t.long\t0x%08x\n", InvSubBytesTable[i] << j*8);
			}
			break;
	}
}


// Print the round constants.
static void PrintRcon(Language language)
{
	union { Byte c[4]; Word w; } t = { { 1, 0, 0, 0 } };

	switch (language)
	{
		case C:
			printf("\n\n"
				"// Round constants.\n"
				"const Byte AESRcon[] =\n"
				"{\n"
				"\t0,\t// Not used, included for indexing simplicity.\n");
			for (int i = 1; i < MaxRcon; ++i)
			{
				printf("\t0x%02x,\n", t.w);
				t.c[0] = MultiplyByte(0x2, t.c[0]);
			}
			printf("};\n");
			break;

		case IntelAssembly:
			printf("\n\n"
				"// Round constants.\n"
				"\t.globl\t_AESRcon\n"
				"\t.private_extern\t_AESRcon\n"
				"_AESRcon:\n"
				"\t.byte\t0\t// Not used, included for indexing simplicity.\n");
			for (int i = 1; i < MaxRcon; ++i)
			{
				printf("\t.byte\t0x%02x\n", t.w);
				t.c[0] = MultiplyByte(0x2, t.c[0]);
			}
			break;
	}
}


// Print tables for the InvMixColumn operation.
static void PrintInvMixColumnTable(Language language)
{
	Word T[4][256];

	for (int i = 0; i < 256; ++i)
	{
		union { Byte b[4]; Word w; } c;

		Byte s9 = MultiplyByte(0x9, i);
		Byte sb = MultiplyByte(0xb, i);
		Byte sd = MultiplyByte(0xd, i);
		Byte se = MultiplyByte(0xe, i);

		c.b[0] = se;
		c.b[1] = s9;
		c.b[2] = sd;
		c.b[3] = sb;
		T[0][i] = c.w;

		c.b[0] = sb;
		c.b[1] = se;
		c.b[2] = s9;
		c.b[3] = sd;
		T[1][i] = c.w;

		c.b[0] = sd;
		c.b[1] = sb;
		c.b[2] = se;
		c.b[3] = s9;
		T[2][i] = c.w;

		c.b[0] = s9;
		c.b[1] = sd;
		c.b[2] = sb;
		c.b[3] = se;
		T[3][i] = c.w;
	}

	switch (language)
	{
		case C:
			printf("\n\n"
				"// Tables for InvMixColumn.\n"
				"const Word AESInvMixColumnTable[4][256] =\n"
				"{\n");
			for (int i = 0; i < 4; ++i)
			{
				printf("\t{\n");
				for (int j = 0; j < 256; ++j)
					printf("\t\t0x%08x,\n", T[i][j]);
				printf("\t},\n");
			}
			printf("};\n");
			break;

		case IntelAssembly:
			printf("\n\n"
				"// Tables for InvMixColumn.\n"
				"\t.globl\t_AESInvMixColumnTable\n"
				"\t.private_extern\t_AESInvMixColumnTable\n"
				"\t.align\t2\n"
				"_AESInvMixColumnTable:\n");
			for (int i = 0; i < 4; ++i)
			{
				printf("\t// Table %d.\n", i);
				for (int j = 0; j < 256; ++j)
					printf("\t.long\t0x%08x\n", T[i][j]);
			}
			break;
	}
}


/*	Print the tables defined AES Proposal: Rijndael, amended, 9/04/2003,
	section 5.2.1.  These combine the MixColumn and SubBytes operations.
*/
static void PrintEncryptTable(Language language)
{
	Word T[4][256];

	for (int i = 0; i < 256; ++i)
	{
		union { Byte b[4]; Word w; } c;

		Byte s1 = SubBytesTable[i];
		Byte s2 = MultiplyByte(0x2, s1);
		Byte s3 = s1 ^ s2;

		c.b[0] = s2;
		c.b[1] = s1;
		c.b[2] = s1;
		c.b[3] = s3;
		T[0][i] = c.w;

		c.b[0] = s3;
		c.b[1] = s2;
		//c.b[2] = s1;
		c.b[3] = s1;
		T[1][i] = c.w;

		c.b[0] = s1;
		c.b[1] = s3;
		c.b[2] = s2;
		//c.b[3] = s1;
		T[2][i] = c.w;

		//c.b[0] = s1;
		c.b[1] = s1;
		c.b[2] = s3;
		c.b[3] = s2;
		T[3][i] = c.w;
	}

	switch (language)
	{
		case C:
			printf("\n\n"
				"// Tables for main encryption iterations.\n"
				"const Word AESEncryptTable[4][256] =\n"
				"{\n");
			for (int i = 0; i < 4; ++i)
			{
				printf("\t{\n");
				for (int j = 0; j < 256; ++j)
					printf("\t\t0x%08x,\n", T[i][j]);
				printf("\t},\n");
			}
			printf("};\n");
			break;

		case IntelAssembly:
			printf("\n\n"
				"// Tables for main encryption iterations.\n"
				"\t.globl\t_AESEncryptTable\n"
				"\t.private_extern\t_AESEncryptTable\n"
				"\t.align\t2\n"
				"_AESEncryptTable:\n");
			for (int i = 0; i < 4; ++i)
			{
				printf("\t// Table %d.\n", i);
				for (int j = 0; j < 256; ++j)
					printf("\t.long\t0x%08x\n", T[i][j]);
			}
			break;
	}
}


/*	Print the inverse tables.  These correspond to the tables above, but for
	decyrption.  These combine the InvSubBytes and InvMixColumn operations.
*/
static void PrintDecryptTable(Language language)
{
	Word T[4][256];

	for (int i = 0; i < 256; ++i)
	{
		union { Byte b[4]; Word w; } c;

		Byte si = InvSubBytesTable[i];

		Byte s9 = MultiplyByte(0x9, si);
		Byte sb = MultiplyByte(0xb, si);
		Byte sd = MultiplyByte(0xd, si);
		Byte se = MultiplyByte(0xe, si);

		c.b[0] = se;
		c.b[1] = s9;
		c.b[2] = sd;
		c.b[3] = sb;
		T[0][i] = c.w;

		c.b[0] = sb;
		c.b[1] = se;
		c.b[2] = s9;
		c.b[3] = sd;
		T[1][i] = c.w;

		c.b[0] = sd;
		c.b[1] = sb;
		c.b[2] = se;
		c.b[3] = s9;
		T[2][i] = c.w;

		c.b[0] = s9;
		c.b[1] = sd;
		c.b[2] = sb;
		c.b[3] = se;
		T[3][i] = c.w;
	}

	switch (language)
	{
		case C:
			printf("\n\n"
				"// Tables for main decryption iterations.\n"
				"const Word AESDecryptTable[4][256] =\n"
				"{\n");
			for (int i = 0; i < 4; ++i)
			{
				printf("\t{\n");
				for (int j = 0; j < 256; ++j)
					printf("\t\t0x%08x,\n", T[i][j]);
				printf("\t},\n");
			}
			printf("};\n");
			break;

		case IntelAssembly:
			printf("\n\n"
				"// Tables for main decryption iterations.\n"
				"\t.globl\t_AESDecryptTable\n"
				"\t.private_extern\t_AESDecryptTable\n"
				"\t.align\t2\n"
				"_AESDecryptTable:\n");
			for (int i = 0; i < 4; ++i)
			{
				printf("\t// Table %d.\n", i);
				for (int j = 0; j < 256; ++j)
					printf("\t.long\t0x%08x\n", T[i][j]);
			}
			break;
	}
}


static void Usage(const char *ProgramName)
{
	fprintf(stderr,
		"%s:  This program must have exactly one argument, \"C\" to generate\n"
		"C or \"Intel\" to generate GCC i386/x86_64 assembly.\n", ProgramName);
	exit(EXIT_FAILURE);
}


int main(int argc, char *argv[])
{
	if (argc != 2)
		Usage(argv[0]);

	Language language;

	// Figure out which language to generate, C or Intel assembly.
	if (0 == strcmp(argv[1], "C"))
		language = C;
	else if (0 == strcmp(argv[1], "Intel"))
		language = IntelAssembly;
	else
		Usage(argv[0]);

	printf("// This file was generated by " __FILE__ ".\n");

	if (language == C)
		printf("\n\n#include \"AES.h\"\n");

	if (language == IntelAssembly)
		printf("\n\n\t.const\n");

	InitializeLogTables();
	InitializeSubBytesTable();
	InitializeInvSubBytesTable();

	PrintRcon(language);
	PrintInvMixColumnTable(language);
	PrintEncryptTable(language);
	PrintDecryptTable(language);
	PrintSubBytesWordTable(language);
	PrintInvSubBytesWordTable(language);

	return 0;
}

Added Source/AESedp/ReadMe.txt.













































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
This directory contains an implementation of AES intended to plug into the
CommonCrypto interface.  This main directory contains a C implementation which
is not particularly fast but which works and illustrates the techniques used.
The Intel subdirectory contains routines providing a fast implementation for
the i386 (IA-32) and x86_64 (EMT64) architectures.  The Intel routines replace
certain routines in AES.c when UseAESedp_IntelAssembly is defined in AES.h and
UseAESedp_GeneralC is not defined.

Below is a summary of some of the arithmetic used in AES.  This is not an
introduction to AES, just a note about why we use bitwise XOR for "addition" of
AES elements and various expressions for "multiplication."

AES defines a 256-element Galois field over the integers modulo 2 modulo the
polynomial p(x) = x**8 + x**4 + x**3 + x + 1.  This means:

	Only the residues modulo 2 of the coefficients are relevant, so each
	coefficient is effectively either 0 or 1.  1+1 yields zero.

	Only the residues modulo p(x) of the polynomials are relevant, so each
	polynomial is effectively a degree-seven or less polynomial.  (Any result,
	say from multiplication, that yields a polynomial with a term x**8 or
	greater is reduced by dividing it by p(x).)

	Each element of the field is a polynomial with eight coefficients (for
	each power of x from x**7 to x**0), and each coefficients is a single bit.
	So we can represent an element in an eight-bit byte.

	XORing two bytes is the same as adding two polynomials.

	To multiply a polynomial by x, shift the byte left one bit.  If the x**8
	bit is on, then subtract p(x), which is represented by 0x11b.  (No more
	than one subtraction is needed, because the x**8 coefficient is at most
	one.)  Equivalently:

		unsigned char MultiplyByX(unsigned char b)
		{ return b << 1 ^ (b & 0x80 ? 0x1b : 0); }

	Two polynomials can be multiplied by using the above operations to
	multiply by powers of x and add appropriate powers.

AES defines another field with polynomials whose coefficients are elements in
the previous Galois field.  This larger field has a characteristic polynomial
of x**4 + 1.  This means:

	Elements in this field have four coefficients, each of which can be
	represented by a byte.

	Elements are added by adding their coefficients, which are adding by XORing
	their byte representations.  So an XOR of two four-byte words containing
	the representations of two elements is the sum of the two elements.

	Because the characteristic polynomial is x**4 + 1 and b == -b in this
	field, multiplying a polynomial by x effectively rotates the four bytes
	that represent it left one byte.

Added Source/AESedp/makefile.



























































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
default:
	@echo This makefile builds Data.c and Intel/Data.s, which contain constant
	@echo data for the AES implementation.  These files do not normally need to
	@echo be rebuilt, so they are checked into the source code repository.  They
	@echo should be changed only when the implementation changes and needs
	@echo data in a different format.
	@echo
	@echo To rebuild the files, execute "make all".

.PHONY:	all clean
Targets = Data.c Intel/Data.s
all:	$(Targets)

CFLAGS += -O3 -std=c99 -Wmost -Werror

.INTERMEDIATE:	MakeData
MakeData:	MakeData.c

# Do not leave bad output files if the build fails.
.DELETE_ON_ERROR:	$(Targets)

Data.c:	MakeData
	./$< >$@ C

Intel/Data.s:	MakeData
	./$< >$@ Intel

clean:
	-rm $(Targets)

Added Source/BlockCipher.c.







































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
/* 
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/*
 * BlockCipher.c - CommonCryptor service provider for block ciphers.
 *
 * Created 3/20/2006 by Doug Mitchell.
 */

#include <CommonCrypto/CommonCryptor.h>
#include "CommonCryptorPriv.h"
#include <stdlib.h>
#include <strings.h>
#include <CommonCrypto/opensslDES.h>	/* SPI */
#include <CommonCrypto/ccCast.h>		/* SPI */
#include <CommonCrypto/ccRC2.h>		/* SPI */
#include <CommonCrypto/aesopt.h>

#include <stddef.h>					/* for offsetof() */
#include <stdbool.h>

/* select an AES implementation */
#define AES_GLADMAN_STD		0
#define AES_GLADMAN_NEW		1

#if		AES_GLADMAN_STD
#include <AES/ccRijndaelGladman.h>
#elif	AES_GLADMAN_NEW
#include <CommonCrypto/aesopt.h>
#endif

#define CC_DEBUG	0
#if		CC_DEBUG
#include <stdio.h>

#define dprintf(args...)	printf(args)
#else
#define dprintf(args...)
#endif	/* CC_DEBUG */

/*
 * To avoid dynamic allocation of buffers, we just hard-code the 
 * knowledge of the max block size here. This must be kept up to date
 * with block sizes of algortihms that are added to this module.
 */
#define CC_MAX_BLOCK_SIZE	kCCBlockSizeAES128

static void ccBlockCipherProcessOneBlock(
	void *ctx,
	const void *blockIn,
	void *blockOut);

/* 
 * The functions a symmetric encryption algorithm must implement
 * to work with this module. Single-block encrypt and decrypt are of the form
 * bcProcessBlockFcn. Multi-block encrypt and decrypt are of the form
 * bcProcessBlocksFcn. Exactly one pair of (bcProcessBlockFcn, 
 * bcProcessBlocksFcn) functions is avaialble for a given cipher. 
 * The keyLength arg to bcSetKeyFcn is in bytes.
 */
typedef int (*bcSetKeyFcn)(
	void *ctx, 
	const void *rawKey, 
	size_t keyLength, 
	int forEncrypt);
/* 
 * This is used for algorithms that perform their own CBC. If this is not called,
 * ECB is assumed.
 */
typedef void (*bcSetIvFcn)(
	void *ctx,
	int forEncrypt, 
	const void *iv);
	
/* process one block */
typedef void (*bcProcessBlockFcn)(
	void *ctx, 
	const void *blockIn, 
	void *blockOut);
	
/* process multiple blocks */
typedef void (*bcProcessBlocksFcn)(
	void *ctx, 
	const void *blocksIn, 
	size_t numBlocks, 
	void *blocksOut);

/*
 * Everything we need to know about an algorithm.
 */
typedef struct {
	CCAlgorithm			alg;
	size_t				blockSize;
	size_t				minKeySize;
	size_t				maxKeySize;
	bool				algDoesCbc;	/* algorithm does CBC itself */
	bcSetKeyFcn			setKey;
	bcSetIvFcn			setIv;
	bcProcessBlockFcn	encrypt;
	bcProcessBlockFcn	decrypt;
	bcProcessBlocksFcn	encryptBlocks;
	bcProcessBlocksFcn	decryptBlocks;
	size_t				ctxSize;	/* size of alg-specific context */
} CCAlgInfo;

/* 
 * The list of algorithms we know about.
 * The casts for the function pointers are necessary to allow
 * implementations to keep meaningful context pointers (and,
 * possibly, char * in/out pointers) in their interfaces. 
 */
static const CCAlgInfo bcAlgInfos[] = 
{
	/* AES with 128-bit blocks */
	{ kCCAlgorithmAES128, kCCBlockSizeAES128, kCCKeySizeAES128, kCCKeySizeAES256,
	  true,
	  (bcSetKeyFcn)aes_cc_set_key,
	  (bcSetIvFcn)aes_cc_set_iv,
	  ccBlockCipherProcessOneBlock, 
	  ccBlockCipherProcessOneBlock,
	  (bcProcessBlocksFcn)aes_cc_encrypt,
	  (bcProcessBlocksFcn)aes_cc_decrypt,
	  sizeof(aes_cc_ctx)
	},
	/* DES */
	{ kCCAlgorithmDES, kCCBlockSizeDES, kCCKeySizeDES, kCCKeySizeDES, 
	  false, 
	  (bcSetKeyFcn)osDesSetkey,
	  NULL,
	  (bcProcessBlockFcn)osDesEncrypt,
	  (bcProcessBlockFcn)osDesDecrypt,
	  NULL, NULL,
	  sizeof(DES_key_schedule)
	},
	/* Triple DES EDE */
	{ kCCAlgorithm3DES, kCCBlockSize3DES, kCCKeySize3DES, kCCKeySize3DES, 
	  false,
	  (bcSetKeyFcn)osDes3Setkey,
	  NULL,
	  (bcProcessBlockFcn)osDes3Encrypt,
	  (bcProcessBlockFcn)osDes3Decrypt,
	  NULL, NULL,
	  sizeof(DES3_Schedule)
	},
	/* CAST */
	{ kCCAlgorithmCAST, kCCBlockSizeCAST, kCCKeySizeMinCAST, kCCKeySizeMaxCAST,
	  false,
	  (bcSetKeyFcn)cast_cc_set_key,
	  NULL,
	  (bcProcessBlockFcn)cast_cc_encrypt,
	  (bcProcessBlockFcn)cast_cc_decrypt,
	  NULL, NULL,
	  sizeof(CAST_KEY)
	},
	/* RC2 */
	{ kCCAlgorithmRC2, kCCBlockSizeRC2, kCCKeySizeMinRC2, kCCKeySizeMaxRC2,
	  false,
	  (bcSetKeyFcn)rc2_cc_set_key,
	  NULL,
	  (bcProcessBlockFcn)rc2_cc_encrypt,
	  (bcProcessBlockFcn)rc2_cc_decrypt,
	  NULL, NULL,
	  sizeof(RC2_Schedule)
	}
};
#define NUM_CC_ALG_INFOS	(sizeof(bcAlgInfos) / sizeof(bcAlgInfos[0]))

/* 
 * Runtime context. This follows CommonCryptor's CCCryptor struct, but
 * we don't need to know that here. 
 */
struct _CCBlockCipherContext {
	const CCAlgInfo		*algInfo;
	bcProcessBlockFcn	update;	
	bcProcessBlocksFcn	updateBlocks;	
	uint8_t				inBuf[CC_MAX_BLOCK_SIZE];		/* for buffering input */
	size_t				inBufSize;						/* valid bytes in inBuf */
	uint8_t				chainBuf[CC_MAX_BLOCK_SIZE];	/* for CBC */
	bool				encrypting;
	bool				pkcsPad;
	bool				cbc;					/* what caller asked for */
	bool				doCbc;					/* cbc & !algInfo->algDoesCbc */
	char				algCtx[1];				/* start of alg-specific context */
};
typedef struct _CCBlockCipherContext *CCBlockCipherContext;

#define MAC_BLOCK_SIZE	32

/* set IV per ctx->encrypting */
static void ccBlockCipherSetIV(
	CCBlockCipherContext ctx,
	const void *iv)
{
	uint8_t *buf;
	uint8_t blockSize;
	
	if(ctx->algInfo->algDoesCbc) {
		uint8_t nullIv[MAC_BLOCK_SIZE];
		
		if(iv == NULL) {
			/* NULL IV semantics does not apply at the CCAlgInfo layer */
			memset(nullIv, 0, sizeof(nullIv));
			iv = nullIv;
		}
		ctx->algInfo->setIv(ctx->algCtx, ctx->encrypting, iv);
		return;
	}
	
	/* IV ==> inBuf for encrypt, chainBuf for decrypt */
	blockSize = ctx->algInfo->blockSize;
	if(ctx->encrypting) {
		buf = ctx->inBuf;
	}
	else {
		buf = ctx->chainBuf;
	}
	
	/* actual IV is optional */
	if(iv == NULL) {
		memset(buf, 0, blockSize);
	}
	else {
		memmove(buf, iv, blockSize);
	}
}

/* locate CCAlgInfo for a given algorithm */
static const CCAlgInfo *ccBlockCipherFindAlgInfo(
	CCAlgorithm alg)
{
	const CCAlgInfo *algInfo = bcAlgInfos;
	unsigned dex;

	for(dex=0; dex<NUM_CC_ALG_INFOS; dex++) {
		if(algInfo->alg == alg) {
			return algInfo;
		}
		algInfo++;
	}
	return NULL;
}

/*
 * One-block encrypt/decrypt for algorithms that don't provide it 
 * themselves.
 */
static void ccBlockCipherProcessOneBlock(
	void *ctx,
	const void *blockIn,
	void *blockOut)
{
	/* The ctx we've been given is the algCtx; we need a CCBlockCipherContext...*/
	char *ourCtx = (char *)ctx - offsetof(struct _CCBlockCipherContext, algCtx);
	CCBlockCipherContext cryptCtx = (CCBlockCipherContext)ourCtx;
	cryptCtx->updateBlocks(ctx, blockIn, 1, blockOut);
}

/* service provider interface */

/* 
 * Determine SPI-specific context size, including algorithm-specific
 * context.
 */
static CCCryptorStatus CCBlockCipherContextSize(
	CCOperation op, 
	CCAlgorithm alg, 
	size_t *ctxSize)
{
	const CCAlgInfo *algInfo = ccBlockCipherFindAlgInfo(alg);
	
	if(algInfo == NULL) {
		return kCCParamError;
	}
	*ctxSize = offsetof(struct _CCBlockCipherContext, algCtx) + algInfo->ctxSize;
	return kCCSuccess;
}

static CCCryptorStatus CCBlockCipherInit(
	void *ctx,
	CCOperation op,			/* kCCEncrypt, kCCDecrypt */
	CCAlgorithm alg,		/* kCCAlgorithmDES, etc. */
	CCOptions options,		/* kCCOptionPKCS7Padding, etc. */
	const void *key,		/* raw key material */
	size_t keyLength,	
	const void *iv)			/* optional initialization vector */
{
	const CCAlgInfo *algInfo = ccBlockCipherFindAlgInfo(alg);
	CCBlockCipherContext cryptCtx = (CCBlockCipherContext)ctx;
	
	if((algInfo == NULL) || (key == NULL)) {
		return kCCParamError;
	}
	if((keyLength < algInfo->minKeySize) || 
	   (keyLength > algInfo->maxKeySize)) {
		return kCCParamError;
	}
	cryptCtx->algInfo = algInfo;
	switch(op) {
		case kCCEncrypt:
			cryptCtx->update = algInfo->encrypt;
			cryptCtx->updateBlocks = algInfo->encryptBlocks;
			cryptCtx->encrypting = true;
			break;
		case kCCDecrypt:
			cryptCtx->update = algInfo->decrypt;
			cryptCtx->updateBlocks = algInfo->decryptBlocks;
			cryptCtx->encrypting = false;
			break;
		default:
			return kCCParamError;
	}
	cryptCtx->pkcsPad = (options & kCCOptionPKCS7Padding) ? true : false;
	if(!(options & kCCOptionECBMode)) {
		cryptCtx->cbc = true;
		if(algInfo->algDoesCbc) {
			cryptCtx->doCbc = false;
		}
		else {
			cryptCtx->doCbc = true;
		}
	}
	else {
		cryptCtx->cbc = false;
		cryptCtx->doCbc = false;
	}
	cryptCtx->inBufSize = 0;
	
	/* perform key schedule */
	if(algInfo->setKey(cryptCtx->algCtx, key, keyLength, cryptCtx->encrypting)) {
		/* assume only error is bad key length */
		return kCCParamError;
	}
	/* then IV if necessary */
	if(cryptCtx->cbc) {
		ccBlockCipherSetIV(cryptCtx, iv);
	}
	return kCCSuccess;
}

static CCCryptorStatus CCBlockCipherRelease(
	void *ctx)
{
	CCBlockCipherContext cryptCtx = (CCBlockCipherContext)ctx;

	memset(cryptCtx, 0, 
		offsetof(struct _CCBlockCipherContext, algCtx) + cryptCtx->algInfo->ctxSize - 1);
	return kCCSuccess;
}

/* 
 * Update, arbitrary input size.
 * This always leaves data in ctx->inBuf if we're decrypting and 
 * padding is enabled. 
 */
static CCCryptorStatus CCBlockCipherUpdate(
	void *ctx,
	const void *dataIn,
	size_t dataInLen,
	void *dataOut,           /* data RETURNED here */
	size_t dataOutAvailable,
	size_t *dataOutMoved)		/* number of bytes written */
{
	CCBlockCipherContext cryptCtx = (CCBlockCipherContext)ctx;
	uint8_t		*uInp = (uint8_t *)dataIn;
	uint8_t		*uOutp = (uint8_t *)dataOut;
	size_t	 	uInSize = dataInLen;	// input bytes to go
	size_t 		uOutSize = 0;			// ouput bytes generated
	size_t		uOutLeft = dataOutAvailable;	// bytes remaining in outp
	size_t 		toMove;
	size_t		blocks;
	unsigned	i;
	bool		needLeftOver;
	const CCAlgInfo	*algInfo;
	size_t		blockSize;
	unsigned	leftOver;
	
	if((dataIn == NULL) || (dataOut == NULL) || (dataOutMoved == NULL)) {
		return kCCParamError;
	}
	needLeftOver = !cryptCtx->encrypting && cryptCtx->pkcsPad;
	algInfo = cryptCtx->algInfo;
	blockSize = algInfo->blockSize;
	
	/* 
	 * First make sure the caller has provided enough output buffer. 
	 * This routine only outputs complete blocks, and each output
	 * block requires a full block of input. 
	 */
	size_t totalInBytes = dataInLen + cryptCtx->inBufSize;	
	size_t totalBlocks = totalInBytes / blockSize;		/* truncated! */
	if(needLeftOver && (totalBlocks > 0)) {
		/* subtract one block that we keep for Final(), but only if 
		 * totalInBytes is well aligned - if it's not, we process
		 * the bufferred block */
		if((totalBlocks * blockSize) == totalInBytes) {
			totalBlocks--;
		}
	}
	size_t totalOutBytes = totalBlocks * blockSize;
	
	#if 0
	dprintf("dataInLen %lu inBufSize %lu totalBlocks %lu dataOutAvailable %lu\n",
		(unsigned long)dataInLen, (unsigned long)cryptCtx->inBufSize,
		(unsigned long)totalBlocks, (unsigned long)dataOutAvailable);
	#endif
	
	if(totalOutBytes > dataOutAvailable) {
		dprintf("CCBlockCipherUpdate: o/f encr %d totalOutBytes %lu dataOutAvailable %lu\n",
			cryptCtx->encrypting, totalOutBytes, dataOutAvailable);
		return kCCBufferTooSmall;
	}
	
	/* first deal with pending data */
	if(cryptCtx->inBufSize) {
		/* attempt to fill inBuf from inp */
		toMove = blockSize - cryptCtx->inBufSize;
		if(toMove > uInSize) {
			toMove = uInSize;
		}
		if(cryptCtx->encrypting && cryptCtx->doCbc) {
			/* xor into last cipherblock or IV */
			uint8_t *dst = &cryptCtx->inBuf[cryptCtx->inBufSize];
			for(i=0; i<toMove; i++) {
				*dst ^= *uInp++;
				dst++;
			}
		}
		else {
			/* use incoming data as is */
			memmove(cryptCtx->inBuf+cryptCtx->inBufSize, uInp, toMove);
			uInp += toMove;
		}
		uInSize             -= toMove;
		cryptCtx->inBufSize += toMove;
		
		/* 
		 * Process inBuf if it's full, but skip if no more data in uInp and
		 * inBuf might be needed for unpadding on decrypt.
		 */
		if((cryptCtx->inBufSize == blockSize) && !((uInSize == 0) && needLeftOver)) {
			if(uOutLeft < blockSize) {
				/* output overflow - shouldn't happen (we checked) */
				dprintf("kCCBufferTooSmall 3: uOutLeft %lu\n", 
					(unsigned long)uOutLeft);
				return kCCBufferTooSmall;
			}
			cryptCtx->update(cryptCtx->algCtx, cryptCtx->inBuf, uOutp);
			if(cryptCtx->doCbc) {
				if(cryptCtx->encrypting) {
					/* save ciphertext for chaining next block */
					memmove(cryptCtx->inBuf, uOutp, blockSize);
				}
				else {
					/* xor in last ciphertext */
					uint8_t *src = cryptCtx->chainBuf;
					for(i=0; i<blockSize; i++) {
						uOutp[i] ^= *src++;
					}
					/* save this ciphertext for next chain */
					memmove(cryptCtx->chainBuf, cryptCtx->inBuf, blockSize);
				}
			}
			uOutSize += blockSize;
			uOutp    += blockSize;
			uOutLeft -= blockSize;
			cryptCtx->inBufSize = 0;
		}
	}	/* processing inBuf */
	
	if(uInSize == 0) {
		/* done */
		*dataOutMoved = uOutSize;
		return kCCSuccess;
	}
	
	/* 
	 * en/decrypt even blocks in (remaining) inp.  
	 */
	leftOver = uInSize % blockSize;
	if((leftOver == 0) && needLeftOver) {
		/* 
		 * Even blocks coming in, but we really need to leave some data
		 * in the buffer because we're decrypting with PKCS padding). 
		 * Save one block for inBuf.
		 */
		leftOver = blockSize; 
	}
	toMove = uInSize - leftOver;
	blocks = toMove / blockSize;
	if(cryptCtx->updateBlocks && !cryptCtx->doCbc && (blocks != 0)) {
		/* optimized multi block processing */
		size_t thisMove = blocks * blockSize;
		cryptCtx->updateBlocks(cryptCtx->algCtx, uInp, blocks, uOutp);
		uOutSize += thisMove;
		uOutp    += thisMove;
		uInp	 += thisMove;
		uOutLeft -= thisMove;
		toMove   -= thisMove; 
	}
	else if(cryptCtx->encrypting) {
		/* encrypt a block at a time */
		while(toMove) {
			if(uOutLeft < blockSize) {
				/* output overflow - shouldn't happen (we checked) */
				dprintf("kCCBufferTooSmall 1: uOutLeft %lu\n", 
					(unsigned long)uOutLeft);
				return kCCBufferTooSmall;
			}
			if(!cryptCtx->doCbc) {
				/* encrypt directly from input to output */
				cryptCtx->update(cryptCtx->algCtx, uInp, uOutp);
			}
			else {
				/* xor into last ciphertext, encrypt the result */
				uint8_t *dst = cryptCtx->inBuf;
				for(i=0; i<blockSize; i++) {
					*dst ^= uInp[i];
					dst++;
				}
				cryptCtx->update(cryptCtx->algCtx, cryptCtx->inBuf, uOutp);
				
				/* save new ciphertext for next chain */
				memmove(cryptCtx->inBuf, uOutp, blockSize);
			}
			uOutSize += blockSize;
			uOutp    += blockSize;
			uInp	 += blockSize;
			uOutLeft -= blockSize;
			toMove   -= blockSize; 
		}	/* main encrypt loop */
	}	
	else {
		/* decrypt a block at a time */
		while(toMove) {
			if(uOutLeft < blockSize) {
				/* output overflow - we already checked */
				dprintf("kCCBufferTooSmall 2: uOutLeft %lu toMove %lu\n", 
					(unsigned long)uOutLeft, (unsigned long)toMove);
				return kCCBufferTooSmall;
			}
			if(cryptCtx->doCbc) {
				uint8_t *src = cryptCtx->chainBuf;
				
				/* save this ciphertext for chain; don't assume in != out */
				memmove(cryptCtx->inBuf, uInp, blockSize);
				cryptCtx->update(cryptCtx->algCtx, uInp, uOutp);
				
				/* chain in previous ciphertext */
				for(i=0; i<blockSize; i++) {
					uOutp[i] ^= *src++;
				}
				
				/* save current ciphertext for next block */
				memmove(cryptCtx->chainBuf, cryptCtx->inBuf, blockSize);
			}
			else {
				/* ECB */
				cryptCtx->update(cryptCtx->algCtx, uInp, uOutp);
			}
			uOutSize += blockSize;
			uOutp    += blockSize;
			uInp	 += blockSize;
			uOutLeft -= blockSize;
			toMove   -= blockSize; 
		}	/* main decrypt loop */
	}
	
	/* leftover bytes from inp --> inBuf */
	if(leftOver) {
		if(cryptCtx->encrypting && cryptCtx->doCbc) {
			/* xor into last cipherblock or IV */
			uint8_t *dst = cryptCtx->inBuf;
			for(i=0; i<leftOver; i++) {
				*dst ^= *uInp++;
				dst++;
			}
		}
		else {
			memmove(cryptCtx->inBuf, uInp, leftOver);
		}
	}
	cryptCtx->inBufSize = leftOver;
	*dataOutMoved = uOutSize;
	return kCCSuccess;
}

static CCCryptorStatus CCBlockCipherFinal(
   void *ctx,
   void *dataOut,           /* data RETURNED here */
	size_t dataOutAvailable,
	size_t *dataOutMoved)		/* number of bytes written */
{
	size_t			uOutSize = 0;			// ouput bytes generated
	size_t			actMoved;
	unsigned		i;
	const CCAlgInfo	*algInfo;
	size_t			blockSize;
	CCCryptorStatus	ourRtn = kCCSuccess;
	CCBlockCipherContext	cryptCtx = (CCBlockCipherContext)ctx;
	
	if((dataOut == NULL) || (dataOutMoved == NULL)) {
		return kCCParamError;
	}
	algInfo = cryptCtx->algInfo;
	blockSize = algInfo->blockSize;
	
	if(cryptCtx->encrypting) {
		/* 
		 * First ensure that the caller provided sufficient output
		 * buffer space. 
		 * If we have any bufferred input, or we are doing padding, 
		 * the output is exactly one block. Otherwise the output
		 * is zero.
		 */
		size_t required = 0;
		if((cryptCtx->inBufSize != 0) || (cryptCtx->pkcsPad)) {
			required = blockSize;
		}
		if(required > dataOutAvailable) {
			dprintf("CCBlockCipherFinal: o/f (1): required %lu dataOutAvailable %lu\n",
				required, dataOutAvailable);
			return kCCBufferTooSmall;
		}
		
		if(cryptCtx->pkcsPad) {
			/* 
			 * PKCS5/7 padding: pad byte = size of padding. 
			 */
			size_t padSize = blockSize - cryptCtx->inBufSize;
			uint8_t *padPtr  = cryptCtx->inBuf + cryptCtx->inBufSize;
			if(!cryptCtx->doCbc) {
				for(i=0; i<padSize; i++) {
					*padPtr++ = padSize;
				}
			}
			else {
				for(i=0; i<padSize; i++) {
					*padPtr++ ^= padSize;
				}
			}
			cryptCtx->inBufSize = blockSize;
		}	/* PKCS padding */
		
		/*
		 * Encrypt final inBuf. Abort if not full (meaning, padding 
		 * is disabled and caller gave us unaligned plaintext).
		 */
		if(cryptCtx->inBufSize) {
			if(cryptCtx->inBufSize != blockSize) {
				ourRtn = kCCParamError;
				goto errOut;
			}
			cryptCtx->update(cryptCtx->algCtx, cryptCtx->inBuf, dataOut);
			uOutSize += blockSize;
			cryptCtx->inBufSize = 0;
		}
		*dataOutMoved = uOutSize;
	}	/* encrypting */
	
	else {
		if(cryptCtx->inBufSize == 0) {
			if(cryptCtx->pkcsPad) {
				/* we must have never gotten a block's worth of ciphertext */
				ourRtn = kCCParamError;
				goto errOut;
			}
			else {
				/* simple decrypt op complete */
				*dataOutMoved = 0;
				goto errOut;
			}
		}
		
		/*
		 * Decrypt - must have exactly one block of ciphertext.
		 */
		if(cryptCtx->inBufSize != blockSize) {
			ourRtn = kCCParamError;
			goto errOut;
		}
		if(dataOutAvailable < blockSize) {
			dprintf("CCBlockCipherFinal: o/f (2): dataOutAvailable %lu\n", 
				(unsigned long)dataOutAvailable);
			return kCCBufferTooSmall;
		}

		cryptCtx->update(cryptCtx->algCtx, cryptCtx->inBuf, dataOut);
		if(cryptCtx->doCbc) {
			/* chain in previous ciphertext one more time */
			uint8_t *src = cryptCtx->chainBuf;
			uint8_t *dst = dataOut;
			for(i=0; i<blockSize; i++) {
				*dst ^= *src++;
				dst++;
			}
		}
		actMoved = blockSize;
		if(cryptCtx->pkcsPad) {
			/* ensure integrity of padding byte(s) */
			unsigned char *cp = (unsigned char *)dataOut;
			unsigned padSize = cp[blockSize - 1];
			if(padSize > blockSize) {
				/* result of garbled ciphertext or wrong key */
				ourRtn = kCCDecodeError;
				goto errOut;
			}
			uint8_t *padPtr = cp + blockSize - padSize;
			unsigned i;
			for(i=0; i<padSize; i++) {
				if(*padPtr++ != padSize) {
					ourRtn = kCCDecodeError;
					goto errOut;
				}
			}
			actMoved -= padSize;
		}
		*dataOutMoved = actMoved;
	}	/* decrypting */
	
errOut:
	return ourRtn;
}

static CCCryptorStatus CCBlockCipherReset(
	void *ctx,
	const void *iv)
{
	CCBlockCipherContext cryptCtx = (CCBlockCipherContext)ctx;

	if(cryptCtx->cbc) {
		ccBlockCipherSetIV(cryptCtx, iv);
	}
	cryptCtx->inBufSize = 0;
	return kCCSuccess;
}

/* normal OutputSize */
static size_t CCBlockCipherOutputSize(
	void *ctx, size_t inputLength, bool final)
{
	CCBlockCipherContext cryptCtx = (CCBlockCipherContext)ctx;
	
	size_t blockSize = cryptCtx->algInfo->blockSize;
	size_t totalInBytes = inputLength + cryptCtx->inBufSize;	
	size_t blocks = totalInBytes / blockSize;		/* truncated! */
	
	if(final && cryptCtx->encrypting && cryptCtx->pkcsPad) {
		/* one extra block for padding as appropriate */
		blocks++;
	}
	
	/* 
	 * Note we ignore the needLeftOver corner case calculated in Update();
	 * we just take outputSize := inputSize, in full blocks.
	 */
	return blocks * blockSize;
}

/* one-shot output size */
static CCCryptorStatus CCBlockCipherOneShotSize(
	CCOperation op,
	CCAlgorithm alg,
	CCOptions options,
	size_t inputLen,
	size_t *outputLen)
{
	const CCAlgInfo *algInfo = ccBlockCipherFindAlgInfo(alg);
	size_t totalBlocks;	
	size_t blockSize;

	if(algInfo == NULL) {
		return kCCParamError;
	}
	blockSize = algInfo->blockSize;
	totalBlocks = (inputLen + blockSize - 1) / blockSize;
	if((op == kCCEncrypt) && (options & kCCOptionPKCS7Padding)) {
		if((totalBlocks * blockSize) == inputLen) {
			/* encrypting, padding, well-aligned input: add another block */
			totalBlocks++;
		}
	}
	*outputLen = totalBlocks * blockSize;
	return kCCSuccess;
}

/* 
 * Callouts used by CommonCryptor.
 */
const CCCryptSpiCallouts ccBlockCipherCallouts = 
{
	CCBlockCipherContextSize,
	CCBlockCipherInit,
	CCBlockCipherRelease,
	CCBlockCipherUpdate,
	CCBlockCipherFinal,
	CCBlockCipherReset,
	CCBlockCipherOutputSize,
	CCBlockCipherOneShotSize
};

Added Source/BlockCipher.h.































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
/* 
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/* 
 * BlockCipher.h - CommonCryptor SPI interface for block ciphers.
 */

#ifndef	_CC_BLOCK_CIPHER_
#define	_CC_BLOCK_CIPHER_

#include "CommonCryptorPriv.h"

#ifdef __cplusplus
extern "C" {
#endif

/*
 * CommonCryptor access all of our functionality through these callouts. 
 */
extern const CCCryptSpiCallouts ccBlockCipherCallouts;

#ifdef __cplusplus
}
#endif

#endif	/* _CC_BLOCK_CIPHER_ */

Added Source/CAST/c_ecb.c.







































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
/* crypto/cast/c_ecb.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <CommonCrypto/cast.h>
#include "cast_lcl.h"

#ifndef	_APPLE_COMMON_CRYPTO_
#include <openssl/opensslv.h>

const char *CAST_version="CAST" OPENSSL_VERSION_PTEXT;
#endif	/* _APPLE_COMMON_CRYPTO_ */

void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
		      CAST_KEY *ks, int enc)
	{
	CAST_LONG l,d[2];

	n2l(in,l); d[0]=l;
	n2l(in,l); d[1]=l;
	if (enc)
		CAST_encrypt(d,ks);
	else
		CAST_decrypt(d,ks);
	l=d[0]; l2n(l,out);
	l=d[1]; l2n(l,out);
	l=d[0]=d[1]=0;
	}

Added Source/CAST/c_enc.c.





































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
/* crypto/cast/c_enc.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <CommonCrypto/cast.h>
#include "cast_lcl.h"

void CAST_encrypt(CAST_LONG *data, CAST_KEY *key)
	{
	register CAST_LONG l,r,*k,t;

	k= &(key->data[0]);
	l=data[0];
	r=data[1];

	E_CAST( 0,k,l,r,+,^,-);
	E_CAST( 1,k,r,l,^,-,+);
	E_CAST( 2,k,l,r,-,+,^);
	E_CAST( 3,k,r,l,+,^,-);
	E_CAST( 4,k,l,r,^,-,+);
	E_CAST( 5,k,r,l,-,+,^);
	E_CAST( 6,k,l,r,+,^,-);
	E_CAST( 7,k,r,l,^,-,+);
	E_CAST( 8,k,l,r,-,+,^);
	E_CAST( 9,k,r,l,+,^,-);
	E_CAST(10,k,l,r,^,-,+);
	E_CAST(11,k,r,l,-,+,^);
	if(!key->short_key)
	    {
	    E_CAST(12,k,l,r,+,^,-);
	    E_CAST(13,k,r,l,^,-,+);
	    E_CAST(14,k,l,r,-,+,^);
	    E_CAST(15,k,r,l,+,^,-);
	    }

	data[1]=l&0xffffffffL;
	data[0]=r&0xffffffffL;
	}

void CAST_decrypt(CAST_LONG *data, CAST_KEY *key)
	{
	register CAST_LONG l,r,*k,t;

	k= &(key->data[0]);
	l=data[0];
	r=data[1];

	if(!key->short_key)
	    {
	    E_CAST(15,k,l,r,+,^,-);
	    E_CAST(14,k,r,l,-,+,^);
	    E_CAST(13,k,l,r,^,-,+);
	    E_CAST(12,k,r,l,+,^,-);
	    }
	E_CAST(11,k,l,r,-,+,^);
	E_CAST(10,k,r,l,^,-,+);
	E_CAST( 9,k,l,r,+,^,-);
	E_CAST( 8,k,r,l,-,+,^);
	E_CAST( 7,k,l,r,^,-,+);
	E_CAST( 6,k,r,l,+,^,-);
	E_CAST( 5,k,l,r,-,+,^);
	E_CAST( 4,k,r,l,^,-,+);
	E_CAST( 3,k,l,r,+,^,-);
	E_CAST( 2,k,r,l,-,+,^);
	E_CAST( 1,k,l,r,^,-,+);
	E_CAST( 0,k,r,l,+,^,-);

	data[1]=l&0xffffffffL;
	data[0]=r&0xffffffffL;
	}

#ifndef	_APPLE_COMMON_CRYPTO_
/* CBC logic not needed here */
void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
	     CAST_KEY *ks, unsigned char *iv, int enc)
	{
	register CAST_LONG tin0,tin1;
	register CAST_LONG tout0,tout1,xor0,xor1;
	register long l=length;
	CAST_LONG tin[2];

	if (enc)
		{
		n2l(iv,tout0);
		n2l(iv,tout1);
		iv-=8;
		for (l-=8; l>=0; l-=8)
			{
			n2l(in,tin0);
			n2l(in,tin1);
			tin0^=tout0;
			tin1^=tout1;
			tin[0]=tin0;
			tin[1]=tin1;
			CAST_encrypt(tin,ks);
			tout0=tin[0];
			tout1=tin[1];
			l2n(tout0,out);
			l2n(tout1,out);
			}
		if (l != -8)
			{
			n2ln(in,tin0,tin1,l+8);
			tin0^=tout0;
			tin1^=tout1;
			tin[0]=tin0;
			tin[1]=tin1;
			CAST_encrypt(tin,ks);
			tout0=tin[0];
			tout1=tin[1];
			l2n(tout0,out);
			l2n(tout1,out);
			}
		l2n(tout0,iv);
		l2n(tout1,iv);
		}
	else
		{
		n2l(iv,xor0);
		n2l(iv,xor1);
		iv-=8;
		for (l-=8; l>=0; l-=8)
			{
			n2l(in,tin0);
			n2l(in,tin1);
			tin[0]=tin0;
			tin[1]=tin1;
			CAST_decrypt(tin,ks);
			tout0=tin[0]^xor0;
			tout1=tin[1]^xor1;
			l2n(tout0,out);
			l2n(tout1,out);
			xor0=tin0;
			xor1=tin1;
			}
		if (l != -8)
			{
			n2l(in,tin0);
			n2l(in,tin1);
			tin[0]=tin0;
			tin[1]=tin1;
			CAST_decrypt(tin,ks);
			tout0=tin[0]^xor0;
			tout1=tin[1]^xor1;
			l2nn(tout0,tout1,out,l+8);
			xor0=tin0;
			xor1=tin1;
			}
		l2n(xor0,iv);
		l2n(xor1,iv);
		}
	tin0=tin1=tout0=tout1=xor0=xor1=0;
	tin[0]=tin[1]=0;
	}

#endif	/* _APPLE_COMMON_CRYPTO_ */

Added Source/CAST/c_skey.c.













































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
/* crypto/cast/c_skey.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <CommonCrypto/cast.h>
#include "cast_lcl.h"
#include "cast_s.h"

#define CAST_exp(l,A,a,n) \
	A[n/4]=l; \
	a[n+3]=(l    )&0xff; \
	a[n+2]=(l>> 8)&0xff; \
	a[n+1]=(l>>16)&0xff; \
	a[n+0]=(l>>24)&0xff;

#define S4 CAST_S_table4
#define S5 CAST_S_table5
#define S6 CAST_S_table6
#define S7 CAST_S_table7

void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
	{
	CAST_LONG x[16];
	CAST_LONG z[16];
	CAST_LONG k[32];
	CAST_LONG X[4],Z[4];
	CAST_LONG l,*K;
	int i;

	for (i=0; i<16; i++) x[i]=0;
	if (len > 16) len=16;
	for (i=0; i<len; i++)
		x[i]=data[i];
	if(len <= 10)
	    key->short_key=1;
	else
	    key->short_key=0;

	K= &k[0];
	X[0]=((x[ 0]<<24)|(x[ 1]<<16)|(x[ 2]<<8)|x[ 3])&0xffffffffL;
	X[1]=((x[ 4]<<24)|(x[ 5]<<16)|(x[ 6]<<8)|x[ 7])&0xffffffffL;
	X[2]=((x[ 8]<<24)|(x[ 9]<<16)|(x[10]<<8)|x[11])&0xffffffffL;
	X[3]=((x[12]<<24)|(x[13]<<16)|(x[14]<<8)|x[15])&0xffffffffL;

	for (;;)
		{
	l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
	CAST_exp(l,Z,z, 0);
	l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
	CAST_exp(l,Z,z, 4);
	l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
	CAST_exp(l,Z,z, 8);
	l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
	CAST_exp(l,Z,z,12);

	K[ 0]= S4[z[ 8]]^S5[z[ 9]]^S6[z[ 7]]^S7[z[ 6]]^S4[z[ 2]];
	K[ 1]= S4[z[10]]^S5[z[11]]^S6[z[ 5]]^S7[z[ 4]]^S5[z[ 6]];
	K[ 2]= S4[z[12]]^S5[z[13]]^S6[z[ 3]]^S7[z[ 2]]^S6[z[ 9]];
	K[ 3]= S4[z[14]]^S5[z[15]]^S6[z[ 1]]^S7[z[ 0]]^S7[z[12]];

	l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
	CAST_exp(l,X,x, 0);
	l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
	CAST_exp(l,X,x, 4);
	l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
	CAST_exp(l,X,x, 8);
	l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
	CAST_exp(l,X,x,12);

	K[ 4]= S4[x[ 3]]^S5[x[ 2]]^S6[x[12]]^S7[x[13]]^S4[x[ 8]];
	K[ 5]= S4[x[ 1]]^S5[x[ 0]]^S6[x[14]]^S7[x[15]]^S5[x[13]];
	K[ 6]= S4[x[ 7]]^S5[x[ 6]]^S6[x[ 8]]^S7[x[ 9]]^S6[x[ 3]];
	K[ 7]= S4[x[ 5]]^S5[x[ 4]]^S6[x[10]]^S7[x[11]]^S7[x[ 7]];

	l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
	CAST_exp(l,Z,z, 0);
	l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
	CAST_exp(l,Z,z, 4);
	l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
	CAST_exp(l,Z,z, 8);
	l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
	CAST_exp(l,Z,z,12);

	K[ 8]= S4[z[ 3]]^S5[z[ 2]]^S6[z[12]]^S7[z[13]]^S4[z[ 9]];
	K[ 9]= S4[z[ 1]]^S5[z[ 0]]^S6[z[14]]^S7[z[15]]^S5[z[12]];
	K[10]= S4[z[ 7]]^S5[z[ 6]]^S6[z[ 8]]^S7[z[ 9]]^S6[z[ 2]];
	K[11]= S4[z[ 5]]^S5[z[ 4]]^S6[z[10]]^S7[z[11]]^S7[z[ 6]];

	l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
	CAST_exp(l,X,x, 0);
	l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
	CAST_exp(l,X,x, 4);
	l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
	CAST_exp(l,X,x, 8);
	l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
	CAST_exp(l,X,x,12);

	K[12]= S4[x[ 8]]^S5[x[ 9]]^S6[x[ 7]]^S7[x[ 6]]^S4[x[ 3]];
	K[13]= S4[x[10]]^S5[x[11]]^S6[x[ 5]]^S7[x[ 4]]^S5[x[ 7]];
	K[14]= S4[x[12]]^S5[x[13]]^S6[x[ 3]]^S7[x[ 2]]^S6[x[ 8]];
	K[15]= S4[x[14]]^S5[x[15]]^S6[x[ 1]]^S7[x[ 0]]^S7[x[13]];
	if (K != k)  break;
	K+=16;
		}

	for (i=0; i<16; i++)
		{
		key->data[i*2]=k[i];
		key->data[i*2+1]=((k[i+16])+16)&0x1f;
		}
	}

Added Source/CAST/cast_lcl.h.





































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
/* crypto/cast/cast_lcl.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#ifdef WIN32
#include <stdlib.h>
#endif

#include <CommonCrypto/CommonCryptoPriv.h>

#define OPENSSL_EXTERN	extern
//#include "openssl/e_os.h" /* OPENSSL_EXTERN */

#undef c2l
#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
			 l|=((unsigned long)(*((c)++)))<< 8L, \
			 l|=((unsigned long)(*((c)++)))<<16L, \
			 l|=((unsigned long)(*((c)++)))<<24L)

/* NOTE - c is not incremented as per c2l */
#undef c2ln
#define c2ln(c,l1,l2,n)	{ \
			c+=n; \
			l1=l2=0; \
			switch (n) { \
			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
			case 5: l2|=((unsigned long)(*(--(c))));     \
			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
			case 1: l1|=((unsigned long)(*(--(c))));     \
				} \
			}

#undef l2c
#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))

/* NOTE - c is not incremented as per l2c */
#undef l2cn
#define l2cn(l1,l2,c,n)	{ \
			c+=n; \
			switch (n) { \
			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
				} \
			}

/* NOTE - c is not incremented as per n2l */
#define n2ln(c,l1,l2,n)	{ \
			c+=n; \
			l1=l2=0; \
			switch (n) { \
			case 8: l2 =((unsigned long)(*(--(c))))    ; \
			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
			case 4: l1 =((unsigned long)(*(--(c))))    ; \
			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
				} \
			}

/* NOTE - c is not incremented as per l2n */
#define l2nn(l1,l2,c,n)	{ \
			c+=n; \
			switch (n) { \
			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
				} \
			}

#undef n2l
#if	defined(__GNUC__) && defined(__ppc__)
/* alignment tolerant big-endian optimization */
	#define n2l(c,l)	{ l= *((unsigned long *)c); c += 4; }
#else
/* little endian, etc. */
	#define n2l(c,l)	(l =((unsigned long)(*((c)++)))<<24L, \
                         l|=((unsigned long)(*((c)++)))<<16L, \
                         l|=((unsigned long)(*((c)++)))<< 8L, \
                         l|=((unsigned long)(*((c)++))))
#endif

#undef l2n
#if	defined(__GNUC__) && defined(__ppc__)
	/* alignment tolerant big-endian optimization */
	#define l2n(l,c)	{ *((unsigned long *)c) = l; c += 4; }
#else
	/* little endian, etc. */
	#define l2n(l,c)    (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
                         *((c)++)=(unsigned char)(((l)     )&0xff))
						 
#endif	/* GNU, big endian */

#if defined(WIN32) && defined(_MSC_VER)
#define ROTL(a,n)     (_lrotl(a,n))
#else
#define ROTL(a,n)     ((((a)<<(n))&0xffffffffL)|((a)>>(32-(n))))
#endif

#define C_M    0x3fc
#define C_0    22L
#define C_1    14L
#define C_2     6L
#define C_3     2L /* left shift */

/* The rotate has an extra 16 added to it to help the x86 asm */
#if defined(CAST_PTR)
#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
	{ \
	int i; \
	t=(key[n*2] OP1 R)&0xffffffffL; \
	i=key[n*2+1]; \
	t=ROTL(t,i); \
	L^= (((((*(CAST_LONG *)((unsigned char *) \
			CAST_S_table0+((t>>C_2)&C_M)) OP2 \
		*(CAST_LONG *)((unsigned char *) \
			CAST_S_table1+((t<<C_3)&C_M)))&0xffffffffL) OP3 \
		*(CAST_LONG *)((unsigned char *) \
			CAST_S_table2+((t>>C_0)&C_M)))&0xffffffffL) OP1 \
		*(CAST_LONG *)((unsigned char *) \
			CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \
	}
#elif defined(CAST_PTR2)
#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
	{ \
	int i; \
	CAST_LONG u,v,w; \
	w=(key[n*2] OP1 R)&0xffffffffL; \
	i=key[n*2+1]; \
	w=ROTL(w,i); \
	u=w>>C_2; \
	v=w<<C_3; \
	u&=C_M; \
	v&=C_M; \
	t= *(CAST_LONG *)((unsigned char *)CAST_S_table0+u); \
	u=w>>C_0; \
	t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\
	v=w>>C_1; \
	u&=C_M; \
	v&=C_M; \
	t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\
	t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\
	L^=(t&0xffffffff); \
	}
#else
#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
	{ \
	CAST_LONG a,b,c,d; \
	t=(key[n*2] OP1 R)&0xffffffff; \
	t=ROTL(t,(key[n*2+1])); \
	a=CAST_S_table0[(t>> 8)&0xff]; \
	b=CAST_S_table1[(t    )&0xff]; \
	c=CAST_S_table2[(t>>24)&0xff]; \
	d=CAST_S_table3[(t>>16)&0xff]; \
	L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \
	}
#endif

#ifdef	_APPLE_COMMON_CRYPTO_
/* CommonCrypto defines */
#define OPENSSL_GLOBAL
/* 
 * These rename this tables to avoid symbols collision between libSystem 
 * and libcrypto.
 */
#define CAST_S_table0	CC_CAST_S_table0
#define CAST_S_table1	CC_CAST_S_table1
#define CAST_S_table2	CC_CAST_S_table2
#define CAST_S_table3	CC_CAST_S_table3
#define CAST_S_table4	CC_CAST_S_table4
#define CAST_S_table5	CC_CAST_S_table5
#define CAST_S_table6	CC_CAST_S_table6
#define CAST_S_table7	CC_CAST_S_table7
#endif	/* _APPLE_COMMON_CRYPTO_ */

OPENSSL_EXTERN const CAST_LONG CAST_S_table0[256];
OPENSSL_EXTERN const CAST_LONG CAST_S_table1[256];
OPENSSL_EXTERN const CAST_LONG CAST_S_table2[256];
OPENSSL_EXTERN const CAST_LONG CAST_S_table3[256];
OPENSSL_EXTERN const CAST_LONG CAST_S_table4[256];
OPENSSL_EXTERN const CAST_LONG CAST_S_table5[256];
OPENSSL_EXTERN const CAST_LONG CAST_S_table6[256];
OPENSSL_EXTERN const CAST_LONG CAST_S_table7[256];

Added Source/CAST/cast_s.h.





















































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
/* crypto/cast/cast_s.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

OPENSSL_GLOBAL const CAST_LONG CAST_S_table0[256]={
	0x30fb40d4,0x9fa0ff0b,0x6beccd2f,0x3f258c7a,
	0x1e213f2f,0x9c004dd3,0x6003e540,0xcf9fc949,
	0xbfd4af27,0x88bbbdb5,0xe2034090,0x98d09675,
	0x6e63a0e0,0x15c361d2,0xc2e7661d,0x22d4ff8e,
	0x28683b6f,0xc07fd059,0xff2379c8,0x775f50e2,
	0x43c340d3,0xdf2f8656,0x887ca41a,0xa2d2bd2d,
	0xa1c9e0d6,0x346c4819,0x61b76d87,0x22540f2f,
	0x2abe32e1,0xaa54166b,0x22568e3a,0xa2d341d0,
	0x66db40c8,0xa784392f,0x004dff2f,0x2db9d2de,
	0x97943fac,0x4a97c1d8,0x527644b7,0xb5f437a7,
	0xb82cbaef,0xd751d159,0x6ff7f0ed,0x5a097a1f,
	0x827b68d0,0x90ecf52e,0x22b0c054,0xbc8e5935,
	0x4b6d2f7f,0x50bb64a2,0xd2664910,0xbee5812d,
	0xb7332290,0xe93b159f,0xb48ee411,0x4bff345d,
	0xfd45c240,0xad31973f,0xc4f6d02e,0x55fc8165,
	0xd5b1caad,0xa1ac2dae,0xa2d4b76d,0xc19b0c50,
	0x882240f2,0x0c6e4f38,0xa4e4bfd7,0x4f5ba272,
	0x564c1d2f,0xc59c5319,0xb949e354,0xb04669fe,
	0xb1b6ab8a,0xc71358dd,0x6385c545,0x110f935d,
	0x57538ad5,0x6a390493,0xe63d37e0,0x2a54f6b3,
	0x3a787d5f,0x6276a0b5,0x19a6fcdf,0x7a42206a,
	0x29f9d4d5,0xf61b1891,0xbb72275e,0xaa508167,
	0x38901091,0xc6b505eb,0x84c7cb8c,0x2ad75a0f,
	0x874a1427,0xa2d1936b,0x2ad286af,0xaa56d291,
	0xd7894360,0x425c750d,0x93b39e26,0x187184c9,
	0x6c00b32d,0x73e2bb14,0xa0bebc3c,0x54623779,
	0x64459eab,0x3f328b82,0x7718cf82,0x59a2cea6,
	0x04ee002e,0x89fe78e6,0x3fab0950,0x325ff6c2,
	0x81383f05,0x6963c5c8,0x76cb5ad6,0xd49974c9,
	0xca180dcf,0x380782d5,0xc7fa5cf6,0x8ac31511,
	0x35e79e13,0x47da91d0,0xf40f9086,0xa7e2419e,
	0x31366241,0x051ef495,0xaa573b04,0x4a805d8d,
	0x548300d0,0x00322a3c,0xbf64cddf,0xba57a68e,
	0x75c6372b,0x50afd341,0xa7c13275,0x915a0bf5,
	0x6b54bfab,0x2b0b1426,0xab4cc9d7,0x449ccd82,
	0xf7fbf265,0xab85c5f3,0x1b55db94,0xaad4e324,
	0xcfa4bd3f,0x2deaa3e2,0x9e204d02,0xc8bd25ac,
	0xeadf55b3,0xd5bd9e98,0xe31231b2,0x2ad5ad6c,
	0x954329de,0xadbe4528,0xd8710f69,0xaa51c90f,
	0xaa786bf6,0x22513f1e,0xaa51a79b,0x2ad344cc,
	0x7b5a41f0,0xd37cfbad,0x1b069505,0x41ece491,
	0xb4c332e6,0x032268d4,0xc9600acc,0xce387e6d,
	0xbf6bb16c,0x6a70fb78,0x0d03d9c9,0xd4df39de,
	0xe01063da,0x4736f464,0x5ad328d8,0xb347cc96,
	0x75bb0fc3,0x98511bfb,0x4ffbcc35,0xb58bcf6a,
	0xe11f0abc,0xbfc5fe4a,0xa70aec10,0xac39570a,
	0x3f04442f,0x6188b153,0xe0397a2e,0x5727cb79,
	0x9ceb418f,0x1cacd68d,0x2ad37c96,0x0175cb9d,
	0xc69dff09,0xc75b65f0,0xd9db40d8,0xec0e7779,
	0x4744ead4,0xb11c3274,0xdd24cb9e,0x7e1c54bd,
	0xf01144f9,0xd2240eb1,0x9675b3fd,0xa3ac3755,
	0xd47c27af,0x51c85f4d,0x56907596,0xa5bb15e6,
	0x580304f0,0xca042cf1,0x011a37ea,0x8dbfaadb,
	0x35ba3e4a,0x3526ffa0,0xc37b4d09,0xbc306ed9,
	0x98a52666,0x5648f725,0xff5e569d,0x0ced63d0,
	0x7c63b2cf,0x700b45e1,0xd5ea50f1,0x85a92872,
	0xaf1fbda7,0xd4234870,0xa7870bf3,0x2d3b4d79,
	0x42e04198,0x0cd0ede7,0x26470db8,0xf881814c,
	0x474d6ad7,0x7c0c5e5c,0xd1231959,0x381b7298,
	0xf5d2f4db,0xab838653,0x6e2f1e23,0x83719c9e,
	0xbd91e046,0x9a56456e,0xdc39200c,0x20c8c571,
	0x962bda1c,0xe1e696ff,0xb141ab08,0x7cca89b9,
	0x1a69e783,0x02cc4843,0xa2f7c579,0x429ef47d,
	0x427b169c,0x5ac9f049,0xdd8f0f00,0x5c8165bf,
	};
OPENSSL_GLOBAL const CAST_LONG CAST_S_table1[256]={
	0x1f201094,0xef0ba75b,0x69e3cf7e,0x393f4380,
	0xfe61cf7a,0xeec5207a,0x55889c94,0x72fc0651,
	0xada7ef79,0x4e1d7235,0xd55a63ce,0xde0436ba,
	0x99c430ef,0x5f0c0794,0x18dcdb7d,0xa1d6eff3,
	0xa0b52f7b,0x59e83605,0xee15b094,0xe9ffd909,
	0xdc440086,0xef944459,0xba83ccb3,0xe0c3cdfb,
	0xd1da4181,0x3b092ab1,0xf997f1c1,0xa5e6cf7b,
	0x01420ddb,0xe4e7ef5b,0x25a1ff41,0xe180f806,
	0x1fc41080,0x179bee7a,0xd37ac6a9,0xfe5830a4,
	0x98de8b7f,0x77e83f4e,0x79929269,0x24fa9f7b,
	0xe113c85b,0xacc40083,0xd7503525,0xf7ea615f,
	0x62143154,0x0d554b63,0x5d681121,0xc866c359,
	0x3d63cf73,0xcee234c0,0xd4d87e87,0x5c672b21,
	0x071f6181,0x39f7627f,0x361e3084,0xe4eb573b,
	0x602f64a4,0xd63acd9c,0x1bbc4635,0x9e81032d,
	0x2701f50c,0x99847ab4,0xa0e3df79,0xba6cf38c,
	0x10843094,0x2537a95e,0xf46f6ffe,0xa1ff3b1f,
	0x208cfb6a,0x8f458c74,0xd9e0a227,0x4ec73a34,
	0xfc884f69,0x3e4de8df,0xef0e0088,0x3559648d,
	0x8a45388c,0x1d804366,0x721d9bfd,0xa58684bb,
	0xe8256333,0x844e8212,0x128d8098,0xfed33fb4,
	0xce280ae1,0x27e19ba5,0xd5a6c252,0xe49754bd,
	0xc5d655dd,0xeb667064,0x77840b4d,0xa1b6a801,
	0x84db26a9,0xe0b56714,0x21f043b7,0xe5d05860,
	0x54f03084,0x066ff472,0xa31aa153,0xdadc4755,
	0xb5625dbf,0x68561be6,0x83ca6b94,0x2d6ed23b,
	0xeccf01db,0xa6d3d0ba,0xb6803d5c,0xaf77a709,
	0x33b4a34c,0x397bc8d6,0x5ee22b95,0x5f0e5304,
	0x81ed6f61,0x20e74364,0xb45e1378,0xde18639b,
	0x881ca122,0xb96726d1,0x8049a7e8,0x22b7da7b,
	0x5e552d25,0x5272d237,0x79d2951c,0xc60d894c,
	0x488cb402,0x1ba4fe5b,0xa4b09f6b,0x1ca815cf,
	0xa20c3005,0x8871df63,0xb9de2fcb,0x0cc6c9e9,
	0x0beeff53,0xe3214517,0xb4542835,0x9f63293c,
	0xee41e729,0x6e1d2d7c,0x50045286,0x1e6685f3,
	0xf33401c6,0x30a22c95,0x31a70850,0x60930f13,
	0x73f98417,0xa1269859,0xec645c44,0x52c877a9,
	0xcdff33a6,0xa02b1741,0x7cbad9a2,0x2180036f,
	0x50d99c08,0xcb3f4861,0xc26bd765,0x64a3f6ab,
	0x80342676,0x25a75e7b,0xe4e6d1fc,0x20c710e6,
	0xcdf0b680,0x17844d3b,0x31eef84d,0x7e0824e4,
	0x2ccb49eb,0x846a3bae,0x8ff77888,0xee5d60f6,
	0x7af75673,0x2fdd5cdb,0xa11631c1,0x30f66f43,
	0xb3faec54,0x157fd7fa,0xef8579cc,0xd152de58,
	0xdb2ffd5e,0x8f32ce19,0x306af97a,0x02f03ef8,
	0x99319ad5,0xc242fa0f,0xa7e3ebb0,0xc68e4906,
	0xb8da230c,0x80823028,0xdcdef3c8,0xd35fb171,
	0x088a1bc8,0xbec0c560,0x61a3c9e8,0xbca8f54d,
	0xc72feffa,0x22822e99,0x82c570b4,0xd8d94e89,
	0x8b1c34bc,0x301e16e6,0x273be979,0xb0ffeaa6,
	0x61d9b8c6,0x00b24869,0xb7ffce3f,0x08dc283b,
	0x43daf65a,0xf7e19798,0x7619b72f,0x8f1c9ba4,
	0xdc8637a0,0x16a7d3b1,0x9fc393b7,0xa7136eeb,
	0xc6bcc63e,0x1a513742,0xef6828bc,0x520365d6,
	0x2d6a77ab,0x3527ed4b,0x821fd216,0x095c6e2e,
	0xdb92f2fb,0x5eea29cb,0x145892f5,0x91584f7f,
	0x5483697b,0x2667a8cc,0x85196048,0x8c4bacea,
	0x833860d4,0x0d23e0f9,0x6c387e8a,0x0ae6d249,
	0xb284600c,0xd835731d,0xdcb1c647,0xac4c56ea,
	0x3ebd81b3,0x230eabb0,0x6438bc87,0xf0b5b1fa,
	0x8f5ea2b3,0xfc184642,0x0a036b7a,0x4fb089bd,
	0x649da589,0xa345415e,0x5c038323,0x3e5d3bb9,
	0x43d79572,0x7e6dd07c,0x06dfdf1e,0x6c6cc4ef,
	0x7160a539,0x73bfbe70,0x83877605,0x4523ecf1,
	};
OPENSSL_GLOBAL const CAST_LONG CAST_S_table2[256]={
	0x8defc240,0x25fa5d9f,0xeb903dbf,0xe810c907,
	0x47607fff,0x369fe44b,0x8c1fc644,0xaececa90,
	0xbeb1f9bf,0xeefbcaea,0xe8cf1950,0x51df07ae,
	0x920e8806,0xf0ad0548,0xe13c8d83,0x927010d5,
	0x11107d9f,0x07647db9,0xb2e3e4d4,0x3d4f285e,
	0xb9afa820,0xfade82e0,0xa067268b,0x8272792e,
	0x553fb2c0,0x489ae22b,0xd4ef9794,0x125e3fbc,
	0x21fffcee,0x825b1bfd,0x9255c5ed,0x1257a240,
	0x4e1a8302,0xbae07fff,0x528246e7,0x8e57140e,
	0x3373f7bf,0x8c9f8188,0xa6fc4ee8,0xc982b5a5,
	0xa8c01db7,0x579fc264,0x67094f31,0xf2bd3f5f,
	0x40fff7c1,0x1fb78dfc,0x8e6bd2c1,0x437be59b,
	0x99b03dbf,0xb5dbc64b,0x638dc0e6,0x55819d99,
	0xa197c81c,0x4a012d6e,0xc5884a28,0xccc36f71,
	0xb843c213,0x6c0743f1,0x8309893c,0x0feddd5f,
	0x2f7fe850,0xd7c07f7e,0x02507fbf,0x5afb9a04,
	0xa747d2d0,0x1651192e,0xaf70bf3e,0x58c31380,
	0x5f98302e,0x727cc3c4,0x0a0fb402,0x0f7fef82,
	0x8c96fdad,0x5d2c2aae,0x8ee99a49,0x50da88b8,
	0x8427f4a0,0x1eac5790,0x796fb449,0x8252dc15,
	0xefbd7d9b,0xa672597d,0xada840d8,0x45f54504,
	0xfa5d7403,0xe83ec305,0x4f91751a,0x925669c2,
	0x23efe941,0xa903f12e,0x60270df2,0x0276e4b6,
	0x94fd6574,0x927985b2,0x8276dbcb,0x02778176,
	0xf8af918d,0x4e48f79e,0x8f616ddf,0xe29d840e,
	0x842f7d83,0x340ce5c8,0x96bbb682,0x93b4b148,
	0xef303cab,0x984faf28,0x779faf9b,0x92dc560d,
	0x224d1e20,0x8437aa88,0x7d29dc96,0x2756d3dc,
	0x8b907cee,0xb51fd240,0xe7c07ce3,0xe566b4a1,
	0xc3e9615e,0x3cf8209d,0x6094d1e3,0xcd9ca341,
	0x5c76460e,0x00ea983b,0xd4d67881,0xfd47572c,
	0xf76cedd9,0xbda8229c,0x127dadaa,0x438a074e,
	0x1f97c090,0x081bdb8a,0x93a07ebe,0xb938ca15,
	0x97b03cff,0x3dc2c0f8,0x8d1ab2ec,0x64380e51,
	0x68cc7bfb,0xd90f2788,0x12490181,0x5de5ffd4,
	0xdd7ef86a,0x76a2e214,0xb9a40368,0x925d958f,
	0x4b39fffa,0xba39aee9,0xa4ffd30b,0xfaf7933b,
	0x6d498623,0x193cbcfa,0x27627545,0x825cf47a,
	0x61bd8ba0,0xd11e42d1,0xcead04f4,0x127ea392,
	0x10428db7,0x8272a972,0x9270c4a8,0x127de50b,
	0x285ba1c8,0x3c62f44f,0x35c0eaa5,0xe805d231,
	0x428929fb,0xb4fcdf82,0x4fb66a53,0x0e7dc15b,
	0x1f081fab,0x108618ae,0xfcfd086d,0xf9ff2889,
	0x694bcc11,0x236a5cae,0x12deca4d,0x2c3f8cc5,
	0xd2d02dfe,0xf8ef5896,0xe4cf52da,0x95155b67,
	0x494a488c,0xb9b6a80c,0x5c8f82bc,0x89d36b45,
	0x3a609437,0xec00c9a9,0x44715253,0x0a874b49,
	0xd773bc40,0x7c34671c,0x02717ef6,0x4feb5536,
	0xa2d02fff,0xd2bf60c4,0xd43f03c0,0x50b4ef6d,
	0x07478cd1,0x006e1888,0xa2e53f55,0xb9e6d4bc,
	0xa2048016,0x97573833,0xd7207d67,0xde0f8f3d,
	0x72f87b33,0xabcc4f33,0x7688c55d,0x7b00a6b0,
	0x947b0001,0x570075d2,0xf9bb88f8,0x8942019e,
	0x4264a5ff,0x856302e0,0x72dbd92b,0xee971b69,
	0x6ea22fde,0x5f08ae2b,0xaf7a616d,0xe5c98767,
	0xcf1febd2,0x61efc8c2,0xf1ac2571,0xcc8239c2,
	0x67214cb8,0xb1e583d1,0xb7dc3e62,0x7f10bdce,
	0xf90a5c38,0x0ff0443d,0x606e6dc6,0x60543a49,
	0x5727c148,0x2be98a1d,0x8ab41738,0x20e1be24,
	0xaf96da0f,0x68458425,0x99833be5,0x600d457d,
	0x282f9350,0x8334b362,0xd91d1120,0x2b6d8da0,
	0x642b1e31,0x9c305a00,0x52bce688,0x1b03588a,
	0xf7baefd5,0x4142ed9c,0xa4315c11,0x83323ec5,
	0xdfef4636,0xa133c501,0xe9d3531c,0xee353783,
	};
OPENSSL_GLOBAL const CAST_LONG CAST_S_table3[256]={
	0x9db30420,0x1fb6e9de,0xa7be7bef,0xd273a298,
	0x4a4f7bdb,0x64ad8c57,0x85510443,0xfa020ed1,
	0x7e287aff,0xe60fb663,0x095f35a1,0x79ebf120,
	0xfd059d43,0x6497b7b1,0xf3641f63,0x241e4adf,
	0x28147f5f,0x4fa2b8cd,0xc9430040,0x0cc32220,
	0xfdd30b30,0xc0a5374f,0x1d2d00d9,0x24147b15,
	0xee4d111a,0x0fca5167,0x71ff904c,0x2d195ffe,
	0x1a05645f,0x0c13fefe,0x081b08ca,0x05170121,
	0x80530100,0xe83e5efe,0xac9af4f8,0x7fe72701,
	0xd2b8ee5f,0x06df4261,0xbb9e9b8a,0x7293ea25,
	0xce84ffdf,0xf5718801,0x3dd64b04,0xa26f263b,
	0x7ed48400,0x547eebe6,0x446d4ca0,0x6cf3d6f5,
	0x2649abdf,0xaea0c7f5,0x36338cc1,0x503f7e93,
	0xd3772061,0x11b638e1,0x72500e03,0xf80eb2bb,
	0xabe0502e,0xec8d77de,0x57971e81,0xe14f6746,
	0xc9335400,0x6920318f,0x081dbb99,0xffc304a5,
	0x4d351805,0x7f3d5ce3,0xa6c866c6,0x5d5bcca9,
	0xdaec6fea,0x9f926f91,0x9f46222f,0x3991467d,
	0xa5bf6d8e,0x1143c44f,0x43958302,0xd0214eeb,
	0x022083b8,0x3fb6180c,0x18f8931e,0x281658e6,
	0x26486e3e,0x8bd78a70,0x7477e4c1,0xb506e07c,
	0xf32d0a25,0x79098b02,0xe4eabb81,0x28123b23,
	0x69dead38,0x1574ca16,0xdf871b62,0x211c40b7,
	0xa51a9ef9,0x0014377b,0x041e8ac8,0x09114003,
	0xbd59e4d2,0xe3d156d5,0x4fe876d5,0x2f91a340,
	0x557be8de,0x00eae4a7,0x0ce5c2ec,0x4db4bba6,
	0xe756bdff,0xdd3369ac,0xec17b035,0x06572327,
	0x99afc8b0,0x56c8c391,0x6b65811c,0x5e146119,
	0x6e85cb75,0xbe07c002,0xc2325577,0x893ff4ec,
	0x5bbfc92d,0xd0ec3b25,0xb7801ab7,0x8d6d3b24,
	0x20c763ef,0xc366a5fc,0x9c382880,0x0ace3205,
	0xaac9548a,0xeca1d7c7,0x041afa32,0x1d16625a,
	0x6701902c,0x9b757a54,0x31d477f7,0x9126b031,
	0x36cc6fdb,0xc70b8b46,0xd9e66a48,0x56e55a79,
	0x026a4ceb,0x52437eff,0x2f8f76b4,0x0df980a5,
	0x8674cde3,0xedda04eb,0x17a9be04,0x2c18f4df,
	0xb7747f9d,0xab2af7b4,0xefc34d20,0x2e096b7c,
	0x1741a254,0xe5b6a035,0x213d42f6,0x2c1c7c26,
	0x61c2f50f,0x6552daf9,0xd2c231f8,0x25130f69,
	0xd8167fa2,0x0418f2c8,0x001a96a6,0x0d1526ab,
	0x63315c21,0x5e0a72ec,0x49bafefd,0x187908d9,
	0x8d0dbd86,0x311170a7,0x3e9b640c,0xcc3e10d7,
	0xd5cad3b6,0x0caec388,0xf73001e1,0x6c728aff,
	0x71eae2a1,0x1f9af36e,0xcfcbd12f,0xc1de8417,
	0xac07be6b,0xcb44a1d8,0x8b9b0f56,0x013988c3,
	0xb1c52fca,0xb4be31cd,0xd8782806,0x12a3a4e2,
	0x6f7de532,0x58fd7eb6,0xd01ee900,0x24adffc2,
	0xf4990fc5,0x9711aac5,0x001d7b95,0x82e5e7d2,
	0x109873f6,0x00613096,0xc32d9521,0xada121ff,
	0x29908415,0x7fbb977f,0xaf9eb3db,0x29c9ed2a,
	0x5ce2a465,0xa730f32c,0xd0aa3fe8,0x8a5cc091,
	0xd49e2ce7,0x0ce454a9,0xd60acd86,0x015f1919,
	0x77079103,0xdea03af6,0x78a8565e,0xdee356df,
	0x21f05cbe,0x8b75e387,0xb3c50651,0xb8a5c3ef,
	0xd8eeb6d2,0xe523be77,0xc2154529,0x2f69efdf,
	0xafe67afb,0xf470c4b2,0xf3e0eb5b,0xd6cc9876,
	0x39e4460c,0x1fda8538,0x1987832f,0xca007367,
	0xa99144f8,0x296b299e,0x492fc295,0x9266beab,
	0xb5676e69,0x9bd3ddda,0xdf7e052f,0xdb25701c,
	0x1b5e51ee,0xf65324e6,0x6afce36c,0x0316cc04,
	0x8644213e,0xb7dc59d0,0x7965291f,0xccd6fd43,
	0x41823979,0x932bcdf6,0xb657c34d,0x4edfd282,
	0x7ae5290c,0x3cb9536b,0x851e20fe,0x9833557e,
	0x13ecf0b0,0xd3ffb372,0x3f85c5c1,0x0aef7ed2,
	};
OPENSSL_GLOBAL const CAST_LONG CAST_S_table4[256]={
	0x7ec90c04,0x2c6e74b9,0x9b0e66df,0xa6337911,
	0xb86a7fff,0x1dd358f5,0x44dd9d44,0x1731167f,
	0x08fbf1fa,0xe7f511cc,0xd2051b00,0x735aba00,
	0x2ab722d8,0x386381cb,0xacf6243a,0x69befd7a,
	0xe6a2e77f,0xf0c720cd,0xc4494816,0xccf5c180,
	0x38851640,0x15b0a848,0xe68b18cb,0x4caadeff,
	0x5f480a01,0x0412b2aa,0x259814fc,0x41d0efe2,
	0x4e40b48d,0x248eb6fb,0x8dba1cfe,0x41a99b02,
	0x1a550a04,0xba8f65cb,0x7251f4e7,0x95a51725,
	0xc106ecd7,0x97a5980a,0xc539b9aa,0x4d79fe6a,
	0xf2f3f763,0x68af8040,0xed0c9e56,0x11b4958b,
	0xe1eb5a88,0x8709e6b0,0xd7e07156,0x4e29fea7,
	0x6366e52d,0x02d1c000,0xc4ac8e05,0x9377f571,
	0x0c05372a,0x578535f2,0x2261be02,0xd642a0c9,
	0xdf13a280,0x74b55bd2,0x682199c0,0xd421e5ec,
	0x53fb3ce8,0xc8adedb3,0x28a87fc9,0x3d959981,
	0x5c1ff900,0xfe38d399,0x0c4eff0b,0x062407ea,
	0xaa2f4fb1,0x4fb96976,0x90c79505,0xb0a8a774,
	0xef55a1ff,0xe59ca2c2,0xa6b62d27,0xe66a4263,
	0xdf65001f,0x0ec50966,0xdfdd55bc,0x29de0655,
	0x911e739a,0x17af8975,0x32c7911c,0x89f89468,
	0x0d01e980,0x524755f4,0x03b63cc9,0x0cc844b2,
	0xbcf3f0aa,0x87ac36e9,0xe53a7426,0x01b3d82b,
	0x1a9e7449,0x64ee2d7e,0xcddbb1da,0x01c94910,
	0xb868bf80,0x0d26f3fd,0x9342ede7,0x04a5c284,
	0x636737b6,0x50f5b616,0xf24766e3,0x8eca36c1,
	0x136e05db,0xfef18391,0xfb887a37,0xd6e7f7d4,
	0xc7fb7dc9,0x3063fcdf,0xb6f589de,0xec2941da,
	0x26e46695,0xb7566419,0xf654efc5,0xd08d58b7,
	0x48925401,0xc1bacb7f,0xe5ff550f,0xb6083049,
	0x5bb5d0e8,0x87d72e5a,0xab6a6ee1,0x223a66ce,
	0xc62bf3cd,0x9e0885f9,0x68cb3e47,0x086c010f,
	0xa21de820,0xd18b69de,0xf3f65777,0xfa02c3f6,
	0x407edac3,0xcbb3d550,0x1793084d,0xb0d70eba,
	0x0ab378d5,0xd951fb0c,0xded7da56,0x4124bbe4,
	0x94ca0b56,0x0f5755d1,0xe0e1e56e,0x6184b5be,
	0x580a249f,0x94f74bc0,0xe327888e,0x9f7b5561,
	0xc3dc0280,0x05687715,0x646c6bd7,0x44904db3,
	0x66b4f0a3,0xc0f1648a,0x697ed5af,0x49e92ff6,
	0x309e374f,0x2cb6356a,0x85808573,0x4991f840,
	0x76f0ae02,0x083be84d,0x28421c9a,0x44489406,
	0x736e4cb8,0xc1092910,0x8bc95fc6,0x7d869cf4,
	0x134f616f,0x2e77118d,0xb31b2be1,0xaa90b472,
	0x3ca5d717,0x7d161bba,0x9cad9010,0xaf462ba2,
	0x9fe459d2,0x45d34559,0xd9f2da13,0xdbc65487,
	0xf3e4f94e,0x176d486f,0x097c13ea,0x631da5c7,
	0x445f7382,0x175683f4,0xcdc66a97,0x70be0288,
	0xb3cdcf72,0x6e5dd2f3,0x20936079,0x459b80a5,
	0xbe60e2db,0xa9c23101,0xeba5315c,0x224e42f2,
	0x1c5c1572,0xf6721b2c,0x1ad2fff3,0x8c25404e,
	0x324ed72f,0x4067b7fd,0x0523138e,0x5ca3bc78,
	0xdc0fd66e,0x75922283,0x784d6b17,0x58ebb16e,
	0x44094f85,0x3f481d87,0xfcfeae7b,0x77b5ff76,
	0x8c2302bf,0xaaf47556,0x5f46b02a,0x2b092801,
	0x3d38f5f7,0x0ca81f36,0x52af4a8a,0x66d5e7c0,
	0xdf3b0874,0x95055110,0x1b5ad7a8,0xf61ed5ad,
	0x6cf6e479,0x20758184,0xd0cefa65,0x88f7be58,
	0x4a046826,0x0ff6f8f3,0xa09c7f70,0x5346aba0,
	0x5ce96c28,0xe176eda3,0x6bac307f,0x376829d2,
	0x85360fa9,0x17e3fe2a,0x24b79767,0xf5a96b20,
	0xd6cd2595,0x68ff1ebf,0x7555442c,0xf19f06be,
	0xf9e0659a,0xeeb9491d,0x34010718,0xbb30cab8,
	0xe822fe15,0x88570983,0x750e6249,0xda627e55,
	0x5e76ffa8,0xb1534546,0x6d47de08,0xefe9e7d4,
	};
OPENSSL_GLOBAL const CAST_LONG CAST_S_table5[256]={
	0xf6fa8f9d,0x2cac6ce1,0x4ca34867,0xe2337f7c,
	0x95db08e7,0x016843b4,0xeced5cbc,0x325553ac,
	0xbf9f0960,0xdfa1e2ed,0x83f0579d,0x63ed86b9,
	0x1ab6a6b8,0xde5ebe39,0xf38ff732,0x8989b138,
	0x33f14961,0xc01937bd,0xf506c6da,0xe4625e7e,
	0xa308ea99,0x4e23e33c,0x79cbd7cc,0x48a14367,
	0xa3149619,0xfec94bd5,0xa114174a,0xeaa01866,
	0xa084db2d,0x09a8486f,0xa888614a,0x2900af98,
	0x01665991,0xe1992863,0xc8f30c60,0x2e78ef3c,
	0xd0d51932,0xcf0fec14,0xf7ca07d2,0xd0a82072,
	0xfd41197e,0x9305a6b0,0xe86be3da,0x74bed3cd,
	0x372da53c,0x4c7f4448,0xdab5d440,0x6dba0ec3,
	0x083919a7,0x9fbaeed9,0x49dbcfb0,0x4e670c53,
	0x5c3d9c01,0x64bdb941,0x2c0e636a,0xba7dd9cd,
	0xea6f7388,0xe70bc762,0x35f29adb,0x5c4cdd8d,
	0xf0d48d8c,0xb88153e2,0x08a19866,0x1ae2eac8,
	0x284caf89,0xaa928223,0x9334be53,0x3b3a21bf,
	0x16434be3,0x9aea3906,0xefe8c36e,0xf890cdd9,
	0x80226dae,0xc340a4a3,0xdf7e9c09,0xa694a807,
	0x5b7c5ecc,0x221db3a6,0x9a69a02f,0x68818a54,
	0xceb2296f,0x53c0843a,0xfe893655,0x25bfe68a,
	0xb4628abc,0xcf222ebf,0x25ac6f48,0xa9a99387,
	0x53bddb65,0xe76ffbe7,0xe967fd78,0x0ba93563,
	0x8e342bc1,0xe8a11be9,0x4980740d,0xc8087dfc,
	0x8de4bf99,0xa11101a0,0x7fd37975,0xda5a26c0,
	0xe81f994f,0x9528cd89,0xfd339fed,0xb87834bf,
	0x5f04456d,0x22258698,0xc9c4c83b,0x2dc156be,
	0x4f628daa,0x57f55ec5,0xe2220abe,0xd2916ebf,
	0x4ec75b95,0x24f2c3c0,0x42d15d99,0xcd0d7fa0,
	0x7b6e27ff,0xa8dc8af0,0x7345c106,0xf41e232f,
	0x35162386,0xe6ea8926,0x3333b094,0x157ec6f2,
	0x372b74af,0x692573e4,0xe9a9d848,0xf3160289,
	0x3a62ef1d,0xa787e238,0xf3a5f676,0x74364853,
	0x20951063,0x4576698d,0xb6fad407,0x592af950,
	0x36f73523,0x4cfb6e87,0x7da4cec0,0x6c152daa,
	0xcb0396a8,0xc50dfe5d,0xfcd707ab,0x0921c42f,
	0x89dff0bb,0x5fe2be78,0x448f4f33,0x754613c9,
	0x2b05d08d,0x48b9d585,0xdc049441,0xc8098f9b,
	0x7dede786,0xc39a3373,0x42410005,0x6a091751,
	0x0ef3c8a6,0x890072d6,0x28207682,0xa9a9f7be,
	0xbf32679d,0xd45b5b75,0xb353fd00,0xcbb0e358,
	0x830f220a,0x1f8fb214,0xd372cf08,0xcc3c4a13,
	0x8cf63166,0x061c87be,0x88c98f88,0x6062e397,
	0x47cf8e7a,0xb6c85283,0x3cc2acfb,0x3fc06976,
	0x4e8f0252,0x64d8314d,0xda3870e3,0x1e665459,
	0xc10908f0,0x513021a5,0x6c5b68b7,0x822f8aa0,
	0x3007cd3e,0x74719eef,0xdc872681,0x073340d4,
	0x7e432fd9,0x0c5ec241,0x8809286c,0xf592d891,
	0x08a930f6,0x957ef305,0xb7fbffbd,0xc266e96f,
	0x6fe4ac98,0xb173ecc0,0xbc60b42a,0x953498da,
	0xfba1ae12,0x2d4bd736,0x0f25faab,0xa4f3fceb,
	0xe2969123,0x257f0c3d,0x9348af49,0x361400bc,
	0xe8816f4a,0x3814f200,0xa3f94043,0x9c7a54c2,
	0xbc704f57,0xda41e7f9,0xc25ad33a,0x54f4a084,
	0xb17f5505,0x59357cbe,0xedbd15c8,0x7f97c5ab,
	0xba5ac7b5,0xb6f6deaf,0x3a479c3a,0x5302da25,
	0x653d7e6a,0x54268d49,0x51a477ea,0x5017d55b,
	0xd7d25d88,0x44136c76,0x0404a8c8,0xb8e5a121,
	0xb81a928a,0x60ed5869,0x97c55b96,0xeaec991b,
	0x29935913,0x01fdb7f1,0x088e8dfa,0x9ab6f6f5,
	0x3b4cbf9f,0x4a5de3ab,0xe6051d35,0xa0e1d855,
	0xd36b4cf1,0xf544edeb,0xb0e93524,0xbebb8fbd,
	0xa2d762cf,0x49c92f54,0x38b5f331,0x7128a454,
	0x48392905,0xa65b1db8,0x851c97bd,0xd675cf2f,
	};
OPENSSL_GLOBAL const CAST_LONG CAST_S_table6[256]={
	0x85e04019,0x332bf567,0x662dbfff,0xcfc65693,
	0x2a8d7f6f,0xab9bc912,0xde6008a1,0x2028da1f,
	0x0227bce7,0x4d642916,0x18fac300,0x50f18b82,
	0x2cb2cb11,0xb232e75c,0x4b3695f2,0xb28707de,
	0xa05fbcf6,0xcd4181e9,0xe150210c,0xe24ef1bd,
	0xb168c381,0xfde4e789,0x5c79b0d8,0x1e8bfd43,
	0x4d495001,0x38be4341,0x913cee1d,0x92a79c3f,
	0x089766be,0xbaeeadf4,0x1286becf,0xb6eacb19,
	0x2660c200,0x7565bde4,0x64241f7a,0x8248dca9,
	0xc3b3ad66,0x28136086,0x0bd8dfa8,0x356d1cf2,
	0x107789be,0xb3b2e9ce,0x0502aa8f,0x0bc0351e,
	0x166bf52a,0xeb12ff82,0xe3486911,0xd34d7516,
	0x4e7b3aff,0x5f43671b,0x9cf6e037,0x4981ac83,
	0x334266ce,0x8c9341b7,0xd0d854c0,0xcb3a6c88,
	0x47bc2829,0x4725ba37,0xa66ad22b,0x7ad61f1e,
	0x0c5cbafa,0x4437f107,0xb6e79962,0x42d2d816,
	0x0a961288,0xe1a5c06e,0x13749e67,0x72fc081a,
	0xb1d139f7,0xf9583745,0xcf19df58,0xbec3f756,
	0xc06eba30,0x07211b24,0x45c28829,0xc95e317f,
	0xbc8ec511,0x38bc46e9,0xc6e6fa14,0xbae8584a,
	0xad4ebc46,0x468f508b,0x7829435f,0xf124183b,
	0x821dba9f,0xaff60ff4,0xea2c4e6d,0x16e39264,
	0x92544a8b,0x009b4fc3,0xaba68ced,0x9ac96f78,
	0x06a5b79a,0xb2856e6e,0x1aec3ca9,0xbe838688,
	0x0e0804e9,0x55f1be56,0xe7e5363b,0xb3a1f25d,
	0xf7debb85,0x61fe033c,0x16746233,0x3c034c28,
	0xda6d0c74,0x79aac56c,0x3ce4e1ad,0x51f0c802,
	0x98f8f35a,0x1626a49f,0xeed82b29,0x1d382fe3,
	0x0c4fb99a,0xbb325778,0x3ec6d97b,0x6e77a6a9,
	0xcb658b5c,0xd45230c7,0x2bd1408b,0x60c03eb7,
	0xb9068d78,0xa33754f4,0xf430c87d,0xc8a71302,
	0xb96d8c32,0xebd4e7be,0xbe8b9d2d,0x7979fb06,
	0xe7225308,0x8b75cf77,0x11ef8da4,0xe083c858,
	0x8d6b786f,0x5a6317a6,0xfa5cf7a0,0x5dda0033,
	0xf28ebfb0,0xf5b9c310,0xa0eac280,0x08b9767a,
	0xa3d9d2b0,0x79d34217,0x021a718d,0x9ac6336a,
	0x2711fd60,0x438050e3,0x069908a8,0x3d7fedc4,
	0x826d2bef,0x4eeb8476,0x488dcf25,0x36c9d566,
	0x28e74e41,0xc2610aca,0x3d49a9cf,0xbae3b9df,
	0xb65f8de6,0x92aeaf64,0x3ac7d5e6,0x9ea80509,
	0xf22b017d,0xa4173f70,0xdd1e16c3,0x15e0d7f9,
	0x50b1b887,0x2b9f4fd5,0x625aba82,0x6a017962,
	0x2ec01b9c,0x15488aa9,0xd716e740,0x40055a2c,
	0x93d29a22,0xe32dbf9a,0x058745b9,0x3453dc1e,
	0xd699296e,0x496cff6f,0x1c9f4986,0xdfe2ed07,
	0xb87242d1,0x19de7eae,0x053e561a,0x15ad6f8c,
	0x66626c1c,0x7154c24c,0xea082b2a,0x93eb2939,
	0x17dcb0f0,0x58d4f2ae,0x9ea294fb,0x52cf564c,
	0x9883fe66,0x2ec40581,0x763953c3,0x01d6692e,
	0xd3a0c108,0xa1e7160e,0xe4f2dfa6,0x693ed285,
	0x74904698,0x4c2b0edd,0x4f757656,0x5d393378,
	0xa132234f,0x3d321c5d,0xc3f5e194,0x4b269301,
	0xc79f022f,0x3c997e7e,0x5e4f9504,0x3ffafbbd,
	0x76f7ad0e,0x296693f4,0x3d1fce6f,0xc61e45be,
	0xd3b5ab34,0xf72bf9b7,0x1b0434c0,0x4e72b567,
	0x5592a33d,0xb5229301,0xcfd2a87f,0x60aeb767,
	0x1814386b,0x30bcc33d,0x38a0c07d,0xfd1606f2,
	0xc363519b,0x589dd390,0x5479f8e6,0x1cb8d647,
	0x97fd61a9,0xea7759f4,0x2d57539d,0x569a58cf,
	0xe84e63ad,0x462e1b78,0x6580f87e,0xf3817914,
	0x91da55f4,0x40a230f3,0xd1988f35,0xb6e318d2,
	0x3ffa50bc,0x3d40f021,0xc3c0bdae,0x4958c24c,
	0x518f36b2,0x84b1d370,0x0fedce83,0x878ddada,
	0xf2a279c7,0x94e01be8,0x90716f4b,0x954b8aa3,
	};
OPENSSL_GLOBAL const CAST_LONG CAST_S_table7[256]={
	0xe216300d,0xbbddfffc,0xa7ebdabd,0x35648095,
	0x7789f8b7,0xe6c1121b,0x0e241600,0x052ce8b5,
	0x11a9cfb0,0xe5952f11,0xece7990a,0x9386d174,
	0x2a42931c,0x76e38111,0xb12def3a,0x37ddddfc,
	0xde9adeb1,0x0a0cc32c,0xbe197029,0x84a00940,
	0xbb243a0f,0xb4d137cf,0xb44e79f0,0x049eedfd,
	0x0b15a15d,0x480d3168,0x8bbbde5a,0x669ded42,
	0xc7ece831,0x3f8f95e7,0x72df191b,0x7580330d,
	0x94074251,0x5c7dcdfa,0xabbe6d63,0xaa402164,
	0xb301d40a,0x02e7d1ca,0x53571dae,0x7a3182a2,
	0x12a8ddec,0xfdaa335d,0x176f43e8,0x71fb46d4,
	0x38129022,0xce949ad4,0xb84769ad,0x965bd862,
	0x82f3d055,0x66fb9767,0x15b80b4e,0x1d5b47a0,
	0x4cfde06f,0xc28ec4b8,0x57e8726e,0x647a78fc,
	0x99865d44,0x608bd593,0x6c200e03,0x39dc5ff6,
	0x5d0b00a3,0xae63aff2,0x7e8bd632,0x70108c0c,
	0xbbd35049,0x2998df04,0x980cf42a,0x9b6df491,
	0x9e7edd53,0x06918548,0x58cb7e07,0x3b74ef2e,
	0x522fffb1,0xd24708cc,0x1c7e27cd,0xa4eb215b,
	0x3cf1d2e2,0x19b47a38,0x424f7618,0x35856039,
	0x9d17dee7,0x27eb35e6,0xc9aff67b,0x36baf5b8,
	0x09c467cd,0xc18910b1,0xe11dbf7b,0x06cd1af8,
	0x7170c608,0x2d5e3354,0xd4de495a,0x64c6d006,
	0xbcc0c62c,0x3dd00db3,0x708f8f34,0x77d51b42,
	0x264f620f,0x24b8d2bf,0x15c1b79e,0x46a52564,
	0xf8d7e54e,0x3e378160,0x7895cda5,0x859c15a5,
	0xe6459788,0xc37bc75f,0xdb07ba0c,0x0676a3ab,
	0x7f229b1e,0x31842e7b,0x24259fd7,0xf8bef472,
	0x835ffcb8,0x6df4c1f2,0x96f5b195,0xfd0af0fc,
	0xb0fe134c,0xe2506d3d,0x4f9b12ea,0xf215f225,
	0xa223736f,0x9fb4c428,0x25d04979,0x34c713f8,
	0xc4618187,0xea7a6e98,0x7cd16efc,0x1436876c,
	0xf1544107,0xbedeee14,0x56e9af27,0xa04aa441,
	0x3cf7c899,0x92ecbae6,0xdd67016d,0x151682eb,
	0xa842eedf,0xfdba60b4,0xf1907b75,0x20e3030f,
	0x24d8c29e,0xe139673b,0xefa63fb8,0x71873054,
	0xb6f2cf3b,0x9f326442,0xcb15a4cc,0xb01a4504,
	0xf1e47d8d,0x844a1be5,0xbae7dfdc,0x42cbda70,
	0xcd7dae0a,0x57e85b7a,0xd53f5af6,0x20cf4d8c,
	0xcea4d428,0x79d130a4,0x3486ebfb,0x33d3cddc,
	0x77853b53,0x37effcb5,0xc5068778,0xe580b3e6,
	0x4e68b8f4,0xc5c8b37e,0x0d809ea2,0x398feb7c,
	0x132a4f94,0x43b7950e,0x2fee7d1c,0x223613bd,
	0xdd06caa2,0x37df932b,0xc4248289,0xacf3ebc3,
	0x5715f6b7,0xef3478dd,0xf267616f,0xc148cbe4,
	0x9052815e,0x5e410fab,0xb48a2465,0x2eda7fa4,
	0xe87b40e4,0xe98ea084,0x5889e9e1,0xefd390fc,
	0xdd07d35b,0xdb485694,0x38d7e5b2,0x57720101,
	0x730edebc,0x5b643113,0x94917e4f,0x503c2fba,
	0x646f1282,0x7523d24a,0xe0779695,0xf9c17a8f,
	0x7a5b2121,0xd187b896,0x29263a4d,0xba510cdf,
	0x81f47c9f,0xad1163ed,0xea7b5965,0x1a00726e,
	0x11403092,0x00da6d77,0x4a0cdd61,0xad1f4603,
	0x605bdfb0,0x9eedc364,0x22ebe6a8,0xcee7d28a,
	0xa0e736a0,0x5564a6b9,0x10853209,0xc7eb8f37,
	0x2de705ca,0x8951570f,0xdf09822b,0xbd691a6c,
	0xaa12e4f2,0x87451c0f,0xe0f6a27a,0x3ada4819,
	0x4cf1764f,0x0d771c2b,0x67cdb156,0x350d8384,
	0x5938fa0f,0x42399ef3,0x36997b07,0x0e84093d,
	0x4aa93e61,0x8360d87b,0x1fa98b0c,0x1149382c,
	0xe97625a5,0x0614d1b7,0x0e25244b,0x0c768347,
	0x589e8d82,0x0d2059d1,0xa466bb1e,0xf8da0a82,
	0x04f19130,0xba6e4ec0,0x99265164,0x1ee7230d,
	0x50b2ad80,0xeaee6801,0x8db2a283,0xea8bf59e,
	};

Added Source/CAST/ccCast.c.













































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
/* 
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/*
 * ccCAST.c - shim between openssl-based CAST and CommonEncryption.
 *
 * Created 3/30/06 by Doug Mitchell. 
 */

#include <CommonCrypto/ccCast.h>
#include <sys/types.h>

int cast_cc_set_key(
	CAST_KEY *cx, 
	const void *rawKey, 
	size_t keyLength,
	int forEncrypt)
{
	CAST_set_key(cx, keyLength, rawKey);
	return 0;
}

void cast_cc_encrypt(CAST_KEY *cx, const void *blockIn, void *blockOut)
{
	CAST_ecb_encrypt((const unsigned char *)blockIn, (unsigned char *)blockOut,
		cx, CAST_ENCRYPT);
}

void cast_cc_decrypt(CAST_KEY *cx, const void *blockIn, void *blockOut)
{
	CAST_ecb_encrypt((const unsigned char *)blockIn, (unsigned char *)blockOut,
		cx, CAST_DECRYPT);
}

Added Source/CommonCrypto/CommonCryptoPriv.h.











































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
/* 
 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/*
 * CommonCryptoPriv.h - private typedefs and defines for ComonCrypto 
 */
 
#ifndef	_COMMON_CRYPTO_PRIV_H_
#define _COMMON_CRYPTO_PRIV_H_

/*
 * All CommomCrypto-specific mods to the various open source implementations
 * in this package are flagged with this symbol.
 */
#define _APPLE_COMMON_CRYPTO_

#endif	/* _COMMON_CRYPTO_PRIV_H_ */

Added Source/CommonCrypto/aes.h.



























































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
/*
 ---------------------------------------------------------------------------
 Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.   All rights reserved.

 LICENSE TERMS

 The free distribution and use of this software in both source and binary
 form is allowed (with or without changes) provided that:

   1. distributions of this source code include the above copyright
      notice, this list of conditions and the following disclaimer;

   2. distributions in binary form include the above copyright
      notice, this list of conditions and the following disclaimer
      in the documentation and/or other associated materials;

   3. the copyright holder's name is not used to endorse products
      built using this software without specific written permission.

 ALTERNATIVELY, provided that this notice is retained in full, this product
 may be distributed under the terms of the GNU General Public License (GPL),
 in which case the provisions of the GPL apply INSTEAD OF those given above.

 DISCLAIMER

 This software is provided 'as is' with no explicit or implied warranties
 in respect of its properties, including, but not limited to, correctness
 and/or fitness for purpose.
 ---------------------------------------------------------------------------
 Issue 28/01/2004

 This file contains the definitions required to use AES in C. See aesopt.h
 for optimisation details.
*/

#if !defined( _CC_AES_H_ )
#define _CC_AES_H_

// Generate nothing if this file has been included in an assembly language file.
#if !__ASSEMBLER__

#include <CommonCrypto/CommonCryptoPriv.h>

/*  This include is used to find 8 & 32 bit unsigned integer types  */
#include <machine/limits.h>

#include <TargetConditionals.h>
#if TARGET_OS_EMBEDDED && __arm__
#define CC_AES_USE_HARDWARE				1
#endif

#if CC_AES_USE_HARDWARE
#define CC_AES_MAX_KEYSIZE				32 //32 bytes or 256 bits
#endif

#if defined(__cplusplus)
extern "C"
{
#endif

/*	CommonCrypto-specific mods. 

	_APPLE_COMMON_CRYPTO_, when defined, enables the following:
	
	 -- IV/chain buffer stored in the aes_{en,de}crypt_ctx (though it 
	    can still be passed to the encrypt/decrypt routines)
	 -- ECB/CBC controlled per ctx->cbcEnable
	 -- common SPI functions 
	 -- disables AES_VAR
*/

#define AES_128     /* define if AES with 128 bit keys is needed    */
#define AES_192     /* define if AES with 192 bit keys is needed    */
#define AES_256     /* define if AES with 256 bit keys is needed    */
#ifndef		_APPLE_COMMON_CRYPTO_
#define AES_VAR     /* define if a variable key size is needed      */
#endif

/* The following must also be set in assembler files if being used  */

#define AES_ENCRYPT /* if support for encryption is needed          */
#define AES_DECRYPT /* if support for decryption is needed          */
//#define AES_ERR_CHK /* for parameter checks & error return codes    */

#if UCHAR_MAX == 0xff                   /* an unsigned 8 bit type   */
  typedef unsigned char      aes_08t;
#else
#  error Please define aes_08t as an 8-bit unsigned integer type in aes.h
#endif

#if UINT_MAX == 4294967295              /* an unsigned 32 bit type  */
  typedef   unsigned int     aes_32t;
#elif ULONG_MAX == 4294967295ul
  typedef   unsigned long    aes_32t;
#else
#  error Please define aes_32t as a 32-bit unsigned integer type in aes.h
#endif

#define AES_BLOCK_SIZE  16  /* the AES block size in bytes          */
#define N_COLS           4  /* the number of columns in the state   */

/* The key schedule length is 11, 13 or 15 16-byte blocks for 128,  */
/* 192 or 256-bit keys respectively. That is 176, 208 or 240 bytes  */
/* or 44, 52 or 60 32-bit words. For simplicity this code allocates */
/* the maximum 60 word array for the key schedule for all key sizes */

#if defined( AES_VAR ) || defined( AES_256 )
#define KS_LENGTH       60
#elif defined( AES_192 )
#define KS_LENGTH       52
#else
#define KS_LENGTH       44
#endif

#if defined( AES_ERR_CHK )
#define aes_ret     int
#define aes_good    0
#define aes_error  -1
#else
#define aes_ret     void
#endif

#if !defined( AES_DLL )                 /* implement normal/DLL functions   */
#define aes_rval    aes_ret
#else
#define aes_rval    aes_ret __declspec(dllexport) _stdcall
#endif

typedef struct
{   aes_32t ks[KS_LENGTH];
    aes_32t rn;
	#ifdef	_APPLE_COMMON_CRYPTO_
	unsigned char chainBuf[AES_BLOCK_SIZE];
	aes_32t cbcEnable;
	#if CC_AES_USE_HARDWARE
	unsigned char keyBytes[CC_AES_MAX_KEYSIZE];
	aes_32t keyLength;
	#endif
	#endif
} aes_encrypt_ctx;

typedef struct
{   aes_32t ks[KS_LENGTH];
    aes_32t rn;
	#ifdef	_APPLE_COMMON_CRYPTO_
	unsigned char chainBuf[AES_BLOCK_SIZE];
	aes_32t cbcEnable;
	#if CC_AES_USE_HARDWARE
	unsigned char keyBytes[CC_AES_MAX_KEYSIZE];
	aes_32t keyLength;
	#endif
	#endif
} aes_decrypt_ctx;

typedef struct
{   
	aes_decrypt_ctx decrypt;
    aes_encrypt_ctx encrypt;
} aes_ctx;


/* This routine must be called before first use if non-static       */
/* tables are being used                                            */

void gen_tabs(void);

/* The key length (klen) is input in bytes when it is in the range  */
/* 16 <= klen <= 32 or in bits when in the range 128 <= klen <= 256 */

#if defined( AES_ENCRYPT )

#if defined(AES_128) || defined(AES_VAR)
aes_rval aes_encrypt_key128(const unsigned char *in_key, aes_encrypt_ctx cx[1]);
#endif

#if defined(AES_192) || defined(AES_VAR)
aes_rval aes_encrypt_key192(const unsigned char *in_key, aes_encrypt_ctx cx[1]);
#endif

#if defined(AES_256) || defined(AES_VAR)
aes_rval aes_encrypt_key256(const unsigned char *in_key, aes_encrypt_ctx cx[1]);
#endif

#if defined(AES_VAR)
aes_rval aes_encrypt_key(const unsigned char *in_key, int key_len, aes_encrypt_ctx cx[1]);
#endif

aes_rval aes_encrypt_cbc(const unsigned char *in_blk, const unsigned char *in_iv, unsigned int num_blk,
					 unsigned char *out_blk, aes_encrypt_ctx cx[1]);
#endif

#if defined( AES_DECRYPT )

#if defined(AES_128) || defined(AES_VAR)
aes_rval aes_decrypt_key128(const unsigned char *in_key, aes_decrypt_ctx cx[1]);
#endif

#if defined(AES_192) || defined(AES_VAR)
aes_rval aes_decrypt_key192(const unsigned char *in_key, aes_decrypt_ctx cx[1]);
#endif

#if defined(AES_256) || defined(AES_VAR)
aes_rval aes_decrypt_key256(const unsigned char *in_key, aes_decrypt_ctx cx[1]);
#endif

#if defined(AES_VAR)
aes_rval aes_decrypt_key(const unsigned char *in_key, int key_len, aes_decrypt_ctx cx[1]);
#endif

aes_rval aes_decrypt_cbc(const unsigned char *in_blk, const unsigned char *in_iv, unsigned int num_blk,
					 unsigned char *out_blk, aes_decrypt_ctx cx[1]);
#endif

#ifdef	_APPLE_COMMON_CRYPTO_

typedef union
{   
	aes_decrypt_ctx decrypt;
    aes_encrypt_ctx encrypt;
} aes_cc_ctx;

int aes_cc_set_key(aes_cc_ctx *cx, const void *rawKey, aes_32t keyLength, 
	int forEncrypt);
void aes_cc_set_iv(aes_cc_ctx *cx, int forEncrypt, const void *iv);
void aes_cc_encrypt(aes_cc_ctx *cx, const void *blocksIn, aes_32t numBlocks,
	void *blocksOut);
void aes_cc_decrypt(aes_cc_ctx *cx, const void *blocksIn, aes_32t numBlocks,
	void *blocksOut);
#endif

#if defined(__cplusplus)
}
#endif

#endif	// !__ASSEMBLER__

#endif	/* _CC_AES_H_ */

Added Source/CommonCrypto/aesopt.h.











































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
/*
The bulk of this file is from Dr. Brian Gladman's AES implementation, described
in the comments below.  But some code has been added to select the
implementation.  See comments below, where UseGladmanAES is defined.  The new
code does not alter Gladman's AES implementation except to completely include
or exclude it from compilation.

		-- Eric Postpischil, January 8, 2008.


 ---------------------------------------------------------------------------
 Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.   All rights reserved.

 LICENSE TERMS

 The free distribution and use of this software in both source and binary
 form is allowed (with or without changes) provided that:

   1. distributions of this source code include the above copyright
      notice, this list of conditions and the following disclaimer;

   2. distributions in binary form include the above copyright
      notice, this list of conditions and the following disclaimer
      in the documentation and/or other associated materials;

   3. the copyright holder's name is not used to endorse products
      built using this software without specific written permission.

 ALTERNATIVELY, provided that this notice is retained in full, this product
 may be distributed under the terms of the GNU General Public License (GPL),
 in which case the provisions of the GPL apply INSTEAD OF those given above.

 DISCLAIMER

 This software is provided 'as is' with no explicit or implied warranties
 in respect of its properties, including, but not limited to, correctness
 and/or fitness for purpose.
 ---------------------------------------------------------------------------
 Issue 28/01/2004

 My thanks go to Dag Arne Osvik for devising the schemes used here for key
 length derivation from the form of the key schedule

 This file contains the compilation options for AES (Rijndael) and code
 that is common across encryption, key scheduling and table generation.

 OPERATION

 These source code files implement the AES algorithm Rijndael designed by
 Joan Daemen and Vincent Rijmen. This version is designed for the standard
 block size of 16 bytes and for key sizes of 128, 192 and 256 bits (16, 24
 and 32 bytes).

 This version is designed for flexibility and speed using operations on
 32-bit words rather than operations on bytes.  It can be compiled with
 either big or little endian internal byte order but is faster when the
 native byte order for the processor is used.

 THE CIPHER INTERFACE

 The cipher interface is implemented as an array of bytes in which lower
 AES bit sequence indexes map to higher numeric significance within bytes.

  aes_08t                 (an unsigned  8-bit type)
  aes_32t                 (an unsigned 32-bit type)
  struct aes_encrypt_ctx  (structure for the cipher encryption context)
  struct aes_decrypt_ctx  (structure for the cipher decryption context)
  aes_rval                the function return type

  C subroutine calls:

  aes_rval aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1]);
  aes_rval aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1]);
  aes_rval aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1]);
  aes_rval aes_encrypt(const unsigned char *in, unsigned char *out,
                                                  const aes_encrypt_ctx cx[1]);

  aes_rval aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1]);
  aes_rval aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1]);
  aes_rval aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1]);
  aes_rval aes_decrypt(const unsigned char *in, unsigned char *out,
                                                  const aes_decrypt_ctx cx[1]);

 IMPORTANT NOTE: If you are using this C interface with dynamic tables make sure that
 you call genTabs() before AES is used so that the tables are initialised.

 C++ aes class subroutines:

     Class AESencrypt  for encryption

      Construtors:
          AESencrypt(void)
          AESencrypt(const unsigned char *key) - 128 bit key
      Members:
          aes_rval key128(const unsigned char *key)
          aes_rval key192(const unsigned char *key)
          aes_rval key256(const unsigned char *key)
          aes_rval encrypt(const unsigned char *in, unsigned char *out) const

      Class AESdecrypt  for encryption
      Construtors:
          AESdecrypt(void)
          AESdecrypt(const unsigned char *key) - 128 bit key
      Members:
          aes_rval key128(const unsigned char *key)
          aes_rval key192(const unsigned char *key)
          aes_rval key256(const unsigned char *key)
          aes_rval decrypt(const unsigned char *in, unsigned char *out) const

    COMPILATION

    The files used to provide AES (Rijndael) are

    a. aes.h for the definitions needed for use in C.
    b. aescpp.h for the definitions needed for use in C++.
    c. aesopt.h for setting compilation options (also includes common code).
    d. aescrypt.c for encryption and decrytpion, or
    e. aeskey.c for key scheduling.
    f. aestab.c for table loading or generation.
    g. aescrypt.asm for encryption and decryption using assembler code.
    h. aescrypt.mmx.asm for encryption and decryption using MMX assembler.

    To compile AES (Rijndael) for use in C code use aes.h and set the
    defines here for the facilities you need (key lengths, encryption
    and/or decryption). Do not define AES_DLL or AES_CPP.  Set the options
    for optimisations and table sizes here.

    To compile AES (Rijndael) for use in in C++ code use aescpp.h but do
    not define AES_DLL

    To compile AES (Rijndael) in C as a Dynamic Link Library DLL) use
    aes.h and include the AES_DLL define.

    CONFIGURATION OPTIONS (here and in aes.h)

    a. set AES_DLL in aes.h if AES (Rijndael) is to be compiled as a DLL
    b. You may need to set PLATFORM_BYTE_ORDER to define the byte order.
    c. If you want the code to run in a specific internal byte order, then
       ALGORITHM_BYTE_ORDER must be set accordingly.
    d. set other configuration options decribed below.
*/

#if !defined( _CC_AESOPT_H )
#define _CC_AESOPT_H

/*	Select which AES implementation to use.  Preprocessor directives decide
	whether to define UseGladmanAES or UseAESedp or, in the future, other
	symbols.  Source files for the implementations contain preprocessor
	directives to compile their code iff the matching symbol is defined.

	The names GladmanAES and AESedp come from the directories containing the
	source code.  (I prefer putting "AES" first and am tempted to renamed
	"GladmanAES" to "AESGladman", since this groups directories by algorithm in
	listings, but I am resisting for the moment.)
*/
#if defined __i386__ || defined __x86_64__
	// On Intel architectures, use AESedp.
	#define	UseAESedp
#else
	// Otherwise, use Gladman AES.
	#define	UseGladmanAES
#endif

/*	Suppressing all source in a module would yield an empty module after
	preprocessing.  GCC allows this, but standard C requires a module to
	contain at least one external declaration.  So here we make an otherwise
	unused declaration that generates no object code.
*/
#if !defined __ASSEMBLER__
	typedef char DummyDeclarationToMakeValidC;
#endif

#include <CommonCrypto/CommonCryptoPriv.h>
#include <CommonCrypto/aes.h>

/*  CONFIGURATION - USE OF DEFINES

    Later in this section there are a number of defines that control the
    operation of the code.  In each section, the purpose of each define is
    explained so that the relevant form can be included or excluded by
    setting either 1's or 0's respectively on the branches of the related
    #if clauses.

    PLATFORM SPECIFIC INCLUDES AND BYTE ORDER IN 32-BIT WORDS

    To obtain the highest speed on processors with 32-bit words, this code
    needs to determine the byte order of the target machine. The following
    block of code is an attempt to capture the most obvious ways in which
    various environemnts define byte order. It may well fail, in which case
    the definitions will need to be set by editing at the points marked
    **** EDIT HERE IF NECESSARY **** below.  My thanks go to Peter Gutmann
    for his assistance with this endian detection nightmare.
*/

#define BRG_LITTLE_ENDIAN   1234 /* byte 0 is least significant (i386) */
#define BRG_BIG_ENDIAN      4321 /* byte 0 is most significant (mc68k) */

#if defined(__GNUC__) || defined(__GNU_LIBRARY__)
#  if defined(__FreeBSD__) || defined(__OpenBSD__)
#    include <sys/endian.h>
#  elif defined( BSD ) && BSD >= 199103
#      include <machine/endian.h>
#  elif defined(__APPLE__)
#    if defined(__BIG_ENDIAN__) && !defined( BIG_ENDIAN )
#      define BIG_ENDIAN
#    elif defined(__LITTLE_ENDIAN__) && !defined( LITTLE_ENDIAN )
#      define LITTLE_ENDIAN
#    endif
#  else
#    include <endian.h>
#    if defined(__BEOS__)
#      include <byteswap.h>
#    endif
#  endif
#endif

#if !defined(PLATFORM_BYTE_ORDER)
#  if defined(LITTLE_ENDIAN) || defined(BIG_ENDIAN)
#    if    defined(LITTLE_ENDIAN) && !defined(BIG_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
#    elif !defined(LITTLE_ENDIAN) &&  defined(BIG_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
#    elif defined(BYTE_ORDER) && (BYTE_ORDER == LITTLE_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
#    elif defined(BYTE_ORDER) && (BYTE_ORDER == BIG_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
#    endif
#  elif defined(_LITTLE_ENDIAN) || defined(_BIG_ENDIAN)
#    if    defined(_LITTLE_ENDIAN) && !defined(_BIG_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
#    elif !defined(_LITTLE_ENDIAN) &&  defined(_BIG_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
#    elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _LITTLE_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
#    elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _BIG_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
#   endif
#  elif defined(__LITTLE_ENDIAN__) || defined(__BIG_ENDIAN__)
#    if    defined(__LITTLE_ENDIAN__) && !defined(__BIG_ENDIAN__)
#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
#    elif !defined(__LITTLE_ENDIAN__) &&  defined(__BIG_ENDIAN__)
#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
#    elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __LITTLE_ENDIAN__)
#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
#    elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __BIG_ENDIAN__)
#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
#    endif
#  endif
#endif

/*  if the platform is still unknown, try to find its byte order    */
/*  from commonly used machine defines                              */

#if !defined(PLATFORM_BYTE_ORDER)

#if   defined( __alpha__ ) || defined( __alpha ) || defined( i386 )       || \
      defined( __i386__ )  || defined( _M_I86 )  || defined( _M_IX86 )    || \
      defined( __OS2__ )   || defined( sun386 )  || defined( __TURBOC__ ) || \
      defined( vax )       || defined( vms )     || defined( VMS )        || \
      defined( __VMS )	   || defined(__x86_64__)
#  define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN

#elif defined( AMIGA )    || defined( applec )  || defined( __AS400__ )  || \
      defined( _CRAY )    || defined( __hppa )  || defined( __hp9000 )   || \
      defined( ibm370 )   || defined( mc68000 ) || defined( m68k )       || \
      defined( __MRC__ )  || defined( __MVS__ ) || defined( __MWERKS__ ) || \
      defined( sparc )    || defined( __sparc)  || defined( SYMANTEC_C ) || \
      defined( __TANDEM ) || defined( THINK_C ) || defined( __VMCMS__ )
#  define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN

#elif 0     /* **** EDIT HERE IF NECESSARY **** */
#  define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
#elif 0     /* **** EDIT HERE IF NECESSARY **** */
#  define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
#else
#  error Please edit aesopt.h (line 234 or 236) to set the platform byte order
#endif

#endif

/*  SOME LOCAL DEFINITIONS  */

#define NO_TABLES              0
#define ONE_TABLE              1
#define FOUR_TABLES            4
#define NONE                   0
#define PARTIAL                1
#define FULL                   2

#if defined(bswap32)
#define aes_sw32    bswap32
#elif defined(bswap_32)
#define aes_sw32    bswap_32
#else
#define brot(x,n)   (((aes_32t)(x) <<  n) | ((aes_32t)(x) >> (32 - n)))
#define aes_sw32(x) ((brot((x),8) & 0x00ff00ff) | (brot((x),24) & 0xff00ff00))
#endif

/*  1. FUNCTIONS REQUIRED

    This implementation provides subroutines for encryption, decryption
    and for setting the three key lengths (separately) for encryption
    and decryption. When the assembler code is not being used the following
    definition blocks allow the selection of the routines that are to be
    included in the compilation.
*/
#if defined( AES_ENCRYPT )
#define ENCRYPTION
#define ENCRYPTION_KEY_SCHEDULE
#endif

#if defined( AES_DECRYPT )
#define DECRYPTION
#define DECRYPTION_KEY_SCHEDULE
#endif

/*  2. ASSEMBLER SUPPORT

    This define (which can be on the command line) enables the use of the
    assembler code routines for encryption and decryption with the C code
    only providing key scheduling
*/
#if 0 && !defined(AES_ASM)
#define AES_ASM
#endif

/*  3. BYTE ORDER WITHIN 32 BIT WORDS

    The fundamental data processing units in Rijndael are 8-bit bytes. The
    input, output and key input are all enumerated arrays of bytes in which
    bytes are numbered starting at zero and increasing to one less than the
    number of bytes in the array in question. This enumeration is only used
    for naming bytes and does not imply any adjacency or order relationship
    from one byte to another. When these inputs and outputs are considered
    as bit sequences, bits 8*n to 8*n+7 of the bit sequence are mapped to
    byte[n] with bit 8n+i in the sequence mapped to bit 7-i within the byte.
    In this implementation bits are numbered from 0 to 7 starting at the
    numerically least significant end of each byte (bit n represents 2^n).

    However, Rijndael can be implemented more efficiently using 32-bit
    words by packing bytes into words so that bytes 4*n to 4*n+3 are placed
    into word[n]. While in principle these bytes can be assembled into words
    in any positions, this implementation only supports the two formats in
    which bytes in adjacent positions within words also have adjacent byte
    numbers. This order is called big-endian if the lowest numbered bytes
    in words have the highest numeric significance and little-endian if the
    opposite applies.

    This code can work in either order irrespective of the order used by the
    machine on which it runs. Normally the internal byte order will be set
    to the order of the processor on which the code is to be run but this
    define can be used to reverse this in special situations

    NOTE: Assembler code versions rely on PLATFORM_BYTE_ORDER being set
*/
#if 1 || defined(AES_ASM)
#define ALGORITHM_BYTE_ORDER PLATFORM_BYTE_ORDER
#elif 0
#define ALGORITHM_BYTE_ORDER BRG_LITTLE_ENDIAN
#elif 0
#define ALGORITHM_BYTE_ORDER BRG_BIG_ENDIAN
#else
#error The algorithm byte order is not defined
#endif

/*  4. FAST INPUT/OUTPUT OPERATIONS.

    On some machines it is possible to improve speed by transferring the
    bytes in the input and output arrays to and from the internal 32-bit
    variables by addressing these arrays as if they are arrays of 32-bit
    words.  On some machines this will always be possible but there may
    be a large performance penalty if the byte arrays are not aligned on
    the normal word boundaries. On other machines this technique will
    lead to memory access errors when such 32-bit word accesses are not
    properly aligned. The option SAFE_IO avoids such problems but will
    often be slower on those machines that support misaligned access
    (especially so if care is taken to align the input  and output byte
    arrays on 32-bit word boundaries). If SAFE_IO is not defined it is
    assumed that access to byte arrays as if they are arrays of 32-bit
    words will not cause problems when such accesses are misaligned.
*/
#if 0 && !defined(_MSC_VER)
#define SAFE_IO
#endif

/*  5. LOOP UNROLLING

    The code for encryption and decrytpion cycles through a number of rounds
    that can be implemented either in a loop or by expanding the code into a
    long sequence of instructions, the latter producing a larger program but
    one that will often be much faster. The latter is called loop unrolling.
    There are also potential speed advantages in expanding two iterations in
    a loop with half the number of iterations, which is called partial loop
    unrolling.  The following options allow partial or full loop unrolling
    to be set independently for encryption and decryption
*/
#if 1
#define ENC_UNROLL  FULL
#elif 0
#define ENC_UNROLL  PARTIAL
#else
#define ENC_UNROLL  NONE
#endif

#if 1
#define DEC_UNROLL  FULL
#elif 0
#define DEC_UNROLL  PARTIAL
#else
#define DEC_UNROLL  NONE
#endif

/*  6. FAST FINITE FIELD OPERATIONS

    If this section is included, tables are used to provide faster finite
    field arithmetic (this has no effect if FIXED_TABLES is defined).
*/
#if 1
#define FF_TABLES
#endif

/*  7. INTERNAL STATE VARIABLE FORMAT

    The internal state of Rijndael is stored in a number of local 32-bit
    word varaibles which can be defined either as an array or as individual
    names variables. Include this section if you want to store these local
    varaibles in arrays. Otherwise individual local variables will be used.
*/
#if 0
#define ARRAYS
#endif

/* In this implementation the columns of the state array are each held in
   32-bit words. The state array can be held in various ways: in an array
   of words, in a number of individual word variables or in a number of
   processor registers. The following define maps a variable name x and
   a column number c to the way the state array variable is to be held.
   The first define below maps the state into an array x[c] whereas the
   second form maps the state into a number of individual variables x0,
   x1, etc.  Another form could map individual state colums to machine
   register names.
*/

#if defined(ARRAYS)
#define s(x,c) x[c]
#else
#define s(x,c) x##c
#endif

/*  8. FIXED OR DYNAMIC TABLES

    When this section is included the tables used by the code are compiled
    statically into the binary file.  Otherwise the subroutine gen_tabs()
    must be called to compute them before the code is first used.
*/
#if 1
#define FIXED_TABLES
#endif

/*  9. TABLE ALIGNMENT

    On some sytsems speed will be improved by aligning the AES large lookup
    tables on particular boundaries. This define should be set to a power of
    two giving the desired alignment. It can be left undefined if alignment
    is not needed.  This option is specific to the Microsft VC++ compiler -
    it seems to sometimes cause trouble for the VC++ version 6 compiler.
*/

#if 0 && defined(_MSC_VER) && (_MSC_VER >= 1300)
#define TABLE_ALIGN 64
#endif

/*  10. INTERNAL TABLE CONFIGURATION

    This cipher proceeds by repeating in a number of cycles known as 'rounds'
    which are implemented by a round function which can optionally be speeded
    up using tables.  The basic tables are each 256 32-bit words, with either
    one or four tables being required for each round function depending on
    how much speed is required. The encryption and decryption round functions
    are different and the last encryption and decrytpion round functions are
    different again making four different round functions in all.

    This means that:
      1. Normal encryption and decryption rounds can each use either 0, 1
         or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
      2. The last encryption and decryption rounds can also use either 0, 1
         or 4 tables and table spaces of 0, 1024 or 4096 bytes each.

    Include or exclude the appropriate definitions below to set the number
    of tables used by this implementation.
*/

#if 1   /* set tables for the normal encryption round */
#define ENC_ROUND   FOUR_TABLES
#elif 0
#define ENC_ROUND   ONE_TABLE
#else
#define ENC_ROUND   NO_TABLES
#endif

#if 1   /* set tables for the last encryption round */
#define LAST_ENC_ROUND  FOUR_TABLES
#elif 0
#define LAST_ENC_ROUND  ONE_TABLE
#else
#define LAST_ENC_ROUND  NO_TABLES
#endif

#if 1   /* set tables for the normal decryption round */
#define DEC_ROUND   FOUR_TABLES
#elif 0
#define DEC_ROUND   ONE_TABLE
#else
#define DEC_ROUND   NO_TABLES
#endif

#if 1   /* set tables for the last decryption round */
#define LAST_DEC_ROUND  FOUR_TABLES
#elif 0
#define LAST_DEC_ROUND  ONE_TABLE
#else
#define LAST_DEC_ROUND  NO_TABLES
#endif

/*  The decryption key schedule can be speeded up with tables in the same
    way that the round functions can.  Include or exclude the following
    defines to set this requirement.
*/
#if 1
#define KEY_SCHED   FOUR_TABLES
#elif 0
#define KEY_SCHED   ONE_TABLE
#else
#define KEY_SCHED   NO_TABLES
#endif

/*  11. TABLE POINTER CACHING

    Normally tables are referenced directly, Enable this option if you wish to
    cache pointers to the tables in the encrypt/decrypt code.  Note that this
	only works if you are using FOUR_TABLES for the ROUND you enable this for.
*/
#if 1
#define ENC_ROUND_CACHE_TABLES
#endif
#if 1
#define LAST_ENC_ROUND_CACHE_TABLES
#endif
#if 1
#define DEC_ROUND_CACHE_TABLES
#endif
#if 1
#define LAST_DEC_ROUND_CACHE_TABLES
#endif

/* END OF CONFIGURATION OPTIONS */

#define RC_LENGTH   (5 * (AES_BLOCK_SIZE / 4 - 2))

/* Disable or report errors on some combinations of options */

#if ENC_ROUND == NO_TABLES && LAST_ENC_ROUND != NO_TABLES
#undef  LAST_ENC_ROUND
#define LAST_ENC_ROUND  NO_TABLES
#elif ENC_ROUND == ONE_TABLE && LAST_ENC_ROUND == FOUR_TABLES
#undef  LAST_ENC_ROUND
#define LAST_ENC_ROUND  ONE_TABLE
#endif

#if ENC_ROUND == NO_TABLES && ENC_UNROLL != NONE
#undef  ENC_UNROLL
#define ENC_UNROLL  NONE
#endif

#if DEC_ROUND == NO_TABLES && LAST_DEC_ROUND != NO_TABLES
#undef  LAST_DEC_ROUND
#define LAST_DEC_ROUND  NO_TABLES
#elif DEC_ROUND == ONE_TABLE && LAST_DEC_ROUND == FOUR_TABLES
#undef  LAST_DEC_ROUND
#define LAST_DEC_ROUND  ONE_TABLE
#endif

#if DEC_ROUND == NO_TABLES && DEC_UNROLL != NONE
#undef  DEC_UNROLL
#define DEC_UNROLL  NONE
#endif

/*  upr(x,n):  rotates bytes within words by n positions, moving bytes to
               higher index positions with wrap around into low positions
    ups(x,n):  moves bytes by n positions to higher index positions in
               words but without wrap around
    bval(x,n): extracts a byte from a word

    NOTE:      The definitions given here are intended only for use with
               unsigned variables and with shift counts that are compile
               time constants
*/

#if (ALGORITHM_BYTE_ORDER == BRG_LITTLE_ENDIAN)
#define upr(x,n)        (((aes_32t)(x) << (8 * (n))) | ((aes_32t)(x) >> (32 - 8 * (n))))
#define ups(x,n)        ((aes_32t) (x) << (8 * (n)))
#define bval(x,n)       ((aes_08t)((x) >> (8 * (n))))
#define bytes2word(b0, b1, b2, b3)  \
        (((aes_32t)(b3) << 24) | ((aes_32t)(b2) << 16) | ((aes_32t)(b1) << 8) | (b0))
#endif

#if (ALGORITHM_BYTE_ORDER == BRG_BIG_ENDIAN)
#define upr(x,n)        (((aes_32t)(x) >> (8 * (n))) | ((aes_32t)(x) << (32 - 8 * (n))))
#define ups(x,n)        ((aes_32t) (x) >> (8 * (n))))
#define bval(x,n)       ((aes_08t)((x) >> (24 - 8 * (n))))
#define bytes2word(b0, b1, b2, b3)  \
        (((aes_32t)(b0) << 24) | ((aes_32t)(b1) << 16) | ((aes_32t)(b2) << 8) | (b3))
#endif

#if defined(SAFE_IO)

#define word_in(x,c)    bytes2word(((aes_08t*)(x)+4*c)[0], ((aes_08t*)(x)+4*c)[1], \
                                   ((aes_08t*)(x)+4*c)[2], ((aes_08t*)(x)+4*c)[3])
#define word_out(x,c,v) { ((aes_08t*)(x)+4*c)[0] = bval(v,0); ((aes_08t*)(x)+4*c)[1] = bval(v,1); \
                          ((aes_08t*)(x)+4*c)[2] = bval(v,2); ((aes_08t*)(x)+4*c)[3] = bval(v,3); }

#elif (ALGORITHM_BYTE_ORDER == PLATFORM_BYTE_ORDER)

#define word_in(x,c)    (*((aes_32t*)(x)+(c)))
#define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = (v))

#else

#define word_in(x,c)    aes_sw32(*((aes_32t*)(x)+(c)))
#define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = aes_sw32(v))

#endif

/* the finite field modular polynomial and elements */

#define WPOLY   0x011b
#define BPOLY     0x1b

/* multiply four bytes in GF(2^8) by 'x' {02} in parallel */

#define m1  0x80808080
#define m2  0x7f7f7f7f
#define gf_mulx(x)  ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * BPOLY))

/* The following defines provide alternative definitions of gf_mulx that might
   give improved performance if a fast 32-bit multiply is not available. Note
   that a temporary variable u needs to be defined where gf_mulx is used.

#define gf_mulx(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6))
#define m4  (0x01010101 * BPOLY)
#define gf_mulx(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4)
*/

/* Work out which tables are needed for the different options   */

#if defined( AES_ASM )
#if defined( ENC_ROUND )
#undef  ENC_ROUND
#endif
#define ENC_ROUND   FOUR_TABLES
#if defined( LAST_ENC_ROUND )
#undef  LAST_ENC_ROUND
#endif
#define LAST_ENC_ROUND  FOUR_TABLES
#if defined( DEC_ROUND )
#undef  DEC_ROUND
#endif
#define DEC_ROUND   FOUR_TABLES
#if defined( LAST_DEC_ROUND )
#undef  LAST_DEC_ROUND
#endif
#define LAST_DEC_ROUND  FOUR_TABLES
#if defined( KEY_SCHED )
#undef  KEY_SCHED
#define KEY_SCHED   FOUR_TABLES
#endif
#endif

#if defined(ENCRYPTION) || defined(AES_ASM)
#if ENC_ROUND == ONE_TABLE
#define FT1_SET
#elif ENC_ROUND == FOUR_TABLES
#define FT4_SET
#else
#define SBX_SET
#endif
#if LAST_ENC_ROUND == ONE_TABLE
#define FL1_SET
#elif LAST_ENC_ROUND == FOUR_TABLES
#define FL4_SET
#elif !defined(SBX_SET)
#define SBX_SET
#endif
#endif

#if defined(DECRYPTION) || defined(AES_ASM)
#if DEC_ROUND == ONE_TABLE
#define IT1_SET
#elif DEC_ROUND == FOUR_TABLES
#define IT4_SET
#else
#define ISB_SET
#endif
#if LAST_DEC_ROUND == ONE_TABLE
#define IL1_SET
#elif LAST_DEC_ROUND == FOUR_TABLES
#define IL4_SET
#elif !defined(ISB_SET)
#define ISB_SET
#endif
#endif

#if defined(ENCRYPTION_KEY_SCHEDULE) || defined(DECRYPTION_KEY_SCHEDULE)
#if KEY_SCHED == ONE_TABLE
#define LS1_SET
#define IM1_SET
#elif KEY_SCHED == FOUR_TABLES
#define LS4_SET
#define IM4_SET
#elif !defined(SBX_SET)
#define SBX_SET
#endif
#endif

/* generic definitions of Rijndael macros that use tables    */

#define no_table(x,box,vf,rf,c) bytes2word( \
    box[bval(vf(x,0,c),rf(0,c))], \
    box[bval(vf(x,1,c),rf(1,c))], \
    box[bval(vf(x,2,c),rf(2,c))], \
    box[bval(vf(x,3,c),rf(3,c))])

#define one_table(x,op,tab,vf,rf,c) \
 (     tab[bval(vf(x,0,c),rf(0,c))] \
  ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \
  ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \
  ^ op(tab[bval(vf(x,3,c),rf(3,c))],3))

#define four_tables(x,tab,vf,rf,c) \
 (  tab[0][bval(vf(x,0,c),rf(0,c))] \
  ^ tab[1][bval(vf(x,1,c),rf(1,c))] \
  ^ tab[2][bval(vf(x,2,c),rf(2,c))] \
  ^ tab[3][bval(vf(x,3,c),rf(3,c))])

#define four_cached_tables(x,tab,vf,rf,c) \
(  tab##0[bval(vf(x,0,c),rf(0,c))] \
   ^ tab##1[bval(vf(x,1,c),rf(1,c))] \
   ^ tab##2[bval(vf(x,2,c),rf(2,c))] \
   ^ tab##3[bval(vf(x,3,c),rf(3,c))])

#define vf1(x,r,c)  (x)
#define rf1(r,c)    (r)
#define rf2(r,c)    ((8+r-c)&3)

/* perform forward and inverse column mix operation on four bytes in long word x in */
/* parallel. NOTE: x must be a simple variable, NOT an expression in these macros.  */

#if defined(FM4_SET)    /* not currently used */
#define fwd_mcol(x)     four_tables(x,t_use(f,m),vf1,rf1,0)
#elif defined(FM1_SET)  /* not currently used */
#define fwd_mcol(x)     one_table(x,upr,t_use(f,m),vf1,rf1,0)
#else
#define dec_fmvars      aes_32t g2
#define fwd_mcol(x)     (g2 = gf_mulx(x), g2 ^ upr((x) ^ g2, 3) ^ upr((x), 2) ^ upr((x), 1))
#endif

#if defined(IM4_SET)
#define inv_mcol(x)     four_tables(x,t_use(i,m),vf1,rf1,0)
#elif defined(IM1_SET)
#define inv_mcol(x)     one_table(x,upr,t_use(i,m),vf1,rf1,0)
#else
#define dec_imvars      aes_32t g2, g4, g9
#define inv_mcol(x)     (g2 = gf_mulx(x), g4 = gf_mulx(g2), g9 = (x) ^ gf_mulx(g4), g4 ^= g9, \
                        (x) ^ g2 ^ g4 ^ upr(g2 ^ g9, 3) ^ upr(g4, 2) ^ upr(g9, 1))
#endif

#if defined(FL4_SET)
#define ls_box(x,c)     four_tables(x,t_use(f,l),vf1,rf2,c)
#elif   defined(LS4_SET)
#define ls_box(x,c)     four_tables(x,t_use(l,s),vf1,rf2,c)
#elif defined(FL1_SET)
#define ls_box(x,c)     one_table(x,upr,t_use(f,l),vf1,rf2,c)
#elif defined(LS1_SET)
#define ls_box(x,c)     one_table(x,upr,t_use(l,s),vf1,rf2,c)
#else
#define ls_box(x,c)     no_table(x,t_use(s,box),vf1,rf2,c)
#endif

#endif	/* _CC_AESOPT_H */

Added Source/CommonCrypto/cast.h.















































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
/* crypto/cast/cast.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#ifndef CC_CAST_H
#define CC_CAST_H

#ifdef  __cplusplus
extern "C" {
#endif

#include <CommonCrypto/CommonCryptoPriv.h>
#include <stdint.h>

#ifdef	_APPLE_COMMON_CRYPTO_
/* avoid symbol collision with libSystem & libcrypto */
#define CAST_set_key		CC_CAST_set_key
#define CAST_ecb_encrypt	CC_CAST_ecb_encrypt
#define CAST_encrypt		CC_CAST_encrypt
#define CAST_decrypt		CC_CAST_decrypt
#endif	/* _APPLE_COMMON_CRYPTO_ */

#ifdef NO_CAST
#error CAST is disabled.
#endif

#define CAST_ENCRYPT	1
#define CAST_DECRYPT	0

#ifdef	_APPLE_COMMON_CRYPTO_
#define CAST_LONG uint32_t
#else
#define CAST_LONG unsigned long
#endif	/* _APPLE_COMMON_CRYPTO_ */

#define CAST_BLOCK			8			/* block size in bytes */
#define CAST_KEY_LENGTH		16			/* MAX key size in bytes */
#define CAST_MIN_KEY_LENGTH	5			/* MIN key size in bytes */
typedef struct cast_key_st
	{
	CAST_LONG data[32];
	int short_key;	/* Use reduced rounds for short key */
	} CAST_KEY;

 
void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key,
		      int enc);
void CAST_encrypt(CAST_LONG *data,CAST_KEY *key);
void CAST_decrypt(CAST_LONG *data,CAST_KEY *key);
#ifndef	_APPLE_COMMON_CRYPTO_
void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
		      CAST_KEY *ks, unsigned char *iv, int enc);
void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
			long length, CAST_KEY *schedule, unsigned char *ivec,
			int *num, int enc);
void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, 
			long length, CAST_KEY *schedule, unsigned char *ivec,
			int *num);
#endif	/* _APPLE_COMMON_CRYPTO_ */
#ifdef  __cplusplus
}
#endif

#endif	/* CC_CAST_H */

Added Source/CommonCrypto/ccCast.h.













































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
/* 
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/*
 * ccCast.h - shim between openssl-based CAST and CommonEncryption.
 *
 * Created 3/30/06 by Doug Mitchell. 
 */

#ifndef	_CC_CCCAST_H_
#define _CC_CCCAST_H_

#include <CommonCrypto/CommonCryptoPriv.h>
#include <CommonCrypto/cast.h>
#include <sys/types.h>

#ifdef  __cplusplus
extern "C" {
#endif

int cast_cc_set_key(
	CAST_KEY *cx, 
	const void *rawKey, 
	size_t keyLength,
	int forEncrypt);

void cast_cc_encrypt(CAST_KEY *cx, const void *blockIn, void *blockOut);
void cast_cc_decrypt(CAST_KEY *cx, const void *blockIn, void *blockOut);

#ifdef  __cplusplus
}
#endif

#endif	/* _CC_CCCAST_H_ */

Added Source/CommonCrypto/ccRC2.h.























































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
/* 
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

#ifndef	_CC_RC2_H_
#define _CC_RC2_H_

#include <CommonCrypto/CommonCryptoPriv.h>
#include <CommonCrypto/rc2.h>
#include <sys/types.h>

#ifdef  __cplusplus
extern "C" {
#endif

int rc2_cc_set_key(RC2_Schedule *cx, const void *rawKey, size_t keyLength);
void rc2_cc_encrypt(RC2_Schedule *cx, const void *blockIn, void *blockOut);
void rc2_cc_decrypt(RC2_Schedule *cx, const void *blockIn, void *blockOut);

#ifdef  __cplusplus
}
#endif

#endif	/* _CC_RC2_H_ */

Added Source/CommonCrypto/opensslDES.h.











































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
/* crypto/des/des.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

/* 
 * This is pared-down version of <openssl/des.h>, shorn of 
 * everything except the bare-bones single-block encrypt/decrypt
 * routine DES_encrypt1() and the types and #defines needed to use
 * it. Plus it has the shim code needed to use this function in 
 * CommonEncryption. 
 */
 
#ifndef	_CC_OPENSSL_DES_H_
#define _CC_OPENSSL_DES_H_

#include <CommonCrypto/CommonCryptoPriv.h>

#define OPENSSL_DISABLE_OLD_DES_SUPPORT

// #include <ccOpenssl/des_locl.h>
#include <stdint.h>
#include <sys/types.h>

#ifdef __cplusplus
extern "C" {
#endif

/* 
 * These typedefs and defines moved here from des.h to allow
 * this interface to be exported (via private SPI) to the CSP.
 */
typedef unsigned char DES_cblock[8];
typedef /* const */ unsigned char const_DES_cblock[8];
/* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock *
 * and const_DES_cblock * are incompatible pointer types. */

#undef	DES_LONG
#define DES_LONG	uint32_t

typedef struct DES_ks
    {
    union
	{
	DES_cblock cblock;
	/* make sure things are correct size on machines with
	 * 8 byte longs */
	DES_LONG deslong[2];
	} ks[16];
    } DES_key_schedule;


int osDesSetkey(DES_key_schedule *dinst, char *key, size_t keyLength,
	int forEencrypt);
void osDesEncrypt(DES_key_schedule *ks, 
	const_DES_cblock *input, 
	DES_cblock *output);
void osDesDecrypt(DES_key_schedule *ks, 
	const_DES_cblock *input, 
	DES_cblock *output);

/* triple DES */
typedef struct {
	DES_key_schedule	ks[3];
} DES3_Schedule;

int osDes3Setkey(DES3_Schedule *dinst, char *key, size_t keyLength,
	int forEencrypt);
void osDes3Encrypt(DES3_Schedule *ks, 
	const_DES_cblock *input, 
	DES_cblock *output);
void osDes3Decrypt(DES3_Schedule *ks, 
	const_DES_cblock *input, 
	DES_cblock *output);

#ifdef __cplusplus
}
#endif

#endif	/* _CC_OPENSSL_DES_H_ */

Added Source/CommonCrypto/rc2.h.







































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

#ifndef	_RC2_H_
#define _RC2_H_

typedef struct rc2_key_st {
    unsigned short xkey[64];
} RC2_Schedule;

/**********************************************************************\ 
* Expand a variable-length user key (between 1 and 128 bytes) to a     * 
* 64-short working rc2 key, of at most "bits" effective key bits.      * 
* The effective key bits parameter looks like an export control hack.  * 
* For normal use, it should always be set to 1024.  For convenience,   * 
* zero is accepted as an alias for 1024.                               * 
\**********************************************************************/ 
void rc2_keyschedule( RC2_Schedule *key_schedule, 
                      const unsigned char *key, 
                      unsigned len, 
                      unsigned bits );

/**********************************************************************\ 
* Encrypt an 8-byte block of plaintext using the given key.            * 
\**********************************************************************/ 
void rc2_encrypt( const RC2_Schedule *key_schedule, 
                  const unsigned char *plain, 
                  unsigned char *cipher );

/**********************************************************************\ 
* Decrypt an 8-byte block of ciphertext using the given key.           * 
\**********************************************************************/ 
void rc2_decrypt( const RC2_Schedule *key_schedule, 
                  unsigned char *plain, 
                  const unsigned char *cipher );

#endif /* _RC2_H_ */

Added Source/CommonCrypto/rc4.h.





























































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
/*
 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


/* crypto/rc4/rc4.h */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#ifndef HEADER_RC4_H
#define HEADER_RC4_H

#ifdef  __cplusplus
extern "C" {
#endif

#ifdef NO_RC4
#error RC4 is disabled.
#endif

#include <CommonCrypto/CommonCryptoPriv.h>

#ifdef	_APPLE_COMMON_CRYPTO_

/* we just need one typedef... */
#include <stdint.h>
typedef uint32_t RC4_INT;

/* and we'll map to unique function names to avoid collisions with libcrypto */
#define RC4_set_key	CC_RC4_set_key
#define RC4			CC_RC4

#else	/* _APPLE_COMMON_CRYPTO_ */
#include <openssl/opensslconf.h> /* RC4_INT */
#endif	/* _APPLE_COMMON_CRYPTO_ */

#define RC4_MIN_KEY_SIZE_BYTES	1
#define RC4_MAX_KEY_SIZE_BYTES	512

typedef struct rc4_key_st
	{
	RC4_INT x,y;
	RC4_INT data[256];
	} RC4_KEY;

 
#ifndef	_APPLE_COMMON_CRYPTO_
const char *RC4_options(void);
#endif	/* _APPLE_COMMON_CRYPTO_ */

void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
		unsigned char *outdata);

#ifdef  __cplusplus
}
#endif

#endif

Added Source/CommonCryptor.c.





































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
/* 
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/*
 * CommonCryptor.c - common crypto context.
 *
 * Created 3/27/06 by Doug Mitchell. 
 */

#include <CommonCrypto/CommonCryptor.h>
#include "CommonCryptorPriv.h"
#include "BlockCipher.h"
#include "StreamCipher.h"
#include <stdlib.h>
#include <strings.h>
#include <stddef.h>			/* for offsetof() */

/* 
 * ComonCryptor's portion of a CCCryptorRef. 
 */
typedef struct _CCCryptor {
	/* if true, we mallocd this and must free it in CCCryptorRelease() */
	bool						weMallocd;
	/* total size of context (ours plus SPI-specific) */
	size_t						contextSize;
	/* op info */
	CCOperation					op;
	CCAlgorithm					alg;
	/* SPI info */
	const CCCryptSpiCallouts	*callouts;
	/* start of SPI-specific context */
	char						spiCtx[1];
} CCCryptor;


static const CCCryptSpiCallouts *ccSpiCallouts(
	CCOperation op,	
	CCAlgorithm alg)
{
	switch(alg) {
		case kCCAlgorithmAES128:
		case kCCAlgorithmDES:
		case kCCAlgorithm3DES:
		case kCCAlgorithmCAST:
		case kCCAlgorithmRC2:
			return &ccBlockCipherCallouts;
		case kCCAlgorithmRC4:
			return &ccRC4Callouts;
		default:
			return NULL;
	}
}

CCCryptorStatus CCCryptorCreate(
	CCOperation op,             /* kCCEncrypt, etc. */
	CCAlgorithm alg,            /* kCCAlgorithmDES, etc. */
	CCOptions options,          /* kCCOptionPKCS7Padding, etc. */
	const void *key,            /* raw key material */
	size_t keyLength,	
	const void *iv,             /* optional initialization vector */
	CCCryptorRef *cryptorRef)  /* RETURNED */
{
	const CCCryptSpiCallouts *callouts;
	CCCryptorStatus crtn;
	CCCryptor *cryptor = NULL;
	size_t requiredLen;
	
	if(cryptorRef == NULL) {
		return kCCParamError;
	}
	callouts = ccSpiCallouts(op, alg);
	if(callouts == NULL) {
		return kCCParamError;
	}
	
	/* how much space do we and the SPI need? */
	crtn = callouts->contextSize(op, alg, &requiredLen);
	if(crtn) {
		return crtn;
	}
	requiredLen += offsetof(CCCryptor, spiCtx);
	
	/* alloc and init our portion */
	cryptor = (CCCryptor *)malloc(requiredLen);
	if(cryptor == NULL) {
		return kCCMemoryFailure;
	}
	cryptor->weMallocd = true;
	cryptor->contextSize = requiredLen;
	cryptor->op = op;
	cryptor->alg = alg;
	cryptor->callouts = callouts;

	/* SPI-specific init */
	crtn = callouts->init(cryptor->spiCtx, op, alg, options, 
		key, keyLength, iv);
	if(crtn) {
		free(cryptor);
		return crtn;
	}
	*cryptorRef = cryptor;
	return kCCSuccess;
}

CCCryptorStatus CCCryptorCreateFromData(
	CCOperation op,             /* kCCEncrypt, etc. */
	CCAlgorithm alg,            /* kCCAlgorithmDES, etc. */
	CCOptions options,          /* kCCOptionPKCS7Padding, etc. */
	const void *key,            /* raw key material */
	size_t keyLength,	
	const void *iv,             /* optional initialization vector */
	const void *data,			/* caller-supplied memory */
	size_t dataLength,			/* length of data in bytes */
	CCCryptorRef *cryptorRef,   /* RETURNED */
	size_t *dataUsed)			/* optional, RETURNED */
{
	const CCCryptSpiCallouts *callouts;
	CCCryptorStatus crtn;
	CCCryptor *cryptor = NULL;
	size_t requiredLen;
	
	if((data == NULL) || (cryptorRef == NULL)) {
		return kCCParamError;
	}
	callouts = ccSpiCallouts(op, alg);
	if(callouts == NULL) {
		return kCCParamError;
	}
	
	/* how much space do we and the SPI need? */
	crtn = callouts->contextSize(op, alg, &requiredLen);
	if(crtn) {
		return crtn;
	}
	requiredLen += offsetof(CCCryptor, spiCtx);
	if(dataLength < requiredLen) {
		if(dataUsed != NULL) {
			*dataUsed = requiredLen;
		}
		return kCCBufferTooSmall;
	}
	cryptor = (CCCryptor *)data;

	/* init our portion */
	cryptor->weMallocd = false;
	cryptor->contextSize = requiredLen;
	cryptor->op = op;
	cryptor->alg = alg;
	cryptor->callouts = callouts;

	/* SPI-specific init */
	crtn = callouts->init(cryptor->spiCtx, op, alg, options, 
		key, keyLength, iv);
	if(crtn) {
		return crtn;
	}
	*cryptorRef = cryptor;
	if(dataUsed != NULL) {
		*dataUsed = requiredLen;
	}
	return kCCSuccess;
}

CCCryptorStatus CCCryptorRelease(
	CCCryptorRef cryptor)
{
	bool weMallocd;
	size_t zeroSize;
	
	if(cryptor == NULL) {
		return kCCParamError;
	}
	if(cryptor->callouts->release) {
		cryptor->callouts->release(cryptor->spiCtx);
		zeroSize = offsetof(CCCryptor, spiCtx);
	}
	else {
		/* provider says: "just zero everything" */
		zeroSize = cryptor->contextSize;
	}
	weMallocd = cryptor->weMallocd;
	memset(cryptor, 0, zeroSize);
	if(weMallocd) {
		free(cryptor);
	}
	return kCCSuccess;
}

CCCryptorStatus CCCryptorUpdate(
	CCCryptorRef cryptor,
	const void *dataIn,
	size_t dataInLength,
	void *dataOut,				/* data RETURNED here */
	size_t dataOutAvailable,
	size_t *dataOutMoved)		/* number of bytes written */
{
	if(cryptor == NULL) {
		return kCCParamError;
	}
	return cryptor->callouts->update(cryptor->spiCtx, 
		dataIn, dataInLength, 
		dataOut, dataOutAvailable, dataOutMoved);
}

CCCryptorStatus CCCryptorFinal(
	CCCryptorRef cryptor,
	void *dataOut,			/* data RETURNED here */
	size_t dataOutAvailable,
	size_t *dataOutMoved)		/* number of bytes written */
{
	if(cryptor == NULL) {
		return kCCParamError;
	}
	return cryptor->callouts->final(cryptor->spiCtx, 
		dataOut, dataOutAvailable, dataOutMoved);
}

size_t CCCryptorGetOutputLength(
	CCCryptorRef cryptor,
	size_t inputLength,
	bool final)
{
	if(cryptor == NULL) {
		return 0;
	}
	return cryptor->callouts->outputSize(cryptor->spiCtx, 
		inputLength, final);
}

CCCryptorStatus CCCryptorReset(
	CCCryptorRef cryptor,
	const void *iv)
{
	if(cryptor == NULL) {
		return kCCParamError;
	}
	if(cryptor->callouts->reset == NULL) {
		return kCCUnimplemented;
	}
	return cryptor->callouts->reset(cryptor->spiCtx, iv);
}


/* 
 * One-shot is mostly service provider independent, except for the
 * dataOutLength check.
 */
CCCryptorStatus CCCrypt(
	CCOperation op,			/* kCCEncrypt, etc. */
	CCAlgorithm alg,		/* kCCAlgorithmAES128, etc. */
	CCOptions options,		/* kCCOptionPKCS7Padding, etc. */
	const void *key,
	size_t keyLength,
	const void *iv,			/* optional initialization vector */
	const void *dataIn,		/* optional per op and alg */
	size_t dataInLength,
	void *dataOut,			/* data RETURNED here */
	size_t dataOutAvailable,
	size_t *dataOutMoved)	
{
	const CCCryptSpiCallouts *callouts;
	size_t outputSize;
	CCCryptorRef cryptor = NULL;
	CCCryptorStatus crtn;
	size_t totalMoved = 0;
	size_t remaining;
	size_t thisMove;
	char *outp;

	if(dataOutMoved == NULL) {
		return kCCParamError;
	}
	/* remaining fields technically legal, here */
	
	/* the only SPI-specific task is validating dataOutLength */
	callouts = ccSpiCallouts(op, alg);
	if(callouts == NULL) {
		return kCCParamError;
	}
	crtn = callouts->oneShotSize(op, alg, options, dataInLength, &outputSize);
	if(crtn) {
		return crtn;
	}
	if(outputSize > dataOutAvailable) {
		*dataOutMoved = outputSize;
		return kCCBufferTooSmall;
	}
	
	/* looks like it should be legal */
	crtn = CCCryptorCreate(op, alg, options,
		key, keyLength, iv, &cryptor);
	if(crtn) {
		return crtn;
	}
	remaining = dataOutAvailable;
	outp = (char *)dataOut;
	if((dataIn != NULL) && (dataInLength != 0)) {
		crtn = CCCryptorUpdate(cryptor, dataIn, dataInLength,
			outp, remaining, &thisMove);
		if(crtn) {
			goto errOut;
		}
		outp       += thisMove;
		totalMoved += thisMove;
		remaining  -= thisMove;
	}
	crtn = CCCryptorFinal(cryptor, outp, remaining, &thisMove);
	if(crtn == kCCSuccess) {
		totalMoved += thisMove;
		*dataOutMoved = totalMoved;
	}
	
errOut:
	if(cryptor) {
		CCCryptorRelease(cryptor);
	}
	return crtn;
}

Added Source/CommonCryptorPriv.h.





















































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
/* 
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/* 
 * CommonCryptorPriv.h - interface between CommonCryptor and operation- and
 *						 algorithm-specific service providers. 
 */

#ifndef	_CC_COMMON_CRYPTOR_PRIV_
#define	_CC_COMMON_CRYPTOR_PRIV_

#include <CommonCrypto/CommonCryptoPriv.h>
#include <CommonCrypto/CommonCryptor.h>

#ifdef __cplusplus
extern "C" {
#endif

/*
 * Service provider callouts, called from the public functions declared
 * in CommonCryptor.h. Semantics are the same as the corresponding functions
 * in that header, except for the void * passed to *ccCryptSpiInitFcn (which 
 * otherwise corresponds to CCCryptorCreate()), the allocation of which is 
 * handled at the CCCryptor layer. 
 */

/*
 * Return the size in bytes of SPI-specific context required for
 * specified op and algorithm.
 */
typedef CCCryptorStatus (*ccCryptorSpiContextSize)(CCOperation op, CCAlgorithm alg, size_t *ctxSize);

/* remainder mirror the public functions in CCCryptor.h */
typedef CCCryptorStatus (*ccCryptorSpiInitFcn)(
	void *ctx,
	CCOperation op,
	CCAlgorithm alg,
	CCOptions options,
	const void *key,
	size_t keyLength,
	const void *iv);
/* release is optional - if not present, SPI-specific context is zeroed */
typedef CCCryptorStatus (*ccCryptorSpiRelease)(void *ctx);
typedef CCCryptorStatus (*ccCryptorSpiUpdate)(void *ctx,
	const void *dataIn,
	size_t dataInLength,
	void *dataOut,			/* data RETURNED here */
	size_t dataOutAvailable,
	size_t *dataOutMoved);
typedef CCCryptorStatus (*ccCryptorSpiFinal)(void *ctx,
	void *dataOut,			/* data RETURNED here */
	size_t dataOutAvailable,
	size_t *dataOutMoved);
/* reset is optional - if not present, kCCUnimplemented */
typedef CCCryptorStatus (*ccCryptorSpiReset)(void *ctx,
	const void *iv);
typedef size_t (*ccCryptorSpiOutputSize)(void *ctx,
	size_t inputLength,
	bool final);	
typedef CCCryptorStatus (*ccCryptorSpiOneShotSize)(
	CCOperation op,
	CCAlgorithm alg,
	CCOptions options,
	size_t inputLen,
	size_t *outputLen);
	
/* 
 * Callouts for one service provider. 
 */
typedef struct {
	ccCryptorSpiContextSize	contextSize;
	ccCryptorSpiInitFcn		init;
	ccCryptorSpiRelease		release;
	ccCryptorSpiUpdate		update;
	ccCryptorSpiFinal		final;
	ccCryptorSpiReset		reset;		/* optional: NULL --> kCCUnimplemented */
	ccCryptorSpiOutputSize	outputSize;
	ccCryptorSpiOneShotSize	oneShotSize;
} CCCryptSpiCallouts;


#ifdef __cplusplus
}
#endif

#endif	/* _CC_COMMON_CRYPTOR_PRIV_ */

Added Source/CommonDigestPriv.h.









































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
/* 
 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/*
 * CommonDigestPriv.h - private typedefs and defines for ComonCrypto digest routines
 */
 
#ifndef	_COMMON_DIGEST_PRIV_H_
#define _COMMON_DIGEST_PRIV_H_

#include <CommonCrypto/CommonCryptoPriv.h>
#include <CommonCrypto/CommonDigest.h>

/* MD2 */

#define MD2_DIGEST_LENGTH	CC_MD2_DIGEST_LENGTH
#define MD2_BLOCK			CC_MD2_BLOCK_LONG
typedef	CC_MD2_CTX			MD2_CTX;
typedef CC_LONG				MD2_INT;

/* MD4 */

#define MD4_DIGEST_LENGTH 	CC_MD4_DIGEST_LENGTH
#define MD4_CBLOCK			CC_MD4_BLOCK_BYTES
#define MD4_LBLOCK			(MD4_CBLOCK/4)
#define MD4_LONG_LOG2 		3
typedef CC_MD4_CTX			MD4_CTX;
typedef CC_LONG				MD4_LONG;

/* MD5 */

#define MD5_DIGEST_LENGTH 	CC_MD5_DIGEST_LENGTH
#define MD5_CBLOCK			CC_MD5_BLOCK_BYTES
#define MD5_LBLOCK			(MD5_CBLOCK/4)
typedef CC_MD5_CTX			MD5_CTX;
typedef CC_LONG				MD5_LONG;

/* SHA1 */

#define SHA_DIGEST_LENGTH 	CC_SHA1_DIGEST_LENGTH
#define SHA_CBLOCK			CC_SHA1_BLOCK_BYTES
#define SHA_LBLOCK			CC_SHA1_BLOCK_LONG
#define SHA_LONG_LOG2 		2
#define SHA_LAST_BLOCK  	(SHA_CBLOCK-8)
typedef CC_SHA1_CTX			SHA_CTX;
typedef CC_LONG				SHA_LONG;

/* 
 * Macro to make an algorithm-specific one shot.
 */
#define CC_DIGEST_ONE_SHOT(fcnName, ctxName, initFcn, updateFcn, finalFcn)	\
unsigned char * fcnName (const void *data, CC_LONG len, unsigned char *md) \
{									\
	ctxName ctx;					\
	if(md == NULL) {				\
		return NULL;				\
	}								\
	initFcn(&ctx);					\
	updateFcn(&ctx, data, len);		\
	finalFcn(md, &ctx);				\
	return md;						\
}

#endif	/* _COMMON_DIGEST_PRIV_H_ */

Added Source/CommonHMAC.c.













































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
/* 
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/*
 * CommonHMAC.h - Keyed Message Authentication Code (HMAC) functions.
 *
 * Created 3/27/2006 by Doug Mitchell.
 */

#include <CommonCrypto/CommonHMAC.h>
#include <strings.h>
#include <stdlib.h>
#include <assert.h>

#ifndef	NDEBUG
#define ASSERT(s)
#else
#define ASSERT(s)	assert(s)
#endif

/* 
 * Callouts for digest ops.
 * The void *ctx pointers are needed to accommodate different underlying
 * digest context types. 
 */
typedef void (*ccDigestInit)(void *ctx);
typedef void (*ccDigestUpdate)(void *ctx, const void *data, CC_LONG len);
typedef void (*ccDigestFinal)(unsigned char *md, void *ctx);

#define HMAC_MAX_BLOCK_SIZE		CC_SHA512_BLOCK_BYTES
#define HMAC_MAX_DIGEST_SIZE	CC_SHA512_DIGEST_LENGTH

/* 
 * This is what a CCHmacContext actually points to.
 */
typedef struct {
	uint32_t			digestLen;
	uint32_t			blockLen;
	union {
		CC_MD5_CTX		md5Ctx;
		CC_SHA1_CTX		sha1Ctx;
		CC_SHA256_CTX 	sha256Ctx;
		CC_SHA512_CTX 	sha512Ctx;
	} digest;
	uint8_t				k_opad[HMAC_MAX_BLOCK_SIZE];	/* max block size */
	
	ccDigestInit		digestInit;
	ccDigestUpdate		digestUpdate;
	ccDigestFinal		digestFinal;
} _CCHmacContext;

void CCHmacInit(
	CCHmacContext *ctx, 
	CCHmacAlgorithm algorithm,	/* kCCHmacSHA1, kCCHmacMD5 */
	const void *key,
	size_t keyLength)			/* length of key in bytes */
{
	_CCHmacContext	*hmacCtx = (_CCHmacContext *)ctx;
	uint8_t			tk[HMAC_MAX_DIGEST_SIZE];
	uint8_t			*keyP;
	uint32_t		byte;
	uint8_t			k_ipad[HMAC_MAX_BLOCK_SIZE]; 

	/* if this fails, it's time to adjust CC_HMAC_CONTEXT_SIZE */
	ASSERT(sizeof(_CCHmacContext) < sizeof(CCHmacContext));
	
	if(hmacCtx == NULL) {
		return;
	}
	
	memset(hmacCtx, 0, sizeof(*hmacCtx));
	
	switch(algorithm) {
		case kCCHmacAlgMD5:
			hmacCtx->digestLen    = CC_MD5_DIGEST_LENGTH;
			hmacCtx->blockLen     = CC_MD5_BLOCK_BYTES;
			hmacCtx->digestInit   = (void *)CC_MD5_Init;
			hmacCtx->digestUpdate = (void *)CC_MD5_Update;
			hmacCtx->digestFinal  = (void *)CC_MD5_Final;
			break;
		case kCCHmacAlgSHA1:
			hmacCtx->digestLen    = CC_SHA1_DIGEST_LENGTH;
			hmacCtx->blockLen     = CC_SHA1_BLOCK_BYTES;
			hmacCtx->digestInit   = (void *)CC_SHA1_Init;
			hmacCtx->digestUpdate = (void *)CC_SHA1_Update;
			hmacCtx->digestFinal  = (void *)CC_SHA1_Final;
			break;
		case kCCHmacAlgSHA224:
			hmacCtx->digestLen    = CC_SHA224_DIGEST_LENGTH;
			hmacCtx->blockLen     = CC_SHA224_BLOCK_BYTES;
			hmacCtx->digestInit   = (void *)CC_SHA224_Init;
			hmacCtx->digestUpdate = (void *)CC_SHA224_Update;
			hmacCtx->digestFinal  = (void *)CC_SHA224_Final;
			break;
		case kCCHmacAlgSHA256:
			hmacCtx->digestLen    = CC_SHA256_DIGEST_LENGTH;
			hmacCtx->blockLen     = CC_SHA256_BLOCK_BYTES;
			hmacCtx->digestInit   = (void *)CC_SHA256_Init;
			hmacCtx->digestUpdate = (void *)CC_SHA256_Update;
			hmacCtx->digestFinal  = (void *)CC_SHA256_Final;
			break;
		case kCCHmacAlgSHA384:
			hmacCtx->digestLen    = CC_SHA384_DIGEST_LENGTH;
			hmacCtx->blockLen     = CC_SHA384_BLOCK_BYTES;
			hmacCtx->digestInit   = (void *)CC_SHA384_Init;
			hmacCtx->digestUpdate = (void *)CC_SHA384_Update;
			hmacCtx->digestFinal  = (void *)CC_SHA384_Final;
			break;
		case kCCHmacAlgSHA512:
			hmacCtx->digestLen    = CC_SHA512_DIGEST_LENGTH;
			hmacCtx->blockLen     = CC_SHA512_BLOCK_BYTES;
			hmacCtx->digestInit   = (void *)CC_SHA512_Init;
			hmacCtx->digestUpdate = (void *)CC_SHA512_Update;
			hmacCtx->digestFinal  = (void *)CC_SHA512_Final;
			break;
		default:
			return;
	}
	
	hmacCtx->digestInit(&hmacCtx->digest);
	
	/* If the key is longer than block size, reset it to key=digest(key) */
	if (keyLength <= hmacCtx->blockLen)
		keyP = (uint8_t *)key;
	else {
		hmacCtx->digestUpdate(&hmacCtx->digest, key, keyLength);
		hmacCtx->digestFinal(tk, &hmacCtx->digest);
		keyP = tk;
		keyLength = hmacCtx->digestLen;
		hmacCtx->digestInit(&hmacCtx->digest);
	}
	
	/* The HMAC_<DIG> transform looks like:
	   <DIG> (K XOR opad || <DIG> (K XOR ipad || text))
	   Where K is a n byte key
	   ipad is the byte 0x36 repeated 64 times.
	   opad is the byte 0x5c repeated 64 times.
	   text is the data being protected.
	  */
	/* Copy the key into k_ipad and k_opad while doing the XOR. */
	for (byte = 0; byte < keyLength; byte++)
	{
		k_ipad[byte] = keyP[byte] ^ 0x36;
		hmacCtx->k_opad[byte] = keyP[byte] ^ 0x5c;
	}
	/* Fill the remainder of k_ipad and k_opad with 0 XORed with the appropriate value. */
	if (keyLength < hmacCtx->blockLen)
	{
		memset (k_ipad + keyLength, 0x36, hmacCtx->blockLen - keyLength);
		memset (hmacCtx->k_opad + keyLength, 0x5c, hmacCtx->blockLen - keyLength);
	}
	hmacCtx->digestUpdate(&hmacCtx->digest, k_ipad, hmacCtx->blockLen);
}

void CCHmacUpdate(
	CCHmacContext *ctx, 
	const void *dataIn,
	size_t dataInLength)			/* length of data in bytes */
{
	_CCHmacContext	*hmacCtx = (_CCHmacContext *)ctx;
	hmacCtx->digestUpdate(&hmacCtx->digest, dataIn, dataInLength);
}

void CCHmacFinal(
	CCHmacContext *ctx, 
	void *macOut)
{
	_CCHmacContext	*hmacCtx = (_CCHmacContext *)ctx;
	hmacCtx->digestFinal(macOut, &hmacCtx->digest);
	hmacCtx->digestInit(&hmacCtx->digest);
	/* Perform outer digest */
	hmacCtx->digestUpdate(&hmacCtx->digest, hmacCtx->k_opad, hmacCtx->blockLen);
	hmacCtx->digestUpdate(&hmacCtx->digest, macOut, hmacCtx->digestLen);
	hmacCtx->digestFinal(macOut, &hmacCtx->digest);
}

/*
 * Stateless, one-shot HMAC function. 
 * Output is written to caller-spullied buffer, as in CCHmacFinal().
 */
void CCHmac(
	CCHmacAlgorithm algorithm,	/* kCCHmacSHA1, kCCHmacMD5 */
	const void *key,
	size_t keyLength,			/* length of key in bytes */
	const void *data,
	size_t dataLength,			/* length of data in bytes */
	void *macOut)				/* MAC written here */
{
	CCHmacContext ctx;
	
	CCHmacInit(&ctx, algorithm, key, keyLength);
	CCHmacUpdate(&ctx, data, dataLength);
	CCHmacFinal(&ctx, macOut);
}

Added Source/Digest/md2_dgst.c.

































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
/* crypto/md2/md2_dgst.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include "CommonDigestPriv.h"
#ifndef	 _APPLE_COMMON_CRYPTO_
#include <openssl/md2.h>
#include "opensslv.h"
#endif

#ifndef	_APPLE_COMMON_CRYPTO_
const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT;
#endif

/* Implemented from RFC1319 The MD2 Message-Digest Algorithm
 */

#define UCHAR	unsigned char

static void md2_block(MD2_CTX *c, const unsigned char *d);
/* The magic S table - I have converted it to hex since it is
 * basically just a random byte string. */
static const MD2_INT S[256]={
	0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
	0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
	0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
	0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, 0x82, 0xCA,
	0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
	0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12,
	0xBE, 0x4E, 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49,
	0xA0, 0xFB, 0xF5, 0x8E, 0xBB, 0x2F, 0xEE, 0x7A,
	0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, 0x07, 0x3F,
	0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
	0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27,
	0x35, 0x3E, 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03,
	0xFF, 0x19, 0x30, 0xB3, 0x48, 0xA5, 0xB5, 0xD1,
	0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, 0xAA, 0xC6,
	0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
	0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1,
	0x45, 0x9D, 0x70, 0x59, 0x64, 0x71, 0x87, 0x20,
	0x86, 0x5B, 0xCF, 0x65, 0xE6, 0x2D, 0xA8, 0x02,
	0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, 0xB9, 0xF6,
	0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
	0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A,
	0xC3, 0x5C, 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26,
	0x2C, 0x53, 0x0D, 0x6E, 0x85, 0x28, 0x84, 0x09,
	0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, 0x4D, 0x52,
	0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
	0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A,
	0x78, 0x88, 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D,
	0xE9, 0xCB, 0xD5, 0xFE, 0x3B, 0x00, 0x1D, 0x39,
	0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4,
	0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
	0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A,
	0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14,
	};

#ifndef	_APPLE_COMMON_CRYPTO_
const char *MD2_options(void)
	{
	if (sizeof(MD2_INT) == 1)
		return("md2(char)");
	else
		return("md2(int)");
	}
#endif

int CC_MD2_Init(MD2_CTX *c)
	{
	c->num=0;
	memset(c->state,0,MD2_BLOCK*sizeof(MD2_INT));
	memset(c->cksm,0,MD2_BLOCK*sizeof(MD2_INT));
	memset(c->data,0,MD2_BLOCK);
    return 1;
	}

int CC_MD2_Update(MD2_CTX *c, const void *inData, CC_LONG len)
	{
    const unsigned char *data = (const unsigned char *)inData;
	register UCHAR *p;

	if (len == 0) return 1;

	p=c->data;
	if (c->num != 0)
		{
		if ((c->num+len) >= MD2_BLOCK)
			{
			memcpy(&(p[c->num]),data,MD2_BLOCK-c->num);
			md2_block(c,c->data);
			data+=(MD2_BLOCK - c->num);
			len-=(MD2_BLOCK - c->num);
			c->num=0;
			/* drop through and do the rest */
			}
		else
			{
			memcpy(&(p[c->num]),data,(int)len);
			/* data+=len; */
			c->num+=(int)len;
			return 1;
			}
		}
	/* we now can process the input data in blocks of MD2_BLOCK
	 * chars and save the leftovers to c->data. */
	while (len >= MD2_BLOCK)
		{
		md2_block(c,data);
		data+=MD2_BLOCK;
		len-=MD2_BLOCK;
		}
	memcpy(p,data,(int)len);
	c->num=(int)len;
    return 1;
	}

static void md2_block(MD2_CTX *c, const unsigned char *d)
	{
	register MD2_INT t,*sp1,*sp2;
	register int i,j;
	MD2_INT state[48];

	sp1=c->state;
	sp2=c->cksm;
	j=sp2[MD2_BLOCK-1];
	for (i=0; i<16; i++)
		{
		state[i]=sp1[i];
		state[i+16]=t=d[i];
		state[i+32]=(t^sp1[i]);
		j=sp2[i]^=S[t^j];
		}
	t=0;
	for (i=0; i<18; i++)
		{
		for (j=0; j<48; j+=8)
			{
			t= state[j+ 0]^=S[t];
			t= state[j+ 1]^=S[t];
			t= state[j+ 2]^=S[t];
			t= state[j+ 3]^=S[t];
			t= state[j+ 4]^=S[t];
			t= state[j+ 5]^=S[t];
			t= state[j+ 6]^=S[t];
			t= state[j+ 7]^=S[t];
			}
		t=(t+i)&0xff;
		}
	memcpy(sp1,state,16*sizeof(MD2_INT));
	memset(state,0,48*sizeof(MD2_INT));
	}

int CC_MD2_Final(unsigned char *md, MD2_CTX *c)
	{
	int i,v;
	register UCHAR *cp;
	register MD2_INT *p1,*p2;

	cp=c->data;
	p1=c->state;
	p2=c->cksm;
	v=MD2_BLOCK-c->num;
	for (i=c->num; i<MD2_BLOCK; i++)
		cp[i]=(UCHAR)v;

	md2_block(c,cp);

	for (i=0; i<MD2_BLOCK; i++)
		cp[i]=(UCHAR)p2[i];
	md2_block(c,cp);

	for (i=0; i<16; i++)
		md[i]=(UCHAR)(p1[i]&0xff);
	memset((char *)&c,0,sizeof(c));
    return 1;
	}

#ifdef	_APPLE_COMMON_CRYPTO_

CC_DIGEST_ONE_SHOT(CC_MD2, CC_MD2_CTX, CC_MD2_Init, CC_MD2_Update, CC_MD2_Final)

#endif

Added Source/Digest/md32_common.h.





























































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
/* crypto/md32_common.h */
/* ====================================================================
 * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    licensing@OpenSSL.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */

/*
 * This is a generic 32 bit "collector" for message digest algorithms.
 * Whenever needed it collects input character stream into chunks of
 * 32 bit values and invokes a block function that performs actual hash
 * calculations.
 *
 * Porting guide.
 *
 * Obligatory macros:
 *
 * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
 *	this macro defines byte order of input stream.
 * HASH_CBLOCK
 *	size of a unit chunk HASH_BLOCK operates on.
 * HASH_LONG
 *	has to be at lest 32 bit wide, if it's wider, then
 *	HASH_LONG_LOG2 *has to* be defined along
 * HASH_CTX
 *	context structure that at least contains following
 *	members:
 *		typedef struct {
 *			...
 *			HASH_LONG	Nl,Nh;
 *			HASH_LONG	data[HASH_LBLOCK];
 *			int		num;
 *			...
 *			} HASH_CTX;
 * HASH_UPDATE
 *	name of "Update" function, implemented here.
 * HASH_TRANSFORM
 *	name of "Transform" function, implemented here.
 * HASH_FINAL
 *	name of "Final" function, implemented here.
 * HASH_BLOCK_HOST_ORDER
 *	name of "block" function treating *aligned* input message
 *	in host byte order, implemented externally.
 * HASH_BLOCK_DATA_ORDER
 *	name of "block" function treating *unaligned* input message
 *	in original (data) byte order, implemented externally (it
 *	actually is optional if data and host are of the same
 *	"endianess").
 * HASH_MAKE_STRING
 *	macro convering context variables to an ASCII hash string.
 *
 * Optional macros:
 *
 * B_ENDIAN or L_ENDIAN
 *	defines host byte-order.
 * HASH_LONG_LOG2
 *	defaults to 2 if not states otherwise.
 * HASH_LBLOCK
 *	assumed to be HASH_CBLOCK/4 if not stated otherwise.
 * HASH_BLOCK_DATA_ORDER_ALIGNED
 *	alternative "block" function capable of treating
 *	aligned input message in original (data) order,
 *	implemented externally.
 *
 * MD5 example:
 *
 *	#define DATA_ORDER_IS_LITTLE_ENDIAN
 *
 *	#define HASH_LONG		MD5_LONG
 *	#define HASH_LONG_LOG2		MD5_LONG_LOG2
 *	#define HASH_CTX		MD5_CTX
 *	#define HASH_CBLOCK		MD5_CBLOCK
 *	#define HASH_LBLOCK		MD5_LBLOCK
 *	#define HASH_UPDATE		MD5_Update
 *	#define HASH_TRANSFORM		MD5_Transform
 *	#define HASH_FINAL		MD5_Final
 *	#define HASH_BLOCK_HOST_ORDER	md5_block_host_order
 *	#define HASH_BLOCK_DATA_ORDER	md5_block_data_order
 *
 *					<appro@fy.chalmers.se>
 */

#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
#error "DATA_ORDER must be defined!"
#endif

#ifndef HASH_CBLOCK
#error "HASH_CBLOCK must be defined!"
#endif
#ifndef HASH_LONG
#error "HASH_LONG must be defined!"
#endif
#ifndef HASH_CTX
#error "HASH_CTX must be defined!"
#endif

#ifndef HASH_UPDATE
#error "HASH_UPDATE must be defined!"
#endif
#ifndef HASH_TRANSFORM
#error "HASH_TRANSFORM must be defined!"
#endif
#ifndef HASH_FINAL
#error "HASH_FINAL must be defined!"
#endif

#ifndef HASH_BLOCK_HOST_ORDER
#error "HASH_BLOCK_HOST_ORDER must be defined!"
#endif

#if 0
/*
 * Moved below as it's required only if HASH_BLOCK_DATA_ORDER_ALIGNED
 * isn't defined.
 */
#ifndef HASH_BLOCK_DATA_ORDER
#error "HASH_BLOCK_DATA_ORDER must be defined!"
#endif
#endif

#ifndef HASH_LBLOCK
#define HASH_LBLOCK	(HASH_CBLOCK/4)
#endif

#ifndef HASH_LONG_LOG2
#define HASH_LONG_LOG2	2
#endif

/*
 * Engage compiler specific rotate intrinsic function if available.
 */
#undef ROTATE
#ifndef PEDANTIC
# if 0 /* defined(_MSC_VER) */
#  define ROTATE(a,n)	_lrotl(a,n)
# elif defined(__MWERKS__)
#  if defined(__POWERPC__)
#   define ROTATE(a,n)	__rlwinm(a,n,0,31)
#  elif defined(__MC68K__)
    /* Motorola specific tweak. <appro@fy.chalmers.se> */
#   define ROTATE(a,n)	( n<24 ? __rol(a,n) : __ror(a,32-n) )
#  else
#   define ROTATE(a,n)	__rol(a,n)
#  endif
# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
  /*
   * Some GNU C inline assembler templates. Note that these are
   * rotates by *constant* number of bits! But that's exactly
   * what we need here...
   *
   * 					<appro@fy.chalmers.se>
   */
#  if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
#   define ROTATE(a,n)	({ register unsigned int ret;	\
				asm (			\
				"roll %1,%0"		\
				: "=r"(ret)		\
				: "I"(n), "0"((unsigned int)a)	\
				: "cc");		\
			   ret;				\
			})
#  elif defined(__powerpc) || defined(__ppc)
#   define ROTATE(a,n)	({ register unsigned int ret;	\
				asm (			\
				"rlwinm %0,%1,%2,0,31"	\
				: "=r"(ret)		\
				: "r"(a), "I"(n));	\
			   ret;				\
			})
#  endif
# endif

/*
 * Engage compiler specific "fetch in reverse byte order"
 * intrinsic function if available.
 */
# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
  /* some GNU C inline assembler templates by <appro@fy.chalmers.se> */
#  if (defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)) && !defined(I386_ONLY)
#   define BE_FETCH32(a)	({ register unsigned int l=(a);\
				asm (			\
				"bswapl %0"		\
				: "=r"(l) : "0"(l));	\
			  l;				\
			})
#  elif defined(__powerpc)
#   define LE_FETCH32(a)	({ register unsigned int l;	\
				asm (			\
				"lwbrx %0,0,%1"		\
				: "=r"(l)		\
				: "r"(a));		\
			   l;				\
			})

#  elif defined(__sparc) && defined(OPENSSL_SYS_ULTRASPARC)
#  define LE_FETCH32(a)	({ register unsigned int l;		\
				asm (				\
				"lda [%1]#ASI_PRIMARY_LITTLE,%0"\
				: "=r"(l)			\
				: "r"(a));			\
			   l;					\
			})
#  endif
# endif
#endif /* PEDANTIC */

#if HASH_LONG_LOG2==2	/* Engage only if sizeof(HASH_LONG)== 4 */
/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
#ifdef ROTATE
/* 5 instructions with rotate instruction, else 9 */
#define REVERSE_FETCH32(a,l)	(					\
		l=*(const HASH_LONG *)(a),				\
		((ROTATE(l,8)&0x00FF00FF)|(ROTATE((l&0x00FF00FF),24)))	\
				)
#else
/* 6 instructions with rotate instruction, else 8 */
#define REVERSE_FETCH32(a,l)	(				\
		l=*(const HASH_LONG *)(a),			\
		l=(((l>>8)&0x00FF00FF)|((l&0x00FF00FF)<<8)),	\
		ROTATE(l,16)					\
				)
/*
 * Originally the middle line started with l=(((l&0xFF00FF00)>>8)|...
 * It's rewritten as above for two reasons:
 *	- RISCs aren't good at long constants and have to explicitely
 *	  compose 'em with several (well, usually 2) instructions in a
 *	  register before performing the actual operation and (as you
 *	  already realized:-) having same constant should inspire the
 *	  compiler to permanently allocate the only register for it;
 *	- most modern CPUs have two ALUs, but usually only one has
 *	  circuitry for shifts:-( this minor tweak inspires compiler
 *	  to schedule shift instructions in a better way...
 *
 *				<appro@fy.chalmers.se>
 */
#endif
#endif

#ifndef ROTATE
#define ROTATE(a,n)     (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
#endif

/*
 * Make some obvious choices. E.g., HASH_BLOCK_DATA_ORDER_ALIGNED
 * and HASH_BLOCK_HOST_ORDER ought to be the same if input data
 * and host are of the same "endianess". It's possible to mask
 * this with blank #define HASH_BLOCK_DATA_ORDER though...
 *
 *				<appro@fy.chalmers.se>
 */
#if defined(B_ENDIAN)
#  if defined(DATA_ORDER_IS_BIG_ENDIAN)
#    if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
#      define HASH_BLOCK_DATA_ORDER_ALIGNED	HASH_BLOCK_HOST_ORDER
#    endif
#  elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
#    ifndef HOST_FETCH32
#      ifdef LE_FETCH32
#        define HOST_FETCH32(p,l)	LE_FETCH32(p)
#      elif defined(REVERSE_FETCH32)
#        define HOST_FETCH32(p,l)	REVERSE_FETCH32(p,l)
#      endif
#    endif
#  endif
#elif defined(L_ENDIAN)
#  if defined(DATA_ORDER_IS_LITTLE_ENDIAN)
#    if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
#      define HASH_BLOCK_DATA_ORDER_ALIGNED	HASH_BLOCK_HOST_ORDER
#    endif
#  elif defined(DATA_ORDER_IS_BIG_ENDIAN)
#    ifndef HOST_FETCH32
#      ifdef BE_FETCH32
#        define HOST_FETCH32(p,l)	BE_FETCH32(p)
#      elif defined(REVERSE_FETCH32)
#        define HOST_FETCH32(p,l)	REVERSE_FETCH32(p,l)
#      endif
#    endif
#  endif
#endif

#if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
#ifndef HASH_BLOCK_DATA_ORDER
#error "HASH_BLOCK_DATA_ORDER must be defined!"
#endif
#endif

#if defined(DATA_ORDER_IS_BIG_ENDIAN)

#define HOST_c2l(c,l)	(l =(((unsigned long)(*((c)++)))<<24),		\
			 l|=(((unsigned long)(*((c)++)))<<16),		\
			 l|=(((unsigned long)(*((c)++)))<< 8),		\
			 l|=(((unsigned long)(*((c)++)))    ),		\
			 l)
#define HOST_p_c2l(c,l,n)	{					\
			switch (n) {					\
			case 0: l =((unsigned long)(*((c)++)))<<24;	\
			case 1: l|=((unsigned long)(*((c)++)))<<16;	\
			case 2: l|=((unsigned long)(*((c)++)))<< 8;	\
			case 3: l|=((unsigned long)(*((c)++)));		\
				} }
#define HOST_p_c2l_p(c,l,sc,len) {					\
			switch (sc) {					\
			case 0: l =((unsigned long)(*((c)++)))<<24;	\
				if (--len == 0) break;			\
			case 1: l|=((unsigned long)(*((c)++)))<<16;	\
				if (--len == 0) break;			\
			case 2: l|=((unsigned long)(*((c)++)))<< 8;	\
				} }
/* NOTE the pointer is not incremented at the end of this */
#define HOST_c2l_p(c,l,n)	{					\
			l=0; (c)+=n;					\
			switch (n) {					\
			case 3: l =((unsigned long)(*(--(c))))<< 8;	\
			case 2: l|=((unsigned long)(*(--(c))))<<16;	\
			case 1: l|=((unsigned long)(*(--(c))))<<24;	\
				} }
#define HOST_l2c(l,c)	(*((c)++)=(unsigned char)(((l)>>24)&0xff),	\
			 *((c)++)=(unsigned char)(((l)>>16)&0xff),	\
			 *((c)++)=(unsigned char)(((l)>> 8)&0xff),	\
			 *((c)++)=(unsigned char)(((l)    )&0xff),	\
			 l)

#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)

#define HOST_c2l(c,l)	(l =(((unsigned long)(*((c)++)))    ),		\
			 l|=(((unsigned long)(*((c)++)))<< 8),		\
			 l|=(((unsigned long)(*((c)++)))<<16),		\
			 l|=(((unsigned long)(*((c)++)))<<24),		\
			 l)
#define HOST_p_c2l(c,l,n)	{					\
			switch (n) {					\
			case 0: l =((unsigned long)(*((c)++)));		\
			case 1: l|=((unsigned long)(*((c)++)))<< 8;	\
			case 2: l|=((unsigned long)(*((c)++)))<<16;	\
			case 3: l|=((unsigned long)(*((c)++)))<<24;	\
				} }
#define HOST_p_c2l_p(c,l,sc,len) {					\
			switch (sc) {					\
			case 0: l =((unsigned long)(*((c)++)));		\
				if (--len == 0) break;			\
			case 1: l|=((unsigned long)(*((c)++)))<< 8;	\
				if (--len == 0) break;			\
			case 2: l|=((unsigned long)(*((c)++)))<<16;	\
				} }
/* NOTE the pointer is not incremented at the end of this */
#define HOST_c2l_p(c,l,n)	{					\
			l=0; (c)+=n;					\
			switch (n) {					\
			case 3: l =((unsigned long)(*(--(c))))<<16;	\
			case 2: l|=((unsigned long)(*(--(c))))<< 8;	\
			case 1: l|=((unsigned long)(*(--(c))));		\
				} }
#define HOST_l2c(l,c)	(*((c)++)=(unsigned char)(((l)    )&0xff),	\
			 *((c)++)=(unsigned char)(((l)>> 8)&0xff),	\
			 *((c)++)=(unsigned char)(((l)>>16)&0xff),	\
			 *((c)++)=(unsigned char)(((l)>>24)&0xff),	\
			 l)

#endif

/*
 * Time for some action:-)
 */

int HASH_UPDATE (HASH_CTX *c, const void *data_, CC_LONG len)
	{
	const unsigned char *data=data_;
	register HASH_LONG * p;
	register unsigned long l;
	int sw,sc,ew,ec;

	if (len==0) return 1;

	l=(c->Nl+(len<<3))&0xffffffffL;
	/* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
	 * Wei Dai <weidai@eskimo.com> for pointing it out. */
	if (l < c->Nl) /* overflow */
		c->Nh++;
	c->Nh+=(len>>29);
	c->Nl=l;

	if (c->num != 0)
		{
		p=c->data;
		sw=c->num>>2;
		sc=c->num&0x03;

		if ((c->num+len) >= HASH_CBLOCK)
			{
			l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l;
			for (; sw<HASH_LBLOCK; sw++)
				{
				HOST_c2l(data,l); p[sw]=l;
				}
			HASH_BLOCK_HOST_ORDER (c,p,1);
			len-=(HASH_CBLOCK-c->num);
			c->num=0;
			/* drop through and do the rest */
			}
		else
			{
			c->num+=len;
			if ((sc+len) < 4) /* ugly, add char's to a word */
				{
				l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l;
				}
			else
				{
				ew=(c->num>>2);
				ec=(c->num&0x03);
				if (sc)
					l=p[sw];
				HOST_p_c2l(data,l,sc);
				p[sw++]=l;
				for (; sw < ew; sw++)
					{
					HOST_c2l(data,l); p[sw]=l;
					}
				if (ec)
					{
					HOST_c2l_p(data,l,ec); p[sw]=l;
					}
				}
			return 1;
			}
		}

	sw=len/HASH_CBLOCK;
	if (sw > 0)
		{
#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
		/*
		 * Note that HASH_BLOCK_DATA_ORDER_ALIGNED gets defined
		 * only if sizeof(HASH_LONG)==4.
		 */
		if ((((unsigned long)data)%4) == 0)
			{
			/* data is properly aligned so that we can cast it: */
			HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,sw);
			sw*=HASH_CBLOCK;
			data+=sw;
			len-=sw;
			}
		else
#if !defined(HASH_BLOCK_DATA_ORDER)
			while (sw--)
				{
				memcpy (p=c->data,data,HASH_CBLOCK);
				HASH_BLOCK_DATA_ORDER_ALIGNED(c,p,1);
				data+=HASH_CBLOCK;
				len-=HASH_CBLOCK;
				}
#endif
#endif
#if defined(HASH_BLOCK_DATA_ORDER)
			{
			HASH_BLOCK_DATA_ORDER(c,data,sw);
			sw*=HASH_CBLOCK;
			data+=sw;
			len-=sw;
			}
#endif
		}

	if (len!=0)
		{
		p = c->data;
		c->num = len;
		ew=len>>2;	/* words to copy */
		ec=len&0x03;
		for (; ew; ew--,p++)
			{
			HOST_c2l(data,l); *p=l;
			}
		HOST_c2l_p(data,l,ec);
		*p=l;
		}
	return 1;
	}

void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data);

void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data)
	{
#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
	if ((((unsigned long)data)%4) == 0)
		/* data is properly aligned so that we can cast it: */
		HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,1);
	else
#if !defined(HASH_BLOCK_DATA_ORDER)
		{
		memcpy (c->data,data,HASH_CBLOCK);
		HASH_BLOCK_DATA_ORDER_ALIGNED (c,c->data,1);
		}
#endif
#endif
#if defined(HASH_BLOCK_DATA_ORDER)
	HASH_BLOCK_DATA_ORDER (c,data,1);
#endif
	}


int HASH_FINAL (unsigned char *md, HASH_CTX *c)
	{
	register HASH_LONG *p;
	register unsigned long l;
	register int i,j;
	static const unsigned char end[4]={0x80,0x00,0x00,0x00};
	const unsigned char *cp=end;

	/* c->num should definitly have room for at least one more byte. */
	p=c->data;
	i=c->num>>2;
	j=c->num&0x03;

#if 0
	/* purify often complains about the following line as an
	 * Uninitialized Memory Read.  While this can be true, the
	 * following p_c2l macro will reset l when that case is true.
	 * This is because j&0x03 contains the number of 'valid' bytes
	 * already in p[i].  If and only if j&0x03 == 0, the UMR will
	 * occur but this is also the only time p_c2l will do
	 * l= *(cp++) instead of l|= *(cp++)
	 * Many thanks to Alex Tang <altitude@cic.net> for pickup this
	 * 'potential bug' */
#ifdef PURIFY
	if (j==0) p[i]=0; /* Yeah, but that's not the way to fix it:-) */
#endif
	l=p[i];
#else
	l = (j==0) ? 0 : p[i];
#endif
	HOST_p_c2l(cp,l,j); p[i++]=l; /* i is the next 'undefined word' */

	if (i>(HASH_LBLOCK-2)) /* save room for Nl and Nh */
		{
		if (i<HASH_LBLOCK) p[i]=0;
		HASH_BLOCK_HOST_ORDER (c,p,1);
		i=0;
		}
	for (; i<(HASH_LBLOCK-2); i++)
		p[i]=0;

#if   defined(DATA_ORDER_IS_BIG_ENDIAN)
	p[HASH_LBLOCK-2]=c->Nh;
	p[HASH_LBLOCK-1]=c->Nl;
#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
	p[HASH_LBLOCK-2]=c->Nl;
	p[HASH_LBLOCK-1]=c->Nh;
#endif
	HASH_BLOCK_HOST_ORDER (c,p,1);

#ifndef HASH_MAKE_STRING
#error "HASH_MAKE_STRING must be defined!"
#else
	HASH_MAKE_STRING(c,md);
#endif

	c->num=0;
	/* clear stuff, HASH_BLOCK may be leaving some stuff on the stack
	 * but I'm not worried :-)
	OPENSSL_cleanse((void *)c,sizeof(HASH_CTX));
	 */
	return 1;
	}

#ifndef MD32_REG_T
#define MD32_REG_T long
/*
 * This comment was originaly written for MD5, which is why it
 * discusses A-D. But it basically applies to all 32-bit digests,
 * which is why it was moved to common header file.
 *
 * In case you wonder why A-D are declared as long and not
 * as MD5_LONG. Doing so results in slight performance
 * boost on LP64 architectures. The catch is we don't
 * really care if 32 MSBs of a 64-bit register get polluted
 * with eventual overflows as we *save* only 32 LSBs in
 * *either* case. Now declaring 'em long excuses the compiler
 * from keeping 32 MSBs zeroed resulting in 13% performance
 * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
 * Well, to be honest it should say that this *prevents* 
 * performance degradation.
 *				<appro@fy.chalmers.se>
 * Apparently there're LP64 compilers that generate better
 * code if A-D are declared int. Most notably GCC-x86_64
 * generates better code.
 *				<appro@fy.chalmers.se>
 */
#endif

Added Source/Digest/md4_dgst.c.

























































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
/* crypto/md4/md4_dgst.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <stdio.h>
#include "CommonDigestPriv.h"
#include "md4_locl.h"
#ifndef		_APPLE_COMMON_CRYPTO_
#include <openssl/opensslv.h>

const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT;
#endif		/* _APPLE_COMMON_CRYPTO_ */


/* Implemented from RFC1186 The MD4 Message-Digest Algorithm
 */

#define INIT_DATA_A (unsigned long)0x67452301L
#define INIT_DATA_B (unsigned long)0xefcdab89L
#define INIT_DATA_C (unsigned long)0x98badcfeL
#define INIT_DATA_D (unsigned long)0x10325476L

int CC_MD4_Init(MD4_CTX *c)
	{
	c->A=INIT_DATA_A;
	c->B=INIT_DATA_B;
	c->C=INIT_DATA_C;
	c->D=INIT_DATA_D;
	c->Nl=0;
	c->Nh=0;
	c->num=0;
	return 1;
	}

#ifndef md4_block_host_order
__private_extern__ void md4_block_host_order (MD4_CTX *c, const void *data, int num)
	{
	const MD4_LONG *X=data;
	register unsigned MD32_REG_T A,B,C,D;

	A=c->A;
	B=c->B;
	C=c->C;
	D=c->D;

	for (;num--;X+=HASH_LBLOCK)
		{
	/* Round 0 */
	R0(A,B,C,D,X[ 0], 3,0);
	R0(D,A,B,C,X[ 1], 7,0);
	R0(C,D,A,B,X[ 2],11,0);
	R0(B,C,D,A,X[ 3],19,0);
	R0(A,B,C,D,X[ 4], 3,0);
	R0(D,A,B,C,X[ 5], 7,0);
	R0(C,D,A,B,X[ 6],11,0);
	R0(B,C,D,A,X[ 7],19,0);
	R0(A,B,C,D,X[ 8], 3,0);
	R0(D,A,B,C,X[ 9], 7,0);
	R0(C,D,A,B,X[10],11,0);
	R0(B,C,D,A,X[11],19,0);
	R0(A,B,C,D,X[12], 3,0);
	R0(D,A,B,C,X[13], 7,0);
	R0(C,D,A,B,X[14],11,0);
	R0(B,C,D,A,X[15],19,0);
	/* Round 1 */
	R1(A,B,C,D,X[ 0], 3,0x5A827999L);
	R1(D,A,B,C,X[ 4], 5,0x5A827999L);
	R1(C,D,A,B,X[ 8], 9,0x5A827999L);
	R1(B,C,D,A,X[12],13,0x5A827999L);
	R1(A,B,C,D,X[ 1], 3,0x5A827999L);
	R1(D,A,B,C,X[ 5], 5,0x5A827999L);
	R1(C,D,A,B,X[ 9], 9,0x5A827999L);
	R1(B,C,D,A,X[13],13,0x5A827999L);
	R1(A,B,C,D,X[ 2], 3,0x5A827999L);
	R1(D,A,B,C,X[ 6], 5,0x5A827999L);
	R1(C,D,A,B,X[10], 9,0x5A827999L);
	R1(B,C,D,A,X[14],13,0x5A827999L);
	R1(A,B,C,D,X[ 3], 3,0x5A827999L);
	R1(D,A,B,C,X[ 7], 5,0x5A827999L);
	R1(C,D,A,B,X[11], 9,0x5A827999L);
	R1(B,C,D,A,X[15],13,0x5A827999L);
	/* Round 2 */
	R2(A,B,C,D,X[ 0], 3,0x6ED9EBA1);
	R2(D,A,B,C,X[ 8], 9,0x6ED9EBA1);
	R2(C,D,A,B,X[ 4],11,0x6ED9EBA1);
	R2(B,C,D,A,X[12],15,0x6ED9EBA1);
	R2(A,B,C,D,X[ 2], 3,0x6ED9EBA1);
	R2(D,A,B,C,X[10], 9,0x6ED9EBA1);
	R2(C,D,A,B,X[ 6],11,0x6ED9EBA1);
	R2(B,C,D,A,X[14],15,0x6ED9EBA1);
	R2(A,B,C,D,X[ 1], 3,0x6ED9EBA1);
	R2(D,A,B,C,X[ 9], 9,0x6ED9EBA1);
	R2(C,D,A,B,X[ 5],11,0x6ED9EBA1);
	R2(B,C,D,A,X[13],15,0x6ED9EBA1);
	R2(A,B,C,D,X[ 3], 3,0x6ED9EBA1);
	R2(D,A,B,C,X[11], 9,0x6ED9EBA1);
	R2(C,D,A,B,X[ 7],11,0x6ED9EBA1);
	R2(B,C,D,A,X[15],15,0x6ED9EBA1);

	A = c->A += A;
	B = c->B += B;
	C = c->C += C;
	D = c->D += D;
		}
	}
#endif

#ifndef md4_block_data_order
#ifdef X
#undef X
#endif
__private_extern__ void md4_block_data_order (MD4_CTX *c, const void *data_, int num)
	{
	const unsigned char *data=data_;
	register unsigned MD32_REG_T A,B,C,D,l;
#ifndef MD32_XARRAY
	/* See comment in crypto/sha/sha_locl.h for details. */
	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
# define X(i)	XX##i
#else
	MD4_LONG XX[MD4_LBLOCK];
# define X(i)	XX[i]
#endif

	A=c->A;
	B=c->B;
	C=c->C;
	D=c->D;

	for (;num--;)
		{
	HOST_c2l(data,l); X( 0)=l;		HOST_c2l(data,l); X( 1)=l;
	/* Round 0 */
	R0(A,B,C,D,X( 0), 3,0);	HOST_c2l(data,l); X( 2)=l;
	R0(D,A,B,C,X( 1), 7,0);	HOST_c2l(data,l); X( 3)=l;
	R0(C,D,A,B,X( 2),11,0);	HOST_c2l(data,l); X( 4)=l;
	R0(B,C,D,A,X( 3),19,0);	HOST_c2l(data,l); X( 5)=l;
	R0(A,B,C,D,X( 4), 3,0);	HOST_c2l(data,l); X( 6)=l;
	R0(D,A,B,C,X( 5), 7,0);	HOST_c2l(data,l); X( 7)=l;
	R0(C,D,A,B,X( 6),11,0);	HOST_c2l(data,l); X( 8)=l;
	R0(B,C,D,A,X( 7),19,0);	HOST_c2l(data,l); X( 9)=l;
	R0(A,B,C,D,X( 8), 3,0);	HOST_c2l(data,l); X(10)=l;
	R0(D,A,B,C,X( 9), 7,0);	HOST_c2l(data,l); X(11)=l;
	R0(C,D,A,B,X(10),11,0);	HOST_c2l(data,l); X(12)=l;
	R0(B,C,D,A,X(11),19,0);	HOST_c2l(data,l); X(13)=l;
	R0(A,B,C,D,X(12), 3,0);	HOST_c2l(data,l); X(14)=l;
	R0(D,A,B,C,X(13), 7,0);	HOST_c2l(data,l); X(15)=l;
	R0(C,D,A,B,X(14),11,0);
	R0(B,C,D,A,X(15),19,0);
	/* Round 1 */
	R1(A,B,C,D,X( 0), 3,0x5A827999L);
	R1(D,A,B,C,X( 4), 5,0x5A827999L);
	R1(C,D,A,B,X( 8), 9,0x5A827999L);
	R1(B,C,D,A,X(12),13,0x5A827999L);
	R1(A,B,C,D,X( 1), 3,0x5A827999L);
	R1(D,A,B,C,X( 5), 5,0x5A827999L);
	R1(C,D,A,B,X( 9), 9,0x5A827999L);
	R1(B,C,D,A,X(13),13,0x5A827999L);
	R1(A,B,C,D,X( 2), 3,0x5A827999L);
	R1(D,A,B,C,X( 6), 5,0x5A827999L);
	R1(C,D,A,B,X(10), 9,0x5A827999L);
	R1(B,C,D,A,X(14),13,0x5A827999L);
	R1(A,B,C,D,X( 3), 3,0x5A827999L);
	R1(D,A,B,C,X( 7), 5,0x5A827999L);
	R1(C,D,A,B,X(11), 9,0x5A827999L);
	R1(B,C,D,A,X(15),13,0x5A827999L);
	/* Round 2 */
	R2(A,B,C,D,X( 0), 3,0x6ED9EBA1L);
	R2(D,A,B,C,X( 8), 9,0x6ED9EBA1L);
	R2(C,D,A,B,X( 4),11,0x6ED9EBA1L);
	R2(B,C,D,A,X(12),15,0x6ED9EBA1L);
	R2(A,B,C,D,X( 2), 3,0x6ED9EBA1L);
	R2(D,A,B,C,X(10), 9,0x6ED9EBA1L);
	R2(C,D,A,B,X( 6),11,0x6ED9EBA1L);
	R2(B,C,D,A,X(14),15,0x6ED9EBA1L);
	R2(A,B,C,D,X( 1), 3,0x6ED9EBA1L);
	R2(D,A,B,C,X( 9), 9,0x6ED9EBA1L);
	R2(C,D,A,B,X( 5),11,0x6ED9EBA1L);
	R2(B,C,D,A,X(13),15,0x6ED9EBA1L);
	R2(A,B,C,D,X( 3), 3,0x6ED9EBA1L);
	R2(D,A,B,C,X(11), 9,0x6ED9EBA1L);
	R2(C,D,A,B,X( 7),11,0x6ED9EBA1L);
	R2(B,C,D,A,X(15),15,0x6ED9EBA1L);

	A = c->A += A;
	B = c->B += B;
	C = c->C += C;
	D = c->D += D;
		}
	}
#endif

#ifdef undef
int printit(unsigned long *l)
	{
	int i,ii;

	for (i=0; i<2; i++)
		{
		for (ii=0; ii<8; ii++)
			{
			fprintf(stderr,"%08lx ",l[i*8+ii]);
			}
		fprintf(stderr,"\n");
		}
	}
#endif

#ifdef	_APPLE_COMMON_CRYPTO_

CC_DIGEST_ONE_SHOT(CC_MD4, CC_MD4_CTX, CC_MD4_Init, CC_MD4_Update, CC_MD4_Final)

#endif

Added Source/Digest/md4_locl.h.











































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
/* crypto/md4/md4_locl.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <stdlib.h>
#include <string.h>
#include "CommonDigestPriv.h"

#ifndef	_APPLE_COMMON_CRYPTO_
#include <openssl/opensslconf.h>
#include <openssl/md4.h>
#endif	/* _APPLE_COMMON_CRYPTO_ */

#ifndef MD4_LONG_LOG2
#define MD4_LONG_LOG2 2 /* default to 32 bits */
#endif

__private_extern__ void md4_block_host_order (MD4_CTX *c, const void *p,int num);
__private_extern__ void md4_block_data_order (MD4_CTX *c, const void *p,int num);

#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || defined(__x86_64__)
/*
 * *_block_host_order is expected to handle aligned data while
 * *_block_data_order - unaligned. As algorithm and host (x86)
 * are in this case of the same "endianness" these two are
 * otherwise indistinguishable. But normally you don't want to
 * call the same function because unaligned access in places
 * where alignment is expected is usually a "Bad Thing". Indeed,
 * on RISCs you get punished with BUS ERROR signal or *severe*
 * performance degradation. Intel CPUs are in turn perfectly
 * capable of loading unaligned data without such drastic side
 * effect. Yes, they say it's slower than aligned load, but no
 * exception is generated and therefore performance degradation
 * is *incomparable* with RISCs. What we should weight here is
 * costs of unaligned access against costs of aligning data.
 * According to my measurements allowing unaligned access results
 * in ~9% performance improvement on Pentium II operating at
 * 266MHz. I won't be surprised if the difference will be higher
 * on faster systems:-)
 *
 *				<appro@fy.chalmers.se>
 */
#define md4_block_data_order md4_block_host_order
#endif

#define DATA_ORDER_IS_LITTLE_ENDIAN

#define HASH_LONG		MD4_LONG
#define HASH_LONG_LOG2	MD4_LONG_LOG2
#define HASH_CTX		MD4_CTX
#define HASH_CBLOCK		MD4_CBLOCK
#define HASH_LBLOCK		MD4_LBLOCK
#ifdef	_APPLE_COMMON_CRYPTO_
#define HASH_UPDATE		CC_MD4_Update
#define HASH_TRANSFORM	CC_MD4_Transform
#define HASH_FINAL		CC_MD4_Final
#else
#define HASH_UPDATE		MD4_Update
#define HASH_TRANSFORM	MD4_Transform
#define HASH_FINAL		MD4_Final
#endif

#define	HASH_MAKE_STRING(c,s)	do {	\
	unsigned long ll;		\
	ll=(c)->A; HOST_l2c(ll,(s));	\
	ll=(c)->B; HOST_l2c(ll,(s));	\
	ll=(c)->C; HOST_l2c(ll,(s));	\
	ll=(c)->D; HOST_l2c(ll,(s));	\
	} while (0)
#define HASH_BLOCK_HOST_ORDER	md4_block_host_order
#if !defined(L_ENDIAN) || defined(md4_block_data_order)
#define	HASH_BLOCK_DATA_ORDER	md4_block_data_order
/*
 * Little-endians (Intel and Alpha) feel better without this.
 * It looks like memcpy does better job than generic
 * md4_block_data_order on copying-n-aligning input data.
 * But frankly speaking I didn't expect such result on Alpha.
 * On the other hand I've got this with egcs-1.0.2 and if
 * program is compiled with another (better?) compiler it
 * might turn out other way around.
 *
 *				<appro@fy.chalmers.se>
 */
#endif

#include "md32_common.h"

/*
#define	F(x,y,z)	(((x) & (y))  |  ((~(x)) & (z)))
#define	G(x,y,z)	(((x) & (y))  |  ((x) & ((z))) | ((y) & ((z))))
*/

/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
 * simplified to the code below.  Wei attributes these optimizations
 * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
 */
#define	F(b,c,d)	((((c) ^ (d)) & (b)) ^ (d))
#define G(b,c,d)	(((b) & (c)) | ((b) & (d)) | ((c) & (d)))
#define	H(b,c,d)	((b) ^ (c) ^ (d))

#define R0(a,b,c,d,k,s,t) { \
	a+=((k)+(t)+F((b),(c),(d))); \
	a=ROTATE(a,s); };

#define R1(a,b,c,d,k,s,t) { \
	a+=((k)+(t)+G((b),(c),(d))); \
	a=ROTATE(a,s); };\

#define R2(a,b,c,d,k,s,t) { \
	a+=((k)+(t)+H((b),(c),(d))); \
	a=ROTATE(a,s); };

Added Source/Digest/md5_dgst.c.



















































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
/* crypto/md5/md5_dgst.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <stdio.h>
#include "CommonDigestPriv.h"
#include "md5_locl.h"

#ifndef		_APPLE_COMMON_CRYPTO_
#include <openssl/opensslv.h>
const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT;
#endif

/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
 */

#define INIT_DATA_A (unsigned long)0x67452301L
#define INIT_DATA_B (unsigned long)0xefcdab89L
#define INIT_DATA_C (unsigned long)0x98badcfeL
#define INIT_DATA_D (unsigned long)0x10325476L

int CC_MD5_Init(MD5_CTX *c)
	{
	c->A=INIT_DATA_A;
	c->B=INIT_DATA_B;
	c->C=INIT_DATA_C;
	c->D=INIT_DATA_D;
	c->Nl=0;
	c->Nh=0;
	c->num=0;
	return 1;
	}

#ifndef md5_block_host_order
__private_extern__ void md5_block_host_order (MD5_CTX *c, const void *data, int num)
	{
	const MD5_LONG *X=data;
	register unsigned MD32_REG_T A,B,C,D;

	A=c->A;
	B=c->B;
	C=c->C;
	D=c->D;

	for (;num--;X+=HASH_LBLOCK)
		{
	/* Round 0 */
	R0(A,B,C,D,X[ 0], 7,0xd76aa478L);
	R0(D,A,B,C,X[ 1],12,0xe8c7b756L);
	R0(C,D,A,B,X[ 2],17,0x242070dbL);
	R0(B,C,D,A,X[ 3],22,0xc1bdceeeL);
	R0(A,B,C,D,X[ 4], 7,0xf57c0fafL);
	R0(D,A,B,C,X[ 5],12,0x4787c62aL);
	R0(C,D,A,B,X[ 6],17,0xa8304613L);
	R0(B,C,D,A,X[ 7],22,0xfd469501L);
	R0(A,B,C,D,X[ 8], 7,0x698098d8L);
	R0(D,A,B,C,X[ 9],12,0x8b44f7afL);
	R0(C,D,A,B,X[10],17,0xffff5bb1L);
	R0(B,C,D,A,X[11],22,0x895cd7beL);
	R0(A,B,C,D,X[12], 7,0x6b901122L);
	R0(D,A,B,C,X[13],12,0xfd987193L);
	R0(C,D,A,B,X[14],17,0xa679438eL);
	R0(B,C,D,A,X[15],22,0x49b40821L);
	/* Round 1 */
	R1(A,B,C,D,X[ 1], 5,0xf61e2562L);
	R1(D,A,B,C,X[ 6], 9,0xc040b340L);
	R1(C,D,A,B,X[11],14,0x265e5a51L);
	R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL);
	R1(A,B,C,D,X[ 5], 5,0xd62f105dL);
	R1(D,A,B,C,X[10], 9,0x02441453L);
	R1(C,D,A,B,X[15],14,0xd8a1e681L);
	R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L);
	R1(A,B,C,D,X[ 9], 5,0x21e1cde6L);
	R1(D,A,B,C,X[14], 9,0xc33707d6L);
	R1(C,D,A,B,X[ 3],14,0xf4d50d87L);
	R1(B,C,D,A,X[ 8],20,0x455a14edL);
	R1(A,B,C,D,X[13], 5,0xa9e3e905L);
	R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L);
	R1(C,D,A,B,X[ 7],14,0x676f02d9L);
	R1(B,C,D,A,X[12],20,0x8d2a4c8aL);
	/* Round 2 */
	R2(A,B,C,D,X[ 5], 4,0xfffa3942L);
	R2(D,A,B,C,X[ 8],11,0x8771f681L);
	R2(C,D,A,B,X[11],16,0x6d9d6122L);
	R2(B,C,D,A,X[14],23,0xfde5380cL);
	R2(A,B,C,D,X[ 1], 4,0xa4beea44L);
	R2(D,A,B,C,X[ 4],11,0x4bdecfa9L);
	R2(C,D,A,B,X[ 7],16,0xf6bb4b60L);
	R2(B,C,D,A,X[10],23,0xbebfbc70L);
	R2(A,B,C,D,X[13], 4,0x289b7ec6L);
	R2(D,A,B,C,X[ 0],11,0xeaa127faL);
	R2(C,D,A,B,X[ 3],16,0xd4ef3085L);
	R2(B,C,D,A,X[ 6],23,0x04881d05L);
	R2(A,B,C,D,X[ 9], 4,0xd9d4d039L);
	R2(D,A,B,C,X[12],11,0xe6db99e5L);
	R2(C,D,A,B,X[15],16,0x1fa27cf8L);
	R2(B,C,D,A,X[ 2],23,0xc4ac5665L);
	/* Round 3 */
	R3(A,B,C,D,X[ 0], 6,0xf4292244L);
	R3(D,A,B,C,X[ 7],10,0x432aff97L);
	R3(C,D,A,B,X[14],15,0xab9423a7L);
	R3(B,C,D,A,X[ 5],21,0xfc93a039L);
	R3(A,B,C,D,X[12], 6,0x655b59c3L);
	R3(D,A,B,C,X[ 3],10,0x8f0ccc92L);
	R3(C,D,A,B,X[10],15,0xffeff47dL);
	R3(B,C,D,A,X[ 1],21,0x85845dd1L);
	R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL);
	R3(D,A,B,C,X[15],10,0xfe2ce6e0L);
	R3(C,D,A,B,X[ 6],15,0xa3014314L);
	R3(B,C,D,A,X[13],21,0x4e0811a1L);
	R3(A,B,C,D,X[ 4], 6,0xf7537e82L);
	R3(D,A,B,C,X[11],10,0xbd3af235L);
	R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL);
	R3(B,C,D,A,X[ 9],21,0xeb86d391L);

	A = c->A += A;
	B = c->B += B;
	C = c->C += C;
	D = c->D += D;
		}
	}
#endif

#ifndef md5_block_data_order
#ifdef X
#undef X
#endif
__private_extern__ void md5_block_data_order (MD5_CTX *c, const void *data_, int num)
	{
	const unsigned char *data=data_;
	register unsigned MD32_REG_T A,B,C,D,l;
#ifndef MD32_XARRAY
	/* See comment in crypto/sha/sha_locl.h for details. */
	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
# define X(i)	XX##i
#else
	MD5_LONG XX[MD5_LBLOCK];
# define X(i)	XX[i]
#endif

	A=c->A;
	B=c->B;
	C=c->C;
	D=c->D;

	for (;num--;)
		{
	HOST_c2l(data,l); X( 0)=l;		HOST_c2l(data,l); X( 1)=l;
	/* Round 0 */
	R0(A,B,C,D,X( 0), 7,0xd76aa478L);	HOST_c2l(data,l); X( 2)=l;
	R0(D,A,B,C,X( 1),12,0xe8c7b756L);	HOST_c2l(data,l); X( 3)=l;
	R0(C,D,A,B,X( 2),17,0x242070dbL);	HOST_c2l(data,l); X( 4)=l;
	R0(B,C,D,A,X( 3),22,0xc1bdceeeL);	HOST_c2l(data,l); X( 5)=l;
	R0(A,B,C,D,X( 4), 7,0xf57c0fafL);	HOST_c2l(data,l); X( 6)=l;
	R0(D,A,B,C,X( 5),12,0x4787c62aL);	HOST_c2l(data,l); X( 7)=l;
	R0(C,D,A,B,X( 6),17,0xa8304613L);	HOST_c2l(data,l); X( 8)=l;
	R0(B,C,D,A,X( 7),22,0xfd469501L);	HOST_c2l(data,l); X( 9)=l;
	R0(A,B,C,D,X( 8), 7,0x698098d8L);	HOST_c2l(data,l); X(10)=l;
	R0(D,A,B,C,X( 9),12,0x8b44f7afL);	HOST_c2l(data,l); X(11)=l;
	R0(C,D,A,B,X(10),17,0xffff5bb1L);	HOST_c2l(data,l); X(12)=l;
	R0(B,C,D,A,X(11),22,0x895cd7beL);	HOST_c2l(data,l); X(13)=l;
	R0(A,B,C,D,X(12), 7,0x6b901122L);	HOST_c2l(data,l); X(14)=l;
	R0(D,A,B,C,X(13),12,0xfd987193L);	HOST_c2l(data,l); X(15)=l;
	R0(C,D,A,B,X(14),17,0xa679438eL);
	R0(B,C,D,A,X(15),22,0x49b40821L);
	/* Round 1 */
	R1(A,B,C,D,X( 1), 5,0xf61e2562L);
	R1(D,A,B,C,X( 6), 9,0xc040b340L);
	R1(C,D,A,B,X(11),14,0x265e5a51L);
	R1(B,C,D,A,X( 0),20,0xe9b6c7aaL);
	R1(A,B,C,D,X( 5), 5,0xd62f105dL);
	R1(D,A,B,C,X(10), 9,0x02441453L);
	R1(C,D,A,B,X(15),14,0xd8a1e681L);
	R1(B,C,D,A,X( 4),20,0xe7d3fbc8L);
	R1(A,B,C,D,X( 9), 5,0x21e1cde6L);
	R1(D,A,B,C,X(14), 9,0xc33707d6L);
	R1(C,D,A,B,X( 3),14,0xf4d50d87L);
	R1(B,C,D,A,X( 8),20,0x455a14edL);
	R1(A,B,C,D,X(13), 5,0xa9e3e905L);
	R1(D,A,B,C,X( 2), 9,0xfcefa3f8L);
	R1(C,D,A,B,X( 7),14,0x676f02d9L);
	R1(B,C,D,A,X(12),20,0x8d2a4c8aL);
	/* Round 2 */
	R2(A,B,C,D,X( 5), 4,0xfffa3942L);
	R2(D,A,B,C,X( 8),11,0x8771f681L);
	R2(C,D,A,B,X(11),16,0x6d9d6122L);
	R2(B,C,D,A,X(14),23,0xfde5380cL);
	R2(A,B,C,D,X( 1), 4,0xa4beea44L);
	R2(D,A,B,C,X( 4),11,0x4bdecfa9L);
	R2(C,D,A,B,X( 7),16,0xf6bb4b60L);
	R2(B,C,D,A,X(10),23,0xbebfbc70L);
	R2(A,B,C,D,X(13), 4,0x289b7ec6L);
	R2(D,A,B,C,X( 0),11,0xeaa127faL);
	R2(C,D,A,B,X( 3),16,0xd4ef3085L);
	R2(B,C,D,A,X( 6),23,0x04881d05L);
	R2(A,B,C,D,X( 9), 4,0xd9d4d039L);
	R2(D,A,B,C,X(12),11,0xe6db99e5L);
	R2(C,D,A,B,X(15),16,0x1fa27cf8L);
	R2(B,C,D,A,X( 2),23,0xc4ac5665L);
	/* Round 3 */
	R3(A,B,C,D,X( 0), 6,0xf4292244L);
	R3(D,A,B,C,X( 7),10,0x432aff97L);
	R3(C,D,A,B,X(14),15,0xab9423a7L);
	R3(B,C,D,A,X( 5),21,0xfc93a039L);
	R3(A,B,C,D,X(12), 6,0x655b59c3L);
	R3(D,A,B,C,X( 3),10,0x8f0ccc92L);
	R3(C,D,A,B,X(10),15,0xffeff47dL);
	R3(B,C,D,A,X( 1),21,0x85845dd1L);
	R3(A,B,C,D,X( 8), 6,0x6fa87e4fL);
	R3(D,A,B,C,X(15),10,0xfe2ce6e0L);
	R3(C,D,A,B,X( 6),15,0xa3014314L);
	R3(B,C,D,A,X(13),21,0x4e0811a1L);
	R3(A,B,C,D,X( 4), 6,0xf7537e82L);
	R3(D,A,B,C,X(11),10,0xbd3af235L);
	R3(C,D,A,B,X( 2),15,0x2ad7d2bbL);
	R3(B,C,D,A,X( 9),21,0xeb86d391L);

	A = c->A += A;
	B = c->B += B;
	C = c->C += C;
	D = c->D += D;
		}
	}
#endif

#ifdef undef
int printit(unsigned long *l)
	{
	int i,ii;

	for (i=0; i<2; i++)
		{
		for (ii=0; ii<8; ii++)
			{
			fprintf(stderr,"%08lx ",l[i*8+ii]);
			}
		fprintf(stderr,"\n");
		}
	}
#endif

#ifdef	_APPLE_COMMON_CRYPTO_

CC_DIGEST_ONE_SHOT(CC_MD5, CC_MD5_CTX, CC_MD5_Init, CC_MD5_Update, CC_MD5_Final)

#endif

/*
	The following is needed because CC_MD5_Final takes an unsigned char*, not an unsigned char digest[16].
	We previously handled this with a macro, but we take this approach because it allows a function pointer to
	MD5Final to be created.
*/
void MD5Final (unsigned char digest[16], MD5_CTX *context);
void MD5Final (unsigned char digest[16], MD5_CTX *context)
{
	CC_MD5_Final(digest, context);
}

Added Source/Digest/md5_locl.h.















































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
/* crypto/md5/md5_locl.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#ifndef	_APPLE_COMMON_CRYPTO_
#error Compile order requires _APPLE_COMMON_CRYPTO_.

#include <stdlib.h>
#include <string.h>
#include <openssl/e_os2.h>
#include <openssl/md5.h>
#endif	_APPLE_COMMON_CRYPTO_

#ifndef MD5_LONG_LOG2
#define MD5_LONG_LOG2 2 /* default to 32 bits */
#endif

#ifdef MD5_ASM
# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || defined(__x86_64__)
#  define md5_block_host_order md5_block_asm_host_order
# elif defined(__sparc) && defined(OPENSSL_SYS_ULTRASPARC)
   void md5_block_asm_data_order_aligned (MD5_CTX *c, const MD5_LONG *p,int num);
#  define HASH_BLOCK_DATA_ORDER_ALIGNED md5_block_asm_data_order_aligned
# endif
#endif

__private_extern__ void md5_block_host_order (MD5_CTX *c, const void *p,int num);
__private_extern__ void md5_block_data_order (MD5_CTX *c, const void *p,int num);

#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || defined(__x86_64__)
/*
 * *_block_host_order is expected to handle aligned data while
 * *_block_data_order - unaligned. As algorithm and host (x86)
 * are in this case of the same "endianness" these two are
 * otherwise indistinguishable. But normally you don't want to
 * call the same function because unaligned access in places
 * where alignment is expected is usually a "Bad Thing". Indeed,
 * on RISCs you get punished with BUS ERROR signal or *severe*
 * performance degradation. Intel CPUs are in turn perfectly
 * capable of loading unaligned data without such drastic side
 * effect. Yes, they say it's slower than aligned load, but no
 * exception is generated and therefore performance degradation
 * is *incomparable* with RISCs. What we should weight here is
 * costs of unaligned access against costs of aligning data.
 * According to my measurements allowing unaligned access results
 * in ~9% performance improvement on Pentium II operating at
 * 266MHz. I won't be surprised if the difference will be higher
 * on faster systems:-)
 *
 *				<appro@fy.chalmers.se>
 */
#define md5_block_data_order md5_block_host_order
#endif

#define DATA_ORDER_IS_LITTLE_ENDIAN

#define HASH_LONG		MD5_LONG
#define HASH_LONG_LOG2		MD5_LONG_LOG2
#define HASH_CTX		MD5_CTX
#define HASH_CBLOCK		MD5_CBLOCK
#define HASH_LBLOCK		MD5_LBLOCK
#ifdef	_APPLE_COMMON_CRYPTO_
#define HASH_UPDATE		CC_MD5_Update
#define HASH_TRANSFORM	CC_MD5_Transform
#define HASH_FINAL		CC_MD5_Final
#else
#define HASH_UPDATE		MD5_Update
#define HASH_TRANSFORM	MD5_Transform
#define HASH_FINAL		MD5_Final
#endif	/* _APPLE_COMMON_CRYPTO_ */

#define	HASH_MAKE_STRING(c,s)	do {	\
	unsigned long ll;		\
	ll=(c)->A; HOST_l2c(ll,(s));	\
	ll=(c)->B; HOST_l2c(ll,(s));	\
	ll=(c)->C; HOST_l2c(ll,(s));	\
	ll=(c)->D; HOST_l2c(ll,(s));	\
	} while (0)
#define HASH_BLOCK_HOST_ORDER	md5_block_host_order
#if !defined(L_ENDIAN) || defined(md5_block_data_order)
#define	HASH_BLOCK_DATA_ORDER	md5_block_data_order
/*
 * Little-endians (Intel and Alpha) feel better without this.
 * It looks like memcpy does better job than generic
 * md5_block_data_order on copying-n-aligning input data.
 * But frankly speaking I didn't expect such result on Alpha.
 * On the other hand I've got this with egcs-1.0.2 and if
 * program is compiled with another (better?) compiler it
 * might turn out other way around.
 *
 *				<appro@fy.chalmers.se>
 */
#endif

#include "md32_common.h"

/*
#define	F(x,y,z)	(((x) & (y))  |  ((~(x)) & (z)))
#define	G(x,y,z)	(((x) & (z))  |  ((y) & (~(z))))
*/

/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
 * simplified to the code below.  Wei attributes these optimizations
 * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
 */
#define	F(b,c,d)	((((c) ^ (d)) & (b)) ^ (d))
#define	G(b,c,d)	((((b) ^ (c)) & (d)) ^ (c))
#define	H(b,c,d)	((b) ^ (c) ^ (d))
#define	I(b,c,d)	(((~(d)) | (b)) ^ (c))

#define R0(a,b,c,d,k,s,t) { \
	a+=((k)+(t)+F((b),(c),(d))); \
	a=ROTATE(a,s); \
	a+=b; };\

#define R1(a,b,c,d,k,s,t) { \
	a+=((k)+(t)+G((b),(c),(d))); \
	a=ROTATE(a,s); \
	a+=b; };

#define R2(a,b,c,d,k,s,t) { \
	a+=((k)+(t)+H((b),(c),(d))); \
	a=ROTATE(a,s); \
	a+=b; };

#define R3(a,b,c,d,k,s,t) { \
	a+=((k)+(t)+I((b),(c),(d))); \
	a=ROTATE(a,s); \
	a+=b; };

Added Source/Digest/private_extern.s.









>
>
>
>
1
2
3
4
 .text
 .private_extern mySymbol
mySymbol:
 ret

Added Source/Digest/sha1.c.

















































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
/* crypto/sha/sha1.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

/* 
 * In this odd implementation, the actual SHA1 code is in the sha_locl.h header.
 * Compile it exactly once, here.
 */
#define SHA_1   	1

#include <TargetConditionals.h>
#include <CommonCrypto/CommonDigest.h>

#if TARGET_OS_EMBEDDED && __arm__
#define CC_SHA1_USE_HARDWARE			1
#endif

#if CC_SHA1_USE_HARDWARE
#define CC_SHA1_USE_HARDWARE_THRESHOLD	4096
extern int _CC_SHA1_Update(CC_SHA1_CTX *c, const void *data, CC_LONG len);
#endif

#include "sha_locl.h"

#ifdef	_APPLE_COMMON_CRYPTO_

#if CC_SHA1_USE_HARDWARE
//Need the IOKitLib.h only to keep IOSHA1Types.h happy.
#include <IOKit/IOKitLib.h>
#include <Kernel/IOKit/crypto/IOSHA1Types.h>
#include <libkern/OSByteOrder.h>
#include <sys/ioctl.h>
#include <fcntl.h>
#include <pthread.h>

static int cc_sha1_device = -1;
static pthread_once_t cc_sha1_connect_once = PTHREAD_ONCE_INIT;
static CC_LONG cc_sha1_hardware_quantum = (256*4096); //.25 M default value.

static void cc_sha1_connect(void) {
    struct IOSHA1AcceleratorInfo shaInfo;
	
	cc_sha1_device = open("/dev/sha1_0", O_RDWR, 0);
	if(cc_sha1_device < 0)
		return;

	if(ioctl(cc_sha1_device, IOSHA1_GET_INFO, &shaInfo) != -1) {
        cc_sha1_hardware_quantum = shaInfo.maxBytesPerCall;
	}
}

static CC_LONG sha1_hash_in_hardware(CC_SHA1_CTX *c, const UInt8 *data_buff, CC_LONG length, bool do_final)
{
	// Handle the hardware SHA1. 
	struct IOSHA1AcceleratorRequest shaRequest;
	CC_LONG quantum = cc_sha1_hardware_quantum;
	const UInt8 *data = data_buff;
	CC_LONG bytes_left = length;
	CC_LONG bytes_hashed = 0;
	
	//Load the saved context 
	shaRequest.hashBuffer.hashWords[0] = c->h0;
	shaRequest.hashBuffer.hashWords[1] = c->h1;
	shaRequest.hashBuffer.hashWords[2] = c->h2;
	shaRequest.hashBuffer.hashWords[3] = c->h3;
	shaRequest.hashBuffer.hashWords[4] = c->h4;
    shaRequest.options = 0;

	do {
		if (bytes_left < cc_sha1_hardware_quantum) {
            quantum = bytes_left;
            if (do_final) {
                shaRequest.options = kIOSHA1AcceleratorFinal;
				shaRequest.totalLength = (UInt64)(length) << 3; //Totallength is in bits.
            }
        } else {
            quantum = cc_sha1_hardware_quantum;
        }

		//Split the request in quantums if it is too large.
		shaRequest.sourceText = (UInt8 *)data;
		shaRequest.textLength = quantum;

		if(ioctl(cc_sha1_device, IOSHA1_PERFORM_HASH, &shaRequest) == -1) {
			break; //Failed to complete the whole request but fall back to the software only for the remaining bytes.
		}
		bytes_left -= quantum; 
		data += quantum;
	}while (bytes_left);

	bytes_hashed = (length - bytes_left); 
	if(bytes_hashed) {
		//Save the result in the CC_SHA1_CTX.
		c->h0 = shaRequest.hashBuffer.hashWords[0];
		c->h1 = shaRequest.hashBuffer.hashWords[1];
		c->h2 = shaRequest.hashBuffer.hashWords[2];
		c->h3 = shaRequest.hashBuffer.hashWords[3];
		c->h4 = shaRequest.hashBuffer.hashWords[4];

		//Update Nl and Nh in the context. Required to finish the hash.
		//Copied from the software SHA1 code. 
		CC_LONG l=(c->Nl+(bytes_hashed<<3))&0xffffffffL;
		if (l < c->Nl) /* overflow */
				c->Nh++;
		c->Nh+=(bytes_hashed>>29);
		c->Nl=l;
	}
	return bytes_hashed;
}

int CC_SHA1_Update(CC_SHA1_CTX *c, const void *data, CC_LONG len)
{
	const UInt8 *data_buff = (const UInt8 *) data;
	if (len > CC_SHA1_USE_HARDWARE_THRESHOLD &&
        !(((intptr_t)data_buff + CC_SHA1_BLOCK_BYTES - c->num) & 3) &&
        !pthread_once(&cc_sha1_connect_once, cc_sha1_connect) && cc_sha1_device >= 0) 
    {
		//USE SHA1 hardware.
		if(c->num) {
			//Do the first block or less in software
			CC_LONG partial = CC_SHA1_BLOCK_BYTES - c->num;
			_CC_SHA1_Update(c, data_buff, partial);
			len -= partial;
			data_buff += partial;
		}
		
		CC_LONG bytes_4_hardware = len & ~(CC_SHA1_BLOCK_BYTES - 1); //Send only mulitple of 64 bytes to the hardware.
		CC_LONG bytes_hashed = 0; 
		bytes_hashed = sha1_hash_in_hardware(c, data_buff, bytes_4_hardware, false);
        len -= bytes_hashed;
        data_buff += bytes_hashed;
	}

    //USE SHA1 software. If len is zero then this immediately returns;
    return _CC_SHA1_Update(c, data_buff, len);
}

UInt8* CC_SHA1(const void *data, CC_LONG len, UInt8 *md)
{	
	CC_LONG bytes_hashed = 0;
	const UInt8 *data_buff = (const UInt8 *)data;
	
	if(md == NULL)
		return NULL;									
		
	CC_SHA1_CTX ctx;
	CC_SHA1_Init(&ctx);
	
	if (len > CC_SHA1_USE_HARDWARE_THRESHOLD &&
        !((intptr_t)data_buff & 3) &&
        !pthread_once(&cc_sha1_connect_once, cc_sha1_connect) && cc_sha1_device >= 0) 
    {
		bytes_hashed = sha1_hash_in_hardware(&ctx, data_buff, len, true);
		if (bytes_hashed == len) {
            OSWriteBigInt32(md, 0, ctx.h0);
            OSWriteBigInt32(md, 4, ctx.h1);
            OSWriteBigInt32(md, 8, ctx.h2);
            OSWriteBigInt32(md, 12, ctx.h3);
            OSWriteBigInt32(md, 16, ctx.h4); 
			return md;
        }

		//Either we have failed partially or completely.
		//Fall through to the software.
		data_buff += bytes_hashed;
		len -= bytes_hashed;
	}
	//Fall back to Software SHA1.
	CC_SHA1_Update(&ctx, data_buff, len);
	CC_SHA1_Final(md, &ctx);					
	return md;												
}
#else //#if CC_SHA1_USE_HARDWARE
CC_DIGEST_ONE_SHOT(CC_SHA1, CC_SHA1_CTX, CC_SHA1_Init, CC_SHA1_Update, CC_SHA1_Final)
#endif

#endif //#ifdef	_APPLE_COMMON_CRYPTO_

Added Source/Digest/sha1edp.h.







































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#if !defined sha1edp_h
#define	sha1edp_h


/*	This file is included in sha1edpLittleEndian.s and sha1edpBigEndian.s to
	define the symbols below for use in assembly code.

	It is also included in sha1_locl.h and compiled in C to test that the
	hard-coded values here match the values used in C.  CC_SHA1_BLOCK_BYTES
	is defined in another header, so an error will be generated if its
	definition here conflicts.  The other symbols are tested below, with
	the CheckAssertion definition.
*/


// Number of bytes in a SHA-1 block.
#define	CC_SHA1_BLOCK_BYTES	64

// Offset of h0 to h4 members in SHA-1 context structure.
#define	Contexth0	(0*4)
#define	Contexth1	(1*4)
#define	Contexth2	(2*4)
#define	Contexth3	(3*4)
#define	Contexth4	(4*4)


#if !defined __ASSEMBLER__

	#include <stddef.h>	// Get offsetof macro.

	/*	Declare CheckAssertion so that if any of the declarations below
		differ from it, the compiler will report an error.
	*/
	extern char CheckAssertion[1];

	/*	Ensure that Contexth0 through Contexth4 are the byte offsets of the
		h0 through h4 members of the SHA-1 context structure.
	*/
	extern char CheckAssertion[Contexth0 == offsetof(SHA_CTX, h0)];
	extern char CheckAssertion[Contexth1 == offsetof(SHA_CTX, h1)];
	extern char CheckAssertion[Contexth2 == offsetof(SHA_CTX, h2)];
	extern char CheckAssertion[Contexth3 == offsetof(SHA_CTX, h3)];
	extern char CheckAssertion[Contexth4 == offsetof(SHA_CTX, h4)];
		/*	If these assertions fail, change the definitions of Contexth0 to
			Contexth4 to match the offsets of the members.
		*/

#endif	// !defined __ASSEMBLER__


#endif	// !defined sha1edp_h

Added Source/Digest/sha1edpBigEndian.s.































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
/*	sha1edpBigEndian.s -- Core of SHA-1 algorithm, process blocks with
	big-endian data.
*/


#if defined __i386__ || defined __x86_64__


#if defined __x86_64__
	#define	UseRedZone	// x86_64 may use the red zone.  i386 may not.
#endif

#include "sha1edp.h"
#if CC_SHA1_BLOCK_BYTES != 64
	#error "Expected CC_SHA1_BLOCK_BYTES to be 64."
#endif


// Provide a convenient way to conditionalize based on architecture.
#if defined __i386__
	#define	Arch(i386, x86_64)	i386
#elif defined __x86_64__
	#define	Arch(i386, x86_64)	x86_64
#endif


/*	Rename the general registers.  This makes it easier to keep track of them
	and provides names for the "whole register" that are uniform between i386
	and x86_64.
*/
#if defined __i386__
	#define	r0	%eax	// Available for any use.
	#define	r1	%ecx	// Available for any use, some special purposes (loop).
	#define	r2	%edx	// Available for any use.
	#define	r3	%ebx	// Must be preserved by called routine.
	#define	r4	%esp	// Stack pointer.
	#define	r5	%ebp	// Frame pointer, must preserve, no bare indirect.
	#define	r6	%esi	// Must be preserved by called routine.
	#define	r7	%edi	// Must be preserved by called routine.
#elif defined __x86_64__
	#define	r0	%rax	// Available for any use.
	#define	r1	%rcx	// Available for any use.
	#define	r2	%rdx	// Available for any use.
	#define	r3	%rbx	// Must be preserved by called routine.
	#define	r4	%rsp	// Stack pointer.
	#define	r5	%rbp	// Frame pointer.  Must be preserved by called routine.
	#define	r6	%rsi	// Available for any use.
	#define	r7	%rdi	// Available for any use.
	#define	r8	%r8		// Available for any use.
	#define	r9	%r9		// Available for any use.
	#define	r10	%r10	// Available for any use.
	#define	r11	%r11	// Available for any use.
	#define	r12	%r12	// Must be preserved by called routine.
	#define	r13	%r13	// Must be preserved by called routine.
	#define	r14	%r14	// Must be preserved by called routine.
	#define	r15	%r15	// Must be preserved by called routine.
#else
	#error "Unknown architecture."
#endif


// Define names for fixed-size portions of registers.

// 32 bits.
#define	r0d		%eax
#define	r1d		%ecx
#define	r2d		%edx
#define	r3d		%ebx
#define	r4d		%esp
#define	r5d		%ebp
#define	r6d		%esi
#define	r7d		%edi
#define	r8d		%r8d
#define	r9d		%r9d
#define	r10d	%r10d
#define	r11d	%r11d
#define	r12d	%r12d
#define	r13d	%r13d
#define	r14d	%r14d
#define	r15d	%r15d


	.text


/*	Routine:

		_sha1_block_asm_host_order.

	Function:

		Update SHA-1 context from whole blocks provided in big-endian order.

	Input:

		SHA_CTX *Context	// SHA-1 context structure.
		const void *Data	// Data, CC_SHA1_BLOCK_BYTES * Blocks bytes.
		int Blocks			// Number of blocks to process.  Must be positive.

	Output:

		*Context is updated.
*/
	.globl _sha1_block_asm_host_order
	.private_extern	_sha1_block_asm_host_order
_sha1_block_asm_host_order:

	// Push new stack frame.
	push	r5

	// Save registers.
	push	r3
	#if defined __i386__
		push	r6
		push	r7
		#define	SaveSize	(5*4)
	#elif defined __x86_64__
		#define	SaveSize	(3*8)
		// Add pushes of r12 to r15 if used.
	#endif

/*	SaveSize is the number of bytes of data pushed onto the stack so far,
	including the caller's return address.
*/

#if defined UseRedZone
	// No additional bytes are needed above stack for local data.
	#define	LocalsSize	0

	/*	Our local data contains an array named W of starting at offset WOffset
		from the stack pointer.  There is plenty of space in the red zone below
		the stack, so we will put the data there.  It is aligned to a multiple
		of 16 bytes because the big-endian version of this routine may use
		movaps to write to it.
	*/
	#define	WOffset	(- 16*4 - (-SaveSize & 15))
#else
	// Make space for W array in local data.
	#define	LocalsSize	(16*4 + (-SaveSize & 15))

	/*	Our local data contains an array named W of starting at offset WOffset
		from the stack pointer.  It is aligned to a multiple of 16 bytes
		because the big-endian version of this routine may use movaps to write
		to it.
	*/
	#define	WOffset	0
#endif

// W(i) references word i%16 stored in the local data area.
#define	W(i)	WOffset + ((i)%16)*4(r4)

#define	StackFrame	(LocalsSize + SaveSize)
	/*	StackFrame is the number of bytes in our stack frame, from the top of
		stack after we push registers and make space for local data to the top
		of stack immediately before the call to this routine.
	*/

	#if 0 < LocalsSize
		sub		$LocalsSize, r4	// Allocate space on stack.
	#endif

/*	t0 and t1 hold temporary values used in calculation or data motion and
	overlap Context, Data, and Blocks on i386.  A, B, C, D, and E refer to
	values used in the SHA-1 specification.  However, they are used in
	rotation, so each of them successively holds the values the specification
	refers to as the others at different times.

	Note that t0, t1, and A to E are 32-bit registers.  They are used for
	manipulating the 32-bit chunks of the SHA-1 algorithm.  Context, Data, and
	Blocks are full registers, and the first two must be since they hold
	addresses.
*/
#define	t0			r0d				// Overlaps Context.
#define	t1			r1d				// Overlaps Data and Blocks.
#define	A			Arch(r2d, r8d)
#define	B			r3d
#define	C			r5d
#define	D			Arch(r6d, r9d)
#define	E			Arch(r7d, r10d)

#define	Context		Arch(r0, r7)	// Overlaps t0.
#define	Data		Arch(r1, r6)	// Overlaps t1 and Blocks.
#define	Blocks		Arch(r1, r2)	// Overlaps t1 and Data.

#if defined __i386__

	// Define location of argument i.
	#define	Argument(i)	StackFrame+4*(i)(r4)

	#define	ArgContext	Argument(0)
	#define	ArgData		Argument(1)
	#define	ArgBlocks	Argument(2)

#endif


// Constants of the SHA-1 algorithm.
#define	Constant0	0x5a827999
#define	Constant1	0x6ed9eba1
#define	Constant2	0x8f1bbcdc
#define	Constant3	0xca62c1d6


// Define names for macro parameters, since assembler does not support them.
#define	mF	$0
#define	mB	$1
#define	mC	$2
#define	mD	$3

	/*	Calculate the function used in steps 0 to 19 of SHA-1 and store the
		result in F:

			F = (C ^ D) & B ^ D.
	*/
	.macro	F0
		mov		mC, t0
		xor		mD, t0
		and		mB, t0
		xor		mD, t0
		add		t0, mF
	.endmacro


	/*	Calculate the function used in steps 20 to 39 of SHA-1 and store the
		result in F:

			F = B ^ C ^ D.
	*/
	.macro	F1
		mov		mB, t0
		xor		mC, t0
		xor		mD, t0
		add		t0, mF
	.endmacro


	/*	Calculate the function used in steps 40 to 59 of SHA-1 and store the
		result in F:

			F = B & C | B & D | C & D.

		(A bit in F is on iff corresponding bits are on in at least two of B,
		C, and D.)
	*/
	.macro	F2
		mov		mB, t0
		and		mC, t0
		mov		mB, t1
		and		mD, t1
		or		t1, t0
		mov		mC, t1
		and		mD, t1
		or		t1, t0
		add		t0, mF
	.endmacro

	// Steps 60 to 79 use the same function as 20 to 39.
	#define	F3	F1

// Undefine parameter names.
#undef	mF
#undef	mB
#undef	mC
#undef	mD


// Define names for macro parameters, since assembler does not support them.
#define	mA			$0
#define	mB			$1
#define	mC			$2
#define	mD			$3
#define	mE			$4
#define	mFunction	$5
#define	mWord		$6
#define	mConstant	$7
	/*	Step performs most of one step of the SHA-1 algorithm:

			Add to E a word from the message schedule, a constant, A rotated
			left 5 bits, and a function of B, C, and D.

			Rotate B left 30 bits.

			Rotate values (D to E, C to D, B to C, A to B, and the new E to A).
			(This is effected by rotating the registers passed to this macro,
			rather than by actually moving the data.)

		mWord contains the word from the message schedule.  It may be in t0, so
		we need to finish with it before using t0.

		mConstant contains the constant to add.

		mA, mB, mC, mD, and mE are registers with the current values of A, B,
		C, D, and E.

		mFunction is a macro that implements the function of B, C, and D.
	*/
	.macro	Step
		add		$$mConstant, mE
		add		mWord, mE
		mov		mA, t0
		roll	$$5, t0
		add		t0, mE
		mFunction	mE, mB, mC, mD
		roll	$$30, mB
	.endmacro
// Undefine parameters names.
#undef	mA
#undef	mB
#undef	mC
#undef	mD
#undef	mE
#undef	mFunction
#undef	mWord
#undef	mConstant


	/*	Prepare a new word from the message schedule.  Parameter $0 is the
	 	index of the new word in our local table.
	*/
	.macro	PrepareWord
		mov		W($0 +  0), t0
		xor		W($0 +  2), t0
		xor		W($0 +  8), t0
		xor		W($0 + 13), t0
		roll	$$1, t0
		movl	t0, W($0 +  0)
	.endmacro


	#if defined __i386__
		mov		ArgContext, Context
	#endif

	// Load current context.
	mov		Contexth0(Context), A
	mov		Contexth1(Context), B
	mov		Contexth2(Context), C
	mov		Contexth3(Context), D
	mov		Contexth4(Context), E

/*	This loop iterates through the blocks of data.  Each iteration updates the
	SHA-1 context for one block.
*/
1:
	#if defined __i386__
		mov		ArgData, Data
	#endif

	/*	Preprocess user data and store in the local data area.  It is a shame
		we cannot overlap this with later work, but we are out of registers and
		do not want tie up a register with Data later on.

		The bytes are in the desired order within the words, so we do not have
		to reverse them as in the little-endian version of this routine, just
		copy them.
	*/
	movups  0*4(Data), %xmm0;    movaps %xmm0, W( 0)
	movups  4*4(Data), %xmm0;    movaps %xmm0, W( 4)
	movups  8*4(Data), %xmm0;    movaps %xmm0, W( 8)
	movups 12*4(Data), %xmm0;    movaps %xmm0, W(12)

	// Advance pointer to next block.
	add		$CC_SHA1_BLOCK_BYTES, Data
	#if	defined __i386__
		mov		Data, ArgData
	#endif

	// Steps 0 to 15.  Use words from already prepared message schedule.
	movl W( 0), t0;     Step A, B, C, D, E, F0, t0, Constant0
	movl W( 1), t0;     Step E, A, B, C, D, F0, t0, Constant0
	movl W( 2), t0;     Step D, E, A, B, C, F0, t0, Constant0
	movl W( 3), t0;     Step C, D, E, A, B, F0, t0, Constant0
	movl W( 4), t0;     Step B, C, D, E, A, F0, t0, Constant0

	movl W( 5), t0;     Step A, B, C, D, E, F0, t0, Constant0
	movl W( 6), t0;     Step E, A, B, C, D, F0, t0, Constant0
	movl W( 7), t0;     Step D, E, A, B, C, F0, t0, Constant0
	movl W( 8), t0;     Step C, D, E, A, B, F0, t0, Constant0
	movl W( 9), t0;     Step B, C, D, E, A, F0, t0, Constant0

	movl W(10), t0;     Step A, B, C, D, E, F0, t0, Constant0
	movl W(11), t0;     Step E, A, B, C, D, F0, t0, Constant0
	movl W(12), t0;     Step D, E, A, B, C, F0, t0, Constant0
	movl W(13), t0;     Step C, D, E, A, B, F0, t0, Constant0
	movl W(14), t0;     Step B, C, D, E, A, F0, t0, Constant0

	movl W(15), t0;     Step A, B, C, D, E, F0, t0, Constant0

// Steps 16 to 19.  Update words in message schedule as we go.
	PrepareWord  16;    Step E, A, B, C, D, F0, t0, Constant0
	PrepareWord  17;    Step D, E, A, B, C, F0, t0, Constant0
	PrepareWord  18;    Step C, D, E, A, B, F0, t0, Constant0
	PrepareWord  19;    Step B, C, D, E, A, F0, t0, Constant0

// Steps 20 to 39.
	PrepareWord  20;    Step A, B, C, D, E, F1, t0, Constant1
	PrepareWord  21;    Step E, A, B, C, D, F1, t0, Constant1
	PrepareWord  22;    Step D, E, A, B, C, F1, t0, Constant1
	PrepareWord  23;    Step C, D, E, A, B, F1, t0, Constant1
	PrepareWord  24;    Step B, C, D, E, A, F1, t0, Constant1

	PrepareWord  25;    Step A, B, C, D, E, F1, t0, Constant1
	PrepareWord  26;    Step E, A, B, C, D, F1, t0, Constant1
	PrepareWord  27;    Step D, E, A, B, C, F1, t0, Constant1
	PrepareWord  28;    Step C, D, E, A, B, F1, t0, Constant1
	PrepareWord  29;    Step B, C, D, E, A, F1, t0, Constant1

	PrepareWord  30;    Step A, B, C, D, E, F1, t0, Constant1
	PrepareWord  31;    Step E, A, B, C, D, F1, t0, Constant1
	PrepareWord  32;    Step D, E, A, B, C, F1, t0, Constant1
	PrepareWord  33;    Step C, D, E, A, B, F1, t0, Constant1
	PrepareWord  34;    Step B, C, D, E, A, F1, t0, Constant1

	PrepareWord  35;    Step A, B, C, D, E, F1, t0, Constant1
	PrepareWord  36;    Step E, A, B, C, D, F1, t0, Constant1
	PrepareWord  37;    Step D, E, A, B, C, F1, t0, Constant1
	PrepareWord  38;    Step C, D, E, A, B, F1, t0, Constant1
	PrepareWord  39;    Step B, C, D, E, A, F1, t0, Constant1

// Steps 40 to 59.
	PrepareWord  40;    Step A, B, C, D, E, F2, t0, Constant2
	PrepareWord  41;    Step E, A, B, C, D, F2, t0, Constant2
	PrepareWord  42;    Step D, E, A, B, C, F2, t0, Constant2
	PrepareWord  43;    Step C, D, E, A, B, F2, t0, Constant2
	PrepareWord  44;    Step B, C, D, E, A, F2, t0, Constant2

	PrepareWord  45;    Step A, B, C, D, E, F2, t0, Constant2
	PrepareWord  46;    Step E, A, B, C, D, F2, t0, Constant2
	PrepareWord  47;    Step D, E, A, B, C, F2, t0, Constant2
	PrepareWord  48;    Step C, D, E, A, B, F2, t0, Constant2
	PrepareWord  49;    Step B, C, D, E, A, F2, t0, Constant2

	PrepareWord  50;    Step A, B, C, D, E, F2, t0, Constant2
	PrepareWord  51;    Step E, A, B, C, D, F2, t0, Constant2
	PrepareWord  52;    Step D, E, A, B, C, F2, t0, Constant2
	PrepareWord  53;    Step C, D, E, A, B, F2, t0, Constant2
	PrepareWord  54;    Step B, C, D, E, A, F2, t0, Constant2

	PrepareWord  55;    Step A, B, C, D, E, F2, t0, Constant2
	PrepareWord  56;    Step E, A, B, C, D, F2, t0, Constant2
	PrepareWord  57;    Step D, E, A, B, C, F2, t0, Constant2
	PrepareWord  58;    Step C, D, E, A, B, F2, t0, Constant2
	PrepareWord  59;    Step B, C, D, E, A, F2, t0, Constant2

// Steps 60 to 79.
	PrepareWord  60;    Step A, B, C, D, E, F3, t0, Constant3
	PrepareWord  61;    Step E, A, B, C, D, F3, t0, Constant3
	PrepareWord  62;    Step D, E, A, B, C, F3, t0, Constant3
	PrepareWord  63;    Step C, D, E, A, B, F3, t0, Constant3
	PrepareWord  64;    Step B, C, D, E, A, F3, t0, Constant3

	PrepareWord  65;    Step A, B, C, D, E, F3, t0, Constant3
	PrepareWord  66;    Step E, A, B, C, D, F3, t0, Constant3
	PrepareWord  67;    Step D, E, A, B, C, F3, t0, Constant3
	PrepareWord  68;    Step C, D, E, A, B, F3, t0, Constant3
	PrepareWord  69;    Step B, C, D, E, A, F3, t0, Constant3

	PrepareWord  70;    Step A, B, C, D, E, F3, t0, Constant3
	PrepareWord  71;    Step E, A, B, C, D, F3, t0, Constant3
	PrepareWord  72;    Step D, E, A, B, C, F3, t0, Constant3
	PrepareWord  73;    Step C, D, E, A, B, F3, t0, Constant3
	PrepareWord  74;    Step B, C, D, E, A, F3, t0, Constant3

	PrepareWord  75;    Step A, B, C, D, E, F3, t0, Constant3
	PrepareWord  76;    Step E, A, B, C, D, F3, t0, Constant3
	PrepareWord  77;    Step D, E, A, B, C, F3, t0, Constant3
	PrepareWord  78;    Step C, D, E, A, B, F3, t0, Constant3
	PrepareWord  79;    Step B, C, D, E, A, F3, t0, Constant3

	#if defined __i386__
		mov		ArgContext, Context
	#endif

	// Update SHA-1 context.
	add		Contexth0(Context), A
	add		Contexth1(Context), B
	add		Contexth2(Context), C
	add		Contexth3(Context), D
	add		Contexth4(Context), E

	mov		A, Contexth0(Context)
	mov		B, Contexth1(Context)
	mov		C, Contexth2(Context)
	mov		D, Contexth3(Context)
	mov		E, Contexth4(Context)

	// Decrement and loop if not done.
	#if defined __i386__
		mov		ArgBlocks, Blocks
		add		$-1, Blocks
		mov		Blocks, ArgBlocks
	#else
		add		$-1, Blocks
	#endif
	jg		1b

	// Pop stack and restore registers.
	#if 0 < LocalsSize
		add		$LocalsSize, r4
	#endif
	#if defined __i386__
		pop		r7
		pop		r6
	#endif
	pop		r3
	pop		r5

	ret


#endif	// defined __i386__ || defined __x86_64__

Added Source/Digest/sha1edpLittleEndian.s.























































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
/*	sha1edpLittleEndian.s -- Core of SHA-1 algorithm, process blocks with
	little-endian data.
*/


#if defined __i386__ || defined __x86_64__


#if defined __x86_64__
	#define	UseRedZone	// x86_64 may use the red zone.  i386 may not.
#endif

#include "sha1edp.h"
#if CC_SHA1_BLOCK_BYTES != 64
	#error "Expected CC_SHA1_BLOCK_BYTES to be 64."
#endif


// Provide a convenient way to conditionalize based on architecture.
#if defined __i386__
	#define	Arch(i386, x86_64)	i386
#elif defined __x86_64__
	#define	Arch(i386, x86_64)	x86_64
#endif


/*	Rename the general registers.  This makes it easier to keep track of them
	and provides names for the "whole register" that are uniform between i386
	and x86_64.
*/
#if defined __i386__
	#define	r0	%eax	// Available for any use.
	#define	r1	%ecx	// Available for any use, some special purposes (loop).
	#define	r2	%edx	// Available for any use.
	#define	r3	%ebx	// Must be preserved by called routine.
	#define	r4	%esp	// Stack pointer.
	#define	r5	%ebp	// Frame pointer, must preserve, no bare indirect.
	#define	r6	%esi	// Must be preserved by called routine.
	#define	r7	%edi	// Must be preserved by called routine.
#elif defined __x86_64__
	#define	r0	%rax	// Available for any use.
	#define	r1	%rcx	// Available for any use.
	#define	r2	%rdx	// Available for any use.
	#define	r3	%rbx	// Must be preserved by called routine.
	#define	r4	%rsp	// Stack pointer.
	#define	r5	%rbp	// Frame pointer.  Must be preserved by called routine.
	#define	r6	%rsi	// Available for any use.
	#define	r7	%rdi	// Available for any use.
	#define	r8	%r8		// Available for any use.
	#define	r9	%r9		// Available for any use.
	#define	r10	%r10	// Available for any use.
	#define	r11	%r11	// Available for any use.
	#define	r12	%r12	// Must be preserved by called routine.
	#define	r13	%r13	// Must be preserved by called routine.
	#define	r14	%r14	// Must be preserved by called routine.
	#define	r15	%r15	// Must be preserved by called routine.
#else
	#error "Unknown architecture."
#endif


// Define names for fixed-size portions of registers.

// 32 bits.
#define	r0d		%eax
#define	r1d		%ecx
#define	r2d		%edx
#define	r3d		%ebx
#define	r4d		%esp
#define	r5d		%ebp
#define	r6d		%esi
#define	r7d		%edi
#define	r8d		%r8d
#define	r9d		%r9d
#define	r10d	%r10d
#define	r11d	%r11d
#define	r12d	%r12d
#define	r13d	%r13d
#define	r14d	%r14d
#define	r15d	%r15d


	.text


/*	Routine:

		_sha1_block_asm_data_order.

	Function:

		Update SHA-1 context from whole blocks provided in little-endian order.

	Input:

		SHA_CTX *Context	// SHA-1 context structure.
		const void *Data	// Data, CC_SHA1_BLOCK_BYTES * Blocks bytes.
		int Blocks			// Number of blocks to process.  Must be positive.

	Output:

		*Context is updated.
*/
	.globl _sha1_block_asm_data_order
	.private_extern	_sha1_block_asm_data_order
_sha1_block_asm_data_order:

	// Push new stack frame.
	push	r5

	// Save registers.
	push	r3
	#if defined __i386__
		push	r6
		push	r7
		#define	SaveSize	(5*4)
	#elif defined __x86_64__
		#define	SaveSize	(3*8)
		// Add pushes of r12 to r15 if used.
	#endif

/*	SaveSize is the number of bytes of data pushed onto the stack so far,
	including the caller's return address.
*/

#if defined UseRedZone
	// No additional bytes are needed above stack for local data.
	#define	LocalsSize	0

	/*	Our local data contains an array named W of starting at offset WOffset
		from the stack pointer.  There is plenty of space in the red zone below
		the stack, so we will put the data there.  It is aligned to a multiple
		of 16 bytes because the big-endian version of this routine may use
		movaps to write to it.
	*/
	#define	WOffset	(- 16*4 - (-SaveSize & 15))
#else
	// Make space for W array in local data.
	#define	LocalsSize	(16*4 + (-SaveSize & 15))

	/*	Our local data contains an array named W of starting at offset WOffset
		from the stack pointer.  It is aligned to a multiple of 16 bytes
		because the big-endian version of this routine may use movaps to write
		to it.
	*/
	#define	WOffset	0
#endif

// W(i) references word i%16 stored in the local data area.
#define	W(i)	WOffset + ((i)%16)*4(r4)

#define	StackFrame	(LocalsSize + SaveSize)
	/*	StackFrame is the number of bytes in our stack frame, from the top of
		stack after we push registers and make space for local data to the top
		of stack immediately before the call to this routine.
	*/

	#if 0 < LocalsSize
		sub		$LocalsSize, r4	// Allocate space on stack.
	#endif

/*	t0 and t1 hold temporary values used in calculation or data motion and
	overlap Context, Data, and Blocks on i386.  A, B, C, D, and E refer to
	values used in the SHA-1 specification.  However, they are used in
	rotation, so each of them successively holds the values the specification
	refers to as the others at different times.

	Note that t0, t1, and A to E are 32-bit registers.  They are used for
	manipulating the 32-bit chunks of the SHA-1 algorithm.  Context, Data, and
	Blocks are full registers, and the first two must be since they hold
	addresses.
*/
#define	t0			r0d				// Overlaps Context.
#define	t1			r1d				// Overlaps Data and Blocks.
#define	A			Arch(r2d, r8d)
#define	B			r3d
#define	C			r5d
#define	D			Arch(r6d, r9d)
#define	E			Arch(r7d, r10d)

#define	Context		Arch(r0, r7)	// Overlaps t0.
#define	Data		Arch(r1, r6)	// Overlaps t1 and Blocks.
#define	Blocks		Arch(r1, r2)	// Overlaps t1 and Data.

#if defined __i386__

	// Define location of argument i.
	#define	Argument(i)	StackFrame+4*(i)(r4)

	#define	ArgContext	Argument(0)
	#define	ArgData		Argument(1)
	#define	ArgBlocks	Argument(2)

#endif


// Constants of the SHA-1 algorithm.
#define	Constant0	0x5a827999
#define	Constant1	0x6ed9eba1
#define	Constant2	0x8f1bbcdc
#define	Constant3	0xca62c1d6


// Define names for macro parameters, since assembler does not support them.
#define	mF	$0
#define	mB	$1
#define	mC	$2
#define	mD	$3

	/*	Calculate the function used in steps 0 to 19 of SHA-1 and store the
		result in F:

			F = (C ^ D) & B ^ D.
	*/
	.macro	F0
		mov		mC, t0
		xor		mD, t0
		and		mB, t0
		xor		mD, t0
		add		t0, mF
	.endmacro


	/*	Calculate the function used in steps 20 to 39 of SHA-1 and store the
		result in F:

			F = B ^ C ^ D.
	*/
	.macro	F1
		mov		mB, t0
		xor		mC, t0
		xor		mD, t0
		add		t0, mF
	.endmacro


	/*	Calculate the function used in steps 40 to 59 of SHA-1 and store the
		result in F:

			F = B & C | B & D | C & D.

		(A bit in F is on iff corresponding bits are on in at least two of B,
		C, and D.)
	*/
	.macro	F2
		mov		mB, t0
		and		mC, t0
		mov		mB, t1
		and		mD, t1
		or		t1, t0
		mov		mC, t1
		and		mD, t1
		or		t1, t0
		add		t0, mF
	.endmacro

	// Steps 60 to 79 use the same function as 20 to 39.
	#define	F3	F1

// Undefine parameter names.
#undef	mF
#undef	mB
#undef	mC
#undef	mD


// Define names for macro parameters, since assembler does not support them.
#define	mA			$0
#define	mB			$1
#define	mC			$2
#define	mD			$3
#define	mE			$4
#define	mFunction	$5
#define	mWord		$6
#define	mConstant	$7
	/*	Step performs most of one step of the SHA-1 algorithm:

			Add to E a word from the message schedule, a constant, A rotated
			left 5 bits, and a function of B, C, and D.

			Rotate B left 30 bits.

			Rotate values (D to E, C to D, B to C, A to B, and the new E to A).
			(This is effected by rotating the registers passed to this macro,
			rather than by actually moving the data.)

		mWord contains the word from the message schedule.  It may be in t0, so
		we need to finish with it before using t0.

		mConstant contains the constant to add.

		mA, mB, mC, mD, and mE are registers with the current values of A, B,
		C, D, and E.

		mFunction is a macro that implements the function of B, C, and D.
	*/
	.macro	Step
		add		$$mConstant, mE
		add		mWord, mE
		mov		mA, t0
		roll	$$5, t0
		add		t0, mE
		mFunction	mE, mB, mC, mD
		roll	$$30, mB
	.endmacro
// Undefine parameters names.
#undef	mA
#undef	mB
#undef	mC
#undef	mD
#undef	mE
#undef	mFunction
#undef	mWord
#undef	mConstant


	/*	Prepare a new word from the message schedule.  Parameter $0 is the
	 	index of the new word in our local table.
	*/
	.macro	PrepareWord
		mov		W($0 +  0), t0
		xor		W($0 +  2), t0
		xor		W($0 +  8), t0
		xor		W($0 + 13), t0
		roll	$$1, t0
		movl	t0, W($0 +  0)
	.endmacro


	#if defined __i386__
		mov		ArgContext, Context
	#endif

	// Load current context.
	mov		Contexth0(Context), A
	mov		Contexth1(Context), B
	mov		Contexth2(Context), C
	mov		Contexth3(Context), D
	mov		Contexth4(Context), E

/*	This loop iterates through the blocks of data.  Each iteration updates the
	SHA-1 context for one block.
*/
1:
	#if defined __i386__
		mov		ArgData, Data
	#endif

	/*	Preprocess user data and store in the local data area.  It is a shame
		we cannot overlap this with later work, but we are out of registers and
		do not want tie up a register with Data later on.

		The little-endian version of this routine preprocesses data by
		reversing the order of the bytes, so the SHA-1 arithmetic will work
		correctly.  The big-endian version only copies the data.
	*/
	movl  0*4(Data), t0;    bswapl t0;    movl t0, W( 0)
	movl  1*4(Data), t0;    bswapl t0;    movl t0, W( 1)
	movl  2*4(Data), t0;    bswapl t0;    movl t0, W( 2)
	movl  3*4(Data), t0;    bswapl t0;    movl t0, W( 3)
	movl  4*4(Data), t0;    bswapl t0;    movl t0, W( 4)
	movl  5*4(Data), t0;    bswapl t0;    movl t0, W( 5)
	movl  6*4(Data), t0;    bswapl t0;    movl t0, W( 6)
	movl  7*4(Data), t0;    bswapl t0;    movl t0, W( 7)
	movl  8*4(Data), t0;    bswapl t0;    movl t0, W( 8)
	movl  9*4(Data), t0;    bswapl t0;    movl t0, W( 9)
	movl 10*4(Data), t0;    bswapl t0;    movl t0, W(10)
	movl 11*4(Data), t0;    bswapl t0;    movl t0, W(11)
	movl 12*4(Data), t0;    bswapl t0;    movl t0, W(12)
	movl 13*4(Data), t0;    bswapl t0;    movl t0, W(13)
	movl 14*4(Data), t0;    bswapl t0;    movl t0, W(14)
	movl 15*4(Data), t0;    bswapl t0;    movl t0, W(15)

	// Advance pointer to next block.
	add		$CC_SHA1_BLOCK_BYTES, Data
	#if	defined __i386__
		mov		Data, ArgData
	#endif

	// Steps 0 to 15.  Use words from already prepared message schedule.
	movl W( 0), t0;     Step A, B, C, D, E, F0, t0, Constant0
	movl W( 1), t0;     Step E, A, B, C, D, F0, t0, Constant0
	movl W( 2), t0;     Step D, E, A, B, C, F0, t0, Constant0
	movl W( 3), t0;     Step C, D, E, A, B, F0, t0, Constant0
	movl W( 4), t0;     Step B, C, D, E, A, F0, t0, Constant0

	movl W( 5), t0;     Step A, B, C, D, E, F0, t0, Constant0
	movl W( 6), t0;     Step E, A, B, C, D, F0, t0, Constant0
	movl W( 7), t0;     Step D, E, A, B, C, F0, t0, Constant0
	movl W( 8), t0;     Step C, D, E, A, B, F0, t0, Constant0
	movl W( 9), t0;     Step B, C, D, E, A, F0, t0, Constant0

	movl W(10), t0;     Step A, B, C, D, E, F0, t0, Constant0
	movl W(11), t0;     Step E, A, B, C, D, F0, t0, Constant0
	movl W(12), t0;     Step D, E, A, B, C, F0, t0, Constant0
	movl W(13), t0;     Step C, D, E, A, B, F0, t0, Constant0
	movl W(14), t0;     Step B, C, D, E, A, F0, t0, Constant0

	movl W(15), t0;     Step A, B, C, D, E, F0, t0, Constant0

// Steps 16 to 19.  Update words in message schedule as we go.
	PrepareWord  16;    Step E, A, B, C, D, F0, t0, Constant0
	PrepareWord  17;    Step D, E, A, B, C, F0, t0, Constant0
	PrepareWord  18;    Step C, D, E, A, B, F0, t0, Constant0
	PrepareWord  19;    Step B, C, D, E, A, F0, t0, Constant0

// Steps 20 to 39.
	PrepareWord  20;    Step A, B, C, D, E, F1, t0, Constant1
	PrepareWord  21;    Step E, A, B, C, D, F1, t0, Constant1
	PrepareWord  22;    Step D, E, A, B, C, F1, t0, Constant1
	PrepareWord  23;    Step C, D, E, A, B, F1, t0, Constant1
	PrepareWord  24;    Step B, C, D, E, A, F1, t0, Constant1

	PrepareWord  25;    Step A, B, C, D, E, F1, t0, Constant1
	PrepareWord  26;    Step E, A, B, C, D, F1, t0, Constant1
	PrepareWord  27;    Step D, E, A, B, C, F1, t0, Constant1
	PrepareWord  28;    Step C, D, E, A, B, F1, t0, Constant1
	PrepareWord  29;    Step B, C, D, E, A, F1, t0, Constant1

	PrepareWord  30;    Step A, B, C, D, E, F1, t0, Constant1
	PrepareWord  31;    Step E, A, B, C, D, F1, t0, Constant1
	PrepareWord  32;    Step D, E, A, B, C, F1, t0, Constant1
	PrepareWord  33;    Step C, D, E, A, B, F1, t0, Constant1
	PrepareWord  34;    Step B, C, D, E, A, F1, t0, Constant1

	PrepareWord  35;    Step A, B, C, D, E, F1, t0, Constant1
	PrepareWord  36;    Step E, A, B, C, D, F1, t0, Constant1
	PrepareWord  37;    Step D, E, A, B, C, F1, t0, Constant1
	PrepareWord  38;    Step C, D, E, A, B, F1, t0, Constant1
	PrepareWord  39;    Step B, C, D, E, A, F1, t0, Constant1

// Steps 40 to 59.
	PrepareWord  40;    Step A, B, C, D, E, F2, t0, Constant2
	PrepareWord  41;    Step E, A, B, C, D, F2, t0, Constant2
	PrepareWord  42;    Step D, E, A, B, C, F2, t0, Constant2
	PrepareWord  43;    Step C, D, E, A, B, F2, t0, Constant2
	PrepareWord  44;    Step B, C, D, E, A, F2, t0, Constant2

	PrepareWord  45;    Step A, B, C, D, E, F2, t0, Constant2
	PrepareWord  46;    Step E, A, B, C, D, F2, t0, Constant2
	PrepareWord  47;    Step D, E, A, B, C, F2, t0, Constant2
	PrepareWord  48;    Step C, D, E, A, B, F2, t0, Constant2
	PrepareWord  49;    Step B, C, D, E, A, F2, t0, Constant2

	PrepareWord  50;    Step A, B, C, D, E, F2, t0, Constant2
	PrepareWord  51;    Step E, A, B, C, D, F2, t0, Constant2
	PrepareWord  52;    Step D, E, A, B, C, F2, t0, Constant2
	PrepareWord  53;    Step C, D, E, A, B, F2, t0, Constant2
	PrepareWord  54;    Step B, C, D, E, A, F2, t0, Constant2

	PrepareWord  55;    Step A, B, C, D, E, F2, t0, Constant2
	PrepareWord  56;    Step E, A, B, C, D, F2, t0, Constant2
	PrepareWord  57;    Step D, E, A, B, C, F2, t0, Constant2
	PrepareWord  58;    Step C, D, E, A, B, F2, t0, Constant2
	PrepareWord  59;    Step B, C, D, E, A, F2, t0, Constant2

// Steps 60 to 79.
	PrepareWord  60;    Step A, B, C, D, E, F3, t0, Constant3
	PrepareWord  61;    Step E, A, B, C, D, F3, t0, Constant3
	PrepareWord  62;    Step D, E, A, B, C, F3, t0, Constant3
	PrepareWord  63;    Step C, D, E, A, B, F3, t0, Constant3
	PrepareWord  64;    Step B, C, D, E, A, F3, t0, Constant3

	PrepareWord  65;    Step A, B, C, D, E, F3, t0, Constant3
	PrepareWord  66;    Step E, A, B, C, D, F3, t0, Constant3
	PrepareWord  67;    Step D, E, A, B, C, F3, t0, Constant3
	PrepareWord  68;    Step C, D, E, A, B, F3, t0, Constant3
	PrepareWord  69;    Step B, C, D, E, A, F3, t0, Constant3

	PrepareWord  70;    Step A, B, C, D, E, F3, t0, Constant3
	PrepareWord  71;    Step E, A, B, C, D, F3, t0, Constant3
	PrepareWord  72;    Step D, E, A, B, C, F3, t0, Constant3
	PrepareWord  73;    Step C, D, E, A, B, F3, t0, Constant3
	PrepareWord  74;    Step B, C, D, E, A, F3, t0, Constant3

	PrepareWord  75;    Step A, B, C, D, E, F3, t0, Constant3
	PrepareWord  76;    Step E, A, B, C, D, F3, t0, Constant3
	PrepareWord  77;    Step D, E, A, B, C, F3, t0, Constant3
	PrepareWord  78;    Step C, D, E, A, B, F3, t0, Constant3
	PrepareWord  79;    Step B, C, D, E, A, F3, t0, Constant3

	#if defined __i386__
		mov		ArgContext, Context
	#endif

	// Update SHA-1 context.
	add		Contexth0(Context), A
	add		Contexth1(Context), B
	add		Contexth2(Context), C
	add		Contexth3(Context), D
	add		Contexth4(Context), E

	mov		A, Contexth0(Context)
	mov		B, Contexth1(Context)
	mov		C, Contexth2(Context)
	mov		D, Contexth3(Context)
	mov		E, Contexth4(Context)

	// Decrement and loop if not done.
	#if defined __i386__
		mov		ArgBlocks, Blocks
		add		$-1, Blocks
		mov		Blocks, ArgBlocks
	#else
		add		$-1, Blocks
	#endif
	jg		1b

	// Pop stack and restore registers.
	#if 0 < LocalsSize
		add		$LocalsSize, r4
	#endif
	#if defined __i386__
		pop		r7
		pop		r6
	#endif
	pop		r3
	pop		r5

	ret


#endif	// defined __i386__ || defined __x86_64__

Added Source/Digest/sha2.c.







































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
/* 
 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/*
 ---------------------------------------------------------------------------
 Copyright (c) 2002, Dr Brian Gladman, Worcester, UK.   All rights reserved.

 LICENSE TERMS

 The free distribution and use of this software in both source and binary
 form is allowed (with or without changes) provided that:

   1. distributions of this source code include the above copyright
      notice, this list of conditions and the following disclaimer;

   2. distributions in binary form include the above copyright
      notice, this list of conditions and the following disclaimer
      in the documentation and/or other associated materials;

   3. the copyright holder's name is not used to endorse products
      built using this software without specific written permission.

 ALTERNATIVELY, provided that this notice is retained in full, this product
 may be distributed under the terms of the GNU General Public License (GPL),
 in which case the provisions of the GPL apply INSTEAD OF those given above.

 DISCLAIMER

 This software is provided 'as is' with no explicit or implied warranties
 in respect of its properties, including, but not limited to, correctness
 and/or fitness for purpose.
 ---------------------------------------------------------------------------
 Issue Date: 26/08/2003

 This is a byte oriented version of SHA2 that operates on arrays of bytes
 stored in memory. This code implements sha256, sha384 and sha512 but the
 latter two functions rely on efficient 64-bit integer operations that
 may not be very efficient on 32-bit machines

 The sha256 functions use a type 'sha256_ctx' to hold details of the
 current hash state and uses the following three calls:

       void sha256_begin(sha256_ctx ctx[1])
       void sha256_hash(const unsigned char data[],
                            unsigned long len, sha256_ctx ctx[1])
       void sha_end1(unsigned char hval[], sha256_ctx ctx[1])

 The first subroutine initialises a hash computation by setting up the
 context in the sha256_ctx context. The second subroutine hashes 8-bit
 bytes from array data[] into the hash state withinh sha256_ctx context,
 the number of bytes to be hashed being given by the the unsigned long
 integer len.  The third subroutine completes the hash calculation and
 places the resulting digest value in the array of 8-bit bytes hval[].

 The sha384 and sha512 functions are similar and use the interfaces:

       void sha384_begin(sha384_ctx ctx[1]);
       void sha384_hash(const unsigned char data[],
                            unsigned long len, sha384_ctx ctx[1]);
       void sha384_end(unsigned char hval[], sha384_ctx ctx[1]);

       void sha512_begin(sha512_ctx ctx[1]);
       void sha512_hash(const unsigned char data[],
                            unsigned long len, sha512_ctx ctx[1]);
       void sha512_end(unsigned char hval[], sha512_ctx ctx[1]);

 In addition there is a function sha2 that can be used to call all these
 functions using a call with a hash length parameter as follows:

       int sha2_begin(unsigned long len, sha2_ctx ctx[1]);
       void sha2_hash(const unsigned char data[],
                            unsigned long len, sha2_ctx ctx[1]);
       void sha2_end(unsigned char hval[], sha2_ctx ctx[1]);

 My thanks to Erik Andersen <andersen@codepoet.org> for testing this code
 on big-endian systems and for his assistance with corrections
*/

/*
 * Apple: Measurements indicate that we get both smaller code size and faster
 * performance when compiling this file with -O1 than with either -O3 or -Os.
 *
 * -O1
 * sha2.o 18652 bytes of text
 * 7.509 seconds to digest 100000000 bytes with SHA512
 *
 * -Os
 * sha2.o 19552 bytes of text
 * 8.693 seconds to process 100000000 bytes
 * 
 * -O3
 * sha2.o 20452 bytes of text
 * 8.535 seconds to process 100000000 bytes
 *
 * #defining UNROOL_SHA2 leads to no noticable improvement. 
 */
#include "sha2Priv.h"   /* Apple Common Digest version */

/* define the hash functions that you need          */

#ifndef _APPLE_COMMON_CRYPTO_
#define SHA_2           /* for dynamic hash length  */
#endif  /* _APPLE_COMMON_CRYPTO_ */
#define SHA_224
#define SHA_256
#define SHA_384
#define SHA_512

#if 0
#define UNROLL_SHA2     /* for SHA2 loop unroll     */
#endif

#include <string.h>     /* for memcpy() etc.        */
#include <stdlib.h>     /* for _lrotr with VC++     */

/* #include "sha2.h" */

#if defined(__cplusplus)
extern "C"
{
#endif

/*  PLATFORM SPECIFIC INCLUDES AND BYTE ORDER IN 32-BIT WORDS

    To obtain the highest speed on processors with 32-bit words, this code
    needs to determine the byte order of the target machine. The following
    block of code is an attempt to capture the most obvious ways in which
    various environemnts define byte order. It may well fail, in which case
    the definitions will need to be set by editing at the points marked
    **** EDIT HERE IF NECESSARY **** below.  My thanks go to Peter Gutmann
    for his assistance with this endian detection nightmare.
*/

#define BRG_LITTLE_ENDIAN   1234 /* byte 0 is least significant (i386) */
#define BRG_BIG_ENDIAN      4321 /* byte 0 is most significant (mc68k) */

#if defined(__GNUC__) || defined(__GNU_LIBRARY__)
#  if defined(__FreeBSD__) || defined(__OpenBSD__)
#    include <sys/endian.h>
#  elif defined( BSD ) && ( BSD >= 199103 )
#      include <machine/endian.h>
#  elif defined(__APPLE__)
#    if defined(__BIG_ENDIAN__) && !defined( BIG_ENDIAN )
#      define BIG_ENDIAN
#    elif defined(__LITTLE_ENDIAN__) && !defined( LITTLE_ENDIAN )
#      define LITTLE_ENDIAN
#    endif
#  else
#    include <endian.h>
#    if !defined(__BEOS__)
#      include <byteswap.h>
#    endif
#  endif
#endif

#if !defined(PLATFORM_BYTE_ORDER)
#  if defined(LITTLE_ENDIAN) || defined(BIG_ENDIAN)
#    if    defined(LITTLE_ENDIAN) && !defined(BIG_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
#    elif !defined(LITTLE_ENDIAN) &&  defined(BIG_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
#    elif defined(BYTE_ORDER) && (BYTE_ORDER == LITTLE_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
#    elif defined(BYTE_ORDER) && (BYTE_ORDER == BIG_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
#    endif
#  elif defined(_LITTLE_ENDIAN) || defined(_BIG_ENDIAN)
#    if    defined(_LITTLE_ENDIAN) && !defined(_BIG_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
#    elif !defined(_LITTLE_ENDIAN) &&  defined(_BIG_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
#    elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _LITTLE_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
#    elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _BIG_ENDIAN)
#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
#   endif
#  elif defined(__LITTLE_ENDIAN__) || defined(__BIG_ENDIAN__)
#    if    defined(__LITTLE_ENDIAN__) && !defined(__BIG_ENDIAN__)
#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
#    elif !defined(__LITTLE_ENDIAN__) &&  defined(__BIG_ENDIAN__)
#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
#    elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __LITTLE_ENDIAN__)
#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
#    elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __BIG_ENDIAN__)
#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
#    endif
#  endif
#endif

/*  if the platform is still unknown, try to find its byte order    */
/*  from commonly used machine defines                              */

#if !defined(PLATFORM_BYTE_ORDER)

#if   defined( __alpha__ ) || defined( __alpha ) || defined( i386 )       || \
      defined( __i386__ )  || defined( _M_I86 )  || defined( _M_IX86 )    || \
      defined( __OS2__ )   || defined( sun386 )  || defined( __TURBOC__ ) || \
      defined( vax )       || defined( vms )     || defined( VMS )        || \
      defined( __VMS )     || defined(__x86_64__)
#  define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN

#elif defined( AMIGA )    || defined( applec )  || defined( __AS400__ )  || \
      defined( _CRAY )    || defined( __hppa )  || defined( __hp9000 )   || \
      defined( ibm370 )   || defined( mc68000 ) || defined( m68k )       || \
      defined( __MRC__ )  || defined( __MVS__ ) || defined( __MWERKS__ ) || \
      defined( sparc )    || defined( __sparc)  || defined( SYMANTEC_C ) || \
      defined( __TANDEM ) || defined( THINK_C ) || defined( __VMCMS__ )
#  define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN

#elif 0     /* **** EDIT HERE IF NECESSARY **** */
#  define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
#elif 0     /* **** EDIT HERE IF NECESSARY **** */
#  define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
#else
#  error Please edit sha2.c (line 184 or 186) to set the platform byte order
#endif

#endif

#ifdef _MSC_VER
#pragma intrinsic(memcpy)
#endif

#if 0 && defined(_MSC_VER)
#define rotl32 _lrotl
#define rotr32 _lrotr
#else
#define rotl32(x,n)   (((x) << n) | ((x) >> (32 - n)))
#define rotr32(x,n)   (((x) >> n) | ((x) << (32 - n)))
#endif

#if !defined(bswap_32)
#define bswap_32(x) ((rotr32((x), 24) & 0x00ff00ff) | (rotr32((x), 8) & 0xff00ff00))
#endif

#if (PLATFORM_BYTE_ORDER == BRG_LITTLE_ENDIAN)
#define SWAP_BYTES
#else
#undef  SWAP_BYTES
#endif

#if 0

#define ch(x,y,z)       (((x) & (y)) ^ (~(x) & (z)))
#define maj(x,y,z)      (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))

#else   /* Thanks to Rich Schroeppel and Colin Plumb for the following      */

#define ch(x,y,z)       ((z) ^ ((x) & ((y) ^ (z))))
#define maj(x,y,z)      (((x) & (y)) | ((z) & ((x) ^ (y))))

#endif

/* round transforms for SHA256 and SHA512 compression functions */

#define vf(n,i) v[(n - i) & 7]

#define hf(i) (p[i & 15] += \
    g_1(p[(i + 14) & 15]) + p[(i + 9) & 15] + g_0(p[(i + 1) & 15]))

#define v_cycle(i,j)                                \
    vf(7,i) += (j ? hf(i) : p[i]) + k_0[i+j]        \
    + s_1(vf(4,i)) + ch(vf(4,i),vf(5,i),vf(6,i));   \
    vf(3,i) += vf(7,i);                             \
    vf(7,i) += s_0(vf(0,i))+ maj(vf(0,i),vf(1,i),vf(2,i))

#if defined(SHA_224) || defined(SHA_256)

#define SHA256_MASK (SHA256_BLOCK_SIZE - 1)

#if defined(SWAP_BYTES)
#define bsw_32(p,n) \
    { int _i = (n); while(_i--) ((sha2_32t*)p)[_i] = bswap_32(((sha2_32t*)p)[_i]); }
#else
#define bsw_32(p,n)
#endif

#define s_0(x)  (rotr32((x),  2) ^ rotr32((x), 13) ^ rotr32((x), 22))
#define s_1(x)  (rotr32((x),  6) ^ rotr32((x), 11) ^ rotr32((x), 25))
#define g_0(x)  (rotr32((x),  7) ^ rotr32((x), 18) ^ ((x) >>  3))
#define g_1(x)  (rotr32((x), 17) ^ rotr32((x), 19) ^ ((x) >> 10))
#define k_0     k256

/* rotated SHA256 round definition. Rather than swapping variables as in    */
/* FIPS-180, different variables are 'rotated' on each round, returning     */
/* to their starting positions every eight rounds                           */

#define q(n)  v##n

#define one_cycle(a,b,c,d,e,f,g,h,k,w)  \
    q(h) += s_1(q(e)) + ch(q(e), q(f), q(g)) + k + w; \
    q(d) += q(h); q(h) += s_0(q(a)) + maj(q(a), q(b), q(c))

/* SHA256 mixing data   */

static const sha2_32t k256[64] =
{   0x428a2f98ul, 0x71374491ul, 0xb5c0fbcful, 0xe9b5dba5ul,
    0x3956c25bul, 0x59f111f1ul, 0x923f82a4ul, 0xab1c5ed5ul,
    0xd807aa98ul, 0x12835b01ul, 0x243185beul, 0x550c7dc3ul,
    0x72be5d74ul, 0x80deb1feul, 0x9bdc06a7ul, 0xc19bf174ul,
    0xe49b69c1ul, 0xefbe4786ul, 0x0fc19dc6ul, 0x240ca1ccul,
    0x2de92c6ful, 0x4a7484aaul, 0x5cb0a9dcul, 0x76f988daul,
    0x983e5152ul, 0xa831c66dul, 0xb00327c8ul, 0xbf597fc7ul,
    0xc6e00bf3ul, 0xd5a79147ul, 0x06ca6351ul, 0x14292967ul,
    0x27b70a85ul, 0x2e1b2138ul, 0x4d2c6dfcul, 0x53380d13ul,
    0x650a7354ul, 0x766a0abbul, 0x81c2c92eul, 0x92722c85ul,
    0xa2bfe8a1ul, 0xa81a664bul, 0xc24b8b70ul, 0xc76c51a3ul,
    0xd192e819ul, 0xd6990624ul, 0xf40e3585ul, 0x106aa070ul,
    0x19a4c116ul, 0x1e376c08ul, 0x2748774cul, 0x34b0bcb5ul,
    0x391c0cb3ul, 0x4ed8aa4aul, 0x5b9cca4ful, 0x682e6ff3ul,
    0x748f82eeul, 0x78a5636ful, 0x84c87814ul, 0x8cc70208ul,
    0x90befffaul, 0xa4506cebul, 0xbef9a3f7ul, 0xc67178f2ul,
};

/* Compile 64 bytes of hash data into SHA256 digest value   */
/* NOTE: this routine assumes that the byte order in the    */
/* ctx->wbuf[] at this point is such that low address bytes */
/* in the ORIGINAL byte stream will go into the high end of */
/* words on BOTH big and little endian systems              */

static sha2_void sha256_compile(sha256_ctx ctx[1])
{
#if !defined(UNROLL_SHA2)

    sha2_32t j, *p = ctx->wbuf, v[8];

    memcpy(v, ctx->hash, 8 * sizeof(sha2_32t));

    for(j = 0; j < 64; j += 16)
    {
        v_cycle( 0, j); v_cycle( 1, j);
        v_cycle( 2, j); v_cycle( 3, j);
        v_cycle( 4, j); v_cycle( 5, j);
        v_cycle( 6, j); v_cycle( 7, j);
        v_cycle( 8, j); v_cycle( 9, j);
        v_cycle(10, j); v_cycle(11, j);
        v_cycle(12, j); v_cycle(13, j);
        v_cycle(14, j); v_cycle(15, j);
    }

    ctx->hash[0] += v[0]; ctx->hash[1] += v[1];
    ctx->hash[2] += v[2]; ctx->hash[3] += v[3];
    ctx->hash[4] += v[4]; ctx->hash[5] += v[5];
    ctx->hash[6] += v[6]; ctx->hash[7] += v[7];

#else

    sha2_32t *p = ctx->wbuf,v0,v1,v2,v3,v4,v5,v6,v7;

    v0 = ctx->hash[0]; v1 = ctx->hash[1];
    v2 = ctx->hash[2]; v3 = ctx->hash[3];
    v4 = ctx->hash[4]; v5 = ctx->hash[5];
    v6 = ctx->hash[6]; v7 = ctx->hash[7];

    one_cycle(0,1,2,3,4,5,6,7,k256[ 0],p[ 0]);
    one_cycle(7,0,1,2,3,4,5,6,k256[ 1],p[ 1]);
    one_cycle(6,7,0,1,2,3,4,5,k256[ 2],p[ 2]);
    one_cycle(5,6,7,0,1,2,3,4,k256[ 3],p[ 3]);
    one_cycle(4,5,6,7,0,1,2,3,k256[ 4],p[ 4]);
    one_cycle(3,4,5,6,7,0,1,2,k256[ 5],p[ 5]);
    one_cycle(2,3,4,5,6,7,0,1,k256[ 6],p[ 6]);
    one_cycle(1,2,3,4,5,6,7,0,k256[ 7],p[ 7]);
    one_cycle(0,1,2,3,4,5,6,7,k256[ 8],p[ 8]);
    one_cycle(7,0,1,2,3,4,5,6,k256[ 9],p[ 9]);
    one_cycle(6,7,0,1,2,3,4,5,k256[10],p[10]);
    one_cycle(5,6,7,0,1,2,3,4,k256[11],p[11]);
    one_cycle(4,5,6,7,0,1,2,3,k256[12],p[12]);
    one_cycle(3,4,5,6,7,0,1,2,k256[13],p[13]);
    one_cycle(2,3,4,5,6,7,0,1,k256[14],p[14]);
    one_cycle(1,2,3,4,5,6,7,0,k256[15],p[15]);

    one_cycle(0,1,2,3,4,5,6,7,k256[16],hf( 0));
    one_cycle(7,0,1,2,3,4,5,6,k256[17],hf( 1));
    one_cycle(6,7,0,1,2,3,4,5,k256[18],hf( 2));
    one_cycle(5,6,7,0,1,2,3,4,k256[19],hf( 3));
    one_cycle(4,5,6,7,0,1,2,3,k256[20],hf( 4));
    one_cycle(3,4,5,6,7,0,1,2,k256[21],hf( 5));
    one_cycle(2,3,4,5,6,7,0,1,k256[22],hf( 6));
    one_cycle(1,2,3,4,5,6,7,0,k256[23],hf( 7));
    one_cycle(0,1,2,3,4,5,6,7,k256[24],hf( 8));
    one_cycle(7,0,1,2,3,4,5,6,k256[25],hf( 9));
    one_cycle(6,7,0,1,2,3,4,5,k256[26],hf(10));
    one_cycle(5,6,7,0,1,2,3,4,k256[27],hf(11));
    one_cycle(4,5,6,7,0,1,2,3,k256[28],hf(12));
    one_cycle(3,4,5,6,7,0,1,2,k256[29],hf(13));
    one_cycle(2,3,4,5,6,7,0,1,k256[30],hf(14));
    one_cycle(1,2,3,4,5,6,7,0,k256[31],hf(15));

    one_cycle(0,1,2,3,4,5,6,7,k256[32],hf( 0));
    one_cycle(7,0,1,2,3,4,5,6,k256[33],hf( 1));
    one_cycle(6,7,0,1,2,3,4,5,k256[34],hf( 2));
    one_cycle(5,6,7,0,1,2,3,4,k256[35],hf( 3));
    one_cycle(4,5,6,7,0,1,2,3,k256[36],hf( 4));
    one_cycle(3,4,5,6,7,0,1,2,k256[37],hf( 5));
    one_cycle(2,3,4,5,6,7,0,1,k256[38],hf( 6));
    one_cycle(1,2,3,4,5,6,7,0,k256[39],hf( 7));
    one_cycle(0,1,2,3,4,5,6,7,k256[40],hf( 8));
    one_cycle(7,0,1,2,3,4,5,6,k256[41],hf( 9));
    one_cycle(6,7,0,1,2,3,4,5,k256[42],hf(10));
    one_cycle(5,6,7,0,1,2,3,4,k256[43],hf(11));
    one_cycle(4,5,6,7,0,1,2,3,k256[44],hf(12));
    one_cycle(3,4,5,6,7,0,1,2,k256[45],hf(13));
    one_cycle(2,3,4,5,6,7,0,1,k256[46],hf(14));
    one_cycle(1,2,3,4,5,6,7,0,k256[47],hf(15));

    one_cycle(0,1,2,3,4,5,6,7,k256[48],hf( 0));
    one_cycle(7,0,1,2,3,4,5,6,k256[49],hf( 1));
    one_cycle(6,7,0,1,2,3,4,5,k256[50],hf( 2));
    one_cycle(5,6,7,0,1,2,3,4,k256[51],hf( 3));
    one_cycle(4,5,6,7,0,1,2,3,k256[52],hf( 4));
    one_cycle(3,4,5,6,7,0,1,2,k256[53],hf( 5));
    one_cycle(2,3,4,5,6,7,0,1,k256[54],hf( 6));
    one_cycle(1,2,3,4,5,6,7,0,k256[55],hf( 7));
    one_cycle(0,1,2,3,4,5,6,7,k256[56],hf( 8));
    one_cycle(7,0,1,2,3,4,5,6,k256[57],hf( 9));
    one_cycle(6,7,0,1,2,3,4,5,k256[58],hf(10));
    one_cycle(5,6,7,0,1,2,3,4,k256[59],hf(11));
    one_cycle(4,5,6,7,0,1,2,3,k256[60],hf(12));
    one_cycle(3,4,5,6,7,0,1,2,k256[61],hf(13));
    one_cycle(2,3,4,5,6,7,0,1,k256[62],hf(14));
    one_cycle(1,2,3,4,5,6,7,0,k256[63],hf(15));

    ctx->hash[0] += v0; ctx->hash[1] += v1;
    ctx->hash[2] += v2; ctx->hash[3] += v3;
    ctx->hash[4] += v4; ctx->hash[5] += v5;
    ctx->hash[6] += v6; ctx->hash[7] += v7;
#endif
}

/* SHA256 hash data in an array of bytes into hash buffer   */
/* and call the hash_compile function as required.          */
#ifdef		_APPLE_COMMON_CRYPTO_
int CC_SHA256_Update(CC_SHA256_CTX *ctx, const void *data, CC_LONG len)
#else
sha2_void sha256_hash(const unsigned char data[], unsigned long len, sha256_ctx ctx[1])
#endif  /* _APPLE_COMMON_CRYPTO_ */
{   sha2_32t pos = (sha2_32t)(ctx->count[0] & SHA256_MASK),
             space = SHA256_BLOCK_SIZE - pos;
    const unsigned char *sp = data;

    if((ctx->count[0] += len) < len)
        ++(ctx->count[1]);

    while(len >= space)     /* tranfer whole blocks while possible  */
    {
        memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space);
        sp += space; len -= space; space = SHA256_BLOCK_SIZE; pos = 0;
        bsw_32(ctx->wbuf, SHA256_BLOCK_SIZE >> 2)
        sha256_compile(ctx);
    }

    memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len);
	return 1;
}

/* SHA256 Final padding and digest calculation  */

static sha2_void sha_end1(unsigned char hval[], sha256_ctx ctx[1], const unsigned int hlen)
{   sha2_32t    i = (sha2_32t)(ctx->count[0] & SHA256_MASK);

    /* put bytes in the buffer in an order in which references to   */
    /* 32-bit words will put bytes with lower addresses into the    */
    /* top of 32 bit words on BOTH big and little endian machines   */
    bsw_32(ctx->wbuf, (i + 3) >> 2)

    /* we now need to mask valid bytes and add the padding which is */
    /* a single 1 bit and as many zero bits as necessary. Note that */
    /* we can always add the first padding byte here because the    */
    /* buffer always has at least one empty slot                    */
    ctx->wbuf[i >> 2] &= 0xffffff80 << 8 * (~i & 3);
    ctx->wbuf[i >> 2] |= 0x00000080 << 8 * (~i & 3);

    /* we need 9 or more empty positions, one for the padding byte  */
    /* (above) and eight for the length count.  If there is not     */
    /* enough space pad and empty the buffer                        */
    if(i > SHA256_BLOCK_SIZE - 9)
    {
        if(i < 60) ctx->wbuf[15] = 0;
        sha256_compile(ctx);
        i = 0;
    }
    else    /* compute a word index for the empty buffer positions  */
        i = (i >> 2) + 1;

    while(i < 14) /* and zero pad all but last two positions        */
        ctx->wbuf[i++] = 0;

    /* the following 32-bit length fields are assembled in the      */
    /* wrong byte order on little endian machines but this is       */
    /* corrected later since they are only ever used as 32-bit      */
    /* word values.                                                 */
    ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 29);
    ctx->wbuf[15] = ctx->count[0] << 3;
    sha256_compile(ctx);

    /* extract the hash value as bytes in case the hash buffer is   */
    /* mislaigned for 32-bit words                                  */
    for(i = 0; i < hlen; ++i)
        hval[i] = (unsigned char)(ctx->hash[i >> 2] >> (8 * (~i & 3)));
}

#endif

#if defined(SHA_224)

const sha2_32t i224[8] =
{
    0xc1059ed8ul, 0x367cd507ul, 0x3070dd17ul, 0xf70e5939ul,
    0xffc00b31ul, 0x68581511ul, 0x64f98fa7ul, 0xbefa4fa4ul
};

#ifdef _APPLE_COMMON_CRYPTO_
int sha224_begin(sha256_ctx ctx[1])
#else
sha2_void sha224_begin(sha256_ctx ctx[1])
#endif
{
    ctx->count[0] = ctx->count[1] = 0;
    memcpy(ctx->hash, i224, 8 * sizeof(sha2_32t));
	return 1;
}

#ifdef _APPLE_COMMON_CRYPTO_
int sha224_end(unsigned char hval[], sha256_ctx ctx[1])
#else
sha2_void sha224_end(unsigned char hval[], sha256_ctx ctx[1])
#endif
{
    sha_end1(hval, ctx, SHA224_DIGEST_SIZE);
	return 1;
}

#ifndef _APPLE_COMMON_CRYPTO_
sha2_void sha224(unsigned char hval[], const unsigned char data[], unsigned long len)
{   sha224_ctx  cx[1];

    sha224_begin(cx);
    sha224_hash(data, len, cx);
    sha_end1(hval, cx, SHA224_DIGEST_SIZE);
}
#endif	/* _APPLE_COMMON_CRYPTO_ */

/* provide an actual entry for this instead of #defining it */
extern int CC_SHA224_Update(CC_SHA256_CTX *c, const void *data, CC_LONG len)
{
	return CC_SHA256_Update(c, data, len);
}

#endif	/* SHA_224 */

#if defined(SHA_256)

static const sha2_32t i256[8] =
{
    0x6a09e667ul, 0xbb67ae85ul, 0x3c6ef372ul, 0xa54ff53aul,
    0x510e527ful, 0x9b05688cul, 0x1f83d9abul, 0x5be0cd19ul
};

int sha256_begin(sha256_ctx ctx[1])
{
    ctx->count[0] = ctx->count[1] = 0;
    memcpy(ctx->hash, i256, 8 * sizeof(sha2_32t));
	return 1;
}

int sha256_end(unsigned char hval[], sha256_ctx ctx[1])
{
    sha_end1(hval, ctx, SHA256_DIGEST_SIZE);
	return 1;
}

#ifndef _APPLE_COMMON_CRYPTO_
sha2_void sha256(unsigned char hval[], const unsigned char data[], unsigned long len)
{   sha256_ctx  cx[1];

    sha256_begin(cx);
    sha256_hash(data, len, cx);
    sha_end1(hval, cx, SHA256_DIGEST_SIZE);
}
#endif  /* _APPLE_COMMON_CRYPTO_ */

#endif

#if defined(SHA_384) || defined(SHA_512)

#define SHA512_MASK (SHA512_BLOCK_SIZE - 1)

#define rotr64(x,n)   (((x) >> n) | ((x) << (64 - n)))

#if !defined(bswap_64)
#define bswap_64(x) (((sha2_64t)(bswap_32((sha2_32t)(x)))) << 32 | bswap_32((sha2_32t)((x) >> 32)))
#endif

#if defined(SWAP_BYTES)
#define bsw_64(p,n) \
    { int _i = (n); while(_i--) ((sha2_64t*)p)[_i] = bswap_64(((sha2_64t*)p)[_i]); }
#else
#define bsw_64(p,n)
#endif

/* SHA512 mixing function definitions   */

#ifdef   s_0
# undef  s_0
# undef  s_1
# undef  g_0
# undef  g_1
# undef  k_0
#endif

#define s_0(x)  (rotr64((x), 28) ^ rotr64((x), 34) ^ rotr64((x), 39))
#define s_1(x)  (rotr64((x), 14) ^ rotr64((x), 18) ^ rotr64((x), 41))
#define g_0(x)  (rotr64((x),  1) ^ rotr64((x),  8) ^ ((x) >>  7))
#define g_1(x)  (rotr64((x), 19) ^ rotr64((x), 61) ^ ((x) >>  6))
#define k_0     k512

/* SHA384/SHA512 mixing data    */

static const sha2_64t  k512[80] =
{
    0x428a2f98d728ae22ull, 0x7137449123ef65cdull,
    0xb5c0fbcfec4d3b2full, 0xe9b5dba58189dbbcull,
    0x3956c25bf348b538ull, 0x59f111f1b605d019ull,
    0x923f82a4af194f9bull, 0xab1c5ed5da6d8118ull,
    0xd807aa98a3030242ull, 0x12835b0145706fbeull,
    0x243185be4ee4b28cull, 0x550c7dc3d5ffb4e2ull,
    0x72be5d74f27b896full, 0x80deb1fe3b1696b1ull,
    0x9bdc06a725c71235ull, 0xc19bf174cf692694ull,
    0xe49b69c19ef14ad2ull, 0xefbe4786384f25e3ull,
    0x0fc19dc68b8cd5b5ull, 0x240ca1cc77ac9c65ull,
    0x2de92c6f592b0275ull, 0x4a7484aa6ea6e483ull,
    0x5cb0a9dcbd41fbd4ull, 0x76f988da831153b5ull,
    0x983e5152ee66dfabull, 0xa831c66d2db43210ull,
    0xb00327c898fb213full, 0xbf597fc7beef0ee4ull,
    0xc6e00bf33da88fc2ull, 0xd5a79147930aa725ull,
    0x06ca6351e003826full, 0x142929670a0e6e70ull,
    0x27b70a8546d22ffcull, 0x2e1b21385c26c926ull,
    0x4d2c6dfc5ac42aedull, 0x53380d139d95b3dfull,
    0x650a73548baf63deull, 0x766a0abb3c77b2a8ull,
    0x81c2c92e47edaee6ull, 0x92722c851482353bull,
    0xa2bfe8a14cf10364ull, 0xa81a664bbc423001ull,
    0xc24b8b70d0f89791ull, 0xc76c51a30654be30ull,
    0xd192e819d6ef5218ull, 0xd69906245565a910ull,
    0xf40e35855771202aull, 0x106aa07032bbd1b8ull,
    0x19a4c116b8d2d0c8ull, 0x1e376c085141ab53ull,
    0x2748774cdf8eeb99ull, 0x34b0bcb5e19b48a8ull,
    0x391c0cb3c5c95a63ull, 0x4ed8aa4ae3418acbull,
    0x5b9cca4f7763e373ull, 0x682e6ff3d6b2b8a3ull,
    0x748f82ee5defb2fcull, 0x78a5636f43172f60ull,
    0x84c87814a1f0ab72ull, 0x8cc702081a6439ecull,
    0x90befffa23631e28ull, 0xa4506cebde82bde9ull,
    0xbef9a3f7b2c67915ull, 0xc67178f2e372532bull,
    0xca273eceea26619cull, 0xd186b8c721c0c207ull,
    0xeada7dd6cde0eb1eull, 0xf57d4f7fee6ed178ull,
    0x06f067aa72176fbaull, 0x0a637dc5a2c898a6ull,
    0x113f9804bef90daeull, 0x1b710b35131c471bull,
    0x28db77f523047d84ull, 0x32caab7b40c72493ull,
    0x3c9ebe0a15c9bebcull, 0x431d67c49c100d4cull,
    0x4cc5d4becb3e42b6ull, 0x597f299cfc657e2aull,
    0x5fcb6fab3ad6faecull, 0x6c44198c4a475817ull
};

/* Compile 128 bytes of hash data into SHA384/512 digest    */
/* NOTE: this routine assumes that the byte order in the    */
/* ctx->wbuf[] at this point is such that low address bytes */
/* in the ORIGINAL byte stream will go into the high end of */
/* words on BOTH big and little endian systems              */

static sha2_void sha512_compile(sha512_ctx ctx[1])
{   sha2_64t    v[8], *p = ctx->wbuf;
    sha2_32t    j;

    memcpy(v, ctx->hash, 8 * sizeof(sha2_64t));

    for(j = 0; j < 80; j += 16)
    {
        v_cycle( 0, j); v_cycle( 1, j);
        v_cycle( 2, j); v_cycle( 3, j);
        v_cycle( 4, j); v_cycle( 5, j);
        v_cycle( 6, j); v_cycle( 7, j);
        v_cycle( 8, j); v_cycle( 9, j);
        v_cycle(10, j); v_cycle(11, j);
        v_cycle(12, j); v_cycle(13, j);
        v_cycle(14, j); v_cycle(15, j);
    }

    ctx->hash[0] += v[0]; ctx->hash[1] += v[1];
    ctx->hash[2] += v[2]; ctx->hash[3] += v[3];
    ctx->hash[4] += v[4]; ctx->hash[5] += v[5];
    ctx->hash[6] += v[6]; ctx->hash[7] += v[7];
}

/* Compile 128 bytes of hash data into SHA256 digest value  */
/* NOTE: this routine assumes that the byte order in the    */
/* ctx->wbuf[] at this point is in such an order that low   */
/* address bytes in the ORIGINAL byte stream placed in this */
/* buffer will now go to the high end of words on BOTH big  */
/* and little endian systems                                */

#ifdef  _APPLE_COMMON_CRYPTO_
int CC_SHA512_Update(CC_SHA512_CTX *ctx, const void *data, CC_LONG len)
#else
sha2_void sha512_hash(const unsigned char data[], unsigned long len, sha512_ctx ctx[1])
#endif
{   sha2_32t pos = (sha2_32t)(ctx->count[0] & SHA512_MASK),
             space = SHA512_BLOCK_SIZE - pos;
    const unsigned char *sp = data;

    if((ctx->count[0] += len) < len)
        ++(ctx->count[1]);

    while(len >= space)     /* tranfer whole blocks while possible  */
    {
        memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space);
        sp += space; len -= space; space = SHA512_BLOCK_SIZE; pos = 0;
        bsw_64(ctx->wbuf, SHA512_BLOCK_SIZE >> 3);
        sha512_compile(ctx);
    }

    memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len);
	return 1;
}

/* SHA384/512 Final padding and digest calculation  */

static void sha_end2(unsigned char hval[], sha512_ctx ctx[1], const unsigned int hlen)
{   sha2_32t    i = (sha2_32t)(ctx->count[0] & SHA512_MASK);

    /* put bytes in the buffer in an order in which references to   */
    /* 32-bit words will put bytes with lower addresses into the    */
    /* top of 32 bit words on BOTH big and little endian machines   */
    bsw_64(ctx->wbuf, (i + 7) >> 3);

    /* we now need to mask valid bytes and add the padding which is */
    /* a single 1 bit and as many zero bits as necessary. Note that */
    /* we can always add the first padding byte here because the    */
    /* buffer always has at least one empty slot                    */
    ctx->wbuf[i >> 3] &= 0xffffffffffffff00ull << 8 * (~i & 7);
    ctx->wbuf[i >> 3] |= 0x0000000000000080ull << 8 * (~i & 7);

    /* we need 17 or more empty byte positions, one for the padding */
    /* byte (above) and sixteen for the length count.  If there is  */
    /* not enough space pad and empty the buffer                    */
    if(i > SHA512_BLOCK_SIZE - 17)
    {
        if(i < 120) ctx->wbuf[15] = 0;
        sha512_compile(ctx);
        i = 0;
    }
    else
        i = (i >> 3) + 1;

    while(i < 14)
        ctx->wbuf[i++] = 0;

    /* the following 64-bit length fields are assembled in the      */
    /* wrong byte order on little endian machines but this is       */
    /* corrected later since they are only ever used as 64-bit      */
    /* word values.                                                 */
    ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 61);
    ctx->wbuf[15] = ctx->count[0] << 3;
    sha512_compile(ctx);

    /* extract the hash value as bytes in case the hash buffer is   */
    /* misaligned for 32-bit words                                  */
    for(i = 0; i < hlen; ++i)
        hval[i] = (unsigned char)(ctx->hash[i >> 3] >> (8 * (~i & 7)));
}

#endif

#if defined(SHA_384)

/* SHA384 initialisation data   */

static const sha2_64t  i384[80] =
{
    0xcbbb9d5dc1059ed8ull, 0x629a292a367cd507ull,
    0x9159015a3070dd17ull, 0x152fecd8f70e5939ull,
    0x67332667ffc00b31ull, 0x8eb44a8768581511ull,
    0xdb0c2e0d64f98fa7ull, 0x47b5481dbefa4fa4ull
};

#ifdef _APPLE_COMMON_CRYPTO_
int sha384_begin(sha384_ctx *ctx)
#else
sha2_void sha384_begin(sha384_ctx ctx[1])
#endif
{
    ctx->count[0] = ctx->count[1] = 0;
    memcpy(ctx->hash, i384, 8 * sizeof(sha2_64t));
	return 1;
}

#ifdef _APPLE_COMMON_CRYPTO_
int sha384_end(unsigned char *hval, sha384_ctx *ctx)
#else
sha2_void sha384_end(unsigned char hval[], sha384_ctx ctx[1])
#endif
{
    sha_end2(hval, ctx, SHA384_DIGEST_SIZE);
	return 1;
}

/* provide an actual entry for this instead of #defining it */
extern int CC_SHA384_Update(CC_SHA512_CTX *c, const void *data, CC_LONG len)
{
	return CC_SHA512_Update(c, data, len);
}


#ifndef _APPLE_COMMON_CRYPTO_
sha2_void sha384(unsigned char hval[], const unsigned char data[], unsigned long len)
{   sha384_ctx  cx[1];

    sha384_begin(cx);
    sha384_hash(data, len, cx);
    sha_end2(hval, cx, SHA384_DIGEST_SIZE);
}
#endif  /* _APPLE_COMMON_CRYPTO_ */
#endif

#if defined(SHA_512)

/* SHA512 initialisation data   */

static const sha2_64t  i512[80] =
{
    0x6a09e667f3bcc908ull, 0xbb67ae8584caa73bull,
    0x3c6ef372fe94f82bull, 0xa54ff53a5f1d36f1ull,
    0x510e527fade682d1ull, 0x9b05688c2b3e6c1full,
    0x1f83d9abfb41bd6bull, 0x5be0cd19137e2179ull
};

#ifdef _APPLE_COMMON_CRYPTO_
int sha512_begin(sha512_ctx *ctx)
#else
sha2_void sha512_begin(sha512_ctx ctx[1])
#endif
{
    ctx->count[0] = ctx->count[1] = 0;
    memcpy(ctx->hash, i512, 8 * sizeof(sha2_64t));
	return 1;
}

#ifdef _APPLE_COMMON_CRYPTO_
int sha512_end(unsigned char *hval, sha512_ctx *ctx)
#else
sha2_void sha512_end(unsigned char hval[], sha512_ctx ctx[1])
#endif
{
    sha_end2(hval, ctx, SHA512_DIGEST_SIZE);
	return 1;
}

#ifndef _APPLE_COMMON_CRYPTO_
sha2_void sha512(unsigned char hval[], const unsigned char data[], unsigned long len)
{   sha512_ctx  cx[1];

    sha512_begin(cx);
    sha512_hash(data, len, cx);
    sha_end2(hval, cx, SHA512_DIGEST_SIZE);
}
#endif  /* _APPLE_COMMON_CRYPTO_ */

#endif

#if defined(SHA_2)

#define CTX_224(x)  ((x)->uu->ctx256)
#define CTX_256(x)  ((x)->uu->ctx256)
#define CTX_384(x)  ((x)->uu->ctx512)
#define CTX_512(x)  ((x)->uu->ctx512)

/* SHA2 initialisation */

sha2_int sha2_begin(unsigned long len, sha2_ctx ctx[1])
{   unsigned long   l = len;
    switch(len)
    {
#if defined(SHA224)
        case 224:
        case  28:   CTX_256(ctx)->count[0] = CTX_256(ctx)->count[1] = 0;
                    memcpy(CTX_256(ctx)->hash, i224, 32);
                    ctx->sha2_len = 28; return SHA2_GOOD;
#endif
#if defined(SHA256)
        case 256:
        case  32:   CTX_256(ctx)->count[0] = CTX_256(ctx)->count[1] = 0;
                    memcpy(CTX_256(ctx)->hash, i256, 32);
                    ctx->sha2_len = 32; return SHA2_GOOD;
#endif
#if defined(SHA384)
        case 384:
        case  48:   CTX_384(ctx)->count[0] = CTX_384(ctx)->count[1] = 0;
                    memcpy(CTX_384(ctx)->hash, i384, 64);
                    ctx->sha2_len = 48; return SHA2_GOOD;
#endif
#if defined(SHA512)
        case 512:
        case  64:   CTX_512(ctx)->count[0] = CTX_512(ctx)->count[1] = 0;
                    memcpy(CTX_512(ctx)->hash, i512, 64);
                    ctx->sha2_len = 64; return SHA2_GOOD;
#endif
        default:    return SHA2_BAD;
    }
}

sha2_void sha2_hash(const unsigned char data[], unsigned long len, sha2_ctx ctx[1])
{
    switch(ctx->sha2_len)
    {
#if defined(SHA224)
        case 28: sha224_hash(data, len, CTX_224(ctx)); return;
#endif
#if defined(SHA256)
        case 32: sha256_hash(data, len, CTX_256(ctx)); return;
#endif
#if defined(SHA384)
        case 48: sha384_hash(data, len, CTX_384(ctx)); return;
#endif
#if defined(SHA512)
        case 64: sha512_hash(data, len, CTX_512(ctx)); return;
#endif
    }
}

sha2_void sha2_end(unsigned char hval[], sha2_ctx ctx[1])
{
    switch(ctx->sha2_len)
    {
#if defined(SHA224)
        case 28: sha_end1(hval, CTX_224(ctx), SHA224_DIGEST_SIZE); return;
#endif
#if defined(SHA256)
        case 32: sha_end1(hval, CTX_256(ctx), SHA256_DIGEST_SIZE); return;
#endif
#if defined(SHA384)
        case 48: sha_end2(hval, CTX_384(ctx), SHA384_DIGEST_SIZE); return;
#endif
#if defined(SHA512)
        case 64: sha_end2(hval, CTX_512(ctx), SHA512_DIGEST_SIZE); return;
#endif
    }
}

sha2_int sha2(unsigned char hval[], unsigned long size,
                                const unsigned char data[], unsigned long len)
{   sha2_ctx    cx[1];

    if(sha2_begin(size, cx) == SHA2_GOOD)
    {
        sha2_hash(data, len, cx); sha2_end(hval, cx); return SHA2_GOOD;
    }
    else
        return SHA2_BAD;
}

#endif  /* SHA2 */

#if defined(__cplusplus)
}
#endif

CC_DIGEST_ONE_SHOT(CC_SHA224, CC_SHA256_CTX, CC_SHA224_Init, 
	CC_SHA224_Update, CC_SHA224_Final)

CC_DIGEST_ONE_SHOT(CC_SHA256, CC_SHA256_CTX, CC_SHA256_Init, 
	CC_SHA256_Update, CC_SHA256_Final)

CC_DIGEST_ONE_SHOT(CC_SHA384, CC_SHA512_CTX, CC_SHA384_Init, 
	CC_SHA384_Update, CC_SHA384_Final)

CC_DIGEST_ONE_SHOT(CC_SHA512, CC_SHA512_CTX, CC_SHA512_Init, 
	CC_SHA512_Update, CC_SHA512_Final)

Added Source/Digest/sha2Priv.h.

















































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
/* 
 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */
 
#ifndef _CC_SHA2_PRIV_H_
#define _CC_SHA2_PRIV_H_


/* 
 * This is a replacement for sha2.h; all types, consts, and prototypes are defined
 * in CommonDigest.h. We redefine them here so the original Gladman source is 
 * unmodified except for the include of sha2.h. 
 */
#include "CommonDigestPriv.h"
#include <CommonCrypto/CommonDigest.h>

#define SHA224_DIGEST_SIZE  CC_SHA224_DIGEST_LENGTH
#define SHA256_DIGEST_SIZE  CC_SHA256_DIGEST_LENGTH
#define SHA384_DIGEST_SIZE  CC_SHA384_DIGEST_LENGTH
#define SHA512_DIGEST_SIZE  CC_SHA512_DIGEST_LENGTH

#define SHA224_BLOCK_SIZE   CC_SHA224_BLOCK_BYTES
#define SHA256_BLOCK_SIZE   CC_SHA256_BLOCK_BYTES
#define SHA384_BLOCK_SIZE   CC_SHA384_BLOCK_BYTES
#define SHA512_BLOCK_SIZE   CC_SHA512_BLOCK_BYTES

#define SHA2_GOOD   0
#define SHA2_BAD    1

typedef void sha2_void;

typedef CC_LONG sha2_32t;
typedef CC_LONG64 sha2_64t;

typedef CC_SHA256_CTX sha224_ctx;	
typedef CC_SHA256_CTX sha256_ctx;
typedef CC_SHA512_CTX sha384_ctx;
typedef CC_SHA512_CTX sha512_ctx;

#define sha224_begin(c)			CC_SHA224_Init(c)
#define sha224_end(md, c)		CC_SHA224_Final(md, c)

#define sha256_begin(c)			CC_SHA256_Init(c)
#define sha256_end(md, c)		CC_SHA256_Final(md, c)

#define sha384_begin(c)			CC_SHA384_Init(c)
#define sha384_end(md, c)		CC_SHA384_Final(md, c)

#define sha512_begin(c)			CC_SHA512_Init(c)
#define sha512_end(md, c)		CC_SHA512_Final(md, c)

#endif  /* _CC_SHA2_PRIV_H_ */

Added Source/Digest/sha_locl.h.





















































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
/* crypto/sha/sha_locl.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <stdlib.h>
#include <string.h>

#include "CommonDigestPriv.h"

#ifndef	_APPLE_COMMON_CRYPTO_
#include <openssl/opensslconf.h>
#include <openssl/sha.h>
#endif

#ifndef SHA_LONG_LOG2
#define SHA_LONG_LOG2	2	/* default to 32 bits */
#endif

#define DATA_ORDER_IS_BIG_ENDIAN

#define HASH_LONG               SHA_LONG
#define HASH_LONG_LOG2          SHA_LONG_LOG2
#define HASH_CTX                SHA_CTX
#define HASH_CBLOCK             SHA_CBLOCK
#define HASH_LBLOCK             SHA_LBLOCK
#define HASH_MAKE_STRING(c,s)   do {	\
	unsigned long ll;		\
	ll=(c)->h0; HOST_l2c(ll,(s));	\
	ll=(c)->h1; HOST_l2c(ll,(s));	\
	ll=(c)->h2; HOST_l2c(ll,(s));	\
	ll=(c)->h3; HOST_l2c(ll,(s));	\
	ll=(c)->h4; HOST_l2c(ll,(s));	\
	} while (0)

#if defined(SHA_0)

# define HASH_UPDATE             	SHA_Update
# define HASH_TRANSFORM          	SHA_Transform
# define HASH_FINAL              	SHA_Final
# define HASH_INIT			SHA_Init
# define HASH_BLOCK_HOST_ORDER   	sha_block_host_order
# define HASH_BLOCK_DATA_ORDER   	sha_block_data_order
# define Xupdate(a,ix,ia,ib,ic,id)	(ix=(a)=(ia^ib^ic^id))

  void sha_block_host_order (SHA_CTX *c, const void *p,int num);
  void sha_block_data_order (SHA_CTX *c, const void *p,int num);

#elif defined(SHA_1)

#ifdef	_APPLE_COMMON_CRYPTO_
#if CC_SHA1_USE_HARDWARE
# define HASH_UPDATE             	_CC_SHA1_Update
#else
# define HASH_UPDATE             	CC_SHA1_Update
#endif
# define HASH_TRANSFORM          	CC_SHA1_Transform
# define HASH_FINAL              	CC_SHA1_Final
# define HASH_INIT					CC_SHA1_Init
#else
# define HASH_UPDATE             	SHA1_Update
# define HASH_TRANSFORM          	SHA1_Transform
# define HASH_FINAL              	SHA1_Final
# define HASH_INIT			SHA1_Init
#endif	/* _APPLE_COMMON_CRYPTO_ */

# define HASH_BLOCK_HOST_ORDER   	sha1_block_host_order
# define HASH_BLOCK_DATA_ORDER   	sha1_block_data_order
# if defined(__MWERKS__) && defined(__MC68K__)
   /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */
#  define Xupdate(a,ix,ia,ib,ic,id)	do { (a)=(ia^ib^ic^id);		\
					     ix=(a)=ROTATE((a),1);	\
					} while (0)
# else
#  define Xupdate(a,ix,ia,ib,ic,id)	( (a)=(ia^ib^ic^id),	\
					  ix=(a)=ROTATE((a),1)	\
					)
# endif

#define SHA1_ASM
#ifdef SHA1_ASM
	#if defined __i386__ || defined __x86_64__
		#define sha1_block_host_order		sha1_block_asm_host_order
		#define DONT_IMPLEMENT_BLOCK_HOST_ORDER
		#define sha1_block_data_order		sha1_block_asm_data_order
		#define DONT_IMPLEMENT_BLOCK_DATA_ORDER
		#define HASH_BLOCK_DATA_ORDER_ALIGNED	sha1_block_asm_data_order
  		#include "sha1edp.h"
	#endif
#endif
__private_extern__ void sha1_block_host_order (SHA_CTX *c, const void *p,int num);
__private_extern__ void sha1_block_data_order (SHA_CTX *c, const void *p,int num);

#else
# error "Either SHA_0 or SHA_1 must be defined."
#endif

#include "md32_common.h"

#define INIT_DATA_h0 0x67452301UL
#define INIT_DATA_h1 0xefcdab89UL
#define INIT_DATA_h2 0x98badcfeUL
#define INIT_DATA_h3 0x10325476UL
#define INIT_DATA_h4 0xc3d2e1f0UL

int HASH_INIT (SHA_CTX *c)
	{
	c->h0=INIT_DATA_h0;
	c->h1=INIT_DATA_h1;
	c->h2=INIT_DATA_h2;
	c->h3=INIT_DATA_h3;
	c->h4=INIT_DATA_h4;
	c->Nl=0;
	c->Nh=0;
	c->num=0;
	return 1;
	}

#define K_00_19	0x5a827999UL
#define K_20_39 0x6ed9eba1UL
#define K_40_59 0x8f1bbcdcUL
#define K_60_79 0xca62c1d6UL

/* As  pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
 * simplified to the code in F_00_19.  Wei attributes these optimisations
 * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
 * #define F(x,y,z) (((x) & (y))  |  ((~(x)) & (z)))
 * I've just become aware of another tweak to be made, again from Wei Dai,
 * in F_40_59, (x&a)|(y&a) -> (x|y)&a
 */
#define	F_00_19(b,c,d)	((((c) ^ (d)) & (b)) ^ (d)) 
#define	F_20_39(b,c,d)	((b) ^ (c) ^ (d))
#define F_40_59(b,c,d)	(((b) & (c)) | (((b)|(c)) & (d))) 
#define	F_60_79(b,c,d)	F_20_39(b,c,d)

#define BODY_00_15(i,a,b,c,d,e,f,xi) \
	(f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
	(b)=ROTATE((b),30);

#define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
	Xupdate(f,xi,xa,xb,xc,xd); \
	(f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
	(b)=ROTATE((b),30);

#define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
	Xupdate(f,xi,xa,xb,xc,xd); \
	(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
	(b)=ROTATE((b),30);

#define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \
	Xupdate(f,xa,xa,xb,xc,xd); \
	(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
	(b)=ROTATE((b),30);

#define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \
	Xupdate(f,xa,xa,xb,xc,xd); \
	(f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
	(b)=ROTATE((b),30);

#define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \
	Xupdate(f,xa,xa,xb,xc,xd); \
	(f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
	(b)=ROTATE((b),30);

#ifdef X
#undef X
#endif
#ifndef MD32_XARRAY
  /*
   * Originally X was an array. As it's automatic it's natural
   * to expect RISC compiler to accomodate at least part of it in
   * the register bank, isn't it? Unfortunately not all compilers
   * "find" this expectation reasonable:-( On order to make such
   * compilers generate better code I replace X[] with a bunch of
   * X0, X1, etc. See the function body below...
   *					<appro@fy.chalmers.se>
   */
# define X(i)	XX##i
#else
  /*
   * However! Some compilers (most notably HP C) get overwhelmed by
   * that many local variables so that we have to have the way to
   * fall down to the original behavior.
   */
# define X(i)	XX[i]
#endif

#ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER
__private_extern__ void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num)
	{
	const SHA_LONG *W=d;
	register unsigned MD32_REG_T A,B,C,D,E,T;
#ifndef MD32_XARRAY
	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
#else
	SHA_LONG	XX[16];
#endif

	A=c->h0;
	B=c->h1;
	C=c->h2;
	D=c->h3;
	E=c->h4;

	for (;;)
		{
	BODY_00_15( 0,A,B,C,D,E,T,W[ 0]);
	BODY_00_15( 1,T,A,B,C,D,E,W[ 1]);
	BODY_00_15( 2,E,T,A,B,C,D,W[ 2]);
	BODY_00_15( 3,D,E,T,A,B,C,W[ 3]);
	BODY_00_15( 4,C,D,E,T,A,B,W[ 4]);
	BODY_00_15( 5,B,C,D,E,T,A,W[ 5]);
	BODY_00_15( 6,A,B,C,D,E,T,W[ 6]);
	BODY_00_15( 7,T,A,B,C,D,E,W[ 7]);
	BODY_00_15( 8,E,T,A,B,C,D,W[ 8]);
	BODY_00_15( 9,D,E,T,A,B,C,W[ 9]);
	BODY_00_15(10,C,D,E,T,A,B,W[10]);
	BODY_00_15(11,B,C,D,E,T,A,W[11]);
	BODY_00_15(12,A,B,C,D,E,T,W[12]);
	BODY_00_15(13,T,A,B,C,D,E,W[13]);
	BODY_00_15(14,E,T,A,B,C,D,W[14]);
	BODY_00_15(15,D,E,T,A,B,C,W[15]);

	BODY_16_19(16,C,D,E,T,A,B,X( 0),W[ 0],W[ 2],W[ 8],W[13]);
	BODY_16_19(17,B,C,D,E,T,A,X( 1),W[ 1],W[ 3],W[ 9],W[14]);
	BODY_16_19(18,A,B,C,D,E,T,X( 2),W[ 2],W[ 4],W[10],W[15]);
	BODY_16_19(19,T,A,B,C,D,E,X( 3),W[ 3],W[ 5],W[11],X( 0));

	BODY_20_31(20,E,T,A,B,C,D,X( 4),W[ 4],W[ 6],W[12],X( 1));
	BODY_20_31(21,D,E,T,A,B,C,X( 5),W[ 5],W[ 7],W[13],X( 2));
	BODY_20_31(22,C,D,E,T,A,B,X( 6),W[ 6],W[ 8],W[14],X( 3));
	BODY_20_31(23,B,C,D,E,T,A,X( 7),W[ 7],W[ 9],W[15],X( 4));
	BODY_20_31(24,A,B,C,D,E,T,X( 8),W[ 8],W[10],X( 0),X( 5));
	BODY_20_31(25,T,A,B,C,D,E,X( 9),W[ 9],W[11],X( 1),X( 6));
	BODY_20_31(26,E,T,A,B,C,D,X(10),W[10],W[12],X( 2),X( 7));
	BODY_20_31(27,D,E,T,A,B,C,X(11),W[11],W[13],X( 3),X( 8));
	BODY_20_31(28,C,D,E,T,A,B,X(12),W[12],W[14],X( 4),X( 9));
	BODY_20_31(29,B,C,D,E,T,A,X(13),W[13],W[15],X( 5),X(10));
	BODY_20_31(30,A,B,C,D,E,T,X(14),W[14],X( 0),X( 6),X(11));
	BODY_20_31(31,T,A,B,C,D,E,X(15),W[15],X( 1),X( 7),X(12));

	BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
	BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
	BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
	BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
	BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
	BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
	BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
	BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));

	BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
	BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
	BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
	BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
	BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
	BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
	BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
	BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
	BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
	BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
	BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
	BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
	BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
	BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
	BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
	BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
	BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
	BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
	BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
	BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));

	BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
	BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
	BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
	BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
	BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
	BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
	BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
	BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
	BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
	BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
	BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
	BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
	BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
	BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
	BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
	BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
	BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
	BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
	BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
	BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
	
	c->h0=(c->h0+E)&0xffffffffL; 
	c->h1=(c->h1+T)&0xffffffffL;
	c->h2=(c->h2+A)&0xffffffffL;
	c->h3=(c->h3+B)&0xffffffffL;
	c->h4=(c->h4+C)&0xffffffffL;

	if (--num <= 0) break;

	A=c->h0;
	B=c->h1;
	C=c->h2;
	D=c->h3;
	E=c->h4;

	W+=SHA_LBLOCK;
		}
	}
#endif

#ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER
__private_extern__ void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num)
	{
	const unsigned char *data=p;
	register unsigned MD32_REG_T A,B,C,D,E,T,l;
#ifndef MD32_XARRAY
	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
#else
	SHA_LONG	XX[16];
#endif

	A=c->h0;
	B=c->h1;
	C=c->h2;
	D=c->h3;
	E=c->h4;

	for (;;)
		{

	HOST_c2l(data,l); X( 0)=l;		HOST_c2l(data,l); X( 1)=l;
	BODY_00_15( 0,A,B,C,D,E,T,X( 0));	HOST_c2l(data,l); X( 2)=l;
	BODY_00_15( 1,T,A,B,C,D,E,X( 1));	HOST_c2l(data,l); X( 3)=l;
	BODY_00_15( 2,E,T,A,B,C,D,X( 2));	HOST_c2l(data,l); X( 4)=l;
	BODY_00_15( 3,D,E,T,A,B,C,X( 3));	HOST_c2l(data,l); X( 5)=l;
	BODY_00_15( 4,C,D,E,T,A,B,X( 4));	HOST_c2l(data,l); X( 6)=l;
	BODY_00_15( 5,B,C,D,E,T,A,X( 5));	HOST_c2l(data,l); X( 7)=l;
	BODY_00_15( 6,A,B,C,D,E,T,X( 6));	HOST_c2l(data,l); X( 8)=l;
	BODY_00_15( 7,T,A,B,C,D,E,X( 7));	HOST_c2l(data,l); X( 9)=l;
	BODY_00_15( 8,E,T,A,B,C,D,X( 8));	HOST_c2l(data,l); X(10)=l;
	BODY_00_15( 9,D,E,T,A,B,C,X( 9));	HOST_c2l(data,l); X(11)=l;
	BODY_00_15(10,C,D,E,T,A,B,X(10));	HOST_c2l(data,l); X(12)=l;
	BODY_00_15(11,B,C,D,E,T,A,X(11));	HOST_c2l(data,l); X(13)=l;
	BODY_00_15(12,A,B,C,D,E,T,X(12));	HOST_c2l(data,l); X(14)=l;
	BODY_00_15(13,T,A,B,C,D,E,X(13));	HOST_c2l(data,l); X(15)=l;
	BODY_00_15(14,E,T,A,B,C,D,X(14));
	BODY_00_15(15,D,E,T,A,B,C,X(15));

	BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13));
	BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14));
	BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15));
	BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0));

	BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1));
	BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2));
	BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3));
	BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4));
	BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5));
	BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6));
	BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7));
	BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8));
	BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9));
	BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10));
	BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11));
	BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12));

	BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
	BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
	BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
	BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
	BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
	BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
	BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
	BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));

	BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
	BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
	BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
	BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
	BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
	BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
	BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
	BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
	BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
	BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
	BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
	BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
	BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
	BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
	BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
	BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
	BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
	BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
	BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
	BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));

	BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
	BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
	BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
	BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
	BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
	BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
	BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
	BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
	BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
	BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
	BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
	BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
	BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
	BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
	BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
	BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
	BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
	BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
	BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
	BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
	
	c->h0=(c->h0+E)&0xffffffffL; 
	c->h1=(c->h1+T)&0xffffffffL;
	c->h2=(c->h2+A)&0xffffffffL;
	c->h3=(c->h3+B)&0xffffffffL;
	c->h4=(c->h4+C)&0xffffffffL;

	if (--num <= 0) break;

	A=c->h0;
	B=c->h1;
	C=c->h2;
	D=c->h3;
	E=c->h4;

		}
	}
#endif

Added Source/GladmanAES/README.













>
>
>
>
>
>
1
2
3
4
5
6
This AES implementation is based on the Gladman implementation in xnu-863. 

The C files in this directory have been modified to produce no object code
unless the preprocessor symbol UseGladmanAES is defined (in aesopt.h).  If the
symbol is not defined, there some other AES implementation (such as AESedp)
must be supplied elsewhere in the build.

Added Source/GladmanAES/aescrypt.c.

































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
/*
 ---------------------------------------------------------------------------
 Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.   All rights reserved.

 LICENSE TERMS

 The free distribution and use of this software in both source and binary
 form is allowed (with or without changes) provided that:

   1. distributions of this source code include the above copyright
      notice, this list of conditions and the following disclaimer;

   2. distributions in binary form include the above copyright
      notice, this list of conditions and the following disclaimer
      in the documentation and/or other associated materials;

   3. the copyright holder's name is not used to endorse products
      built using this software without specific written permission.

 ALTERNATIVELY, provided that this notice is retained in full, this product
 may be distributed under the terms of the GNU General Public License (GPL),
 in which case the provisions of the GPL apply INSTEAD OF those given above.

 DISCLAIMER

 This software is provided 'as is' with no explicit or implied warranties
 in respect of its properties, including, but not limited to, correctness
 and/or fitness for purpose.
 ---------------------------------------------------------------------------
 Issue 28/01/2004

 This file contains the code for implementing encryption and decryption
 for AES (Rijndael) for block and key sizes of 16, 24 and 32 bytes. It
 can optionally be replaced by code written in assembler using NASM. For
 further details see the file aesopt.h
*/

#include <CommonCrypto/aesopt.h>
#include "aestab.h"
#include <strings.h>

/*	Produce object code iff UseGladmanAES is defined.  Otherwise, suppress
	use of this module, because some other AES implementation is being used.
*/
#if defined UseGladmanAES

#if defined(__cplusplus)
extern "C"
{
#endif

#define ki(y,x,k,c) (s(y,c) = s(x, c) ^ (k)[c])
#define xo(y,x,c) (s(y,c) ^= s(x, c))
#define si(y,x,c)   (s(y,c) = word_in(x, c))
#define so(y,x,c)   word_out(y, c, s(x,c))

#if defined(ARRAYS)
#define locals(y,x)     x[4],y[4]
#else
#define locals(y,x)     x##0,x##1,x##2,x##3,y##0,y##1,y##2,y##3
#endif

#define dtables(tab)     const aes_32t *tab##0, *tab##1, *tab##2, *tab##3
#define itables(tab)     tab##0 = tab[0]; tab##1 = tab[1]; tab##2 = tab[2]; tab##3 = tab[3]

#define l_copy(y, x)    s(y,0) = s(x,0); s(y,1) = s(x,1); \
                        s(y,2) = s(x,2); s(y,3) = s(x,3);

#define key_in(y,x,k)   ki(y,x,k,0); ki(y,x,k,1); ki(y,x,k,2); ki(y,x,k,3)
#define cbc(y,x)        xo(y,x,0); xo(y,x,1); xo(y,x,2); xo(y,x,3)
#define state_in(y,x)   si(y,x,0); si(y,x,1); si(y,x,2); si(y,x,3)
#define state_out(y,x)  so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3)
#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3)

#if defined(ENCRYPTION) && !defined(AES_ASM)

/* Visual C++ .Net v7.1 provides the fastest encryption code when using
   Pentium optimiation with small code but this is poor for decryption
   so we need to control this with the following VC++ pragmas
*/

#if defined(_MSC_VER)
#pragma optimize( "s", on )
#endif

/* Given the column (c) of the output state variable, the following
   macros give the input state variables which are needed in its
   computation for each row (r) of the state. All the alternative
   macros give the same end values but expand into different ways
   of calculating these values.  In particular the complex macro
   used for dynamically variable block sizes is designed to expand
   to a compile time constant whenever possible but will expand to
   conditional clauses on some branches (I am grateful to Frank
   Yellin for this construction)
*/

#define fwd_var(x,r,c)\
 ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\
 : r == 1 ? ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))\
 : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\
 :          ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2)))

#if defined(FT4_SET)
#undef  dec_fmvars
#  if defined(ENC_ROUND_CACHE_TABLES)
#define fwd_rnd(y,x,k,c)    (s(y,c) = (k)[c] ^ four_cached_tables(x,t_fn,fwd_var,rf1,c))
#  else
#define fwd_rnd(y,x,k,c)    (s(y,c) = (k)[c] ^ four_tables(x,t_fn,fwd_var,rf1,c))
#  endif
#elif defined(FT1_SET)
#undef  dec_fmvars
#define fwd_rnd(y,x,k,c)    (s(y,c) = (k)[c] ^ one_table(x,upr,t_fn,fwd_var,rf1,c))
#else
#define fwd_rnd(y,x,k,c)    (s(y,c) = (k)[c] ^ fwd_mcol(no_table(x,t_sbox,fwd_var,rf1,c)))
#endif

#if defined(FL4_SET)
#  if defined(LAST_ENC_ROUND_CACHE_TABLES)
#define fwd_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ four_cached_tables(x,t_fl,fwd_var,rf1,c))
#  else
#define fwd_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ four_tables(x,t_fl,fwd_var,rf1,c))
#  endif
#elif defined(FL1_SET)
#define fwd_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ one_table(x,ups,t_fl,fwd_var,rf1,c))
#else
#define fwd_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ no_table(x,t_sbox,fwd_var,rf1,c))
#endif

aes_rval aes_encrypt_cbc(const unsigned char *in, const unsigned char *in_iv, unsigned int num_blk,
					 unsigned char *out, aes_encrypt_ctx cx[1])
{   aes_32t         locals(b0, b1);
    const aes_32t   *kp;
    const aes_32t   *kptr = cx->ks;
	#ifdef _APPLE_COMMON_CRYPTO_
	int				cbcEnable = (cx->cbcEnable || in_iv) ? 1 : 0;
	#endif
	
#if defined(ENC_ROUND_CACHE_TABLES)
	dtables(t_fn);
#endif
#if defined(LAST_ENC_ROUND_CACHE_TABLES)
	dtables(t_fl);
#endif

#if defined( dec_fmvars )
    dec_fmvars; /* declare variables for fwd_mcol() if needed */
#endif

#if defined( AES_ERR_CHK )
    if( cx->rn != 10 && cx->rn != 12 && cx->rn != 14 )
        return aes_error;
#endif

	// Load IV into b0.
	#ifdef		_APPLE_COMMON_CRYPTO_
	if(in_iv) {
		state_in(b0, in_iv);
	}
	else {
		state_in(b0, cx->chainBuf);
	}
	#else
	state_in(b0, in_iv);
	#endif	/* _APPLE_COMMON_CRYPTO_ */
	
	for (;num_blk; in += AES_BLOCK_SIZE, out += AES_BLOCK_SIZE, --num_blk)
	{
		kp = kptr;
#if 0
		// Read the plaintext into b1
		state_in(b1, in);
		#ifdef _APPLE_COMMON_CRYPTO_
		if(cbcEnable) {
		#endif
			// Do the CBC with b0 which is either the iv or the ciphertext of the 
			// previous block.
			cbc(b1, b0);
		#ifdef _APPLE_COMMON_CRYPTO_
		}
		#endif

		// Xor b1 with the key schedule to get things started.
		key_in(b0, b1, kp);
#else
		#ifdef _APPLE_COMMON_CRYPTO_
		if(cbcEnable) {
		#endif
			// Since xor is associative we mess with the ordering here to get 
			// the loads started early
			key_in(b1, b0, kp);  // Xor b0(IV) with the key schedule and assign to b1
			state_in(b0, in);    // Load block into b0
			cbc(b0, b1);         // Xor b0 with b1 and store in b0
		#ifdef _APPLE_COMMON_CRYPTO_
		}
		else {
			// Read the plaintext into b1
			state_in(b1, in);
			key_in(b0, b1, kp);
		}
		#endif	/* _APPLE_COMMON_CRYPTO_ */
#endif	/* 0 */

#if defined(ENC_ROUND_CACHE_TABLES)
		itables(t_fn);
#endif

#if (ENC_UNROLL == FULL)

		switch(cx->rn)
		{
		case 14:
			round(fwd_rnd,  b1, b0, kp + 1 * N_COLS);
			round(fwd_rnd,  b0, b1, kp + 2 * N_COLS);
			kp += 2 * N_COLS;
		case 12:
			round(fwd_rnd,  b1, b0, kp + 1 * N_COLS);
			round(fwd_rnd,  b0, b1, kp + 2 * N_COLS);
			kp += 2 * N_COLS;
		case 10:
		default:
			round(fwd_rnd,  b1, b0, kp + 1 * N_COLS);
			round(fwd_rnd,  b0, b1, kp + 2 * N_COLS);
			round(fwd_rnd,  b1, b0, kp + 3 * N_COLS);
			round(fwd_rnd,  b0, b1, kp + 4 * N_COLS);
			round(fwd_rnd,  b1, b0, kp + 5 * N_COLS);
			round(fwd_rnd,  b0, b1, kp + 6 * N_COLS);
			round(fwd_rnd,  b1, b0, kp + 7 * N_COLS);
			round(fwd_rnd,  b0, b1, kp + 8 * N_COLS);
			round(fwd_rnd,  b1, b0, kp + 9 * N_COLS);
#if defined(LAST_ENC_ROUND_CACHE_TABLES)
			itables(t_fl);
#endif
			round(fwd_lrnd, b0, b1, kp +10 * N_COLS);
		}

#else

		{   aes_32t    rnd;
#if (ENC_UNROLL == PARTIAL)
			for(rnd = 0; rnd < (cx->rn >> 1) - 1; ++rnd)
			{
				kp += N_COLS;
				round(fwd_rnd, b1, b0, kp);
				kp += N_COLS;
				round(fwd_rnd, b0, b1, kp);
			}
			kp += N_COLS;
			round(fwd_rnd,  b1, b0, kp);
#else
			for(rnd = 0; rnd < cx->rn - 1; ++rnd)
			{
				kp += N_COLS;
				round(fwd_rnd, b1, b0, kp);
				l_copy(b0, b1);
			}
#endif
#if defined(LAST_ENC_ROUND_CACHE_TABLES)
			itables(t_fl);
#endif
			kp += N_COLS;
			round(fwd_lrnd, b0, b1, kp);
		}
#endif
	
		state_out(out, b0);
	}
	
	#ifdef _APPLE_COMMON_CRYPTO_
	if(cbcEnable) {
		state_out(cx->chainBuf, b0);
	}
	#endif

#if defined( AES_ERR_CHK )
    return aes_good;
#endif
}

#endif

#if defined(DECRYPTION) && !defined(AES_ASM)

/* Visual C++ .Net v7.1 provides the fastest encryption code when using
   Pentium optimiation with small code but this is poor for decryption
   so we need to control this with the following VC++ pragmas
*/

#if defined(_MSC_VER)
#pragma optimize( "t", on )
#endif

/* Given the column (c) of the output state variable, the following
   macros give the input state variables which are needed in its
   computation for each row (r) of the state. All the alternative
   macros give the same end values but expand into different ways
   of calculating these values.  In particular the complex macro
   used for dynamically variable block sizes is designed to expand
   to a compile time constant whenever possible but will expand to
   conditional clauses on some branches (I am grateful to Frank
   Yellin for this construction)
*/

#define inv_var(x,r,c)\
 ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\
 : r == 1 ? ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))\
 : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\
 :          ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0)))

#if defined(IT4_SET)
#undef  dec_imvars
#  if defined(DEC_ROUND_CACHE_TABLES)
#define inv_rnd(y,x,k,c)    (s(y,c) = (k)[c] ^ four_cached_tables(x,t_in,inv_var,rf1,c))
#  else
#define inv_rnd(y,x,k,c)    (s(y,c) = (k)[c] ^ four_tables(x,t_in,inv_var,rf1,c))
#  endif
#elif defined(IT1_SET)
#undef  dec_imvars
#define inv_rnd(y,x,k,c)    (s(y,c) = (k)[c] ^ one_table(x,upr,t_in,inv_var,rf1,c))
#else
#define inv_rnd(y,x,k,c)    (s(y,c) = inv_mcol((k)[c] ^ no_table(x,t_ibox,inv_var,rf1,c)))
#endif

#if defined(IL4_SET)
#  if defined(LAST_DEC_ROUND_CACHE_TABLES)
#define inv_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ four_cached_tables(x,t_il,inv_var,rf1,c))
#  else
#define inv_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ four_tables(x,t_il,inv_var,rf1,c))
#  endif
#elif defined(IL1_SET)
#define inv_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ one_table(x,ups,t_il,inv_var,rf1,c))
#else
#define inv_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ no_table(x,t_ibox,inv_var,rf1,c))
#endif


aes_rval aes_decrypt_cbc(const unsigned char *in, const unsigned char *in_iv, unsigned int num_blk,
					 unsigned char *out, aes_decrypt_ctx cx[1])
{   aes_32t        locals(b0, b1);
    const aes_32t *kptr = cx->ks + cx->rn * N_COLS;
	const aes_32t *kp;
#if defined(DEC_ROUND_CACHE_TABLES)
	dtables(t_in);
#endif
#if defined(LAST_DEC_ROUND_CACHE_TABLES)
	dtables(t_il);
#endif
	#ifdef		_APPLE_COMMON_CRYPTO_
	int cbcEnable = (cx->cbcEnable || in_iv) ? 1 : 0;
	unsigned char lastIv[AES_BLOCK_SIZE];
	
	/* fix a compiler warning... */
	b00 = 0; b01 = 0; b02=0; b03 = 0;
	#endif
	
#if defined( dec_imvars )
    dec_imvars; /* declare variables for inv_mcol() if needed */
#endif
	
#if defined( AES_ERR_CHK )
    if( cx->rn != 10 && cx->rn != 12 && cx->rn != 14 )
        return aes_error;
#endif

#if defined(DEC_ROUND_CACHE_TABLES)
	itables(t_in);
#endif	
	
	in += AES_BLOCK_SIZE * (num_blk - 1);
	out += AES_BLOCK_SIZE * (num_blk - 1);
	// Load the last block's ciphertext into b1
	state_in(b1, in);

	#ifdef	_APPLE_COMMON_CRYPTO_
	/* save that last ciphertext block for next op's chain */
	if(cbcEnable & (num_blk != 0)) {
		memmove(lastIv, in, AES_BLOCK_SIZE);
	}
	#endif
	
	for (;num_blk; out -= AES_BLOCK_SIZE, --num_blk)
	{
		kp = kptr;
		// Do the xor part of state_in, where b1 is the previous block's ciphertext.
		key_in(b0, b1, kp);

#if (DEC_UNROLL == FULL)
	
		switch(cx->rn)
		{
		case 14:
			round(inv_rnd,  b1, b0, kp -  1 * N_COLS);
			round(inv_rnd,  b0, b1, kp -  2 * N_COLS);
			kp -= 2 * N_COLS;
		case 12:
			round(inv_rnd,  b1, b0, kp -  1 * N_COLS);
			round(inv_rnd,  b0, b1, kp -  2 * N_COLS);
			kp -= 2 * N_COLS;
		case 10:
		default:
			round(inv_rnd,  b1, b0, kp -  1 * N_COLS);
			round(inv_rnd,  b0, b1, kp -  2 * N_COLS);
			round(inv_rnd,  b1, b0, kp -  3 * N_COLS);
			round(inv_rnd,  b0, b1, kp -  4 * N_COLS);
			round(inv_rnd,  b1, b0, kp -  5 * N_COLS);
			round(inv_rnd,  b0, b1, kp -  6 * N_COLS);
			round(inv_rnd,  b1, b0, kp -  7 * N_COLS);
			round(inv_rnd,  b0, b1, kp -  8 * N_COLS);
			round(inv_rnd,  b1, b0, kp -  9 * N_COLS);
#if defined(LAST_DEC_ROUND_CACHE_TABLES)
			itables(t_il);
#endif	
			round(inv_lrnd, b0, b1, kp - 10 * N_COLS);
		}

#else
	
		{   aes_32t    rnd;
#if (DEC_UNROLL == PARTIAL)
			for(rnd = 0; rnd < (cx->rn >> 1) - 1; ++rnd)
			{
				kp -= N_COLS;
				round(inv_rnd, b1, b0, kp);
				kp -= N_COLS;
				round(inv_rnd, b0, b1, kp);
			}
			kp -= N_COLS;
			round(inv_rnd, b1, b0, kp);
#else
			for(rnd = 0; rnd < cx->rn - 1; ++rnd)
			{
				kp -= N_COLS;
				round(inv_rnd, b1, b0, kp);
				l_copy(b0, b1);
			}
#endif
#if defined(LAST_DEC_ROUND_CACHE_TABLES)
			itables(t_il);
#endif	
			kp -= N_COLS;
			round(inv_lrnd, b0, b1, kp);
		}
#endif

		#ifdef	_APPLE_COMMON_CRYPTO_
		if(cbcEnable) {
			if (num_blk == 1)
			{
				// We are doing the first block so we need the IV rather than the previous
				// block for CBC (there is no previous block)
				if(in_iv) {
					state_in(b1, in_iv);
				}
				else {
					state_in(b1, cx->chainBuf);
				}
			}
			else
			{
				in -= AES_BLOCK_SIZE;
				state_in(b1, in);
			}

			// Do the CBC with b1 which is either the IV or the ciphertext of 
			// the previous block.
			cbc(b0, b1);
		}
		else {
			if (num_blk != 1) {
				/* skip this the last time through */
				in -= AES_BLOCK_SIZE;
				state_in(b1, in);
			}
		}
		#endif	/* _APPLE_COMMON_CRYPTO_ */
		state_out(out, b0);
	}

	#ifdef	_APPLE_COMMON_CRYPTO_
	/* save last ciphertext block for next op's chain */
	if(cbcEnable) {
		memmove(cx->chainBuf, lastIv, AES_BLOCK_SIZE);
	}
	#endif
	
#if defined( AES_ERR_CHK )
    return aes_good;
#endif
}

#endif

#if defined(__cplusplus)
}
#endif

#endif	// defined UseGladmanAES

Added Source/GladmanAES/aeskey.c.

















































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
/*
 ---------------------------------------------------------------------------
 Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.   All rights reserved.

 LICENSE TERMS

 The free distribution and use of this software in both source and binary
 form is allowed (with or without changes) provided that:

   1. distributions of this source code include the above copyright
      notice, this list of conditions and the following disclaimer;

   2. distributions in binary form include the above copyright
      notice, this list of conditions and the following disclaimer
      in the documentation and/or other associated materials;

   3. the copyright holder's name is not used to endorse products
      built using this software without specific written permission.

 ALTERNATIVELY, provided that this notice is retained in full, this product
 may be distributed under the terms of the GNU General Public License (GPL),
 in which case the provisions of the GPL apply INSTEAD OF those given above.

 DISCLAIMER

 This software is provided 'as is' with no explicit or implied warranties
 in respect of its properties, including, but not limited to, correctness
 and/or fitness for purpose.
 ---------------------------------------------------------------------------
 Issue Date: 26/08/2003

 This file contains the code for implementing the key schedule for AES
 (Rijndael) for block and key sizes of 16, 24, and 32 bytes. See aesopt.h
 for further details including optimisation.
*/

#include <CommonCrypto/aesopt.h>
#include "aestab.h"
#include <string.h>

/*	Produce object code iff UseGladmanAES is defined.  Otherwise, suppress
	use of this module, because some other AES implementation is being used.
*/
#if defined UseGladmanAES

#if defined(__cplusplus)
extern "C"
{
#endif

/* Initialise the key schedule from the user supplied key. The key
   length can be specified in bytes, with legal values of 16, 24
   and 32, or in bits, with legal values of 128, 192 and 256. These
   values correspond with Nk values of 4, 6 and 8 respectively.

   The following macros implement a single cycle in the key
   schedule generation process. The number of cycles needed
   for each cx->n_col and nk value is:

    nk =             4  5  6  7  8
    ------------------------------
    cx->n_col = 4   10  9  8  7  7
    cx->n_col = 5   14 11 10  9  9
    cx->n_col = 6   19 15 12 11 11
    cx->n_col = 7   21 19 16 13 14
    cx->n_col = 8   29 23 19 17 14
*/

#define ke4(k,i) \
{   k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+5] = ss[1] ^= ss[0]; \
    k[4*(i)+6] = ss[2] ^= ss[1]; k[4*(i)+7] = ss[3] ^= ss[2]; \
}
#define kel4(k,i) \
{   k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+5] = ss[1] ^= ss[0]; \
    k[4*(i)+6] = ss[2] ^= ss[1]; k[4*(i)+7] = ss[3] ^= ss[2]; \
}

#define ke6(k,i) \
{   k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 7] = ss[1] ^= ss[0]; \
    k[6*(i)+ 8] = ss[2] ^= ss[1]; k[6*(i)+ 9] = ss[3] ^= ss[2]; \
    k[6*(i)+10] = ss[4] ^= ss[3]; k[6*(i)+11] = ss[5] ^= ss[4]; \
}
#define kel6(k,i) \
{   k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 7] = ss[1] ^= ss[0]; \
    k[6*(i)+ 8] = ss[2] ^= ss[1]; k[6*(i)+ 9] = ss[3] ^= ss[2]; \
}

#define ke8(k,i) \
{   k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 9] = ss[1] ^= ss[0]; \
    k[8*(i)+10] = ss[2] ^= ss[1]; k[8*(i)+11] = ss[3] ^= ss[2]; \
    k[8*(i)+12] = ss[4] ^= ls_box(ss[3],0); k[8*(i)+13] = ss[5] ^= ss[4]; \
    k[8*(i)+14] = ss[6] ^= ss[5]; k[8*(i)+15] = ss[7] ^= ss[6]; \
}
#define kel8(k,i) \
{   k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 9] = ss[1] ^= ss[0]; \
    k[8*(i)+10] = ss[2] ^= ss[1]; k[8*(i)+11] = ss[3] ^= ss[2]; \
}

#if defined(ENCRYPTION_KEY_SCHEDULE)

#if defined(AES_128) || defined(AES_VAR)

aes_rval aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1])
{   aes_32t    ss[4];

    cx->ks[0] = ss[0] = word_in(key, 0);
    cx->ks[1] = ss[1] = word_in(key, 1);
    cx->ks[2] = ss[2] = word_in(key, 2);
    cx->ks[3] = ss[3] = word_in(key, 3);

#if ENC_UNROLL == NONE
    {   aes_32t i;

        for(i = 0; i < ((11 * N_COLS - 5) / 4); ++i)
            ke4(cx->ks, i);
    }
#else
    ke4(cx->ks, 0);  ke4(cx->ks, 1);
    ke4(cx->ks, 2);  ke4(cx->ks, 3);
    ke4(cx->ks, 4);  ke4(cx->ks, 5);
    ke4(cx->ks, 6);  ke4(cx->ks, 7);
    ke4(cx->ks, 8);
#endif
    kel4(cx->ks, 9);
    cx->rn = 10;
	#if CC_AES_USE_HARDWARE
	bcopy(key, cx->keyBytes, 16);
	cx->keyLength = 16;
	#endif
#if defined( AES_ERR_CHK )
    return aes_good;
#endif
}

#endif

#if defined(AES_192) || defined(AES_VAR)

aes_rval aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1])
{   aes_32t    ss[6];

    cx->ks[0] = ss[0] = word_in(key, 0);
    cx->ks[1] = ss[1] = word_in(key, 1);
    cx->ks[2] = ss[2] = word_in(key, 2);
    cx->ks[3] = ss[3] = word_in(key, 3);
    cx->ks[4] = ss[4] = word_in(key, 4);
    cx->ks[5] = ss[5] = word_in(key, 5);

#if ENC_UNROLL == NONE
    {   aes_32t i;

        for(i = 0; i < (13 * N_COLS - 7) / 6; ++i)
            ke6(cx->ks, i);
    }
#else
    ke6(cx->ks, 0);  ke6(cx->ks, 1);
    ke6(cx->ks, 2);  ke6(cx->ks, 3);
    ke6(cx->ks, 4);  ke6(cx->ks, 5);
    ke6(cx->ks, 6);
#endif
    kel6(cx->ks, 7);
    cx->rn = 12;
	#if CC_AES_USE_HARDWARE
	bcopy(key, cx->keyBytes, 24);
	cx->keyLength = 24;
	#endif
#if defined( AES_ERR_CHK )
    return aes_good;
#endif
}

#endif

#if defined(AES_256) || defined(AES_VAR)

aes_rval aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1])
{   aes_32t    ss[8];

    cx->ks[0] = ss[0] = word_in(key, 0);
    cx->ks[1] = ss[1] = word_in(key, 1);
    cx->ks[2] = ss[2] = word_in(key, 2);
    cx->ks[3] = ss[3] = word_in(key, 3);
    cx->ks[4] = ss[4] = word_in(key, 4);
    cx->ks[5] = ss[5] = word_in(key, 5);
    cx->ks[6] = ss[6] = word_in(key, 6);
    cx->ks[7] = ss[7] = word_in(key, 7);

#if ENC_UNROLL == NONE
    {   aes_32t i;

        for(i = 0; i < (15 * N_COLS - 9) / 8; ++i)
            ke8(cx->ks,  i);
    }
#else
    ke8(cx->ks, 0); ke8(cx->ks, 1);
    ke8(cx->ks, 2); ke8(cx->ks, 3);
    ke8(cx->ks, 4); ke8(cx->ks, 5);
#endif
    kel8(cx->ks, 6);
    cx->rn = 14;
	#if CC_AES_USE_HARDWARE
	bcopy(key, cx->keyBytes, 32);
	cx->keyLength = 32;
	#endif
#if defined( AES_ERR_CHK )
    return aes_good;
#endif
}

#endif

#if defined(AES_VAR)

aes_rval aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1])
{
    switch(key_len)
    {
#if defined( AES_ERR_CHK )
    case 16: case 128: return aes_encrypt_key128(key, cx);
    case 24: case 192: return aes_encrypt_key192(key, cx);
    case 32: case 256: return aes_encrypt_key256(key, cx);
    default: return aes_error;
#else
    case 16: case 128: aes_encrypt_key128(key, cx); return;
    case 24: case 192: aes_encrypt_key192(key, cx); return;
    case 32: case 256: aes_encrypt_key256(key, cx); return;
#endif
    }
}

#endif

#endif

#if defined(DECRYPTION_KEY_SCHEDULE)

#if DEC_ROUND == NO_TABLES
#define ff(x)   (x)
#else
#define ff(x)   inv_mcol(x)
#if defined( dec_imvars )
#define d_vars  dec_imvars
#endif
#endif

#if 1
#define kdf4(k,i) \
{   ss[0] = ss[0] ^ ss[2] ^ ss[1] ^ ss[3]; ss[1] = ss[1] ^ ss[3]; ss[2] = ss[2] ^ ss[3]; ss[3] = ss[3]; \
    ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; \
    ss[4] ^= k[4*(i)];   k[4*(i)+4] = ff(ss[4]); ss[4] ^= k[4*(i)+1]; k[4*(i)+5] = ff(ss[4]); \
    ss[4] ^= k[4*(i)+2]; k[4*(i)+6] = ff(ss[4]); ss[4] ^= k[4*(i)+3]; k[4*(i)+7] = ff(ss[4]); \
}
#define kd4(k,i) \
{   ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; ss[4] = ff(ss[4]); \
    k[4*(i)+4] = ss[4] ^= k[4*(i)]; k[4*(i)+5] = ss[4] ^= k[4*(i)+1]; \
    k[4*(i)+6] = ss[4] ^= k[4*(i)+2]; k[4*(i)+7] = ss[4] ^= k[4*(i)+3]; \
}
#define kdl4(k,i) \
{   ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; \
    k[4*(i)+4] = (ss[0] ^= ss[1]) ^ ss[2] ^ ss[3]; k[4*(i)+5] = ss[1] ^ ss[3]; \
    k[4*(i)+6] = ss[0]; k[4*(i)+7] = ss[1]; \
}
#else
#define kdf4(k,i) \
{   ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+ 4] = ff(ss[0]); ss[1] ^= ss[0]; k[4*(i)+ 5] = ff(ss[1]); \
    ss[2] ^= ss[1]; k[4*(i)+ 6] = ff(ss[2]); ss[3] ^= ss[2]; k[4*(i)+ 7] = ff(ss[3]); \
}
#define kd4(k,i) \
{   ss[4] = ls_box(ss[3],3) ^ t_use(r,c)[i]; \
    ss[0] ^= ss[4]; ss[4] = ff(ss[4]); k[4*(i)+ 4] = ss[4] ^= k[4*(i)]; \
    ss[1] ^= ss[0]; k[4*(i)+ 5] = ss[4] ^= k[4*(i)+ 1]; \
    ss[2] ^= ss[1]; k[4*(i)+ 6] = ss[4] ^= k[4*(i)+ 2]; \
    ss[3] ^= ss[2]; k[4*(i)+ 7] = ss[4] ^= k[4*(i)+ 3]; \
}
#define kdl4(k,i) \
{   ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+ 4] = ss[0]; ss[1] ^= ss[0]; k[4*(i)+ 5] = ss[1]; \
    ss[2] ^= ss[1]; k[4*(i)+ 6] = ss[2]; ss[3] ^= ss[2]; k[4*(i)+ 7] = ss[3]; \
}
#endif

#define kdf6(k,i) \
{   ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 6] = ff(ss[0]); ss[1] ^= ss[0]; k[6*(i)+ 7] = ff(ss[1]); \
    ss[2] ^= ss[1]; k[6*(i)+ 8] = ff(ss[2]); ss[3] ^= ss[2]; k[6*(i)+ 9] = ff(ss[3]); \
    ss[4] ^= ss[3]; k[6*(i)+10] = ff(ss[4]); ss[5] ^= ss[4]; k[6*(i)+11] = ff(ss[5]); \
}
#define kd6(k,i) \
{   ss[6] = ls_box(ss[5],3) ^ t_use(r,c)[i]; \
    ss[0] ^= ss[6]; ss[6] = ff(ss[6]); k[6*(i)+ 6] = ss[6] ^= k[6*(i)]; \
    ss[1] ^= ss[0]; k[6*(i)+ 7] = ss[6] ^= k[6*(i)+ 1]; \
    ss[2] ^= ss[1]; k[6*(i)+ 8] = ss[6] ^= k[6*(i)+ 2]; \
    ss[3] ^= ss[2]; k[6*(i)+ 9] = ss[6] ^= k[6*(i)+ 3]; \
    ss[4] ^= ss[3]; k[6*(i)+10] = ss[6] ^= k[6*(i)+ 4]; \
    ss[5] ^= ss[4]; k[6*(i)+11] = ss[6] ^= k[6*(i)+ 5]; \
}
#define kdl6(k,i) \
{   ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 6] = ss[0]; ss[1] ^= ss[0]; k[6*(i)+ 7] = ss[1]; \
    ss[2] ^= ss[1]; k[6*(i)+ 8] = ss[2]; ss[3] ^= ss[2]; k[6*(i)+ 9] = ss[3]; \
}

#define kdf8(k,i) \
{   ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 8] = ff(ss[0]); ss[1] ^= ss[0]; k[8*(i)+ 9] = ff(ss[1]); \
    ss[2] ^= ss[1]; k[8*(i)+10] = ff(ss[2]); ss[3] ^= ss[2]; k[8*(i)+11] = ff(ss[3]); \
    ss[4] ^= ls_box(ss[3],0); k[8*(i)+12] = ff(ss[4]); ss[5] ^= ss[4]; k[8*(i)+13] = ff(ss[5]); \
    ss[6] ^= ss[5]; k[8*(i)+14] = ff(ss[6]); ss[7] ^= ss[6]; k[8*(i)+15] = ff(ss[7]); \
}
#define kd8(k,i) \
{   aes_32t g = ls_box(ss[7],3) ^ t_use(r,c)[i]; \
    ss[0] ^= g; g = ff(g); k[8*(i)+ 8] = g ^= k[8*(i)]; \
    ss[1] ^= ss[0]; k[8*(i)+ 9] = g ^= k[8*(i)+ 1]; \
    ss[2] ^= ss[1]; k[8*(i)+10] = g ^= k[8*(i)+ 2]; \
    ss[3] ^= ss[2]; k[8*(i)+11] = g ^= k[8*(i)+ 3]; \
    g = ls_box(ss[3],0); \
    ss[4] ^= g; g = ff(g); k[8*(i)+12] = g ^= k[8*(i)+ 4]; \
    ss[5] ^= ss[4]; k[8*(i)+13] = g ^= k[8*(i)+ 5]; \
    ss[6] ^= ss[5]; k[8*(i)+14] = g ^= k[8*(i)+ 6]; \
    ss[7] ^= ss[6]; k[8*(i)+15] = g ^= k[8*(i)+ 7]; \
}
#define kdl8(k,i) \
{   ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 8] = ss[0]; ss[1] ^= ss[0]; k[8*(i)+ 9] = ss[1]; \
    ss[2] ^= ss[1]; k[8*(i)+10] = ss[2]; ss[3] ^= ss[2]; k[8*(i)+11] = ss[3]; \
}

#if defined(AES_128) || defined(AES_VAR)

aes_rval aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1])
{   aes_32t    ss[5];
#if defined( d_vars )
        d_vars;
#endif
    cx->ks[0] = ss[0] = word_in(key, 0);
    cx->ks[1] = ss[1] = word_in(key, 1);
    cx->ks[2] = ss[2] = word_in(key, 2);
    cx->ks[3] = ss[3] = word_in(key, 3);

#if DEC_UNROLL == NONE
    {   aes_32t i;

        for(i = 0; i < (11 * N_COLS - 5) / 4; ++i)
            ke4(cx->ks, i);
        kel4(cx->ks, 9);
#if !(DEC_ROUND == NO_TABLES)
        for(i = N_COLS; i < 10 * N_COLS; ++i)
            cx->ks[i] = inv_mcol(cx->ks[i]);
#endif
    }
#else
    kdf4(cx->ks, 0);  kd4(cx->ks, 1);
     kd4(cx->ks, 2);  kd4(cx->ks, 3);
     kd4(cx->ks, 4);  kd4(cx->ks, 5);
     kd4(cx->ks, 6);  kd4(cx->ks, 7);
     kd4(cx->ks, 8); kdl4(cx->ks, 9);
#endif
    cx->rn = 10;
	#if CC_AES_USE_HARDWARE
	bcopy(key, cx->keyBytes, 16);
	cx->keyLength = 16;
	#endif
#if defined( AES_ERR_CHK )
    return aes_good;
#endif
}

#endif

#if defined(AES_192) || defined(AES_VAR)

aes_rval aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1])
{   aes_32t    ss[7];
#if defined( d_vars )
        d_vars;
#endif
    cx->ks[0] = ss[0] = word_in(key, 0);
    cx->ks[1] = ss[1] = word_in(key, 1);
    cx->ks[2] = ss[2] = word_in(key, 2);
    cx->ks[3] = ss[3] = word_in(key, 3);

#if DEC_UNROLL == NONE
    cx->ks[4] = ss[4] = word_in(key, 4);
    cx->ks[5] = ss[5] = word_in(key, 5);
    {   aes_32t i;

        for(i = 0; i < (13 * N_COLS - 7) / 6; ++i)
            ke6(cx->ks, i);
        kel6(cx->ks, 7);
#if !(DEC_ROUND == NO_TABLES)
        for(i = N_COLS; i < 12 * N_COLS; ++i)
            cx->ks[i] = inv_mcol(cx->ks[i]);
#endif
    }
#else
    cx->ks[4] = ff(ss[4] = word_in(key, 4));
    cx->ks[5] = ff(ss[5] = word_in(key, 5));
    kdf6(cx->ks, 0); kd6(cx->ks, 1);
    kd6(cx->ks, 2);  kd6(cx->ks, 3);
    kd6(cx->ks, 4);  kd6(cx->ks, 5);
    kd6(cx->ks, 6); kdl6(cx->ks, 7);
#endif
    cx->rn = 12;
	#if CC_AES_USE_HARDWARE
	bcopy(key, cx->keyBytes, 24);
	cx->keyLength = 24;
	#endif
#if defined( AES_ERR_CHK )
    return aes_good;
#endif
}

#endif

#if defined(AES_256) || defined(AES_VAR)

aes_rval aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1])
{   aes_32t    ss[8];
#if defined( d_vars )
        d_vars;
#endif
    cx->ks[0] = ss[0] = word_in(key, 0);
    cx->ks[1] = ss[1] = word_in(key, 1);
    cx->ks[2] = ss[2] = word_in(key, 2);
    cx->ks[3] = ss[3] = word_in(key, 3);

#if DEC_UNROLL == NONE
    cx->ks[4] = ss[4] = word_in(key, 4);
    cx->ks[5] = ss[5] = word_in(key, 5);
    cx->ks[6] = ss[6] = word_in(key, 6);
    cx->ks[7] = ss[7] = word_in(key, 7);
    {   aes_32t i;

        for(i = 0; i < (15 * N_COLS - 9) / 8; ++i)
            ke8(cx->ks,  i);
        kel8(cx->ks,  i);
#if !(DEC_ROUND == NO_TABLES)
        for(i = N_COLS; i < 14 * N_COLS; ++i)
            cx->ks[i] = inv_mcol(cx->ks[i]);

#endif
    }
#else
    cx->ks[4] = ff(ss[4] = word_in(key, 4));
    cx->ks[5] = ff(ss[5] = word_in(key, 5));
    cx->ks[6] = ff(ss[6] = word_in(key, 6));
    cx->ks[7] = ff(ss[7] = word_in(key, 7));
    kdf8(cx->ks, 0); kd8(cx->ks, 1);
    kd8(cx->ks, 2);  kd8(cx->ks, 3);
    kd8(cx->ks, 4);  kd8(cx->ks, 5);
    kdl8(cx->ks, 6);
#endif
    cx->rn = 14;
	#if CC_AES_USE_HARDWARE
	bcopy(key, cx->keyBytes, 32);
	cx->keyLength = 32;
	#endif
#if defined( AES_ERR_CHK )
    return aes_good;
#endif
}

#endif

#if defined(AES_VAR)

aes_rval aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1])
{
    switch(key_len)
    {
#if defined( AES_ERR_CHK )
    case 16: case 128: return aes_decrypt_key128(key, cx);
    case 24: case 192: return aes_decrypt_key192(key, cx);
    case 32: case 256: return aes_decrypt_key256(key, cx);
    default: return aes_error;
#else
    case 16: case 128: aes_decrypt_key128(key, cx); return;
    case 24: case 192: aes_decrypt_key192(key, cx); return;
    case 32: case 256: aes_decrypt_key256(key, cx); return;
#endif
    }
}

#endif

#endif


#if defined(__cplusplus)
}
#endif

#endif	// defined UseGladmanAES

Added Source/GladmanAES/aestab.c.













































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
/*
 ---------------------------------------------------------------------------
 Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.   All rights reserved.

 LICENSE TERMS

 The free distribution and use of this software in both source and binary
 form is allowed (with or without changes) provided that:

   1. distributions of this source code include the above copyright
      notice, this list of conditions and the following disclaimer;

   2. distributions in binary form include the above copyright
      notice, this list of conditions and the following disclaimer
      in the documentation and/or other associated materials;

   3. the copyright holder's name is not used to endorse products
      built using this software without specific written permission.

 ALTERNATIVELY, provided that this notice is retained in full, this product
 may be distributed under the terms of the GNU General Public License (GPL),
 in which case the provisions of the GPL apply INSTEAD OF those given above.

 DISCLAIMER

 This software is provided 'as is' with no explicit or implied warranties
 in respect of its properties, including, but not limited to, correctness
 and/or fitness for purpose.
 ---------------------------------------------------------------------------
 Issue 28/01/2004

*/

#if defined(__cplusplus)
extern "C"
{
#endif

#define DO_TABLES

#include <CommonCrypto/aesopt.h>

/*	Produce object code iff UseGladmanAES is defined.  Otherwise, suppress
	use of this module, because some other AES implementation is being used.
*/
#if defined UseGladmanAES

#if defined(FIXED_TABLES)

#define sb_data(w) {\
    w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5),\
    w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76),\
    w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0),\
    w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0),\
    w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc),\
    w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15),\
    w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a),\
    w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75),\
    w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0),\
    w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84),\
    w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b),\
    w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf),\
    w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85),\
    w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8),\
    w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5),\
    w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2),\
    w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17),\
    w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73),\
    w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88),\
    w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb),\
    w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c),\
    w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79),\
    w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9),\
    w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08),\
    w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6),\
    w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a),\
    w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e),\
    w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e),\
    w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94),\
    w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf),\
    w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68),\
    w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16) }

#define isb_data(w) {\
    w(0x52), w(0x09), w(0x6a), w(0xd5), w(0x30), w(0x36), w(0xa5), w(0x38),\
    w(0xbf), w(0x40), w(0xa3), w(0x9e), w(0x81), w(0xf3), w(0xd7), w(0xfb),\
    w(0x7c), w(0xe3), w(0x39), w(0x82), w(0x9b), w(0x2f), w(0xff), w(0x87),\
    w(0x34), w(0x8e), w(0x43), w(0x44), w(0xc4), w(0xde), w(0xe9), w(0xcb),\
    w(0x54), w(0x7b), w(0x94), w(0x32), w(0xa6), w(0xc2), w(0x23), w(0x3d),\
    w(0xee), w(0x4c), w(0x95), w(0x0b), w(0x42), w(0xfa), w(0xc3), w(0x4e),\
    w(0x08), w(0x2e), w(0xa1), w(0x66), w(0x28), w(0xd9), w(0x24), w(0xb2),\
    w(0x76), w(0x5b), w(0xa2), w(0x49), w(0x6d), w(0x8b), w(0xd1), w(0x25),\
    w(0x72), w(0xf8), w(0xf6), w(0x64), w(0x86), w(0x68), w(0x98), w(0x16),\
    w(0xd4), w(0xa4), w(0x5c), w(0xcc), w(0x5d), w(0x65), w(0xb6), w(0x92),\
    w(0x6c), w(0x70), w(0x48), w(0x50), w(0xfd), w(0xed), w(0xb9), w(0xda),\
    w(0x5e), w(0x15), w(0x46), w(0x57), w(0xa7), w(0x8d), w(0x9d), w(0x84),\
    w(0x90), w(0xd8), w(0xab), w(0x00), w(0x8c), w(0xbc), w(0xd3), w(0x0a),\
    w(0xf7), w(0xe4), w(0x58), w(0x05), w(0xb8), w(0xb3), w(0x45), w(0x06),\
    w(0xd0), w(0x2c), w(0x1e), w(0x8f), w(0xca), w(0x3f), w(0x0f), w(0x02),\
    w(0xc1), w(0xaf), w(0xbd), w(0x03), w(0x01), w(0x13), w(0x8a), w(0x6b),\
    w(0x3a), w(0x91), w(0x11), w(0x41), w(0x4f), w(0x67), w(0xdc), w(0xea),\
    w(0x97), w(0xf2), w(0xcf), w(0xce), w(0xf0), w(0xb4), w(0xe6), w(0x73),\
    w(0x96), w(0xac), w(0x74), w(0x22), w(0xe7), w(0xad), w(0x35), w(0x85),\
    w(0xe2), w(0xf9), w(0x37), w(0xe8), w(0x1c), w(0x75), w(0xdf), w(0x6e),\
    w(0x47), w(0xf1), w(0x1a), w(0x71), w(0x1d), w(0x29), w(0xc5), w(0x89),\
    w(0x6f), w(0xb7), w(0x62), w(0x0e), w(0xaa), w(0x18), w(0xbe), w(0x1b),\
    w(0xfc), w(0x56), w(0x3e), w(0x4b), w(0xc6), w(0xd2), w(0x79), w(0x20),\
    w(0x9a), w(0xdb), w(0xc0), w(0xfe), w(0x78), w(0xcd), w(0x5a), w(0xf4),\
    w(0x1f), w(0xdd), w(0xa8), w(0x33), w(0x88), w(0x07), w(0xc7), w(0x31),\
    w(0xb1), w(0x12), w(0x10), w(0x59), w(0x27), w(0x80), w(0xec), w(0x5f),\
    w(0x60), w(0x51), w(0x7f), w(0xa9), w(0x19), w(0xb5), w(0x4a), w(0x0d),\
    w(0x2d), w(0xe5), w(0x7a), w(0x9f), w(0x93), w(0xc9), w(0x9c), w(0xef),\
    w(0xa0), w(0xe0), w(0x3b), w(0x4d), w(0xae), w(0x2a), w(0xf5), w(0xb0),\
    w(0xc8), w(0xeb), w(0xbb), w(0x3c), w(0x83), w(0x53), w(0x99), w(0x61),\
    w(0x17), w(0x2b), w(0x04), w(0x7e), w(0xba), w(0x77), w(0xd6), w(0x26),\
    w(0xe1), w(0x69), w(0x14), w(0x63), w(0x55), w(0x21), w(0x0c), w(0x7d) }

#define mm_data(w) {\
    w(0x00), w(0x01), w(0x02), w(0x03), w(0x04), w(0x05), w(0x06), w(0x07),\
    w(0x08), w(0x09), w(0x0a), w(0x0b), w(0x0c), w(0x0d), w(0x0e), w(0x0f),\
    w(0x10), w(0x11), w(0x12), w(0x13), w(0x14), w(0x15), w(0x16), w(0x17),\
    w(0x18), w(0x19), w(0x1a), w(0x1b), w(0x1c), w(0x1d), w(0x1e), w(0x1f),\
    w(0x20), w(0x21), w(0x22), w(0x23), w(0x24), w(0x25), w(0x26), w(0x27),\
    w(0x28), w(0x29), w(0x2a), w(0x2b), w(0x2c), w(0x2d), w(0x2e), w(0x2f),\
    w(0x30), w(0x31), w(0x32), w(0x33), w(0x34), w(0x35), w(0x36), w(0x37),\
    w(0x38), w(0x39), w(0x3a), w(0x3b), w(0x3c), w(0x3d), w(0x3e), w(0x3f),\
    w(0x40), w(0x41), w(0x42), w(0x43), w(0x44), w(0x45), w(0x46), w(0x47),\
    w(0x48), w(0x49), w(0x4a), w(0x4b), w(0x4c), w(0x4d), w(0x4e), w(0x4f),\
    w(0x50), w(0x51), w(0x52), w(0x53), w(0x54), w(0x55), w(0x56), w(0x57),\
    w(0x58), w(0x59), w(0x5a), w(0x5b), w(0x5c), w(0x5d), w(0x5e), w(0x5f),\
    w(0x60), w(0x61), w(0x62), w(0x63), w(0x64), w(0x65), w(0x66), w(0x67),\
    w(0x68), w(0x69), w(0x6a), w(0x6b), w(0x6c), w(0x6d), w(0x6e), w(0x6f),\
    w(0x70), w(0x71), w(0x72), w(0x73), w(0x74), w(0x75), w(0x76), w(0x77),\
    w(0x78), w(0x79), w(0x7a), w(0x7b), w(0x7c), w(0x7d), w(0x7e), w(0x7f),\
    w(0x80), w(0x81), w(0x82), w(0x83), w(0x84), w(0x85), w(0x86), w(0x87),\
    w(0x88), w(0x89), w(0x8a), w(0x8b), w(0x8c), w(0x8d), w(0x8e), w(0x8f),\
    w(0x90), w(0x91), w(0x92), w(0x93), w(0x94), w(0x95), w(0x96), w(0x97),\
    w(0x98), w(0x99), w(0x9a), w(0x9b), w(0x9c), w(0x9d), w(0x9e), w(0x9f),\
    w(0xa0), w(0xa1), w(0xa2), w(0xa3), w(0xa4), w(0xa5), w(0xa6), w(0xa7),\
    w(0xa8), w(0xa9), w(0xaa), w(0xab), w(0xac), w(0xad), w(0xae), w(0xaf),\
    w(0xb0), w(0xb1), w(0xb2), w(0xb3), w(0xb4), w(0xb5), w(0xb6), w(0xb7),\
    w(0xb8), w(0xb9), w(0xba), w(0xbb), w(0xbc), w(0xbd), w(0xbe), w(0xbf),\
    w(0xc0), w(0xc1), w(0xc2), w(0xc3), w(0xc4), w(0xc5), w(0xc6), w(0xc7),\
    w(0xc8), w(0xc9), w(0xca), w(0xcb), w(0xcc), w(0xcd), w(0xce), w(0xcf),\
    w(0xd0), w(0xd1), w(0xd2), w(0xd3), w(0xd4), w(0xd5), w(0xd6), w(0xd7),\
    w(0xd8), w(0xd9), w(0xda), w(0xdb), w(0xdc), w(0xdd), w(0xde), w(0xdf),\
    w(0xe0), w(0xe1), w(0xe2), w(0xe3), w(0xe4), w(0xe5), w(0xe6), w(0xe7),\
    w(0xe8), w(0xe9), w(0xea), w(0xeb), w(0xec), w(0xed), w(0xee), w(0xef),\
    w(0xf0), w(0xf1), w(0xf2), w(0xf3), w(0xf4), w(0xf5), w(0xf6), w(0xf7),\
    w(0xf8), w(0xf9), w(0xfa), w(0xfb), w(0xfc), w(0xfd), w(0xfe), w(0xff) }

#define rc_data(w) {\
    w(0x01), w(0x02), w(0x04), w(0x08), w(0x10),w(0x20), w(0x40), w(0x80),\
    w(0x1b), w(0x36) }

#define h0(x)   (x)

#define w0(p)   bytes2word(p, 0, 0, 0)
#define w1(p)   bytes2word(0, p, 0, 0)
#define w2(p)   bytes2word(0, 0, p, 0)
#define w3(p)   bytes2word(0, 0, 0, p)

#define u0(p)   bytes2word(f2(p), p, p, f3(p))
#define u1(p)   bytes2word(f3(p), f2(p), p, p)
#define u2(p)   bytes2word(p, f3(p), f2(p), p)
#define u3(p)   bytes2word(p, p, f3(p), f2(p))

#define v0(p)   bytes2word(fe(p), f9(p), fd(p), fb(p))
#define v1(p)   bytes2word(fb(p), fe(p), f9(p), fd(p))
#define v2(p)   bytes2word(fd(p), fb(p), fe(p), f9(p))
#define v3(p)   bytes2word(f9(p), fd(p), fb(p), fe(p))

#endif

#if defined(FIXED_TABLES) || !defined(FF_TABLES)

#define f2(x)   ((x<<1) ^ (((x>>7) & 1) * WPOLY))
#define f4(x)   ((x<<2) ^ (((x>>6) & 1) * WPOLY) ^ (((x>>6) & 2) * WPOLY))
#define f8(x)   ((x<<3) ^ (((x>>5) & 1) * WPOLY) ^ (((x>>5) & 2) * WPOLY) \
                        ^ (((x>>5) & 4) * WPOLY))
#define f3(x)   (f2(x) ^ x)
#define f9(x)   (f8(x) ^ x)
#define fb(x)   (f8(x) ^ f2(x) ^ x)
#define fd(x)   (f8(x) ^ f4(x) ^ x)
#define fe(x)   (f8(x) ^ f4(x) ^ f2(x))

#else

#define f2(x) ((x) ? pow[log[x] + 0x19] : 0)
#define f3(x) ((x) ? pow[log[x] + 0x01] : 0)
#define f9(x) ((x) ? pow[log[x] + 0xc7] : 0)
#define fb(x) ((x) ? pow[log[x] + 0x68] : 0)
#define fd(x) ((x) ? pow[log[x] + 0xee] : 0)
#define fe(x) ((x) ? pow[log[x] + 0xdf] : 0)
#define fi(x) ((x) ? pow[ 255 - log[x]] : 0)

#endif

#include "aestab.h"

#if defined(FIXED_TABLES)

/* implemented in case of wrong call for fixed tables */

void gen_tabs(void)
{
}

#else   /* dynamic table generation */

#if !defined(FF_TABLES)

/*  Generate the tables for the dynamic table option

    It will generally be sensible to use tables to compute finite
    field multiplies and inverses but where memory is scarse this
    code might sometimes be better. But it only has effect during
    initialisation so its pretty unimportant in overall terms.
*/

/*  return 2 ^ (n - 1) where n is the bit number of the highest bit
    set in x with x in the range 1 < x < 0x00000200.   This form is
    used so that locals within fi can be bytes rather than words
*/

static aes_08t hibit(const aes_32t x)
{   aes_08t r = (aes_08t)((x >> 1) | (x >> 2));

    r |= (r >> 2);
    r |= (r >> 4);
    return (r + 1) >> 1;
}

/* return the inverse of the finite field element x */

static aes_08t fi(const aes_08t x)
{   aes_08t p1 = x, p2 = BPOLY, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0;

    if(x < 2) return x;

    for(;;)
    {
        if(!n1) return v1;

        while(n2 >= n1)
        {
            n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2);
        }

        if(!n2) return v2;

        while(n1 >= n2)
        {
            n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1);
        }
    }
}

#endif

/* The forward and inverse affine transformations used in the S-box */

#define fwd_affine(x) \
    (w = (aes_32t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(aes_08t)(w^(w>>8)))

#define inv_affine(x) \
    (w = (aes_32t)x, w = (w<<1)^(w<<3)^(w<<6), 0x05^(aes_08t)(w^(w>>8)))

static int init = 0;

void gen_tabs(void)
{   aes_32t  i, w;

#if defined(FF_TABLES)

    aes_08t  pow[512], log[256];

    if(init) return;
    /*  log and power tables for GF(2^8) finite field with
        WPOLY as modular polynomial - the simplest primitive
        root is 0x03, used here to generate the tables
    */

    i = 0; w = 1;
    do
    {
        pow[i] = (aes_08t)w;
        pow[i + 255] = (aes_08t)w;
        log[w] = (aes_08t)i++;
        w ^=  (w << 1) ^ (w & 0x80 ? WPOLY : 0);
    }
    while (w != 1);

#else
    if(init) return;
#endif

    for(i = 0, w = 1; i < RC_LENGTH; ++i)
    {
        t_set(r,c)[i] = bytes2word(w, 0, 0, 0);
        w = f2(w);
    }

    for(i = 0; i < 256; ++i)
    {   aes_08t    b;

        b = fwd_affine(fi((aes_08t)i));
        w = bytes2word(f2(b), b, b, f3(b));

#if defined( SBX_SET )
        t_set(s,box)[i] = b;
#endif

#if defined( FT1_SET )                 /* tables for a normal encryption round */
        t_set(f,n)[i] = w;
#endif
#if defined( FT4_SET )
        t_set(f,n)[0][i] = w;
        t_set(f,n)[1][i] = upr(w,1);
        t_set(f,n)[2][i] = upr(w,2);
        t_set(f,n)[3][i] = upr(w,3);
#endif
        w = bytes2word(b, 0, 0, 0);

#if defined( FL1_SET )                 /* tables for last encryption round (may also   */
        t_set(f,l)[i] = w;        /* be used in the key schedule)                 */
#endif
#if defined( FL4_SET )
        t_set(f,l)[0][i] = w;
        t_set(f,l)[1][i] = upr(w,1);
        t_set(f,l)[2][i] = upr(w,2);
        t_set(f,l)[3][i] = upr(w,3);
#endif

#if defined( LS1_SET )                 /* table for key schedule if t_set(f,l) above is    */
        t_set(l,s)[i] = w;      /* not of the required form                     */
#endif
#if defined( LS4_SET )
        t_set(l,s)[0][i] = w;
        t_set(l,s)[1][i] = upr(w,1);
        t_set(l,s)[2][i] = upr(w,2);
        t_set(l,s)[3][i] = upr(w,3);
#endif

        b = fi(inv_affine((aes_08t)i));
        w = bytes2word(fe(b), f9(b), fd(b), fb(b));

#if defined( IM1_SET )                 /* tables for the inverse mix column operation  */
        t_set(i,m)[b] = w;
#endif
#if defined( IM4_SET )
        t_set(i,m)[0][b] = w;
        t_set(i,m)[1][b] = upr(w,1);
        t_set(i,m)[2][b] = upr(w,2);
        t_set(i,m)[3][b] = upr(w,3);
#endif

#if defined( ISB_SET )
        t_set(i,box)[i] = b;
#endif
#if defined( IT1_SET )                 /* tables for a normal decryption round */
        t_set(i,n)[i] = w;
#endif
#if defined( IT4_SET )
        t_set(i,n)[0][i] = w;
        t_set(i,n)[1][i] = upr(w,1);
        t_set(i,n)[2][i] = upr(w,2);
        t_set(i,n)[3][i] = upr(w,3);
#endif
        w = bytes2word(b, 0, 0, 0);
#if defined( IL1_SET )                 /* tables for last decryption round */
        t_set(i,l)[i] = w;
#endif
#if defined( IL4_SET )
        t_set(i,l)[0][i] = w;
        t_set(i,l)[1][i] = upr(w,1);
        t_set(i,l)[2][i] = upr(w,2);
        t_set(i,l)[3][i] = upr(w,3);
#endif
    }
    init = 1;
}

#endif

#endif	// defined UseGladmanAES

#if defined(__cplusplus)
}
#endif

Added Source/GladmanAES/aestab.h.































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
/*
 ---------------------------------------------------------------------------
 Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.   All rights reserved.

 LICENSE TERMS

 The free distribution and use of this software in both source and binary
 form is allowed (with or without changes) provided that:

   1. distributions of this source code include the above copyright
      notice, this list of conditions and the following disclaimer;

   2. distributions in binary form include the above copyright
      notice, this list of conditions and the following disclaimer
      in the documentation and/or other associated materials;

   3. the copyright holder's name is not used to endorse products
      built using this software without specific written permission.

 ALTERNATIVELY, provided that this notice is retained in full, this product
 may be distributed under the terms of the GNU General Public License (GPL),
 in which case the provisions of the GPL apply INSTEAD OF those given above.

 DISCLAIMER

 This software is provided 'as is' with no explicit or implied warranties
 in respect of its properties, including, but not limited to, correctness
 and/or fitness for purpose.
 ---------------------------------------------------------------------------
 Issue 28/01/2004

 This file contains the code for declaring the tables needed to implement
 AES. The file aesopt.h is assumed to be included before this header file.
 If there are no global variables, the definitions here can be used to put
 the AES tables in a structure so that a pointer can then be added to the
 AES context to pass them to the AES routines that need them.   If this
 facility is used, the calling program has to ensure that this pointer is
 managed appropriately.  In particular, the value of the t_dec(in,it) item
 in the table structure must be set to zero in order to ensure that the
 tables are initialised. In practice the three code sequences in aeskey.c
 that control the calls to gen_tabs() and the gen_tabs() routine itself will
 have to be changed for a specific implementation. If global variables are
 available it will generally be preferable to use them with the precomputed
 FIXED_TABLES option that uses static global tables.

 The following defines can be used to control the way the tables
 are defined, initialised and used in embedded environments that
 require special features for these purposes

    the 't_dec' construction is used to declare fixed table arrays
    the 't_set' construction is used to set fixed table values
    the 't_use' construction is used to access fixed table values

    256 byte tables:

        t_xxx(s,box)    => forward S box
        t_xxx(i,box)    => inverse S box

    256 32-bit word OR 4 x 256 32-bit word tables:

        t_xxx(f,n)      => forward normal round
        t_xxx(f,l)      => forward last round
        t_xxx(i,n)      => inverse normal round
        t_xxx(i,l)      => inverse last round
        t_xxx(l,s)      => key schedule table
        t_xxx(i,m)      => key schedule table

    Other variables and tables:

        t_xxx(r,c)      => the rcon table
*/

#if !defined( _CC_AESTAB_H )
#define _CC_AESTAB_H

#define t_dec(m,n) t_##m##n
#define t_set(m,n) t_##m##n
#define t_use(m,n) t_##m##n

#if defined(FIXED_TABLES)
#define Const const
#else
#define Const
#endif

#if defined(DO_TABLES)
#define Extern
#else
#define Extern extern
#endif

#if defined(_MSC_VER) && defined(TABLE_ALIGN)
#define Align __declspec(align(TABLE_ALIGN))
#else
#define Align
#endif

#if defined(__cplusplus)
extern "C"
{
#endif

#if defined(DO_TABLES) && defined(FIXED_TABLES)
#define d_1(t,n,b,e)       Align Const t n[256]    =   b(e)
#define d_4(t,n,b,e,f,g,h) Align Const t n[4][256] = { b(e), b(f), b(g), b(h) }
Extern Align Const aes_32t t_dec(r,c)[RC_LENGTH] = rc_data(w0);
#else
#define d_1(t,n,b,e)       Extern Align Const t n[256]
#define d_4(t,n,b,e,f,g,h) Extern Align Const t n[4][256]
Extern Align Const aes_32t t_dec(r,c)[RC_LENGTH];
#endif

#if defined( SBX_SET )
    d_1(aes_08t, t_dec(s,box), sb_data, h0);
#endif
#if defined( ISB_SET )
    d_1(aes_08t, t_dec(i,box), isb_data, h0);
#endif

#if defined( FT1_SET )
    d_1(aes_32t, t_dec(f,n), sb_data, u0);
#endif
#if defined( FT4_SET )
    d_4(aes_32t, t_dec(f,n), sb_data, u0, u1, u2, u3);
#endif

#if defined( FL1_SET )
    d_1(aes_32t, t_dec(f,l), sb_data, w0);
#endif
#if defined( FL4_SET )
    d_4(aes_32t, t_dec(f,l), sb_data, w0, w1, w2, w3);
#endif

#if defined( IT1_SET )
    d_1(aes_32t, t_dec(i,n), isb_data, v0);
#endif
#if defined( IT4_SET )
    d_4(aes_32t, t_dec(i,n), isb_data, v0, v1, v2, v3);
#endif

#if defined( IL1_SET )
    d_1(aes_32t, t_dec(i,l), isb_data, w0);
#endif
#if defined( IL4_SET )
    d_4(aes_32t, t_dec(i,l), isb_data, w0, w1, w2, w3);
#endif

#if defined( LS1_SET )
#if defined( FL1_SET )
#undef  LS1_SET
#else
    d_1(aes_32t, t_dec(l,s), sb_data, w0);
#endif
#endif

#if defined( LS4_SET )
#if defined( FL4_SET )
#undef  LS4_SET
#else
    d_4(aes_32t, t_dec(l,s), sb_data, w0, w1, w2, w3);
#endif
#endif

#if defined( IM1_SET )
    d_1(aes_32t, t_dec(i,m), mm_data, v0);
#endif
#if defined( IM4_SET )
    d_4(aes_32t, t_dec(i,m), mm_data, v0, v1, v2, v3);
#endif

#if defined(__cplusplus)
}
#endif

#endif	/* _CC_AESTAB_H */

Added Source/GladmanAES/ccNewGladman.c.





















































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
/* 
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/*
 * ccNewGladman.c - shim between Gladman AES and CommonEncryption.
 *
 * Created 3/30/06 by Doug Mitchell. 
 */

#include <CommonCrypto/aesopt.h>

#if CC_AES_USE_HARDWARE
//Need IOKitLib.h only for IOAESTypes.h
#include <IOKit/IOKitLib.h>
#include <Kernel/IOKit/crypto/IOAESTypes.h>
#include <sys/ioctl.h>
#include <fcntl.h>
#include <pthread.h>
#endif

/*	Produce object code iff UseGladmanAES is defined.  Otherwise, suppress
	use of this module, because some other AES implementation is being used.
*/
#if defined UseGladmanAES

#ifdef	_APPLE_COMMON_CRYPTO_

#include <strings.h>

int aes_cc_set_key(
	aes_cc_ctx *cx, 
	const void *rawKey, 
	aes_32t keyLength,
	int forEncrypt)
{
	if(forEncrypt) {
		switch(keyLength) {
			case 16: 
				aes_encrypt_key128((const unsigned char *)rawKey, &cx->encrypt);
				break;
			case 24: 
				aes_encrypt_key192((const unsigned char *)rawKey, &cx->encrypt);
				break;
			case 32: 
				aes_encrypt_key256((const unsigned char *)rawKey, &cx->encrypt);
				break;
			default:
				return -1;
		}
		cx->encrypt.cbcEnable = 0;
	}
	else {
		switch(keyLength) {
			case 16: 
				aes_decrypt_key128((const unsigned char *)rawKey, &cx->decrypt);
				break;
			case 24: 
				aes_decrypt_key192((const unsigned char *)rawKey, &cx->decrypt);
				break;
			case 32: 
				aes_decrypt_key256((const unsigned char *)rawKey, &cx->decrypt);
				break;
			default:
				return -1;
		}
		cx->decrypt.cbcEnable = 0;
	}
	return 0;
}

void aes_cc_set_iv(aes_cc_ctx *cx, int forEncrypt, const void *iv)
{
	if(forEncrypt) {
		if(iv == NULL) {
			cx->encrypt.cbcEnable = 0;
		}
		else {
			memmove(cx->encrypt.chainBuf, iv, AES_BLOCK_SIZE);
			cx->encrypt.cbcEnable = 1;
		}
	}
	else {
		if(iv == NULL) {
			cx->decrypt.cbcEnable = 0;
		}
		else {
			memmove(cx->decrypt.chainBuf, iv, AES_BLOCK_SIZE);
			cx->decrypt.cbcEnable = 1;
		}
	}
}

#ifndef	NULL
#define NULL ((void *)0)
#endif

#if CC_AES_USE_HARDWARE
#define CC_AES_USE_HARDWARE_THRESHOLD	(1024 / AES_BLOCK_SIZE) //In Blocks.
static int cc_aes_device = -1;
static pthread_once_t cc_aes_connect_once = PTHREAD_ONCE_INIT;
static aes_32t cc_aes_hardware_quantum = ((256*4096) / AES_BLOCK_SIZE); //In Blocks. Will be set to what hardware returns;

static void cc_aes_connect(void) 
{
	struct IOAESAcceleratorInfo aesInfo;
	
	cc_aes_device = open("/dev/aes_0", O_RDWR, 0);
	if(cc_aes_device < 0)
		return;
	if(ioctl(cc_aes_device, IOAES_GET_INFO, &aesInfo) != -1) {
		cc_aes_hardware_quantum = aesInfo.maxBytesPerCall / AES_BLOCK_SIZE;
	}
}

static aes_32t aes_cc_use_hardware(IOAESOperation operation, int keyLength, UInt8 *key, UInt8 *iv, UInt8* plainText, UInt8 *cipherText, aes_32t numBlocks)
{
	struct IOAESAcceleratorRequest aesRequest;
	aes_32t quantum = cc_aes_hardware_quantum;
	UInt8 *pt = plainText;
	UInt8 *ct = cipherText;
	aes_32t blocks = numBlocks;
	
	aesRequest.operation = operation;
	bcopy(iv, aesRequest.iv.ivBytes, AES_BLOCK_SIZE);
	aesRequest.keyData.key.keyLength = (keyLength << 3); //Hardware needs it in bits.
	bcopy(key, aesRequest.keyData.key.keyBytes, keyLength);

	while (blocks) {
		quantum = ((blocks < cc_aes_hardware_quantum) ? blocks : cc_aes_hardware_quantum);
		aesRequest.plainText = pt;
		aesRequest.cipherText = ct;
		aesRequest.textLength = quantum * AES_BLOCK_SIZE; //The hardware needs textLength in bytes.
		
		if(ioctl(cc_aes_device, IOAES_ENCRYPT_DECRYPT, &aesRequest) == -1) {
			break;
		}
		blocks -= quantum;
		pt += (quantum*AES_BLOCK_SIZE);
		ct += (quantum*AES_BLOCK_SIZE);
	}
	return (numBlocks - blocks);	
} 
#endif

void aes_cc_encrypt(aes_cc_ctx *cx, const void *blocksIn, aes_32t numBlocks, void *blocksOut)
{
	#if CC_AES_USE_HARDWARE
	if(numBlocks > CC_AES_USE_HARDWARE_THRESHOLD && !pthread_once(&cc_aes_connect_once, cc_aes_connect) && cc_aes_device >= 0) {
		aes_encrypt_ctx *cx_encrypt = &cx->encrypt;
		UInt8 *key = cx_encrypt->keyBytes;
		int keyLength = cx_encrypt->keyLength;
		UInt8 *iv = cx_encrypt->chainBuf;
		aes_32t blocks_encrypted = 0;

		blocks_encrypted = aes_cc_use_hardware(IOAESOperationEncrypt, keyLength, key, iv, (UInt8 *)blocksIn, (UInt8 *)blocksOut, numBlocks);
		if(blocks_encrypted == numBlocks) {	// Successfully completed using hardware.
			return;
		}
		//Something went wrong trying to use hardware.. fall through and use the software to do the job.
		blocksIn = (UInt8 *)blocksIn + (blocks_encrypted * AES_BLOCK_SIZE);
		blocksOut = (UInt8 *)blocksOut + (blocks_encrypted * AES_BLOCK_SIZE);
		numBlocks -= blocks_encrypted;
	}
	#endif
	aes_encrypt_cbc((const unsigned char *)blocksIn, 
		NULL,	/* IV - we set via aes_cc_set_iv */
		(unsigned)numBlocks, (unsigned char *)blocksOut, &cx->encrypt);
}

void aes_cc_decrypt(aes_cc_ctx *cx, const void *blocksIn, aes_32t numBlocks,
	void *blocksOut)
{
	#if CC_AES_USE_HARDWARE
	if(numBlocks > CC_AES_USE_HARDWARE_THRESHOLD && !pthread_once(&cc_aes_connect_once, cc_aes_connect) && cc_aes_device >= 0) {
		aes_decrypt_ctx *cx_decrypt = &cx->decrypt;
		UInt8 *key = cx_decrypt->keyBytes;
		int keyLength = cx_decrypt->keyLength;
		UInt8 *iv = cx_decrypt->chainBuf;
		aes_32t blocks_decrypted = 0;

		blocks_decrypted = aes_cc_use_hardware(IOAESOperationDecrypt, keyLength, key, iv, (UInt8 *)blocksOut, (UInt8 *)blocksIn, numBlocks);
		if(blocks_decrypted == numBlocks) {	// Successfully completed using hardware.
			return 1;
		}
		//Something went wrong trying to use hardware.. fall through and use the software to do the job.
		blocksIn = (UInt8 *)blocksIn + (blocks_decrypted * AES_BLOCK_SIZE);
		blocksOut = (UInt8 *)blocksOut + (blocks_decrypted * AES_BLOCK_SIZE);
		numBlocks -= blocks_decrypted;
	}
	#endif
	aes_decrypt_cbc((const unsigned char *)blocksIn,
		NULL,	/* IV - we set via aes_cc_set_iv */
		(unsigned)numBlocks, (unsigned char *)blocksOut, &cx->decrypt);
}

#endif	/* _APPLE_COMMON_CRYPTO_ */

#endif	// defined UseGladmanAES

Added Source/RC2/ccRC2.c.





























































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
/* 
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

#include <CommonCrypto/rc2.h>
#include <CommonCrypto/ccRC2.h>
#include <sys/types.h>

int rc2_cc_set_key(
	RC2_Schedule *cx, 
	const void *rawKey, 
	size_t keyLength)
{
	rc2_keyschedule(cx, rawKey, keyLength, keyLength*8);
	return 0;
}

void rc2_cc_encrypt(RC2_Schedule *cx, const void *blockIn, void *blockOut)
{
	rc2_encrypt(cx, (const unsigned char *)blockIn, (unsigned char *)blockOut);
}

void rc2_cc_decrypt(RC2_Schedule *cx, const void *blockIn, void *blockOut)
{
	rc2_decrypt(cx, (unsigned char *)blockOut, (const unsigned char *)blockIn);
}

Added Source/RC2/rc2.c.





























































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
/**********************************************************************\ 
* To commemorate the 1996 RSA Data Security Conference, the following  * 
* code is released into the public domain by its author.  Prost!       * 
*                                                                      * 
* This cipher uses 16-bit words and little-endian byte ordering.       * 
* I wonder which processor it was optimized for?                       * 
*                                                                      * 
* Thanks to CodeView, SoftIce, and D86 for helping bring this code to  * 
* the public.                                                          * 
\**********************************************************************/ 
#include <string.h> 
#include <assert.h> 

#include <CommonCrypto/rc2.h>

/**********************************************************************\ 
* Expand a variable-length user key (between 1 and 128 bytes) to a     * 
* 64-short working rc2 key, of at most "bits" effective key bits.      * 
* The effective key bits parameter looks like an export control hack.  * 
* For normal use, it should always be set to 1024.  For convenience,   * 
* zero is accepted as an alias for 1024.                               * 
\**********************************************************************/ 
void rc2_keyschedule( RC2_Schedule *key_schedule, 
                      const unsigned char *key, 
                      unsigned len, 
                      unsigned bits ) 
        { 
        unsigned char x; 
        unsigned i; 
        /* 256-entry permutation table, probably derived somehow from pi */ 
        static const unsigned char permute[256] = { 
            217,120,249,196, 25,221,181,237, 40,233,253,121, 74,160,216,157, 
            198,126, 55,131, 43,118, 83,142, 98, 76,100,136, 68,139,251,162, 
             23,154, 89,245,135,179, 79, 19, 97, 69,109,141,  9,129,125, 50, 
            189,143, 64,235,134,183,123, 11,240,149, 33, 34, 92,107, 78,130, 
             84,214,101,147,206, 96,178, 28,115, 86,192, 20,167,140,241,220, 
             18,117,202, 31, 59,190,228,209, 66, 61,212, 48,163, 60,182, 38, 
            111,191, 14,218, 70,105,  7, 87, 39,242, 29,155,188,148, 67,  3, 
            248, 17,199,246,144,239, 62,231,  6,195,213, 47,200,102, 30,215, 
              8,232,234,222,128, 82,238,247,132,170,114,172, 53, 77,106, 42, 
            150, 26,210,113, 90, 21, 73,116, 75,159,208, 94,  4, 24,164,236, 
            194,224, 65,110, 15, 81,203,204, 36,145,175, 80,161,244,112, 57, 
            153,124, 58,133, 35,184,180,122,252,  2, 54, 91, 37, 85,151, 49, 
             45, 93,250,152,227,138,146,174,  5,223, 41, 16,103,108,186,201, 
            211,  0,230,207,225,158,168, 44, 99, 22,  1, 63, 88,226,137,169, 
             13, 56, 52, 27,171, 51,255,176,187, 72, 12, 95,185,177,205, 46, 
            197,243,219, 71,229,165,156,119, 10,166, 32,104,254,127,193,173 
        }; 
        assert(len > 0 && len <= 128); 
        assert(bits <= 1024); 
        if (!bits) 
                bits = 1024; 
        memcpy(&key_schedule->xkey, key, len); 
        /* Phase 1: Expand input key to 128 bytes */ 
        if (len < 128) { 
                i = 0; 
                x = ((unsigned char *)key_schedule->xkey)[len-1]; 
                do { 
                        x = permute[(x + ((unsigned char *)key_schedule->xkey)[i++]) & 255]; 
                        ((unsigned char *)key_schedule->xkey)[len++] = x; 
                } while (len < 128); 
        } 
        /* Phase 2 - reduce effective key size to "bits" */ 
        len = (bits+7) >> 3; 
        i = 128-len; 
        x = permute[((unsigned char *)key_schedule->xkey)[i] & (255 >> (7 & -bits))]; 
        ((unsigned char *)key_schedule->xkey)[i] = x; 
        while (i--) { 
                x = permute[ x ^ ((unsigned char *)key_schedule->xkey)[i+len] ]; 
                ((unsigned char *)key_schedule->xkey)[i] = x; 
        } 
        /* Phase 3 - copy to xkey in little-endian order */ 
        i = 63; 
        do { 
                key_schedule->xkey[i] =  ((unsigned char *)key_schedule->xkey)[2*i] + 
                          (((unsigned char *)key_schedule->xkey)[2*i+1] << 8); 
        } while (i--); 
        } 
/**********************************************************************\ 
* Encrypt an 8-byte block of plaintext using the given key.            * 
\**********************************************************************/ 
void rc2_encrypt( const RC2_Schedule *key_schedule, 
                  const unsigned char *plain, 
                  unsigned char *cipher ) 
        { 
        unsigned x76, x54, x32, x10, i; 
        x76 = (plain[7] << 8) + plain[6]; 
        x54 = (plain[5] << 8) + plain[4]; 
        x32 = (plain[3] << 8) + plain[2]; 
        x10 = (plain[1] << 8) + plain[0]; 
        for (i = 0; i < 16; i++) { 
                x10 += (x32 & ~x76) + (x54 & x76) + key_schedule->xkey[4*i+0]; 
                x10 = (x10 << 1) + (x10 >> 15 & 1); 
                x32 += (x54 & ~x10) + (x76 & x10) + key_schedule->xkey[4*i+1]; 
                x32 = (x32 << 2) + (x32 >> 14 & 3); 
                x54 += (x76 & ~x32) + (x10 & x32) + key_schedule->xkey[4*i+2]; 
                x54 = (x54 << 3) + (x54 >> 13 & 7); 
                x76 += (x10 & ~x54) + (x32 & x54) + key_schedule->xkey[4*i+3]; 
                x76 = (x76 << 5) + (x76 >> 11 & 31); 
                if (i == 4 || i == 10) { 
                        x10 += key_schedule->xkey[x76 & 63]; 
                        x32 += key_schedule->xkey[x10 & 63]; 
                        x54 += key_schedule->xkey[x32 & 63]; 
                        x76 += key_schedule->xkey[x54 & 63]; 
                } 
        } 
        cipher[0] = (unsigned char)x10; 
        cipher[1] = (unsigned char)(x10 >> 8); 
        cipher[2] = (unsigned char)x32; 
        cipher[3] = (unsigned char)(x32 >> 8); 
        cipher[4] = (unsigned char)x54; 
        cipher[5] = (unsigned char)(x54 >> 8); 
        cipher[6] = (unsigned char)x76; 
        cipher[7] = (unsigned char)(x76 >> 8); 
        } 
/**********************************************************************\ 
* Decrypt an 8-byte block of ciphertext using the given key.           * 
\**********************************************************************/ 
void rc2_decrypt( const RC2_Schedule *key_schedule, 
                  unsigned char *plain, 
                  const unsigned char *cipher ) 
        { 
        unsigned x76, x54, x32, x10, i; 
        x76 = (cipher[7] << 8) + cipher[6]; 
        x54 = (cipher[5] << 8) + cipher[4]; 
        x32 = (cipher[3] << 8) + cipher[2]; 
        x10 = (cipher[1] << 8) + cipher[0]; 
        i = 15; 
        do { 
                x76 &= 65535; 
                x76 = (x76 << 11) + (x76 >> 5); 
                x76 -= (x10 & ~x54) + (x32 & x54) + key_schedule->xkey[4*i+3]; 
                x54 &= 65535; 
                x54 = (x54 << 13) + (x54 >> 3); 
                x54 -= (x76 & ~x32) + (x10 & x32) + key_schedule->xkey[4*i+2]; 
                x32 &= 65535; 
                x32 = (x32 << 14) + (x32 >> 2); 
                x32 -= (x54 & ~x10) + (x76 & x10) + key_schedule->xkey[4*i+1]; 
                x10 &= 65535; 
                x10 = (x10 << 15) + (x10 >> 1); 
                x10 -= (x32 & ~x76) + (x54 & x76) + key_schedule->xkey[4*i+0]; 
                if (i == 5 || i == 11) { 
                        x76 -= key_schedule->xkey[x54 & 63]; 
                        x54 -= key_schedule->xkey[x32 & 63]; 
                        x32 -= key_schedule->xkey[x10 & 63]; 
                        x10 -= key_schedule->xkey[x76 & 63]; 
                } 
        } while (i--); 
        plain[0] = (unsigned char)x10; 
        plain[1] = (unsigned char)(x10 >> 8); 
        plain[2] = (unsigned char)x32; 
        plain[3] = (unsigned char)(x32 >> 8); 
        plain[4] = (unsigned char)x54; 
        plain[5] = (unsigned char)(x54 >> 8); 
        plain[6] = (unsigned char)x76; 
        plain[7] = (unsigned char)(x76 >> 8); 
        } 

Added Source/RC4/rc4_enc.c.

























































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
/*
 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


/* crypto/rc4/rc4_enc.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <CommonCrypto/rc4.h>

/* RC4 as implemented from a posting from
 * Newsgroups: sci.crypt
 * From: sterndark@netcom.com (David Sterndark)
 * Subject: RC4 Algorithm revealed.
 * Message-ID: <sternCvKL4B.Hyy@netcom.com>
 * Date: Wed, 14 Sep 1994 06:35:31 GMT
 */

void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
	     unsigned char *outdata)
	{
        register RC4_INT *d;
        register RC4_INT x,y,tx,ty;
	int i;
        
        x=key->x;     
        y=key->y;     
        d=key->data; 

#if defined(RC4_CHUNK)
	/*
	 * The original reason for implementing this(*) was the fact that
	 * pre-21164a Alpha CPUs don't have byte load/store instructions
	 * and e.g. a byte store has to be done with 64-bit load, shift,
	 * and, or and finally 64-bit store. Peaking data and operating
	 * at natural word size made it possible to reduce amount of
	 * instructions as well as to perform early read-ahead without
	 * suffering from RAW (read-after-write) hazard. This resulted
	 * in ~40%(**) performance improvement on 21064 box with gcc.
	 * But it's not only Alpha users who win here:-) Thanks to the
	 * early-n-wide read-ahead this implementation also exhibits
	 * >40% speed-up on SPARC and 20-30% on 64-bit MIPS (depending
	 * on sizeof(RC4_INT)).
	 *
	 * (*)	"this" means code which recognizes the case when input
	 *	and output pointers appear to be aligned at natural CPU
	 *	word boundary
	 * (**)	i.e. according to 'apps/openssl speed rc4' benchmark,
	 *	crypto/rc4/rc4speed.c exhibits almost 70% speed-up...
	 *
	 * Cavets.
	 *
	 * - RC4_CHUNK="unsigned long long" should be a #1 choice for
	 *   UltraSPARC. Unfortunately gcc generates very slow code
	 *   (2.5-3 times slower than one generated by Sun's WorkShop
	 *   C) and therefore gcc (at least 2.95 and earlier) should
	 *   always be told that RC4_CHUNK="unsigned long".
	 *
	 *					<appro@fy.chalmers.se>
	 */

# define RC4_STEP	( \
			x=(x+1) &0xff,	\
			tx=d[x],	\
			y=(tx+y)&0xff,	\
			ty=d[y],	\
			d[y]=tx,	\
			d[x]=ty,	\
			(RC4_CHUNK)d[(tx+ty)&0xff]\
			)

	if ( ( ((unsigned long)indata  & (sizeof(RC4_CHUNK)-1)) | 
	       ((unsigned long)outdata & (sizeof(RC4_CHUNK)-1)) ) == 0 )
		{
		RC4_CHUNK ichunk,otp;
		const union { long one; char little; } is_endian = {1};

		/*
		 * I reckon we can afford to implement both endian
		 * cases and to decide which way to take at run-time
		 * because the machine code appears to be very compact
		 * and redundant 1-2KB is perfectly tolerable (i.e.
		 * in case the compiler fails to eliminate it:-). By
		 * suggestion from Terrel Larson <terr@terralogic.net>
		 * who also stands for the is_endian union:-)
		 *
		 * Special notes.
		 *
		 * - is_endian is declared automatic as doing otherwise
		 *   (declaring static) prevents gcc from eliminating
		 *   the redundant code;
		 * - compilers (those I've tried) don't seem to have
		 *   problems eliminating either the operators guarded
		 *   by "if (sizeof(RC4_CHUNK)==8)" or the condition
		 *   expressions themselves so I've got 'em to replace
		 *   corresponding #ifdefs from the previous version;
		 * - I chose to let the redundant switch cases when
		 *   sizeof(RC4_CHUNK)!=8 be (were also #ifdefed
		 *   before);
		 * - in case you wonder "&(sizeof(RC4_CHUNK)*8-1)" in
		 *   [LB]ESHFT guards against "shift is out of range"
		 *   warnings when sizeof(RC4_CHUNK)!=8 
		 *
		 *			<appro@fy.chalmers.se>
		 */
		if (!is_endian.little)
			{	/* BIG-ENDIAN CASE */
# define BESHFT(c)	(((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1))
			for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK))
				{
				ichunk  = *(RC4_CHUNK *)indata;
				otp  = RC4_STEP<<BESHFT(0);
				otp |= RC4_STEP<<BESHFT(1);
				otp |= RC4_STEP<<BESHFT(2);
				otp |= RC4_STEP<<BESHFT(3);
				if (sizeof(RC4_CHUNK)==8)
					{
					otp |= RC4_STEP<<BESHFT(4);
					otp |= RC4_STEP<<BESHFT(5);
					otp |= RC4_STEP<<BESHFT(6);
					otp |= RC4_STEP<<BESHFT(7);
					}
				*(RC4_CHUNK *)outdata = otp^ichunk;
				indata  += sizeof(RC4_CHUNK);
				outdata += sizeof(RC4_CHUNK);
				}
			if (len)
				{
				RC4_CHUNK mask=(RC4_CHUNK)-1, ochunk;

				ichunk = *(RC4_CHUNK *)indata;
				ochunk = *(RC4_CHUNK *)outdata;
				otp = 0;
				i = BESHFT(0);
				mask <<= (sizeof(RC4_CHUNK)-len)<<3;
				switch (len&(sizeof(RC4_CHUNK)-1))
					{
					case 7:	otp  = RC4_STEP<<i, i-=8;
					case 6:	otp |= RC4_STEP<<i, i-=8;
					case 5:	otp |= RC4_STEP<<i, i-=8;
					case 4:	otp |= RC4_STEP<<i, i-=8;
					case 3:	otp |= RC4_STEP<<i, i-=8;
					case 2:	otp |= RC4_STEP<<i, i-=8;
					case 1:	otp |= RC4_STEP<<i, i-=8;
					case 0: ; /*
						   * it's never the case,
						   * but it has to be here
						   * for ultrix?
						   */
					}
				ochunk &= ~mask;
				ochunk |= (otp^ichunk) & mask;
				*(RC4_CHUNK *)outdata = ochunk;
				}
			key->x=x;     
			key->y=y;
			return;
			}	/* big-endian */
		else
			{	/* LITTLE-ENDIAN CASE */
# define LESHFT(c)	(((c)*8)&(sizeof(RC4_CHUNK)*8-1))
			for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK))
				{
				ichunk  = *(RC4_CHUNK *)indata;
				otp  = RC4_STEP;
				otp |= RC4_STEP<<8;
				otp |= RC4_STEP<<16;
				otp |= RC4_STEP<<24;
				if (sizeof(RC4_CHUNK)==8)
					{
					otp |= RC4_STEP<<LESHFT(4);
					otp |= RC4_STEP<<LESHFT(5);
					otp |= RC4_STEP<<LESHFT(6);
					otp |= RC4_STEP<<LESHFT(7);
					}
				*(RC4_CHUNK *)outdata = otp^ichunk;
				indata  += sizeof(RC4_CHUNK);
				outdata += sizeof(RC4_CHUNK);
				}
			if (len)
				{
				RC4_CHUNK mask=(RC4_CHUNK)-1, ochunk;

				ichunk = *(RC4_CHUNK *)indata;
				ochunk = *(RC4_CHUNK *)outdata;
				otp = 0;
				i   = 0;
				mask >>= (sizeof(RC4_CHUNK)-len)<<3;
				switch (len&(sizeof(RC4_CHUNK)-1))
					{
					case 7:	otp  = RC4_STEP,    i+=8;
					case 6:	otp |= RC4_STEP<<i, i+=8;
					case 5:	otp |= RC4_STEP<<i, i+=8;
					case 4:	otp |= RC4_STEP<<i, i+=8;
					case 3:	otp |= RC4_STEP<<i, i+=8;
					case 2:	otp |= RC4_STEP<<i, i+=8;
					case 1:	otp |= RC4_STEP<<i, i+=8;
					case 0: ; /*
						   * it's never the case,
						   * but it has to be here
						   * for ultrix?
						   */
					}
				ochunk &= ~mask;
				ochunk |= (otp^ichunk) & mask;
				*(RC4_CHUNK *)outdata = ochunk;
				}
			key->x=x;     
			key->y=y;
			return;
			} /* little-endian */
		}
#endif
#define LOOP(in,out) \
		x=((x+1)&0xff); \
		tx=d[x]; \
		y=(tx+y)&0xff; \
		d[x]=ty=d[y]; \
		d[y]=tx; \
		(out) = d[(tx+ty)&0xff]^ (in);

#ifndef RC4_INDEX
#define RC4_LOOP(a,b,i)	LOOP(*((a)++),*((b)++))
#else
#define RC4_LOOP(a,b,i)	LOOP(a[i],b[i])
#endif

	i=(int)(len>>3L);
	if (i)
		{
		for (;;)
			{
			RC4_LOOP(indata,outdata,0);
			RC4_LOOP(indata,outdata,1);
			RC4_LOOP(indata,outdata,2);
			RC4_LOOP(indata,outdata,3);
			RC4_LOOP(indata,outdata,4);
			RC4_LOOP(indata,outdata,5);
			RC4_LOOP(indata,outdata,6);
			RC4_LOOP(indata,outdata,7);
#ifdef RC4_INDEX
			indata+=8;
			outdata+=8;
#endif
			if (--i == 0) break;
			}
		}
	i=(int)len&0x07;
	if (i)
		{
		for (;;)
			{
			RC4_LOOP(indata,outdata,0); if (--i == 0) break;
			RC4_LOOP(indata,outdata,1); if (--i == 0) break;
			RC4_LOOP(indata,outdata,2); if (--i == 0) break;
			RC4_LOOP(indata,outdata,3); if (--i == 0) break;
			RC4_LOOP(indata,outdata,4); if (--i == 0) break;
			RC4_LOOP(indata,outdata,5); if (--i == 0) break;
			RC4_LOOP(indata,outdata,6); if (--i == 0) break;
			}
		}               
	key->x=x;     
	key->y=y;
	}

Added Source/RC4/rc4_skey.c.

























































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
/*
 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


/* crypto/rc4/rc4_skey.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <CommonCrypto/rc4.h>

#ifndef	_APPLE_COMMON_CRYPTO_

#include "rc4_locl.h"
#include <openssl/opensslv.h>

const char *RC4_version="RC4" OPENSSL_VERSION_PTEXT;

const char *RC4_options(void)
	{
#ifdef RC4_INDEX
	if (sizeof(RC4_INT) == 1)
		return("rc4(idx,char)");
	else
		return("rc4(idx,int)");
#else
	if (sizeof(RC4_INT) == 1)
		return("rc4(ptr,char)");
	else
		return("rc4(ptr,int)");
#endif
	}

#endif	/* _APPLE_COMMON_CRYPTO_*/

/* RC4 as implemented from a posting from
 * Newsgroups: sci.crypt
 * From: sterndark@netcom.com (David Sterndark)
 * Subject: RC4 Algorithm revealed.
 * Message-ID: <sternCvKL4B.Hyy@netcom.com>
 * Date: Wed, 14 Sep 1994 06:35:31 GMT
 */

void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
	{
        register RC4_INT tmp;
        register int id1,id2;
        register RC4_INT *d;
        unsigned int i;
        
        d= &(key->data[0]);
	for (i=0; i<256; i++)
		d[i]=i;
        key->x = 0;     
        key->y = 0;     
        id1=id2=0;     

#define SK_LOOP(n) { \
		tmp=d[(n)]; \
		id2 = (data[id1] + tmp + id2) & 0xff; \
		if (++id1 == len) id1=0; \
		d[(n)]=d[id2]; \
		d[id2]=tmp; }

	for (i=0; i < 256; i+=4)
		{
		SK_LOOP(i+0);
		SK_LOOP(i+1);
		SK_LOOP(i+2);
		SK_LOOP(i+3);
		}
	}
    

Added Source/StreamCipher.c.

































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
/* 
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

#include "CommonCryptorPriv.h"
#include "StreamCipher.h"
#include <CommonCrypto/rc4.h>

/* 
 * RC4 stream cipher.
 * SPI-specific context is just a RC4_KEY.
 */
static CCCryptorStatus CCRC4ContextSize(
	CCOperation op, 
	CCAlgorithm alg, 
	size_t *ctxSize)
{
	*ctxSize = sizeof(RC4_KEY);
	return kCCSuccess;
}

static CCCryptorStatus CCRC4Init(
	void *ctx,
	CCOperation op,			/* kCCEncrypt, kCCDecrypt */
	CCAlgorithm alg,		/* kCCAlgDES, etc. */
	CCOptions options,		/* kCCOptionPKCS7Padding, etc. */
	const void *key,		/* raw key material */
	size_t keyLength,	
	const void *iv)			/* optional initialization vector */
{
	RC4_KEY *rc4Key = (RC4_KEY *)ctx;
	
	if(key == NULL) {
		return kCCParamError;
	}
	RC4_set_key(rc4Key, keyLength, key);
	return kCCSuccess;
}

/* no release - just zero our memory */

static CCCryptorStatus CCRC4Update(
   void *ctx,
   const void *dataIn,
   size_t dataInLen,
   void *dataOut,           /* data RETURNED here */
	size_t dataOutAvailable,
	size_t *dataOutMoved)		/* number of bytes written */
{
	RC4_KEY *rc4Key = (RC4_KEY *)ctx;
	
	if((dataIn == NULL) || (dataOut == NULL) || (dataOutMoved == NULL)) {
		return kCCParamError;
	}
	if(dataOutAvailable < dataInLen) {
		return kCCBufferTooSmall;
	}
	RC4(rc4Key, dataInLen, dataIn, dataOut);
	*dataOutMoved = dataInLen;
	return kCCSuccess;
}

static CCCryptorStatus CCRC4Final(
   void *ctx,
   void *dataOut,           /* data RETURNED here */
	size_t dataOutAvailable,
	size_t *dataOutMoved)	/* number of bytes written */
{
	if(dataOutMoved) {
		*dataOutMoved = 0;
	}
	return kCCSuccess;
}

/* no reset - not supported */

/* normal OutputSize */
static size_t CCRC4OutputSize(
	void *ctx, size_t inputLength, bool final)
{
	return inputLength;
}

/* one-shot size */
static CCCryptorStatus CCRC4OneShotSize(
	CCOperation op,
	CCAlgorithm alg,
	CCOptions options,
	size_t inputLen,
	size_t *outputLen)
{
	*outputLen = inputLen;
	return kCCSuccess;
}

/* 
 * Callouts used by CommonCryptor.
 */
const CCCryptSpiCallouts ccRC4Callouts = 
{
	CCRC4ContextSize,
	CCRC4Init,
	NULL,			/* release */
	CCRC4Update,
	CCRC4Final,
	NULL,			/* reset */
	CCRC4OutputSize,
	CCRC4OneShotSize,
};

Added Source/StreamCipher.h.































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
/* 
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

/* 
 * StreamCipher.h - CommonCryptor SPI interfaces for stream ciphers.
 */

#ifndef	_CC_STREAM_CIPHER_
#define	_CC_STREAM_CIPHER_

#include "CommonCryptorPriv.h"

#ifdef __cplusplus
extern "C" {
#endif

/*
 * CommonCryptor access all of our functionality through these callouts. 
 */
extern const CCCryptSpiCallouts ccRC4Callouts;

#ifdef __cplusplus
}
#endif

#endif	/* _CC_STREAM_CIPHER_ */

Added Source/ccDES.c.





















































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
/*
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 *
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 *
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 *
 * @APPLE_LICENSE_HEADER_END@
 */

/* set to 1 for statically allocated lookup tables */
#define STATIC_PERMS	0

#include "ccDES.h"
#include <pthread.h>

#if	!STATIC_PERMS
#include <stdlib.h>
#endif

#ifndef	NULL
#define NULL	((void *)0)
#endif	/* NULL */

#define DES_DEBUG	0	/* enables some printfs */

/* Sofware DES functions
 * written 12 Dec 1986 by Phil Karn, KA9Q; large sections adapted from
 * the 1977 public-domain program by Jim Gillogly
 */

#ifdef	__LITTLE_ENDIAN__
/* Byte swap a long */
static unsigned int byteswap(unsigned int x) {
        register char *cp,tmp;

        cp = (char *)&x;
        tmp = cp[3];
        cp[3] = cp[0];
        cp[0] = tmp;

        tmp = cp[2];
        cp[2] = cp[1];
        cp[1] = tmp;

        return x;
}
#endif

/* Tables defined in the Data Encryption Standard documents */

/* initial permutation IP */
static const char ip[] = {
	58, 50, 42, 34, 26, 18, 10,  2,
	60, 52, 44, 36, 28, 20, 12,  4,
	62, 54, 46, 38, 30, 22, 14,  6,
	64, 56, 48, 40, 32, 24, 16,  8,
	57, 49, 41, 33, 25, 17,  9,  1,
	59, 51, 43, 35, 27, 19, 11,  3,
	61, 53, 45, 37, 29, 21, 13,  5,
	63, 55, 47, 39, 31, 23, 15,  7
};

/* final permutation IP^-1 */
static const char fp[] = {
	40,  8, 48, 16, 56, 24, 64, 32,
	39,  7, 47, 15, 55, 23, 63, 31,
	38,  6, 46, 14, 54, 22, 62, 30,
	37,  5, 45, 13, 53, 21, 61, 29,
	36,  4, 44, 12, 52, 20, 60, 28,
	35,  3, 43, 11, 51, 19, 59, 27,
	34,  2, 42, 10, 50, 18, 58, 26,
	33,  1, 41,  9, 49, 17, 57, 25
};

/* expansion operation matrix
 * This is for reference only; it is unused in the code
 * as the f() function performs it implicitly for speed
 */
#ifdef notdef
static char ei[] = {
	32,  1,  2,  3,  4,  5,
	 4,  5,  6,  7,  8,  9,
	 8,  9, 10, 11, 12, 13,
	12, 13, 14, 15, 16, 17,
	16, 17, 18, 19, 20, 21,
	20, 21, 22, 23, 24, 25,
	24, 25, 26, 27, 28, 29,
	28, 29, 30, 31, 32,  1
};
#endif

/* permuted choice table (key) */
static const char pc1[] = {
	57, 49, 41, 33, 25, 17,  9,
	 1, 58, 50, 42, 34, 26, 18,
	10,  2, 59, 51, 43, 35, 27,
	19, 11,  3, 60, 52, 44, 36,

	63, 55, 47, 39, 31, 23, 15,
	 7, 62, 54, 46, 38, 30, 22,
	14,  6, 61, 53, 45, 37, 29,
	21, 13,  5, 28, 20, 12,  4
};

/* number left rotations of pc1 */
static const char totrot[] = {
	1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28
};

/* permuted choice key (table) */
static const char pc2[] = {
	14, 17, 11, 24,  1,  5,
	 3, 28, 15,  6, 21, 10,
	23, 19, 12,  4, 26,  8,
	16,  7, 27, 20, 13,  2,
	41, 52, 31, 37, 47, 55,
	30, 40, 51, 45, 33, 48,
	44, 49, 39, 56, 34, 53,
	46, 42, 50, 36, 29, 32
};

/* The (in)famous S-boxes */
static const char si[8][64] = {
    {
	/* S1 */
	14,  4, 13,  1,  2, 15, 11,  8,  3, 10,  6, 12,  5,  9,  0,  7,
	 0, 15,  7,  4, 14,  2, 13,  1, 10,  6, 12, 11,  9,  5,  3,  8,
	 4,  1, 14,  8, 13,  6,  2, 11, 15, 12,  9,  7,  3, 10,  5,  0,
	15, 12,  8,  2,  4,  9,  1,  7,  5, 11,  3, 14, 10,  0,  6, 13
    },
    {
	/* S2 */
	15,  1,  8, 14,  6, 11,  3,  4,  9,  7,  2, 13, 12,  0,  5, 10,
	 3, 13,  4,  7, 15,  2,  8, 14, 12,  0,  1, 10,  6,  9, 11,  5,
	 0, 14,  7, 11, 10,  4, 13,  1,  5,  8, 12,  6,  9,  3,  2, 15,
	13,  8, 10,  1,  3, 15,  4,  2, 11,  6,  7, 12,  0,  5, 14,  9
    },
    {
	/* S3 */
	10,  0,  9, 14,  6,  3, 15,  5,  1, 13, 12,  7, 11,  4,  2,  8,
	13,  7,  0,  9,  3,  4,  6, 10,  2,  8,  5, 14, 12, 11, 15,  1,
	13,  6,  4,  9,  8, 15,  3,  0, 11,  1,  2, 12,  5, 10, 14,  7,
	 1, 10, 13,  0,  6,  9,  8,  7,  4, 15, 14,  3, 11,  5,  2, 12
    },
    {
	/* S4 */
	 7, 13, 14,  3,  0,  6,  9, 10,  1,  2,  8,  5, 11, 12,  4, 15,
	13,  8, 11,  5,  6, 15,  0,  3,  4,  7,  2, 12,  1, 10, 14,  9,
	10,  6,  9,  0, 12, 11,  7, 13, 15,  1,  3, 14,  5,  2,  8,  4,
	 3, 15,  0,  6, 10,  1, 13,  8,  9,  4,  5, 11, 12,  7,  2, 14
    },
    {
	/* S5 */
	 2, 12,  4,  1,  7, 10, 11,  6,  8,  5,  3, 15, 13,  0, 14,  9,
	14, 11,  2, 12,  4,  7, 13,  1,  5,  0, 15, 10,  3,  9,  8,  6,
	 4,  2,  1, 11, 10, 13,  7,  8, 15,  9, 12,  5,  6,  3,  0, 14,
	11,  8, 12,  7,  1, 14,  2, 13,  6, 15,  0,  9, 10,  4,  5,  3
    },
    {
	/* S6 */
	12,  1, 10, 15,  9,  2,  6,  8,  0, 13,  3,  4, 14,  7,  5, 11,
	10, 15,  4,  2,  7, 12,  9,  5,  6,  1, 13, 14,  0, 11,  3,  8,
	 9, 14, 15,  5,  2,  8, 12,  3,  7,  0,  4, 10,  1, 13, 11,  6,
	 4,  3,  2, 12,  9,  5, 15, 10, 11, 14,  1,  7,  6,  0,  8, 13
    },
    {
	/* S7 */
	 4, 11,  2, 14, 15,  0,  8, 13,  3, 12,  9,  7,  5, 10,  6,  1,
	13,  0, 11,  7,  4,  9,  1, 10, 14,  3,  5, 12,  2, 15,  8,  6,
	 1,  4, 11, 13, 12,  3,  7, 14, 10, 15,  6,  8,  0,  5,  9,  2,
	 6, 11, 13,  8,  1,  4, 10,  7,  9,  5,  0, 15, 14,  2,  3, 12
    },
    {
	/* S8 */
	13,  2,  8,  4,  6, 15, 11,  1, 10,  9,  3, 14,  5,  0, 12,  7,
	 1, 15, 13,  8, 10,  3,  7,  4, 12,  5,  6, 11,  0, 14,  9,  2,
	 7, 11,  4,  1,  9, 12, 14,  2,  0,  6, 10, 13, 15,  3,  5,  8,
	 2,  1, 14,  7,  4, 10,  8, 13, 15, 12,  9,  0,  3,  5,  6, 11
    }
};

/* 32-bit permutation function P used on the output of the S-boxes */
static const char p32i[] = {
	16,  7, 20, 21,
	29, 12, 28, 17,
	 1, 15, 23, 26,
	 5, 18, 31, 10,
	 2,  8, 24, 14,
	32, 27,  3,  9,
	19, 13, 30,  6,
	22, 11,  4, 25
};
/* End of DES-defined tables */

/* Lookup tables initialized once only at startup by desinit() */
#if STATIC_PERMS
static int sp[8][64];			/* Combined S and P boxes */
static char iperm[16][16][8];	/* Initial and final permutations */
static char fperm[16][16][8];
static char perms_init = 0;
#else
static int (*sp)[64];		/* Combined S and P boxes */
static char (*iperm)[16][8];	/* Initial and final permutations */
static char (*fperm)[16][8];
#endif

/* bit 0 is left-most in byte */
static const int bytebit[] = {
	0200,0100,040,020,010,04,02,01
};

static const int nibblebit[] = {
	 010,04,02,01
};

/* Allocate space and initialize DES lookup arrays
 * mode == 0: standard Data Encryption Algorithm
 * mode == 1: DEA without initial and final permutations for speed
 * mode == 2: DEA without permutations and with 128-byte key (completely
 *            independent subkeys for each round)
 */
/* Initialize the lookup table for the combined S and P boxes */
static void spinit() {
    char pbox[32];
    int p,i,s,j,rowcol;
    int val;

    /* Compute pbox, the inverse of p32i.
       * This is easier to work with
       */
    for(p=0;p<32;p++){
        for(i=0;i<32;i++){
            if(p32i[i]-1 == p){
                pbox[p] = i;
                break;
            }
        }
    }
    for(s = 0; s < 8; s++){			/* For each S-box */
        for(i=0; i<64; i++){		/* For each possible input */
            val = 0;
            /* The row number is formed from the first and last
               * bits; the column number is from the middle 4
               */
            rowcol = (i & 32) | ((i & 1) ? 16 : 0) | ((i >> 1) & 0xf);
            for(j=0;j<4;j++){	/* For each output bit */
                if(si[s][rowcol] & (8 >> j)){
                    val |= 1L << (31 - pbox[4*s + j]);
                }
            }
            sp[s][i] = val;

#if	DES_DEBUG
            printf("sp[%d][%2d] = %08lx\n",s,i,sp[s][i]);
#endif
        }
    }
}

/* initialize a perm array */
static void perminit(char perm[16][16][8], const char p[64]) {
        register int l, j, k;
        int i,m;

        /* Clear the permutation array */
        for (i=0; i<16; i++)
                for (j=0; j<16; j++)
                        for (k=0; k<8; k++)
                                perm[i][j][k]=0;

        for (i=0; i<16; i++)		/* each input nibble position */
                for (j = 0; j < 16; j++)/* each possible input nibble */
                for (k = 0; k < 64; k++)/* each output bit position */
                {   l = p[k] - 1;	/* where does this bit come from*/
                        if ((l >> 2) != i)  /* does it come from input posn?*/
                        continue;	/* if not, bit k is 0	 */
                        if (!(j & nibblebit[l & 3]))
                        continue;	/* any such bit in input? */
                        m = k & 07;	/* which bit is this in the byte*/
                        perm[i][j][k>>3] |= bytebit[m];
                }
}

/*
 * This is NOT thread-safe. Caller must ensure single-threaded access. */
static int ccDesinit(void) {

	/*
	 * Remainder only has to be done once.
	 */
	#if		STATIC_PERMS
	/* statically allocated */
	if(perms_init) {
		return 0;
	}
	#else
	/* malloc the perm tables */
	if(sp != NULL){
		/* Already initialized */
		return 0;
	}
	if((sp = (int (*)[64])malloc(sizeof(int) * 8 * 64)) == NULL){
		return -1;
	}
	iperm = (char (*)[16][8])malloc(sizeof(char) * 16 * 16 * 8);
	if(iperm == NULL){
		free((char *)sp);
		return -1;
	}
	fperm = (char (*)[16][8])malloc(sizeof(char) * 16 * 16 * 8);
	if(fperm == NULL){
		free((char *)sp);
		free((char *)iperm);
		return -1;
	}
	#endif	/* STATIC_PERMS */
	
	/* common code to init the perm tables */
	spinit();
	perminit(iperm,ip);
	perminit(fperm,fp);
	#if		STATIC_PERMS
	perms_init = 1;
	#endif
	return 0;
}

/* protect ccDesinit() like so */
static pthread_mutex_t ccDesMutex = PTHREAD_MUTEX_INITIALIZER;
static int ccDesInitFlag = 0;

/* Set key (initialize key schedule array) */
int ccDessetkey(desInst dinst, char *key, size_t keyLength) {
	char pc1m[56];		/* place to modify pc1 into */
	char pcr[56];		/* place to rotate pc1 into */
	register int i,j,l;
	int m;

	if(!ccDesInitFlag) {
		int ourRtn = 0;
		pthread_mutex_lock(&ccDesMutex);
		if(!ccDesInitFlag) {
			ourRtn = ccDesinit();
			if(!ourRtn) {
				ccDesInitFlag = 1;
			}
		}
		pthread_mutex_unlock(&ccDesMutex);
		if(ourRtn) {
			return ourRtn;
		}
	}	
	
	/* Clear key schedule */
	for (i=0; i<16; i++)
		for (j=0; j<8; j++)
			dinst->kn[i][j]=0;

	for (j=0; j<56; j++) {		/* convert pc1 to bits of key */
		l=pc1[j]-1;		/* integer bit location	 */
		m = l & 07;		/* find bit		 */
		pc1m[j]=(key[l>>3] &	/* find which key byte l is in */
			bytebit[m])	/* and which bit of that byte */
			? 1 : 0;	/* and store 1-bit result */
	}
	for (i=0; i<16; i++) {		/* key chunk for each iteration */
		for (j=0; j<56; j++)	/* rotate pc1 the right amount */
			pcr[j] = pc1m[(l=j+totrot[i])<(j<28? 28 : 56) ? l: l-28];
			/* rotate left and right halves independently */
		for (j=0; j<48; j++){	/* select bits individually */
			/* check bit that goes to dinst->kn[j] */
			if (pcr[pc2[j]-1]){
				/* mask it in if it's there */
				l= j % 6;
				dinst->kn[i][j/6] |= bytebit[l] >> 2;
			}
		}
	}
#if	DES_DEBUG
	for(i=0;i<16;i++) {
		printf("dinst->kn[%d] = ", i);
		for(j=0;j<8;j++) {
			printf("%x ", dinst->kn[i][j]);
		}
		printf("\n");
	}

#endif	/* DES_DEBUG */
	return 0;
}

/* The nonlinear function f(r,k), the heart of DES */
static int f(unsigned r, unsigned char subkey[8]) {
		/* 32 bits */
	/* 48-bit key for this round */
	register unsigned rval,rt;
#if	DES_DEBUG
	printf("f(%08lx, %02x %02x %02x %02x %02x %02x %02x %02x) = ",
		r,
		subkey[0], subkey[1], subkey[2],
		subkey[3], subkey[4], subkey[5],
		subkey[6], subkey[7]);
#endif
	/* Run E(R) ^ K through the combined S & P boxes
	 * This code takes advantage of a convenient regularity in
	 * E, namely that each group of 6 bits in E(R) feeding
	 * a single S-box is a contiguous segment of R.
	 */
	rt = (r >> 1) | ((r & 1) ? 0x80000000 : 0);
	rval = 0;
	rval |= sp[0][((rt >> 26) ^ *subkey++) & 0x3f];
	rval |= sp[1][((rt >> 22) ^ *subkey++) & 0x3f];
	rval |= sp[2][((rt >> 18) ^ *subkey++) & 0x3f];
	rval |= sp[3][((rt >> 14) ^ *subkey++) & 0x3f];
	rval |= sp[4][((rt >> 10) ^ *subkey++) & 0x3f];
	rval |= sp[5][((rt >> 6) ^ *subkey++) & 0x3f];
	rval |= sp[6][((rt >> 2) ^ *subkey++) & 0x3f];
	rt = (r << 1) | ((r & 0x80000000) ? 1 : 0);
	rval |= sp[7][(rt ^ *subkey) & 0x3f];
#if	DES_DEBUG
	printf(" %08lx\n",rval);
#endif
	return rval;
}

/* Do one DES cipher round */
static void ccRound(desInst dinst, int num, unsigned *block) {
				/* i.e. the num-th one	 */

    /* The rounds are numbered from 0 to 15. On even rounds
       * the right half is fed to f() and the result exclusive-ORs
       * the left half; on odd rounds the reverse is done.
       */
    if(num & 1){
        block[1] ^= f(block[0],dinst->kn[num]);
    } else {
        block[0] ^= f(block[1],dinst->kn[num]);
    }
}

/* Permute inblock with perm */
static void permute(char *inblock, char perm[16][16][8], char *outblock) {
    /* result into outblock,64 bits */
    /* 2K bytes defining perm. */
    register int i,j;
    register char *ib, *ob;		/* ptr to input or output block */
    register char *p, *q;

    if(perm == NULL){
        /* No permutation, just copy */
        for(i=8; i!=0; i--)
            *outblock++ = *inblock++;
        return;
    }
    /* Clear output block	 */
    for (i=8, ob = outblock; i != 0; i--)
        *ob++ = 0;

    ib = inblock;
    for (j = 0; j < 16; j += 2, ib++) { /* for each input nibble */
        ob = outblock;
        p = perm[j][(*ib >> 4) & 017];
        q = perm[j + 1][*ib & 017];
        for (i = 8; i != 0; i--){   /* and each output byte */
            *ob++ |= *p++ | *q++;	/* OR the masks together*/
        }
    }
}
/* In-place encryption of 64-bit block */
void ccEndes(desInst dinst, char *blockIn, char *blockOut) {
	register int i;
	unsigned work[2]; 		/* Working data storage */
	unsigned tmp;

	permute(blockIn, iperm, (char *)work);	/* Initial Permutation */
#ifdef __LITTLE_ENDIAN__
	work[0] = byteswap(work[0]);
	work[1] = byteswap(work[1]);
#endif

	/* Do the 16 rounds */
	for (i=0; i<16; i++)
		ccRound(dinst,i,work);

	/* Left/right half swap */
	tmp = work[0];
	work[0] = work[1];
	work[1] = tmp;

#ifdef __LITTLE_ENDIAN__
	work[0] = byteswap(work[0]);
	work[1] = byteswap(work[1]);
#endif
	permute((char *)work, fperm, blockOut);	/* Inverse initial permutation */
}

/* In-place decryption of 64-bit block */
void ccDedes(desInst dinst, char *blockIn, char *blockOut) {
	register int i;
	unsigned work[2];	/* Working data storage */
	unsigned tmp;

	permute(blockIn, iperm, (char *)work);	/* Initial permutation */

#ifdef __LITTLE_ENDIAN__
	work[0] = byteswap(work[0]);
	work[1] = byteswap(work[1]);
#endif

	/* Left/right half swap */
	tmp = work[0];
	work[0] = work[1];
	work[1] = tmp;

	/* Do the 16 rounds in reverse order */
	for (i=15; i >= 0; i--)
		ccRound(dinst,i,work);

#ifdef __LITTLE_ENDIAN__
	work[0] = byteswap(work[0]);
	work[1] = byteswap(work[1]);
#endif

	permute((char *)work, fperm, blockOut);	/* Inverse initial permutation */
}

/* triple DES */
int ccDes3setkey(des3Inst dinst, char *key, size_t keyLength)
{
	int ourRtn;
	unsigned dex;
	
	for(dex=0; dex<3; dex++) {
		ourRtn = ccDessetkey(&dinst->desInst[dex], key, DES_KEY_SIZE_BYTES_EXTERNAL);
		if(ourRtn) {
			return ourRtn;
		}
		key += DES_KEY_SIZE_BYTES_EXTERNAL;
	}
	return 0;
}

void ccEndes3(des3Inst dinst, char *blockIn, char *blockOut)
{
	ccEndes(&dinst->desInst[0], blockIn, blockOut);
	ccDedes(&dinst->desInst[1], blockOut, blockOut);	/* don't touch plaintext */
	ccEndes(&dinst->desInst[2], blockOut, blockOut);
}

void ccDedes3(des3Inst dinst, char *blockIn, char *blockOut)
{
	ccDedes(&dinst->desInst[2], blockIn, blockOut);
	ccEndes(&dinst->desInst[1], blockOut, blockOut);	/* don't touch ciphertext */
	ccDedes(&dinst->desInst[0], blockOut, blockOut);
}

Added Source/ccDES.h.







































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
/*
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 *
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 *
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 *
 * @APPLE_LICENSE_HEADER_END@
 */

#ifndef	_CC_DES_H_
#define _CC_DES_H_

#include <sys/types.h>

#ifdef __cplusplus
extern "C" {
#endif

#define DES_BLOCK_SIZE_BYTES		8	/* in bytes */
#define DES_KEY_SIZE_BITS			56	/* effective key size in bits */
#define DES_KEY_SIZE_BITS_EXTERNAL	64	/* clients actually pass in this much */
#define DES_KEY_SIZE_BYTES_EXTERNAL	(DES_KEY_SIZE_BITS_EXTERNAL / 8)

/*
 * Per-instance data.
 */
struct _desInst {
    	/* 8 16-bit subkeys for each of 16 rounds, initialized by setkey()
    	 */
	unsigned char kn[16][8];
};

typedef struct _desInst *desInst;

int ccDessetkey(desInst dinst, char *key, size_t keyLength);
void ccEndes(desInst dinst, char *blockIn, char *blockOut);
void ccDedes(desInst dinst, char *blockIn, char *blockOut);

/* triple DES */
struct _des3Inst {
	struct _desInst		desInst[3];
};
typedef struct _des3Inst *des3Inst;

int ccDes3setkey(des3Inst dinst, char *key, size_t keyLength);
void ccEndes3(des3Inst dinst, char *blockIn, char *blockOut);
void ccDedes3(des3Inst dinst, char *blockIn, char *blockOut);

#ifdef __cplusplus
}
#endif

#endif	/*_CK_DES_H_*/

Added Source/ccOpenssl/des.h.

































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
/* crypto/des/des.h */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#ifndef HEADER_NEW_DES_H
#define HEADER_NEW_DES_H

#ifdef OPENSSL_NO_DES
#error DES is disabled.
#endif

#include <CommonCrypto/CommonCryptoPriv.h>
#include <CommonCrypto/opensslDES.h>
#include <ccOpenssl/opensslconf.h> 
#include <ccOpenssl/e_os2.h>	/* OPENSSL_EXTERN */

#ifdef	_APPLE_COMMON_CRYPTO_
/* avoid symbol collision with libSystem & libcrypto */
#define DES_encrypt1			CC_DES_encrypt1
#define DES_set_key_unchecked	CC_DES_set_key_unchecked
#endif	/* _APPLE_COMMON_CRYPTO_ */

#ifdef OPENSSL_BUILD_SHLIBCRYPTO
# undef OPENSSL_EXTERN
# define OPENSSL_EXTERN OPENSSL_EXPORT
#endif

#ifdef  __cplusplus
extern "C" {
#endif

#ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT
# ifndef OPENSSL_ENABLE_OLD_DES_SUPPORT
#  define OPENSSL_ENABLE_OLD_DES_SUPPORT
# endif
#endif

#ifdef OPENSSL_ENABLE_OLD_DES_SUPPORT
# include <openssl/des_old.h>
#endif

#define DES_KEY_SZ 	(sizeof(DES_cblock))
#define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))

#define DES_ENCRYPT	1
#define DES_DECRYPT	0

#define DES_CBC_MODE	0
#define DES_PCBC_MODE	1

#define DES_ecb2_encrypt(i,o,k1,k2,e) \
	DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))

#define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
	DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))

#define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
	DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))

#define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
	DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))

OPENSSL_DECLARE_GLOBAL(int,DES_check_key);	/* defaults to false */
#define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
OPENSSL_DECLARE_GLOBAL(int,DES_rw_mode);	/* defaults to DES_PCBC_MODE */
#define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)

#ifndef	_APPLE_COMMON_CRYPTO_
const char *DES_options(void);
void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
		      DES_key_schedule *ks1,DES_key_schedule *ks2,
		      DES_key_schedule *ks3, int enc);
DES_LONG DES_cbc_cksum(const unsigned char *input,DES_cblock *output,
		       long length,DES_key_schedule *schedule,
		       const_DES_cblock *ivec);
/* DES_cbc_encrypt does not update the IV!  Use DES_ncbc_encrypt instead. */
void DES_cbc_encrypt(const unsigned char *input,unsigned char *output,
		     long length,DES_key_schedule *schedule,DES_cblock *ivec,
		     int enc);
void DES_ncbc_encrypt(const unsigned char *input,unsigned char *output,
		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
		      int enc);
void DES_xcbc_encrypt(const unsigned char *input,unsigned char *output,
		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
		      const_DES_cblock *inw,const_DES_cblock *outw,int enc);
void DES_cfb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
		     long length,DES_key_schedule *schedule,DES_cblock *ivec,
		     int enc);
void DES_ecb_encrypt(const_DES_cblock *input,DES_cblock *output,
		     DES_key_schedule *ks,int enc);
#endif	/* _APPLE_COMMON_CRYPTO_ */

/* 	This is the DES encryption function that gets called by just about
	every other DES routine in the library.  You should not use this
	function except to implement 'modes' of DES.  I say this because the
	functions that call this routine do the conversion from 'char *' to
	long, and this needs to be done to make sure 'non-aligned' memory
	access do not occur.  The characters are loaded 'little endian'.
	Data is a pointer to 2 unsigned long's and ks is the
	DES_key_schedule to use.  enc, is non zero specifies encryption,
	zero if decryption. */
void DES_encrypt1(DES_LONG *data,DES_key_schedule *ks, int enc);

#ifndef	_APPLE_COMMON_CRYPTO_
/* 	This functions is the same as DES_encrypt1() except that the DES
	initial permutation (IP) and final permutation (FP) have been left
	out.  As for DES_encrypt1(), you should not use this function.
	It is used by the routines in the library that implement triple DES.
	IP() DES_encrypt2() DES_encrypt2() DES_encrypt2() FP() is the same
	as DES_encrypt1() DES_encrypt1() DES_encrypt1() except faster :-). */
void DES_encrypt2(DES_LONG *data,DES_key_schedule *ks, int enc);

void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
		  DES_key_schedule *ks2, DES_key_schedule *ks3);
void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
		  DES_key_schedule *ks2, DES_key_schedule *ks3);
void DES_ede3_cbc_encrypt(const unsigned char *input,unsigned char *output, 
			  long length,
			  DES_key_schedule *ks1,DES_key_schedule *ks2,
			  DES_key_schedule *ks3,DES_cblock *ivec,int enc);
void DES_ede3_cbcm_encrypt(const unsigned char *in,unsigned char *out,
			   long length,
			   DES_key_schedule *ks1,DES_key_schedule *ks2,
			   DES_key_schedule *ks3,
			   DES_cblock *ivec1,DES_cblock *ivec2,
			   int enc);
void DES_ede3_cfb64_encrypt(const unsigned char *in,unsigned char *out,
			    long length,DES_key_schedule *ks1,
			    DES_key_schedule *ks2,DES_key_schedule *ks3,
			    DES_cblock *ivec,int *num,int enc);
void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
			    long length,DES_key_schedule *ks1,
			    DES_key_schedule *ks2,DES_key_schedule *ks3,
			    DES_cblock *ivec,int *num);

void DES_xwhite_in2out(const_DES_cblock *DES_key,const_DES_cblock *in_white,
		       DES_cblock *out_white);

int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched,
		 DES_cblock *iv);
int DES_enc_write(int fd,const void *buf,int len,DES_key_schedule *sched,
		  DES_cblock *iv);
char *DES_fcrypt(const char *buf,const char *salt, char *ret);
char *DES_crypt(const char *buf,const char *salt);
void DES_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
		     long length,DES_key_schedule *schedule,DES_cblock *ivec);
void DES_pcbc_encrypt(const unsigned char *input,unsigned char *output,
		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
		      int enc);
DES_LONG DES_quad_cksum(const unsigned char *input,DES_cblock output[],
			long length,int out_count,DES_cblock *seed);
int DES_random_key(DES_cblock *ret);
void DES_set_odd_parity(DES_cblock *key);
int DES_check_key_parity(const_DES_cblock *key);
int DES_is_weak_key(const_DES_cblock *key);
/* DES_set_key (= set_key = DES_key_sched = key_sched) calls
 * DES_set_key_checked if global variable DES_check_key is set,
 * DES_set_key_unchecked otherwise. */
int DES_set_key(const_DES_cblock *key,DES_key_schedule *schedule);
int DES_key_sched(const_DES_cblock *key,DES_key_schedule *schedule);
int DES_set_key_checked(const_DES_cblock *key,DES_key_schedule *schedule);
#endif	/* _APPLE_COMMON_CRYPTO_ */

void DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);

#ifndef	_APPLE_COMMON_CRYPTO_
void DES_string_to_key(const char *str,DES_cblock *key);
void DES_string_to_2keys(const char *str,DES_cblock *key1,DES_cblock *key2);
void DES_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
		       DES_key_schedule *schedule,DES_cblock *ivec,int *num,
		       int enc);
void DES_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length,
		       DES_key_schedule *schedule,DES_cblock *ivec,int *num);

int DES_read_password(DES_cblock *key, const char *prompt, int verify);
int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt,
	int verify);

#define DES_fixup_key_parity DES_set_odd_parity

#endif	/* _APPLE_COMMON_CRYPTO_ */
#ifdef  __cplusplus
}
#endif

#endif

Added Source/ccOpenssl/des_enc.c.























































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
/* crypto/des/des_enc.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <ccOpenssl/des_locl.h>

void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
	{
	register DES_LONG l,r,t,u;
#ifdef DES_PTR
	register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
#endif
#ifndef DES_UNROLL
	register int i;
#endif
	register DES_LONG *s;

	r=data[0];
	l=data[1];

	IP(r,l);
	/* Things have been modified so that the initial rotate is
	 * done outside the loop.  This required the
	 * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
	 * One perl script later and things have a 5% speed up on a sparc2.
	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
	 * for pointing this out. */
	/* clear the top bits on machines with 8byte longs */
	/* shift left by 2 */
	r=ROTATE(r,29)&0xffffffffL;
	l=ROTATE(l,29)&0xffffffffL;

	s=ks->ks->deslong;
	/* I don't know if it is worth the effort of loop unrolling the
	 * inner loop */
	if (enc)
		{
#ifdef DES_UNROLL
		D_ENCRYPT(l,r, 0); /*  1 */
		D_ENCRYPT(r,l, 2); /*  2 */
		D_ENCRYPT(l,r, 4); /*  3 */
		D_ENCRYPT(r,l, 6); /*  4 */
		D_ENCRYPT(l,r, 8); /*  5 */
		D_ENCRYPT(r,l,10); /*  6 */
		D_ENCRYPT(l,r,12); /*  7 */
		D_ENCRYPT(r,l,14); /*  8 */
		D_ENCRYPT(l,r,16); /*  9 */
		D_ENCRYPT(r,l,18); /*  10 */
		D_ENCRYPT(l,r,20); /*  11 */
		D_ENCRYPT(r,l,22); /*  12 */
		D_ENCRYPT(l,r,24); /*  13 */
		D_ENCRYPT(r,l,26); /*  14 */
		D_ENCRYPT(l,r,28); /*  15 */
		D_ENCRYPT(r,l,30); /*  16 */
#else
		for (i=0; i<32; i+=8)
			{
			D_ENCRYPT(l,r,i+0); /*  1 */
			D_ENCRYPT(r,l,i+2); /*  2 */
			D_ENCRYPT(l,r,i+4); /*  3 */
			D_ENCRYPT(r,l,i+6); /*  4 */
			}
#endif
		}
	else
		{
#ifdef DES_UNROLL
		D_ENCRYPT(l,r,30); /* 16 */
		D_ENCRYPT(r,l,28); /* 15 */
		D_ENCRYPT(l,r,26); /* 14 */
		D_ENCRYPT(r,l,24); /* 13 */
		D_ENCRYPT(l,r,22); /* 12 */
		D_ENCRYPT(r,l,20); /* 11 */
		D_ENCRYPT(l,r,18); /* 10 */
		D_ENCRYPT(r,l,16); /*  9 */
		D_ENCRYPT(l,r,14); /*  8 */
		D_ENCRYPT(r,l,12); /*  7 */
		D_ENCRYPT(l,r,10); /*  6 */
		D_ENCRYPT(r,l, 8); /*  5 */
		D_ENCRYPT(l,r, 6); /*  4 */
		D_ENCRYPT(r,l, 4); /*  3 */
		D_ENCRYPT(l,r, 2); /*  2 */
		D_ENCRYPT(r,l, 0); /*  1 */
#else
		for (i=30; i>0; i-=8)
			{
			D_ENCRYPT(l,r,i-0); /* 16 */
			D_ENCRYPT(r,l,i-2); /* 15 */
			D_ENCRYPT(l,r,i-4); /* 14 */
			D_ENCRYPT(r,l,i-6); /* 13 */
			}
#endif
		}

	/* rotate and clear the top bits on machines with 8byte longs */
	l=ROTATE(l,3)&0xffffffffL;
	r=ROTATE(r,3)&0xffffffffL;

	FP(r,l);
	data[0]=l;
	data[1]=r;
	l=r=t=u=0;
	}

#ifndef	_APPLE_COMMON_CRYPTO_

void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
	{
	register DES_LONG l,r,t,u;
#ifdef DES_PTR
	register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
#endif
#ifndef DES_UNROLL
	register int i;
#endif
	register DES_LONG *s;

	r=data[0];
	l=data[1];

	/* Things have been modified so that the initial rotate is
	 * done outside the loop.  This required the
	 * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
	 * One perl script later and things have a 5% speed up on a sparc2.
	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
	 * for pointing this out. */
	/* clear the top bits on machines with 8byte longs */
	r=ROTATE(r,29)&0xffffffffL;
	l=ROTATE(l,29)&0xffffffffL;

	s=ks->ks->deslong;
	/* I don't know if it is worth the effort of loop unrolling the
	 * inner loop */
	if (enc)
		{
#ifdef DES_UNROLL
		D_ENCRYPT(l,r, 0); /*  1 */
		D_ENCRYPT(r,l, 2); /*  2 */
		D_ENCRYPT(l,r, 4); /*  3 */
		D_ENCRYPT(r,l, 6); /*  4 */
		D_ENCRYPT(l,r, 8); /*  5 */
		D_ENCRYPT(r,l,10); /*  6 */
		D_ENCRYPT(l,r,12); /*  7 */
		D_ENCRYPT(r,l,14); /*  8 */
		D_ENCRYPT(l,r,16); /*  9 */
		D_ENCRYPT(r,l,18); /*  10 */
		D_ENCRYPT(l,r,20); /*  11 */
		D_ENCRYPT(r,l,22); /*  12 */
		D_ENCRYPT(l,r,24); /*  13 */
		D_ENCRYPT(r,l,26); /*  14 */
		D_ENCRYPT(l,r,28); /*  15 */
		D_ENCRYPT(r,l,30); /*  16 */
#else
		for (i=0; i<32; i+=8)
			{
			D_ENCRYPT(l,r,i+0); /*  1 */
			D_ENCRYPT(r,l,i+2); /*  2 */
			D_ENCRYPT(l,r,i+4); /*  3 */
			D_ENCRYPT(r,l,i+6); /*  4 */
			}
#endif
		}
	else
		{
#ifdef DES_UNROLL
		D_ENCRYPT(l,r,30); /* 16 */
		D_ENCRYPT(r,l,28); /* 15 */
		D_ENCRYPT(l,r,26); /* 14 */
		D_ENCRYPT(r,l,24); /* 13 */
		D_ENCRYPT(l,r,22); /* 12 */
		D_ENCRYPT(r,l,20); /* 11 */
		D_ENCRYPT(l,r,18); /* 10 */
		D_ENCRYPT(r,l,16); /*  9 */
		D_ENCRYPT(l,r,14); /*  8 */
		D_ENCRYPT(r,l,12); /*  7 */
		D_ENCRYPT(l,r,10); /*  6 */
		D_ENCRYPT(r,l, 8); /*  5 */
		D_ENCRYPT(l,r, 6); /*  4 */
		D_ENCRYPT(r,l, 4); /*  3 */
		D_ENCRYPT(l,r, 2); /*  2 */
		D_ENCRYPT(r,l, 0); /*  1 */
#else
		for (i=30; i>0; i-=8)
			{
			D_ENCRYPT(l,r,i-0); /* 16 */
			D_ENCRYPT(r,l,i-2); /* 15 */
			D_ENCRYPT(l,r,i-4); /* 14 */
			D_ENCRYPT(r,l,i-6); /* 13 */
			}
#endif
		}
	/* rotate and clear the top bits on machines with 8byte longs */
	data[0]=ROTATE(l,3)&0xffffffffL;
	data[1]=ROTATE(r,3)&0xffffffffL;
	l=r=t=u=0;
	}

void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
		  DES_key_schedule *ks2, DES_key_schedule *ks3)
	{
	register DES_LONG l,r;

	l=data[0];
	r=data[1];
	IP(l,r);
	data[0]=l;
	data[1]=r;
	DES_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
	DES_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
	DES_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
	l=data[0];
	r=data[1];
	FP(r,l);
	data[0]=l;
	data[1]=r;
	}

void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
		  DES_key_schedule *ks2, DES_key_schedule *ks3)
	{
	register DES_LONG l,r;

	l=data[0];
	r=data[1];
	IP(l,r);
	data[0]=l;
	data[1]=r;
	DES_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
	DES_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
	DES_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
	l=data[0];
	r=data[1];
	FP(r,l);
	data[0]=l;
	data[1]=r;
	}

#ifndef DES_DEFAULT_OPTIONS

#undef CBC_ENC_C__DONT_UPDATE_IV
#include "ncbc_enc.c" /* DES_ncbc_encrypt */

void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
			  long length, DES_key_schedule *ks1,
			  DES_key_schedule *ks2, DES_key_schedule *ks3,
			  DES_cblock *ivec, int enc)
	{
	register DES_LONG tin0,tin1;
	register DES_LONG tout0,tout1,xor0,xor1;
	register const unsigned char *in;
	unsigned char *out;
	register long l=length;
	DES_LONG tin[2];
	unsigned char *iv;

	in=input;
	out=output;
	iv = &(*ivec)[0];

	if (enc)
		{
		c2l(iv,tout0);
		c2l(iv,tout1);
		for (l-=8; l>=0; l-=8)
			{
			c2l(in,tin0);
			c2l(in,tin1);
			tin0^=tout0;
			tin1^=tout1;

			tin[0]=tin0;
			tin[1]=tin1;
			DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
			tout0=tin[0];
			tout1=tin[1];

			l2c(tout0,out);
			l2c(tout1,out);
			}
		if (l != -8)
			{
			c2ln(in,tin0,tin1,l+8);
			tin0^=tout0;
			tin1^=tout1;

			tin[0]=tin0;
			tin[1]=tin1;
			DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
			tout0=tin[0];
			tout1=tin[1];

			l2c(tout0,out);
			l2c(tout1,out);
			}
		iv = &(*ivec)[0];
		l2c(tout0,iv);
		l2c(tout1,iv);
		}
	else
		{
		register DES_LONG t0,t1;

		c2l(iv,xor0);
		c2l(iv,xor1);
		for (l-=8; l>=0; l-=8)
			{
			c2l(in,tin0);
			c2l(in,tin1);

			t0=tin0;
			t1=tin1;

			tin[0]=tin0;
			tin[1]=tin1;
			DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
			tout0=tin[0];
			tout1=tin[1];

			tout0^=xor0;
			tout1^=xor1;
			l2c(tout0,out);
			l2c(tout1,out);
			xor0=t0;
			xor1=t1;
			}
		if (l != -8)
			{
			c2l(in,tin0);
			c2l(in,tin1);
			
			t0=tin0;
			t1=tin1;

			tin[0]=tin0;
			tin[1]=tin1;
			DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
			tout0=tin[0];
			tout1=tin[1];
		
			tout0^=xor0;
			tout1^=xor1;
			l2cn(tout0,tout1,out,l+8);
			xor0=t0;
			xor1=t1;
			}

		iv = &(*ivec)[0];
		l2c(xor0,iv);
		l2c(xor1,iv);
		}
	tin0=tin1=tout0=tout1=xor0=xor1=0;
	tin[0]=tin[1]=0;
	}

#endif	/* _APPLE_COMMON_CRYPTO_ */
#endif /* DES_DEFAULT_OPTIONS */

Added Source/ccOpenssl/des_locl.h.













































































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
/* crypto/des/des_locl.h */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#ifndef HEADER_DES_LOCL_H
#define HEADER_DES_LOCL_H

#include <CommonCrypto/CommonCryptoPriv.h>
#include <ccOpenssl/e_os2.h>

#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
#ifndef OPENSSL_SYS_MSDOS
#define OPENSSL_SYS_MSDOS
#endif
#endif

#include <stdio.h>
#include <stdlib.h>

/* building in CommonCrypto */
#define DES_DEFAULT_OPTIONS

#ifndef OPENSSL_SYS_MSDOS
#if !defined(OPENSSL_SYS_VMS) || defined(__DECC)
#ifdef OPENSSL_UNISTD
# include OPENSSL_UNISTD
#else
# include <unistd.h>
#endif
#include <math.h>
#endif
#endif

#include <ccOpenssl/des.h>

#ifdef OPENSSL_SYS_MSDOS		/* Visual C++ 2.1 (Windows NT/95) */
#include <stdlib.h>
#include <errno.h>
#include <time.h>
#include <io.h>
#endif

#if defined(__STDC__) || defined(OPENSSL_SYS_VMS) || defined(M_XENIX) || defined(OPENSSL_SYS_MSDOS)
#include <string.h>
#endif

#ifdef OPENSSL_BUILD_SHLIBCRYPTO
# undef OPENSSL_EXTERN
# define OPENSSL_EXTERN OPENSSL_EXPORT
#endif

#define ITERATIONS 16
#define HALF_ITERATIONS 8

/* used in des_read and des_write */
#define MAXWRITE	(1024*16)
#define BSIZE		(MAXWRITE+4)

#define c2l(c,l)	(l =((DES_LONG)(*((c)++)))    , \
			 l|=((DES_LONG)(*((c)++)))<< 8L, \
			 l|=((DES_LONG)(*((c)++)))<<16L, \
			 l|=((DES_LONG)(*((c)++)))<<24L)

/* NOTE - c is not incremented as per c2l */
#define c2ln(c,l1,l2,n)	{ \
			c+=n; \
			l1=l2=0; \
			switch (n) { \
			case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
			case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
			case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
			case 5: l2|=((DES_LONG)(*(--(c))));     \
			case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
			case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
			case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
			case 1: l1|=((DES_LONG)(*(--(c))));     \
				} \
			}

#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))

/* replacements for htonl and ntohl since I have no idea what to do
 * when faced with machines with 8 byte longs. */
#define HDRSIZE 4

#define n2l(c,l)	(l =((DES_LONG)(*((c)++)))<<24L, \
			 l|=((DES_LONG)(*((c)++)))<<16L, \
			 l|=((DES_LONG)(*((c)++)))<< 8L, \
			 l|=((DES_LONG)(*((c)++))))

#define l2n(l,c)	(*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
			 *((c)++)=(unsigned char)(((l)     )&0xff))

/* NOTE - c is not incremented as per l2c */
#define l2cn(l1,l2,c,n)	{ \
			c+=n; \
			switch (n) { \
			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
				} \
			}

#if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)
#define	ROTATE(a,n)	(_lrotr(a,n))
#elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
#  define ROTATE(a,n)	({ register unsigned int ret;	\
				asm ("rorl %1,%0"	\
					: "=r"(ret)	\
					: "I"(n),"0"((unsigned int)a)	\
					: "cc");	\
			   ret;				\
			})
# endif
#endif
#ifndef ROTATE
#define	ROTATE(a,n)	(((a)>>(n))+((a)<<(32-(n))))
#endif

/* Don't worry about the LOAD_DATA() stuff, that is used by
 * fcrypt() to add it's little bit to the front */

#ifdef DES_FCRYPT

#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
	{ DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }

#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
	t=R^(R>>16L); \
	u=t&E0; t&=E1; \
	tmp=(u<<16); u^=R^s[S  ]; u^=tmp; \
	tmp=(t<<16); t^=R^s[S+1]; t^=tmp
#else
#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
	u=R^s[S  ]; \
	t=R^s[S+1]
#endif

/* The changes to this macro may help or hinder, depending on the
 * compiler and the architecture.  gcc2 always seems to do well :-).
 * Inspired by Dana How <how@isl.stanford.edu>
 * DO NOT use the alternative version on machines with 8 byte longs.
 * It does not seem to work on the Alpha, even when DES_LONG is 4
 * bytes, probably an issue of accessing non-word aligned objects :-( */
#ifdef DES_PTR

/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there
 * is no reason to not xor all the sub items together.  This potentially
 * saves a register since things can be xored directly into L */

#if defined(DES_RISC1) || defined(DES_RISC2)
#ifdef DES_RISC1
#define D_ENCRYPT(LL,R,S) { \
	unsigned int u1,u2,u3; \
	LOAD_DATA(R,S,u,t,E0,E1,u1); \
	u2=(int)u>>8L; \
	u1=(int)u&0xfc; \
	u2&=0xfc; \
	t=ROTATE(t,4); \
	u>>=16L; \
	LL^= *(const DES_LONG *)(des_SP      +u1); \
	LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
	u3=(int)(u>>8L); \
	u1=(int)u&0xfc; \
	u3&=0xfc; \
	LL^= *(const DES_LONG *)(des_SP+0x400+u1); \
	LL^= *(const DES_LONG *)(des_SP+0x600+u3); \
	u2=(int)t>>8L; \
	u1=(int)t&0xfc; \
	u2&=0xfc; \
	t>>=16L; \
	LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
	LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
	u3=(int)t>>8L; \
	u1=(int)t&0xfc; \
	u3&=0xfc; \
	LL^= *(const DES_LONG *)(des_SP+0x500+u1); \
	LL^= *(const DES_LONG *)(des_SP+0x700+u3); }
#endif
#ifdef DES_RISC2
#define D_ENCRYPT(LL,R,S) { \
	unsigned int u1,u2,s1,s2; \
	LOAD_DATA(R,S,u,t,E0,E1,u1); \
	u2=(int)u>>8L; \
	u1=(int)u&0xfc; \
	u2&=0xfc; \
	t=ROTATE(t,4); \
	LL^= *(const DES_LONG *)(des_SP      +u1); \
	LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
	s1=(int)(u>>16L); \
	s2=(int)(u>>24L); \
	s1&=0xfc; \
	s2&=0xfc; \
	LL^= *(const DES_LONG *)(des_SP+0x400+s1); \
	LL^= *(const DES_LONG *)(des_SP+0x600+s2); \
	u2=(int)t>>8L; \
	u1=(int)t&0xfc; \
	u2&=0xfc; \
	LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
	LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
	s1=(int)(t>>16L); \
	s2=(int)(t>>24L); \
	s1&=0xfc; \
	s2&=0xfc; \
	LL^= *(const DES_LONG *)(des_SP+0x500+s1); \
	LL^= *(const DES_LONG *)(des_SP+0x700+s2); }
#endif
#else
#define D_ENCRYPT(LL,R,S) { \
	LOAD_DATA_tmp(R,S,u,t,E0,E1); \
	t=ROTATE(t,4); \
	LL^= \
	*(const DES_LONG *)(des_SP      +((u     )&0xfc))^ \
	*(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \
	*(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \
	*(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \
	*(const DES_LONG *)(des_SP+0x100+((t     )&0xfc))^ \
	*(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \
	*(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \
	*(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); }
#endif

#else /* original version */

#if defined(DES_RISC1) || defined(DES_RISC2)
#ifdef DES_RISC1
#define D_ENCRYPT(LL,R,S) {\
	unsigned int u1,u2,u3; \
	LOAD_DATA(R,S,u,t,E0,E1,u1); \
	u>>=2L; \
	t=ROTATE(t,6); \
	u2=(int)u>>8L; \
	u1=(int)u&0x3f; \
	u2&=0x3f; \
	u>>=16L; \
	LL^=DES_SPtrans[0][u1]; \
	LL^=DES_SPtrans[2][u2]; \
	u3=(int)u>>8L; \
	u1=(int)u&0x3f; \
	u3&=0x3f; \
	LL^=DES_SPtrans[4][u1]; \
	LL^=DES_SPtrans[6][u3]; \
	u2=(int)t>>8L; \
	u1=(int)t&0x3f; \
	u2&=0x3f; \
	t>>=16L; \
	LL^=DES_SPtrans[1][u1]; \
	LL^=DES_SPtrans[3][u2]; \
	u3=(int)t>>8L; \
	u1=(int)t&0x3f; \
	u3&=0x3f; \
	LL^=DES_SPtrans[5][u1]; \
	LL^=DES_SPtrans[7][u3]; }
#endif
#ifdef DES_RISC2
#define D_ENCRYPT(LL,R,S) {\
	unsigned int u1,u2,s1,s2; \
	LOAD_DATA(R,S,u,t,E0,E1,u1); \
	u>>=2L; \
	t=ROTATE(t,6); \
	u2=(int)u>>8L; \
	u1=(int)u&0x3f; \
	u2&=0x3f; \
	LL^=DES_SPtrans[0][u1]; \
	LL^=DES_SPtrans[2][u2]; \
	s1=(int)u>>16L; \
	s2=(int)u>>24L; \
	s1&=0x3f; \
	s2&=0x3f; \
	LL^=DES_SPtrans[4][s1]; \
	LL^=DES_SPtrans[6][s2]; \
	u2=(int)t>>8L; \
	u1=(int)t&0x3f; \
	u2&=0x3f; \
	LL^=DES_SPtrans[1][u1]; \
	LL^=DES_SPtrans[3][u2]; \
	s1=(int)t>>16; \
	s2=(int)t>>24L; \
	s1&=0x3f; \
	s2&=0x3f; \
	LL^=DES_SPtrans[5][s1]; \
	LL^=DES_SPtrans[7][s2]; }
#endif

#else

#define D_ENCRYPT(LL,R,S) {\
	LOAD_DATA_tmp(R,S,u,t,E0,E1); \
	t=ROTATE(t,4); \
	LL^=\
		DES_SPtrans[0][(u>> 2L)&0x3f]^ \
		DES_SPtrans[2][(u>>10L)&0x3f]^ \
		DES_SPtrans[4][(u>>18L)&0x3f]^ \
		DES_SPtrans[6][(u>>26L)&0x3f]^ \
		DES_SPtrans[1][(t>> 2L)&0x3f]^ \
		DES_SPtrans[3][(t>>10L)&0x3f]^ \
		DES_SPtrans[5][(t>>18L)&0x3f]^ \
		DES_SPtrans[7][(t>>26L)&0x3f]; }
#endif
#endif

	/* IP and FP
	 * The problem is more of a geometric problem that random bit fiddling.
	 0  1  2  3  4  5  6  7      62 54 46 38 30 22 14  6
	 8  9 10 11 12 13 14 15      60 52 44 36 28 20 12  4
	16 17 18 19 20 21 22 23      58 50 42 34 26 18 10  2
	24 25 26 27 28 29 30 31  to  56 48 40 32 24 16  8  0

	32 33 34 35 36 37 38 39      63 55 47 39 31 23 15  7
	40 41 42 43 44 45 46 47      61 53 45 37 29 21 13  5
	48 49 50 51 52 53 54 55      59 51 43 35 27 19 11  3
	56 57 58 59 60 61 62 63      57 49 41 33 25 17  9  1

	The output has been subject to swaps of the form
	0 1 -> 3 1 but the odd and even bits have been put into
	2 3    2 0
	different words.  The main trick is to remember that
	t=((l>>size)^r)&(mask);
	r^=t;
	l^=(t<<size);
	can be used to swap and move bits between words.

	So l =  0  1  2  3  r = 16 17 18 19
	        4  5  6  7      20 21 22 23
	        8  9 10 11      24 25 26 27
	       12 13 14 15      28 29 30 31
	becomes (for size == 2 and mask == 0x3333)
	   t =   2^16  3^17 -- --   l =  0  1 16 17  r =  2  3 18 19
		 6^20  7^21 -- --        4  5 20 21       6  7 22 23
		10^24 11^25 -- --        8  9 24 25      10 11 24 25
		14^28 15^29 -- --       12 13 28 29      14 15 28 29

	Thanks for hints from Richard Outerbridge - he told me IP&FP
	could be done in 15 xor, 10 shifts and 5 ands.
	When I finally started to think of the problem in 2D
	I first got ~42 operations without xors.  When I remembered
	how to use xors :-) I got it to its final state.
	*/
#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
	(b)^=(t),\
	(a)^=((t)<<(n)))

#define IP(l,r) \
	{ \
	register DES_LONG tt; \
	PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
	PERM_OP(l,r,tt,16,0x0000ffffL); \
	PERM_OP(r,l,tt, 2,0x33333333L); \
	PERM_OP(l,r,tt, 8,0x00ff00ffL); \
	PERM_OP(r,l,tt, 1,0x55555555L); \
	}

#define FP(l,r) \
	{ \
	register DES_LONG tt; \
	PERM_OP(l,r,tt, 1,0x55555555L); \
	PERM_OP(r,l,tt, 8,0x00ff00ffL); \
	PERM_OP(l,r,tt, 2,0x33333333L); \
	PERM_OP(r,l,tt,16,0x0000ffffL); \
	PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
	}

#ifdef	_APPLE_COMMON_CRYPTO_
/* avoid symbol collision with libSystem & libcrypto */
#define DES_SPtrans CC_DES_SPtrans
#endif	/* _APPLE_COMMON_CRYPTO_ */

OPENSSL_EXTERN const DES_LONG DES_SPtrans[8][64];

void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
		 DES_LONG Eswap0, DES_LONG Eswap1);
#endif

Added Source/ccOpenssl/e_os2.h.

































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
/* e_os2.h */
/* ====================================================================
 * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */


#ifndef HEADER_E_OS2_H
#define HEADER_E_OS2_H

#include <CommonCrypto/CommonCryptoPriv.h>
#include <ccOpenssl/opensslconf.h>

#ifdef  __cplusplus
extern "C" {
#endif

/******************************************************************************
 * Detect operating systems.  This probably needs completing.
 * The result is that at least one OPENSSL_SYS_os macro should be defined.
 * However, if none is defined, Unix is assumed.
 **/

#define OPENSSL_SYS_UNIX

/* ----------------------- Macintosh, before MacOS X ----------------------- */
#if defined(__MWERKS__) && defined(macintosh) || defined(OPENSSL_SYSNAME_MAC)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_MACINTOSH_CLASSIC
#endif

/* ---------------------- Microsoft operating systems ---------------------- */

/* The 16 bit environments are pretty straightforward */
#if defined(OPENSSL_SYSNAME_WIN16) || defined(OPENSSL_SYSNAME_MSDOS)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_MSDOS
#endif
#if defined(OPENSSL_SYSNAME_WIN16)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_WIN16
#endif

/* For 32 bit environment, there seems to be the CygWin environment and then
   all the others that try to do the same thing Microsoft does... */
#if defined(OPENSSL_SYSNAME_UWIN)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_WIN32_UWIN
#else
# if defined(__CYGWIN32__) || defined(OPENSSL_SYSNAME_CYGWIN32)
#  undef OPENSSL_SYS_UNIX
#  define OPENSSL_SYS_WIN32_CYGWIN
# else
#  if defined(_WIN32) || defined(OPENSSL_SYSNAME_WIN32)
#   undef OPENSSL_SYS_UNIX
#   define OPENSSL_SYS_WIN32
#  endif
#  if defined(OPENSSL_SYSNAME_WINNT)
#   undef OPENSSL_SYS_UNIX
#   define OPENSSL_SYS_WINNT
#  endif
#  if defined(OPENSSL_SYSNAME_WINCE)
#   undef OPENSSL_SYS_UNIX
#   define OPENSSL_SYS_WINCE
#  endif
# endif
#endif

/* Anything that tries to look like Microsoft is "Windows" */
#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_WINDOWS
# ifndef OPENSSL_SYS_MSDOS
#  define OPENSSL_SYS_MSDOS
# endif
#endif

/* DLL settings.  This part is a bit tough, because it's up to the application
   implementor how he or she will link the application, so it requires some
   macro to be used. */
#ifdef OPENSSL_SYS_WINDOWS
# ifndef OPENSSL_OPT_WINDLL
#  if defined(_WINDLL) /* This is used when building OpenSSL to indicate that
                          DLL linkage should be used */
#   define OPENSSL_OPT_WINDLL
#  endif
# endif
#endif

/* -------------------------------- OpenVMS -------------------------------- */
#if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYSNAME_VMS)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_VMS
# if defined(__DECC)
#  define OPENSSL_SYS_VMS_DECC
# elif defined(__DECCXX)
#  define OPENSSL_SYS_VMS_DECC
#  define OPENSSL_SYS_VMS_DECCXX
# else
#  define OPENSSL_SYS_VMS_NODECC
# endif
#endif

/* --------------------------------- OS/2 ---------------------------------- */
#if defined(__EMX__) || defined(__OS2__)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_OS2
#endif

/* --------------------------------- Unix ---------------------------------- */
#ifdef OPENSSL_SYS_UNIX
# if defined(linux) || defined(__linux__) || defined(OPENSSL_SYSNAME_LINUX)
#  define OPENSSL_SYS_LINUX
# endif
# ifdef OPENSSL_SYSNAME_MPE
#  define OPENSSL_SYS_MPE
# endif
# ifdef OPENSSL_SYSNAME_SNI
#  define OPENSSL_SYS_SNI
# endif
# ifdef OPENSSL_SYSNAME_ULTRASPARC
#  define OPENSSL_SYS_ULTRASPARC
# endif
# ifdef OPENSSL_SYSNAME_NEWS4
#  define OPENSSL_SYS_NEWS4
# endif
# ifdef OPENSSL_SYSNAME_MACOSX
#  define OPENSSL_SYS_MACOSX
# endif
# ifdef OPENSSL_SYSNAME_MACOSX_RHAPSODY
#  define OPENSSL_SYS_MACOSX_RHAPSODY
#  define OPENSSL_SYS_MACOSX
# endif
# ifdef OPENSSL_SYSNAME_SUNOS
#  define OPENSSL_SYS_SUNOS
#endif
# if defined(_CRAY) || defined(OPENSSL_SYSNAME_CRAY)
#  define OPENSSL_SYS_CRAY
# endif
# if defined(_AIX) || defined(OPENSSL_SYSNAME_AIX)
#  define OPENSSL_SYS_AIX
# endif
#endif

/* ------------------------------- VxWorks --------------------------------- */
#ifdef OPENSSL_SYSNAME_VXWORKS
# define OPENSSL_SYS_VXWORKS
#endif

/**
 * That's it for OS-specific stuff
 *****************************************************************************/


/* Specials for I/O an exit */
#ifdef OPENSSL_SYS_MSDOS
# define OPENSSL_UNISTD_IO <io.h>
# define OPENSSL_DECLARE_EXIT extern void exit(int);
#else
# define OPENSSL_UNISTD_IO OPENSSL_UNISTD
# define OPENSSL_DECLARE_EXIT /* declared in unistd.h */
#endif

/* Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
   certain global symbols that, with some compilers under VMS, have to be
   defined and declared explicitely with globaldef and globalref.
   Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
   DLL exports and imports for compilers under Win32.  These are a little
   more complicated to use.  Basically, for any library that exports some
   global variables, the following code must be present in the header file
   that declares them, before OPENSSL_EXTERN is used:

   #ifdef SOME_BUILD_FLAG_MACRO
   # undef OPENSSL_EXTERN
   # define OPENSSL_EXTERN OPENSSL_EXPORT
   #endif

   The default is to have OPENSSL_EXPORT, OPENSSL_IMPORT and OPENSSL_GLOBAL
   have some generally sensible values, and for OPENSSL_EXTERN to have the
   value OPENSSL_IMPORT.
*/

#if defined(OPENSSL_SYS_VMS_NODECC)
# define OPENSSL_EXPORT globalref
# define OPENSSL_IMPORT globalref
# define OPENSSL_GLOBAL globaldef
#elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
# define OPENSSL_EXPORT extern _declspec(dllexport)
# define OPENSSL_IMPORT extern _declspec(dllimport)
# define OPENSSL_GLOBAL
#else
# define OPENSSL_EXPORT extern
# define OPENSSL_IMPORT extern
# define OPENSSL_GLOBAL
#endif
#define OPENSSL_EXTERN OPENSSL_IMPORT

/* Macros to allow global variables to be reached through function calls when
   required (if a shared library version requvres it, for example.
   The way it's done allows definitions like this:

	// in foobar.c
	OPENSSL_IMPLEMENT_GLOBAL(int,foobar) = 0;
	// in foobar.h
	OPENSSL_DECLARE_GLOBAL(int,foobar);
	#define foobar OPENSSL_GLOBAL_REF(foobar)
*/
#ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
# define OPENSSL_IMPLEMENT_GLOBAL(type,name) static type _hide_##name; \
        type *_shadow_##name(void) { return &_hide_##name; } \
        static type _hide_##name
# define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
# define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
#else
# define OPENSSL_IMPLEMENT_GLOBAL(type,name) OPENSSL_GLOBAL type _shadow_##name
# define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
# define OPENSSL_GLOBAL_REF(name) _shadow_##name
#endif

#ifdef  __cplusplus
}
#endif
#endif

Added Source/ccOpenssl/opensslDES.c.

















































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
/* crypto/des/des_enc.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

/* 
 * This is pared-down version of openssl's des_enc.c, shorn of 
 * everything except the bare-bones single-block encrypt/decrypt
 * routine DES_encrypt1(). Plus it has the shim code needed to
 * use this function in CommonEncryption. 
 */
 
#include <CommonCrypto/opensslDES.h>
#include <ccOpenssl/des_locl.h>
#include <strings.h>
#include "spr.h"

/* CommonCrypto shim */

int osDesSetkey(DES_key_schedule *dinst, char *key, size_t keyLength,
	int forEencrypt)
{
	DES_cblock cblock;
	memmove(&cblock, key, 8);
	DES_set_key_unchecked(&cblock, dinst);
	return 0;
}

void osDesEncrypt(DES_key_schedule *ks, 
	const_DES_cblock *input, 
	DES_cblock *output)
{
	/* copied from openssl's DES_ecb_encrypt() */
	register DES_LONG l;
	DES_LONG ll[2];
	const unsigned char *in = &(*input)[0];
	unsigned char *out = &(*output)[0];

	c2l(in,l); ll[0]=l;
	c2l(in,l); ll[1]=l;
	DES_encrypt1(ll,ks,1);
	l=ll[0]; l2c(l,out);
	l=ll[1]; l2c(l,out);
	l=ll[0]=ll[1]=0;
}

void osDesDecrypt(DES_key_schedule *ks, 
	const_DES_cblock *input, 
	DES_cblock *output)
{
	/* copied from openssl's DES_ecb_encrypt() */
	register DES_LONG l;
	DES_LONG ll[2];
	const unsigned char *in = &(*input)[0];
	unsigned char *out = &(*output)[0];

	c2l(in,l); ll[0]=l;
	c2l(in,l); ll[1]=l;
	DES_encrypt1(ll,ks,0);
	l=ll[0]; l2c(l,out);
	l=ll[1]; l2c(l,out);
	l=ll[0]=ll[1]=0;
}

int osDes3Setkey(DES3_Schedule *dinst, char *key, size_t keyLength,
	int forEencrypt)
{
	DES_cblock cblock;
	memmove(&cblock, key, 8);
	DES_set_key_unchecked(&cblock, &dinst->ks[0]);
	memmove(&cblock, key+8, 8);
	DES_set_key_unchecked(&cblock, &dinst->ks[1]);
	memmove(&cblock, key+16, 8);
	DES_set_key_unchecked(&cblock, &dinst->ks[2]);
	return 0;

}

void osDes3Encrypt(DES3_Schedule *ks, 
	const_DES_cblock *input, 
	DES_cblock *output)
{
	register DES_LONG l;
	DES_LONG ll[2];
	const unsigned char *in = &(*input)[0];
	unsigned char *out = &(*output)[0];

	c2l(in,l); ll[0]=l;
	c2l(in,l); ll[1]=l;
	DES_encrypt1(ll,&ks->ks[0],1);
	DES_encrypt1(ll,&ks->ks[1],0);
	DES_encrypt1(ll,&ks->ks[2],1);
	l=ll[0]; l2c(l,out);
	l=ll[1]; l2c(l,out);
	l=ll[0]=ll[1]=0;
}

void osDes3Decrypt(DES3_Schedule *ks, 
	const_DES_cblock *input, 
	DES_cblock *output)
{
	register DES_LONG l;
	DES_LONG ll[2];
	const unsigned char *in = &(*input)[0];
	unsigned char *out = &(*output)[0];

	c2l(in,l); ll[0]=l;
	c2l(in,l); ll[1]=l;
	DES_encrypt1(ll,&ks->ks[2],0);
	DES_encrypt1(ll,&ks->ks[1],1);
	DES_encrypt1(ll,&ks->ks[0],0);
	l=ll[0]; l2c(l,out);
	l=ll[1]; l2c(l,out);
	l=ll[0]=ll[1]=0;
}

Added Source/ccOpenssl/opensslconf.h.













































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
/* MacOS/opensslconf.h */

#include <CommonCrypto/CommonCryptoPriv.h>

#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
#define OPENSSLDIR "/usr/local/ssl"
#endif
#endif

#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
#define IDEA_INT unsigned int
#endif

#if defined(HEADER_MD2_H) && !defined(MD2_INT)
#define MD2_INT unsigned int
#endif

#if defined(HEADER_RC2_H) && !defined(RC2_INT)
/* I need to put in a mod for the alpha - eay */
#define RC2_INT unsigned int
#endif

#if defined(HEADER_RC4_H)
#if !defined(RC4_INT)
/* using int types make the structure larger but make the code faster
 * on most boxes I have tested - up to %20 faster. */
/*
 * I don't know what does "most" mean, but declaring "int" is a must on:
 * - Intel P6 because partial register stalls are very expensive;
 * - elder Alpha because it lacks byte load/store instructions;
 */
#define RC4_INT unsigned char
#endif
#if !defined(RC4_CHUNK)
/*
 * This enables code handling data aligned at natural CPU word
 * boundary. See crypto/rc4/rc4_enc.c for further details.
 */
#define RC4_CHUNK unsigned long
#endif
#endif

#if defined(HEADER_DES_H) && !defined(DES_LONG)
/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
 * %20 speed up (longs are 8 bytes, int's are 4). */
#ifndef DES_LONG
#define DES_LONG unsigned long
#endif
#endif

#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
#define CONFIG_HEADER_BN_H
#if __option(longlong)
#  define BN_LLONG
#else
#  undef BN_LLONG
#endif

/* Should we define BN_DIV2W here? */

/* Only one for the following should be defined */
/* The prime number generation stuff may not work when
 * EIGHT_BIT but I don't care since I've only used this mode
 * for debuging the bignum libraries */
#undef SIXTY_FOUR_BIT_LONG
#undef SIXTY_FOUR_BIT
#define THIRTY_TWO_BIT
#undef SIXTEEN_BIT
#undef EIGHT_BIT
#endif

#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
#define CONFIG_HEADER_RC4_LOCL_H
/* if this is defined data[i] is used instead of *data, this is a %20
 * speedup on x86 */
#undef RC4_INDEX
#endif

#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
#define CONFIG_HEADER_BF_LOCL_H
#define BF_PTR
#endif /* HEADER_BF_LOCL_H */

#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
#define CONFIG_HEADER_DES_LOCL_H
/* the following is tweaked from a config script, that is why it is a
 * protected undef/define */
#ifndef DES_PTR
#define DES_PTR
#endif

/* This helps C compiler generate the correct code for multiple functional
 * units.  It reduces register dependancies at the expense of 2 more
 * registers */
#ifndef DES_RISC1
#define DES_RISC1
#endif

#ifndef DES_RISC2
#undef DES_RISC2
#endif

#if defined(DES_RISC1) && defined(DES_RISC2)
YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
#endif

/* Unroll the inner loop, this sometimes helps, sometimes hinders.
 * Very mucy CPU dependant */
#ifndef DES_UNROLL
#define DES_UNROLL
#endif

#endif /* HEADER_DES_LOCL_H */

#ifndef __POWERPC__
#define MD32_XARRAY
#endif

Added Source/ccOpenssl/set_key.c.



































































































































































































































































































































































































































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
/* crypto/des/set_key.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

/* set_key.c v 1.4 eay 24/9/91
 * 1.4 Speed up by 400% :-)
 * 1.3 added register declarations.
 * 1.2 unrolled make_key_sched a bit more
 * 1.1 added norm_expand_bits
 * 1.0 First working version
 */
#include <ccOpenssl/des_locl.h>

// OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key) = 0;	/* defaults to false */

#ifndef	_APPLE_COMMON_CRYPTO_

static const unsigned char odd_parity[256]={
  1,  1,  2,  2,  4,  4,  7,  7,  8,  8, 11, 11, 13, 13, 14, 14,
 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};

void DES_set_odd_parity(DES_cblock *key)
	{
	int i;

	for (i=0; i<DES_KEY_SZ; i++)
		(*key)[i]=odd_parity[(*key)[i]];
	}

int DES_check_key_parity(const_DES_cblock *key)
	{
	int i;

	for (i=0; i<DES_KEY_SZ; i++)
		{
		if ((*key)[i] != odd_parity[(*key)[i]])
			return(0);
		}
	return(1);
	}

/* Weak and semi week keys as take from
 * %A D.W. Davies
 * %A W.L. Price
 * %T Security for Computer Networks
 * %I John Wiley & Sons
 * %D 1984
 * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
 * (and actual cblock values).
 */
#define NUM_WEAK_KEY	16
static DES_cblock weak_keys[NUM_WEAK_KEY]={
	/* weak keys */
	{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
	{0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
	{0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
	{0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1},
	/* semi-weak keys */
	{0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
	{0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
	{0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
	{0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
	{0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
	{0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
	{0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
	{0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
	{0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
	{0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
	{0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
	{0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};

int DES_is_weak_key(const_DES_cblock *key)
	{
	int i;

	for (i=0; i<NUM_WEAK_KEY; i++)
		/* Added == 0 to comparison, I obviously don't run
		 * this section very often :-(, thanks to
		 * engineering@MorningStar.Com for the fix
		 * eay 93/06/29
		 * Another problem, I was comparing only the first 4
		 * bytes, 97/03/18 */
		if (memcmp(weak_keys[i],key,sizeof(DES_cblock)) == 0) return(1);
	return(0);
	}

#endif	/* _APPLE_COMMON_CRYPTO_ */

/* NOW DEFINED IN des_local.h
 * See ecb_encrypt.c for a pseudo description of these macros. 
 * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
 * 	(b)^=(t),\
 * 	(a)=((a)^((t)<<(n))))
 */

#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
	(a)=(a)^(t)^(t>>(16-(n))))

static const DES_LONG des_skb[8][64]={
	{
	/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
	0x00000000L,0x00000010L,0x20000000L,0x20000010L,
	0x00010000L,0x00010010L,0x20010000L,0x20010010L,
	0x00000800L,0x00000810L,0x20000800L,0x20000810L,
	0x00010800L,0x00010810L,0x20010800L,0x20010810L,
	0x00000020L,0x00000030L,0x20000020L,0x20000030L,
	0x00010020L,0x00010030L,0x20010020L,0x20010030L,
	0x00000820L,0x00000830L,0x20000820L,0x20000830L,
	0x00010820L,0x00010830L,0x20010820L,0x20010830L,
	0x00080000L,0x00080010L,0x20080000L,0x20080010L,
	0x00090000L,0x00090010L,0x20090000L,0x20090010L,
	0x00080800L,0x00080810L,0x20080800L,0x20080810L,
	0x00090800L,0x00090810L,0x20090800L,0x20090810L,
	0x00080020L,0x00080030L,0x20080020L,0x20080030L,
	0x00090020L,0x00090030L,0x20090020L,0x20090030L,
	0x00080820L,0x00080830L,0x20080820L,0x20080830L,
	0x00090820L,0x00090830L,0x20090820L,0x20090830L,
	},{
	/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
	0x00000000L,0x02000000L,0x00002000L,0x02002000L,
	0x00200000L,0x02200000L,0x00202000L,0x02202000L,
	0x00000004L,0x02000004L,0x00002004L,0x02002004L,
	0x00200004L,0x02200004L,0x00202004L,0x02202004L,
	0x00000400L,0x02000400L,0x00002400L,0x02002400L,
	0x00200400L,0x02200400L,0x00202400L,0x02202400L,
	0x00000404L,0x02000404L,0x00002404L,0x02002404L,
	0x00200404L,0x02200404L,0x00202404L,0x02202404L,
	0x10000000L,0x12000000L,0x10002000L,0x12002000L,
	0x10200000L,0x12200000L,0x10202000L,0x12202000L,
	0x10000004L,0x12000004L,0x10002004L,0x12002004L,
	0x10200004L,0x12200004L,0x10202004L,0x12202004L,
	0x10000400L,0x12000400L,0x10002400L,0x12002400L,
	0x10200400L,0x12200400L,0x10202400L,0x12202400L,
	0x10000404L,0x12000404L,0x10002404L,0x12002404L,
	0x10200404L,0x12200404L,0x10202404L,0x12202404L,
	},{
	/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
	0x00000000L,0x00000001L,0x00040000L,0x00040001L,
	0x01000000L,0x01000001L,0x01040000L,0x01040001L,
	0x00000002L,0x00000003L,0x00040002L,0x00040003L,
	0x01000002L,0x01000003L,0x01040002L,0x01040003L,
	0x00000200L,0x00000201L,0x00040200L,0x00040201L,
	0x01000200L,0x01000201L,0x01040200L,0x01040201L,
	0x00000202L,0x00000203L,0x00040202L,0x00040203L,
	0x01000202L,0x01000203L,0x01040202L,0x01040203L,
	0x08000000L,0x08000001L,0x08040000L,0x08040001L,
	0x09000000L,0x09000001L,0x09040000L,0x09040001L,
	0x08000002L,0x08000003L,0x08040002L,0x08040003L,
	0x09000002L,0x09000003L,0x09040002L,0x09040003L,
	0x08000200L,0x08000201L,0x08040200L,0x08040201L,
	0x09000200L,0x09000201L,0x09040200L,0x09040201L,
	0x08000202L,0x08000203L,0x08040202L,0x08040203L,
	0x09000202L,0x09000203L,0x09040202L,0x09040203L,
	},{
	/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
	0x00000000L,0x00100000L,0x00000100L,0x00100100L,
	0x00000008L,0x00100008L,0x00000108L,0x00100108L,
	0x00001000L,0x00101000L,0x00001100L,0x00101100L,
	0x00001008L,0x00101008L,0x00001108L,0x00101108L,
	0x04000000L,0x04100000L,0x04000100L,0x04100100L,
	0x04000008L,0x04100008L,0x04000108L,0x04100108L,
	0x04001000L,0x04101000L,0x04001100L,0x04101100L,
	0x04001008L,0x04101008L,0x04001108L,0x04101108L,
	0x00020000L,0x00120000L,0x00020100L,0x00120100L,
	0x00020008L,0x00120008L,0x00020108L,0x00120108L,
	0x00021000L,0x00121000L,0x00021100L,0x00121100L,
	0x00021008L,0x00121008L,0x00021108L,0x00121108L,
	0x04020000L,0x04120000L,0x04020100L,0x04120100L,
	0x04020008L,0x04120008L,0x04020108L,0x04120108L,
	0x04021000L,0x04121000L,0x04021100L,0x04121100L,
	0x04021008L,0x04121008L,0x04021108L,0x04121108L,
	},{
	/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
	0x00000000L,0x10000000L,0x00010000L,0x10010000L,
	0x00000004L,0x10000004L,0x00010004L,0x10010004L,
	0x20000000L,0x30000000L,0x20010000L,0x30010000L,
	0x20000004L,0x30000004L,0x20010004L,0x30010004L,
	0x00100000L,0x10100000L,0x00110000L,0x10110000L,
	0x00100004L,0x10100004L,0x00110004L,0x10110004L,
	0x20100000L,0x30100000L,0x20110000L,0x30110000L,
	0x20100004L,0x30100004L,0x20110004L,0x30110004L,
	0x00001000L,0x10001000L,0x00011000L,0x10011000L,
	0x00001004L,0x10001004L,0x00011004L,0x10011004L,
	0x20001000L,0x30001000L,0x20011000L,0x30011000L,
	0x20001004L,0x30001004L,0x20011004L,0x30011004L,
	0x00101000L,0x10101000L,0x00111000L,0x10111000L,
	0x00101004L,0x10101004L,0x00111004L,0x10111004L,
	0x20101000L,0x30101000L,0x20111000L,0x30111000L,
	0x20101004L,0x30101004L,0x20111004L,0x30111004L,
	},{
	/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
	0x00000000L,0x08000000L,0x00000008L,0x08000008L,
	0x00000400L,0x08000400L,0x00000408L,0x08000408L,
	0x00020000L,0x08020000L,0x00020008L,0x08020008L,
	0x00020400L,0x08020400L,0x00020408L,0x08020408L,
	0x00000001L,0x08000001L,0x00000009L,0x08000009L,
	0x00000401L,0x08000401L,0x00000409L,0x08000409L,
	0x00020001L,0x08020001L,0x00020009L,0x08020009L,
	0x00020401L,0x08020401L,0x00020409L,0x08020409L,
	0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
	0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
	0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
	0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
	0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
	0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
	0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
	0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
	},{
	/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
	0x00000000L,0x00000100L,0x00080000L,0x00080100L,
	0x01000000L,0x01000100L,0x01080000L,0x01080100L,
	0x00000010L,0x00000110L,0x00080010L,0x00080110L,
	0x01000010L,0x01000110L,0x01080010L,0x01080110L,
	0x00200000L,0x00200100L,0x00280000L,0x00280100L,
	0x01200000L,0x01200100L,0x01280000L,0x01280100L,
	0x00200010L,0x00200110L,0x00280010L,0x00280110L,
	0x01200010L,0x01200110L,0x01280010L,0x01280110L,
	0x00000200L,0x00000300L,0x00080200L,0x00080300L,
	0x01000200L,0x01000300L,0x01080200L,0x01080300L,
	0x00000210L,0x00000310L,0x00080210L,0x00080310L,
	0x01000210L,0x01000310L,0x01080210L,0x01080310L,
	0x00200200L,0x00200300L,0x00280200L,0x00280300L,
	0x01200200L,0x01200300L,0x01280200L,0x01280300L,
	0x00200210L,0x00200310L,0x00280210L,0x00280310L,
	0x01200210L,0x01200310L,0x01280210L,0x01280310L,
	},{
	/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
	0x00000000L,0x04000000L,0x00040000L,0x04040000L,
	0x00000002L,0x04000002L,0x00040002L,0x04040002L,
	0x00002000L,0x04002000L,0x00042000L,0x04042000L,
	0x00002002L,0x04002002L,0x00042002L,0x04042002L,
	0x00000020L,0x04000020L,0x00040020L,0x04040020L,
	0x00000022L,0x04000022L,0x00040022L,0x04040022L,
	0x00002020L,0x04002020L,0x00042020L,0x04042020L,
	0x00002022L,0x04002022L,0x00042022L,0x04042022L,
	0x00000800L,0x04000800L,0x00040800L,0x04040800L,
	0x00000802L,0x04000802L,0x00040802L,0x04040802L,
	0x00002800L,0x04002800L,0x00042800L,0x04042800L,
	0x00002802L,0x04002802L,0x00042802L,0x04042802L,
	0x00000820L,0x04000820L,0x00040820L,0x04040820L,
	0x00000822L,0x04000822L,0x00040822L,0x04040822L,
	0x00002820L,0x04002820L,0x00042820L,0x04042820L,
	0x00002822L,0x04002822L,0x00042822L,0x04042822L,
	}};

#ifndef	_APPLE_COMMON_CRYPTO_
int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
	{
	if (DES_check_key)
		{
		return DES_set_key_checked(key, schedule);
		}
	else
		{
		DES_set_key_unchecked(key, schedule);
		return 0;
		}
	}

/* return 0 if key parity is odd (correct),
 * return -1 if key parity error,
 * return -2 if illegal weak key.
 */
int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
	{
	if (!DES_check_key_parity(key))
		return(-1);
	if (DES_is_weak_key(key))
		return(-2);
	DES_set_key_unchecked(key, schedule);
	return 0;
	}

#endif	/* APPLE_COMMON_CRYPTO */

void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
	{
	static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
	register DES_LONG c,d,t,s,t2;
	register const unsigned char *in;
	register DES_LONG *k;
	register int i;

#ifdef OPENBSD_DEV_CRYPTO
	memcpy(schedule->key,key,sizeof schedule->key);
	schedule->session=NULL;
#endif
	k = &schedule->ks->deslong[0];
	in = &(*key)[0];

	c2l(in,c);
	c2l(in,d);

	/* do PC1 in 47 simple operations :-)
	 * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
	 * for the inspiration. :-) */
	PERM_OP (d,c,t,4,0x0f0f0f0fL);
	HPERM_OP(c,t,-2,0xcccc0000L);
	HPERM_OP(d,t,-2,0xcccc0000L);
	PERM_OP (d,c,t,1,0x55555555L);
	PERM_OP (c,d,t,8,0x00ff00ffL);
	PERM_OP (d,c,t,1,0x55555555L);
	d=	(((d&0x000000ffL)<<16L)| (d&0x0000ff00L)     |
		 ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
	c&=0x0fffffffL;

	for (i=0; i<ITERATIONS; i++)
		{
		if (shifts2[i])
			{ c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
		else
			{ c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
		c&=0x0fffffffL;
		d&=0x0fffffffL;
		/* could be a few less shifts but I am to lazy at this
		 * point in time to investigate */
		s=	des_skb[0][ (c    )&0x3f                ]|
			des_skb[1][((c>> 6L)&0x03)|((c>> 7L)&0x3c)]|
			des_skb[2][((c>>13L)&0x0f)|((c>>14L)&0x30)]|
			des_skb[3][((c>>20L)&0x01)|((c>>21L)&0x06) |
						  ((c>>22L)&0x38)];
		t=	des_skb[4][ (d    )&0x3f                ]|
			des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
			des_skb[6][ (d>>15L)&0x3f                ]|
			des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];

		/* table contained 0213 4657 */
		t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
		*(k++)=ROTATE(t2,30)&0xffffffffL;

		t2=((s>>16L)|(t&0xffff0000L));
		*(k++)=ROTATE(t2,26)&0xffffffffL;
		}
	}

#ifndef	_APPLE_COMMON_CRYPTO_
int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
	{
	return(DES_set_key(key,schedule));
	}
#endif	/* _APPLE_COMMON_CRYPTO_ */

/*
#undef des_fixup_key_parity
void des_fixup_key_parity(des_cblock *key)
	{
	des_set_odd_parity(key);
	}
*/

Added Source/ccOpenssl/spr.h.





































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
/* crypto/des/spr.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <CommonCrypto/CommonCryptoPriv.h>
#ifdef	_APPLE_COMMON_CRYPTO_
/* avoid symbol collision with libSystem & libcrypto */
#define DES_SPtrans CC_DES_SPtrans
#endif	/* _APPLE_COMMON_CRYPTO_ */

const DES_LONG DES_SPtrans[8][64]={
{
/* nibble 0 */
0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
},{
/* nibble 1 */
0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
},{
/* nibble 2 */
0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
},{
/* nibble 3 */
0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
},{
/* nibble 4 */
0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
},{
/* nibble 5 */
0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
},{
/* nibble 6 */
0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
},{
/* nibble 7 */
0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
}};

Added doc/CCCrypt.3cc.



>
1
.so man3/CCCryptor.3cc

Added doc/CCCryptor.3cc.









































































































































































































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
.Dd March 22, 2007
.Dt CCCryptor 3cc
.Os
.Sh NAME
.Nm CCCryptorCreate ,
.Nm CCryptorCreateFromData ,
.Nm CCCryptorRelease ,
.Nm CCCryptorUpdate ,
.Nm CCCryptorFinal ,
.Nm CCCryptorGetOutputLength ,
.Nm CCCryptorReset ,
.Nm CCCrypt
.Nd Common Cryptographic Algorithm Interfaces
.Sh LIBRARY
These functions are found in libSystem.
.Sh SYNOPSIS
.In CommonCrypto/CommonCryptor.h
.Ft CCCryptorStatus
.Fn CCCryptorCreate "CCOperation op" "CCAlgorithm alg" "CCOptions options" \
"const void *key" "size_t keyLength" "const void *iv" "CCCryptorRef *cryptorRef"
.Ft CCCryptorStatus
.Fn CCCryptorCreateFromData "CCOperation op" "CCAlgorithm alg" "CCOptions options" \
"const void *key" "size_t keyLength" "const void *iv" "const void *data" \
"size_t dataLength" "CCCryptorRef *cryptorRef" "size_t *dataUsed"
.Ft CCCryptorStatus
.Fn CCCryptorRelease "CCCryptorRef cryptorRef"
.Ft CCCryptorStatus
.Fn CCCryptorUpdate "CCCryptorRef cryptorRef" "const void *dataIn" \
"size_t dataInLength" "void *dataOut" "size_t dataOutAvailable" "size_t *dataOutMoved"
.Ft CCCryptorStatus
.Fn CCCryptorFinal "CCCryptorRef cryptorRef" "void *dataOut" \
"size_t dataOutAvailable" "size_t *dataOutMoved"
.Ft size_t
.Fn CCCryptorGetOutputLength "CCCryptorRef cryptorRef" "size_t inputLength" "bool final"
.Ft CCCryptorStatus
.Fn CCCryptorReset "CCCryptorRef cryptorRef" "const void *iv"
.Ft CCCryptorStatus
.Fn CCCrypt "CCOperation op" "CCAlgorithm alg" "CCOptions options" "const void *key" \
"size_t keyLength" "const void *iv" "const void *dataIn" "size_t dataInLength" \
"void *dataOut" "size_t dataOutAvailable" "size_t *dataOutMoved"
.Sh DESCRIPTION
This interface provides access to a number of symmetric encryption
algorithms. Symmetric encryption algorithms come in two "flavors" -
block ciphers, and stream ciphers. Block ciphers process data
(while both encrypting and decrypting) in discrete chunks of
data called blocks; stream ciphers operate on arbitrary sized
data.
.Pp
The object declared in this interface, CCCryptor, provides
access to both block ciphers and stream ciphers with the same
API; however some options are available for block ciphers that
do not apply to stream ciphers.
.Pp
The general operation of a CCCryptor is: initialize it
with raw key data and other optional fields with CCCryptorCreate();
process input data via one or more calls to CCCryptorUpdate(),
each of which may result in output data being written to
caller-supplied memory; and obtain possible remaining output data
with CCCryptorFinal(). The CCCryptor is disposed of via
CCCryptorRelease(), or it can be reused (with the same key data
as provided to CCCryptorCreate()) by calling CCCryptorReset().
.Pp
CCCryptors can be dynamically allocated by this module, or
their memory can be allocated by the caller.
.Pp
One option for block ciphers is padding, as defined in PKCS7;
when padding is enabled, the total amount of data encrypted
does not have to be an even multiple of the block size, and
the actual length of plaintext is calculated during decryption.
.Pp
Another option for block ciphers is Cipher Block Chaining, known
as CBC mode. When using CBC mode, an Initialization Vector (IV)
is provided along with the key when starting an encrypt
or decrypt operation. If CBC mode is selected and no IV is
provided, an IV of all zeroes will be used.
.Pp
CCCryptor also implements block bufferring, so that individual
calls to CCCryptorUpdate() do not have to provide data whose length
is aligned to the block size. (If padding is disabled, encrypting
with block ciphers does require that the *total* length of data
input to CCCryptorUpdate() call(s) be aligned to the block size.)
.Pp
A given CCCryptor can only be used by one thread at a time;
multiple threads can use safely different CCCryptors at the
same time. 
.Pp
.Ft CCCryptorRef
objects created with
.Fn CCCryptorCreate
or
.Fn CCCryptorCreateFromData
*may* be disposed of
via
.Fn CCCRyptorRelease
; that call is not strictly necessary, but
if it's not performed, good security practice dictates that the
caller should zero the memory provided to create the
.Ft CCCryptorRef
when the caller is finished using the
.Ft CCCryptorRef.
.Pp
.Fn CCCryptorUpdate
is used to encrypt or decrypt data.  This routine can be called multiple times. The caller does
not need to align input data lengths to block sizes; input is
bufferred as necessary for block ciphers.
.Pp
When performing symmetric encryption with block ciphers,
and padding is enabled via
.Ft kCCOptionPKCS7Padding,
the total
number of bytes provided by all the calls to this function
when encrypting can be arbitrary (i.e., the total number
of bytes does not have to be block aligned). However if
padding is disabled, or when decrypting, the total number
of bytes does have to be aligned to the block size; otherwise
.Fn CCCryptFinal
will return
.Ft kCCAlignmentError.
.Pp
A general rule for the size of the output buffer which must be
provided by the caller is that for block ciphers, the output
length is never larger than the input length plus the block size.
For stream ciphers, the output length is always exactly the same
as the input length. See the discussion for
.Fn CCCryptorGetOutputLength
for more information on this topic.
.Pp
.Fn CCCryptFinal
finishes encryption and decryption operations and obtains the final data output.
Except when
.Ft kCCBufferTooSmall
is returned, the
.Ft CCCryptorRef
can no longer be used for subsequent operations unless
.Fn CCCryptorReset
is called on it.
.Pp
It is not necessary to call
.Fn CCCryptorFinal
when performing
symmetric encryption or decryption if padding is disabled, or
when using a stream cipher.
.Pp
It is not necessary to call
.Fn CCCryptorFinal
prior to
.Fn CCCryptorRelease
when aborting an operation.
.Pp
Use
.Fn CCCryptorGetOutputLength
to determine output buffer size required to process a given input size.
Some general rules apply that allow clients of this module to
know a priori how much output buffer space will be required
in a given situation. For stream ciphers, the output size is
always equal to the input size, and
.Fn CCCryptorFinal
never
produces any data. For block ciphers, the output size will
always be less than or equal to the input size plus the size
of one block. For block ciphers, if the input size provided
to each call to
.Fn CCCryptorUpdate
is is an integral multiple
of the block size, then the output size for each call to
.Fn CCCryptorUpdate
is less than or equal to the input size
for that call to
.Fn CCCryptorUpdate .
.Fn CCCryptorFinal
only produces output when using a block cipher with padding enabled.
.Pp
.Fn CCCryptorReset
reinitializes an existing
.Ft CCCryptorRef
with a (possibly) new initialization vector. The key contained in the
.Ft CCCryptorRef
is unchanged. This function is not implemented for stream ciphers.  This can be called on a CCCryptorRef with data pending (i.e.
in a padded mode operation before 
.Fn CCCryptFinal
is called); however any pending data will be lost in that case.
.Pp
.Fn CCCrypt
is a stateless, one-shot encrypt or decrypt operation.
This basically performs a sequence of
.Fn CCCrytorCreate ,
.Fn CCCryptorUpdate ,
.Fn CCCryptorFinal ,
and
.Fn CCCryptorRelease .
.Sh RETURN VALUES
The following values may be returned as a status of type
.Ft CCCryptorStatus .
.Pp
.Er kCCSuccess
- Operation completed normally.
.Pp
.Er kCCParamError
- Illegal parameter value.
.Pp
.Er kCCBufferTooSmall
- Insufficent buffer provided for specified operation.
.Pp
.Er kCCMemoryFailure
- Memory allocation failure.
.Pp
.Er kCCAlignmentError
- Input size was not aligned properly.
.Pp
.Er kCCDecodeError
- Input data did not decode or decrypt properly.
.Pp
.Er kCCUnimplemented
- Function not implemented for the current algorithm.
.Sh SEE ALSO
.Xr CCHmac 3cc ,
.Xr CC_MD5 3cc ,
.Xr CC_SHA 3cc ,
.Xr CC_crypto 3cc
.Sh STANDARDS
.Bl -tag
.It AES:
Federal Information Processing Standard \s-1FIPS\s0 \s-1PUB\s0 197 (Advanced Encryption Standard),
.It DES:
Federal Information Processing Standard \s-1FIPS\s0 \s-1PUB\s0 46\-3 (Data Encryption Standard)
.It 3DES:
NIST Special Publication\s-1PUB\s0 800\-67 (Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher)
.El

Added doc/CCCryptorCreate.3cc.



>
1
.so man3/CCCryptor.3cc

Added doc/CCCryptorFinal.3cc.



>
1
.so man3/CCCryptor.3cc

Added doc/CCCryptorGetOutputLength.3cc.



>
1
.so man3/CCCryptor.3cc

Added doc/CCCryptorRelease.3cc.



>
1
.so man3/CCCryptor.3cc

Added doc/CCCryptorReset.3cc.



>
1
.so man3/CCCryptor.3cc

Added doc/CCCryptorUpdate.3cc.



>
1
.so man3/CCCryptor.3cc

Added doc/CCHmac.3cc.











































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
.Dd March 22, 2007
.Dt CCHMAC 3
.Os
.Sh NAME
.Nm CCHmacInit ,
.Nm CCHmacUpdate ,
.Nm CCHmacFinal ,
.Nm CCHmac
.Nd Common HMAC Algorithm Interfaces
.Sh LIBRARY
These functions are found in libSystem.
.Sh SYNOPSIS
.In CommonCrypto/CommonHMAC.h
.Ft void
.Fn CCHmacInit "CCHmacContext *ctx" "CCHmacAlgorithm algorithm" "const void *key" "size_t keyLength"
.Ft void
.Fn CCHmacUpdate "CCHmacContext *ctx" "const void *data" "size_t dataLength"
.Ft void
.Fn CCHmacFinal "CCHmacContext *ctx" "void *macOut"
.Ft void
.Fn CCHmac "CCHmacAlgorithm algorithm" "const void *key" "size_t keyLength" "const void *data" "size_t dataLength" "void *macOut"
.Sh DESCRIPTION
This interface provides access to a number of HMAC
algorithms. The following algorithms are available:
.Bl -tag -width "kCCHmacAlgSHA224"
.It kCCHmacAlgSHA1
- HMAC with SHA1 digest
.It kCCHmacAlgMD5
- HMAC with MD5 digest
.It kCCHmacAlgSHA256
- HMAC with SHA256 digest
.It kCCHmacAlgSHA384
- HMAC with SHA384 digest
.It kCCHmacAlgSHA224
- HMAC with SHA224 digest
.It kCCHmacAlgSHA512
- HMAC with SHA512 digest
.El
.Pp
The object declared in this interface, CCHmacContext, provides
a handle for use with the
.Fn CCHmacInit
.Fn CCHmacUpdate
and
.Fn CCHmacFinal
calls to complete the HMAC operation.  In addition there is a one shot function,
.Fn CCHmac
that performs a complete HMAC on a single piece of data.
.Sh SEE ALSO
.Xr CC_MD5 3cc ,
.Xr CC_SHA 3cc ,
.Xr CC_crypto 3cc ,
.Xr CCCrypto 3cc

Added doc/CCHmacFinal.3cc.



>
1
.so man3/CCHmac.3cc

Added doc/CCHmacInit.3cc.



>
1
.so man3/CCHmac.3cc

Added doc/CCHmacUpdate.3cc.



>
1
.so man3/CCHmac.3cc

Added doc/CC_MD2.3cc.



>
1
.so man3/CC_MD5.3cc

Added doc/CC_MD2_Final.3cc.



>
1
.so man3/CC_MD5.3cc

Added doc/CC_MD2_Init.3cc.



>
1
.so man3/CC_MD5.3cc

Added doc/CC_MD2_Update.3cc.



>
1
.so man3/CC_MD5.3cc

Added doc/CC_MD4.3cc.



>
1
.so man3/CC_MD5.3cc

Added doc/CC_MD4_Final.3cc.



>
1
.so man3/CC_MD5.3cc

Added doc/CC_MD4_Init.3cc.



>
1
.so man3/CC_MD5.3cc

Added doc/CC_MD4_Update.3cc.



>
1
.so man3/CC_MD5.3cc

Added doc/CC_MD5.3cc.























































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
.Dd April 5, 2007
.Dt CC_MD5 3cc
.Os
.Sh NAME
.Nm CC_MD2_Init
.Nm CC_MD2_Update
.Nm CC_MD2_Final
.Nm CC_MD2
.Pp
.Nm CC_MD4_Init
.Nm CC_MD4_Update
.Nm CC_MD4_Final
.Nm CC_MD4
.Pp
.Nm CC_MD5_Init
.Nm CC_MD5_Update
.Nm CC_MD5_Final
.Nm CC_MD5
.Pp
.Nd MD2, MD4, and MD5 hash functions
.Sh SYNOPSIS
.In CommonCrypto/CommonDigest.h
.Ft extern int
.Fn CC_MD2_Init "CC_MD2_CTX *c"
.Ft extern int
.Fn CC_MD2_Update "CC_MD2_CTX *c" "const void *data" "CC_LONG len"
.Ft extern int
.Fn CC_MD2_Final "unsigned char *md" "CC_MD2_CTX *c"
.Ft extern unsigned char *
.Fn CC_MD2 "const void *data" "CC_LONG len" "unsigned char *md"
.Pp
.Ft extern int
.Fn CC_MD4_Init "CC_MD4_CTX *c"
.Ft extern int
.Fn CC_MD4_Update "CC_MD4_CTX *c" "const void *data" "CC_LONG len"
.Ft extern int
.Fn CC_MD4_Final "unsigned char *md" "CC_MD4_CTX *c"
.Ft extern unsigned char *
.Fn CC_MD4 "const void *data" "CC_LONG len" "unsigned char *md"
.Pp
.Ft extern int
.Fn CC_MD5_Init "CC_MD5_CTX *c"
.Ft extern int
.Fn CC_MD5_Update "CC_MD5_CTX *c" "const void *data" "CC_LONG len"
.Ft extern int
.Fn CC_MD5_Final "unsigned char *md" "CC_MD5_CTX *c"
.Ft extern unsigned char *
.Fn CC_MD5 "const void *data" "CC_LONG len" "unsigned char *md"
.Sh DESCRIPTION
The following functions are used to produce an hash from data:
.Pp
.Fn CC_MD2_Init
initializes a 
.Ft CC_MD2_CTX
structure.
.Pp
.Fn CC_MD2_Update
can be called repeatedly with chunks of the message to
be hashed (len bytes at data).
.Pp
.Fn CC_MD2_Final
places the MD2 message digest in md, which must have space
for 
.Ft CC_MD2_DIGEST_LENGTH
== 16 bytes of output, and erases the 
.Ft CC_MD2_CTX .
.Pp
.Fn CC_MD2
computes the MD2 message digest of the len
bytes at data and places it in md (which must have space for
.Ft CC_MD2_DIGEST_LENGTH
== 16 bytes of output). It returns the md pointer.
.Pp
.Fn CC_MD4_Init , 
.Fn CC_MD4_Update , 
.Fn CC_MD4_Final , 
.Fn CC_MD4 , 
.Fn CC_MD5_Init , 
.Fn CC_MD5_Update , 
.Fn CC_MD5_Final ,
and 
.Fn CC_MD5
are analogous using an 
.Ft CC_MD4_CTX
and 
.Ft CC_MD5_CTX
structure.
.Sh NOTE
MD2, MD4, and MD5 are recommended only for compatibility with existing
applications. In new applications, SHA\-256(or greater) should be
preferred.
.Sh RETURN VALUES
All routines return 1 except for the one-shot routines (
.Fn CC_MD2
, etc.), which return the pointer passed in via the md parameter.
.Sh CONFORMING TO
RFC 1319, RFC 1320, RFC 1321
.Sh SEE ALSO
.Xr CC_crypto 3cc ,
.Xr CC_SHA 3cc ,
.Xr CCHmac 3cc ,
.Xr CCCryptor 3cc
.Sh HISTORY
These functions are available in OS X 10.4 and later.
.Pp
These functions provide similar functionality to the routines found
in OpenSSL 0.9.6 and may use the same implementation.

Added doc/CC_MD5_Final.3cc.



>
1
.so man3/CC_MD5.3cc

Added doc/CC_MD5_Init.3cc.



>
1
.so man3/CC_MD5.3cc

Added doc/CC_MD5_Update.3cc.



>
1
.so man3/CC_MD5.3cc

Added doc/CC_SHA.3cc.









































































































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
.Dd April 5, 2007
.Dt CC_SHA 3cc
.Os
.Sh NAME
.Nm CC_SHA1_Init
.Nm CC_SHA1_Update
.Nm CC_SHA1_Final
.Nm CC_SHA1
.Pp
.Nm CC_SHA224_Init
.Nm CC_SHA224_Update
.Nm CC_SHA224_Final
.Nm CC_SHA224
.Pp
.Nm CC_SHA256_Init
.Nm CC_SHA256_Update
.Nm CC_SHA256_Final
.Nm CC_SHA256
.Pp
.Nm CC_SHA384_Init
.Nm CC_SHA384_Update
.Nm CC_SHA384_Final
.Nm CC_SHA384
.Pp
.Nm CC_SHA512_Init
.Nm CC_SHA512_Update
.Nm CC_SHA512_Final
.Nm CC_SHA512
.Pp
.Nd Secure Hash Algorithms
.Sh SYNOPSIS
.In CommonCrypto/CommonDigest.h
.Pp
.Ft extern int
.Fn CC_SHA1_Init "CC_SHA1_CTX *c"
.Ft extern int
.Fn CC_SHA1_Update "CC_SHA1_CTX *c" "const void *data" "CC_LONG len"
.Ft extern int
.Fn CC_SHA1_Final "unsigned char *md" "CC_SHA1_CTX *c"
.Ft extern unsigned char *
.Fn CC_SHA1 "const void *data" "CC_LONG len" "unsigned char *md"
.Pp
.Ft extern int
.Fn CC_SHA224_Init "CC_SHA224_CTX *c"
.Ft extern int
.Fn CC_SHA224_Update "CC_SHA224_CTX *c" "const void *data" "CC_LONG len"
.Ft extern int
.Fn CC_SHA224_Final "unsigned char *md" "CC_SHA224_CTX *c"
.Ft extern unsigned char *
.Fn CC_SHA224 "const void *data" "CC_LONG len" "unsigned char *md"
.Pp
.Ft extern int
.Fn CC_SHA256_Init "CC_SHA256_CTX *c"
.Ft extern int
.Fn CC_SHA256_Update "CC_SHA256_CTX *c" "const void *data" "CC_LONG len"
.Ft extern int
.Fn CC_SHA256_Final "unsigned char *md" "CC_SHA256_CTX *c"
.Ft extern unsigned char *
.Fn CC_SHA256 "const void *data" "CC_LONG len" "unsigned char *md"
.Pp
.Ft extern int
.Fn CC_SHA384_Init "CC_SHA384_CTX *c"
.Ft extern int
.Fn CC_SHA384_Update "CC_SHA384_CTX *c" "const void *data" "CC_LONG len"
.Ft extern int
.Fn CC_SHA384_Final "unsigned char *md" "CC_SHA384_CTX *c"
.Ft extern unsigned char *
.Fn CC_SHA384 "const void *data" "CC_LONG len" "unsigned char *md"
.Pp
.Ft extern int
.Fn CC_SHA512_Init "CC_SHA512_CTX *c"
.Ft extern int
.Fn CC_SHA512_Update "CC_SHA512_CTX *c" "const void *data" "CC_LONG len"
.Ft extern int
.Fn CC_SHA512_Final "unsigned char *md" "CC_SHA512_CTX *c"
.Ft extern unsigned char *
.Fn CC_SHA512 "const void *data" "CC_LONG len" "unsigned char *md"
.Sh DESCRIPTION
SHA\-1 (Secure Hash Algorithm) is a cryptographic hash function with a
160 bit output.
.Pp
.Fn CC_SHA1
computes the SHA\-1 message digest of the len
bytes at data and places it in md (which must have space for
.Ft CC_SHA1_DIGEST_LENGTH
== 20 bytes of output). It returns the md pointer.
.Pp
.Fn CC_SHA1_Init
initializes a
.Ft CC_SHA1_CTX
structure.
.Pp
.Fn CC_SHA1_Update
can be called repeatedly with chunks of the message to
be hashed (len bytes at data).
.Pp
.Fn CC_SHA1_Final
places the message digest in md, which must have space
for
.Ft CC_SHA1_DIGEST_LENGTH
== 20 bytes of output, and erases the
.Ft CC_SHA1_CTX .
.Pp
The successor versions of SHA\-1, SHA-2, are also implemented for hash
bit lengths of 224, 256, 384, and 512.  The functions to call to invoke the larger hash-size
versions of the algorithms include the hash size as part of the function names:
.Pp
.Fn CC_SHA224_Init ,
.Fn CC_SHA224_Update ,
.Fn CC_SHA224_Final ,
.Fn CC_SHA224
.Pp
.Fn CC_SHA256_Init ,
.Fn CC_SHA256_Update ,
.Fn CC_SHA256_Final ,
.Fn CC_SHA256
.Pp
.Fn CC_SHA384_Init ,
.Fn CC_SHA384_Update ,
.Fn CC_SHA384_Final ,
.Fn CC_SHA384
.Pp
.Fn CC_SHA512_Init ,
.Fn CC_SHA512_Update ,
.Fn CC_SHA512_Final ,
.Fn CC_SHA512
.Sh RETURN VALUES
All routines return 1 except for the one-shot routines (
.Fn CC_SHA1 ,
etc.), which
return the pointer passed in via the md parameter.
.Sh CONFORMING TO
SHA\-1: US Federal Information Processing Standard FIPS PUB 180\-1 (Secure Hash
Standard),
ANSI X9.30
.Pp
SHA\-2: US Federal Information Processing Standard FIPS PUB 180\-2 (Secure Hash
Standard)
.Sh HISTORY
These functions are available in OS X 10.4 and later.
.Pp
These functions provide similar functionality to the routines found in OpenSSL 0.9.6
and may use the same implementation.
.Sh SEE ALSO
.Xr CC_MD5 3cc ,
.Xr CCCryptor 3cc ,
.Xr CCHmac 3cc ,
.Xr CC_crypto 3cc

Added doc/CC_SHA1.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA1_Final.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA1_Init.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA1_Update.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA224.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA224_Final.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA224_Init.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA224_Update.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA256.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA256_Final.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA256_Init.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA256_Update.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA384.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA384_Final.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA384_Init.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA384_Update.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA512.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA512_Final.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA512_Init.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_SHA512_Update.3cc.



>
1
.so man3/CC_SHA.3cc

Added doc/CC_crypto.3cc.



















































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
.Dd April 5, 2007
.Dt CC_crypto 3cc
.Os
.Sh NAME
.Nm Common Crypto
.Nd libSystem digest library
.Sh DESCRIPTION
The libSystem \fBCommon Crypto\fR library implements a wide range of cryptographic
algorithms used in various Internet standards. The services provided
by this library are used by the CDSA implementations of \s-1SSL\s0, \s-1TLS\s0
and S/MIME.
.Sh OVERVIEW
\&\fBlibSystem\fR contains the Common Crypto collection of algorithms. Digest
and encryption algorithms contained in this library are optimized for speed.
The algorithms have been collected from various sources and chosen for their
performance characteristics.  Since libSystem is linked into all executables
it is preferable for applications to use these functions rather than
implementing their own versions.
.Sh NOTES
To use the digest functions with existing code which uses
the corresponding openssl functions, #define the symbol 
COMMON_DIGEST_FOR_OPENSSL in your client code (BEFORE including
.In CommonCrypto/CommonDigest.h
).
.Pp
You can *NOT* mix and match functions operating on a given data
type from the two implementations; i.e., if you do a 
.Fn CC_MD5_Init
on a 
.Ft CC_MD5_CTX
object, do not assume that you can do an openssl-style
.Fn MD5_Update
on that same context.
.Pp
The interfaces to the encryption and HMAC algorithms have a calling interface
that is different from that provided by OpenSSL.
.Sh SEE ALSO
.Xr CC_MD5 3cc ,
.Xr CC_SHA 3cc ,
.Xr CCHmac 3cc ,
.Xr CCCryptor 3cc

Added doc/CCryptorCreateFromData.3cc.



>
1
.so man3/CCCryptor.3cc

Added doc/Common Crypto.3cc.



>
1
.so man3/CC_crypto.3cc

Added doc/CommonCrypto.plist.





















































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<array>
	<dict>
		<key>OpenSourceLicense</key>
		<string>Eric Young</string>
		<key>OpenSourceLicenseFile</key>
		<string>CommonCrypto.txt</string>
		<key>OpenSourceModifications</key>
		<string>Extensive customization for OS X</string>
		<key>OpenSourceProject</key>
		<string>openssl</string>
		<key>OpenSourceURL</key>
		<string>http://www.openssl.org/source/openssl-0.9.6.tar.gz</string>
		<key>OpenSourceVersion</key>
		<string>openssl-0.9.6</string>
		<key>OpenSourceWebsiteURL</key>
		<string>http://www.openssl.org/</string>
	</dict>
	<dict>
		<key>OpenSourceImportDate</key>
		<string>2004-04-07</string>
		<key>OpenSourceLicense</key>
		<string>Brian Gladman</string>
		<key>OpenSourceLicenseFile</key>
		<string>CommonCrypto.txt</string>
		<key>OpenSourceModifications</key>
		<string>Customization for OS X</string>
		<key>OpenSourceProject</key>
		<string>Gladman AES</string>
		<key>OpenSourceURL</key>
		<string>http://fp.gladman.plus.com/AES/aesfull.zip</string>
		<key>OpenSourceVersion</key>
		<string>aes-src-26-08-05</string>
		<key>OpenSourceWebsiteURL</key>
		<string>http://fp.gladman.plus.com/AES/index.htm</string>
	</dict>
	<dict>
		<key>OpenSourceImportDate</key>
		<string>2005-09-02</string>
		<key>OpenSourceLicense</key>
		<string>Brian Gladman</string>
		<key>OpenSourceLicenseFile</key>
		<string>CommonCrypto.txt</string>
		<key>OpenSourceModifications</key>
		<string>Customization for OS X</string>
		<key>OpenSourceProject</key>
		<string>Gladman SHA2</string>
		<key>OpenSourceURL</key>
		<string>http://fp.gladman.plus.com/cryptography_technology/sha/sha-26-08-05.zip</string>
		<key>OpenSourceVersion</key>
		<string>sha-26-08-05</string>
		<key>OpenSourceWebsiteURL</key>
		<string>http://fp.gladman.plus.com/cryptography_technology/sha/index.htm</string>
	</dict>
</array>
</plist>

Added doc/CommonCrypto.txt.

















































































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
 Original SSLeay License
 -----------------------

/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

 ---------------------------------------------------------------------------
 License for Dr. Brian Gladman's SHA2 implementation
 ---------------------------------------------------------------------------

 Copyright (c) 2002, Dr Brian Gladman, Worcester, UK.   All rights reserved.

 LICENSE TERMS

 The free distribution and use of this software in both source and binary
 form is allowed (with or without changes) provided that:

   1. distributions of this source code include the above copyright
      notice, this list of conditions and the following disclaimer;

   2. distributions in binary form include the above copyright
      notice, this list of conditions and the following disclaimer
      in the documentation and/or other associated materials;

   3. the copyright holder's name is not used to endorse products
      built using this software without specific written permission.

 ALTERNATIVELY, provided that this notice is retained in full, this product
 may be distributed under the terms of the GNU General Public License (GPL),
 in which case the provisions of the GPL apply INSTEAD OF those given above.

 DISCLAIMER

 This software is provided 'as is' with no explicit or implied warranties
 in respect of its properties, including, but not limited to, correctness
 and/or fitness for purpose.

 ---------------------------------------------------------------------------
 License for Dr. Brian Gladman's AES implementation
 ---------------------------------------------------------------------------
 Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.   All rights reserved.

 LICENSE TERMS

 The free distribution and use of this software in both source and binary
 form is allowed (with or without changes) provided that:

   1. distributions of this source code include the above copyright
      notice, this list of conditions and the following disclaimer;

   2. distributions in binary form include the above copyright
      notice, this list of conditions and the following disclaimer
      in the documentation and/or other associated materials;

   3. the copyright holder's name is not used to endorse products
      built using this software without specific written permission.

 ALTERNATIVELY, provided that this notice is retained in full, this product
 may be distributed under the terms of the GNU General Public License (GPL),
 in which case the provisions of the GPL apply INSTEAD OF those given above.

 DISCLAIMER

 This software is provided 'as is' with no explicit or implied warranties
 in respect of its properties, including, but not limited to, correctness
 and/or fitness for purpose.