* [PATCH v1] Crypt and decrypt files using password in keystore.
@ 2018-04-20 8:01 Gerd Pauli
2018-04-22 8:27 ` Oleksij Rempel
2018-04-23 8:39 ` Sascha Hauer
0 siblings, 2 replies; 7+ messages in thread
From: Gerd Pauli @ 2018-04-20 8:01 UTC (permalink / raw)
To: barebox; +Cc: Gerd Pauli
Adds ccryptlib library in crypto which implements a
stream cipher based on the block cipher Rijndael,
the candidate for the AES standard.
Compatible with the ccrypt tool in linux
from Peter Selinger.
Usage: ccrypt [-e|-d] -k KEYNAME_IN_KEYSTORE SRC DST
Signed-off-by: Gerd Pauli <gp@high-consulting.de>
---
commands/Kconfig | 17 +
commands/Makefile | 1 +
commands/ccrypt.c | 249 +++++++++
crypto/Kconfig | 7 +
crypto/Makefile | 1 +
crypto/ccryptlib.c | 1467 +++++++++++++++++++++++++++++++++++++++++++++++++++
include/ccryptlib.h | 102 ++++
7 files changed, 1844 insertions(+)
create mode 100644 commands/ccrypt.c
create mode 100644 crypto/ccryptlib.c
create mode 100644 include/ccryptlib.h
diff --git a/commands/Kconfig b/commands/Kconfig
index 951a86963..b6911246a 100644
--- a/commands/Kconfig
+++ b/commands/Kconfig
@@ -2137,6 +2137,23 @@ config CMD_SEED
help
Seed the pseudo random number generator (PRNG)
+config CMD_CCRYPT
+ tristate
+ prompt "ccrypt"
+ select CRYPTO_CCRYPTLIB
+ select CRYPTO_KEYSTORE
+ help
+ encrypting/decrypting a character stream
+ ccrypt implements a stream cipher based on the block cipher
+ Rijndael.
+
+ Usage: ccrypt [-ed] [-K name] srcfile dstfile
+
+ Options:
+ -e encrypt srcfile to dstfile
+ -d decrypt srcfile to dstfile
+ -k name use key with name from keystore
+
# end Miscellaneous commands
endmenu
diff --git a/commands/Makefile b/commands/Makefile
index eb4796389..3693bf553 100644
--- a/commands/Makefile
+++ b/commands/Makefile
@@ -123,3 +123,4 @@ obj-$(CONFIG_CMD_MMC_EXTCSD) += mmc_extcsd.o
obj-$(CONFIG_CMD_NAND_BITFLIP) += nand-bitflip.o
obj-$(CONFIG_CMD_SEED) += seed.o
obj-$(CONFIG_CMD_IP_ROUTE_GET) += ip-route-get.o
+obj-$(CONFIG_CMD_CCRYPT) += ccrypt.o
diff --git a/commands/ccrypt.c b/commands/ccrypt.c
new file mode 100644
index 000000000..1b0ee9f1a
--- /dev/null
+++ b/commands/ccrypt.c
@@ -0,0 +1,249 @@
+/* -*- Mode:C; c-file-style:"linux"; -*- */
+
+/* Copyright (C) 2018 Gerd Pauli <gp@high-consulting.de */
+
+/* Copyright (C) 2000-2012 Peter Selinger. */
+
+/* See file CREDITS for list of people who contributed to this
+ * project.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ */
+
+/* ccrypt implements a stream cipher based on the block cipher
+ Rijndael */
+
+/* needs library ccryptlib and keystore from barebox */
+
+#include <common.h>
+#include <command.h>
+#include <libfile.h>
+#include <getopt.h>
+#include <fcntl.h>
+#include <fs.h>
+#include <ccryptlib.h>
+#include <crypto/keystore.h>
+
+#define INBUFSIZE 1024
+#define OUTBUFSIZE INBUFSIZE+32
+
+void ccrypt_error( int e ) {
+ if ( e == -1 ) {
+ printf("ccrypt: %s\n",strerror(-errno));
+ return;
+ }
+ if ( e == -2 ) {
+ switch (ccrypt_errno) {
+ case CCRYPT_EFORMAT:
+ printf("ccrypt: %s\n","bad file format");
+ break;
+ case CCRYPT_EMISMATCH:
+ printf("ccrypt: %s\n","key does not match");
+ break;
+ case CCRYPT_EBUFFER:
+ printf("ccrypt: %s\n","buffer overflow");
+ break;
+ default:
+ /* do nothing */
+ printf("ccrypt: %s %d\n","unknown ccrypt error: ",ccrypt_errno);
+ break;
+ }
+ return;
+ }
+ if ( e == -3 ) {
+ printf("ccrypt: %s\n","no key");
+ return;
+ }
+ printf("ccrypt: %s: %d\n","unknown error",e);
+}
+
+static int do_ccrypt(int argc, char *argv[])
+{
+ int opt;
+ int ret=-EINVAL;
+ int encrypt=0;
+ int decrypt=0;
+ char *extract = NULL;
+ char *from = NULL;
+ char *to = NULL;
+ char *r_buf = NULL;
+ char *w_buf = NULL;
+ int from_fd = 0;
+ int to_fd = 0;
+ int r,w;
+ void *buf;
+ ccrypt_stream_t ccs;
+ ccrypt_stream_t *b = &ccs;
+ char *key;
+ int keylen;
+ int eof=0;
+
+ while ((opt = getopt(argc, argv, "dek:")) > 0) {
+ switch(opt) {
+ case 'e':
+ encrypt=1;
+ break;
+ case 'd':
+ decrypt=1;
+ break;
+ case 'k':
+ extract = optarg;
+ break;
+ }
+ }
+ if ( encrypt == 1 && decrypt == 1 )
+ return ret;
+ if ( extract == NULL )
+ return ret;
+
+ if ( optind != 4 )
+ return ret;
+
+ if ( argc != 6 )
+ return ret;
+
+ from = argv[optind];
+ to = argv[optind + 1];
+
+ r_buf=malloc(INBUFSIZE);
+ if ( r_buf == NULL ) {
+ ret = -1;
+ goto out;
+ }
+
+ w_buf=malloc(OUTBUFSIZE);
+ if ( w_buf == NULL ) {
+ free(r_buf);
+ ret = -1;
+ goto out;
+ }
+
+ ret=keystore_get_secret(extract, (const u8 **)&key, &keylen);
+
+#ifdef DEBUG
+ if ( key && keystore )
+ memory_display(key,0,keylen,1,0);
+#endif
+
+ if ( ret ) {
+ ret=-3;
+ goto out;
+ }
+
+ from_fd = open(from, O_RDONLY);
+ if (from_fd < 0) {
+ printf("could not open %s: %s\n", from, errno_str());
+ ret=-1;
+ goto out;
+ }
+
+ to_fd = open(to, O_WRONLY | O_CREAT | O_TRUNC);
+ if (to_fd < 0) {
+ printf("could not open %s: %s\n", to, errno_str());
+ ret=-1;
+ goto out;
+ }
+
+ ret=0;
+
+ if ( encrypt == 1 )
+ ret = ccencrypt_init(b, key, keylen);
+
+ if ( decrypt == 1 )
+ ret = ccdecrypt_init(b, key, keylen);
+
+ if ( ret != 0 ) {
+ printf("cc init error\n");
+ goto out;
+ }
+
+ b->avail_in = 0;
+
+ while (1) {
+ /* fill input buffer */
+ if (b->avail_in == 0 && !eof) {
+ r = read(from_fd, r_buf, INBUFSIZE);
+ if (r < 0) {
+ perror("read");
+ ret=-1;
+ goto out;
+ }
+ if (!r)
+ eof=1;
+ b->next_in = &r_buf[0];
+ b->avail_in = r;
+ }
+
+ /* prepare output buffer */
+ b->next_out = &w_buf[0];
+ b->avail_out = OUTBUFSIZE;
+
+ /* do some work */
+ if ( encrypt == 1 ) {
+ ret = ccencrypt(b);
+ }
+ if ( decrypt == 1 ) {
+ ret = ccdecrypt(b);
+ if (ret) {
+ printf("cc dec err\n");
+ ret=-2;
+ goto out;
+ }
+ }
+
+ r = OUTBUFSIZE-b->avail_out;
+ buf = &w_buf[0];
+
+ /* process output buffer */
+ while (r) {
+ w = write(to_fd, buf, r);
+ if (w < 0) {
+ printf("write error\n");
+ ret=-1;
+ goto out;
+ }
+ buf += w;
+ r -= w;
+ }
+
+ /* ready */
+ if (eof && b->avail_out != 0) {
+ break;
+ }
+ }
+ ret = 0;
+out:
+ free(r_buf);
+ free(w_buf);
+ if (from_fd > 0)
+ close(from_fd);
+ if (to_fd > 0)
+ close(to_fd);
+
+ return ret;
+}
+
+BAREBOX_CMD_HELP_START(ccrypt)
+BAREBOX_CMD_HELP_TEXT("Rijandel Crypt and Decrypt")
+BAREBOX_CMD_HELP_TEXT("")
+BAREBOX_CMD_HELP_TEXT("Options:")
+BAREBOX_CMD_HELP_OPT("-e", "encrypt")
+BAREBOX_CMD_HELP_OPT("-d", "decrypt")
+BAREBOX_CMD_HELP_OPT("-k name", "Name of key in keystore")
+BAREBOX_CMD_HELP_END
+
+BAREBOX_CMD_START(ccrypt)
+.cmd = do_ccrypt,
+ BAREBOX_CMD_DESC("Crypt and Decrypt Files")
+ BAREBOX_CMD_OPTS("[-e|-d] -k NAME SRC DST")
+ BAREBOX_CMD_GROUP(CMD_GRP_MISC)
+ BAREBOX_CMD_HELP(cmd_ccrypt_help)
+ BAREBOX_CMD_END
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 6d65c24d4..08669a2de 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -101,4 +101,11 @@ config CRYPTO_KEYSTORE
This is a simple keystore, which can be used to pass keys
between several components via simple interface.
+config CRYPTO_CCRYPTLIB
+ bool "ccryptlib"
+ help
+ This option provides functions implementing a stream cipher based
+ on the block cipher rijandel.
+ The cipher is based on Peter Selingers ccrypt implementation.
+
endmenu
diff --git a/crypto/Makefile b/crypto/Makefile
index a7240d1d6..1231bc76d 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -14,3 +14,4 @@ obj-$(CONFIG_DIGEST_SHA512_GENERIC) += sha4.o
obj-$(CONFIG_CRYPTO_PBKDF2) += pbkdf2.o
obj-$(CONFIG_CRYPTO_RSA) += rsa.o
obj-$(CONFIG_CRYPTO_KEYSTORE) += keystore.o
+obj-$(CONFIG_CRYPTO_CCRYPTLIB) += ccryptlib.o
diff --git a/crypto/ccryptlib.c b/crypto/ccryptlib.c
new file mode 100644
index 000000000..78f0ac843
--- /dev/null
+++ b/crypto/ccryptlib.c
@@ -0,0 +1,1467 @@
+/* -*- Mode:C; c-file-style:"linux"; -*- */
+
+/* Ported to barebox by Gerd Pauli <gp@high-consulting.de> 2018 */
+
+/* Copyright (C) 2000-2012 Peter Selinger.
+ This file is part of ccrypt. It is free software and it is covered
+ by the GNU general public license. See the file COPYING for details. */
+
+/* NOTE: this library is copyrighted under the GNU General Public
+ License, *not* under the GNU Library General Public License. This
+ means, among other things, that you cannot use this library in
+ closed-source software. */
+
+/* ccryptlib implements a stream cipher based on the block cipher
+ Rijndael, the candidate for the AES standard. */
+
+#include <stdlib.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <string.h>
+#include <ccryptlib.h>
+#include <common.h>
+#include <malloc.h>
+
+/* ---------- rijandel.c ---------- */
+
+/* rijndael.c - optimized version of the Rijndeal cipher */
+/* derived from original source: rijndael-alg-ref.c v2.0 August '99
+ * Reference ANSI C code for NIST competition
+ * authors: Paulo Barreto
+ * Vincent Rijmen
+ */
+
+typedef unsigned char word8;
+
+#ifdef UINT32_TYPE
+typedef UINT32_TYPE word32;
+#else
+typedef int word32; /* should be a 32-bit integer type */
+#endif
+
+/* a type to hold 32 bits accessible as 1 integer or 4 bytes */
+union word8x4_u {
+ word8 w8[4];
+ word32 w32;
+};
+typedef union word8x4_u word8x4;
+
+/* ---------- tables.c ------------ */
+
+word8x4 M0[4][256] = {
+ {
+ {{ 0, 0, 0, 0}}, {{ 2, 1, 1, 3}}, {{ 4, 2, 2, 6}},
+ {{ 6, 3, 3, 5}}, {{ 8, 4, 4, 12}}, {{ 10, 5, 5, 15}},
+ {{ 12, 6, 6, 10}}, {{ 14, 7, 7, 9}}, {{ 16, 8, 8, 24}},
+ {{ 18, 9, 9, 27}}, {{ 20, 10, 10, 30}}, {{ 22, 11, 11, 29}},
+ {{ 24, 12, 12, 20}}, {{ 26, 13, 13, 23}}, {{ 28, 14, 14, 18}},
+ {{ 30, 15, 15, 17}}, {{ 32, 16, 16, 48}}, {{ 34, 17, 17, 51}},
+ {{ 36, 18, 18, 54}}, {{ 38, 19, 19, 53}}, {{ 40, 20, 20, 60}},
+ {{ 42, 21, 21, 63}}, {{ 44, 22, 22, 58}}, {{ 46, 23, 23, 57}},
+ {{ 48, 24, 24, 40}}, {{ 50, 25, 25, 43}}, {{ 52, 26, 26, 46}},
+ {{ 54, 27, 27, 45}}, {{ 56, 28, 28, 36}}, {{ 58, 29, 29, 39}},
+ {{ 60, 30, 30, 34}}, {{ 62, 31, 31, 33}}, {{ 64, 32, 32, 96}},
+ {{ 66, 33, 33, 99}}, {{ 68, 34, 34, 102}}, {{ 70, 35, 35, 101}},
+ {{ 72, 36, 36, 108}}, {{ 74, 37, 37, 111}}, {{ 76, 38, 38, 106}},
+ {{ 78, 39, 39, 105}}, {{ 80, 40, 40, 120}}, {{ 82, 41, 41, 123}},
+ {{ 84, 42, 42, 126}}, {{ 86, 43, 43, 125}}, {{ 88, 44, 44, 116}},
+ {{ 90, 45, 45, 119}}, {{ 92, 46, 46, 114}}, {{ 94, 47, 47, 113}},
+ {{ 96, 48, 48, 80}}, {{ 98, 49, 49, 83}}, {{100, 50, 50, 86}},
+ {{102, 51, 51, 85}}, {{104, 52, 52, 92}}, {{106, 53, 53, 95}},
+ {{108, 54, 54, 90}}, {{110, 55, 55, 89}}, {{112, 56, 56, 72}},
+ {{114, 57, 57, 75}}, {{116, 58, 58, 78}}, {{118, 59, 59, 77}},
+ {{120, 60, 60, 68}}, {{122, 61, 61, 71}}, {{124, 62, 62, 66}},
+ {{126, 63, 63, 65}}, {{128, 64, 64, 192}}, {{130, 65, 65, 195}},
+ {{132, 66, 66, 198}}, {{134, 67, 67, 197}}, {{136, 68, 68, 204}},
+ {{138, 69, 69, 207}}, {{140, 70, 70, 202}}, {{142, 71, 71, 201}},
+ {{144, 72, 72, 216}}, {{146, 73, 73, 219}}, {{148, 74, 74, 222}},
+ {{150, 75, 75, 221}}, {{152, 76, 76, 212}}, {{154, 77, 77, 215}},
+ {{156, 78, 78, 210}}, {{158, 79, 79, 209}}, {{160, 80, 80, 240}},
+ {{162, 81, 81, 243}}, {{164, 82, 82, 246}}, {{166, 83, 83, 245}},
+ {{168, 84, 84, 252}}, {{170, 85, 85, 255}}, {{172, 86, 86, 250}},
+ {{174, 87, 87, 249}}, {{176, 88, 88, 232}}, {{178, 89, 89, 235}},
+ {{180, 90, 90, 238}}, {{182, 91, 91, 237}}, {{184, 92, 92, 228}},
+ {{186, 93, 93, 231}}, {{188, 94, 94, 226}}, {{190, 95, 95, 225}},
+ {{192, 96, 96, 160}}, {{194, 97, 97, 163}}, {{196, 98, 98, 166}},
+ {{198, 99, 99, 165}}, {{200, 100, 100, 172}}, {{202, 101, 101, 175}},
+ {{204, 102, 102, 170}}, {{206, 103, 103, 169}}, {{208, 104, 104, 184}},
+ {{210, 105, 105, 187}}, {{212, 106, 106, 190}}, {{214, 107, 107, 189}},
+ {{216, 108, 108, 180}}, {{218, 109, 109, 183}}, {{220, 110, 110, 178}},
+ {{222, 111, 111, 177}}, {{224, 112, 112, 144}}, {{226, 113, 113, 147}},
+ {{228, 114, 114, 150}}, {{230, 115, 115, 149}}, {{232, 116, 116, 156}},
+ {{234, 117, 117, 159}}, {{236, 118, 118, 154}}, {{238, 119, 119, 153}},
+ {{240, 120, 120, 136}}, {{242, 121, 121, 139}}, {{244, 122, 122, 142}},
+ {{246, 123, 123, 141}}, {{248, 124, 124, 132}}, {{250, 125, 125, 135}},
+ {{252, 126, 126, 130}}, {{254, 127, 127, 129}}, {{ 27, 128, 128, 155}},
+ {{ 25, 129, 129, 152}}, {{ 31, 130, 130, 157}}, {{ 29, 131, 131, 158}},
+ {{ 19, 132, 132, 151}}, {{ 17, 133, 133, 148}}, {{ 23, 134, 134, 145}},
+ {{ 21, 135, 135, 146}}, {{ 11, 136, 136, 131}}, {{ 9, 137, 137, 128}},
+ {{ 15, 138, 138, 133}}, {{ 13, 139, 139, 134}}, {{ 3, 140, 140, 143}},
+ {{ 1, 141, 141, 140}}, {{ 7, 142, 142, 137}}, {{ 5, 143, 143, 138}},
+ {{ 59, 144, 144, 171}}, {{ 57, 145, 145, 168}}, {{ 63, 146, 146, 173}},
+ {{ 61, 147, 147, 174}}, {{ 51, 148, 148, 167}}, {{ 49, 149, 149, 164}},
+ {{ 55, 150, 150, 161}}, {{ 53, 151, 151, 162}}, {{ 43, 152, 152, 179}},
+ {{ 41, 153, 153, 176}}, {{ 47, 154, 154, 181}}, {{ 45, 155, 155, 182}},
+ {{ 35, 156, 156, 191}}, {{ 33, 157, 157, 188}}, {{ 39, 158, 158, 185}},
+ {{ 37, 159, 159, 186}}, {{ 91, 160, 160, 251}}, {{ 89, 161, 161, 248}},
+ {{ 95, 162, 162, 253}}, {{ 93, 163, 163, 254}}, {{ 83, 164, 164, 247}},
+ {{ 81, 165, 165, 244}}, {{ 87, 166, 166, 241}}, {{ 85, 167, 167, 242}},
+ {{ 75, 168, 168, 227}}, {{ 73, 169, 169, 224}}, {{ 79, 170, 170, 229}},
+ {{ 77, 171, 171, 230}}, {{ 67, 172, 172, 239}}, {{ 65, 173, 173, 236}},
+ {{ 71, 174, 174, 233}}, {{ 69, 175, 175, 234}}, {{123, 176, 176, 203}},
+ {{121, 177, 177, 200}}, {{127, 178, 178, 205}}, {{125, 179, 179, 206}},
+ {{115, 180, 180, 199}}, {{113, 181, 181, 196}}, {{119, 182, 182, 193}},
+ {{117, 183, 183, 194}}, {{107, 184, 184, 211}}, {{105, 185, 185, 208}},
+ {{111, 186, 186, 213}}, {{109, 187, 187, 214}}, {{ 99, 188, 188, 223}},
+ {{ 97, 189, 189, 220}}, {{103, 190, 190, 217}}, {{101, 191, 191, 218}},
+ {{155, 192, 192, 91}}, {{153, 193, 193, 88}}, {{159, 194, 194, 93}},
+ {{157, 195, 195, 94}}, {{147, 196, 196, 87}}, {{145, 197, 197, 84}},
+ {{151, 198, 198, 81}}, {{149, 199, 199, 82}}, {{139, 200, 200, 67}},
+ {{137, 201, 201, 64}}, {{143, 202, 202, 69}}, {{141, 203, 203, 70}},
+ {{131, 204, 204, 79}}, {{129, 205, 205, 76}}, {{135, 206, 206, 73}},
+ {{133, 207, 207, 74}}, {{187, 208, 208, 107}}, {{185, 209, 209, 104}},
+ {{191, 210, 210, 109}}, {{189, 211, 211, 110}}, {{179, 212, 212, 103}},
+ {{177, 213, 213, 100}}, {{183, 214, 214, 97}}, {{181, 215, 215, 98}},
+ {{171, 216, 216, 115}}, {{169, 217, 217, 112}}, {{175, 218, 218, 117}},
+ {{173, 219, 219, 118}}, {{163, 220, 220, 127}}, {{161, 221, 221, 124}},
+ {{167, 222, 222, 121}}, {{165, 223, 223, 122}}, {{219, 224, 224, 59}},
+ {{217, 225, 225, 56}}, {{223, 226, 226, 61}}, {{221, 227, 227, 62}},
+ {{211, 228, 228, 55}}, {{209, 229, 229, 52}}, {{215, 230, 230, 49}},
+ {{213, 231, 231, 50}}, {{203, 232, 232, 35}}, {{201, 233, 233, 32}},
+ {{207, 234, 234, 37}}, {{205, 235, 235, 38}}, {{195, 236, 236, 47}},
+ {{193, 237, 237, 44}}, {{199, 238, 238, 41}}, {{197, 239, 239, 42}},
+ {{251, 240, 240, 11}}, {{249, 241, 241, 8}}, {{255, 242, 242, 13}},
+ {{253, 243, 243, 14}}, {{243, 244, 244, 7}}, {{241, 245, 245, 4}},
+ {{247, 246, 246, 1}}, {{245, 247, 247, 2}}, {{235, 248, 248, 19}},
+ {{233, 249, 249, 16}}, {{239, 250, 250, 21}}, {{237, 251, 251, 22}},
+ {{227, 252, 252, 31}}, {{225, 253, 253, 28}}, {{231, 254, 254, 25}},
+ {{229, 255, 255, 26}},
+ },
+ {
+ {{ 0, 0, 0, 0}}, {{ 3, 2, 1, 1}}, {{ 6, 4, 2, 2}},
+ {{ 5, 6, 3, 3}}, {{ 12, 8, 4, 4}}, {{ 15, 10, 5, 5}},
+ {{ 10, 12, 6, 6}}, {{ 9, 14, 7, 7}}, {{ 24, 16, 8, 8}},
+ {{ 27, 18, 9, 9}}, {{ 30, 20, 10, 10}}, {{ 29, 22, 11, 11}},
+ {{ 20, 24, 12, 12}}, {{ 23, 26, 13, 13}}, {{ 18, 28, 14, 14}},
+ {{ 17, 30, 15, 15}}, {{ 48, 32, 16, 16}}, {{ 51, 34, 17, 17}},
+ {{ 54, 36, 18, 18}}, {{ 53, 38, 19, 19}}, {{ 60, 40, 20, 20}},
+ {{ 63, 42, 21, 21}}, {{ 58, 44, 22, 22}}, {{ 57, 46, 23, 23}},
+ {{ 40, 48, 24, 24}}, {{ 43, 50, 25, 25}}, {{ 46, 52, 26, 26}},
+ {{ 45, 54, 27, 27}}, {{ 36, 56, 28, 28}}, {{ 39, 58, 29, 29}},
+ {{ 34, 60, 30, 30}}, {{ 33, 62, 31, 31}}, {{ 96, 64, 32, 32}},
+ {{ 99, 66, 33, 33}}, {{102, 68, 34, 34}}, {{101, 70, 35, 35}},
+ {{108, 72, 36, 36}}, {{111, 74, 37, 37}}, {{106, 76, 38, 38}},
+ {{105, 78, 39, 39}}, {{120, 80, 40, 40}}, {{123, 82, 41, 41}},
+ {{126, 84, 42, 42}}, {{125, 86, 43, 43}}, {{116, 88, 44, 44}},
+ {{119, 90, 45, 45}}, {{114, 92, 46, 46}}, {{113, 94, 47, 47}},
+ {{ 80, 96, 48, 48}}, {{ 83, 98, 49, 49}}, {{ 86, 100, 50, 50}},
+ {{ 85, 102, 51, 51}}, {{ 92, 104, 52, 52}}, {{ 95, 106, 53, 53}},
+ {{ 90, 108, 54, 54}}, {{ 89, 110, 55, 55}}, {{ 72, 112, 56, 56}},
+ {{ 75, 114, 57, 57}}, {{ 78, 116, 58, 58}}, {{ 77, 118, 59, 59}},
+ {{ 68, 120, 60, 60}}, {{ 71, 122, 61, 61}}, {{ 66, 124, 62, 62}},
+ {{ 65, 126, 63, 63}}, {{192, 128, 64, 64}}, {{195, 130, 65, 65}},
+ {{198, 132, 66, 66}}, {{197, 134, 67, 67}}, {{204, 136, 68, 68}},
+ {{207, 138, 69, 69}}, {{202, 140, 70, 70}}, {{201, 142, 71, 71}},
+ {{216, 144, 72, 72}}, {{219, 146, 73, 73}}, {{222, 148, 74, 74}},
+ {{221, 150, 75, 75}}, {{212, 152, 76, 76}}, {{215, 154, 77, 77}},
+ {{210, 156, 78, 78}}, {{209, 158, 79, 79}}, {{240, 160, 80, 80}},
+ {{243, 162, 81, 81}}, {{246, 164, 82, 82}}, {{245, 166, 83, 83}},
+ {{252, 168, 84, 84}}, {{255, 170, 85, 85}}, {{250, 172, 86, 86}},
+ {{249, 174, 87, 87}}, {{232, 176, 88, 88}}, {{235, 178, 89, 89}},
+ {{238, 180, 90, 90}}, {{237, 182, 91, 91}}, {{228, 184, 92, 92}},
+ {{231, 186, 93, 93}}, {{226, 188, 94, 94}}, {{225, 190, 95, 95}},
+ {{160, 192, 96, 96}}, {{163, 194, 97, 97}}, {{166, 196, 98, 98}},
+ {{165, 198, 99, 99}}, {{172, 200, 100, 100}}, {{175, 202, 101, 101}},
+ {{170, 204, 102, 102}}, {{169, 206, 103, 103}}, {{184, 208, 104, 104}},
+ {{187, 210, 105, 105}}, {{190, 212, 106, 106}}, {{189, 214, 107, 107}},
+ {{180, 216, 108, 108}}, {{183, 218, 109, 109}}, {{178, 220, 110, 110}},
+ {{177, 222, 111, 111}}, {{144, 224, 112, 112}}, {{147, 226, 113, 113}},
+ {{150, 228, 114, 114}}, {{149, 230, 115, 115}}, {{156, 232, 116, 116}},
+ {{159, 234, 117, 117}}, {{154, 236, 118, 118}}, {{153, 238, 119, 119}},
+ {{136, 240, 120, 120}}, {{139, 242, 121, 121}}, {{142, 244, 122, 122}},
+ {{141, 246, 123, 123}}, {{132, 248, 124, 124}}, {{135, 250, 125, 125}},
+ {{130, 252, 126, 126}}, {{129, 254, 127, 127}}, {{155, 27, 128, 128}},
+ {{152, 25, 129, 129}}, {{157, 31, 130, 130}}, {{158, 29, 131, 131}},
+ {{151, 19, 132, 132}}, {{148, 17, 133, 133}}, {{145, 23, 134, 134}},
+ {{146, 21, 135, 135}}, {{131, 11, 136, 136}}, {{128, 9, 137, 137}},
+ {{133, 15, 138, 138}}, {{134, 13, 139, 139}}, {{143, 3, 140, 140}},
+ {{140, 1, 141, 141}}, {{137, 7, 142, 142}}, {{138, 5, 143, 143}},
+ {{171, 59, 144, 144}}, {{168, 57, 145, 145}}, {{173, 63, 146, 146}},
+ {{174, 61, 147, 147}}, {{167, 51, 148, 148}}, {{164, 49, 149, 149}},
+ {{161, 55, 150, 150}}, {{162, 53, 151, 151}}, {{179, 43, 152, 152}},
+ {{176, 41, 153, 153}}, {{181, 47, 154, 154}}, {{182, 45, 155, 155}},
+ {{191, 35, 156, 156}}, {{188, 33, 157, 157}}, {{185, 39, 158, 158}},
+ {{186, 37, 159, 159}}, {{251, 91, 160, 160}}, {{248, 89, 161, 161}},
+ {{253, 95, 162, 162}}, {{254, 93, 163, 163}}, {{247, 83, 164, 164}},
+ {{244, 81, 165, 165}}, {{241, 87, 166, 166}}, {{242, 85, 167, 167}},
+ {{227, 75, 168, 168}}, {{224, 73, 169, 169}}, {{229, 79, 170, 170}},
+ {{230, 77, 171, 171}}, {{239, 67, 172, 172}}, {{236, 65, 173, 173}},
+ {{233, 71, 174, 174}}, {{234, 69, 175, 175}}, {{203, 123, 176, 176}},
+ {{200, 121, 177, 177}}, {{205, 127, 178, 178}}, {{206, 125, 179, 179}},
+ {{199, 115, 180, 180}}, {{196, 113, 181, 181}}, {{193, 119, 182, 182}},
+ {{194, 117, 183, 183}}, {{211, 107, 184, 184}}, {{208, 105, 185, 185}},
+ {{213, 111, 186, 186}}, {{214, 109, 187, 187}}, {{223, 99, 188, 188}},
+ {{220, 97, 189, 189}}, {{217, 103, 190, 190}}, {{218, 101, 191, 191}},
+ {{ 91, 155, 192, 192}}, {{ 88, 153, 193, 193}}, {{ 93, 159, 194, 194}},
+ {{ 94, 157, 195, 195}}, {{ 87, 147, 196, 196}}, {{ 84, 145, 197, 197}},
+ {{ 81, 151, 198, 198}}, {{ 82, 149, 199, 199}}, {{ 67, 139, 200, 200}},
+ {{ 64, 137, 201, 201}}, {{ 69, 143, 202, 202}}, {{ 70, 141, 203, 203}},
+ {{ 79, 131, 204, 204}}, {{ 76, 129, 205, 205}}, {{ 73, 135, 206, 206}},
+ {{ 74, 133, 207, 207}}, {{107, 187, 208, 208}}, {{104, 185, 209, 209}},
+ {{109, 191, 210, 210}}, {{110, 189, 211, 211}}, {{103, 179, 212, 212}},
+ {{100, 177, 213, 213}}, {{ 97, 183, 214, 214}}, {{ 98, 181, 215, 215}},
+ {{115, 171, 216, 216}}, {{112, 169, 217, 217}}, {{117, 175, 218, 218}},
+ {{118, 173, 219, 219}}, {{127, 163, 220, 220}}, {{124, 161, 221, 221}},
+ {{121, 167, 222, 222}}, {{122, 165, 223, 223}}, {{ 59, 219, 224, 224}},
+ {{ 56, 217, 225, 225}}, {{ 61, 223, 226, 226}}, {{ 62, 221, 227, 227}},
+ {{ 55, 211, 228, 228}}, {{ 52, 209, 229, 229}}, {{ 49, 215, 230, 230}},
+ {{ 50, 213, 231, 231}}, {{ 35, 203, 232, 232}}, {{ 32, 201, 233, 233}},
+ {{ 37, 207, 234, 234}}, {{ 38, 205, 235, 235}}, {{ 47, 195, 236, 236}},
+ {{ 44, 193, 237, 237}}, {{ 41, 199, 238, 238}}, {{ 42, 197, 239, 239}},
+ {{ 11, 251, 240, 240}}, {{ 8, 249, 241, 241}}, {{ 13, 255, 242, 242}},
+ {{ 14, 253, 243, 243}}, {{ 7, 243, 244, 244}}, {{ 4, 241, 245, 245}},
+ {{ 1, 247, 246, 246}}, {{ 2, 245, 247, 247}}, {{ 19, 235, 248, 248}},
+ {{ 16, 233, 249, 249}}, {{ 21, 239, 250, 250}}, {{ 22, 237, 251, 251}},
+ {{ 31, 227, 252, 252}}, {{ 28, 225, 253, 253}}, {{ 25, 231, 254, 254}},
+ {{ 26, 229, 255, 255}},
+ },
+ {
+ {{ 0, 0, 0, 0}}, {{ 1, 3, 2, 1}}, {{ 2, 6, 4, 2}},
+ {{ 3, 5, 6, 3}}, {{ 4, 12, 8, 4}}, {{ 5, 15, 10, 5}},
+ {{ 6, 10, 12, 6}}, {{ 7, 9, 14, 7}}, {{ 8, 24, 16, 8}},
+ {{ 9, 27, 18, 9}}, {{ 10, 30, 20, 10}}, {{ 11, 29, 22, 11}},
+ {{ 12, 20, 24, 12}}, {{ 13, 23, 26, 13}}, {{ 14, 18, 28, 14}},
+ {{ 15, 17, 30, 15}}, {{ 16, 48, 32, 16}}, {{ 17, 51, 34, 17}},
+ {{ 18, 54, 36, 18}}, {{ 19, 53, 38, 19}}, {{ 20, 60, 40, 20}},
+ {{ 21, 63, 42, 21}}, {{ 22, 58, 44, 22}}, {{ 23, 57, 46, 23}},
+ {{ 24, 40, 48, 24}}, {{ 25, 43, 50, 25}}, {{ 26, 46, 52, 26}},
+ {{ 27, 45, 54, 27}}, {{ 28, 36, 56, 28}}, {{ 29, 39, 58, 29}},
+ {{ 30, 34, 60, 30}}, {{ 31, 33, 62, 31}}, {{ 32, 96, 64, 32}},
+ {{ 33, 99, 66, 33}}, {{ 34, 102, 68, 34}}, {{ 35, 101, 70, 35}},
+ {{ 36, 108, 72, 36}}, {{ 37, 111, 74, 37}}, {{ 38, 106, 76, 38}},
+ {{ 39, 105, 78, 39}}, {{ 40, 120, 80, 40}}, {{ 41, 123, 82, 41}},
+ {{ 42, 126, 84, 42}}, {{ 43, 125, 86, 43}}, {{ 44, 116, 88, 44}},
+ {{ 45, 119, 90, 45}}, {{ 46, 114, 92, 46}}, {{ 47, 113, 94, 47}},
+ {{ 48, 80, 96, 48}}, {{ 49, 83, 98, 49}}, {{ 50, 86, 100, 50}},
+ {{ 51, 85, 102, 51}}, {{ 52, 92, 104, 52}}, {{ 53, 95, 106, 53}},
+ {{ 54, 90, 108, 54}}, {{ 55, 89, 110, 55}}, {{ 56, 72, 112, 56}},
+ {{ 57, 75, 114, 57}}, {{ 58, 78, 116, 58}}, {{ 59, 77, 118, 59}},
+ {{ 60, 68, 120, 60}}, {{ 61, 71, 122, 61}}, {{ 62, 66, 124, 62}},
+ {{ 63, 65, 126, 63}}, {{ 64, 192, 128, 64}}, {{ 65, 195, 130, 65}},
+ {{ 66, 198, 132, 66}}, {{ 67, 197, 134, 67}}, {{ 68, 204, 136, 68}},
+ {{ 69, 207, 138, 69}}, {{ 70, 202, 140, 70}}, {{ 71, 201, 142, 71}},
+ {{ 72, 216, 144, 72}}, {{ 73, 219, 146, 73}}, {{ 74, 222, 148, 74}},
+ {{ 75, 221, 150, 75}}, {{ 76, 212, 152, 76}}, {{ 77, 215, 154, 77}},
+ {{ 78, 210, 156, 78}}, {{ 79, 209, 158, 79}}, {{ 80, 240, 160, 80}},
+ {{ 81, 243, 162, 81}}, {{ 82, 246, 164, 82}}, {{ 83, 245, 166, 83}},
+ {{ 84, 252, 168, 84}}, {{ 85, 255, 170, 85}}, {{ 86, 250, 172, 86}},
+ {{ 87, 249, 174, 87}}, {{ 88, 232, 176, 88}}, {{ 89, 235, 178, 89}},
+ {{ 90, 238, 180, 90}}, {{ 91, 237, 182, 91}}, {{ 92, 228, 184, 92}},
+ {{ 93, 231, 186, 93}}, {{ 94, 226, 188, 94}}, {{ 95, 225, 190, 95}},
+ {{ 96, 160, 192, 96}}, {{ 97, 163, 194, 97}}, {{ 98, 166, 196, 98}},
+ {{ 99, 165, 198, 99}}, {{100, 172, 200, 100}}, {{101, 175, 202, 101}},
+ {{102, 170, 204, 102}}, {{103, 169, 206, 103}}, {{104, 184, 208, 104}},
+ {{105, 187, 210, 105}}, {{106, 190, 212, 106}}, {{107, 189, 214, 107}},
+ {{108, 180, 216, 108}}, {{109, 183, 218, 109}}, {{110, 178, 220, 110}},
+ {{111, 177, 222, 111}}, {{112, 144, 224, 112}}, {{113, 147, 226, 113}},
+ {{114, 150, 228, 114}}, {{115, 149, 230, 115}}, {{116, 156, 232, 116}},
+ {{117, 159, 234, 117}}, {{118, 154, 236, 118}}, {{119, 153, 238, 119}},
+ {{120, 136, 240, 120}}, {{121, 139, 242, 121}}, {{122, 142, 244, 122}},
+ {{123, 141, 246, 123}}, {{124, 132, 248, 124}}, {{125, 135, 250, 125}},
+ {{126, 130, 252, 126}}, {{127, 129, 254, 127}}, {{128, 155, 27, 128}},
+ {{129, 152, 25, 129}}, {{130, 157, 31, 130}}, {{131, 158, 29, 131}},
+ {{132, 151, 19, 132}}, {{133, 148, 17, 133}}, {{134, 145, 23, 134}},
+ {{135, 146, 21, 135}}, {{136, 131, 11, 136}}, {{137, 128, 9, 137}},
+ {{138, 133, 15, 138}}, {{139, 134, 13, 139}}, {{140, 143, 3, 140}},
+ {{141, 140, 1, 141}}, {{142, 137, 7, 142}}, {{143, 138, 5, 143}},
+ {{144, 171, 59, 144}}, {{145, 168, 57, 145}}, {{146, 173, 63, 146}},
+ {{147, 174, 61, 147}}, {{148, 167, 51, 148}}, {{149, 164, 49, 149}},
+ {{150, 161, 55, 150}}, {{151, 162, 53, 151}}, {{152, 179, 43, 152}},
+ {{153, 176, 41, 153}}, {{154, 181, 47, 154}}, {{155, 182, 45, 155}},
+ {{156, 191, 35, 156}}, {{157, 188, 33, 157}}, {{158, 185, 39, 158}},
+ {{159, 186, 37, 159}}, {{160, 251, 91, 160}}, {{161, 248, 89, 161}},
+ {{162, 253, 95, 162}}, {{163, 254, 93, 163}}, {{164, 247, 83, 164}},
+ {{165, 244, 81, 165}}, {{166, 241, 87, 166}}, {{167, 242, 85, 167}},
+ {{168, 227, 75, 168}}, {{169, 224, 73, 169}}, {{170, 229, 79, 170}},
+ {{171, 230, 77, 171}}, {{172, 239, 67, 172}}, {{173, 236, 65, 173}},
+ {{174, 233, 71, 174}}, {{175, 234, 69, 175}}, {{176, 203, 123, 176}},
+ {{177, 200, 121, 177}}, {{178, 205, 127, 178}}, {{179, 206, 125, 179}},
+ {{180, 199, 115, 180}}, {{181, 196, 113, 181}}, {{182, 193, 119, 182}},
+ {{183, 194, 117, 183}}, {{184, 211, 107, 184}}, {{185, 208, 105, 185}},
+ {{186, 213, 111, 186}}, {{187, 214, 109, 187}}, {{188, 223, 99, 188}},
+ {{189, 220, 97, 189}}, {{190, 217, 103, 190}}, {{191, 218, 101, 191}},
+ {{192, 91, 155, 192}}, {{193, 88, 153, 193}}, {{194, 93, 159, 194}},
+ {{195, 94, 157, 195}}, {{196, 87, 147, 196}}, {{197, 84, 145, 197}},
+ {{198, 81, 151, 198}}, {{199, 82, 149, 199}}, {{200, 67, 139, 200}},
+ {{201, 64, 137, 201}}, {{202, 69, 143, 202}}, {{203, 70, 141, 203}},
+ {{204, 79, 131, 204}}, {{205, 76, 129, 205}}, {{206, 73, 135, 206}},
+ {{207, 74, 133, 207}}, {{208, 107, 187, 208}}, {{209, 104, 185, 209}},
+ {{210, 109, 191, 210}}, {{211, 110, 189, 211}}, {{212, 103, 179, 212}},
+ {{213, 100, 177, 213}}, {{214, 97, 183, 214}}, {{215, 98, 181, 215}},
+ {{216, 115, 171, 216}}, {{217, 112, 169, 217}}, {{218, 117, 175, 218}},
+ {{219, 118, 173, 219}}, {{220, 127, 163, 220}}, {{221, 124, 161, 221}},
+ {{222, 121, 167, 222}}, {{223, 122, 165, 223}}, {{224, 59, 219, 224}},
+ {{225, 56, 217, 225}}, {{226, 61, 223, 226}}, {{227, 62, 221, 227}},
+ {{228, 55, 211, 228}}, {{229, 52, 209, 229}}, {{230, 49, 215, 230}},
+ {{231, 50, 213, 231}}, {{232, 35, 203, 232}}, {{233, 32, 201, 233}},
+ {{234, 37, 207, 234}}, {{235, 38, 205, 235}}, {{236, 47, 195, 236}},
+ {{237, 44, 193, 237}}, {{238, 41, 199, 238}}, {{239, 42, 197, 239}},
+ {{240, 11, 251, 240}}, {{241, 8, 249, 241}}, {{242, 13, 255, 242}},
+ {{243, 14, 253, 243}}, {{244, 7, 243, 244}}, {{245, 4, 241, 245}},
+ {{246, 1, 247, 246}}, {{247, 2, 245, 247}}, {{248, 19, 235, 248}},
+ {{249, 16, 233, 249}}, {{250, 21, 239, 250}}, {{251, 22, 237, 251}},
+ {{252, 31, 227, 252}}, {{253, 28, 225, 253}}, {{254, 25, 231, 254}},
+ {{255, 26, 229, 255}},
+ },
+ {
+ {{ 0, 0, 0, 0}}, {{ 1, 1, 3, 2}}, {{ 2, 2, 6, 4}},
+ {{ 3, 3, 5, 6}}, {{ 4, 4, 12, 8}}, {{ 5, 5, 15, 10}},
+ {{ 6, 6, 10, 12}}, {{ 7, 7, 9, 14}}, {{ 8, 8, 24, 16}},
+ {{ 9, 9, 27, 18}}, {{ 10, 10, 30, 20}}, {{ 11, 11, 29, 22}},
+ {{ 12, 12, 20, 24}}, {{ 13, 13, 23, 26}}, {{ 14, 14, 18, 28}},
+ {{ 15, 15, 17, 30}}, {{ 16, 16, 48, 32}}, {{ 17, 17, 51, 34}},
+ {{ 18, 18, 54, 36}}, {{ 19, 19, 53, 38}}, {{ 20, 20, 60, 40}},
+ {{ 21, 21, 63, 42}}, {{ 22, 22, 58, 44}}, {{ 23, 23, 57, 46}},
+ {{ 24, 24, 40, 48}}, {{ 25, 25, 43, 50}}, {{ 26, 26, 46, 52}},
+ {{ 27, 27, 45, 54}}, {{ 28, 28, 36, 56}}, {{ 29, 29, 39, 58}},
+ {{ 30, 30, 34, 60}}, {{ 31, 31, 33, 62}}, {{ 32, 32, 96, 64}},
+ {{ 33, 33, 99, 66}}, {{ 34, 34, 102, 68}}, {{ 35, 35, 101, 70}},
+ {{ 36, 36, 108, 72}}, {{ 37, 37, 111, 74}}, {{ 38, 38, 106, 76}},
+ {{ 39, 39, 105, 78}}, {{ 40, 40, 120, 80}}, {{ 41, 41, 123, 82}},
+ {{ 42, 42, 126, 84}}, {{ 43, 43, 125, 86}}, {{ 44, 44, 116, 88}},
+ {{ 45, 45, 119, 90}}, {{ 46, 46, 114, 92}}, {{ 47, 47, 113, 94}},
+ {{ 48, 48, 80, 96}}, {{ 49, 49, 83, 98}}, {{ 50, 50, 86, 100}},
+ {{ 51, 51, 85, 102}}, {{ 52, 52, 92, 104}}, {{ 53, 53, 95, 106}},
+ {{ 54, 54, 90, 108}}, {{ 55, 55, 89, 110}}, {{ 56, 56, 72, 112}},
+ {{ 57, 57, 75, 114}}, {{ 58, 58, 78, 116}}, {{ 59, 59, 77, 118}},
+ {{ 60, 60, 68, 120}}, {{ 61, 61, 71, 122}}, {{ 62, 62, 66, 124}},
+ {{ 63, 63, 65, 126}}, {{ 64, 64, 192, 128}}, {{ 65, 65, 195, 130}},
+ {{ 66, 66, 198, 132}}, {{ 67, 67, 197, 134}}, {{ 68, 68, 204, 136}},
+ {{ 69, 69, 207, 138}}, {{ 70, 70, 202, 140}}, {{ 71, 71, 201, 142}},
+ {{ 72, 72, 216, 144}}, {{ 73, 73, 219, 146}}, {{ 74, 74, 222, 148}},
+ {{ 75, 75, 221, 150}}, {{ 76, 76, 212, 152}}, {{ 77, 77, 215, 154}},
+ {{ 78, 78, 210, 156}}, {{ 79, 79, 209, 158}}, {{ 80, 80, 240, 160}},
+ {{ 81, 81, 243, 162}}, {{ 82, 82, 246, 164}}, {{ 83, 83, 245, 166}},
+ {{ 84, 84, 252, 168}}, {{ 85, 85, 255, 170}}, {{ 86, 86, 250, 172}},
+ {{ 87, 87, 249, 174}}, {{ 88, 88, 232, 176}}, {{ 89, 89, 235, 178}},
+ {{ 90, 90, 238, 180}}, {{ 91, 91, 237, 182}}, {{ 92, 92, 228, 184}},
+ {{ 93, 93, 231, 186}}, {{ 94, 94, 226, 188}}, {{ 95, 95, 225, 190}},
+ {{ 96, 96, 160, 192}}, {{ 97, 97, 163, 194}}, {{ 98, 98, 166, 196}},
+ {{ 99, 99, 165, 198}}, {{100, 100, 172, 200}}, {{101, 101, 175, 202}},
+ {{102, 102, 170, 204}}, {{103, 103, 169, 206}}, {{104, 104, 184, 208}},
+ {{105, 105, 187, 210}}, {{106, 106, 190, 212}}, {{107, 107, 189, 214}},
+ {{108, 108, 180, 216}}, {{109, 109, 183, 218}}, {{110, 110, 178, 220}},
+ {{111, 111, 177, 222}}, {{112, 112, 144, 224}}, {{113, 113, 147, 226}},
+ {{114, 114, 150, 228}}, {{115, 115, 149, 230}}, {{116, 116, 156, 232}},
+ {{117, 117, 159, 234}}, {{118, 118, 154, 236}}, {{119, 119, 153, 238}},
+ {{120, 120, 136, 240}}, {{121, 121, 139, 242}}, {{122, 122, 142, 244}},
+ {{123, 123, 141, 246}}, {{124, 124, 132, 248}}, {{125, 125, 135, 250}},
+ {{126, 126, 130, 252}}, {{127, 127, 129, 254}}, {{128, 128, 155, 27}},
+ {{129, 129, 152, 25}}, {{130, 130, 157, 31}}, {{131, 131, 158, 29}},
+ {{132, 132, 151, 19}}, {{133, 133, 148, 17}}, {{134, 134, 145, 23}},
+ {{135, 135, 146, 21}}, {{136, 136, 131, 11}}, {{137, 137, 128, 9}},
+ {{138, 138, 133, 15}}, {{139, 139, 134, 13}}, {{140, 140, 143, 3}},
+ {{141, 141, 140, 1}}, {{142, 142, 137, 7}}, {{143, 143, 138, 5}},
+ {{144, 144, 171, 59}}, {{145, 145, 168, 57}}, {{146, 146, 173, 63}},
+ {{147, 147, 174, 61}}, {{148, 148, 167, 51}}, {{149, 149, 164, 49}},
+ {{150, 150, 161, 55}}, {{151, 151, 162, 53}}, {{152, 152, 179, 43}},
+ {{153, 153, 176, 41}}, {{154, 154, 181, 47}}, {{155, 155, 182, 45}},
+ {{156, 156, 191, 35}}, {{157, 157, 188, 33}}, {{158, 158, 185, 39}},
+ {{159, 159, 186, 37}}, {{160, 160, 251, 91}}, {{161, 161, 248, 89}},
+ {{162, 162, 253, 95}}, {{163, 163, 254, 93}}, {{164, 164, 247, 83}},
+ {{165, 165, 244, 81}}, {{166, 166, 241, 87}}, {{167, 167, 242, 85}},
+ {{168, 168, 227, 75}}, {{169, 169, 224, 73}}, {{170, 170, 229, 79}},
+ {{171, 171, 230, 77}}, {{172, 172, 239, 67}}, {{173, 173, 236, 65}},
+ {{174, 174, 233, 71}}, {{175, 175, 234, 69}}, {{176, 176, 203, 123}},
+ {{177, 177, 200, 121}}, {{178, 178, 205, 127}}, {{179, 179, 206, 125}},
+ {{180, 180, 199, 115}}, {{181, 181, 196, 113}}, {{182, 182, 193, 119}},
+ {{183, 183, 194, 117}}, {{184, 184, 211, 107}}, {{185, 185, 208, 105}},
+ {{186, 186, 213, 111}}, {{187, 187, 214, 109}}, {{188, 188, 223, 99}},
+ {{189, 189, 220, 97}}, {{190, 190, 217, 103}}, {{191, 191, 218, 101}},
+ {{192, 192, 91, 155}}, {{193, 193, 88, 153}}, {{194, 194, 93, 159}},
+ {{195, 195, 94, 157}}, {{196, 196, 87, 147}}, {{197, 197, 84, 145}},
+ {{198, 198, 81, 151}}, {{199, 199, 82, 149}}, {{200, 200, 67, 139}},
+ {{201, 201, 64, 137}}, {{202, 202, 69, 143}}, {{203, 203, 70, 141}},
+ {{204, 204, 79, 131}}, {{205, 205, 76, 129}}, {{206, 206, 73, 135}},
+ {{207, 207, 74, 133}}, {{208, 208, 107, 187}}, {{209, 209, 104, 185}},
+ {{210, 210, 109, 191}}, {{211, 211, 110, 189}}, {{212, 212, 103, 179}},
+ {{213, 213, 100, 177}}, {{214, 214, 97, 183}}, {{215, 215, 98, 181}},
+ {{216, 216, 115, 171}}, {{217, 217, 112, 169}}, {{218, 218, 117, 175}},
+ {{219, 219, 118, 173}}, {{220, 220, 127, 163}}, {{221, 221, 124, 161}},
+ {{222, 222, 121, 167}}, {{223, 223, 122, 165}}, {{224, 224, 59, 219}},
+ {{225, 225, 56, 217}}, {{226, 226, 61, 223}}, {{227, 227, 62, 221}},
+ {{228, 228, 55, 211}}, {{229, 229, 52, 209}}, {{230, 230, 49, 215}},
+ {{231, 231, 50, 213}}, {{232, 232, 35, 203}}, {{233, 233, 32, 201}},
+ {{234, 234, 37, 207}}, {{235, 235, 38, 205}}, {{236, 236, 47, 195}},
+ {{237, 237, 44, 193}}, {{238, 238, 41, 199}}, {{239, 239, 42, 197}},
+ {{240, 240, 11, 251}}, {{241, 241, 8, 249}}, {{242, 242, 13, 255}},
+ {{243, 243, 14, 253}}, {{244, 244, 7, 243}}, {{245, 245, 4, 241}},
+ {{246, 246, 1, 247}}, {{247, 247, 2, 245}}, {{248, 248, 19, 235}},
+ {{249, 249, 16, 233}}, {{250, 250, 21, 239}}, {{251, 251, 22, 237}},
+ {{252, 252, 31, 227}}, {{253, 253, 28, 225}}, {{254, 254, 25, 231}},
+ {{255, 255, 26, 229}},
+ },
+};
+
+word8x4 M1[4][256] = {
+ {
+ {{ 0, 0, 0, 0}}, {{ 14, 9, 13, 11}}, {{ 28, 18, 26, 22}},
+ {{ 18, 27, 23, 29}}, {{ 56, 36, 52, 44}}, {{ 54, 45, 57, 39}},
+ {{ 36, 54, 46, 58}}, {{ 42, 63, 35, 49}}, {{112, 72, 104, 88}},
+ {{126, 65, 101, 83}}, {{108, 90, 114, 78}}, {{ 98, 83, 127, 69}},
+ {{ 72, 108, 92, 116}}, {{ 70, 101, 81, 127}}, {{ 84, 126, 70, 98}},
+ {{ 90, 119, 75, 105}}, {{224, 144, 208, 176}}, {{238, 153, 221, 187}},
+ {{252, 130, 202, 166}}, {{242, 139, 199, 173}}, {{216, 180, 228, 156}},
+ {{214, 189, 233, 151}}, {{196, 166, 254, 138}}, {{202, 175, 243, 129}},
+ {{144, 216, 184, 232}}, {{158, 209, 181, 227}}, {{140, 202, 162, 254}},
+ {{130, 195, 175, 245}}, {{168, 252, 140, 196}}, {{166, 245, 129, 207}},
+ {{180, 238, 150, 210}}, {{186, 231, 155, 217}}, {{219, 59, 187, 123}},
+ {{213, 50, 182, 112}}, {{199, 41, 161, 109}}, {{201, 32, 172, 102}},
+ {{227, 31, 143, 87}}, {{237, 22, 130, 92}}, {{255, 13, 149, 65}},
+ {{241, 4, 152, 74}}, {{171, 115, 211, 35}}, {{165, 122, 222, 40}},
+ {{183, 97, 201, 53}}, {{185, 104, 196, 62}}, {{147, 87, 231, 15}},
+ {{157, 94, 234, 4}}, {{143, 69, 253, 25}}, {{129, 76, 240, 18}},
+ {{ 59, 171, 107, 203}}, {{ 53, 162, 102, 192}}, {{ 39, 185, 113, 221}},
+ {{ 41, 176, 124, 214}}, {{ 3, 143, 95, 231}}, {{ 13, 134, 82, 236}},
+ {{ 31, 157, 69, 241}}, {{ 17, 148, 72, 250}}, {{ 75, 227, 3, 147}},
+ {{ 69, 234, 14, 152}}, {{ 87, 241, 25, 133}}, {{ 89, 248, 20, 142}},
+ {{115, 199, 55, 191}}, {{125, 206, 58, 180}}, {{111, 213, 45, 169}},
+ {{ 97, 220, 32, 162}}, {{173, 118, 109, 246}}, {{163, 127, 96, 253}},
+ {{177, 100, 119, 224}}, {{191, 109, 122, 235}}, {{149, 82, 89, 218}},
+ {{155, 91, 84, 209}}, {{137, 64, 67, 204}}, {{135, 73, 78, 199}},
+ {{221, 62, 5, 174}}, {{211, 55, 8, 165}}, {{193, 44, 31, 184}},
+ {{207, 37, 18, 179}}, {{229, 26, 49, 130}}, {{235, 19, 60, 137}},
+ {{249, 8, 43, 148}}, {{247, 1, 38, 159}}, {{ 77, 230, 189, 70}},
+ {{ 67, 239, 176, 77}}, {{ 81, 244, 167, 80}}, {{ 95, 253, 170, 91}},
+ {{117, 194, 137, 106}}, {{123, 203, 132, 97}}, {{105, 208, 147, 124}},
+ {{103, 217, 158, 119}}, {{ 61, 174, 213, 30}}, {{ 51, 167, 216, 21}},
+ {{ 33, 188, 207, 8}}, {{ 47, 181, 194, 3}}, {{ 5, 138, 225, 50}},
+ {{ 11, 131, 236, 57}}, {{ 25, 152, 251, 36}}, {{ 23, 145, 246, 47}},
+ {{118, 77, 214, 141}}, {{120, 68, 219, 134}}, {{106, 95, 204, 155}},
+ {{100, 86, 193, 144}}, {{ 78, 105, 226, 161}}, {{ 64, 96, 239, 170}},
+ {{ 82, 123, 248, 183}}, {{ 92, 114, 245, 188}}, {{ 6, 5, 190, 213}},
+ {{ 8, 12, 179, 222}}, {{ 26, 23, 164, 195}}, {{ 20, 30, 169, 200}},
+ {{ 62, 33, 138, 249}}, {{ 48, 40, 135, 242}}, {{ 34, 51, 144, 239}},
+ {{ 44, 58, 157, 228}}, {{150, 221, 6, 61}}, {{152, 212, 11, 54}},
+ {{138, 207, 28, 43}}, {{132, 198, 17, 32}}, {{174, 249, 50, 17}},
+ {{160, 240, 63, 26}}, {{178, 235, 40, 7}}, {{188, 226, 37, 12}},
+ {{230, 149, 110, 101}}, {{232, 156, 99, 110}}, {{250, 135, 116, 115}},
+ {{244, 142, 121, 120}}, {{222, 177, 90, 73}}, {{208, 184, 87, 66}},
+ {{194, 163, 64, 95}}, {{204, 170, 77, 84}}, {{ 65, 236, 218, 247}},
+ {{ 79, 229, 215, 252}}, {{ 93, 254, 192, 225}}, {{ 83, 247, 205, 234}},
+ {{121, 200, 238, 219}}, {{119, 193, 227, 208}}, {{101, 218, 244, 205}},
+ {{107, 211, 249, 198}}, {{ 49, 164, 178, 175}}, {{ 63, 173, 191, 164}},
+ {{ 45, 182, 168, 185}}, {{ 35, 191, 165, 178}}, {{ 9, 128, 134, 131}},
+ {{ 7, 137, 139, 136}}, {{ 21, 146, 156, 149}}, {{ 27, 155, 145, 158}},
+ {{161, 124, 10, 71}}, {{175, 117, 7, 76}}, {{189, 110, 16, 81}},
+ {{179, 103, 29, 90}}, {{153, 88, 62, 107}}, {{151, 81, 51, 96}},
+ {{133, 74, 36, 125}}, {{139, 67, 41, 118}}, {{209, 52, 98, 31}},
+ {{223, 61, 111, 20}}, {{205, 38, 120, 9}}, {{195, 47, 117, 2}},
+ {{233, 16, 86, 51}}, {{231, 25, 91, 56}}, {{245, 2, 76, 37}},
+ {{251, 11, 65, 46}}, {{154, 215, 97, 140}}, {{148, 222, 108, 135}},
+ {{134, 197, 123, 154}}, {{136, 204, 118, 145}}, {{162, 243, 85, 160}},
+ {{172, 250, 88, 171}}, {{190, 225, 79, 182}}, {{176, 232, 66, 189}},
+ {{234, 159, 9, 212}}, {{228, 150, 4, 223}}, {{246, 141, 19, 194}},
+ {{248, 132, 30, 201}}, {{210, 187, 61, 248}}, {{220, 178, 48, 243}},
+ {{206, 169, 39, 238}}, {{192, 160, 42, 229}}, {{122, 71, 177, 60}},
+ {{116, 78, 188, 55}}, {{102, 85, 171, 42}}, {{104, 92, 166, 33}},
+ {{ 66, 99, 133, 16}}, {{ 76, 106, 136, 27}}, {{ 94, 113, 159, 6}},
+ {{ 80, 120, 146, 13}}, {{ 10, 15, 217, 100}}, {{ 4, 6, 212, 111}},
+ {{ 22, 29, 195, 114}}, {{ 24, 20, 206, 121}}, {{ 50, 43, 237, 72}},
+ {{ 60, 34, 224, 67}}, {{ 46, 57, 247, 94}}, {{ 32, 48, 250, 85}},
+ {{236, 154, 183, 1}}, {{226, 147, 186, 10}}, {{240, 136, 173, 23}},
+ {{254, 129, 160, 28}}, {{212, 190, 131, 45}}, {{218, 183, 142, 38}},
+ {{200, 172, 153, 59}}, {{198, 165, 148, 48}}, {{156, 210, 223, 89}},
+ {{146, 219, 210, 82}}, {{128, 192, 197, 79}}, {{142, 201, 200, 68}},
+ {{164, 246, 235, 117}}, {{170, 255, 230, 126}}, {{184, 228, 241, 99}},
+ {{182, 237, 252, 104}}, {{ 12, 10, 103, 177}}, {{ 2, 3, 106, 186}},
+ {{ 16, 24, 125, 167}}, {{ 30, 17, 112, 172}}, {{ 52, 46, 83, 157}},
+ {{ 58, 39, 94, 150}}, {{ 40, 60, 73, 139}}, {{ 38, 53, 68, 128}},
+ {{124, 66, 15, 233}}, {{114, 75, 2, 226}}, {{ 96, 80, 21, 255}},
+ {{110, 89, 24, 244}}, {{ 68, 102, 59, 197}}, {{ 74, 111, 54, 206}},
+ {{ 88, 116, 33, 211}}, {{ 86, 125, 44, 216}}, {{ 55, 161, 12, 122}},
+ {{ 57, 168, 1, 113}}, {{ 43, 179, 22, 108}}, {{ 37, 186, 27, 103}},
+ {{ 15, 133, 56, 86}}, {{ 1, 140, 53, 93}}, {{ 19, 151, 34, 64}},
+ {{ 29, 158, 47, 75}}, {{ 71, 233, 100, 34}}, {{ 73, 224, 105, 41}},
+ {{ 91, 251, 126, 52}}, {{ 85, 242, 115, 63}}, {{127, 205, 80, 14}},
+ {{113, 196, 93, 5}}, {{ 99, 223, 74, 24}}, {{109, 214, 71, 19}},
+ {{215, 49, 220, 202}}, {{217, 56, 209, 193}}, {{203, 35, 198, 220}},
+ {{197, 42, 203, 215}}, {{239, 21, 232, 230}}, {{225, 28, 229, 237}},
+ {{243, 7, 242, 240}}, {{253, 14, 255, 251}}, {{167, 121, 180, 146}},
+ {{169, 112, 185, 153}}, {{187, 107, 174, 132}}, {{181, 98, 163, 143}},
+ {{159, 93, 128, 190}}, {{145, 84, 141, 181}}, {{131, 79, 154, 168}},
+ {{141, 70, 151, 163}},
+ },
+ {
+ {{ 0, 0, 0, 0}}, {{ 11, 14, 9, 13}}, {{ 22, 28, 18, 26}},
+ {{ 29, 18, 27, 23}}, {{ 44, 56, 36, 52}}, {{ 39, 54, 45, 57}},
+ {{ 58, 36, 54, 46}}, {{ 49, 42, 63, 35}}, {{ 88, 112, 72, 104}},
+ {{ 83, 126, 65, 101}}, {{ 78, 108, 90, 114}}, {{ 69, 98, 83, 127}},
+ {{116, 72, 108, 92}}, {{127, 70, 101, 81}}, {{ 98, 84, 126, 70}},
+ {{105, 90, 119, 75}}, {{176, 224, 144, 208}}, {{187, 238, 153, 221}},
+ {{166, 252, 130, 202}}, {{173, 242, 139, 199}}, {{156, 216, 180, 228}},
+ {{151, 214, 189, 233}}, {{138, 196, 166, 254}}, {{129, 202, 175, 243}},
+ {{232, 144, 216, 184}}, {{227, 158, 209, 181}}, {{254, 140, 202, 162}},
+ {{245, 130, 195, 175}}, {{196, 168, 252, 140}}, {{207, 166, 245, 129}},
+ {{210, 180, 238, 150}}, {{217, 186, 231, 155}}, {{123, 219, 59, 187}},
+ {{112, 213, 50, 182}}, {{109, 199, 41, 161}}, {{102, 201, 32, 172}},
+ {{ 87, 227, 31, 143}}, {{ 92, 237, 22, 130}}, {{ 65, 255, 13, 149}},
+ {{ 74, 241, 4, 152}}, {{ 35, 171, 115, 211}}, {{ 40, 165, 122, 222}},
+ {{ 53, 183, 97, 201}}, {{ 62, 185, 104, 196}}, {{ 15, 147, 87, 231}},
+ {{ 4, 157, 94, 234}}, {{ 25, 143, 69, 253}}, {{ 18, 129, 76, 240}},
+ {{203, 59, 171, 107}}, {{192, 53, 162, 102}}, {{221, 39, 185, 113}},
+ {{214, 41, 176, 124}}, {{231, 3, 143, 95}}, {{236, 13, 134, 82}},
+ {{241, 31, 157, 69}}, {{250, 17, 148, 72}}, {{147, 75, 227, 3}},
+ {{152, 69, 234, 14}}, {{133, 87, 241, 25}}, {{142, 89, 248, 20}},
+ {{191, 115, 199, 55}}, {{180, 125, 206, 58}}, {{169, 111, 213, 45}},
+ {{162, 97, 220, 32}}, {{246, 173, 118, 109}}, {{253, 163, 127, 96}},
+ {{224, 177, 100, 119}}, {{235, 191, 109, 122}}, {{218, 149, 82, 89}},
+ {{209, 155, 91, 84}}, {{204, 137, 64, 67}}, {{199, 135, 73, 78}},
+ {{174, 221, 62, 5}}, {{165, 211, 55, 8}}, {{184, 193, 44, 31}},
+ {{179, 207, 37, 18}}, {{130, 229, 26, 49}}, {{137, 235, 19, 60}},
+ {{148, 249, 8, 43}}, {{159, 247, 1, 38}}, {{ 70, 77, 230, 189}},
+ {{ 77, 67, 239, 176}}, {{ 80, 81, 244, 167}}, {{ 91, 95, 253, 170}},
+ {{106, 117, 194, 137}}, {{ 97, 123, 203, 132}}, {{124, 105, 208, 147}},
+ {{119, 103, 217, 158}}, {{ 30, 61, 174, 213}}, {{ 21, 51, 167, 216}},
+ {{ 8, 33, 188, 207}}, {{ 3, 47, 181, 194}}, {{ 50, 5, 138, 225}},
+ {{ 57, 11, 131, 236}}, {{ 36, 25, 152, 251}}, {{ 47, 23, 145, 246}},
+ {{141, 118, 77, 214}}, {{134, 120, 68, 219}}, {{155, 106, 95, 204}},
+ {{144, 100, 86, 193}}, {{161, 78, 105, 226}}, {{170, 64, 96, 239}},
+ {{183, 82, 123, 248}}, {{188, 92, 114, 245}}, {{213, 6, 5, 190}},
+ {{222, 8, 12, 179}}, {{195, 26, 23, 164}}, {{200, 20, 30, 169}},
+ {{249, 62, 33, 138}}, {{242, 48, 40, 135}}, {{239, 34, 51, 144}},
+ {{228, 44, 58, 157}}, {{ 61, 150, 221, 6}}, {{ 54, 152, 212, 11}},
+ {{ 43, 138, 207, 28}}, {{ 32, 132, 198, 17}}, {{ 17, 174, 249, 50}},
+ {{ 26, 160, 240, 63}}, {{ 7, 178, 235, 40}}, {{ 12, 188, 226, 37}},
+ {{101, 230, 149, 110}}, {{110, 232, 156, 99}}, {{115, 250, 135, 116}},
+ {{120, 244, 142, 121}}, {{ 73, 222, 177, 90}}, {{ 66, 208, 184, 87}},
+ {{ 95, 194, 163, 64}}, {{ 84, 204, 170, 77}}, {{247, 65, 236, 218}},
+ {{252, 79, 229, 215}}, {{225, 93, 254, 192}}, {{234, 83, 247, 205}},
+ {{219, 121, 200, 238}}, {{208, 119, 193, 227}}, {{205, 101, 218, 244}},
+ {{198, 107, 211, 249}}, {{175, 49, 164, 178}}, {{164, 63, 173, 191}},
+ {{185, 45, 182, 168}}, {{178, 35, 191, 165}}, {{131, 9, 128, 134}},
+ {{136, 7, 137, 139}}, {{149, 21, 146, 156}}, {{158, 27, 155, 145}},
+ {{ 71, 161, 124, 10}}, {{ 76, 175, 117, 7}}, {{ 81, 189, 110, 16}},
+ {{ 90, 179, 103, 29}}, {{107, 153, 88, 62}}, {{ 96, 151, 81, 51}},
+ {{125, 133, 74, 36}}, {{118, 139, 67, 41}}, {{ 31, 209, 52, 98}},
+ {{ 20, 223, 61, 111}}, {{ 9, 205, 38, 120}}, {{ 2, 195, 47, 117}},
+ {{ 51, 233, 16, 86}}, {{ 56, 231, 25, 91}}, {{ 37, 245, 2, 76}},
+ {{ 46, 251, 11, 65}}, {{140, 154, 215, 97}}, {{135, 148, 222, 108}},
+ {{154, 134, 197, 123}}, {{145, 136, 204, 118}}, {{160, 162, 243, 85}},
+ {{171, 172, 250, 88}}, {{182, 190, 225, 79}}, {{189, 176, 232, 66}},
+ {{212, 234, 159, 9}}, {{223, 228, 150, 4}}, {{194, 246, 141, 19}},
+ {{201, 248, 132, 30}}, {{248, 210, 187, 61}}, {{243, 220, 178, 48}},
+ {{238, 206, 169, 39}}, {{229, 192, 160, 42}}, {{ 60, 122, 71, 177}},
+ {{ 55, 116, 78, 188}}, {{ 42, 102, 85, 171}}, {{ 33, 104, 92, 166}},
+ {{ 16, 66, 99, 133}}, {{ 27, 76, 106, 136}}, {{ 6, 94, 113, 159}},
+ {{ 13, 80, 120, 146}}, {{100, 10, 15, 217}}, {{111, 4, 6, 212}},
+ {{114, 22, 29, 195}}, {{121, 24, 20, 206}}, {{ 72, 50, 43, 237}},
+ {{ 67, 60, 34, 224}}, {{ 94, 46, 57, 247}}, {{ 85, 32, 48, 250}},
+ {{ 1, 236, 154, 183}}, {{ 10, 226, 147, 186}}, {{ 23, 240, 136, 173}},
+ {{ 28, 254, 129, 160}}, {{ 45, 212, 190, 131}}, {{ 38, 218, 183, 142}},
+ {{ 59, 200, 172, 153}}, {{ 48, 198, 165, 148}}, {{ 89, 156, 210, 223}},
+ {{ 82, 146, 219, 210}}, {{ 79, 128, 192, 197}}, {{ 68, 142, 201, 200}},
+ {{117, 164, 246, 235}}, {{126, 170, 255, 230}}, {{ 99, 184, 228, 241}},
+ {{104, 182, 237, 252}}, {{177, 12, 10, 103}}, {{186, 2, 3, 106}},
+ {{167, 16, 24, 125}}, {{172, 30, 17, 112}}, {{157, 52, 46, 83}},
+ {{150, 58, 39, 94}}, {{139, 40, 60, 73}}, {{128, 38, 53, 68}},
+ {{233, 124, 66, 15}}, {{226, 114, 75, 2}}, {{255, 96, 80, 21}},
+ {{244, 110, 89, 24}}, {{197, 68, 102, 59}}, {{206, 74, 111, 54}},
+ {{211, 88, 116, 33}}, {{216, 86, 125, 44}}, {{122, 55, 161, 12}},
+ {{113, 57, 168, 1}}, {{108, 43, 179, 22}}, {{103, 37, 186, 27}},
+ {{ 86, 15, 133, 56}}, {{ 93, 1, 140, 53}}, {{ 64, 19, 151, 34}},
+ {{ 75, 29, 158, 47}}, {{ 34, 71, 233, 100}}, {{ 41, 73, 224, 105}},
+ {{ 52, 91, 251, 126}}, {{ 63, 85, 242, 115}}, {{ 14, 127, 205, 80}},
+ {{ 5, 113, 196, 93}}, {{ 24, 99, 223, 74}}, {{ 19, 109, 214, 71}},
+ {{202, 215, 49, 220}}, {{193, 217, 56, 209}}, {{220, 203, 35, 198}},
+ {{215, 197, 42, 203}}, {{230, 239, 21, 232}}, {{237, 225, 28, 229}},
+ {{240, 243, 7, 242}}, {{251, 253, 14, 255}}, {{146, 167, 121, 180}},
+ {{153, 169, 112, 185}}, {{132, 187, 107, 174}}, {{143, 181, 98, 163}},
+ {{190, 159, 93, 128}}, {{181, 145, 84, 141}}, {{168, 131, 79, 154}},
+ {{163, 141, 70, 151}},
+ },
+ {
+ {{ 0, 0, 0, 0}}, {{ 13, 11, 14, 9}}, {{ 26, 22, 28, 18}},
+ {{ 23, 29, 18, 27}}, {{ 52, 44, 56, 36}}, {{ 57, 39, 54, 45}},
+ {{ 46, 58, 36, 54}}, {{ 35, 49, 42, 63}}, {{104, 88, 112, 72}},
+ {{101, 83, 126, 65}}, {{114, 78, 108, 90}}, {{127, 69, 98, 83}},
+ {{ 92, 116, 72, 108}}, {{ 81, 127, 70, 101}}, {{ 70, 98, 84, 126}},
+ {{ 75, 105, 90, 119}}, {{208, 176, 224, 144}}, {{221, 187, 238, 153}},
+ {{202, 166, 252, 130}}, {{199, 173, 242, 139}}, {{228, 156, 216, 180}},
+ {{233, 151, 214, 189}}, {{254, 138, 196, 166}}, {{243, 129, 202, 175}},
+ {{184, 232, 144, 216}}, {{181, 227, 158, 209}}, {{162, 254, 140, 202}},
+ {{175, 245, 130, 195}}, {{140, 196, 168, 252}}, {{129, 207, 166, 245}},
+ {{150, 210, 180, 238}}, {{155, 217, 186, 231}}, {{187, 123, 219, 59}},
+ {{182, 112, 213, 50}}, {{161, 109, 199, 41}}, {{172, 102, 201, 32}},
+ {{143, 87, 227, 31}}, {{130, 92, 237, 22}}, {{149, 65, 255, 13}},
+ {{152, 74, 241, 4}}, {{211, 35, 171, 115}}, {{222, 40, 165, 122}},
+ {{201, 53, 183, 97}}, {{196, 62, 185, 104}}, {{231, 15, 147, 87}},
+ {{234, 4, 157, 94}}, {{253, 25, 143, 69}}, {{240, 18, 129, 76}},
+ {{107, 203, 59, 171}}, {{102, 192, 53, 162}}, {{113, 221, 39, 185}},
+ {{124, 214, 41, 176}}, {{ 95, 231, 3, 143}}, {{ 82, 236, 13, 134}},
+ {{ 69, 241, 31, 157}}, {{ 72, 250, 17, 148}}, {{ 3, 147, 75, 227}},
+ {{ 14, 152, 69, 234}}, {{ 25, 133, 87, 241}}, {{ 20, 142, 89, 248}},
+ {{ 55, 191, 115, 199}}, {{ 58, 180, 125, 206}}, {{ 45, 169, 111, 213}},
+ {{ 32, 162, 97, 220}}, {{109, 246, 173, 118}}, {{ 96, 253, 163, 127}},
+ {{119, 224, 177, 100}}, {{122, 235, 191, 109}}, {{ 89, 218, 149, 82}},
+ {{ 84, 209, 155, 91}}, {{ 67, 204, 137, 64}}, {{ 78, 199, 135, 73}},
+ {{ 5, 174, 221, 62}}, {{ 8, 165, 211, 55}}, {{ 31, 184, 193, 44}},
+ {{ 18, 179, 207, 37}}, {{ 49, 130, 229, 26}}, {{ 60, 137, 235, 19}},
+ {{ 43, 148, 249, 8}}, {{ 38, 159, 247, 1}}, {{189, 70, 77, 230}},
+ {{176, 77, 67, 239}}, {{167, 80, 81, 244}}, {{170, 91, 95, 253}},
+ {{137, 106, 117, 194}}, {{132, 97, 123, 203}}, {{147, 124, 105, 208}},
+ {{158, 119, 103, 217}}, {{213, 30, 61, 174}}, {{216, 21, 51, 167}},
+ {{207, 8, 33, 188}}, {{194, 3, 47, 181}}, {{225, 50, 5, 138}},
+ {{236, 57, 11, 131}}, {{251, 36, 25, 152}}, {{246, 47, 23, 145}},
+ {{214, 141, 118, 77}}, {{219, 134, 120, 68}}, {{204, 155, 106, 95}},
+ {{193, 144, 100, 86}}, {{226, 161, 78, 105}}, {{239, 170, 64, 96}},
+ {{248, 183, 82, 123}}, {{245, 188, 92, 114}}, {{190, 213, 6, 5}},
+ {{179, 222, 8, 12}}, {{164, 195, 26, 23}}, {{169, 200, 20, 30}},
+ {{138, 249, 62, 33}}, {{135, 242, 48, 40}}, {{144, 239, 34, 51}},
+ {{157, 228, 44, 58}}, {{ 6, 61, 150, 221}}, {{ 11, 54, 152, 212}},
+ {{ 28, 43, 138, 207}}, {{ 17, 32, 132, 198}}, {{ 50, 17, 174, 249}},
+ {{ 63, 26, 160, 240}}, {{ 40, 7, 178, 235}}, {{ 37, 12, 188, 226}},
+ {{110, 101, 230, 149}}, {{ 99, 110, 232, 156}}, {{116, 115, 250, 135}},
+ {{121, 120, 244, 142}}, {{ 90, 73, 222, 177}}, {{ 87, 66, 208, 184}},
+ {{ 64, 95, 194, 163}}, {{ 77, 84, 204, 170}}, {{218, 247, 65, 236}},
+ {{215, 252, 79, 229}}, {{192, 225, 93, 254}}, {{205, 234, 83, 247}},
+ {{238, 219, 121, 200}}, {{227, 208, 119, 193}}, {{244, 205, 101, 218}},
+ {{249, 198, 107, 211}}, {{178, 175, 49, 164}}, {{191, 164, 63, 173}},
+ {{168, 185, 45, 182}}, {{165, 178, 35, 191}}, {{134, 131, 9, 128}},
+ {{139, 136, 7, 137}}, {{156, 149, 21, 146}}, {{145, 158, 27, 155}},
+ {{ 10, 71, 161, 124}}, {{ 7, 76, 175, 117}}, {{ 16, 81, 189, 110}},
+ {{ 29, 90, 179, 103}}, {{ 62, 107, 153, 88}}, {{ 51, 96, 151, 81}},
+ {{ 36, 125, 133, 74}}, {{ 41, 118, 139, 67}}, {{ 98, 31, 209, 52}},
+ {{111, 20, 223, 61}}, {{120, 9, 205, 38}}, {{117, 2, 195, 47}},
+ {{ 86, 51, 233, 16}}, {{ 91, 56, 231, 25}}, {{ 76, 37, 245, 2}},
+ {{ 65, 46, 251, 11}}, {{ 97, 140, 154, 215}}, {{108, 135, 148, 222}},
+ {{123, 154, 134, 197}}, {{118, 145, 136, 204}}, {{ 85, 160, 162, 243}},
+ {{ 88, 171, 172, 250}}, {{ 79, 182, 190, 225}}, {{ 66, 189, 176, 232}},
+ {{ 9, 212, 234, 159}}, {{ 4, 223, 228, 150}}, {{ 19, 194, 246, 141}},
+ {{ 30, 201, 248, 132}}, {{ 61, 248, 210, 187}}, {{ 48, 243, 220, 178}},
+ {{ 39, 238, 206, 169}}, {{ 42, 229, 192, 160}}, {{177, 60, 122, 71}},
+ {{188, 55, 116, 78}}, {{171, 42, 102, 85}}, {{166, 33, 104, 92}},
+ {{133, 16, 66, 99}}, {{136, 27, 76, 106}}, {{159, 6, 94, 113}},
+ {{146, 13, 80, 120}}, {{217, 100, 10, 15}}, {{212, 111, 4, 6}},
+ {{195, 114, 22, 29}}, {{206, 121, 24, 20}}, {{237, 72, 50, 43}},
+ {{224, 67, 60, 34}}, {{247, 94, 46, 57}}, {{250, 85, 32, 48}},
+ {{183, 1, 236, 154}}, {{186, 10, 226, 147}}, {{173, 23, 240, 136}},
+ {{160, 28, 254, 129}}, {{131, 45, 212, 190}}, {{142, 38, 218, 183}},
+ {{153, 59, 200, 172}}, {{148, 48, 198, 165}}, {{223, 89, 156, 210}},
+ {{210, 82, 146, 219}}, {{197, 79, 128, 192}}, {{200, 68, 142, 201}},
+ {{235, 117, 164, 246}}, {{230, 126, 170, 255}}, {{241, 99, 184, 228}},
+ {{252, 104, 182, 237}}, {{103, 177, 12, 10}}, {{106, 186, 2, 3}},
+ {{125, 167, 16, 24}}, {{112, 172, 30, 17}}, {{ 83, 157, 52, 46}},
+ {{ 94, 150, 58, 39}}, {{ 73, 139, 40, 60}}, {{ 68, 128, 38, 53}},
+ {{ 15, 233, 124, 66}}, {{ 2, 226, 114, 75}}, {{ 21, 255, 96, 80}},
+ {{ 24, 244, 110, 89}}, {{ 59, 197, 68, 102}}, {{ 54, 206, 74, 111}},
+ {{ 33, 211, 88, 116}}, {{ 44, 216, 86, 125}}, {{ 12, 122, 55, 161}},
+ {{ 1, 113, 57, 168}}, {{ 22, 108, 43, 179}}, {{ 27, 103, 37, 186}},
+ {{ 56, 86, 15, 133}}, {{ 53, 93, 1, 140}}, {{ 34, 64, 19, 151}},
+ {{ 47, 75, 29, 158}}, {{100, 34, 71, 233}}, {{105, 41, 73, 224}},
+ {{126, 52, 91, 251}}, {{115, 63, 85, 242}}, {{ 80, 14, 127, 205}},
+ {{ 93, 5, 113, 196}}, {{ 74, 24, 99, 223}}, {{ 71, 19, 109, 214}},
+ {{220, 202, 215, 49}}, {{209, 193, 217, 56}}, {{198, 220, 203, 35}},
+ {{203, 215, 197, 42}}, {{232, 230, 239, 21}}, {{229, 237, 225, 28}},
+ {{242, 240, 243, 7}}, {{255, 251, 253, 14}}, {{180, 146, 167, 121}},
+ {{185, 153, 169, 112}}, {{174, 132, 187, 107}}, {{163, 143, 181, 98}},
+ {{128, 190, 159, 93}}, {{141, 181, 145, 84}}, {{154, 168, 131, 79}},
+ {{151, 163, 141, 70}},
+ },
+ {
+ {{ 0, 0, 0, 0}}, {{ 9, 13, 11, 14}}, {{ 18, 26, 22, 28}},
+ {{ 27, 23, 29, 18}}, {{ 36, 52, 44, 56}}, {{ 45, 57, 39, 54}},
+ {{ 54, 46, 58, 36}}, {{ 63, 35, 49, 42}}, {{ 72, 104, 88, 112}},
+ {{ 65, 101, 83, 126}}, {{ 90, 114, 78, 108}}, {{ 83, 127, 69, 98}},
+ {{108, 92, 116, 72}}, {{101, 81, 127, 70}}, {{126, 70, 98, 84}},
+ {{119, 75, 105, 90}}, {{144, 208, 176, 224}}, {{153, 221, 187, 238}},
+ {{130, 202, 166, 252}}, {{139, 199, 173, 242}}, {{180, 228, 156, 216}},
+ {{189, 233, 151, 214}}, {{166, 254, 138, 196}}, {{175, 243, 129, 202}},
+ {{216, 184, 232, 144}}, {{209, 181, 227, 158}}, {{202, 162, 254, 140}},
+ {{195, 175, 245, 130}}, {{252, 140, 196, 168}}, {{245, 129, 207, 166}},
+ {{238, 150, 210, 180}}, {{231, 155, 217, 186}}, {{ 59, 187, 123, 219}},
+ {{ 50, 182, 112, 213}}, {{ 41, 161, 109, 199}}, {{ 32, 172, 102, 201}},
+ {{ 31, 143, 87, 227}}, {{ 22, 130, 92, 237}}, {{ 13, 149, 65, 255}},
+ {{ 4, 152, 74, 241}}, {{115, 211, 35, 171}}, {{122, 222, 40, 165}},
+ {{ 97, 201, 53, 183}}, {{104, 196, 62, 185}}, {{ 87, 231, 15, 147}},
+ {{ 94, 234, 4, 157}}, {{ 69, 253, 25, 143}}, {{ 76, 240, 18, 129}},
+ {{171, 107, 203, 59}}, {{162, 102, 192, 53}}, {{185, 113, 221, 39}},
+ {{176, 124, 214, 41}}, {{143, 95, 231, 3}}, {{134, 82, 236, 13}},
+ {{157, 69, 241, 31}}, {{148, 72, 250, 17}}, {{227, 3, 147, 75}},
+ {{234, 14, 152, 69}}, {{241, 25, 133, 87}}, {{248, 20, 142, 89}},
+ {{199, 55, 191, 115}}, {{206, 58, 180, 125}}, {{213, 45, 169, 111}},
+ {{220, 32, 162, 97}}, {{118, 109, 246, 173}}, {{127, 96, 253, 163}},
+ {{100, 119, 224, 177}}, {{109, 122, 235, 191}}, {{ 82, 89, 218, 149}},
+ {{ 91, 84, 209, 155}}, {{ 64, 67, 204, 137}}, {{ 73, 78, 199, 135}},
+ {{ 62, 5, 174, 221}}, {{ 55, 8, 165, 211}}, {{ 44, 31, 184, 193}},
+ {{ 37, 18, 179, 207}}, {{ 26, 49, 130, 229}}, {{ 19, 60, 137, 235}},
+ {{ 8, 43, 148, 249}}, {{ 1, 38, 159, 247}}, {{230, 189, 70, 77}},
+ {{239, 176, 77, 67}}, {{244, 167, 80, 81}}, {{253, 170, 91, 95}},
+ {{194, 137, 106, 117}}, {{203, 132, 97, 123}}, {{208, 147, 124, 105}},
+ {{217, 158, 119, 103}}, {{174, 213, 30, 61}}, {{167, 216, 21, 51}},
+ {{188, 207, 8, 33}}, {{181, 194, 3, 47}}, {{138, 225, 50, 5}},
+ {{131, 236, 57, 11}}, {{152, 251, 36, 25}}, {{145, 246, 47, 23}},
+ {{ 77, 214, 141, 118}}, {{ 68, 219, 134, 120}}, {{ 95, 204, 155, 106}},
+ {{ 86, 193, 144, 100}}, {{105, 226, 161, 78}}, {{ 96, 239, 170, 64}},
+ {{123, 248, 183, 82}}, {{114, 245, 188, 92}}, {{ 5, 190, 213, 6}},
+ {{ 12, 179, 222, 8}}, {{ 23, 164, 195, 26}}, {{ 30, 169, 200, 20}},
+ {{ 33, 138, 249, 62}}, {{ 40, 135, 242, 48}}, {{ 51, 144, 239, 34}},
+ {{ 58, 157, 228, 44}}, {{221, 6, 61, 150}}, {{212, 11, 54, 152}},
+ {{207, 28, 43, 138}}, {{198, 17, 32, 132}}, {{249, 50, 17, 174}},
+ {{240, 63, 26, 160}}, {{235, 40, 7, 178}}, {{226, 37, 12, 188}},
+ {{149, 110, 101, 230}}, {{156, 99, 110, 232}}, {{135, 116, 115, 250}},
+ {{142, 121, 120, 244}}, {{177, 90, 73, 222}}, {{184, 87, 66, 208}},
+ {{163, 64, 95, 194}}, {{170, 77, 84, 204}}, {{236, 218, 247, 65}},
+ {{229, 215, 252, 79}}, {{254, 192, 225, 93}}, {{247, 205, 234, 83}},
+ {{200, 238, 219, 121}}, {{193, 227, 208, 119}}, {{218, 244, 205, 101}},
+ {{211, 249, 198, 107}}, {{164, 178, 175, 49}}, {{173, 191, 164, 63}},
+ {{182, 168, 185, 45}}, {{191, 165, 178, 35}}, {{128, 134, 131, 9}},
+ {{137, 139, 136, 7}}, {{146, 156, 149, 21}}, {{155, 145, 158, 27}},
+ {{124, 10, 71, 161}}, {{117, 7, 76, 175}}, {{110, 16, 81, 189}},
+ {{103, 29, 90, 179}}, {{ 88, 62, 107, 153}}, {{ 81, 51, 96, 151}},
+ {{ 74, 36, 125, 133}}, {{ 67, 41, 118, 139}}, {{ 52, 98, 31, 209}},
+ {{ 61, 111, 20, 223}}, {{ 38, 120, 9, 205}}, {{ 47, 117, 2, 195}},
+ {{ 16, 86, 51, 233}}, {{ 25, 91, 56, 231}}, {{ 2, 76, 37, 245}},
+ {{ 11, 65, 46, 251}}, {{215, 97, 140, 154}}, {{222, 108, 135, 148}},
+ {{197, 123, 154, 134}}, {{204, 118, 145, 136}}, {{243, 85, 160, 162}},
+ {{250, 88, 171, 172}}, {{225, 79, 182, 190}}, {{232, 66, 189, 176}},
+ {{159, 9, 212, 234}}, {{150, 4, 223, 228}}, {{141, 19, 194, 246}},
+ {{132, 30, 201, 248}}, {{187, 61, 248, 210}}, {{178, 48, 243, 220}},
+ {{169, 39, 238, 206}}, {{160, 42, 229, 192}}, {{ 71, 177, 60, 122}},
+ {{ 78, 188, 55, 116}}, {{ 85, 171, 42, 102}}, {{ 92, 166, 33, 104}},
+ {{ 99, 133, 16, 66}}, {{106, 136, 27, 76}}, {{113, 159, 6, 94}},
+ {{120, 146, 13, 80}}, {{ 15, 217, 100, 10}}, {{ 6, 212, 111, 4}},
+ {{ 29, 195, 114, 22}}, {{ 20, 206, 121, 24}}, {{ 43, 237, 72, 50}},
+ {{ 34, 224, 67, 60}}, {{ 57, 247, 94, 46}}, {{ 48, 250, 85, 32}},
+ {{154, 183, 1, 236}}, {{147, 186, 10, 226}}, {{136, 173, 23, 240}},
+ {{129, 160, 28, 254}}, {{190, 131, 45, 212}}, {{183, 142, 38, 218}},
+ {{172, 153, 59, 200}}, {{165, 148, 48, 198}}, {{210, 223, 89, 156}},
+ {{219, 210, 82, 146}}, {{192, 197, 79, 128}}, {{201, 200, 68, 142}},
+ {{246, 235, 117, 164}}, {{255, 230, 126, 170}}, {{228, 241, 99, 184}},
+ {{237, 252, 104, 182}}, {{ 10, 103, 177, 12}}, {{ 3, 106, 186, 2}},
+ {{ 24, 125, 167, 16}}, {{ 17, 112, 172, 30}}, {{ 46, 83, 157, 52}},
+ {{ 39, 94, 150, 58}}, {{ 60, 73, 139, 40}}, {{ 53, 68, 128, 38}},
+ {{ 66, 15, 233, 124}}, {{ 75, 2, 226, 114}}, {{ 80, 21, 255, 96}},
+ {{ 89, 24, 244, 110}}, {{102, 59, 197, 68}}, {{111, 54, 206, 74}},
+ {{116, 33, 211, 88}}, {{125, 44, 216, 86}}, {{161, 12, 122, 55}},
+ {{168, 1, 113, 57}}, {{179, 22, 108, 43}}, {{186, 27, 103, 37}},
+ {{133, 56, 86, 15}}, {{140, 53, 93, 1}}, {{151, 34, 64, 19}},
+ {{158, 47, 75, 29}}, {{233, 100, 34, 71}}, {{224, 105, 41, 73}},
+ {{251, 126, 52, 91}}, {{242, 115, 63, 85}}, {{205, 80, 14, 127}},
+ {{196, 93, 5, 113}}, {{223, 74, 24, 99}}, {{214, 71, 19, 109}},
+ {{ 49, 220, 202, 215}}, {{ 56, 209, 193, 217}}, {{ 35, 198, 220, 203}},
+ {{ 42, 203, 215, 197}}, {{ 21, 232, 230, 239}}, {{ 28, 229, 237, 225}},
+ {{ 7, 242, 240, 243}}, {{ 14, 255, 251, 253}}, {{121, 180, 146, 167}},
+ {{112, 185, 153, 169}}, {{107, 174, 132, 187}}, {{ 98, 163, 143, 181}},
+ {{ 93, 128, 190, 159}}, {{ 84, 141, 181, 145}}, {{ 79, 154, 168, 131}},
+ {{ 70, 151, 163, 141}},
+ },
+};
+
+int xrcon[30] = {
+ 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36,
+ 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6,
+ 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91,
+};
+
+word8 xS[256] = {
+ 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215,
+ 171, 118, 202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175,
+ 156, 164, 114, 192, 183, 253, 147, 38, 54, 63, 247, 204, 52, 165,
+ 229, 241, 113, 216, 49, 21, 4, 199, 35, 195, 24, 150, 5, 154,
+ 7, 18, 128, 226, 235, 39, 178, 117, 9, 131, 44, 26, 27, 110,
+ 90, 160, 82, 59, 214, 179, 41, 227, 47, 132, 83, 209, 0, 237,
+ 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207, 208, 239,
+ 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168,
+ 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255,
+ 243, 210, 205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61,
+ 100, 93, 25, 115, 96, 129, 79, 220, 34, 42, 144, 136, 70, 238,
+ 184, 20, 222, 94, 11, 219, 224, 50, 58, 10, 73, 6, 36, 92,
+ 194, 211, 172, 98, 145, 149, 228, 121, 231, 200, 55, 109, 141, 213,
+ 78, 169, 108, 86, 244, 234, 101, 122, 174, 8, 186, 120, 37, 46,
+ 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138, 112, 62,
+ 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158,
+ 225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85,
+ 40, 223, 140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15,
+ 176, 84, 187, 22,
+};
+
+word8 xSi[256] = {
+ 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243,
+ 215, 251, 124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68,
+ 196, 222, 233, 203, 84, 123, 148, 50, 166, 194, 35, 61, 238, 76,
+ 149, 11, 66, 250, 195, 78, 8, 46, 161, 102, 40, 217, 36, 178,
+ 118, 91, 162, 73, 109, 139, 209, 37, 114, 248, 246, 100, 134, 104,
+ 152, 22, 212, 164, 92, 204, 93, 101, 182, 146, 108, 112, 72, 80,
+ 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132, 144, 216,
+ 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6,
+ 208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19,
+ 138, 107, 58, 145, 17, 65, 79, 103, 220, 234, 151, 242, 207, 206,
+ 240, 180, 230, 115, 150, 172, 116, 34, 231, 173, 53, 133, 226, 249,
+ 55, 232, 28, 117, 223, 110, 71, 241, 26, 113, 29, 41, 197, 137,
+ 111, 183, 98, 14, 170, 24, 190, 27, 252, 86, 62, 75, 198, 210,
+ 121, 32, 154, 219, 192, 254, 120, 205, 90, 244, 31, 221, 168, 51,
+ 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95, 96, 81,
+ 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239,
+ 160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83,
+ 153, 97, 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99,
+ 85, 33, 12, 125,
+};
+
+/* -------------------------------- */
+
+#define MAXBC (256/32)
+#define MAXKC (256/32)
+#define MAXROUNDS 14
+#define MAXRK ((MAXROUNDS+1)*MAXBC)
+
+typedef struct {
+ int BC;
+ int KC;
+ int ROUNDS;
+ int shift[2][4];
+ word32 rk[MAXRK];
+} roundkey;
+
+/* keys and blocks are externally treated as word32 arrays, to
+ make sure they are aligned on 4-byte boundaries on architectures
+ that require it. */
+
+static int xshifts[3][2][4] = {
+ {{0, 1, 2, 3},
+ {0, 3, 2, 1}},
+
+ {{0, 1, 2, 3},
+ {0, 5, 4, 3}},
+
+ {{0, 1, 3, 4},
+ {0, 7, 5, 4}},
+};
+
+/* Exor corresponding text input and round key input bytes */
+/* the result is written to res, which can be the same as a */
+static inline void xKeyAddition(word32 res[MAXBC], word32 a[MAXBC],
+ word32 rk[MAXBC], int BC)
+{
+ int j;
+
+ for (j = 0; j < BC; j++) {
+ res[j] = a[j] ^ rk[j];
+ }
+}
+
+/* profiling shows that the ccrypt program spends about 50% of its
+ time in the function xShiftSubst. Splitting the inner "for"
+ statement into two parts - versus using the expensive "%" modulo
+ operation, makes this function about 44% faster, thereby making the
+ entire program about 28% faster. With -O3 optimization, the time
+ savings are even more dramatic - ccrypt runs between 55% and 65%
+ faster on most platforms. */
+
+/* do ShiftRow and Substitution together. res must not be a. */
+static inline void xShiftSubst(word32 res[MAXBC], word32 a[MAXBC],
+ int shift[4], int BC, word8 box[256])
+{
+ int i, j;
+ int s;
+ word8 (*a8)[4] = (word8 (*)[4]) a;
+ word8 (*res8)[4] = (word8 (*)[4]) res;
+
+ for (j = 0; j < BC; j++) {
+ res8[j][0] = box[a8[j][0]];
+ }
+ for (i = 1; i < 4; i++) {
+ s = shift[i];
+ for (j = 0; j < BC - s; j++) {
+ res8[j][i] = box[a8[(j + s)][i]];
+ }
+ for (j = BC - s; j < BC; j++) {
+ res8[j][i] = box[a8[(j + s) - BC][i]];
+ }
+ }
+}
+
+/* do MixColumn and KeyAddition together */
+static inline void xMixAdd(word32 res[MAXBC], word32 a[MAXBC],
+ word32 rk[MAXBC], int BC)
+{
+ int j;
+ word32 b;
+ word8 (*a8)[4] = (word8 (*)[4]) a;
+
+ for (j = 0; j < BC; j++) {
+ b = M0[0][a8[j][0]].w32;
+ b ^= M0[1][a8[j][1]].w32;
+ b ^= M0[2][a8[j][2]].w32;
+ b ^= M0[3][a8[j][3]].w32;
+ b ^= rk[j];
+ res[j] = b;
+ }
+}
+
+/* Mix the four bytes of every column in a linear way
+ * This is the opposite operation of xMixColumn */
+/* the result is written to res, which may equal a */
+static inline void xInvMixColumn(word32 res[MAXBC], word32 a[MAXBC], int BC)
+{
+ int j;
+ word32 b;
+ word8 (*a8)[4] = (word8 (*)[4]) a;
+
+ for (j = 0; j < BC; j++) {
+ b = M1[0][a8[j][0]].w32;
+ b ^= M1[1][a8[j][1]].w32;
+ b ^= M1[2][a8[j][2]].w32;
+ b ^= M1[3][a8[j][3]].w32;
+ res[j] = b;
+ }
+}
+
+/* make a roundkey rkk from key. key must have appropriate size given
+ by keyBits. keyBits and blockBits may only be 128, 196, or
+ 256. Returns non-zero if arguments are invalid. */
+
+int xrijndaelKeySched(word32 key[], int keyBits, int blockBits,
+ roundkey *rkk)
+{
+ /* Calculate the necessary round keys
+ * The number of calculations depends on keyBits and blockBits */
+ int KC, BC, ROUNDS;
+ int i, j, t, rconpointer = 0;
+ word8 (*k8)[4] = (word8 (*)[4]) key;
+
+ switch (keyBits) {
+ case 128:
+ KC = 4;
+ break;
+ case 192:
+ KC = 6;
+ break;
+ case 256:
+ KC = 8;
+ break;
+ default:
+ return -1;
+ }
+
+ switch (blockBits) {
+ case 128:
+ BC = 4;
+ break;
+ case 192:
+ BC = 6;
+ break;
+ case 256:
+ BC = 8;
+ break;
+ default:
+ return -2;
+ }
+
+ ROUNDS = KC > BC ? KC + 6 : BC + 6;
+
+ t = 0;
+ /* copy values into round key array */
+ for (j = 0; (j < KC) && (t < (ROUNDS + 1) * BC); j++, t++)
+ rkk->rk[t] = key[j];
+
+ while (t < (ROUNDS + 1) * BC) { /* while not enough round key material */
+ /* calculate new values */
+ for (i = 0; i < 4; i++) {
+ k8[0][i] ^= xS[k8[KC - 1][(i + 1) % 4]];
+ }
+ k8[0][0] ^= xrcon[rconpointer++];
+
+ if (KC != 8) {
+ for (j = 1; j < KC; j++) {
+ key[j] ^= key[j - 1];
+ }
+ } else {
+ for (j = 1; j < 4; j++) {
+ key[j] ^= key[j - 1];
+ }
+ for (i = 0; i < 4; i++) {
+ k8[4][i] ^= xS[k8[3][i]];
+ }
+ for (j = 5; j < 8; j++) {
+ key[j] ^= key[j - 1];
+ }
+ }
+ /* copy values into round key array */
+ for (j = 0; (j < KC) && (t < (ROUNDS + 1) * BC); j++, t++) {
+ rkk->rk[t] = key[j];
+ }
+ }
+
+ /* make roundkey structure */
+ rkk->BC = BC;
+ rkk->KC = KC;
+ rkk->ROUNDS = ROUNDS;
+ for (i = 0; i < 2; i++) {
+ for (j = 0; j < 4; j++) {
+ rkk->shift[i][j] = xshifts[(BC - 4) >> 1][i][j];
+ }
+ }
+
+ return 0;
+}
+
+/* encrypt, resp. decrypt, block using rijndael roundkey rkk. rkk must
+ have been created with xrijndaelKeySched. Size of block, in bits,
+ must be equal to blockBits parameter that was used to make rkk. In
+ all other cases, behavior is undefined - for reasons of speed, no
+ check for error conditions is done. */
+
+/* Encryption of one block. */
+
+void xrijndaelEncrypt(word32 block[], roundkey *rkk)
+{
+ word32 block2[MAXBC]; /* hold intermediate result */
+ int r;
+
+ int *shift = rkk->shift[0];
+ int BC = rkk->BC;
+ int ROUNDS = rkk->ROUNDS;
+ word32 *rp = rkk->rk;
+
+ /* begin with a key addition */
+ xKeyAddition(block, block, rp, BC);
+ rp += BC;
+
+ /* ROUNDS-1 ordinary rounds */
+ for (r = 1; r < ROUNDS; r++) {
+ xShiftSubst(block2, block, shift, BC, xS);
+ xMixAdd(block, block2, rp, BC);
+ rp += BC;
+ }
+
+ /* Last round is special: there is no xMixColumn */
+ xShiftSubst(block2, block, shift, BC, xS);
+ xKeyAddition(block, block2, rp, BC);
+}
+
+void xrijndaelDecrypt(word32 block[], roundkey *rkk)
+{
+ word32 block2[MAXBC]; /* hold intermediate result */
+ int r;
+
+ int *shift = rkk->shift[1];
+ int BC = rkk->BC;
+ int ROUNDS = rkk->ROUNDS;
+ word32 *rp = rkk->rk + ROUNDS * BC;
+
+ /* To decrypt: apply the inverse operations of the encrypt routine,
+ * in opposite order
+ *
+ * (xKeyAddition is an involution: it's equal to its inverse)
+ * (the inverse of xSubstitution with table S is xSubstitution with the
+ * inverse table of S)
+ * (the inverse of xShiftRow is xShiftRow over a suitable distance)
+ */
+
+ /* First the special round:
+ * without xInvMixColumn
+ * with extra xKeyAddition
+ */
+ xKeyAddition(block2, block, rp, BC);
+ xShiftSubst(block, block2, shift, BC, xSi);
+ rp -= BC;
+
+ /* ROUNDS-1 ordinary rounds
+ */
+ for (r = ROUNDS - 1; r > 0; r--) {
+ xKeyAddition(block, block, rp, BC);
+ xInvMixColumn(block2, block, BC);
+ xShiftSubst(block, block2, shift, BC, xSi);
+ rp -= BC;
+ }
+
+ /* End with the extra key addition
+ */
+
+ xKeyAddition(block, block, rp, BC);
+}
+
+/* -------------------------------- */
+
+
+#define MAGIC "c051" /* magic string for this version of ccrypt */
+
+/* private struct, not visible by applications */
+struct ccrypt_state_s {
+ int n; /* number of keys. n=1 for encryption, n>=1 for decryption */
+ roundkey *rkks; /* array of n keys */
+ int ak; /* rkks[ak] is the active key */
+ int iv; /* are we reading/writing the IV? */
+ int bufindex; /* in bytes */
+ word32 buf[8]; /* current buffer; partly ciphertext, partly mask */
+ int flags; /* flags determining behavior */
+};
+typedef struct ccrypt_state_s ccrypt_state_t;
+
+
+int ccrypt_errno;
+
+#ifdef DEBUG
+static void print_state(ccrypt_state_t *st) {
+ if (st) {
+ printf("State:\n");
+ memory_display(st,0,sizeof(st),1,0);
+ if (st->rkks) {
+ printf("Roundkey:\n");
+ memory_display(st->rkks,0,sizeof(roundkey),1,0);
+ }
+ }
+}
+#endif
+
+static void ccrypt_state_free(ccrypt_state_t *st) {
+ if (st) {
+ free(st->rkks);
+ }
+ free(st);
+}
+
+/* ---------------------------------------------------------------------- */
+/* some private functions dealing with hashes, keys, and nonces */
+
+/* hash a keystring into a 256-bit cryptographic random value. */
+static void hashstring(const char *keystring, const int keylen, word32 hash[8]) {
+ int i,j;
+ roundkey rkk;
+ word32 key[8]; /* rijndael key */
+
+ for (i=0; i<8; i++)
+ key[i] = hash[i] = 0;
+
+ for ( j=0; j<keylen; ) {
+ for (i=0; i<32; i++) {
+ if ( j<keylen ) {
+ ((word8 *)key)[i] ^= keystring[j];
+ j++;
+ }
+ }
+ xrijndaelKeySched(key, 256, 256, &rkk);
+ xrijndaelEncrypt(hash, &rkk);
+ }
+
+#if 0
+ do {
+ for (i=0; i<32; i++) {
+ if (*keystring != 0) {
+ ((word8 *)key)[i] ^= *keystring;
+ keystring++;
+ }
+ }
+ xrijndaelKeySched(key, 256, 256, &rkk);
+ xrijndaelEncrypt(hash, &rkk);
+ } while (*keystring != 0);
+#endif
+
+}
+
+/* return a 256-bit value that is practically unique */
+static void make_nonce(word32 nonce[8]) {
+ char acc[512];
+ static int count=0;
+
+ sprintf(acc, "%s,%d,%d,%d,%d,%d", "barebox", rand(),rand(),rand(),rand(),count++);
+ hashstring(acc, strlen(acc), nonce);
+}
+
+/* ---------------------------------------------------------------------- */
+/* core functions for encryption */
+
+int ccencrypt_init(ccrypt_stream_t *b, const char *key, const int keylen) {
+ word32 keyblock[8];
+ ccrypt_state_t *st;
+ roundkey *rkks;
+
+ b->state = NULL;
+
+ st = malloc(sizeof(ccrypt_state_t));
+ if (st == NULL) {
+ return -1;
+ }
+ rkks = malloc(sizeof(roundkey));
+ if (!rkks) {
+ free(st);
+ return -1;
+ }
+
+ st->n = 1;
+ st->rkks = rkks;
+ st->ak = 0; /* not used */
+
+ /* generate the roundkey */
+ hashstring(key, keylen, keyblock);
+ xrijndaelKeySched(keyblock, 256, 256, &st->rkks[0]);
+
+ /* make a nonce */
+ make_nonce(st->buf);
+
+ /* mark the nonce with a "magic number". */
+ strncpy((char *)st->buf, MAGIC, 4);
+
+ /* encrypt the nonce with the given key */
+ xrijndaelEncrypt(st->buf, &st->rkks[0]);
+
+ /* IV is now contained in st->buf. Initialize rest of the state. */
+ st->iv = 1;
+ st->bufindex = 0; /* initially use bufsize to count iv bytes output */
+
+#ifdef DEBUG
+ print_state(st);
+#endif
+ b->state = (void *)st;
+ return 0;
+}
+
+EXPORT_SYMBOL(ccencrypt_init);
+
+int ccencrypt(ccrypt_stream_t *b) {
+ ccrypt_state_t *st = (ccrypt_state_t *)b->state;
+ word32 lbuf[8];
+ char *cbuf = (char *)st->buf;
+ int i;
+ char c, cc;
+
+ while (1) {
+ /* handle the typical case efficiently, one block at a time */
+
+ if (st->iv == 0 && st->bufindex == 32) {
+ while (b->avail_in >= 32 && b->avail_out >= 32) {
+
+ /* block-encrypt buffer */
+ xrijndaelEncrypt(st->buf, &st->rkks[0]);
+
+ /* read input to local buffer for word alignment */
+ memcpy(lbuf, b->next_in, 32);
+ b->next_in += 32;
+ b->avail_in -= 32;
+
+ /* compute ciphertext */
+ for (i=0; i<8; i++) {
+ st->buf[i] ^= lbuf[i];
+ }
+
+ /* write output */
+ memcpy(b->next_out, st->buf, 32);
+ b->next_out += 32;
+ b->avail_out -= 32;
+ }
+ }
+
+ /* handle the general case systematically, one byte at a time */
+
+ if (b->avail_out == 0) {
+ break;
+ }
+
+ else if (st->iv) { /* write IV byte */
+ *b->next_out = cbuf[st->bufindex];
+ b->next_out++;
+ b->avail_out--;
+ st->bufindex++;
+ if (st->bufindex == 32) {
+ st->iv = 0;
+ }
+ }
+
+ else if (b->avail_in == 0) {
+ break;
+ }
+
+ else { /* encrypt one byte */
+ if (st->bufindex == 32) {
+ xrijndaelEncrypt(st->buf, &st->rkks[0]);
+ st->bufindex = 0;
+ }
+ c = *b->next_in;
+ b->next_in++;
+ b->avail_in--;
+ cc = c ^ cbuf[st->bufindex];
+ cbuf[st->bufindex] = cc;
+ *b->next_out = cc;
+ b->next_out++;
+ b->avail_out--;
+ st->bufindex++;
+ }
+ }
+#ifdef DEBUG
+ print_state(st);
+#endif
+ return 0;
+}
+
+EXPORT_SYMBOL(ccencrypt);
+
+int ccencrypt_end(ccrypt_stream_t *b) {
+ ccrypt_state_free(b->state);
+ b->state = NULL; /* guard against double free */
+ return 0;
+}
+
+EXPORT_SYMBOL(ccencrypt_end);
+
+/* ---------------------------------------------------------------------- */
+/* core functions for decryption */
+
+int ccdecrypt_init(ccrypt_stream_t *b, const char *key, const int keylen) {
+ word32 keyblock[8];
+ ccrypt_state_t *st;
+ roundkey *rkks;
+
+ b->state = NULL;
+
+ st = malloc(sizeof(ccrypt_state_t));
+ if (st == NULL) {
+ return -1;
+ }
+ rkks = malloc(sizeof(roundkey));
+ if (!rkks) {
+ free(st);
+ return -1;
+ }
+
+ st->n = 1;
+ st->rkks = rkks;
+ st->ak = 0;
+
+ /* generate the roundkeys */
+ hashstring(key, keylen, keyblock);
+ xrijndaelKeySched(keyblock, 256, 256, &st->rkks[0]);
+
+ /* Initialize rest of the state. */
+ st->iv = 1;
+ st->bufindex = 0;
+ st->flags = 0;
+
+#ifdef DEBUG
+ print_state(st);
+#endif
+ b->state = (void *)st;
+ return 0;
+}
+
+EXPORT_SYMBOL(ccdecrypt_init);
+
+int ccdecrypt(ccrypt_stream_t *b) {
+ ccrypt_state_t *st = (ccrypt_state_t *)b->state;
+ word32 lbuf[8];
+ char *cbuf = (char *)st->buf;
+ int i;
+ char c, cc;
+
+ while (1) {
+ /* handle the typical case efficiently, one block at a time */
+
+ if (st->iv == 0 && st->bufindex == 32) {
+ while (b->avail_in >= 32 && b->avail_out >= 32) {
+
+ /* block-encrypt buffer */
+ xrijndaelEncrypt(st->buf, &st->rkks[st->ak]);
+ memcpy(lbuf, st->buf, 32);
+
+ /* read input */
+ memcpy(st->buf, b->next_in, 32);
+ b->next_in += 32;
+ b->avail_in -= 32;
+
+ /* compute plaintext */
+ for (i=0; i<8; i++) {
+ lbuf[i] ^= st->buf[i];
+ }
+
+ /* write output */
+ memcpy(b->next_out, lbuf, 32);
+ b->next_out += 32;
+ b->avail_out -= 32;
+ }
+ }
+
+ /* handle the general case systematically, one byte at a time */
+
+ if (b->avail_in == 0) {
+ break;
+ }
+
+ else if (st->iv) { /* read IV byte */
+ cbuf[st->bufindex] = *b->next_in;
+ b->next_in++;
+ b->avail_in--;
+ st->bufindex++;
+ if (st->bufindex == 32) {
+ st->iv = 0;
+ /* find the first matching key */
+ for (i=0; i<st->n; i++) {
+ /* check the "magic number" */
+ memcpy(lbuf, st->buf, 32);
+ xrijndaelDecrypt(lbuf, &st->rkks[i]);
+ if ((st->flags & CCRYPT_MISMATCH) != 0 || strncmp((char *)lbuf, MAGIC, 4) == 0) {
+ /* key matches */
+ break;
+ }
+ }
+ if (i<st->n) { /* matching key found */
+ st->ak = i;
+ } else { /* not found */
+ /* on error, invalidate the state so that the client cannot
+ call here again. */
+ ccrypt_state_free((ccrypt_state_t *)b->state);
+ b->state = NULL;
+ ccrypt_errno = CCRYPT_EMISMATCH;
+ return -2;
+ }
+ }
+ }
+
+ else if (b->avail_out == 0) {
+ break;
+ }
+
+ else { /* decrypt one byte */
+ if (st->bufindex == 32) {
+ xrijndaelEncrypt(st->buf, &st->rkks[st->ak]);
+ st->bufindex = 0;
+ }
+ cc = *b->next_in;
+ b->next_in++;
+ b->avail_in--;
+ c = cc ^ cbuf[st->bufindex];
+ cbuf[st->bufindex] = cc;
+ *b->next_out = c;
+ b->next_out++;
+ b->avail_out--;
+ st->bufindex++;
+ }
+ }
+#ifdef DEBUG
+ print_state(st);
+#endif
+ return 0;
+}
+
+EXPORT_SYMBOL(ccdecrypt);
+
+int ccdecrypt_end(ccrypt_stream_t *b) {
+ ccrypt_state_t *st;
+
+ if (b->state) {
+
+ /* verify that we have read and verified the IV */
+ st = (ccrypt_state_t *)b->state;
+ if (st->iv) {
+ ccrypt_state_free(b->state);
+ b->state = NULL;
+ ccrypt_errno = CCRYPT_EFORMAT;
+ return -2;
+ }
+ }
+
+ ccrypt_state_free(b->state);
+ b->state = NULL;
+ return 0;
+}
+
+EXPORT_SYMBOL(ccdecrypt_end);
diff --git a/include/ccryptlib.h b/include/ccryptlib.h
new file mode 100644
index 000000000..b2446a232
--- /dev/null
+++ b/include/ccryptlib.h
@@ -0,0 +1,102 @@
+/* -*- Mode:C; c-file-style:"linux"; -*- */
+
+/* Ported to barebox by Gerd Pauli <gp@high-consulting.de> 2018 */
+
+/* Copyright (C) 2000-2009 Peter Selinger.
+ This file is part of ccrypt. It is free software and it is covered
+ by the GNU general public license. See the file COPYING for details. */
+
+/* ccryptlib.h: library for encrypting/decrypting a character stream */
+/* $Id: ccryptlib.h 258 2009-08-26 17:46:10Z selinger $ */
+
+#ifndef _CCRYPTLIB_H
+#define _CCRYPTLIB_H
+
+struct ccrypt_stream_s {
+ char *next_in; /* next input byte */
+ unsigned int avail_in; /* number of bytes available at next_in */
+
+ char *next_out; /* next output byte should be put there */
+ unsigned int avail_out; /* remaining free space at next_out */
+
+ void *state; /* internal state, not visible by applications */
+};
+typedef struct ccrypt_stream_s ccrypt_stream_t;
+
+/*
+ The application may update next_in and avail_in when avail_in has
+ dropped to zero. It must update next_out and avail_out when
+ avail_out has dropped to zero. All other fields are set by the
+ compression library and must not be updated by the application.
+*/
+
+int ccencrypt_init(ccrypt_stream_t *b, const char *key, const int keylen);
+int ccencrypt (ccrypt_stream_t *b);
+int ccencrypt_end (ccrypt_stream_t *b);
+
+int ccdecrypt_init(ccrypt_stream_t *b, const char *key, const int keylen);
+int ccdecrypt (ccrypt_stream_t *b);
+int ccdecrypt_end (ccrypt_stream_t *b);
+
+/* The interface for encryption and decryption is the same. The
+ application must first call the respective init function to
+ initialize the internal state. Then it calls the encrypt/decrypt
+ function repeatedly, as follows: next_in and next_out must point to
+ valid, non-overlapping regions of memory of size at least avail_in
+ and avail_out, respectively. Avail_out must be non-zero. Avail_in
+ may be zero to retrieve some pending output when no input is
+ available, for instance, in an interactive application or at the
+ end of stream. Otherwise, avail_in should be non-zero.
+
+ The encryption/decryption function will read and process as many
+ input bytes as possible as long as there is room in the output
+ buffer. It will update next_in, avail_in, next_out, and avail_out
+ accordingly. It will always flush as much output as possible.
+ However, it is possible that some input bytes produce no output,
+ because some part of the input may be used for internal purposes.
+ Conversely, it is possible that output is produced without reading
+ any input. When the encryption/decryption function returns, at
+ least one of avail_in or avail_out is 0. If avail_out is non-zero
+ after a call, the application may conclude that no more output is
+ pending.
+
+ Finally, the internal state must be freed by calling the respective
+ end function. This function will discard any unprocessed input
+ and/or output, so it should only be called after the application
+ has retrieved any pending output. Note: the call to the end
+ function should be checked for errors, because this is the only
+ place where certain format errors (like a file that is too short)
+ are detected.
+
+ All functions return 0 on success, or -1 on error with errno set,
+ or -2 on error with ccrypt_errno set. Callers must check for
+ errors. If an error occurs, the state is invalid and its resources
+ are freed. It may not be used again. It is then safe, but not
+ required, to call the corresponding *_end function.
+
+ The flags argument to ccdecrypt_init should be 0 by default, or
+ CCRYPT_MISMATCH if non-matching keys should be ignored. All other
+ values are undefined and reserved for future use.
+*/
+
+/* ccdecrypt_multi_init this is a variant of ccdecrypt_init that
+ allows a list of n>=1 keys to be defined. During decryption, the
+ first matching key is used. This is useful when batch decrypting a
+ set of files that have non-uniform keys. If flags includes
+ CCRYPT_MISMATCH, then the first key is always used regardless of
+ whether it matches or not. */
+int ccdecrypt_multi_init(ccrypt_stream_t *b, int n, const char **keylist, int flags);
+
+/* errors */
+
+#define CCRYPT_EFORMAT 1 /* bad file format */
+#define CCRYPT_EMISMATCH 2 /* key does not match */
+#define CCRYPT_EBUFFER 3 /* buffer overflow */
+
+/* flags */
+
+#define CCRYPT_MISMATCH 1 /* ignore non-matching key */
+
+extern int ccrypt_errno;
+
+#endif /* _CCRYPTLIB_H */
--
2.11.0
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v1] Crypt and decrypt files using password in keystore.
2018-04-20 8:01 [PATCH v1] Crypt and decrypt files using password in keystore Gerd Pauli
@ 2018-04-22 8:27 ` Oleksij Rempel
2018-04-23 8:13 ` Sascha Hauer
2018-04-23 8:39 ` Sascha Hauer
1 sibling, 1 reply; 7+ messages in thread
From: Oleksij Rempel @ 2018-04-22 8:27 UTC (permalink / raw)
To: Gerd Pauli, barebox
[-- Attachment #1.1.1: Type: text/plain, Size: 108291 bytes --]
Hi Gerd,
please use scripts/checkpatch.pl
currently i get
total: 2020 errors, 0 warnings, 2020 lines checked
We use kernel coding style. Please read it:
https://www.kernel.org/doc/html/v4.16/process/coding-style.html
Am 20.04.2018 um 10:01 schrieb Gerd Pauli:
> Adds ccryptlib library in crypto which implements a
> stream cipher based on the block cipher Rijndael,
> the candidate for the AES standard.
> Compatible with the ccrypt tool in linux
> from Peter Selinger.
>
> Usage: ccrypt [-e|-d] -k KEYNAME_IN_KEYSTORE SRC DST
>
> Signed-off-by: Gerd Pauli <gp@high-consulting.de>
> ---
> commands/Kconfig | 17 +
> commands/Makefile | 1 +
> commands/ccrypt.c | 249 +++++++++
> crypto/Kconfig | 7 +
> crypto/Makefile | 1 +
> crypto/ccryptlib.c | 1467 +++++++++++++++++++++++++++++++++++++++++++++++++++
> include/ccryptlib.h | 102 ++++
> 7 files changed, 1844 insertions(+)
> create mode 100644 commands/ccrypt.c
> create mode 100644 crypto/ccryptlib.c
> create mode 100644 include/ccryptlib.h
>
> diff --git a/commands/Kconfig b/commands/Kconfig
> index 951a86963..b6911246a 100644
> --- a/commands/Kconfig
> +++ b/commands/Kconfig
> @@ -2137,6 +2137,23 @@ config CMD_SEED
> help
> Seed the pseudo random number generator (PRNG)
>
> +config CMD_CCRYPT
> + tristate
> + prompt "ccrypt"
> + select CRYPTO_CCRYPTLIB
> + select CRYPTO_KEYSTORE
> + help
> + encrypting/decrypting a character stream
> + ccrypt implements a stream cipher based on the block cipher
> + Rijndael.
> + Usage: ccrypt [-ed] [-K name] srcfile dstfile
> +
> + Options:
> + -e encrypt srcfile to dstfile
> + -d decrypt srcfile to dstfile
> + -k name use key with name from keystore
> +
usage help should be provided by the command, not within Kconfig
> # end Miscellaneous commands
> endmenu
>
> diff --git a/commands/Makefile b/commands/Makefile
> index eb4796389..3693bf553 100644
> --- a/commands/Makefile
> +++ b/commands/Makefile
> @@ -123,3 +123,4 @@ obj-$(CONFIG_CMD_MMC_EXTCSD) += mmc_extcsd.o
> obj-$(CONFIG_CMD_NAND_BITFLIP) += nand-bitflip.o
> obj-$(CONFIG_CMD_SEED) += seed.o
> obj-$(CONFIG_CMD_IP_ROUTE_GET) += ip-route-get.o
> +obj-$(CONFIG_CMD_CCRYPT) += ccrypt.o
> diff --git a/commands/ccrypt.c b/commands/ccrypt.c
> new file mode 100644
> index 000000000..1b0ee9f1a
> --- /dev/null
> +++ b/commands/ccrypt.c
> @@ -0,0 +1,249 @@
> +/* -*- Mode:C; c-file-style:"linux"; -*- */
please no style annotations here.
> +/* Copyright (C) 2018 Gerd Pauli <gp@high-consulting.de */
>
> +/* Copyright (C) 2000-2012 Peter Selinger. */
all this should be within one comment block
> +/* See file CREDITS for list of people who contributed to this
> + * project.
no need for complete GPL text. Instead please use SPDX-License-Identifier
For example:
drivers/usb/gadget/f_fastboot.c
you will get some thing like:
/*
* ccrypt implements a stream cipher based on the block cipher Rijndael
*
* Copyright (C) 2018 Gerd Pauli <gp@high-consulting.de>
* Copyright (C) 2000-2012 Peter Selinger
*
* SPDX-License-Identifier: GPL-2.0+
*/
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License as
> + * published by the Free Software Foundation; either version 2 of
> + * the License, or (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + */
> +
> +/* ccrypt implements a stream cipher based on the block cipher
> + Rijndael */
> +
> +/* needs library ccryptlib and keystore from barebox */
no need for this comment, needed headers are already included
> +#include <common.h>
> +#include <command.h>
> +#include <libfile.h>
> +#include <getopt.h>
> +#include <fcntl.h>
> +#include <fs.h>
> +#include <ccryptlib.h>
i prefer headers sorted alphabetically. this helps to reduce
patch conflicts.
> +#define INBUFSIZE 1024
> +#define OUTBUFSIZE INBUFSIZE+32
> +
> +void ccrypt_error( int e ) {
> + if ( e == -1 ) {
> + printf("ccrypt: %s\n",strerror(-errno));
> + return;
> + }
> + if ( e == -2 ) {
> + switch (ccrypt_errno) {
> + case CCRYPT_EFORMAT:
> + printf("ccrypt: %s\n","bad file format");
> + break;
> + case CCRYPT_EMISMATCH:
> + printf("ccrypt: %s\n","key does not match");
> + break;
> + case CCRYPT_EBUFFER:
> + printf("ccrypt: %s\n","buffer overflow");
> + break;
> + default:
> + /* do nothing */
> + printf("ccrypt: %s %d\n","unknown ccrypt error: ",ccrypt_errno);
> + break;
> + }
> + return;
> + }
> + if ( e == -3 ) {
> + printf("ccrypt: %s\n","no key");
> + return;
> + }
> + printf("ccrypt: %s: %d\n","unknown error",e);
> +}
> +
> +static int do_ccrypt(int argc, char *argv[])
> +{
> + int opt;
> + int ret=-EINVAL;
> + int encrypt=0;
> + int decrypt=0;
> + char *extract = NULL;
> + char *from = NULL;
> + char *to = NULL;
> + char *r_buf = NULL;
> + char *w_buf = NULL;
> + int from_fd = 0;
> + int to_fd = 0;
> + int r,w;
> + void *buf;
> + ccrypt_stream_t ccs;
> + ccrypt_stream_t *b = &ccs;
> + char *key;
> + int keylen;
> + int eof=0;
> +
> + while ((opt = getopt(argc, argv, "dek:")) > 0) {
> + switch(opt) {
> + case 'e':
> + encrypt=1;
> + break;
> + case 'd':
> + decrypt=1;
> + break;
> + case 'k':
> + extract = optarg;
> + break;
> + }
> + }
> + if ( encrypt == 1 && decrypt == 1 )
> + return ret;
> + if ( extract == NULL )
> + return ret;
> +
> + if ( optind != 4 )
> + return ret;
> +
> + if ( argc != 6 )
> + return ret;
> +
> + from = argv[optind];
> + to = argv[optind + 1];
> +
> + r_buf=malloc(INBUFSIZE);
> + if ( r_buf == NULL ) {
> + ret = -1;
> + goto out;
> + }
> +
> + w_buf=malloc(OUTBUFSIZE);
> + if ( w_buf == NULL ) {
> + free(r_buf);
> + ret = -1;
> + goto out;
> + }
> +
> + ret=keystore_get_secret(extract, (const u8 **)&key, &keylen);
> +
> +#ifdef DEBUG
> + if ( key && keystore )
> + memory_display(key,0,keylen,1,0);
> +#endif
> +
> + if ( ret ) {
> + ret=-3;
> + goto out;
> + }
> +
> + from_fd = open(from, O_RDONLY);
> + if (from_fd < 0) {
> + printf("could not open %s: %s\n", from, errno_str());
> + ret=-1;
> + goto out;
> + }
> +
> + to_fd = open(to, O_WRONLY | O_CREAT | O_TRUNC);
> + if (to_fd < 0) {
> + printf("could not open %s: %s\n", to, errno_str());
> + ret=-1;
> + goto out;
> + }
> +
> + ret=0;
> +
> + if ( encrypt == 1 )
> + ret = ccencrypt_init(b, key, keylen);
> +
> + if ( decrypt == 1 )
> + ret = ccdecrypt_init(b, key, keylen);
> +
> + if ( ret != 0 ) {
> + printf("cc init error\n");
> + goto out;
> + }
> +
> + b->avail_in = 0;
> +
> + while (1) {
> + /* fill input buffer */
> + if (b->avail_in == 0 && !eof) {
> + r = read(from_fd, r_buf, INBUFSIZE);
> + if (r < 0) {
> + perror("read");
> + ret=-1;
> + goto out;
> + }
> + if (!r)
> + eof=1;
> + b->next_in = &r_buf[0];
> + b->avail_in = r;
> + }
> +
> + /* prepare output buffer */
> + b->next_out = &w_buf[0];
> + b->avail_out = OUTBUFSIZE;
> +
> + /* do some work */
> + if ( encrypt == 1 ) {
> + ret = ccencrypt(b);
> + }
> + if ( decrypt == 1 ) {
> + ret = ccdecrypt(b);
> + if (ret) {
> + printf("cc dec err\n");
> + ret=-2;
> + goto out;
> + }
> + }
> +
> + r = OUTBUFSIZE-b->avail_out;
> + buf = &w_buf[0];
> +
> + /* process output buffer */
> + while (r) {
> + w = write(to_fd, buf, r);
> + if (w < 0) {
> + printf("write error\n");
> + ret=-1;
> + goto out;
> + }
> + buf += w;
> + r -= w;
> + }
> +
> + /* ready */
> + if (eof && b->avail_out != 0) {
> + break;
> + }
> + }
> + ret = 0;
> +out:
> + free(r_buf);
> + free(w_buf);
> + if (from_fd > 0)
> + close(from_fd);
> + if (to_fd > 0)
> + close(to_fd);
> +
> + return ret;
> +}
> +
> +BAREBOX_CMD_HELP_START(ccrypt)
> +BAREBOX_CMD_HELP_TEXT("Rijandel Crypt and Decrypt")
> +BAREBOX_CMD_HELP_TEXT("")
> +BAREBOX_CMD_HELP_TEXT("Options:")
> +BAREBOX_CMD_HELP_OPT("-e", "encrypt")
> +BAREBOX_CMD_HELP_OPT("-d", "decrypt")
> +BAREBOX_CMD_HELP_OPT("-k name", "Name of key in keystore")
> +BAREBOX_CMD_HELP_END
> +
> +BAREBOX_CMD_START(ccrypt)
> +.cmd = do_ccrypt,
> + BAREBOX_CMD_DESC("Crypt and Decrypt Files")
> + BAREBOX_CMD_OPTS("[-e|-d] -k NAME SRC DST")
> + BAREBOX_CMD_GROUP(CMD_GRP_MISC)
> + BAREBOX_CMD_HELP(cmd_ccrypt_help)
> + BAREBOX_CMD_END
> diff --git a/crypto/Kconfig b/crypto/Kconfig
> index 6d65c24d4..08669a2de 100644
> --- a/crypto/Kconfig
> +++ b/crypto/Kconfig
> @@ -101,4 +101,11 @@ config CRYPTO_KEYSTORE
> This is a simple keystore, which can be used to pass keys
> between several components via simple interface.
>
> +config CRYPTO_CCRYPTLIB
> + bool "ccryptlib"
> + help
> + This option provides functions implementing a stream cipher based
> + on the block cipher rijandel.
> + The cipher is based on Peter Selingers ccrypt implementation.
> +
> endmenu
> diff --git a/crypto/Makefile b/crypto/Makefile
> index a7240d1d6..1231bc76d 100644
> --- a/crypto/Makefile
> +++ b/crypto/Makefile
> @@ -14,3 +14,4 @@ obj-$(CONFIG_DIGEST_SHA512_GENERIC) += sha4.o
> obj-$(CONFIG_CRYPTO_PBKDF2) += pbkdf2.o
> obj-$(CONFIG_CRYPTO_RSA) += rsa.o
> obj-$(CONFIG_CRYPTO_KEYSTORE) += keystore.o
> +obj-$(CONFIG_CRYPTO_CCRYPTLIB) += ccryptlib.o
> diff --git a/crypto/ccryptlib.c b/crypto/ccryptlib.c
> new file mode 100644
> index 000000000..78f0ac843
> --- /dev/null
> +++ b/crypto/ccryptlib.c
> @@ -0,0 +1,1467 @@
> +/* -*- Mode:C; c-file-style:"linux"; -*- */
> +
> +/* Ported to barebox by Gerd Pauli <gp@high-consulting.de> 2018 */
> +
> +/* Copyright (C) 2000-2012 Peter Selinger.
> + This file is part of ccrypt. It is free software and it is covered
> + by the GNU general public license. See the file COPYING for details. */
> +
> +/* NOTE: this library is copyrighted under the GNU General Public
> + License, *not* under the GNU Library General Public License. This
> + means, among other things, that you cannot use this library in
> + closed-source software. */
> +
> +/* ccryptlib implements a stream cipher based on the block cipher
> + Rijndael, the candidate for the AES standard. */
Same header stile as before.
> +#include <stdlib.h>
> +#include <unistd.h>
> +#include <stdio.h>
> +#include <string.h>
> +#include <ccryptlib.h>
> +#include <common.h>
> +#include <malloc.h>
includes alphabetically
> +/* ---------- rijandel.c ---------- */
> +
> +/* rijndael.c - optimized version of the Rijndeal cipher */
> +/* derived from original source: rijndael-alg-ref.c v2.0 August '99
> + * Reference ANSI C code for NIST competition
> + * authors: Paulo Barreto
> + * Vincent Rijmen
> + */
> +
> +typedef unsigned char word8;
> +
> +#ifdef UINT32_TYPE
> +typedef UINT32_TYPE word32;
> +#else
> +typedef int word32; /* should be a 32-bit integer type */
> +#endif
> +
> +/* a type to hold 32 bits accessible as 1 integer or 4 bytes */
> +union word8x4_u {
> + word8 w8[4];
> + word32 w32;
> +};
> +typedef union word8x4_u word8x4;
> +
> +/* ---------- tables.c ------------ */
> +
> +word8x4 M0[4][256] = {
> + {
> + {{ 0, 0, 0, 0}}, {{ 2, 1, 1, 3}}, {{ 4, 2, 2, 6}},
> + {{ 6, 3, 3, 5}}, {{ 8, 4, 4, 12}}, {{ 10, 5, 5, 15}},
> + {{ 12, 6, 6, 10}}, {{ 14, 7, 7, 9}}, {{ 16, 8, 8, 24}},
> + {{ 18, 9, 9, 27}}, {{ 20, 10, 10, 30}}, {{ 22, 11, 11, 29}},
> + {{ 24, 12, 12, 20}}, {{ 26, 13, 13, 23}}, {{ 28, 14, 14, 18}},
> + {{ 30, 15, 15, 17}}, {{ 32, 16, 16, 48}}, {{ 34, 17, 17, 51}},
> + {{ 36, 18, 18, 54}}, {{ 38, 19, 19, 53}}, {{ 40, 20, 20, 60}},
> + {{ 42, 21, 21, 63}}, {{ 44, 22, 22, 58}}, {{ 46, 23, 23, 57}},
> + {{ 48, 24, 24, 40}}, {{ 50, 25, 25, 43}}, {{ 52, 26, 26, 46}},
> + {{ 54, 27, 27, 45}}, {{ 56, 28, 28, 36}}, {{ 58, 29, 29, 39}},
> + {{ 60, 30, 30, 34}}, {{ 62, 31, 31, 33}}, {{ 64, 32, 32, 96}},
> + {{ 66, 33, 33, 99}}, {{ 68, 34, 34, 102}}, {{ 70, 35, 35, 101}},
> + {{ 72, 36, 36, 108}}, {{ 74, 37, 37, 111}}, {{ 76, 38, 38, 106}},
> + {{ 78, 39, 39, 105}}, {{ 80, 40, 40, 120}}, {{ 82, 41, 41, 123}},
> + {{ 84, 42, 42, 126}}, {{ 86, 43, 43, 125}}, {{ 88, 44, 44, 116}},
> + {{ 90, 45, 45, 119}}, {{ 92, 46, 46, 114}}, {{ 94, 47, 47, 113}},
> + {{ 96, 48, 48, 80}}, {{ 98, 49, 49, 83}}, {{100, 50, 50, 86}},
> + {{102, 51, 51, 85}}, {{104, 52, 52, 92}}, {{106, 53, 53, 95}},
> + {{108, 54, 54, 90}}, {{110, 55, 55, 89}}, {{112, 56, 56, 72}},
> + {{114, 57, 57, 75}}, {{116, 58, 58, 78}}, {{118, 59, 59, 77}},
> + {{120, 60, 60, 68}}, {{122, 61, 61, 71}}, {{124, 62, 62, 66}},
> + {{126, 63, 63, 65}}, {{128, 64, 64, 192}}, {{130, 65, 65, 195}},
> + {{132, 66, 66, 198}}, {{134, 67, 67, 197}}, {{136, 68, 68, 204}},
> + {{138, 69, 69, 207}}, {{140, 70, 70, 202}}, {{142, 71, 71, 201}},
> + {{144, 72, 72, 216}}, {{146, 73, 73, 219}}, {{148, 74, 74, 222}},
> + {{150, 75, 75, 221}}, {{152, 76, 76, 212}}, {{154, 77, 77, 215}},
> + {{156, 78, 78, 210}}, {{158, 79, 79, 209}}, {{160, 80, 80, 240}},
> + {{162, 81, 81, 243}}, {{164, 82, 82, 246}}, {{166, 83, 83, 245}},
> + {{168, 84, 84, 252}}, {{170, 85, 85, 255}}, {{172, 86, 86, 250}},
> + {{174, 87, 87, 249}}, {{176, 88, 88, 232}}, {{178, 89, 89, 235}},
> + {{180, 90, 90, 238}}, {{182, 91, 91, 237}}, {{184, 92, 92, 228}},
> + {{186, 93, 93, 231}}, {{188, 94, 94, 226}}, {{190, 95, 95, 225}},
> + {{192, 96, 96, 160}}, {{194, 97, 97, 163}}, {{196, 98, 98, 166}},
> + {{198, 99, 99, 165}}, {{200, 100, 100, 172}}, {{202, 101, 101, 175}},
> + {{204, 102, 102, 170}}, {{206, 103, 103, 169}}, {{208, 104, 104, 184}},
> + {{210, 105, 105, 187}}, {{212, 106, 106, 190}}, {{214, 107, 107, 189}},
> + {{216, 108, 108, 180}}, {{218, 109, 109, 183}}, {{220, 110, 110, 178}},
> + {{222, 111, 111, 177}}, {{224, 112, 112, 144}}, {{226, 113, 113, 147}},
> + {{228, 114, 114, 150}}, {{230, 115, 115, 149}}, {{232, 116, 116, 156}},
> + {{234, 117, 117, 159}}, {{236, 118, 118, 154}}, {{238, 119, 119, 153}},
> + {{240, 120, 120, 136}}, {{242, 121, 121, 139}}, {{244, 122, 122, 142}},
> + {{246, 123, 123, 141}}, {{248, 124, 124, 132}}, {{250, 125, 125, 135}},
> + {{252, 126, 126, 130}}, {{254, 127, 127, 129}}, {{ 27, 128, 128, 155}},
> + {{ 25, 129, 129, 152}}, {{ 31, 130, 130, 157}}, {{ 29, 131, 131, 158}},
> + {{ 19, 132, 132, 151}}, {{ 17, 133, 133, 148}}, {{ 23, 134, 134, 145}},
> + {{ 21, 135, 135, 146}}, {{ 11, 136, 136, 131}}, {{ 9, 137, 137, 128}},
> + {{ 15, 138, 138, 133}}, {{ 13, 139, 139, 134}}, {{ 3, 140, 140, 143}},
> + {{ 1, 141, 141, 140}}, {{ 7, 142, 142, 137}}, {{ 5, 143, 143, 138}},
> + {{ 59, 144, 144, 171}}, {{ 57, 145, 145, 168}}, {{ 63, 146, 146, 173}},
> + {{ 61, 147, 147, 174}}, {{ 51, 148, 148, 167}}, {{ 49, 149, 149, 164}},
> + {{ 55, 150, 150, 161}}, {{ 53, 151, 151, 162}}, {{ 43, 152, 152, 179}},
> + {{ 41, 153, 153, 176}}, {{ 47, 154, 154, 181}}, {{ 45, 155, 155, 182}},
> + {{ 35, 156, 156, 191}}, {{ 33, 157, 157, 188}}, {{ 39, 158, 158, 185}},
> + {{ 37, 159, 159, 186}}, {{ 91, 160, 160, 251}}, {{ 89, 161, 161, 248}},
> + {{ 95, 162, 162, 253}}, {{ 93, 163, 163, 254}}, {{ 83, 164, 164, 247}},
> + {{ 81, 165, 165, 244}}, {{ 87, 166, 166, 241}}, {{ 85, 167, 167, 242}},
> + {{ 75, 168, 168, 227}}, {{ 73, 169, 169, 224}}, {{ 79, 170, 170, 229}},
> + {{ 77, 171, 171, 230}}, {{ 67, 172, 172, 239}}, {{ 65, 173, 173, 236}},
> + {{ 71, 174, 174, 233}}, {{ 69, 175, 175, 234}}, {{123, 176, 176, 203}},
> + {{121, 177, 177, 200}}, {{127, 178, 178, 205}}, {{125, 179, 179, 206}},
> + {{115, 180, 180, 199}}, {{113, 181, 181, 196}}, {{119, 182, 182, 193}},
> + {{117, 183, 183, 194}}, {{107, 184, 184, 211}}, {{105, 185, 185, 208}},
> + {{111, 186, 186, 213}}, {{109, 187, 187, 214}}, {{ 99, 188, 188, 223}},
> + {{ 97, 189, 189, 220}}, {{103, 190, 190, 217}}, {{101, 191, 191, 218}},
> + {{155, 192, 192, 91}}, {{153, 193, 193, 88}}, {{159, 194, 194, 93}},
> + {{157, 195, 195, 94}}, {{147, 196, 196, 87}}, {{145, 197, 197, 84}},
> + {{151, 198, 198, 81}}, {{149, 199, 199, 82}}, {{139, 200, 200, 67}},
> + {{137, 201, 201, 64}}, {{143, 202, 202, 69}}, {{141, 203, 203, 70}},
> + {{131, 204, 204, 79}}, {{129, 205, 205, 76}}, {{135, 206, 206, 73}},
> + {{133, 207, 207, 74}}, {{187, 208, 208, 107}}, {{185, 209, 209, 104}},
> + {{191, 210, 210, 109}}, {{189, 211, 211, 110}}, {{179, 212, 212, 103}},
> + {{177, 213, 213, 100}}, {{183, 214, 214, 97}}, {{181, 215, 215, 98}},
> + {{171, 216, 216, 115}}, {{169, 217, 217, 112}}, {{175, 218, 218, 117}},
> + {{173, 219, 219, 118}}, {{163, 220, 220, 127}}, {{161, 221, 221, 124}},
> + {{167, 222, 222, 121}}, {{165, 223, 223, 122}}, {{219, 224, 224, 59}},
> + {{217, 225, 225, 56}}, {{223, 226, 226, 61}}, {{221, 227, 227, 62}},
> + {{211, 228, 228, 55}}, {{209, 229, 229, 52}}, {{215, 230, 230, 49}},
> + {{213, 231, 231, 50}}, {{203, 232, 232, 35}}, {{201, 233, 233, 32}},
> + {{207, 234, 234, 37}}, {{205, 235, 235, 38}}, {{195, 236, 236, 47}},
> + {{193, 237, 237, 44}}, {{199, 238, 238, 41}}, {{197, 239, 239, 42}},
> + {{251, 240, 240, 11}}, {{249, 241, 241, 8}}, {{255, 242, 242, 13}},
> + {{253, 243, 243, 14}}, {{243, 244, 244, 7}}, {{241, 245, 245, 4}},
> + {{247, 246, 246, 1}}, {{245, 247, 247, 2}}, {{235, 248, 248, 19}},
> + {{233, 249, 249, 16}}, {{239, 250, 250, 21}}, {{237, 251, 251, 22}},
> + {{227, 252, 252, 31}}, {{225, 253, 253, 28}}, {{231, 254, 254, 25}},
> + {{229, 255, 255, 26}},
> + },
> + {
> + {{ 0, 0, 0, 0}}, {{ 3, 2, 1, 1}}, {{ 6, 4, 2, 2}},
> + {{ 5, 6, 3, 3}}, {{ 12, 8, 4, 4}}, {{ 15, 10, 5, 5}},
> + {{ 10, 12, 6, 6}}, {{ 9, 14, 7, 7}}, {{ 24, 16, 8, 8}},
> + {{ 27, 18, 9, 9}}, {{ 30, 20, 10, 10}}, {{ 29, 22, 11, 11}},
> + {{ 20, 24, 12, 12}}, {{ 23, 26, 13, 13}}, {{ 18, 28, 14, 14}},
> + {{ 17, 30, 15, 15}}, {{ 48, 32, 16, 16}}, {{ 51, 34, 17, 17}},
> + {{ 54, 36, 18, 18}}, {{ 53, 38, 19, 19}}, {{ 60, 40, 20, 20}},
> + {{ 63, 42, 21, 21}}, {{ 58, 44, 22, 22}}, {{ 57, 46, 23, 23}},
> + {{ 40, 48, 24, 24}}, {{ 43, 50, 25, 25}}, {{ 46, 52, 26, 26}},
> + {{ 45, 54, 27, 27}}, {{ 36, 56, 28, 28}}, {{ 39, 58, 29, 29}},
> + {{ 34, 60, 30, 30}}, {{ 33, 62, 31, 31}}, {{ 96, 64, 32, 32}},
> + {{ 99, 66, 33, 33}}, {{102, 68, 34, 34}}, {{101, 70, 35, 35}},
> + {{108, 72, 36, 36}}, {{111, 74, 37, 37}}, {{106, 76, 38, 38}},
> + {{105, 78, 39, 39}}, {{120, 80, 40, 40}}, {{123, 82, 41, 41}},
> + {{126, 84, 42, 42}}, {{125, 86, 43, 43}}, {{116, 88, 44, 44}},
> + {{119, 90, 45, 45}}, {{114, 92, 46, 46}}, {{113, 94, 47, 47}},
> + {{ 80, 96, 48, 48}}, {{ 83, 98, 49, 49}}, {{ 86, 100, 50, 50}},
> + {{ 85, 102, 51, 51}}, {{ 92, 104, 52, 52}}, {{ 95, 106, 53, 53}},
> + {{ 90, 108, 54, 54}}, {{ 89, 110, 55, 55}}, {{ 72, 112, 56, 56}},
> + {{ 75, 114, 57, 57}}, {{ 78, 116, 58, 58}}, {{ 77, 118, 59, 59}},
> + {{ 68, 120, 60, 60}}, {{ 71, 122, 61, 61}}, {{ 66, 124, 62, 62}},
> + {{ 65, 126, 63, 63}}, {{192, 128, 64, 64}}, {{195, 130, 65, 65}},
> + {{198, 132, 66, 66}}, {{197, 134, 67, 67}}, {{204, 136, 68, 68}},
> + {{207, 138, 69, 69}}, {{202, 140, 70, 70}}, {{201, 142, 71, 71}},
> + {{216, 144, 72, 72}}, {{219, 146, 73, 73}}, {{222, 148, 74, 74}},
> + {{221, 150, 75, 75}}, {{212, 152, 76, 76}}, {{215, 154, 77, 77}},
> + {{210, 156, 78, 78}}, {{209, 158, 79, 79}}, {{240, 160, 80, 80}},
> + {{243, 162, 81, 81}}, {{246, 164, 82, 82}}, {{245, 166, 83, 83}},
> + {{252, 168, 84, 84}}, {{255, 170, 85, 85}}, {{250, 172, 86, 86}},
> + {{249, 174, 87, 87}}, {{232, 176, 88, 88}}, {{235, 178, 89, 89}},
> + {{238, 180, 90, 90}}, {{237, 182, 91, 91}}, {{228, 184, 92, 92}},
> + {{231, 186, 93, 93}}, {{226, 188, 94, 94}}, {{225, 190, 95, 95}},
> + {{160, 192, 96, 96}}, {{163, 194, 97, 97}}, {{166, 196, 98, 98}},
> + {{165, 198, 99, 99}}, {{172, 200, 100, 100}}, {{175, 202, 101, 101}},
> + {{170, 204, 102, 102}}, {{169, 206, 103, 103}}, {{184, 208, 104, 104}},
> + {{187, 210, 105, 105}}, {{190, 212, 106, 106}}, {{189, 214, 107, 107}},
> + {{180, 216, 108, 108}}, {{183, 218, 109, 109}}, {{178, 220, 110, 110}},
> + {{177, 222, 111, 111}}, {{144, 224, 112, 112}}, {{147, 226, 113, 113}},
> + {{150, 228, 114, 114}}, {{149, 230, 115, 115}}, {{156, 232, 116, 116}},
> + {{159, 234, 117, 117}}, {{154, 236, 118, 118}}, {{153, 238, 119, 119}},
> + {{136, 240, 120, 120}}, {{139, 242, 121, 121}}, {{142, 244, 122, 122}},
> + {{141, 246, 123, 123}}, {{132, 248, 124, 124}}, {{135, 250, 125, 125}},
> + {{130, 252, 126, 126}}, {{129, 254, 127, 127}}, {{155, 27, 128, 128}},
> + {{152, 25, 129, 129}}, {{157, 31, 130, 130}}, {{158, 29, 131, 131}},
> + {{151, 19, 132, 132}}, {{148, 17, 133, 133}}, {{145, 23, 134, 134}},
> + {{146, 21, 135, 135}}, {{131, 11, 136, 136}}, {{128, 9, 137, 137}},
> + {{133, 15, 138, 138}}, {{134, 13, 139, 139}}, {{143, 3, 140, 140}},
> + {{140, 1, 141, 141}}, {{137, 7, 142, 142}}, {{138, 5, 143, 143}},
> + {{171, 59, 144, 144}}, {{168, 57, 145, 145}}, {{173, 63, 146, 146}},
> + {{174, 61, 147, 147}}, {{167, 51, 148, 148}}, {{164, 49, 149, 149}},
> + {{161, 55, 150, 150}}, {{162, 53, 151, 151}}, {{179, 43, 152, 152}},
> + {{176, 41, 153, 153}}, {{181, 47, 154, 154}}, {{182, 45, 155, 155}},
> + {{191, 35, 156, 156}}, {{188, 33, 157, 157}}, {{185, 39, 158, 158}},
> + {{186, 37, 159, 159}}, {{251, 91, 160, 160}}, {{248, 89, 161, 161}},
> + {{253, 95, 162, 162}}, {{254, 93, 163, 163}}, {{247, 83, 164, 164}},
> + {{244, 81, 165, 165}}, {{241, 87, 166, 166}}, {{242, 85, 167, 167}},
> + {{227, 75, 168, 168}}, {{224, 73, 169, 169}}, {{229, 79, 170, 170}},
> + {{230, 77, 171, 171}}, {{239, 67, 172, 172}}, {{236, 65, 173, 173}},
> + {{233, 71, 174, 174}}, {{234, 69, 175, 175}}, {{203, 123, 176, 176}},
> + {{200, 121, 177, 177}}, {{205, 127, 178, 178}}, {{206, 125, 179, 179}},
> + {{199, 115, 180, 180}}, {{196, 113, 181, 181}}, {{193, 119, 182, 182}},
> + {{194, 117, 183, 183}}, {{211, 107, 184, 184}}, {{208, 105, 185, 185}},
> + {{213, 111, 186, 186}}, {{214, 109, 187, 187}}, {{223, 99, 188, 188}},
> + {{220, 97, 189, 189}}, {{217, 103, 190, 190}}, {{218, 101, 191, 191}},
> + {{ 91, 155, 192, 192}}, {{ 88, 153, 193, 193}}, {{ 93, 159, 194, 194}},
> + {{ 94, 157, 195, 195}}, {{ 87, 147, 196, 196}}, {{ 84, 145, 197, 197}},
> + {{ 81, 151, 198, 198}}, {{ 82, 149, 199, 199}}, {{ 67, 139, 200, 200}},
> + {{ 64, 137, 201, 201}}, {{ 69, 143, 202, 202}}, {{ 70, 141, 203, 203}},
> + {{ 79, 131, 204, 204}}, {{ 76, 129, 205, 205}}, {{ 73, 135, 206, 206}},
> + {{ 74, 133, 207, 207}}, {{107, 187, 208, 208}}, {{104, 185, 209, 209}},
> + {{109, 191, 210, 210}}, {{110, 189, 211, 211}}, {{103, 179, 212, 212}},
> + {{100, 177, 213, 213}}, {{ 97, 183, 214, 214}}, {{ 98, 181, 215, 215}},
> + {{115, 171, 216, 216}}, {{112, 169, 217, 217}}, {{117, 175, 218, 218}},
> + {{118, 173, 219, 219}}, {{127, 163, 220, 220}}, {{124, 161, 221, 221}},
> + {{121, 167, 222, 222}}, {{122, 165, 223, 223}}, {{ 59, 219, 224, 224}},
> + {{ 56, 217, 225, 225}}, {{ 61, 223, 226, 226}}, {{ 62, 221, 227, 227}},
> + {{ 55, 211, 228, 228}}, {{ 52, 209, 229, 229}}, {{ 49, 215, 230, 230}},
> + {{ 50, 213, 231, 231}}, {{ 35, 203, 232, 232}}, {{ 32, 201, 233, 233}},
> + {{ 37, 207, 234, 234}}, {{ 38, 205, 235, 235}}, {{ 47, 195, 236, 236}},
> + {{ 44, 193, 237, 237}}, {{ 41, 199, 238, 238}}, {{ 42, 197, 239, 239}},
> + {{ 11, 251, 240, 240}}, {{ 8, 249, 241, 241}}, {{ 13, 255, 242, 242}},
> + {{ 14, 253, 243, 243}}, {{ 7, 243, 244, 244}}, {{ 4, 241, 245, 245}},
> + {{ 1, 247, 246, 246}}, {{ 2, 245, 247, 247}}, {{ 19, 235, 248, 248}},
> + {{ 16, 233, 249, 249}}, {{ 21, 239, 250, 250}}, {{ 22, 237, 251, 251}},
> + {{ 31, 227, 252, 252}}, {{ 28, 225, 253, 253}}, {{ 25, 231, 254, 254}},
> + {{ 26, 229, 255, 255}},
> + },
> + {
> + {{ 0, 0, 0, 0}}, {{ 1, 3, 2, 1}}, {{ 2, 6, 4, 2}},
> + {{ 3, 5, 6, 3}}, {{ 4, 12, 8, 4}}, {{ 5, 15, 10, 5}},
> + {{ 6, 10, 12, 6}}, {{ 7, 9, 14, 7}}, {{ 8, 24, 16, 8}},
> + {{ 9, 27, 18, 9}}, {{ 10, 30, 20, 10}}, {{ 11, 29, 22, 11}},
> + {{ 12, 20, 24, 12}}, {{ 13, 23, 26, 13}}, {{ 14, 18, 28, 14}},
> + {{ 15, 17, 30, 15}}, {{ 16, 48, 32, 16}}, {{ 17, 51, 34, 17}},
> + {{ 18, 54, 36, 18}}, {{ 19, 53, 38, 19}}, {{ 20, 60, 40, 20}},
> + {{ 21, 63, 42, 21}}, {{ 22, 58, 44, 22}}, {{ 23, 57, 46, 23}},
> + {{ 24, 40, 48, 24}}, {{ 25, 43, 50, 25}}, {{ 26, 46, 52, 26}},
> + {{ 27, 45, 54, 27}}, {{ 28, 36, 56, 28}}, {{ 29, 39, 58, 29}},
> + {{ 30, 34, 60, 30}}, {{ 31, 33, 62, 31}}, {{ 32, 96, 64, 32}},
> + {{ 33, 99, 66, 33}}, {{ 34, 102, 68, 34}}, {{ 35, 101, 70, 35}},
> + {{ 36, 108, 72, 36}}, {{ 37, 111, 74, 37}}, {{ 38, 106, 76, 38}},
> + {{ 39, 105, 78, 39}}, {{ 40, 120, 80, 40}}, {{ 41, 123, 82, 41}},
> + {{ 42, 126, 84, 42}}, {{ 43, 125, 86, 43}}, {{ 44, 116, 88, 44}},
> + {{ 45, 119, 90, 45}}, {{ 46, 114, 92, 46}}, {{ 47, 113, 94, 47}},
> + {{ 48, 80, 96, 48}}, {{ 49, 83, 98, 49}}, {{ 50, 86, 100, 50}},
> + {{ 51, 85, 102, 51}}, {{ 52, 92, 104, 52}}, {{ 53, 95, 106, 53}},
> + {{ 54, 90, 108, 54}}, {{ 55, 89, 110, 55}}, {{ 56, 72, 112, 56}},
> + {{ 57, 75, 114, 57}}, {{ 58, 78, 116, 58}}, {{ 59, 77, 118, 59}},
> + {{ 60, 68, 120, 60}}, {{ 61, 71, 122, 61}}, {{ 62, 66, 124, 62}},
> + {{ 63, 65, 126, 63}}, {{ 64, 192, 128, 64}}, {{ 65, 195, 130, 65}},
> + {{ 66, 198, 132, 66}}, {{ 67, 197, 134, 67}}, {{ 68, 204, 136, 68}},
> + {{ 69, 207, 138, 69}}, {{ 70, 202, 140, 70}}, {{ 71, 201, 142, 71}},
> + {{ 72, 216, 144, 72}}, {{ 73, 219, 146, 73}}, {{ 74, 222, 148, 74}},
> + {{ 75, 221, 150, 75}}, {{ 76, 212, 152, 76}}, {{ 77, 215, 154, 77}},
> + {{ 78, 210, 156, 78}}, {{ 79, 209, 158, 79}}, {{ 80, 240, 160, 80}},
> + {{ 81, 243, 162, 81}}, {{ 82, 246, 164, 82}}, {{ 83, 245, 166, 83}},
> + {{ 84, 252, 168, 84}}, {{ 85, 255, 170, 85}}, {{ 86, 250, 172, 86}},
> + {{ 87, 249, 174, 87}}, {{ 88, 232, 176, 88}}, {{ 89, 235, 178, 89}},
> + {{ 90, 238, 180, 90}}, {{ 91, 237, 182, 91}}, {{ 92, 228, 184, 92}},
> + {{ 93, 231, 186, 93}}, {{ 94, 226, 188, 94}}, {{ 95, 225, 190, 95}},
> + {{ 96, 160, 192, 96}}, {{ 97, 163, 194, 97}}, {{ 98, 166, 196, 98}},
> + {{ 99, 165, 198, 99}}, {{100, 172, 200, 100}}, {{101, 175, 202, 101}},
> + {{102, 170, 204, 102}}, {{103, 169, 206, 103}}, {{104, 184, 208, 104}},
> + {{105, 187, 210, 105}}, {{106, 190, 212, 106}}, {{107, 189, 214, 107}},
> + {{108, 180, 216, 108}}, {{109, 183, 218, 109}}, {{110, 178, 220, 110}},
> + {{111, 177, 222, 111}}, {{112, 144, 224, 112}}, {{113, 147, 226, 113}},
> + {{114, 150, 228, 114}}, {{115, 149, 230, 115}}, {{116, 156, 232, 116}},
> + {{117, 159, 234, 117}}, {{118, 154, 236, 118}}, {{119, 153, 238, 119}},
> + {{120, 136, 240, 120}}, {{121, 139, 242, 121}}, {{122, 142, 244, 122}},
> + {{123, 141, 246, 123}}, {{124, 132, 248, 124}}, {{125, 135, 250, 125}},
> + {{126, 130, 252, 126}}, {{127, 129, 254, 127}}, {{128, 155, 27, 128}},
> + {{129, 152, 25, 129}}, {{130, 157, 31, 130}}, {{131, 158, 29, 131}},
> + {{132, 151, 19, 132}}, {{133, 148, 17, 133}}, {{134, 145, 23, 134}},
> + {{135, 146, 21, 135}}, {{136, 131, 11, 136}}, {{137, 128, 9, 137}},
> + {{138, 133, 15, 138}}, {{139, 134, 13, 139}}, {{140, 143, 3, 140}},
> + {{141, 140, 1, 141}}, {{142, 137, 7, 142}}, {{143, 138, 5, 143}},
> + {{144, 171, 59, 144}}, {{145, 168, 57, 145}}, {{146, 173, 63, 146}},
> + {{147, 174, 61, 147}}, {{148, 167, 51, 148}}, {{149, 164, 49, 149}},
> + {{150, 161, 55, 150}}, {{151, 162, 53, 151}}, {{152, 179, 43, 152}},
> + {{153, 176, 41, 153}}, {{154, 181, 47, 154}}, {{155, 182, 45, 155}},
> + {{156, 191, 35, 156}}, {{157, 188, 33, 157}}, {{158, 185, 39, 158}},
> + {{159, 186, 37, 159}}, {{160, 251, 91, 160}}, {{161, 248, 89, 161}},
> + {{162, 253, 95, 162}}, {{163, 254, 93, 163}}, {{164, 247, 83, 164}},
> + {{165, 244, 81, 165}}, {{166, 241, 87, 166}}, {{167, 242, 85, 167}},
> + {{168, 227, 75, 168}}, {{169, 224, 73, 169}}, {{170, 229, 79, 170}},
> + {{171, 230, 77, 171}}, {{172, 239, 67, 172}}, {{173, 236, 65, 173}},
> + {{174, 233, 71, 174}}, {{175, 234, 69, 175}}, {{176, 203, 123, 176}},
> + {{177, 200, 121, 177}}, {{178, 205, 127, 178}}, {{179, 206, 125, 179}},
> + {{180, 199, 115, 180}}, {{181, 196, 113, 181}}, {{182, 193, 119, 182}},
> + {{183, 194, 117, 183}}, {{184, 211, 107, 184}}, {{185, 208, 105, 185}},
> + {{186, 213, 111, 186}}, {{187, 214, 109, 187}}, {{188, 223, 99, 188}},
> + {{189, 220, 97, 189}}, {{190, 217, 103, 190}}, {{191, 218, 101, 191}},
> + {{192, 91, 155, 192}}, {{193, 88, 153, 193}}, {{194, 93, 159, 194}},
> + {{195, 94, 157, 195}}, {{196, 87, 147, 196}}, {{197, 84, 145, 197}},
> + {{198, 81, 151, 198}}, {{199, 82, 149, 199}}, {{200, 67, 139, 200}},
> + {{201, 64, 137, 201}}, {{202, 69, 143, 202}}, {{203, 70, 141, 203}},
> + {{204, 79, 131, 204}}, {{205, 76, 129, 205}}, {{206, 73, 135, 206}},
> + {{207, 74, 133, 207}}, {{208, 107, 187, 208}}, {{209, 104, 185, 209}},
> + {{210, 109, 191, 210}}, {{211, 110, 189, 211}}, {{212, 103, 179, 212}},
> + {{213, 100, 177, 213}}, {{214, 97, 183, 214}}, {{215, 98, 181, 215}},
> + {{216, 115, 171, 216}}, {{217, 112, 169, 217}}, {{218, 117, 175, 218}},
> + {{219, 118, 173, 219}}, {{220, 127, 163, 220}}, {{221, 124, 161, 221}},
> + {{222, 121, 167, 222}}, {{223, 122, 165, 223}}, {{224, 59, 219, 224}},
> + {{225, 56, 217, 225}}, {{226, 61, 223, 226}}, {{227, 62, 221, 227}},
> + {{228, 55, 211, 228}}, {{229, 52, 209, 229}}, {{230, 49, 215, 230}},
> + {{231, 50, 213, 231}}, {{232, 35, 203, 232}}, {{233, 32, 201, 233}},
> + {{234, 37, 207, 234}}, {{235, 38, 205, 235}}, {{236, 47, 195, 236}},
> + {{237, 44, 193, 237}}, {{238, 41, 199, 238}}, {{239, 42, 197, 239}},
> + {{240, 11, 251, 240}}, {{241, 8, 249, 241}}, {{242, 13, 255, 242}},
> + {{243, 14, 253, 243}}, {{244, 7, 243, 244}}, {{245, 4, 241, 245}},
> + {{246, 1, 247, 246}}, {{247, 2, 245, 247}}, {{248, 19, 235, 248}},
> + {{249, 16, 233, 249}}, {{250, 21, 239, 250}}, {{251, 22, 237, 251}},
> + {{252, 31, 227, 252}}, {{253, 28, 225, 253}}, {{254, 25, 231, 254}},
> + {{255, 26, 229, 255}},
> + },
> + {
> + {{ 0, 0, 0, 0}}, {{ 1, 1, 3, 2}}, {{ 2, 2, 6, 4}},
> + {{ 3, 3, 5, 6}}, {{ 4, 4, 12, 8}}, {{ 5, 5, 15, 10}},
> + {{ 6, 6, 10, 12}}, {{ 7, 7, 9, 14}}, {{ 8, 8, 24, 16}},
> + {{ 9, 9, 27, 18}}, {{ 10, 10, 30, 20}}, {{ 11, 11, 29, 22}},
> + {{ 12, 12, 20, 24}}, {{ 13, 13, 23, 26}}, {{ 14, 14, 18, 28}},
> + {{ 15, 15, 17, 30}}, {{ 16, 16, 48, 32}}, {{ 17, 17, 51, 34}},
> + {{ 18, 18, 54, 36}}, {{ 19, 19, 53, 38}}, {{ 20, 20, 60, 40}},
> + {{ 21, 21, 63, 42}}, {{ 22, 22, 58, 44}}, {{ 23, 23, 57, 46}},
> + {{ 24, 24, 40, 48}}, {{ 25, 25, 43, 50}}, {{ 26, 26, 46, 52}},
> + {{ 27, 27, 45, 54}}, {{ 28, 28, 36, 56}}, {{ 29, 29, 39, 58}},
> + {{ 30, 30, 34, 60}}, {{ 31, 31, 33, 62}}, {{ 32, 32, 96, 64}},
> + {{ 33, 33, 99, 66}}, {{ 34, 34, 102, 68}}, {{ 35, 35, 101, 70}},
> + {{ 36, 36, 108, 72}}, {{ 37, 37, 111, 74}}, {{ 38, 38, 106, 76}},
> + {{ 39, 39, 105, 78}}, {{ 40, 40, 120, 80}}, {{ 41, 41, 123, 82}},
> + {{ 42, 42, 126, 84}}, {{ 43, 43, 125, 86}}, {{ 44, 44, 116, 88}},
> + {{ 45, 45, 119, 90}}, {{ 46, 46, 114, 92}}, {{ 47, 47, 113, 94}},
> + {{ 48, 48, 80, 96}}, {{ 49, 49, 83, 98}}, {{ 50, 50, 86, 100}},
> + {{ 51, 51, 85, 102}}, {{ 52, 52, 92, 104}}, {{ 53, 53, 95, 106}},
> + {{ 54, 54, 90, 108}}, {{ 55, 55, 89, 110}}, {{ 56, 56, 72, 112}},
> + {{ 57, 57, 75, 114}}, {{ 58, 58, 78, 116}}, {{ 59, 59, 77, 118}},
> + {{ 60, 60, 68, 120}}, {{ 61, 61, 71, 122}}, {{ 62, 62, 66, 124}},
> + {{ 63, 63, 65, 126}}, {{ 64, 64, 192, 128}}, {{ 65, 65, 195, 130}},
> + {{ 66, 66, 198, 132}}, {{ 67, 67, 197, 134}}, {{ 68, 68, 204, 136}},
> + {{ 69, 69, 207, 138}}, {{ 70, 70, 202, 140}}, {{ 71, 71, 201, 142}},
> + {{ 72, 72, 216, 144}}, {{ 73, 73, 219, 146}}, {{ 74, 74, 222, 148}},
> + {{ 75, 75, 221, 150}}, {{ 76, 76, 212, 152}}, {{ 77, 77, 215, 154}},
> + {{ 78, 78, 210, 156}}, {{ 79, 79, 209, 158}}, {{ 80, 80, 240, 160}},
> + {{ 81, 81, 243, 162}}, {{ 82, 82, 246, 164}}, {{ 83, 83, 245, 166}},
> + {{ 84, 84, 252, 168}}, {{ 85, 85, 255, 170}}, {{ 86, 86, 250, 172}},
> + {{ 87, 87, 249, 174}}, {{ 88, 88, 232, 176}}, {{ 89, 89, 235, 178}},
> + {{ 90, 90, 238, 180}}, {{ 91, 91, 237, 182}}, {{ 92, 92, 228, 184}},
> + {{ 93, 93, 231, 186}}, {{ 94, 94, 226, 188}}, {{ 95, 95, 225, 190}},
> + {{ 96, 96, 160, 192}}, {{ 97, 97, 163, 194}}, {{ 98, 98, 166, 196}},
> + {{ 99, 99, 165, 198}}, {{100, 100, 172, 200}}, {{101, 101, 175, 202}},
> + {{102, 102, 170, 204}}, {{103, 103, 169, 206}}, {{104, 104, 184, 208}},
> + {{105, 105, 187, 210}}, {{106, 106, 190, 212}}, {{107, 107, 189, 214}},
> + {{108, 108, 180, 216}}, {{109, 109, 183, 218}}, {{110, 110, 178, 220}},
> + {{111, 111, 177, 222}}, {{112, 112, 144, 224}}, {{113, 113, 147, 226}},
> + {{114, 114, 150, 228}}, {{115, 115, 149, 230}}, {{116, 116, 156, 232}},
> + {{117, 117, 159, 234}}, {{118, 118, 154, 236}}, {{119, 119, 153, 238}},
> + {{120, 120, 136, 240}}, {{121, 121, 139, 242}}, {{122, 122, 142, 244}},
> + {{123, 123, 141, 246}}, {{124, 124, 132, 248}}, {{125, 125, 135, 250}},
> + {{126, 126, 130, 252}}, {{127, 127, 129, 254}}, {{128, 128, 155, 27}},
> + {{129, 129, 152, 25}}, {{130, 130, 157, 31}}, {{131, 131, 158, 29}},
> + {{132, 132, 151, 19}}, {{133, 133, 148, 17}}, {{134, 134, 145, 23}},
> + {{135, 135, 146, 21}}, {{136, 136, 131, 11}}, {{137, 137, 128, 9}},
> + {{138, 138, 133, 15}}, {{139, 139, 134, 13}}, {{140, 140, 143, 3}},
> + {{141, 141, 140, 1}}, {{142, 142, 137, 7}}, {{143, 143, 138, 5}},
> + {{144, 144, 171, 59}}, {{145, 145, 168, 57}}, {{146, 146, 173, 63}},
> + {{147, 147, 174, 61}}, {{148, 148, 167, 51}}, {{149, 149, 164, 49}},
> + {{150, 150, 161, 55}}, {{151, 151, 162, 53}}, {{152, 152, 179, 43}},
> + {{153, 153, 176, 41}}, {{154, 154, 181, 47}}, {{155, 155, 182, 45}},
> + {{156, 156, 191, 35}}, {{157, 157, 188, 33}}, {{158, 158, 185, 39}},
> + {{159, 159, 186, 37}}, {{160, 160, 251, 91}}, {{161, 161, 248, 89}},
> + {{162, 162, 253, 95}}, {{163, 163, 254, 93}}, {{164, 164, 247, 83}},
> + {{165, 165, 244, 81}}, {{166, 166, 241, 87}}, {{167, 167, 242, 85}},
> + {{168, 168, 227, 75}}, {{169, 169, 224, 73}}, {{170, 170, 229, 79}},
> + {{171, 171, 230, 77}}, {{172, 172, 239, 67}}, {{173, 173, 236, 65}},
> + {{174, 174, 233, 71}}, {{175, 175, 234, 69}}, {{176, 176, 203, 123}},
> + {{177, 177, 200, 121}}, {{178, 178, 205, 127}}, {{179, 179, 206, 125}},
> + {{180, 180, 199, 115}}, {{181, 181, 196, 113}}, {{182, 182, 193, 119}},
> + {{183, 183, 194, 117}}, {{184, 184, 211, 107}}, {{185, 185, 208, 105}},
> + {{186, 186, 213, 111}}, {{187, 187, 214, 109}}, {{188, 188, 223, 99}},
> + {{189, 189, 220, 97}}, {{190, 190, 217, 103}}, {{191, 191, 218, 101}},
> + {{192, 192, 91, 155}}, {{193, 193, 88, 153}}, {{194, 194, 93, 159}},
> + {{195, 195, 94, 157}}, {{196, 196, 87, 147}}, {{197, 197, 84, 145}},
> + {{198, 198, 81, 151}}, {{199, 199, 82, 149}}, {{200, 200, 67, 139}},
> + {{201, 201, 64, 137}}, {{202, 202, 69, 143}}, {{203, 203, 70, 141}},
> + {{204, 204, 79, 131}}, {{205, 205, 76, 129}}, {{206, 206, 73, 135}},
> + {{207, 207, 74, 133}}, {{208, 208, 107, 187}}, {{209, 209, 104, 185}},
> + {{210, 210, 109, 191}}, {{211, 211, 110, 189}}, {{212, 212, 103, 179}},
> + {{213, 213, 100, 177}}, {{214, 214, 97, 183}}, {{215, 215, 98, 181}},
> + {{216, 216, 115, 171}}, {{217, 217, 112, 169}}, {{218, 218, 117, 175}},
> + {{219, 219, 118, 173}}, {{220, 220, 127, 163}}, {{221, 221, 124, 161}},
> + {{222, 222, 121, 167}}, {{223, 223, 122, 165}}, {{224, 224, 59, 219}},
> + {{225, 225, 56, 217}}, {{226, 226, 61, 223}}, {{227, 227, 62, 221}},
> + {{228, 228, 55, 211}}, {{229, 229, 52, 209}}, {{230, 230, 49, 215}},
> + {{231, 231, 50, 213}}, {{232, 232, 35, 203}}, {{233, 233, 32, 201}},
> + {{234, 234, 37, 207}}, {{235, 235, 38, 205}}, {{236, 236, 47, 195}},
> + {{237, 237, 44, 193}}, {{238, 238, 41, 199}}, {{239, 239, 42, 197}},
> + {{240, 240, 11, 251}}, {{241, 241, 8, 249}}, {{242, 242, 13, 255}},
> + {{243, 243, 14, 253}}, {{244, 244, 7, 243}}, {{245, 245, 4, 241}},
> + {{246, 246, 1, 247}}, {{247, 247, 2, 245}}, {{248, 248, 19, 235}},
> + {{249, 249, 16, 233}}, {{250, 250, 21, 239}}, {{251, 251, 22, 237}},
> + {{252, 252, 31, 227}}, {{253, 253, 28, 225}}, {{254, 254, 25, 231}},
> + {{255, 255, 26, 229}},
> + },
> +};
> +
> +word8x4 M1[4][256] = {
> + {
> + {{ 0, 0, 0, 0}}, {{ 14, 9, 13, 11}}, {{ 28, 18, 26, 22}},
> + {{ 18, 27, 23, 29}}, {{ 56, 36, 52, 44}}, {{ 54, 45, 57, 39}},
> + {{ 36, 54, 46, 58}}, {{ 42, 63, 35, 49}}, {{112, 72, 104, 88}},
> + {{126, 65, 101, 83}}, {{108, 90, 114, 78}}, {{ 98, 83, 127, 69}},
> + {{ 72, 108, 92, 116}}, {{ 70, 101, 81, 127}}, {{ 84, 126, 70, 98}},
> + {{ 90, 119, 75, 105}}, {{224, 144, 208, 176}}, {{238, 153, 221, 187}},
> + {{252, 130, 202, 166}}, {{242, 139, 199, 173}}, {{216, 180, 228, 156}},
> + {{214, 189, 233, 151}}, {{196, 166, 254, 138}}, {{202, 175, 243, 129}},
> + {{144, 216, 184, 232}}, {{158, 209, 181, 227}}, {{140, 202, 162, 254}},
> + {{130, 195, 175, 245}}, {{168, 252, 140, 196}}, {{166, 245, 129, 207}},
> + {{180, 238, 150, 210}}, {{186, 231, 155, 217}}, {{219, 59, 187, 123}},
> + {{213, 50, 182, 112}}, {{199, 41, 161, 109}}, {{201, 32, 172, 102}},
> + {{227, 31, 143, 87}}, {{237, 22, 130, 92}}, {{255, 13, 149, 65}},
> + {{241, 4, 152, 74}}, {{171, 115, 211, 35}}, {{165, 122, 222, 40}},
> + {{183, 97, 201, 53}}, {{185, 104, 196, 62}}, {{147, 87, 231, 15}},
> + {{157, 94, 234, 4}}, {{143, 69, 253, 25}}, {{129, 76, 240, 18}},
> + {{ 59, 171, 107, 203}}, {{ 53, 162, 102, 192}}, {{ 39, 185, 113, 221}},
> + {{ 41, 176, 124, 214}}, {{ 3, 143, 95, 231}}, {{ 13, 134, 82, 236}},
> + {{ 31, 157, 69, 241}}, {{ 17, 148, 72, 250}}, {{ 75, 227, 3, 147}},
> + {{ 69, 234, 14, 152}}, {{ 87, 241, 25, 133}}, {{ 89, 248, 20, 142}},
> + {{115, 199, 55, 191}}, {{125, 206, 58, 180}}, {{111, 213, 45, 169}},
> + {{ 97, 220, 32, 162}}, {{173, 118, 109, 246}}, {{163, 127, 96, 253}},
> + {{177, 100, 119, 224}}, {{191, 109, 122, 235}}, {{149, 82, 89, 218}},
> + {{155, 91, 84, 209}}, {{137, 64, 67, 204}}, {{135, 73, 78, 199}},
> + {{221, 62, 5, 174}}, {{211, 55, 8, 165}}, {{193, 44, 31, 184}},
> + {{207, 37, 18, 179}}, {{229, 26, 49, 130}}, {{235, 19, 60, 137}},
> + {{249, 8, 43, 148}}, {{247, 1, 38, 159}}, {{ 77, 230, 189, 70}},
> + {{ 67, 239, 176, 77}}, {{ 81, 244, 167, 80}}, {{ 95, 253, 170, 91}},
> + {{117, 194, 137, 106}}, {{123, 203, 132, 97}}, {{105, 208, 147, 124}},
> + {{103, 217, 158, 119}}, {{ 61, 174, 213, 30}}, {{ 51, 167, 216, 21}},
> + {{ 33, 188, 207, 8}}, {{ 47, 181, 194, 3}}, {{ 5, 138, 225, 50}},
> + {{ 11, 131, 236, 57}}, {{ 25, 152, 251, 36}}, {{ 23, 145, 246, 47}},
> + {{118, 77, 214, 141}}, {{120, 68, 219, 134}}, {{106, 95, 204, 155}},
> + {{100, 86, 193, 144}}, {{ 78, 105, 226, 161}}, {{ 64, 96, 239, 170}},
> + {{ 82, 123, 248, 183}}, {{ 92, 114, 245, 188}}, {{ 6, 5, 190, 213}},
> + {{ 8, 12, 179, 222}}, {{ 26, 23, 164, 195}}, {{ 20, 30, 169, 200}},
> + {{ 62, 33, 138, 249}}, {{ 48, 40, 135, 242}}, {{ 34, 51, 144, 239}},
> + {{ 44, 58, 157, 228}}, {{150, 221, 6, 61}}, {{152, 212, 11, 54}},
> + {{138, 207, 28, 43}}, {{132, 198, 17, 32}}, {{174, 249, 50, 17}},
> + {{160, 240, 63, 26}}, {{178, 235, 40, 7}}, {{188, 226, 37, 12}},
> + {{230, 149, 110, 101}}, {{232, 156, 99, 110}}, {{250, 135, 116, 115}},
> + {{244, 142, 121, 120}}, {{222, 177, 90, 73}}, {{208, 184, 87, 66}},
> + {{194, 163, 64, 95}}, {{204, 170, 77, 84}}, {{ 65, 236, 218, 247}},
> + {{ 79, 229, 215, 252}}, {{ 93, 254, 192, 225}}, {{ 83, 247, 205, 234}},
> + {{121, 200, 238, 219}}, {{119, 193, 227, 208}}, {{101, 218, 244, 205}},
> + {{107, 211, 249, 198}}, {{ 49, 164, 178, 175}}, {{ 63, 173, 191, 164}},
> + {{ 45, 182, 168, 185}}, {{ 35, 191, 165, 178}}, {{ 9, 128, 134, 131}},
> + {{ 7, 137, 139, 136}}, {{ 21, 146, 156, 149}}, {{ 27, 155, 145, 158}},
> + {{161, 124, 10, 71}}, {{175, 117, 7, 76}}, {{189, 110, 16, 81}},
> + {{179, 103, 29, 90}}, {{153, 88, 62, 107}}, {{151, 81, 51, 96}},
> + {{133, 74, 36, 125}}, {{139, 67, 41, 118}}, {{209, 52, 98, 31}},
> + {{223, 61, 111, 20}}, {{205, 38, 120, 9}}, {{195, 47, 117, 2}},
> + {{233, 16, 86, 51}}, {{231, 25, 91, 56}}, {{245, 2, 76, 37}},
> + {{251, 11, 65, 46}}, {{154, 215, 97, 140}}, {{148, 222, 108, 135}},
> + {{134, 197, 123, 154}}, {{136, 204, 118, 145}}, {{162, 243, 85, 160}},
> + {{172, 250, 88, 171}}, {{190, 225, 79, 182}}, {{176, 232, 66, 189}},
> + {{234, 159, 9, 212}}, {{228, 150, 4, 223}}, {{246, 141, 19, 194}},
> + {{248, 132, 30, 201}}, {{210, 187, 61, 248}}, {{220, 178, 48, 243}},
> + {{206, 169, 39, 238}}, {{192, 160, 42, 229}}, {{122, 71, 177, 60}},
> + {{116, 78, 188, 55}}, {{102, 85, 171, 42}}, {{104, 92, 166, 33}},
> + {{ 66, 99, 133, 16}}, {{ 76, 106, 136, 27}}, {{ 94, 113, 159, 6}},
> + {{ 80, 120, 146, 13}}, {{ 10, 15, 217, 100}}, {{ 4, 6, 212, 111}},
> + {{ 22, 29, 195, 114}}, {{ 24, 20, 206, 121}}, {{ 50, 43, 237, 72}},
> + {{ 60, 34, 224, 67}}, {{ 46, 57, 247, 94}}, {{ 32, 48, 250, 85}},
> + {{236, 154, 183, 1}}, {{226, 147, 186, 10}}, {{240, 136, 173, 23}},
> + {{254, 129, 160, 28}}, {{212, 190, 131, 45}}, {{218, 183, 142, 38}},
> + {{200, 172, 153, 59}}, {{198, 165, 148, 48}}, {{156, 210, 223, 89}},
> + {{146, 219, 210, 82}}, {{128, 192, 197, 79}}, {{142, 201, 200, 68}},
> + {{164, 246, 235, 117}}, {{170, 255, 230, 126}}, {{184, 228, 241, 99}},
> + {{182, 237, 252, 104}}, {{ 12, 10, 103, 177}}, {{ 2, 3, 106, 186}},
> + {{ 16, 24, 125, 167}}, {{ 30, 17, 112, 172}}, {{ 52, 46, 83, 157}},
> + {{ 58, 39, 94, 150}}, {{ 40, 60, 73, 139}}, {{ 38, 53, 68, 128}},
> + {{124, 66, 15, 233}}, {{114, 75, 2, 226}}, {{ 96, 80, 21, 255}},
> + {{110, 89, 24, 244}}, {{ 68, 102, 59, 197}}, {{ 74, 111, 54, 206}},
> + {{ 88, 116, 33, 211}}, {{ 86, 125, 44, 216}}, {{ 55, 161, 12, 122}},
> + {{ 57, 168, 1, 113}}, {{ 43, 179, 22, 108}}, {{ 37, 186, 27, 103}},
> + {{ 15, 133, 56, 86}}, {{ 1, 140, 53, 93}}, {{ 19, 151, 34, 64}},
> + {{ 29, 158, 47, 75}}, {{ 71, 233, 100, 34}}, {{ 73, 224, 105, 41}},
> + {{ 91, 251, 126, 52}}, {{ 85, 242, 115, 63}}, {{127, 205, 80, 14}},
> + {{113, 196, 93, 5}}, {{ 99, 223, 74, 24}}, {{109, 214, 71, 19}},
> + {{215, 49, 220, 202}}, {{217, 56, 209, 193}}, {{203, 35, 198, 220}},
> + {{197, 42, 203, 215}}, {{239, 21, 232, 230}}, {{225, 28, 229, 237}},
> + {{243, 7, 242, 240}}, {{253, 14, 255, 251}}, {{167, 121, 180, 146}},
> + {{169, 112, 185, 153}}, {{187, 107, 174, 132}}, {{181, 98, 163, 143}},
> + {{159, 93, 128, 190}}, {{145, 84, 141, 181}}, {{131, 79, 154, 168}},
> + {{141, 70, 151, 163}},
> + },
> + {
> + {{ 0, 0, 0, 0}}, {{ 11, 14, 9, 13}}, {{ 22, 28, 18, 26}},
> + {{ 29, 18, 27, 23}}, {{ 44, 56, 36, 52}}, {{ 39, 54, 45, 57}},
> + {{ 58, 36, 54, 46}}, {{ 49, 42, 63, 35}}, {{ 88, 112, 72, 104}},
> + {{ 83, 126, 65, 101}}, {{ 78, 108, 90, 114}}, {{ 69, 98, 83, 127}},
> + {{116, 72, 108, 92}}, {{127, 70, 101, 81}}, {{ 98, 84, 126, 70}},
> + {{105, 90, 119, 75}}, {{176, 224, 144, 208}}, {{187, 238, 153, 221}},
> + {{166, 252, 130, 202}}, {{173, 242, 139, 199}}, {{156, 216, 180, 228}},
> + {{151, 214, 189, 233}}, {{138, 196, 166, 254}}, {{129, 202, 175, 243}},
> + {{232, 144, 216, 184}}, {{227, 158, 209, 181}}, {{254, 140, 202, 162}},
> + {{245, 130, 195, 175}}, {{196, 168, 252, 140}}, {{207, 166, 245, 129}},
> + {{210, 180, 238, 150}}, {{217, 186, 231, 155}}, {{123, 219, 59, 187}},
> + {{112, 213, 50, 182}}, {{109, 199, 41, 161}}, {{102, 201, 32, 172}},
> + {{ 87, 227, 31, 143}}, {{ 92, 237, 22, 130}}, {{ 65, 255, 13, 149}},
> + {{ 74, 241, 4, 152}}, {{ 35, 171, 115, 211}}, {{ 40, 165, 122, 222}},
> + {{ 53, 183, 97, 201}}, {{ 62, 185, 104, 196}}, {{ 15, 147, 87, 231}},
> + {{ 4, 157, 94, 234}}, {{ 25, 143, 69, 253}}, {{ 18, 129, 76, 240}},
> + {{203, 59, 171, 107}}, {{192, 53, 162, 102}}, {{221, 39, 185, 113}},
> + {{214, 41, 176, 124}}, {{231, 3, 143, 95}}, {{236, 13, 134, 82}},
> + {{241, 31, 157, 69}}, {{250, 17, 148, 72}}, {{147, 75, 227, 3}},
> + {{152, 69, 234, 14}}, {{133, 87, 241, 25}}, {{142, 89, 248, 20}},
> + {{191, 115, 199, 55}}, {{180, 125, 206, 58}}, {{169, 111, 213, 45}},
> + {{162, 97, 220, 32}}, {{246, 173, 118, 109}}, {{253, 163, 127, 96}},
> + {{224, 177, 100, 119}}, {{235, 191, 109, 122}}, {{218, 149, 82, 89}},
> + {{209, 155, 91, 84}}, {{204, 137, 64, 67}}, {{199, 135, 73, 78}},
> + {{174, 221, 62, 5}}, {{165, 211, 55, 8}}, {{184, 193, 44, 31}},
> + {{179, 207, 37, 18}}, {{130, 229, 26, 49}}, {{137, 235, 19, 60}},
> + {{148, 249, 8, 43}}, {{159, 247, 1, 38}}, {{ 70, 77, 230, 189}},
> + {{ 77, 67, 239, 176}}, {{ 80, 81, 244, 167}}, {{ 91, 95, 253, 170}},
> + {{106, 117, 194, 137}}, {{ 97, 123, 203, 132}}, {{124, 105, 208, 147}},
> + {{119, 103, 217, 158}}, {{ 30, 61, 174, 213}}, {{ 21, 51, 167, 216}},
> + {{ 8, 33, 188, 207}}, {{ 3, 47, 181, 194}}, {{ 50, 5, 138, 225}},
> + {{ 57, 11, 131, 236}}, {{ 36, 25, 152, 251}}, {{ 47, 23, 145, 246}},
> + {{141, 118, 77, 214}}, {{134, 120, 68, 219}}, {{155, 106, 95, 204}},
> + {{144, 100, 86, 193}}, {{161, 78, 105, 226}}, {{170, 64, 96, 239}},
> + {{183, 82, 123, 248}}, {{188, 92, 114, 245}}, {{213, 6, 5, 190}},
> + {{222, 8, 12, 179}}, {{195, 26, 23, 164}}, {{200, 20, 30, 169}},
> + {{249, 62, 33, 138}}, {{242, 48, 40, 135}}, {{239, 34, 51, 144}},
> + {{228, 44, 58, 157}}, {{ 61, 150, 221, 6}}, {{ 54, 152, 212, 11}},
> + {{ 43, 138, 207, 28}}, {{ 32, 132, 198, 17}}, {{ 17, 174, 249, 50}},
> + {{ 26, 160, 240, 63}}, {{ 7, 178, 235, 40}}, {{ 12, 188, 226, 37}},
> + {{101, 230, 149, 110}}, {{110, 232, 156, 99}}, {{115, 250, 135, 116}},
> + {{120, 244, 142, 121}}, {{ 73, 222, 177, 90}}, {{ 66, 208, 184, 87}},
> + {{ 95, 194, 163, 64}}, {{ 84, 204, 170, 77}}, {{247, 65, 236, 218}},
> + {{252, 79, 229, 215}}, {{225, 93, 254, 192}}, {{234, 83, 247, 205}},
> + {{219, 121, 200, 238}}, {{208, 119, 193, 227}}, {{205, 101, 218, 244}},
> + {{198, 107, 211, 249}}, {{175, 49, 164, 178}}, {{164, 63, 173, 191}},
> + {{185, 45, 182, 168}}, {{178, 35, 191, 165}}, {{131, 9, 128, 134}},
> + {{136, 7, 137, 139}}, {{149, 21, 146, 156}}, {{158, 27, 155, 145}},
> + {{ 71, 161, 124, 10}}, {{ 76, 175, 117, 7}}, {{ 81, 189, 110, 16}},
> + {{ 90, 179, 103, 29}}, {{107, 153, 88, 62}}, {{ 96, 151, 81, 51}},
> + {{125, 133, 74, 36}}, {{118, 139, 67, 41}}, {{ 31, 209, 52, 98}},
> + {{ 20, 223, 61, 111}}, {{ 9, 205, 38, 120}}, {{ 2, 195, 47, 117}},
> + {{ 51, 233, 16, 86}}, {{ 56, 231, 25, 91}}, {{ 37, 245, 2, 76}},
> + {{ 46, 251, 11, 65}}, {{140, 154, 215, 97}}, {{135, 148, 222, 108}},
> + {{154, 134, 197, 123}}, {{145, 136, 204, 118}}, {{160, 162, 243, 85}},
> + {{171, 172, 250, 88}}, {{182, 190, 225, 79}}, {{189, 176, 232, 66}},
> + {{212, 234, 159, 9}}, {{223, 228, 150, 4}}, {{194, 246, 141, 19}},
> + {{201, 248, 132, 30}}, {{248, 210, 187, 61}}, {{243, 220, 178, 48}},
> + {{238, 206, 169, 39}}, {{229, 192, 160, 42}}, {{ 60, 122, 71, 177}},
> + {{ 55, 116, 78, 188}}, {{ 42, 102, 85, 171}}, {{ 33, 104, 92, 166}},
> + {{ 16, 66, 99, 133}}, {{ 27, 76, 106, 136}}, {{ 6, 94, 113, 159}},
> + {{ 13, 80, 120, 146}}, {{100, 10, 15, 217}}, {{111, 4, 6, 212}},
> + {{114, 22, 29, 195}}, {{121, 24, 20, 206}}, {{ 72, 50, 43, 237}},
> + {{ 67, 60, 34, 224}}, {{ 94, 46, 57, 247}}, {{ 85, 32, 48, 250}},
> + {{ 1, 236, 154, 183}}, {{ 10, 226, 147, 186}}, {{ 23, 240, 136, 173}},
> + {{ 28, 254, 129, 160}}, {{ 45, 212, 190, 131}}, {{ 38, 218, 183, 142}},
> + {{ 59, 200, 172, 153}}, {{ 48, 198, 165, 148}}, {{ 89, 156, 210, 223}},
> + {{ 82, 146, 219, 210}}, {{ 79, 128, 192, 197}}, {{ 68, 142, 201, 200}},
> + {{117, 164, 246, 235}}, {{126, 170, 255, 230}}, {{ 99, 184, 228, 241}},
> + {{104, 182, 237, 252}}, {{177, 12, 10, 103}}, {{186, 2, 3, 106}},
> + {{167, 16, 24, 125}}, {{172, 30, 17, 112}}, {{157, 52, 46, 83}},
> + {{150, 58, 39, 94}}, {{139, 40, 60, 73}}, {{128, 38, 53, 68}},
> + {{233, 124, 66, 15}}, {{226, 114, 75, 2}}, {{255, 96, 80, 21}},
> + {{244, 110, 89, 24}}, {{197, 68, 102, 59}}, {{206, 74, 111, 54}},
> + {{211, 88, 116, 33}}, {{216, 86, 125, 44}}, {{122, 55, 161, 12}},
> + {{113, 57, 168, 1}}, {{108, 43, 179, 22}}, {{103, 37, 186, 27}},
> + {{ 86, 15, 133, 56}}, {{ 93, 1, 140, 53}}, {{ 64, 19, 151, 34}},
> + {{ 75, 29, 158, 47}}, {{ 34, 71, 233, 100}}, {{ 41, 73, 224, 105}},
> + {{ 52, 91, 251, 126}}, {{ 63, 85, 242, 115}}, {{ 14, 127, 205, 80}},
> + {{ 5, 113, 196, 93}}, {{ 24, 99, 223, 74}}, {{ 19, 109, 214, 71}},
> + {{202, 215, 49, 220}}, {{193, 217, 56, 209}}, {{220, 203, 35, 198}},
> + {{215, 197, 42, 203}}, {{230, 239, 21, 232}}, {{237, 225, 28, 229}},
> + {{240, 243, 7, 242}}, {{251, 253, 14, 255}}, {{146, 167, 121, 180}},
> + {{153, 169, 112, 185}}, {{132, 187, 107, 174}}, {{143, 181, 98, 163}},
> + {{190, 159, 93, 128}}, {{181, 145, 84, 141}}, {{168, 131, 79, 154}},
> + {{163, 141, 70, 151}},
> + },
> + {
> + {{ 0, 0, 0, 0}}, {{ 13, 11, 14, 9}}, {{ 26, 22, 28, 18}},
> + {{ 23, 29, 18, 27}}, {{ 52, 44, 56, 36}}, {{ 57, 39, 54, 45}},
> + {{ 46, 58, 36, 54}}, {{ 35, 49, 42, 63}}, {{104, 88, 112, 72}},
> + {{101, 83, 126, 65}}, {{114, 78, 108, 90}}, {{127, 69, 98, 83}},
> + {{ 92, 116, 72, 108}}, {{ 81, 127, 70, 101}}, {{ 70, 98, 84, 126}},
> + {{ 75, 105, 90, 119}}, {{208, 176, 224, 144}}, {{221, 187, 238, 153}},
> + {{202, 166, 252, 130}}, {{199, 173, 242, 139}}, {{228, 156, 216, 180}},
> + {{233, 151, 214, 189}}, {{254, 138, 196, 166}}, {{243, 129, 202, 175}},
> + {{184, 232, 144, 216}}, {{181, 227, 158, 209}}, {{162, 254, 140, 202}},
> + {{175, 245, 130, 195}}, {{140, 196, 168, 252}}, {{129, 207, 166, 245}},
> + {{150, 210, 180, 238}}, {{155, 217, 186, 231}}, {{187, 123, 219, 59}},
> + {{182, 112, 213, 50}}, {{161, 109, 199, 41}}, {{172, 102, 201, 32}},
> + {{143, 87, 227, 31}}, {{130, 92, 237, 22}}, {{149, 65, 255, 13}},
> + {{152, 74, 241, 4}}, {{211, 35, 171, 115}}, {{222, 40, 165, 122}},
> + {{201, 53, 183, 97}}, {{196, 62, 185, 104}}, {{231, 15, 147, 87}},
> + {{234, 4, 157, 94}}, {{253, 25, 143, 69}}, {{240, 18, 129, 76}},
> + {{107, 203, 59, 171}}, {{102, 192, 53, 162}}, {{113, 221, 39, 185}},
> + {{124, 214, 41, 176}}, {{ 95, 231, 3, 143}}, {{ 82, 236, 13, 134}},
> + {{ 69, 241, 31, 157}}, {{ 72, 250, 17, 148}}, {{ 3, 147, 75, 227}},
> + {{ 14, 152, 69, 234}}, {{ 25, 133, 87, 241}}, {{ 20, 142, 89, 248}},
> + {{ 55, 191, 115, 199}}, {{ 58, 180, 125, 206}}, {{ 45, 169, 111, 213}},
> + {{ 32, 162, 97, 220}}, {{109, 246, 173, 118}}, {{ 96, 253, 163, 127}},
> + {{119, 224, 177, 100}}, {{122, 235, 191, 109}}, {{ 89, 218, 149, 82}},
> + {{ 84, 209, 155, 91}}, {{ 67, 204, 137, 64}}, {{ 78, 199, 135, 73}},
> + {{ 5, 174, 221, 62}}, {{ 8, 165, 211, 55}}, {{ 31, 184, 193, 44}},
> + {{ 18, 179, 207, 37}}, {{ 49, 130, 229, 26}}, {{ 60, 137, 235, 19}},
> + {{ 43, 148, 249, 8}}, {{ 38, 159, 247, 1}}, {{189, 70, 77, 230}},
> + {{176, 77, 67, 239}}, {{167, 80, 81, 244}}, {{170, 91, 95, 253}},
> + {{137, 106, 117, 194}}, {{132, 97, 123, 203}}, {{147, 124, 105, 208}},
> + {{158, 119, 103, 217}}, {{213, 30, 61, 174}}, {{216, 21, 51, 167}},
> + {{207, 8, 33, 188}}, {{194, 3, 47, 181}}, {{225, 50, 5, 138}},
> + {{236, 57, 11, 131}}, {{251, 36, 25, 152}}, {{246, 47, 23, 145}},
> + {{214, 141, 118, 77}}, {{219, 134, 120, 68}}, {{204, 155, 106, 95}},
> + {{193, 144, 100, 86}}, {{226, 161, 78, 105}}, {{239, 170, 64, 96}},
> + {{248, 183, 82, 123}}, {{245, 188, 92, 114}}, {{190, 213, 6, 5}},
> + {{179, 222, 8, 12}}, {{164, 195, 26, 23}}, {{169, 200, 20, 30}},
> + {{138, 249, 62, 33}}, {{135, 242, 48, 40}}, {{144, 239, 34, 51}},
> + {{157, 228, 44, 58}}, {{ 6, 61, 150, 221}}, {{ 11, 54, 152, 212}},
> + {{ 28, 43, 138, 207}}, {{ 17, 32, 132, 198}}, {{ 50, 17, 174, 249}},
> + {{ 63, 26, 160, 240}}, {{ 40, 7, 178, 235}}, {{ 37, 12, 188, 226}},
> + {{110, 101, 230, 149}}, {{ 99, 110, 232, 156}}, {{116, 115, 250, 135}},
> + {{121, 120, 244, 142}}, {{ 90, 73, 222, 177}}, {{ 87, 66, 208, 184}},
> + {{ 64, 95, 194, 163}}, {{ 77, 84, 204, 170}}, {{218, 247, 65, 236}},
> + {{215, 252, 79, 229}}, {{192, 225, 93, 254}}, {{205, 234, 83, 247}},
> + {{238, 219, 121, 200}}, {{227, 208, 119, 193}}, {{244, 205, 101, 218}},
> + {{249, 198, 107, 211}}, {{178, 175, 49, 164}}, {{191, 164, 63, 173}},
> + {{168, 185, 45, 182}}, {{165, 178, 35, 191}}, {{134, 131, 9, 128}},
> + {{139, 136, 7, 137}}, {{156, 149, 21, 146}}, {{145, 158, 27, 155}},
> + {{ 10, 71, 161, 124}}, {{ 7, 76, 175, 117}}, {{ 16, 81, 189, 110}},
> + {{ 29, 90, 179, 103}}, {{ 62, 107, 153, 88}}, {{ 51, 96, 151, 81}},
> + {{ 36, 125, 133, 74}}, {{ 41, 118, 139, 67}}, {{ 98, 31, 209, 52}},
> + {{111, 20, 223, 61}}, {{120, 9, 205, 38}}, {{117, 2, 195, 47}},
> + {{ 86, 51, 233, 16}}, {{ 91, 56, 231, 25}}, {{ 76, 37, 245, 2}},
> + {{ 65, 46, 251, 11}}, {{ 97, 140, 154, 215}}, {{108, 135, 148, 222}},
> + {{123, 154, 134, 197}}, {{118, 145, 136, 204}}, {{ 85, 160, 162, 243}},
> + {{ 88, 171, 172, 250}}, {{ 79, 182, 190, 225}}, {{ 66, 189, 176, 232}},
> + {{ 9, 212, 234, 159}}, {{ 4, 223, 228, 150}}, {{ 19, 194, 246, 141}},
> + {{ 30, 201, 248, 132}}, {{ 61, 248, 210, 187}}, {{ 48, 243, 220, 178}},
> + {{ 39, 238, 206, 169}}, {{ 42, 229, 192, 160}}, {{177, 60, 122, 71}},
> + {{188, 55, 116, 78}}, {{171, 42, 102, 85}}, {{166, 33, 104, 92}},
> + {{133, 16, 66, 99}}, {{136, 27, 76, 106}}, {{159, 6, 94, 113}},
> + {{146, 13, 80, 120}}, {{217, 100, 10, 15}}, {{212, 111, 4, 6}},
> + {{195, 114, 22, 29}}, {{206, 121, 24, 20}}, {{237, 72, 50, 43}},
> + {{224, 67, 60, 34}}, {{247, 94, 46, 57}}, {{250, 85, 32, 48}},
> + {{183, 1, 236, 154}}, {{186, 10, 226, 147}}, {{173, 23, 240, 136}},
> + {{160, 28, 254, 129}}, {{131, 45, 212, 190}}, {{142, 38, 218, 183}},
> + {{153, 59, 200, 172}}, {{148, 48, 198, 165}}, {{223, 89, 156, 210}},
> + {{210, 82, 146, 219}}, {{197, 79, 128, 192}}, {{200, 68, 142, 201}},
> + {{235, 117, 164, 246}}, {{230, 126, 170, 255}}, {{241, 99, 184, 228}},
> + {{252, 104, 182, 237}}, {{103, 177, 12, 10}}, {{106, 186, 2, 3}},
> + {{125, 167, 16, 24}}, {{112, 172, 30, 17}}, {{ 83, 157, 52, 46}},
> + {{ 94, 150, 58, 39}}, {{ 73, 139, 40, 60}}, {{ 68, 128, 38, 53}},
> + {{ 15, 233, 124, 66}}, {{ 2, 226, 114, 75}}, {{ 21, 255, 96, 80}},
> + {{ 24, 244, 110, 89}}, {{ 59, 197, 68, 102}}, {{ 54, 206, 74, 111}},
> + {{ 33, 211, 88, 116}}, {{ 44, 216, 86, 125}}, {{ 12, 122, 55, 161}},
> + {{ 1, 113, 57, 168}}, {{ 22, 108, 43, 179}}, {{ 27, 103, 37, 186}},
> + {{ 56, 86, 15, 133}}, {{ 53, 93, 1, 140}}, {{ 34, 64, 19, 151}},
> + {{ 47, 75, 29, 158}}, {{100, 34, 71, 233}}, {{105, 41, 73, 224}},
> + {{126, 52, 91, 251}}, {{115, 63, 85, 242}}, {{ 80, 14, 127, 205}},
> + {{ 93, 5, 113, 196}}, {{ 74, 24, 99, 223}}, {{ 71, 19, 109, 214}},
> + {{220, 202, 215, 49}}, {{209, 193, 217, 56}}, {{198, 220, 203, 35}},
> + {{203, 215, 197, 42}}, {{232, 230, 239, 21}}, {{229, 237, 225, 28}},
> + {{242, 240, 243, 7}}, {{255, 251, 253, 14}}, {{180, 146, 167, 121}},
> + {{185, 153, 169, 112}}, {{174, 132, 187, 107}}, {{163, 143, 181, 98}},
> + {{128, 190, 159, 93}}, {{141, 181, 145, 84}}, {{154, 168, 131, 79}},
> + {{151, 163, 141, 70}},
> + },
> + {
> + {{ 0, 0, 0, 0}}, {{ 9, 13, 11, 14}}, {{ 18, 26, 22, 28}},
> + {{ 27, 23, 29, 18}}, {{ 36, 52, 44, 56}}, {{ 45, 57, 39, 54}},
> + {{ 54, 46, 58, 36}}, {{ 63, 35, 49, 42}}, {{ 72, 104, 88, 112}},
> + {{ 65, 101, 83, 126}}, {{ 90, 114, 78, 108}}, {{ 83, 127, 69, 98}},
> + {{108, 92, 116, 72}}, {{101, 81, 127, 70}}, {{126, 70, 98, 84}},
> + {{119, 75, 105, 90}}, {{144, 208, 176, 224}}, {{153, 221, 187, 238}},
> + {{130, 202, 166, 252}}, {{139, 199, 173, 242}}, {{180, 228, 156, 216}},
> + {{189, 233, 151, 214}}, {{166, 254, 138, 196}}, {{175, 243, 129, 202}},
> + {{216, 184, 232, 144}}, {{209, 181, 227, 158}}, {{202, 162, 254, 140}},
> + {{195, 175, 245, 130}}, {{252, 140, 196, 168}}, {{245, 129, 207, 166}},
> + {{238, 150, 210, 180}}, {{231, 155, 217, 186}}, {{ 59, 187, 123, 219}},
> + {{ 50, 182, 112, 213}}, {{ 41, 161, 109, 199}}, {{ 32, 172, 102, 201}},
> + {{ 31, 143, 87, 227}}, {{ 22, 130, 92, 237}}, {{ 13, 149, 65, 255}},
> + {{ 4, 152, 74, 241}}, {{115, 211, 35, 171}}, {{122, 222, 40, 165}},
> + {{ 97, 201, 53, 183}}, {{104, 196, 62, 185}}, {{ 87, 231, 15, 147}},
> + {{ 94, 234, 4, 157}}, {{ 69, 253, 25, 143}}, {{ 76, 240, 18, 129}},
> + {{171, 107, 203, 59}}, {{162, 102, 192, 53}}, {{185, 113, 221, 39}},
> + {{176, 124, 214, 41}}, {{143, 95, 231, 3}}, {{134, 82, 236, 13}},
> + {{157, 69, 241, 31}}, {{148, 72, 250, 17}}, {{227, 3, 147, 75}},
> + {{234, 14, 152, 69}}, {{241, 25, 133, 87}}, {{248, 20, 142, 89}},
> + {{199, 55, 191, 115}}, {{206, 58, 180, 125}}, {{213, 45, 169, 111}},
> + {{220, 32, 162, 97}}, {{118, 109, 246, 173}}, {{127, 96, 253, 163}},
> + {{100, 119, 224, 177}}, {{109, 122, 235, 191}}, {{ 82, 89, 218, 149}},
> + {{ 91, 84, 209, 155}}, {{ 64, 67, 204, 137}}, {{ 73, 78, 199, 135}},
> + {{ 62, 5, 174, 221}}, {{ 55, 8, 165, 211}}, {{ 44, 31, 184, 193}},
> + {{ 37, 18, 179, 207}}, {{ 26, 49, 130, 229}}, {{ 19, 60, 137, 235}},
> + {{ 8, 43, 148, 249}}, {{ 1, 38, 159, 247}}, {{230, 189, 70, 77}},
> + {{239, 176, 77, 67}}, {{244, 167, 80, 81}}, {{253, 170, 91, 95}},
> + {{194, 137, 106, 117}}, {{203, 132, 97, 123}}, {{208, 147, 124, 105}},
> + {{217, 158, 119, 103}}, {{174, 213, 30, 61}}, {{167, 216, 21, 51}},
> + {{188, 207, 8, 33}}, {{181, 194, 3, 47}}, {{138, 225, 50, 5}},
> + {{131, 236, 57, 11}}, {{152, 251, 36, 25}}, {{145, 246, 47, 23}},
> + {{ 77, 214, 141, 118}}, {{ 68, 219, 134, 120}}, {{ 95, 204, 155, 106}},
> + {{ 86, 193, 144, 100}}, {{105, 226, 161, 78}}, {{ 96, 239, 170, 64}},
> + {{123, 248, 183, 82}}, {{114, 245, 188, 92}}, {{ 5, 190, 213, 6}},
> + {{ 12, 179, 222, 8}}, {{ 23, 164, 195, 26}}, {{ 30, 169, 200, 20}},
> + {{ 33, 138, 249, 62}}, {{ 40, 135, 242, 48}}, {{ 51, 144, 239, 34}},
> + {{ 58, 157, 228, 44}}, {{221, 6, 61, 150}}, {{212, 11, 54, 152}},
> + {{207, 28, 43, 138}}, {{198, 17, 32, 132}}, {{249, 50, 17, 174}},
> + {{240, 63, 26, 160}}, {{235, 40, 7, 178}}, {{226, 37, 12, 188}},
> + {{149, 110, 101, 230}}, {{156, 99, 110, 232}}, {{135, 116, 115, 250}},
> + {{142, 121, 120, 244}}, {{177, 90, 73, 222}}, {{184, 87, 66, 208}},
> + {{163, 64, 95, 194}}, {{170, 77, 84, 204}}, {{236, 218, 247, 65}},
> + {{229, 215, 252, 79}}, {{254, 192, 225, 93}}, {{247, 205, 234, 83}},
> + {{200, 238, 219, 121}}, {{193, 227, 208, 119}}, {{218, 244, 205, 101}},
> + {{211, 249, 198, 107}}, {{164, 178, 175, 49}}, {{173, 191, 164, 63}},
> + {{182, 168, 185, 45}}, {{191, 165, 178, 35}}, {{128, 134, 131, 9}},
> + {{137, 139, 136, 7}}, {{146, 156, 149, 21}}, {{155, 145, 158, 27}},
> + {{124, 10, 71, 161}}, {{117, 7, 76, 175}}, {{110, 16, 81, 189}},
> + {{103, 29, 90, 179}}, {{ 88, 62, 107, 153}}, {{ 81, 51, 96, 151}},
> + {{ 74, 36, 125, 133}}, {{ 67, 41, 118, 139}}, {{ 52, 98, 31, 209}},
> + {{ 61, 111, 20, 223}}, {{ 38, 120, 9, 205}}, {{ 47, 117, 2, 195}},
> + {{ 16, 86, 51, 233}}, {{ 25, 91, 56, 231}}, {{ 2, 76, 37, 245}},
> + {{ 11, 65, 46, 251}}, {{215, 97, 140, 154}}, {{222, 108, 135, 148}},
> + {{197, 123, 154, 134}}, {{204, 118, 145, 136}}, {{243, 85, 160, 162}},
> + {{250, 88, 171, 172}}, {{225, 79, 182, 190}}, {{232, 66, 189, 176}},
> + {{159, 9, 212, 234}}, {{150, 4, 223, 228}}, {{141, 19, 194, 246}},
> + {{132, 30, 201, 248}}, {{187, 61, 248, 210}}, {{178, 48, 243, 220}},
> + {{169, 39, 238, 206}}, {{160, 42, 229, 192}}, {{ 71, 177, 60, 122}},
> + {{ 78, 188, 55, 116}}, {{ 85, 171, 42, 102}}, {{ 92, 166, 33, 104}},
> + {{ 99, 133, 16, 66}}, {{106, 136, 27, 76}}, {{113, 159, 6, 94}},
> + {{120, 146, 13, 80}}, {{ 15, 217, 100, 10}}, {{ 6, 212, 111, 4}},
> + {{ 29, 195, 114, 22}}, {{ 20, 206, 121, 24}}, {{ 43, 237, 72, 50}},
> + {{ 34, 224, 67, 60}}, {{ 57, 247, 94, 46}}, {{ 48, 250, 85, 32}},
> + {{154, 183, 1, 236}}, {{147, 186, 10, 226}}, {{136, 173, 23, 240}},
> + {{129, 160, 28, 254}}, {{190, 131, 45, 212}}, {{183, 142, 38, 218}},
> + {{172, 153, 59, 200}}, {{165, 148, 48, 198}}, {{210, 223, 89, 156}},
> + {{219, 210, 82, 146}}, {{192, 197, 79, 128}}, {{201, 200, 68, 142}},
> + {{246, 235, 117, 164}}, {{255, 230, 126, 170}}, {{228, 241, 99, 184}},
> + {{237, 252, 104, 182}}, {{ 10, 103, 177, 12}}, {{ 3, 106, 186, 2}},
> + {{ 24, 125, 167, 16}}, {{ 17, 112, 172, 30}}, {{ 46, 83, 157, 52}},
> + {{ 39, 94, 150, 58}}, {{ 60, 73, 139, 40}}, {{ 53, 68, 128, 38}},
> + {{ 66, 15, 233, 124}}, {{ 75, 2, 226, 114}}, {{ 80, 21, 255, 96}},
> + {{ 89, 24, 244, 110}}, {{102, 59, 197, 68}}, {{111, 54, 206, 74}},
> + {{116, 33, 211, 88}}, {{125, 44, 216, 86}}, {{161, 12, 122, 55}},
> + {{168, 1, 113, 57}}, {{179, 22, 108, 43}}, {{186, 27, 103, 37}},
> + {{133, 56, 86, 15}}, {{140, 53, 93, 1}}, {{151, 34, 64, 19}},
> + {{158, 47, 75, 29}}, {{233, 100, 34, 71}}, {{224, 105, 41, 73}},
> + {{251, 126, 52, 91}}, {{242, 115, 63, 85}}, {{205, 80, 14, 127}},
> + {{196, 93, 5, 113}}, {{223, 74, 24, 99}}, {{214, 71, 19, 109}},
> + {{ 49, 220, 202, 215}}, {{ 56, 209, 193, 217}}, {{ 35, 198, 220, 203}},
> + {{ 42, 203, 215, 197}}, {{ 21, 232, 230, 239}}, {{ 28, 229, 237, 225}},
> + {{ 7, 242, 240, 243}}, {{ 14, 255, 251, 253}}, {{121, 180, 146, 167}},
> + {{112, 185, 153, 169}}, {{107, 174, 132, 187}}, {{ 98, 163, 143, 181}},
> + {{ 93, 128, 190, 159}}, {{ 84, 141, 181, 145}}, {{ 79, 154, 168, 131}},
> + {{ 70, 151, 163, 141}},
> + },
> +};
> +
> +int xrcon[30] = {
> + 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36,
> + 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6,
> + 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91,
> +};
> +
> +word8 xS[256] = {
> + 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215,
> + 171, 118, 202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175,
> + 156, 164, 114, 192, 183, 253, 147, 38, 54, 63, 247, 204, 52, 165,
> + 229, 241, 113, 216, 49, 21, 4, 199, 35, 195, 24, 150, 5, 154,
> + 7, 18, 128, 226, 235, 39, 178, 117, 9, 131, 44, 26, 27, 110,
> + 90, 160, 82, 59, 214, 179, 41, 227, 47, 132, 83, 209, 0, 237,
> + 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207, 208, 239,
> + 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168,
> + 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255,
> + 243, 210, 205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61,
> + 100, 93, 25, 115, 96, 129, 79, 220, 34, 42, 144, 136, 70, 238,
> + 184, 20, 222, 94, 11, 219, 224, 50, 58, 10, 73, 6, 36, 92,
> + 194, 211, 172, 98, 145, 149, 228, 121, 231, 200, 55, 109, 141, 213,
> + 78, 169, 108, 86, 244, 234, 101, 122, 174, 8, 186, 120, 37, 46,
> + 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138, 112, 62,
> + 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158,
> + 225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85,
> + 40, 223, 140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15,
> + 176, 84, 187, 22,
> +};
> +
> +word8 xSi[256] = {
> + 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243,
> + 215, 251, 124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68,
> + 196, 222, 233, 203, 84, 123, 148, 50, 166, 194, 35, 61, 238, 76,
> + 149, 11, 66, 250, 195, 78, 8, 46, 161, 102, 40, 217, 36, 178,
> + 118, 91, 162, 73, 109, 139, 209, 37, 114, 248, 246, 100, 134, 104,
> + 152, 22, 212, 164, 92, 204, 93, 101, 182, 146, 108, 112, 72, 80,
> + 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132, 144, 216,
> + 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6,
> + 208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19,
> + 138, 107, 58, 145, 17, 65, 79, 103, 220, 234, 151, 242, 207, 206,
> + 240, 180, 230, 115, 150, 172, 116, 34, 231, 173, 53, 133, 226, 249,
> + 55, 232, 28, 117, 223, 110, 71, 241, 26, 113, 29, 41, 197, 137,
> + 111, 183, 98, 14, 170, 24, 190, 27, 252, 86, 62, 75, 198, 210,
> + 121, 32, 154, 219, 192, 254, 120, 205, 90, 244, 31, 221, 168, 51,
> + 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95, 96, 81,
> + 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239,
> + 160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83,
> + 153, 97, 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99,
> + 85, 33, 12, 125,
> +};
> +
> +/* -------------------------------- */
> +
> +#define MAXBC (256/32)
> +#define MAXKC (256/32)
> +#define MAXROUNDS 14
> +#define MAXRK ((MAXROUNDS+1)*MAXBC)
> +
> +typedef struct {
> + int BC;
> + int KC;
> + int ROUNDS;
> + int shift[2][4];
> + word32 rk[MAXRK];
> +} roundkey;
> +
> +/* keys and blocks are externally treated as word32 arrays, to
> + make sure they are aligned on 4-byte boundaries on architectures
> + that require it. */
> +
> +static int xshifts[3][2][4] = {
> + {{0, 1, 2, 3},
> + {0, 3, 2, 1}},
> +
> + {{0, 1, 2, 3},
> + {0, 5, 4, 3}},
> +
> + {{0, 1, 3, 4},
> + {0, 7, 5, 4}},
> +};
> +
> +/* Exor corresponding text input and round key input bytes */
> +/* the result is written to res, which can be the same as a */
> +static inline void xKeyAddition(word32 res[MAXBC], word32 a[MAXBC],
> + word32 rk[MAXBC], int BC)
> +{
> + int j;
> +
> + for (j = 0; j < BC; j++) {
> + res[j] = a[j] ^ rk[j];
> + }
> +}
> +
> +/* profiling shows that the ccrypt program spends about 50% of its
> + time in the function xShiftSubst. Splitting the inner "for"
> + statement into two parts - versus using the expensive "%" modulo
> + operation, makes this function about 44% faster, thereby making the
> + entire program about 28% faster. With -O3 optimization, the time
> + savings are even more dramatic - ccrypt runs between 55% and 65%
> + faster on most platforms. */
> +
> +/* do ShiftRow and Substitution together. res must not be a. */
> +static inline void xShiftSubst(word32 res[MAXBC], word32 a[MAXBC],
> + int shift[4], int BC, word8 box[256])
> +{
> + int i, j;
> + int s;
> + word8 (*a8)[4] = (word8 (*)[4]) a;
> + word8 (*res8)[4] = (word8 (*)[4]) res;
> +
> + for (j = 0; j < BC; j++) {
> + res8[j][0] = box[a8[j][0]];
> + }
> + for (i = 1; i < 4; i++) {
> + s = shift[i];
> + for (j = 0; j < BC - s; j++) {
> + res8[j][i] = box[a8[(j + s)][i]];
> + }
> + for (j = BC - s; j < BC; j++) {
> + res8[j][i] = box[a8[(j + s) - BC][i]];
> + }
> + }
> +}
> +
> +/* do MixColumn and KeyAddition together */
> +static inline void xMixAdd(word32 res[MAXBC], word32 a[MAXBC],
> + word32 rk[MAXBC], int BC)
> +{
> + int j;
> + word32 b;
> + word8 (*a8)[4] = (word8 (*)[4]) a;
> +
> + for (j = 0; j < BC; j++) {
> + b = M0[0][a8[j][0]].w32;
> + b ^= M0[1][a8[j][1]].w32;
> + b ^= M0[2][a8[j][2]].w32;
> + b ^= M0[3][a8[j][3]].w32;
> + b ^= rk[j];
> + res[j] = b;
> + }
> +}
> +
> +/* Mix the four bytes of every column in a linear way
> + * This is the opposite operation of xMixColumn */
> +/* the result is written to res, which may equal a */
> +static inline void xInvMixColumn(word32 res[MAXBC], word32 a[MAXBC], int BC)
> +{
> + int j;
> + word32 b;
> + word8 (*a8)[4] = (word8 (*)[4]) a;
> +
> + for (j = 0; j < BC; j++) {
> + b = M1[0][a8[j][0]].w32;
> + b ^= M1[1][a8[j][1]].w32;
> + b ^= M1[2][a8[j][2]].w32;
> + b ^= M1[3][a8[j][3]].w32;
> + res[j] = b;
> + }
> +}
> +
> +/* make a roundkey rkk from key. key must have appropriate size given
> + by keyBits. keyBits and blockBits may only be 128, 196, or
> + 256. Returns non-zero if arguments are invalid. */
> +int xrijndaelKeySched(word32 key[], int keyBits, int blockBits,
> + roundkey *rkk)
> +{
> + /* Calculate the necessary round keys
> + * The number of calculations depends on keyBits and blockBits */
> + int KC, BC, ROUNDS;
> + int i, j, t, rconpointer = 0;
> + word8 (*k8)[4] = (word8 (*)[4]) key;
> +
> + switch (keyBits) {
> + case 128:
> + KC = 4;
> + break;
> + case 192:
> + KC = 6;
> + break;
> + case 256:
> + KC = 8;
> + break;
> + default:
> + return -1;
> + }
> +
> + switch (blockBits) {
> + case 128:
> + BC = 4;
> + break;
> + case 192:
> + BC = 6;
> + break;
> + case 256:
> + BC = 8;
> + break;
> + default:
> + return -2;
> + }
> +
> + ROUNDS = KC > BC ? KC + 6 : BC + 6;
> +
> + t = 0;
> + /* copy values into round key array */
> + for (j = 0; (j < KC) && (t < (ROUNDS + 1) * BC); j++, t++)
> + rkk->rk[t] = key[j];
> +
> + while (t < (ROUNDS + 1) * BC) { /* while not enough round key material */
> + /* calculate new values */
> + for (i = 0; i < 4; i++) {
> + k8[0][i] ^= xS[k8[KC - 1][(i + 1) % 4]];
> + }
> + k8[0][0] ^= xrcon[rconpointer++];
> +
> + if (KC != 8) {
> + for (j = 1; j < KC; j++) {
> + key[j] ^= key[j - 1];
> + }
> + } else {
> + for (j = 1; j < 4; j++) {
> + key[j] ^= key[j - 1];
> + }
> + for (i = 0; i < 4; i++) {
> + k8[4][i] ^= xS[k8[3][i]];
> + }
> + for (j = 5; j < 8; j++) {
> + key[j] ^= key[j - 1];
> + }
> + }
> + /* copy values into round key array */
> + for (j = 0; (j < KC) && (t < (ROUNDS + 1) * BC); j++, t++) {
> + rkk->rk[t] = key[j];
> + }
> + }
> +
> + /* make roundkey structure */
> + rkk->BC = BC;
> + rkk->KC = KC;
> + rkk->ROUNDS = ROUNDS;
> + for (i = 0; i < 2; i++) {
> + for (j = 0; j < 4; j++) {
> + rkk->shift[i][j] = xshifts[(BC - 4) >> 1][i][j];
> + }
> + }
> +
> + return 0;
> +}
> +
> +/* encrypt, resp. decrypt, block using rijndael roundkey rkk. rkk must
> + have been created with xrijndaelKeySched. Size of block, in bits,
> + must be equal to blockBits parameter that was used to make rkk. In
> + all other cases, behavior is undefined - for reasons of speed, no
> + check for error conditions is done. */
> +
> +/* Encryption of one block. */
> +
> +void xrijndaelEncrypt(word32 block[], roundkey *rkk)
> +{
> + word32 block2[MAXBC]; /* hold intermediate result */
> + int r;
> +
> + int *shift = rkk->shift[0];
> + int BC = rkk->BC;
> + int ROUNDS = rkk->ROUNDS;
> + word32 *rp = rkk->rk;
> +
> + /* begin with a key addition */
> + xKeyAddition(block, block, rp, BC);
> + rp += BC;
> +
> + /* ROUNDS-1 ordinary rounds */
> + for (r = 1; r < ROUNDS; r++) {
> + xShiftSubst(block2, block, shift, BC, xS);
> + xMixAdd(block, block2, rp, BC);
> + rp += BC;
> + }
> +
> + /* Last round is special: there is no xMixColumn */
> + xShiftSubst(block2, block, shift, BC, xS);
> + xKeyAddition(block, block2, rp, BC);
> +}
> +
> +void xrijndaelDecrypt(word32 block[], roundkey *rkk)
> +{
> + word32 block2[MAXBC]; /* hold intermediate result */
> + int r;
> +
> + int *shift = rkk->shift[1];
> + int BC = rkk->BC;
> + int ROUNDS = rkk->ROUNDS;
> + word32 *rp = rkk->rk + ROUNDS * BC;
> +
> + /* To decrypt: apply the inverse operations of the encrypt routine,
> + * in opposite order
> + *
> + * (xKeyAddition is an involution: it's equal to its inverse)
> + * (the inverse of xSubstitution with table S is xSubstitution with the
> + * inverse table of S)
> + * (the inverse of xShiftRow is xShiftRow over a suitable distance)
> + */
> +
> + /* First the special round:
> + * without xInvMixColumn
> + * with extra xKeyAddition
> + */
> + xKeyAddition(block2, block, rp, BC);
> + xShiftSubst(block, block2, shift, BC, xSi);
> + rp -= BC;
> +
> + /* ROUNDS-1 ordinary rounds
> + */
> + for (r = ROUNDS - 1; r > 0; r--) {
> + xKeyAddition(block, block, rp, BC);
> + xInvMixColumn(block2, block, BC);
> + xShiftSubst(block, block2, shift, BC, xSi);
> + rp -= BC;
> + }
> +
> + /* End with the extra key addition
> + */
> +
> + xKeyAddition(block, block, rp, BC);
> +}
> +
> +/* -------------------------------- */
> +
> +
> +#define MAGIC "c051" /* magic string for this version of ccrypt */
> +
> +/* private struct, not visible by applications */
> +struct ccrypt_state_s {
> + int n; /* number of keys. n=1 for encryption, n>=1 for decryption */
> + roundkey *rkks; /* array of n keys */
> + int ak; /* rkks[ak] is the active key */
> + int iv; /* are we reading/writing the IV? */
> + int bufindex; /* in bytes */
> + word32 buf[8]; /* current buffer; partly ciphertext, partly mask */
> + int flags; /* flags determining behavior */
> +};
> +typedef struct ccrypt_state_s ccrypt_state_t;
> +
> +
> +int ccrypt_errno;
> +
> +#ifdef DEBUG
> +static void print_state(ccrypt_state_t *st) {
> + if (st) {
> + printf("State:\n");
> + memory_display(st,0,sizeof(st),1,0);
> + if (st->rkks) {
> + printf("Roundkey:\n");
> + memory_display(st->rkks,0,sizeof(roundkey),1,0);
> + }
> + }
> +}
> +#endif
> +
> +static void ccrypt_state_free(ccrypt_state_t *st) {
> + if (st) {
> + free(st->rkks);
> + }
> + free(st);
> +}
> +
> +/* ---------------------------------------------------------------------- */
> +/* some private functions dealing with hashes, keys, and nonces */
> +
> +/* hash a keystring into a 256-bit cryptographic random value. */
> +static void hashstring(const char *keystring, const int keylen, word32 hash[8]) {
> + int i,j;
> + roundkey rkk;
> + word32 key[8]; /* rijndael key */
> +
> + for (i=0; i<8; i++)
> + key[i] = hash[i] = 0;
> +
> + for ( j=0; j<keylen; ) {
> + for (i=0; i<32; i++) {
> + if ( j<keylen ) {
> + ((word8 *)key)[i] ^= keystring[j];
> + j++;
> + }
> + }
> + xrijndaelKeySched(key, 256, 256, &rkk);
> + xrijndaelEncrypt(hash, &rkk);
> + }
> +
> +#if 0
> + do {
> + for (i=0; i<32; i++) {
> + if (*keystring != 0) {
> + ((word8 *)key)[i] ^= *keystring;
> + keystring++;
> + }
> + }
> + xrijndaelKeySched(key, 256, 256, &rkk);
> + xrijndaelEncrypt(hash, &rkk);
> + } while (*keystring != 0);
> +#endif
> +
> +}
> +
> +/* return a 256-bit value that is practically unique */
> +static void make_nonce(word32 nonce[8]) {
> + char acc[512];
> + static int count=0;
> +
> + sprintf(acc, "%s,%d,%d,%d,%d,%d", "barebox", rand(),rand(),rand(),rand(),count++);
> + hashstring(acc, strlen(acc), nonce);
> +}
> +
> +/* ---------------------------------------------------------------------- */
> +/* core functions for encryption */
> +
> +int ccencrypt_init(ccrypt_stream_t *b, const char *key, const int keylen) {
> + word32 keyblock[8];
> + ccrypt_state_t *st;
> + roundkey *rkks;
> +
> + b->state = NULL;
> +
> + st = malloc(sizeof(ccrypt_state_t));
> + if (st == NULL) {
> + return -1;
> + }
> + rkks = malloc(sizeof(roundkey));
> + if (!rkks) {
> + free(st);
> + return -1;
> + }
> +
> + st->n = 1;
> + st->rkks = rkks;
> + st->ak = 0; /* not used */
> +
> + /* generate the roundkey */
> + hashstring(key, keylen, keyblock);
> + xrijndaelKeySched(keyblock, 256, 256, &st->rkks[0]);
> +
> + /* make a nonce */
> + make_nonce(st->buf);
> +
> + /* mark the nonce with a "magic number". */
> + strncpy((char *)st->buf, MAGIC, 4);
> +
> + /* encrypt the nonce with the given key */
> + xrijndaelEncrypt(st->buf, &st->rkks[0]);
> +
> + /* IV is now contained in st->buf. Initialize rest of the state. */
> + st->iv = 1;
> + st->bufindex = 0; /* initially use bufsize to count iv bytes output */
> +
> +#ifdef DEBUG
> + print_state(st);
> +#endif
> + b->state = (void *)st;
> + return 0;
> +}
> +
> +EXPORT_SYMBOL(ccencrypt_init);
> +
> +int ccencrypt(ccrypt_stream_t *b) {
> + ccrypt_state_t *st = (ccrypt_state_t *)b->state;
> + word32 lbuf[8];
> + char *cbuf = (char *)st->buf;
> + int i;
> + char c, cc;
> +
> + while (1) {
> + /* handle the typical case efficiently, one block at a time */
> +
> + if (st->iv == 0 && st->bufindex == 32) {
> + while (b->avail_in >= 32 && b->avail_out >= 32) {
> +
> + /* block-encrypt buffer */
> + xrijndaelEncrypt(st->buf, &st->rkks[0]);
> +
> + /* read input to local buffer for word alignment */
> + memcpy(lbuf, b->next_in, 32);
> + b->next_in += 32;
> + b->avail_in -= 32;
> +
> + /* compute ciphertext */
> + for (i=0; i<8; i++) {
> + st->buf[i] ^= lbuf[i];
> + }
> +
> + /* write output */
> + memcpy(b->next_out, st->buf, 32);
> + b->next_out += 32;
> + b->avail_out -= 32;
> + }
> + }
> +
> + /* handle the general case systematically, one byte at a time */
> +
> + if (b->avail_out == 0) {
> + break;
> + }
> +
> + else if (st->iv) { /* write IV byte */
> + *b->next_out = cbuf[st->bufindex];
> + b->next_out++;
> + b->avail_out--;
> + st->bufindex++;
> + if (st->bufindex == 32) {
> + st->iv = 0;
> + }
> + }
> +
> + else if (b->avail_in == 0) {
> + break;
> + }
> +
> + else { /* encrypt one byte */
> + if (st->bufindex == 32) {
> + xrijndaelEncrypt(st->buf, &st->rkks[0]);
> + st->bufindex = 0;
> + }
> + c = *b->next_in;
> + b->next_in++;
> + b->avail_in--;
> + cc = c ^ cbuf[st->bufindex];
> + cbuf[st->bufindex] = cc;
> + *b->next_out = cc;
> + b->next_out++;
> + b->avail_out--;
> + st->bufindex++;
> + }
> + }
> +#ifdef DEBUG
> + print_state(st);
> +#endif
> + return 0;
> +}
> +
> +EXPORT_SYMBOL(ccencrypt);
> +
> +int ccencrypt_end(ccrypt_stream_t *b) {
> + ccrypt_state_free(b->state);
> + b->state = NULL; /* guard against double free */
> + return 0;
> +}
> +
> +EXPORT_SYMBOL(ccencrypt_end);
> +
> +/* ---------------------------------------------------------------------- */
> +/* core functions for decryption */
> +
> +int ccdecrypt_init(ccrypt_stream_t *b, const char *key, const int keylen) {
> + word32 keyblock[8];
> + ccrypt_state_t *st;
> + roundkey *rkks;
> +
> + b->state = NULL;
> +
> + st = malloc(sizeof(ccrypt_state_t));
> + if (st == NULL) {
> + return -1;
> + }
> + rkks = malloc(sizeof(roundkey));
> + if (!rkks) {
> + free(st);
> + return -1;
> + }
> +
> + st->n = 1;
> + st->rkks = rkks;
> + st->ak = 0;
> +
> + /* generate the roundkeys */
> + hashstring(key, keylen, keyblock);
> + xrijndaelKeySched(keyblock, 256, 256, &st->rkks[0]);
> +
> + /* Initialize rest of the state. */
> + st->iv = 1;
> + st->bufindex = 0;
> + st->flags = 0;
> +
> +#ifdef DEBUG
> + print_state(st);
> +#endif
> + b->state = (void *)st;
> + return 0;
> +}
> +
> +EXPORT_SYMBOL(ccdecrypt_init);
> +
> +int ccdecrypt(ccrypt_stream_t *b) {
> + ccrypt_state_t *st = (ccrypt_state_t *)b->state;
> + word32 lbuf[8];
> + char *cbuf = (char *)st->buf;
> + int i;
> + char c, cc;
> +
> + while (1) {
> + /* handle the typical case efficiently, one block at a time */
> +
> + if (st->iv == 0 && st->bufindex == 32) {
> + while (b->avail_in >= 32 && b->avail_out >= 32) {
> +
> + /* block-encrypt buffer */
> + xrijndaelEncrypt(st->buf, &st->rkks[st->ak]);
> + memcpy(lbuf, st->buf, 32);
> +
> + /* read input */
> + memcpy(st->buf, b->next_in, 32);
> + b->next_in += 32;
> + b->avail_in -= 32;
> +
> + /* compute plaintext */
> + for (i=0; i<8; i++) {
> + lbuf[i] ^= st->buf[i];
> + }
> +
> + /* write output */
> + memcpy(b->next_out, lbuf, 32);
> + b->next_out += 32;
> + b->avail_out -= 32;
> + }
> + }
> +
> + /* handle the general case systematically, one byte at a time */
> +
> + if (b->avail_in == 0) {
> + break;
> + }
> +
> + else if (st->iv) { /* read IV byte */
> + cbuf[st->bufindex] = *b->next_in;
> + b->next_in++;
> + b->avail_in--;
> + st->bufindex++;
> + if (st->bufindex == 32) {
> + st->iv = 0;
> + /* find the first matching key */
> + for (i=0; i<st->n; i++) {
> + /* check the "magic number" */
> + memcpy(lbuf, st->buf, 32);
> + xrijndaelDecrypt(lbuf, &st->rkks[i]);
> + if ((st->flags & CCRYPT_MISMATCH) != 0 || strncmp((char *)lbuf, MAGIC, 4) == 0) {
> + /* key matches */
> + break;
> + }
> + }
> + if (i<st->n) { /* matching key found */
> + st->ak = i;
> + } else { /* not found */
> + /* on error, invalidate the state so that the client cannot
> + call here again. */
> + ccrypt_state_free((ccrypt_state_t *)b->state);
> + b->state = NULL;
> + ccrypt_errno = CCRYPT_EMISMATCH;
> + return -2;
> + }
> + }
> + }
> +
> + else if (b->avail_out == 0) {
> + break;
> + }
> +
> + else { /* decrypt one byte */
> + if (st->bufindex == 32) {
> + xrijndaelEncrypt(st->buf, &st->rkks[st->ak]);
> + st->bufindex = 0;
> + }
> + cc = *b->next_in;
> + b->next_in++;
> + b->avail_in--;
> + c = cc ^ cbuf[st->bufindex];
> + cbuf[st->bufindex] = cc;
> + *b->next_out = c;
> + b->next_out++;
> + b->avail_out--;
> + st->bufindex++;
> + }
> + }
> +#ifdef DEBUG
> + print_state(st);
> +#endif
> + return 0;
> +}
> +
> +EXPORT_SYMBOL(ccdecrypt);
> +
> +int ccdecrypt_end(ccrypt_stream_t *b) {
> + ccrypt_state_t *st;
> +
> + if (b->state) {
> +
> + /* verify that we have read and verified the IV */
> + st = (ccrypt_state_t *)b->state;
> + if (st->iv) {
> + ccrypt_state_free(b->state);
> + b->state = NULL;
> + ccrypt_errno = CCRYPT_EFORMAT;
> + return -2;
> + }
> + }
> +
> + ccrypt_state_free(b->state);
> + b->state = NULL;
> + return 0;
> +}
> +
> +EXPORT_SYMBOL(ccdecrypt_end);
> diff --git a/include/ccryptlib.h b/include/ccryptlib.h
> new file mode 100644
> index 000000000..b2446a232
> --- /dev/null
> +++ b/include/ccryptlib.h
> @@ -0,0 +1,102 @@
> +/* -*- Mode:C; c-file-style:"linux"; -*- */
> +
> +/* Ported to barebox by Gerd Pauli <gp@high-consulting.de> 2018 */
> +
> +/* Copyright (C) 2000-2009 Peter Selinger.
> + This file is part of ccrypt. It is free software and it is covered
> + by the GNU general public license. See the file COPYING for details. */
> +
> +/* ccryptlib.h: library for encrypting/decrypting a character stream */
> +/* $Id: ccryptlib.h 258 2009-08-26 17:46:10Z selinger $ */
> +
> +#ifndef _CCRYPTLIB_H
> +#define _CCRYPTLIB_H
> +
> +struct ccrypt_stream_s {
> + char *next_in; /* next input byte */
> + unsigned int avail_in; /* number of bytes available at next_in */
> +
> + char *next_out; /* next output byte should be put there */
> + unsigned int avail_out; /* remaining free space at next_out */
> +
> + void *state; /* internal state, not visible by applications */
> +};
> +typedef struct ccrypt_stream_s ccrypt_stream_t;
> +
> +/*
> + The application may update next_in and avail_in when avail_in has
> + dropped to zero. It must update next_out and avail_out when
> + avail_out has dropped to zero. All other fields are set by the
> + compression library and must not be updated by the application.
> +*/
> +
> +int ccencrypt_init(ccrypt_stream_t *b, const char *key, const int keylen);
> +int ccencrypt (ccrypt_stream_t *b);
> +int ccencrypt_end (ccrypt_stream_t *b);
> +
> +int ccdecrypt_init(ccrypt_stream_t *b, const char *key, const int keylen);
> +int ccdecrypt (ccrypt_stream_t *b);
> +int ccdecrypt_end (ccrypt_stream_t *b);
> +
> +/* The interface for encryption and decryption is the same. The
> + application must first call the respective init function to
> + initialize the internal state. Then it calls the encrypt/decrypt
> + function repeatedly, as follows: next_in and next_out must point to
> + valid, non-overlapping regions of memory of size at least avail_in
> + and avail_out, respectively. Avail_out must be non-zero. Avail_in
> + may be zero to retrieve some pending output when no input is
> + available, for instance, in an interactive application or at the
> + end of stream. Otherwise, avail_in should be non-zero.
> +
> + The encryption/decryption function will read and process as many
> + input bytes as possible as long as there is room in the output
> + buffer. It will update next_in, avail_in, next_out, and avail_out
> + accordingly. It will always flush as much output as possible.
> + However, it is possible that some input bytes produce no output,
> + because some part of the input may be used for internal purposes.
> + Conversely, it is possible that output is produced without reading
> + any input. When the encryption/decryption function returns, at
> + least one of avail_in or avail_out is 0. If avail_out is non-zero
> + after a call, the application may conclude that no more output is
> + pending.
> +
> + Finally, the internal state must be freed by calling the respective
> + end function. This function will discard any unprocessed input
> + and/or output, so it should only be called after the application
> + has retrieved any pending output. Note: the call to the end
> + function should be checked for errors, because this is the only
> + place where certain format errors (like a file that is too short)
> + are detected.
> +
> + All functions return 0 on success, or -1 on error with errno set,
> + or -2 on error with ccrypt_errno set. Callers must check for
> + errors. If an error occurs, the state is invalid and its resources
> + are freed. It may not be used again. It is then safe, but not
> + required, to call the corresponding *_end function.
> +
> + The flags argument to ccdecrypt_init should be 0 by default, or
> + CCRYPT_MISMATCH if non-matching keys should be ignored. All other
> + values are undefined and reserved for future use.
> +*/
> +
> +/* ccdecrypt_multi_init this is a variant of ccdecrypt_init that
> + allows a list of n>=1 keys to be defined. During decryption, the
> + first matching key is used. This is useful when batch decrypting a
> + set of files that have non-uniform keys. If flags includes
> + CCRYPT_MISMATCH, then the first key is always used regardless of
> + whether it matches or not. */
> +int ccdecrypt_multi_init(ccrypt_stream_t *b, int n, const char **keylist, int flags);
> +
> +/* errors */
> +
> +#define CCRYPT_EFORMAT 1 /* bad file format */
> +#define CCRYPT_EMISMATCH 2 /* key does not match */
> +#define CCRYPT_EBUFFER 3 /* buffer overflow */
> +
> +/* flags */
> +
> +#define CCRYPT_MISMATCH 1 /* ignore non-matching key */
> +
> +extern int ccrypt_errno;
> +
> +#endif /* _CCRYPTLIB_H */
>
--
Regards,
Oleksij
[-- Attachment #1.2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
[-- Attachment #2: Type: text/plain, Size: 149 bytes --]
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v1] Crypt and decrypt files using password in keystore.
2018-04-22 8:27 ` Oleksij Rempel
@ 2018-04-23 8:13 ` Sascha Hauer
2018-04-23 8:33 ` Oleksij Rempel
0 siblings, 1 reply; 7+ messages in thread
From: Sascha Hauer @ 2018-04-23 8:13 UTC (permalink / raw)
To: Oleksij Rempel; +Cc: barebox, Gerd Pauli
On Sun, Apr 22, 2018 at 10:27:11AM +0200, Oleksij Rempel wrote:
> Hi Gerd,
>
> please use scripts/checkpatch.pl
>
> currently i get
> total: 2020 errors, 0 warnings, 2020 lines checked
>
> We use kernel coding style. Please read it:
> https://www.kernel.org/doc/html/v4.16/process/coding-style.html
>
> Am 20.04.2018 um 10:01 schrieb Gerd Pauli:
> > Adds ccryptlib library in crypto which implements a
> > stream cipher based on the block cipher Rijndael,
> > the candidate for the AES standard.
> > Compatible with the ccrypt tool in linux
> > from Peter Selinger.
> >
> > Usage: ccrypt [-e|-d] -k KEYNAME_IN_KEYSTORE SRC DST
> >
> > Signed-off-by: Gerd Pauli <gp@high-consulting.de>
> > ---
> > commands/Kconfig | 17 +
> > commands/Makefile | 1 +
> > commands/ccrypt.c | 249 +++++++++
> > crypto/Kconfig | 7 +
> > crypto/Makefile | 1 +
> > crypto/ccryptlib.c | 1467 +++++++++++++++++++++++++++++++++++++++++++++++++++
> > include/ccryptlib.h | 102 ++++
> > 7 files changed, 1844 insertions(+)
> > create mode 100644 commands/ccrypt.c
> > create mode 100644 crypto/ccryptlib.c
> > create mode 100644 include/ccryptlib.h
> >
> > diff --git a/commands/Kconfig b/commands/Kconfig
> > index 951a86963..b6911246a 100644
> > --- a/commands/Kconfig
> > +++ b/commands/Kconfig
> > @@ -2137,6 +2137,23 @@ config CMD_SEED
> > help
> > Seed the pseudo random number generator (PRNG)
> >
> > +config CMD_CCRYPT
> > + tristate
> > + prompt "ccrypt"
> > + select CRYPTO_CCRYPTLIB
> > + select CRYPTO_KEYSTORE
> > + help
> > + encrypting/decrypting a character stream
> > + ccrypt implements a stream cipher based on the block cipher
> > + Rijndael.
>
> > + Usage: ccrypt [-ed] [-K name] srcfile dstfile
> > +
> > + Options:
> > + -e encrypt srcfile to dstfile
> > + -d decrypt srcfile to dstfile
> > + -k name use key with name from keystore
> > +
>
> usage help should be provided by the command, not within Kconfig
Indeed we have the help provided in the Kconfig text for all commands
that were present at that change. I don't really think it's worth
continuing this though.
> > + * This program is free software; you can redistribute it and/or
> > + * modify it under the terms of the GNU General Public License as
> > + * published by the Free Software Foundation; either version 2 of
> > + * the License, or (at your option) any later version.
> > + *
> > + * This program is distributed in the hope that it will be useful,
> > + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> > + * GNU General Public License for more details.
> > + */
> > +
> > +/* ccrypt implements a stream cipher based on the block cipher
> > + Rijndael */
> > +
> > +/* needs library ccryptlib and keystore from barebox */
>
> no need for this comment, needed headers are already included
>
> > +#include <common.h>
> > +#include <command.h>
> > +#include <libfile.h>
> > +#include <getopt.h>
> > +#include <fcntl.h>
> > +#include <fs.h>
> > +#include <ccryptlib.h>
>
> i prefer headers sorted alphabetically. this helps to reduce
> patch conflicts.
And I prefer the reverse christmas tree ordering ;)
To be honest, I don't care about the ordering at all, but at least as
long as we haven't agreed on some ordering and written it down somewhere
we shouldn't enforce any ordering for patch submitters.
Sascha
--
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v1] Crypt and decrypt files using password in keystore.
2018-04-23 8:13 ` Sascha Hauer
@ 2018-04-23 8:33 ` Oleksij Rempel
0 siblings, 0 replies; 7+ messages in thread
From: Oleksij Rempel @ 2018-04-23 8:33 UTC (permalink / raw)
To: Sascha Hauer, Oleksij Rempel; +Cc: barebox, Gerd Pauli
[-- Attachment #1.1.1: Type: text/plain, Size: 4004 bytes --]
On 23.04.2018 10:13, Sascha Hauer wrote:
> On Sun, Apr 22, 2018 at 10:27:11AM +0200, Oleksij Rempel wrote:
>> Hi Gerd,
>>
>> please use scripts/checkpatch.pl
>>
>> currently i get
>> total: 2020 errors, 0 warnings, 2020 lines checked
>>
>> We use kernel coding style. Please read it:
>> https://www.kernel.org/doc/html/v4.16/process/coding-style.html
>>
>> Am 20.04.2018 um 10:01 schrieb Gerd Pauli:
>>> Adds ccryptlib library in crypto which implements a
>>> stream cipher based on the block cipher Rijndael,
>>> the candidate for the AES standard.
>>> Compatible with the ccrypt tool in linux
>>> from Peter Selinger.
>>>
>>> Usage: ccrypt [-e|-d] -k KEYNAME_IN_KEYSTORE SRC DST
>>>
>>> Signed-off-by: Gerd Pauli <gp@high-consulting.de>
>>> ---
>>> commands/Kconfig | 17 +
>>> commands/Makefile | 1 +
>>> commands/ccrypt.c | 249 +++++++++
>>> crypto/Kconfig | 7 +
>>> crypto/Makefile | 1 +
>>> crypto/ccryptlib.c | 1467 +++++++++++++++++++++++++++++++++++++++++++++++++++
>>> include/ccryptlib.h | 102 ++++
>>> 7 files changed, 1844 insertions(+)
>>> create mode 100644 commands/ccrypt.c
>>> create mode 100644 crypto/ccryptlib.c
>>> create mode 100644 include/ccryptlib.h
>>>
>>> diff --git a/commands/Kconfig b/commands/Kconfig
>>> index 951a86963..b6911246a 100644
>>> --- a/commands/Kconfig
>>> +++ b/commands/Kconfig
>>> @@ -2137,6 +2137,23 @@ config CMD_SEED
>>> help
>>> Seed the pseudo random number generator (PRNG)
>>>
>>> +config CMD_CCRYPT
>>> + tristate
>>> + prompt "ccrypt"
>>> + select CRYPTO_CCRYPTLIB
>>> + select CRYPTO_KEYSTORE
>>> + help
>>> + encrypting/decrypting a character stream
>>> + ccrypt implements a stream cipher based on the block cipher
>>> + Rijndael.
>>
>>> + Usage: ccrypt [-ed] [-K name] srcfile dstfile
>>> +
>>> + Options:
>>> + -e encrypt srcfile to dstfile
>>> + -d decrypt srcfile to dstfile
>>> + -k name use key with name from keystore
>>> +
>>
>> usage help should be provided by the command, not within Kconfig
>
> Indeed we have the help provided in the Kconfig text for all commands
> that were present at that change. I don't really think it's worth
> continuing this though.
>
>>> + * This program is free software; you can redistribute it and/or
>>> + * modify it under the terms of the GNU General Public License as
>>> + * published by the Free Software Foundation; either version 2 of
>>> + * the License, or (at your option) any later version.
>>> + *
>>> + * This program is distributed in the hope that it will be useful,
>>> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
>>> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
>>> + * GNU General Public License for more details.
>>> + */
>>> +
>>> +/* ccrypt implements a stream cipher based on the block cipher
>>> + Rijndael */
>>> +
>>> +/* needs library ccryptlib and keystore from barebox */
>>
>> no need for this comment, needed headers are already included
>>
>>> +#include <common.h>
>>> +#include <command.h>
>>> +#include <libfile.h>
>>> +#include <getopt.h>
>>> +#include <fcntl.h>
>>> +#include <fs.h>
>>> +#include <ccryptlib.h>
>>
>> i prefer headers sorted alphabetically. this helps to reduce
>> patch conflicts.
>
> And I prefer the reverse christmas tree ordering ;)
>
> To be honest, I don't care about the ordering at all, but at least as
> long as we haven't agreed on some ordering and written it down somewhere
> we shouldn't enforce any ordering for patch submitters.
ok.
by applying old patches, i made experience that "append as last in the
list" will mostly end as patch conflict in comparison to "add in
alphabetically ordered list". May it is worth to start this practice.
[-- Attachment #1.2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
[-- Attachment #2: Type: text/plain, Size: 149 bytes --]
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v1] Crypt and decrypt files using password in keystore.
2018-04-20 8:01 [PATCH v1] Crypt and decrypt files using password in keystore Gerd Pauli
2018-04-22 8:27 ` Oleksij Rempel
@ 2018-04-23 8:39 ` Sascha Hauer
2018-04-23 12:52 ` Gerd Pauli
1 sibling, 1 reply; 7+ messages in thread
From: Sascha Hauer @ 2018-04-23 8:39 UTC (permalink / raw)
To: Gerd Pauli; +Cc: barebox
Hi Gerd,
On Fri, Apr 20, 2018 at 10:01:14AM +0200, Gerd Pauli wrote:
> Adds ccryptlib library in crypto which implements a
> stream cipher based on the block cipher Rijndael,
> the candidate for the AES standard.
> Compatible with the ccrypt tool in linux
> from Peter Selinger.
>
> +BAREBOX_CMD_START(ccrypt)
> +.cmd = do_ccrypt,
> + BAREBOX_CMD_DESC("Crypt and Decrypt Files")
> + BAREBOX_CMD_OPTS("[-e|-d] -k NAME SRC DST")
> + BAREBOX_CMD_GROUP(CMD_GRP_MISC)
> + BAREBOX_CMD_HELP(cmd_ccrypt_help)
> + BAREBOX_CMD_END
> diff --git a/crypto/Kconfig b/crypto/Kconfig
> index 6d65c24d4..08669a2de 100644
> --- a/crypto/Kconfig
> +++ b/crypto/Kconfig
> @@ -101,4 +101,11 @@ config CRYPTO_KEYSTORE
> This is a simple keystore, which can be used to pass keys
> between several components via simple interface.
>
> +config CRYPTO_CCRYPTLIB
> + bool "ccryptlib"
> + help
> + This option provides functions implementing a stream cipher based
> + on the block cipher rijandel.
> + The cipher is based on Peter Selingers ccrypt implementation.
> +
> endmenu
> diff --git a/crypto/Makefile b/crypto/Makefile
> index a7240d1d6..1231bc76d 100644
> --- a/crypto/Makefile
> +++ b/crypto/Makefile
> @@ -14,3 +14,4 @@ obj-$(CONFIG_DIGEST_SHA512_GENERIC) += sha4.o
> obj-$(CONFIG_CRYPTO_PBKDF2) += pbkdf2.o
> obj-$(CONFIG_CRYPTO_RSA) += rsa.o
> obj-$(CONFIG_CRYPTO_KEYSTORE) += keystore.o
> +obj-$(CONFIG_CRYPTO_CCRYPTLIB) += ccryptlib.o
> diff --git a/crypto/ccryptlib.c b/crypto/ccryptlib.c
> new file mode 100644
> index 000000000..78f0ac843
> --- /dev/null
> +++ b/crypto/ccryptlib.c
Is this the same as the Linux Kernel has in crypto/aes_generic.c? If
yes, then please use it. If no, then why not? ;)
Generally any crypto code should integrate into the barebox crypto API
(which is basically the same as the Linux crypto API). This is the main
road blocker that must be removed before we can merge this into barebox.
Sascha
--
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v1] Crypt and decrypt files using password in keystore.
2018-04-23 8:39 ` Sascha Hauer
@ 2018-04-23 12:52 ` Gerd Pauli
2018-04-25 8:23 ` Sascha Hauer
0 siblings, 1 reply; 7+ messages in thread
From: Gerd Pauli @ 2018-04-23 12:52 UTC (permalink / raw)
To: Sascha Hauer; +Cc: barebox
Hi Sascha,
This is not the same as in Linux Cryptop Api. The goal of this command
and library is to provide a compatible command with the ccrypt tool
from linux.
https://packages.debian.org/stretch/ccrypt
It is not intended to write a standard AES Crypting Tool.
Please tell me if this is useful for merging like this.
Then i clean up some spaces in the code and send again ( checkscript ).
If not. Sorry for the dust :-)
Am Montag, den 23.04.2018, 10:39 +0200 schrieb Sascha Hauer:
> Hi Gerd,
>
> On Fri, Apr 20, 2018 at 10:01:14AM +0200, Gerd Pauli wrote:
> > Adds ccryptlib library in crypto which implements a
> > stream cipher based on the block cipher Rijndael,
> > the candidate for the AES standard.
> > Compatible with the ccrypt tool in linux
> > from Peter Selinger.
> >
> > +BAREBOX_CMD_START(ccrypt)
> > +.cmd = do_ccrypt,
> > + BAREBOX_CMD_DESC("Crypt and Decrypt Files")
> > + BAREBOX_CMD_OPTS("[-e|-d] -k NAME SRC DST")
> > + BAREBOX_CMD_GROUP(CMD_GRP_MISC)
> > + BAREBOX_CMD_HELP(cmd_ccrypt_help)
> > + BAREBOX_CMD_END
> > diff --git a/crypto/Kconfig b/crypto/Kconfig
> > index 6d65c24d4..08669a2de 100644
> > --- a/crypto/Kconfig
> > +++ b/crypto/Kconfig
> > @@ -101,4 +101,11 @@ config CRYPTO_KEYSTORE
> > This is a simple keystore, which can be used to pass
> > keys
> > between several components via simple interface.
> >
> > +config CRYPTO_CCRYPTLIB
> > + bool "ccryptlib"
> > + help
> > + This option provides functions implementing a stream
> > cipher based
> > + on the block cipher rijandel.
> > + The cipher is based on Peter Selingers ccrypt
> > implementation.
> > +
> > endmenu
> > diff --git a/crypto/Makefile b/crypto/Makefile
> > index a7240d1d6..1231bc76d 100644
> > --- a/crypto/Makefile
> > +++ b/crypto/Makefile
> > @@ -14,3 +14,4 @@ obj-$(CONFIG_DIGEST_SHA512_GENERIC) +=
> > sha4.o
> > obj-$(CONFIG_CRYPTO_PBKDF2) += pbkdf2.o
> > obj-$(CONFIG_CRYPTO_RSA) += rsa.o
> > obj-$(CONFIG_CRYPTO_KEYSTORE) += keystore.o
> > +obj-$(CONFIG_CRYPTO_CCRYPTLIB) += ccryptlib.o
> > diff --git a/crypto/ccryptlib.c b/crypto/ccryptlib.c
> > new file mode 100644
> > index 000000000..78f0ac843
> > --- /dev/null
> > +++ b/crypto/ccryptlib.c
>
> Is this the same as the Linux Kernel has in crypto/aes_generic.c? If
> yes, then please use it. If no, then why not? ;)
>
> Generally any crypto code should integrate into the barebox crypto
> API
> (which is basically the same as the Linux crypto API). This is the
> main
> road blocker that must be removed before we can merge this into
> barebox.
>
> Sascha
>
>
CU
--
Gerd
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v1] Crypt and decrypt files using password in keystore.
2018-04-23 12:52 ` Gerd Pauli
@ 2018-04-25 8:23 ` Sascha Hauer
0 siblings, 0 replies; 7+ messages in thread
From: Sascha Hauer @ 2018-04-25 8:23 UTC (permalink / raw)
To: Gerd Pauli; +Cc: barebox
On Mon, Apr 23, 2018 at 02:52:50PM +0200, Gerd Pauli wrote:
> Hi Sascha,
>
> This is not the same as in Linux Cryptop Api. The goal of this command
> and library is to provide a compatible command with the ccrypt tool
> from linux.
> https://packages.debian.org/stretch/ccrypt
> It is not intended to write a standard AES Crypting Tool.
>
> Please tell me if this is useful for merging like this.
> Then i clean up some spaces in the code and send again ( checkscript ).
Sorry, I don't think adding a crypto implementation that is not using
the crypto API is acceptable for merging. Possible options for
upstreaming would be to either the Rijndael cipher with 128 bit block
size aka AES, based on the Kernel AES implementation or to convert
the Rijndael cipher with 256 bit block size as used by ccrypt to the
existing crypto API.
> If not. Sorry for the dust :-)
Don't worry, it's always nice to see what people do with barebox and
to get a view what might be missing.
Sascha
--
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2018-04-25 8:23 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-04-20 8:01 [PATCH v1] Crypt and decrypt files using password in keystore Gerd Pauli
2018-04-22 8:27 ` Oleksij Rempel
2018-04-23 8:13 ` Sascha Hauer
2018-04-23 8:33 ` Oleksij Rempel
2018-04-23 8:39 ` Sascha Hauer
2018-04-23 12:52 ` Gerd Pauli
2018-04-25 8:23 ` Sascha Hauer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox